From nobody at huge.cajones.com Sat Feb 1 00:08:55 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sat, 1 Feb 1997 00:08:55 -0800 (PST) Subject: 40-bit encryption keys Message-ID: <199702010808.AAA20998@mailmasher.com> Dr.Dickhead L>ily< Vulis K>ondom< Of The Minute studied yoga back-stretching exercises for five years so he could blow himself (nobody else will). /o)\ Dr.Dickhead L>ily< Vulis K>ondom< Of The Minute \(o/ From paul at fatmans.demon.co.uk Sat Feb 1 00:44:48 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Sat, 1 Feb 1997 00:44:48 -0800 (PST) Subject: Cats Out of Bags Message-ID: <854786124.514498.0@fatmans.demon.co.uk> > Interestingly, the saying, "to let the cat out of the bag" is > related to the saying, "to buy a pig in a poke." A poke is a > sack or bag. In times past, street peddlers would sell a mark a > young pig. The pig was supposedly put into a poke, but in fact, > a bag with a cat in it was substituted. By the time the mark > figured out his mistake by "letting the cat out of the bag," the > peddler was long gone. The lesson the mark learned was "Don't > buy a pig in a poke." Thankyou Sandy for this highly crypto-relevant commentary presumably posted to the censored list so anyone with an interest in cryptography, cats and pigs can be suitably enlightened. Even if it wasn`t this would still be unworthy of the flames list. Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From paul at fatmans.demon.co.uk Sat Feb 1 00:49:18 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Sat, 1 Feb 1997 00:49:18 -0800 (PST) Subject: Cocksucker Message-ID: <854786117.514461.0@fatmans.demon.co.uk> > cocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksu > cocksuckercocksuckercocksuckercocksuckercocksuckercockscocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksucker > cocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksocksuckercocksuckercocksuckercoc > cocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksucke > cocksuckercocksuckercocksuckercocksuckercocksuckksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercoc > cocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksucksuckercocksuckercocksuckercocksu > cocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckershit Sandy, Why was this sent to the flames list? - surely it wasn`t directed at any specific person and was therefore a comment on "wooly thinking" ??? Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From toto at sk.sympatico.ca Sat Feb 1 00:58:18 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 00:58:18 -0800 (PST) Subject: David E. Smith / Known Flamer In-Reply-To: <199702010618.AAA08230@manifold.algebra.com> Message-ID: <32F32265.AC@sk.sympatico.ca> Igor Chudov @ home wrote: > Shit happens, and it certainly happens with all moderators whom I know. Igor, I got private email from someone who has read most of your posts, and expressed confusion over 'whose side' you are 'on' in relation to the censored debate in regard to list censorship. I had to laugh, because the sad truth is, there are all too many people who seem unable to understand the concept of someone who is quite simply on the 'side' of 'truth', as much as humanly possible. I explained to him that you weren't 'fence hopping', but merely sitting on your own fence, observing, while everyone else runs around in circles. Please stay 'confusing'. Toto From toto at sk.sympatico.ca Sat Feb 1 01:21:46 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 01:21:46 -0800 (PST) Subject: Cocksucker In-Reply-To: <854786117.514461.0@fatmans.demon.co.uk> Message-ID: <32F3270B.61@sk.sympatico.ca> paul at fatmans.demon.co.uk wrote: cocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckercocksuckershit > > Sandy, > > Why was this sent to the flames list? - surely it wasn`t directed at > any specific person and was therefore a comment on "wooly thinking" > ??? This was a typo. It was supposed to say, cryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptocryptoshit Toto From toto at sk.sympatico.ca Sat Feb 1 01:21:51 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 01:21:51 -0800 (PST) Subject: Libel & the 1st Amendment In-Reply-To: Message-ID: <32F327E4.30D5@sk.sympatico.ca> Mark M. wrote: > If the legal concept of libel is abandoned, this presumption will largely > disappear. People will have to rely on the credibility of the source, instead > of whether or not the victim of libel has sued. God forbid that people should have to use their judgement and their brains, rather than their overly charged emotions. Toto From toto at sk.sympatico.ca Sat Feb 1 01:45:26 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 01:45:26 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <32F32D6C.126C@sk.sympatico.ca> 3.5.1 Contrary to what people sometimes claim, there is no ruling clique of Cypherpunks. Anybody is free to do nearly anything, just not free to commit others to course of action, or claim to speak for the "Cypherpunks" as a group (and this last point is unenforceable except through reputation and social repercussions). 3.6.3 "Why isn't the list moderated?" ...hardly consistent with many of our anarchist leanings, is it? - "No, please, let's not become a 'moderated' newsgroup. This would be the end of freedom! From toto at sk.sympatico.ca Sat Feb 1 04:21:33 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 04:21:33 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702011118.AAA24621@mycroft.actrix.gen.nz> Message-ID: <32F351F9.77A3@sk.sympatico.ca> Paul Foley wrote: > On Fri, 31 Jan 1997 17:51:47 -0800, Toto wrote: >> If the repairman has your pubring and secring files, you can now >> consider them in the same light as a 'busted flush'. > > The secret key is encrypted using the same IDEA algorithm that PGP > uses to encrypt your files. If you trust IDEA, your key is as safe as > your passphrase (not at all if you have no passphrase, not much if > it's easily guessable, etc.) Send me your secring file. I have a new password-buster I'd like to try out on it. > If your computer repairman has the capability to crack strong 128-bit > ciphers, I'd be rather worried :-) He doesn't have to crack the cipher, he only needs to find the password. > On the other hand, there's always the possibility of your passphrase > being on the disk, say in a swap file, somewhere. Same goes for > plaintext of any encrypted files/messages. I doubt anyone's gonna go > hunting through your swap file, "empty" sectors, etc., looking for it, > though, unless you've done something to really piss him off lately :-) Or if he's a member of the CypherPunks list, read the message, and now considers it to be a personal challenge. Toto From talnewhart at intertemps.com Sat Feb 1 05:23:22 1997 From: talnewhart at intertemps.com (Talbert Newhart) Date: Sat, 1 Feb 1997 05:23:22 -0800 (PST) Subject: List Message-ID: <32F343DE.63EA@intertemps.com> Please put me on the Cypherpunk list. From frissell at panix.com Sat Feb 1 06:38:06 1997 From: frissell at panix.com (Duncan Frissell) Date: Sat, 1 Feb 1997 06:38:06 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <199702010740.XAA08867@toad.com> Message-ID: <3.0.1.32.19970201093919.017e2984@panix.com> -----BEGIN PGP SIGNED MESSAGE----- At 05:18 AM 2/1/97 GMT, Rob wrote: >On 31 Jan 1997 15:26:16 -0500, Jim Ray wrote: > >>from http://www.herald.com/dade/digdocs/021949.htm >>Postal Service offers $25,000 reward for stolen . . . something > Mail Storage Box keys? DCF -----BEGIN PGP SIGNATURE----- Version: 4.5 iQCVAgUBMvNVkoVO4r4sgSPhAQG18AQA2g//lN1jUva1emDq/uQMNRy+1mIA/+Ug 5+0INso7kvCflVbterNDpWo0XoWR9tLrZ013vtcygaWUb07m/AWYBu/K322Tp7Zl nGDaGXFvUHLdJM+hgXyxQZoK/kfWqBiHw0zxczqr3LuwyDUQgFjrHcJb+/TKphBY JwdTTPZJNC0= =uGDj -----END PGP SIGNATURE----- From ichudov at algebra.com Sat Feb 1 07:22:49 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Sat, 1 Feb 1997 07:22:49 -0800 (PST) Subject: David E. Smith / Known Flamer In-Reply-To: <32F32265.AC@sk.sympatico.ca> Message-ID: <199702011516.JAA11212@manifold.algebra.com> right, in this particular case i am not on anyone's side. i think that both sides of the debate do not know what they are doing, but are very adept at creating paranoid theories about the other side. igor Toto wrote: > > Igor Chudov @ home wrote: > > > Shit happens, and it certainly happens with all moderators whom I know. > > Igor, > I got private email from someone who has read most of your posts, and > expressed confusion over 'whose side' you are 'on' in relation to the > censored debate in regard to list censorship. > I had to laugh, because the sad truth is, there are all too many people > who seem unable to understand the concept of someone who is quite simply > on the 'side' of 'truth', as much as humanly possible. > I explained to him that you weren't 'fence hopping', but merely sitting > on your own fence, observing, while everyone else runs around in > circles. > Please stay 'confusing'. > > Toto > - Igor. From aba at dcs.ex.ac.uk Sat Feb 1 07:41:29 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Sat, 1 Feb 1997 07:41:29 -0800 (PST) Subject: Geiger and long, unreadable lines In-Reply-To: <199701311510.HAA15741@toad.com> Message-ID: <199701280548.FAA00251@server.test.net> Mr William H. Geiger III "Author of E-Secure" writes: > for the benifit of those misfortunate enough to be still working on > dumb terminals I have disabled my PGP script until I have time to add a > word wrap routine to it. it is you who were demonstrating your ineptitude by spewing 120+ line length postings. Why is it so difficult for you to keep under 80 chars? Would you like some technical assistance? Notice how near every one else apart from yourself is managing to keep under 80 chars? Does every one apart from yourself live in the `dark ages'? I suppose you write letters on A4 landscape mode too? When I see a posting with such long lines I hit the `n' key. (cpunks-flames material? :-) Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 Message-ID: Talbert Newhart writes: > Please put me on the Cypherpunk list. The old cypherpunks list no longer exists. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From dlv at bwalk.dm.com Sat Feb 1 08:10:22 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sat, 1 Feb 1997 08:10:22 -0800 (PST) Subject: David E. Smith / Known Flamer In-Reply-To: Message-ID: Sandy Sandfort writes: > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > > C'punks, > > On Fri, 31 Jan 1997, Dale Thorn wrote: > > > I was *not* speaking of posts headed for the "moderated" list, I was > > speaking of posts headed for the un-"moderated" list that would get > > lost due to "mistakes". > > > > Now I can understand how a censor could flub something going to a > > moderated list, but why the un-moderated list? > > Apparently, Dale does not understand the how the list is > moderated. When someone posts to Cypherpunks, it automatically > goes to the unedited list. I am subscribed to the unedited list. > When I read the unedited list, I forward each message I see there > to either the flames list or the moderated list. I have no > control over the unedited list. It goes out to everyone else at > the same time it goes out to me. I don't have a clue as to what > Dale is talking about. Dale is talking about the two messages from me that appeared on the unedited list but did not appear on either censored or "flames" list because Sandy chose not to forward them to either list. Both messages dealt were criticial of Sandy's employer, C2, and exposed their main product, Stronghold, as a fraud. Other messages may have "fallen between the cracks" in the past, but this was a controlled experiment. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From toto at sk.sympatico.ca Sat Feb 1 08:26:07 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 08:26:07 -0800 (PST) Subject: Libel & the 1st Amendment Message-ID: <199702011626.IAA20188@toad.com> Mark M. wrote: > If the legal concept of libel is abandoned, this presumption will largely > disappear. People will have to rely on the credibility of the source, instead > of whether or not the victim of libel has sued. God forbid that people should have to use their judgement and their brains, rather than their overly charged emotions. Toto From toto at sk.sympatico.ca Sat Feb 1 08:26:18 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 08:26:18 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702011626.IAA20196@toad.com> 3.5.1 Contrary to what people sometimes claim, there is no ruling clique of Cypherpunks. Anybody is free to do nearly anything, just not free to commit others to course of action, or claim to speak for the "Cypherpunks" as a group (and this last point is unenforceable except through reputation and social repercussions). 3.6.3 "Why isn't the list moderated?" ...hardly consistent with many of our anarchist leanings, is it? - "No, please, let's not become a 'moderated' newsgroup. This would be the end of freedom! From pete at idaho.ubisg.com Sat Feb 1 08:34:45 1997 From: pete at idaho.ubisg.com (Peter J. Capelli) Date: Sat, 1 Feb 1997 08:34:45 -0800 (PST) Subject: Libel & the 1st Amendment In-Reply-To: <199701312213.OAA24431@toad.com> Message-ID: <199702011633.LAA20630@idaho.ubisg.com> Mark M. wrote: > On Thu, 30 Jan 1997, Jim Choate wrote: > > > > * Many 1st Amendment experts don't believe in the legal concept of libel. > > > It is, they say, a rich man's game > > > > Exactly, instead of equal protection under the law we have a specieocracy. > > Anyone can afford a contingency-free attorney as long as the plaintiff has a > good chance of being awarded damages. This has the benefit that the legal > system doesn't get overcrowded with frivolous cases. You mean to say, rich people can overcrowd the courts as much as they like, while others are restricted by contigency-only lawyers ( Call 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to control a poor one with many frivolous lawsuits ... while they can afford to file lawsuit after lawsuit, the poor person cannot defend himself. -- Pete Capelli, CNE UB Networks, Inc. pcapelli at ub.com ****** Finger pete at idaho.ubisg.com for my PGP Public key! ****** They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. - Benjamin Franklin, 1759 From frissell at panix.com Sat Feb 1 08:40:59 1997 From: frissell at panix.com (Duncan Frissell) Date: Sat, 1 Feb 1997 08:40:59 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702011640.IAA20586@toad.com> -----BEGIN PGP SIGNED MESSAGE----- At 05:18 AM 2/1/97 GMT, Rob wrote: >On 31 Jan 1997 15:26:16 -0500, Jim Ray wrote: > >>from http://www.herald.com/dade/digdocs/021949.htm >>Postal Service offers $25,000 reward for stolen . . . something > Mail Storage Box keys? DCF -----BEGIN PGP SIGNATURE----- Version: 4.5 iQCVAgUBMvNVkoVO4r4sgSPhAQG18AQA2g//lN1jUva1emDq/uQMNRy+1mIA/+Ug 5+0INso7kvCflVbterNDpWo0XoWR9tLrZ013vtcygaWUb07m/AWYBu/K322Tp7Zl nGDaGXFvUHLdJM+hgXyxQZoK/kfWqBiHw0zxczqr3LuwyDUQgFjrHcJb+/TKphBY JwdTTPZJNC0= =uGDj -----END PGP SIGNATURE----- From toto at sk.sympatico.ca Sat Feb 1 08:41:08 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 08:41:08 -0800 (PST) Subject: Key Security Question Message-ID: <199702011641.IAA20618@toad.com> Paul Foley wrote: > On Fri, 31 Jan 1997 17:51:47 -0800, Toto wrote: >> If the repairman has your pubring and secring files, you can now >> consider them in the same light as a 'busted flush'. > > The secret key is encrypted using the same IDEA algorithm that PGP > uses to encrypt your files. If you trust IDEA, your key is as safe as > your passphrase (not at all if you have no passphrase, not much if > it's easily guessable, etc.) Send me your secring file. I have a new password-buster I'd like to try out on it. > If your computer repairman has the capability to crack strong 128-bit > ciphers, I'd be rather worried :-) He doesn't have to crack the cipher, he only needs to find the password. > On the other hand, there's always the possibility of your passphrase > being on the disk, say in a swap file, somewhere. Same goes for > plaintext of any encrypted files/messages. I doubt anyone's gonna go > hunting through your swap file, "empty" sectors, etc., looking for it, > though, unless you've done something to really piss him off lately :-) Or if he's a member of the CypherPunks list, read the message, and now considers it to be a personal challenge. Toto From pete at idaho.ubisg.com Sat Feb 1 08:41:11 1997 From: pete at idaho.ubisg.com (Peter J. Capelli) Date: Sat, 1 Feb 1997 08:41:11 -0800 (PST) Subject: Libel & the 1st Amendment Message-ID: <199702011641.IAA20624@toad.com> Mark M. wrote: > On Thu, 30 Jan 1997, Jim Choate wrote: > > > > * Many 1st Amendment experts don't believe in the legal concept of libel. > > > It is, they say, a rich man's game > > > > Exactly, instead of equal protection under the law we have a specieocracy. > > Anyone can afford a contingency-free attorney as long as the plaintiff has a > good chance of being awarded damages. This has the benefit that the legal > system doesn't get overcrowded with frivolous cases. You mean to say, rich people can overcrowd the courts as much as they like, while others are restricted by contigency-only lawyers ( Call 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to control a poor one with many frivolous lawsuits ... while they can afford to file lawsuit after lawsuit, the poor person cannot defend himself. -- Pete Capelli, CNE UB Networks, Inc. pcapelli at ub.com ****** Finger pete at idaho.ubisg.com for my PGP Public key! ****** They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. - Benjamin Franklin, 1759 From pgut001 at cs.auckland.ac.nz Sat Feb 1 09:05:18 1997 From: pgut001 at cs.auckland.ac.nz (pgut001 at cs.auckland.ac.nz) Date: Sat, 1 Feb 1997 09:05:18 -0800 (PST) Subject: Crypto in New Zealand - an update Message-ID: <85481663218919@cs26.cs.auckland.ac.nz> This is a continuation of the article I posted here a few weeks ago. You can find the whole thing at http://jya.com/nsazeal.htm. Peter. -- Snip -- On the 17th January significant parts of this story appeared on the front page of the National Business Review (NBR), a fairly influential paper read by (apparently) half the NZ business world. The GCSB declined to comment on anything except to acknowledge that there had been a meeting between a GCSB person and the manager of Orion Systems. The story also confirms (from talking to some of the people involved) the GCSB - MFAT and GCSB - DSD connections. The following week Andrew Mayo wrote a letter to the editor of the NBR containing an eloquent defense of the use of encryption to protect personal privacy. MFAT replied to say that they were only following orders, and were required by the Wassenaar agreement to restrict crypto exports: "Export permits normally were required only if the encryption was 40-bit or stronger, so most commercial encryption would not be affected". I wonder where the 40-bit limit suddenly came from? Note also the phrasing "40-bit or stronger". This means that anything including 40 bits is restricted. If they're going to try to blindly parrot US policy then they should at least get their facts straight. A few days later I found someone who knew what to ask for in order to get a copy of the NZ export regulations. I called MFAT and talked to a gentleman by the name of John Borrie, who had recently taken over responsibility for this affair from someone else who, to put it mildly, had been annoying to deal with. I suggested to him that the GCSB were feeding him just the information they wanted him to know and no more, and that perhaps he should avail himself of alternate sources of advice. He didn't see it quite that way. The export regulations are identical to the Australian regulations, even down to the layout style. A few of the fonts differ, but that may be due to different systems/printers/whatever. There are several obvious holes in these regulations, but I won't mention them now because they'll probably be used in court fairly soon. The following week the story was again on the front page of the NBR. This time the story covered the financial difficulties that Cyphercom had been plunged into. Because MFAT had stopped them from having any access to their product for nine months, the company was considering filing for bankruptcy. MFAT spokesperson Caroline Forsyth commented: "US controls on the export of strategic goods are at least as strict as those of New Zealand... an export permit would normally only be required for encryption if it was 40-bit or stronger. Most commercial encryption is well below 40-bit strength. Almost all New Zealand exporters of software are unaffected". The confused and nonsensical nature of these statements presents a scary picture. MFAT are a government department who (in this area) have no idea what they're doing, but don't know that they have no idea. Combined with the sterling advice they seem to be getting from the GCSB, this could make them a tough nut to crack. In anticipation of what MFAT would say, I wrote a letter to the NBR editor (which won the "Letter of the Week" award :-) which refuted their claims. The letter ended with: It appears that MFAT's position is based on an antiquated outlook which regards software to secure electronic commerce as some form of special military technology, a position which might have been reasonable a few decades ago but is totally out of touch with the modern use of computers and electronic communications. In their October 1996 "Business File", MFAT claim that "New Zealand... is helping to limit the spread of increasingly sophisticated military technology and weapons of mass destruction". Whether mass-market commercial software which protects financial transactions and medical records counts as "sophisticated military technology" or "weapons of mass destruction" is unclear (I suppose it's possible to beat someone to death with a floppy disk if you were very determined, but that hardly qualifies as "mass destruction"). Finally, one of the goals of the Wassenaar agreement was to "not impede bona fide civil transactions", which MFAT have certainly done, and are continuing to do. In the meantime anyone with a credit card and phone, or the ability to walk into a software store, can buy the same software overseas. Stopping New Zealand companies from exporting widely available mass-market computer software of this kind "because terrorists might use it" makes about as much sense as stopping farmers from exporting beef and lamb "because terrorists might eat it". The issue of Management Technology Briefing included with last weeks NBR reports on page 22 that there will be "a US$186 billion market in global transactions by the year 2000", along with a comment that securing these transactions - one of the goals cryptlib was designed for - remains a problem area. Within the next few years the push towards electronic commerce will become a veritable steamroller. By needlessly blocking the export of the technology required to secure this market, MFAT is helping ensure that New Zealand becomes part of the roadkill. MFAT's parting shot was: "People trying to export encryption without clearance can be prosecuted under the Customs and Excise Act". I should certainly hope so! It's going to be difficult creating a test case to get this nonsense thrown out if they refuse to prosecute me. Stay tuned, this is going to get entertaining... From dlv at bwalk.dm.com Sat Feb 1 09:10:21 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sat, 1 Feb 1997 09:10:21 -0800 (PST) Subject: Geiger and long, unreadable lines In-Reply-To: <199701280548.FAA00251@server.test.net> Message-ID: Adam Back writes: > > Mr William H. Geiger III "Author of E-Secure" writes: > > for the benifit of those misfortunate enough to be still working on > > dumb terminals I have disabled my PGP script until I have time to add a > > word wrap routine to it. > > it is you who were demonstrating your ineptitude by spewing > 120+ line length postings. Why is it so difficult for you to keep > under 80 chars? Would you like some technical assistance? Notice how > near every one else apart from yourself is managing to keep under 80 > chars? Notice how near every one else apart from yourself bends over for the NSA, and is willing to use a 40-bit key "escrowed" with the feds? Why is it so difficult for you to keep under 40 bits? Would you like some technical assistance? Why are you setting yourself apart from the Internet community that so happily embraces GAK? Why do you desire "privacy" for your traffic when everyone else does not? What have you got to hide? Are you looking to transmit child pornography, bomb-making instructions, and/or cannabis legalization propaganda? We better have a look at your hard disk soon. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From mgursk1 at umbc.edu Sat Feb 1 09:14:01 1997 From: mgursk1 at umbc.edu (Michael Gurski) Date: Sat, 1 Feb 1997 09:14:01 -0800 (PST) Subject: Stronghold -- unsubstatiated claims (was Re: David E. Smith / Known Flamer) In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On Sat, 1 Feb 1997, Dr.Dimitri Vulis KOTM wrote: > Both messages dealt were criticial of Sandy's employer, C2, and > exposed their main product, Stronghold, as a fraud. I assume that since you're making this claim about Stronghold, you have facts to back it up? |\/|ike Gurski mgursk1 at umbc.edu http://www.gl.umbc.edu/~mgursk1/ finger/mail subject "send pgpkey"|"send index" Hail Eris! -><- O- |Member, 1024/39B5BADD PGP Keyprint=3493 A994 B159 48B7 1757 1E4E 6256 4570 | Team My opinions are mine alone, even if you should be sharing them. | OS/2 Senate Finance Committee Chair, SGA 1996-1997 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: I am not a number, I am a free man! iQCVAwUBMvN5YyKEMrE5tbrdAQHAPAP/fPLrPXcWySUn9y/fYJcAMtdJlQF8AH9p VEzlBMGM3qMEZcWW6no3TBN09MQgRH0xO7xHkHv/qaCZWxWYZYuJzvPXiCMChH3u L1sBMUqn7OZK5afLDjer2CvNd/dH1nAtUIfl6tEcePMrbi4e61uJ/Y70Q9JlZeoz AwDWPLw88gc= =zhfk -----END PGP SIGNATURE----- From dthorn at gte.net Sat Feb 1 09:37:37 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 09:37:37 -0800 (PST) Subject: David E. Smith / Known Flamer In-Reply-To: Message-ID: <32F37F07.8DF@gte.net> Sandy Sandfort wrote: > On Fri, 31 Jan 1997, Dale Thorn wrote: > > I was *not* speaking of posts headed for the "moderated" list, I was > > speaking of posts headed for the un-"moderated" list that would get > > lost due to "mistakes". > > Now I can understand how a censor could flub something going to a > > moderated list, but why the un-moderated list? > Apparently, Dale does not understand the how the list is > moderated. When someone posts to Cypherpunks, it automatically > goes to the unedited list. I am subscribed to the unedited list. > When I read the unedited list, I forward each message I see there > to either the flames list or the moderated list. I have no > control over the unedited list. It goes out to everyone else at > the same time it goes out to me. I don't have a clue as to what > Dale is talking about. I only said what I said in response to what Igor said. I didn't make an accusation myself, since I don't have the necessary info. From pgut001 at cs.auckland.ac.nz Sat Feb 1 09:40:51 1997 From: pgut001 at cs.auckland.ac.nz (pgut001 at cs.auckland.ac.nz) Date: Sat, 1 Feb 1997 09:40:51 -0800 (PST) Subject: Crypto in New Zealand - an update Message-ID: <199702011740.JAA21968@toad.com> This is a continuation of the article I posted here a few weeks ago. You can find the whole thing at http://jya.com/nsazeal.htm. Peter. -- Snip -- On the 17th January significant parts of this story appeared on the front page of the National Business Review (NBR), a fairly influential paper read by (apparently) half the NZ business world. The GCSB declined to comment on anything except to acknowledge that there had been a meeting between a GCSB person and the manager of Orion Systems. The story also confirms (from talking to some of the people involved) the GCSB - MFAT and GCSB - DSD connections. The following week Andrew Mayo wrote a letter to the editor of the NBR containing an eloquent defense of the use of encryption to protect personal privacy. MFAT replied to say that they were only following orders, and were required by the Wassenaar agreement to restrict crypto exports: "Export permits normally were required only if the encryption was 40-bit or stronger, so most commercial encryption would not be affected". I wonder where the 40-bit limit suddenly came from? Note also the phrasing "40-bit or stronger". This means that anything including 40 bits is restricted. If they're going to try to blindly parrot US policy then they should at least get their facts straight. A few days later I found someone who knew what to ask for in order to get a copy of the NZ export regulations. I called MFAT and talked to a gentleman by the name of John Borrie, who had recently taken over responsibility for this affair from someone else who, to put it mildly, had been annoying to deal with. I suggested to him that the GCSB were feeding him just the information they wanted him to know and no more, and that perhaps he should avail himself of alternate sources of advice. He didn't see it quite that way. The export regulations are identical to the Australian regulations, even down to the layout style. A few of the fonts differ, but that may be due to different systems/printers/whatever. There are several obvious holes in these regulations, but I won't mention them now because they'll probably be used in court fairly soon. The following week the story was again on the front page of the NBR. This time the story covered the financial difficulties that Cyphercom had been plunged into. Because MFAT had stopped them from having any access to their product for nine months, the company was considering filing for bankruptcy. MFAT spokesperson Caroline Forsyth commented: "US controls on the export of strategic goods are at least as strict as those of New Zealand... an export permit would normally only be required for encryption if it was 40-bit or stronger. Most commercial encryption is well below 40-bit strength. Almost all New Zealand exporters of software are unaffected". The confused and nonsensical nature of these statements presents a scary picture. MFAT are a government department who (in this area) have no idea what they're doing, but don't know that they have no idea. Combined with the sterling advice they seem to be getting from the GCSB, this could make them a tough nut to crack. In anticipation of what MFAT would say, I wrote a letter to the NBR editor (which won the "Letter of the Week" award :-) which refuted their claims. The letter ended with: It appears that MFAT's position is based on an antiquated outlook which regards software to secure electronic commerce as some form of special military technology, a position which might have been reasonable a few decades ago but is totally out of touch with the modern use of computers and electronic communications. In their October 1996 "Business File", MFAT claim that "New Zealand... is helping to limit the spread of increasingly sophisticated military technology and weapons of mass destruction". Whether mass-market commercial software which protects financial transactions and medical records counts as "sophisticated military technology" or "weapons of mass destruction" is unclear (I suppose it's possible to beat someone to death with a floppy disk if you were very determined, but that hardly qualifies as "mass destruction"). Finally, one of the goals of the Wassenaar agreement was to "not impede bona fide civil transactions", which MFAT have certainly done, and are continuing to do. In the meantime anyone with a credit card and phone, or the ability to walk into a software store, can buy the same software overseas. Stopping New Zealand companies from exporting widely available mass-market computer software of this kind "because terrorists might use it" makes about as much sense as stopping farmers from exporting beef and lamb "because terrorists might eat it". The issue of Management Technology Briefing included with last weeks NBR reports on page 22 that there will be "a US$186 billion market in global transactions by the year 2000", along with a comment that securing these transactions - one of the goals cryptlib was designed for - remains a problem area. Within the next few years the push towards electronic commerce will become a veritable steamroller. By needlessly blocking the export of the technology required to secure this market, MFAT is helping ensure that New Zealand becomes part of the roadkill. MFAT's parting shot was: "People trying to export encryption without clearance can be prosecuted under the Customs and Excise Act". I should certainly hope so! It's going to be difficult creating a test case to get this nonsense thrown out if they refuse to prosecute me. Stay tuned, this is going to get entertaining... From markm at voicenet.com Sat Feb 1 09:48:24 1997 From: markm at voicenet.com (Mark M.) Date: Sat, 1 Feb 1997 09:48:24 -0800 (PST) Subject: Libel & the 1st Amendment In-Reply-To: <199702011633.LAA20630@idaho.ubisg.com> Message-ID: On Sat, 1 Feb 1997, Peter J. Capelli wrote: > You mean to say, rich people can overcrowd the courts as much as they > like, while others are restricted by contigency-only lawyers ( Call > 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to > control > a poor one with many frivolous lawsuits ... while they can afford to file > lawsuit after lawsuit, the poor person cannot defend himself. What, exactly, would be the point of suing a poor person? Mark From jimbell at pacifier.com Sat Feb 1 10:33:35 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 10:33:35 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702011833.KAA03879@mail.pacifier.com> At 09:40 PM 1/27/97 -0500, Phillip M. Hallam-Baker wrote: > > >jim bell wrote in article <5ch9f2$cuu at life.ai.mit.edu>... > >> Look, I've proposed what I consider to be a remarkably consistent method to >> prevent the kind of political tyranny that you criticize, and I don't see >> any recognition of this fact. > >Thats because its a whacko solution that has no credibility >or consistency. I'm still waiting for you to explain what you believe to be the "problem" for which we are searching a solution. Is the problem that there is slavery? Or do you think the only problem is that the slaves are unhappy? Jim Bell jimbell at pacifier.com From jimbell at pacifier.com Sat Feb 1 10:55:27 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 10:55:27 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702011855.KAA05989@mail.pacifier.com> At 09:26 PM 1/30/97 -0800, Sean Roach wrote: >At 11:15 AM 1/30/97 -0800, jim bell wrote: >>What you're presented (included in its entirety below) is what I've come to >>call an "AP story problem." I've worked through many of those myself; >>their main problem is that they don't carefully describe why _each_ person >>in the "play" you've described would be motivated to do what it's claim he >>does, and why he DOES NOT do other things to fix the situation he's in. >>Remember, I'm not merely talking about the main character, but also the ones >>who are (apparently?) incidental. >> >>For just one example, you said: "conventional bodyguards could be >>included, ones with no real pay but with the fore knowledgethat they will be >>buried with the tyrant." >> >>What motivates these people? Are they hostages? If they're hostages, then >>presumably that means they're motivated to seek the death of anyone who is >>holding them. What about their relatives; don't they have any sympathy for >>those who are taken? Why don't they donate to AP to see the lead guy dead? > >As I stated in the bottom, the children would be privaledged. Who says? What if the public doesn't agree? Might it not be better to sacrifice a few children to keep other children alive? > They would >merely be told that it is a great honor. It could very well be. Assuming >that the tyrant did not die, these children would live in comparable luxery. How much would this cost? Who would pay? Where would the money come from? Is this "solution" practical for everybody, or just the top guy? >They would be at risk only if the tyrant was. By keeping the children at >hand, the parents would balk at taking action against the tyrant, not only >their own action, but also that of others. The children would merely be >there to thwart the attempts of others. Suppose that didn't work. Who would kill the kids if the tyrant died? Who would risk death himself to do this? Etc. Hint: Unfortunately, you don't seem to be pursuing the implications of what you are hypothesizing. This is typical. Go back and do what I originally suggested: Look at the motivations of EACH person in the "play" and decide why he will play along with the game. This includes not merely the people you want to focus on, but also anyone else. Jim Bell jimbell at pacifier.com From markm at voicenet.com Sat Feb 1 10:55:47 1997 From: markm at voicenet.com (Mark M.) Date: Sat, 1 Feb 1997 10:55:47 -0800 (PST) Subject: Libel & the 1st Amendment Message-ID: <199702011855.KAA23264@toad.com> On Sat, 1 Feb 1997, Peter J. Capelli wrote: > You mean to say, rich people can overcrowd the courts as much as they > like, while others are restricted by contigency-only lawyers ( Call > 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to > control > a poor one with many frivolous lawsuits ... while they can afford to file > lawsuit after lawsuit, the poor person cannot defend himself. What, exactly, would be the point of suing a poor person? Mark From jimbell at pacifier.com Sat Feb 1 10:55:57 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 10:55:57 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702011855.KAA23272@toad.com> At 09:40 PM 1/27/97 -0500, Phillip M. Hallam-Baker wrote: > > >jim bell wrote in article <5ch9f2$cuu at life.ai.mit.edu>... > >> Look, I've proposed what I consider to be a remarkably consistent method to >> prevent the kind of political tyranny that you criticize, and I don't see >> any recognition of this fact. > >Thats because its a whacko solution that has no credibility >or consistency. I'm still waiting for you to explain what you believe to be the "problem" for which we are searching a solution. Is the problem that there is slavery? Or do you think the only problem is that the slaves are unhappy? Jim Bell jimbell at pacifier.com From alan at ctrl-alt-del.com Sat Feb 1 11:37:53 1997 From: alan at ctrl-alt-del.com (Alan Olsen) Date: Sat, 1 Feb 1997 11:37:53 -0800 (PST) Subject: Key Security Question Message-ID: <3.0.1.32.19970201113728.02c2b18c@mail.teleport.com> -----BEGIN PGP SIGNED MESSAGE----- At 10:41 AM 1/31/97 -0800, Z.B. wrote: >My computer went into the shop a few days ago, and I was unable to take >my PGP keys off it before it went in. What are the security risks here? >If the repairman chooses to snoop through the files, what would he be >able to do with my key pair? Will I need to revoke the key and make a >new one, or will I be relatively safe since he doesn't have my >passphrase? Depends on how guessable your passphrase is. If you use something that would fall to a dictionary attack, then you are vulnerable. (Providing that they actually looked for your keyring and made a copy.) If you had nyms on your keyring, then those nyms can be associated with your "true name" with no passphrase required. (Unless you keep your keyring encrypted. Private Idaho supports encrypted keyrings, but little else does.) If you are really concerned about it, you could learn to do your own computer repairs. -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAwUBMvObZeQCP3v30CeZAQHwCgf+Oks1qT2Hc9pRU4jy+YU/q3WidHVhJmf2 QxjdEFeRPyX3rt+7ThCN4wnGdh7W2Ya8SYGwmgGgU7pucJ9vgC0JACU20RvRgsQk 5USpS3+Ua9QVNs/NpKGDDANlsurPMi9y12rIqrDbmPmcnW7HDfrfByLVy0HvfqKE ctJsOOz391rbjM+HiNXzMUiiWLBelVA9CrsG/UtSd243vymwD/J2dJiq3s0CMPln Tl1rSy1IVsMqNuQ65ALV9qsz6GJtK8Wu1nSk1IwR8Ge2ZSq6VCqkV/hY8+r5KPOM V0XMIblviEc87xmiJ8BMuNNJpOvhGzFZQ1TV9vwdec3pfyeV/HeHjw== =2if1 -----END PGP SIGNATURE----- --- | If you're not part of the solution, You're part of the precipitate. | |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano at teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.ctrl-alt-del.com/~alan/ |alan at ctrl-alt-del.com| From jimbell at pacifier.com Sat Feb 1 11:41:13 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 11:41:13 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702011941.LAA24319@toad.com> At 09:26 PM 1/30/97 -0800, Sean Roach wrote: >At 11:15 AM 1/30/97 -0800, jim bell wrote: >>What you're presented (included in its entirety below) is what I've come to >>call an "AP story problem." I've worked through many of those myself; >>their main problem is that they don't carefully describe why _each_ person >>in the "play" you've described would be motivated to do what it's claim he >>does, and why he DOES NOT do other things to fix the situation he's in. >>Remember, I'm not merely talking about the main character, but also the ones >>who are (apparently?) incidental. >> >>For just one example, you said: "conventional bodyguards could be >>included, ones with no real pay but with the fore knowledgethat they will be >>buried with the tyrant." >> >>What motivates these people? Are they hostages? If they're hostages, then >>presumably that means they're motivated to seek the death of anyone who is >>holding them. What about their relatives; don't they have any sympathy for >>those who are taken? Why don't they donate to AP to see the lead guy dead? > >As I stated in the bottom, the children would be privaledged. Who says? What if the public doesn't agree? Might it not be better to sacrifice a few children to keep other children alive? > They would >merely be told that it is a great honor. It could very well be. Assuming >that the tyrant did not die, these children would live in comparable luxery. How much would this cost? Who would pay? Where would the money come from? Is this "solution" practical for everybody, or just the top guy? >They would be at risk only if the tyrant was. By keeping the children at >hand, the parents would balk at taking action against the tyrant, not only >their own action, but also that of others. The children would merely be >there to thwart the attempts of others. Suppose that didn't work. Who would kill the kids if the tyrant died? Who would risk death himself to do this? Etc. Hint: Unfortunately, you don't seem to be pursuing the implications of what you are hypothesizing. This is typical. Go back and do what I originally suggested: Look at the motivations of EACH person in the "play" and decide why he will play along with the game. This includes not merely the people you want to focus on, but also anyone else. Jim Bell jimbell at pacifier.com From alan at ctrl-alt-del.com Sat Feb 1 11:55:55 1997 From: alan at ctrl-alt-del.com (Alan Olsen) Date: Sat, 1 Feb 1997 11:55:55 -0800 (PST) Subject: Key Security Question Message-ID: <199702011955.LAA24678@toad.com> -----BEGIN PGP SIGNED MESSAGE----- At 10:41 AM 1/31/97 -0800, Z.B. wrote: >My computer went into the shop a few days ago, and I was unable to take >my PGP keys off it before it went in. What are the security risks here? >If the repairman chooses to snoop through the files, what would he be >able to do with my key pair? Will I need to revoke the key and make a >new one, or will I be relatively safe since he doesn't have my >passphrase? Depends on how guessable your passphrase is. If you use something that would fall to a dictionary attack, then you are vulnerable. (Providing that they actually looked for your keyring and made a copy.) If you had nyms on your keyring, then those nyms can be associated with your "true name" with no passphrase required. (Unless you keep your keyring encrypted. Private Idaho supports encrypted keyrings, but little else does.) If you are really concerned about it, you could learn to do your own computer repairs. -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAwUBMvObZeQCP3v30CeZAQHwCgf+Oks1qT2Hc9pRU4jy+YU/q3WidHVhJmf2 QxjdEFeRPyX3rt+7ThCN4wnGdh7W2Ya8SYGwmgGgU7pucJ9vgC0JACU20RvRgsQk 5USpS3+Ua9QVNs/NpKGDDANlsurPMi9y12rIqrDbmPmcnW7HDfrfByLVy0HvfqKE ctJsOOz391rbjM+HiNXzMUiiWLBelVA9CrsG/UtSd243vymwD/J2dJiq3s0CMPln Tl1rSy1IVsMqNuQ65ALV9qsz6GJtK8Wu1nSk1IwR8Ge2ZSq6VCqkV/hY8+r5KPOM V0XMIblviEc87xmiJ8BMuNNJpOvhGzFZQ1TV9vwdec3pfyeV/HeHjw== =2if1 -----END PGP SIGNATURE----- --- | If you're not part of the solution, You're part of the precipitate. | |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano at teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.ctrl-alt-del.com/~alan/ |alan at ctrl-alt-del.com| From stewarts at ix.netcom.com Sat Feb 1 11:57:04 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 11:57:04 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <199702011640.IAA20586@toad.com> Message-ID: <3.0.1.32.19970201115431.047a4e50@popd.ix.netcom.com> >>>Postal Service offers $25,000 reward for stolen . . . something I got the impression the author was struggling very hard not to say "I swear I'm not making this up" "But I can't say that - it's Dave Barry's line" :-) At 09:39 AM 2/1/97 -0500, Duncan Frissell wrote: >Mail Storage Box keys? I was also guessing keys - truck keys are a less subtle target than box storage keys, and telling every thug in the country that mail trucks are an easy target, just take the keys from the carrier, seems almost worth sounding really stupid in public to avoid. They did say that it wasn't something they carried in their pockets, but do mail carriers hang their keys on their belts? My wife's guess was that they didn't want to admit they carry Mace or equivalent, though everybody knows it. I also enjoyed the description of one of the weapons as a "steering wheel locking device" "The Club - Police recommend it!" # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From stewarts at ix.netcom.com Sat Feb 1 12:12:51 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 12:12:51 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702010201.SAA29739@toad.com> Message-ID: <3.0.1.32.19970201121055.047b6520@popd.ix.netcom.com> >> My computer went into the shop a few days ago, and I was unable to take >> my PGP keys off it before it went in. What are the security risks here? >> If the repairman chooses to snoop through the files, what would he be >> able to do with my key pair? Will I need to revoke the key and make a >> new one, or will I be relatively safe since he doesn't have my >> passphrase? Passphrases are MD5-hashed into 128-bit IDEA keys and used to encrypt the secret key; there's a "pgpcrack" program out there that does dictionary-style searches to find if you've got wimpy passphrases. So if your passphrases is "secret", you lose, but if it's "fjhw;doifvjuc-[09efiu v` 2 4rnhc;ljoipcvjpoiewujfgv;loik" you're probably pretty safe, unless that's written on the yellow sticky you left on the side of the PC. On the other hand, if the "repairman" replaced your pgp executable with version 2.6.3kgb, which uses your hashed passphrase as the session key, you're hosed. Or if he installed a keystroke sniffer, or added a small radio transmitter to your keyboard, or whatever. Depends on your threat model. If you need to be paranoid, they've already gotten you.... # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From stewarts at ix.netcom.com Sat Feb 1 12:40:41 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 12:40:41 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702012040.MAA25708@toad.com> >>>Postal Service offers $25,000 reward for stolen . . . something I got the impression the author was struggling very hard not to say "I swear I'm not making this up" "But I can't say that - it's Dave Barry's line" :-) At 09:39 AM 2/1/97 -0500, Duncan Frissell wrote: >Mail Storage Box keys? I was also guessing keys - truck keys are a less subtle target than box storage keys, and telling every thug in the country that mail trucks are an easy target, just take the keys from the carrier, seems almost worth sounding really stupid in public to avoid. They did say that it wasn't something they carried in their pockets, but do mail carriers hang their keys on their belts? My wife's guess was that they didn't want to admit they carry Mace or equivalent, though everybody knows it. I also enjoyed the description of one of the weapons as a "steering wheel locking device" "The Club - Police recommend it!" # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From ericm at lne.com Sat Feb 1 12:49:54 1997 From: ericm at lne.com (Eric Murray) Date: Sat, 1 Feb 1997 12:49:54 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702011955.LAA24678@toad.com> Message-ID: <199702012048.MAA27571@slack.lne.com> Alan Olsen writes: > At 10:41 AM 1/31/97 -0800, Z.B. wrote: > >My computer went into the shop a few days ago, and I was unable to take > >my PGP keys off it before it went in. What are the security risks here? > >If the repairman chooses to snoop through the files, what would he be > >able to do with my key pair? Will I need to revoke the key and make a > >new one, or will I be relatively safe since he doesn't have my > >passphrase? > > Depends on how guessable your passphrase is. If you use something that would > fall to a dictionary attack, then you are vulnerable. (Providing that they > actually looked for your keyring and made a copy.) > > If you had nyms on your keyring, then those nyms can be associated with your > "true name" with no passphrase required. (Unless you keep your keyring > encrypted. Private Idaho supports encrypted keyrings, but little else does.) Other attacks would be installing a keyboard sniffer, replacing your PGP binary with a trojan that records your passphrase, etc. This sort of stuff is quite possible but not likely. Yet. > If you are really concerned about it, you could learn to do your own computer > repairs. Or put your PGP keys on removeable media. -- Eric Murray ericm at lne.com ericm at motorcycle.com http://www.lne.com/ericm PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF From stewarts at ix.netcom.com Sat Feb 1 12:55:41 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 12:55:41 -0800 (PST) Subject: Key Security Question Message-ID: <199702012055.MAA26123@toad.com> >> My computer went into the shop a few days ago, and I was unable to take >> my PGP keys off it before it went in. What are the security risks here? >> If the repairman chooses to snoop through the files, what would he be >> able to do with my key pair? Will I need to revoke the key and make a >> new one, or will I be relatively safe since he doesn't have my >> passphrase? Passphrases are MD5-hashed into 128-bit IDEA keys and used to encrypt the secret key; there's a "pgpcrack" program out there that does dictionary-style searches to find if you've got wimpy passphrases. So if your passphrases is "secret", you lose, but if it's "fjhw;doifvjuc-[09efiu v` 2 4rnhc;ljoipcvjpoiewujfgv;loik" you're probably pretty safe, unless that's written on the yellow sticky you left on the side of the PC. On the other hand, if the "repairman" replaced your pgp executable with version 2.6.3kgb, which uses your hashed passphrase as the session key, you're hosed. Or if he installed a keystroke sniffer, or added a small radio transmitter to your keyboard, or whatever. Depends on your threat model. If you need to be paranoid, they've already gotten you.... # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From stewarts at ix.netcom.com Sat Feb 1 12:56:04 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 12:56:04 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702012056.MAA26132@toad.com> At 04:23 PM 1/31/97 -0800, William Knowles wrote: >.. Primeco digital phone which uses CDMA technology to scramble >the calls and makes passive listening next to impossible. > (Primeco is a PCS phone) >I have been having one helluva a time trying to find more >information on the encryption used with Primeco, I have >spoken to customer service twice & the local rep told me that >the the Chicago FBI asked Primeco to shut off a phone this >week because they can't listen in on what is been said, >To which the the Primceco guys reply, If the feds can't listen >in then I shouldn't be worried. Many low-level phone company people don't know from encryption, and consider just being digital to be enough to satisfy their market's demand for privacy :-( On the other hand, if they're telling the truth that the FBI had somebody's cellphone shut down because they couldn't wiretap it, that's pretty outrageous, and would seem to constitute a "taking". >Excuse me if this posting is a little off topic, But I have >nearly looked everywhere on the WWW to no avail. CDMA is Code Division Multiple Access, a spread-spectrum technology that lets them manage bandwidth efficiently as well as providing a certain level of privacy (assuming they really are using CDMA, as opposed to TDMA). If there is encryption, it's probably the IS-136 stuff. Phil Karn from Qualcomm was on the standards committees when the NSA was arm-twisting them into making sure it's too wimpy to keep out the NSA, and of course the spread-spectrum is a bit less private when you can subpoena the spreading codes... But it really is much better than nothing. Here's a posting from John Young; you'll also want to look at the CAVE material on www.jya.com. ================================================================= Date: Sun, 26 Jan 1997 17:44:49 -0500 From: John Young To: cypherpunks at toad.com Subject: Cellular Encryption Docs Thanks to David Wagner and Steve Schear, we've learned about the latest documents on cellular encryption which supercede the 1992 CAVE document, Appendix A to IS-54, which contained the CAVE algorithm. Here are the latest, followed by ordering information. TIA/EIA/IS-136.1-A -- TDMA Cellular/PCS - Radio Interface - Mobile Station - Base Station Compatibility - Digital Control Panel, October, 1996, 372 pp. $350.00. Addendum No. 1 to IS-136.1-A, November, 1996, 40 pp. Free. TIA/EIA/IS-136.2-A -- TDMA Cellular/PCS - Radio Interface - Mobile Station - Base Station Compatibility - Traffic Channels and FSK Control Channel, October, 1996, 378 pp. $310.00. TIA/EIA-627 -- 800 MHZ Cellular System, TDMA Radio Interface, Dual-Mode Mobile Station - Base Station Compatibility Standard, June, 1996, 258 pp. $120.00. These documents can be ordered from: Global Engineering Documents 15 Inverness Way East Englewood, Colorado 80112 Telephone: 1-800-854-7179 However, each of the documents lists the following related supplements which contain "sensitive information" and may be obtained by US/CA citizens from TIA by signing a Non-Disclosure Agreement and acceptance of export restrictions: Appendix A to IS-136. Appendix A to 627. Common Cryptographic Algorithms. Interface Specification for Common Cryptographic Algorithms. These controlled documents can be requested by calling Ms. Sharon Vargish at 1-703-907-7702, who will fax an NDA, and upon receipt of the completed form, will send the controlled documents at no cost. Here's the NDA: AGREEMENT ON CONTROL AND NONDISCLOSURE OF COMMON CRYPTOGRAPHIC ALGORITHMS REVISION A TO IS-54, IS-95, AND IS-136 [Note: 627 supercedes IS-54; IS-95 is for CDMA] "I, _________________________, an employee/consultant/affiliate (typed name) of __________________________, hereafter, "the company," (Company name) _____________________________ (Company address) _____________________________ and a United States or Canadian citizen, acknowledge and understand that the subject documents, to which I will have access contain information [which] is subject to export control under the International Traffic in Arms Regulations (ITAR) (Title 22, Code of Federal Regulations, Part 120-130). I also understand that the subject documents represent valuable, proprietary and confidential business information of TIA and its members. I hereby certify that this information will be controlled and will only be further disclosed, exported, or transferred according to the terms of the ITAR. ______________________________ _____________________________ Signature Date ______________________________ _____________________________ Printed Name Witness ______________________________ _____________________________ Title Printed Name of Witness [End NDA] ============================================================================ # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From jya at pipeline.com Sat Feb 1 13:16:26 1997 From: jya at pipeline.com (John Young) Date: Sat, 1 Feb 1997 13:16:26 -0800 (PST) Subject: More on Cellular Encryption Docs Message-ID: <1.5.4.32.19970201211055.006e3984@pop.pipeline.com> Here's more on the controlled documents for cellular encryption from TIA/EIA we described in a 26 January post to cpunks: Sharon Vargish of TIA (1-703-907-7702) sent the documents after I signed and returned the NDA: TR45.0.A Common Cryptographic Algorithms, Revision B June 21, 1995, 72 pp. (With ITAR notice on every page) TR45.0.A Interface Specification for Common Cryptographic Algorithms, Revision B, August 6, 1996, 15 pp. (No ITAR notice, but "sensitive information should be protected from general distribution.") TR45 Appendix A to PN-3474 (IS-36) October 16, 1995, 10 pp. (ITAR notice on every page.) TR45 Appendix-A to TIA/EIA 627 December 23, 1996, 7 pp. (No ITAR, but "sensitive"notice) "Common Cryptographic Algorithms" (CCA) supercedes the 1992 CAVE document, but is considerbly longer -- 72 pp. for the latest compared to 25 pp. for the 1992 version. Here're the CCA's TOC and Introduction: Table of Contents 1. Introduction �1.1. Notations � �1.2. Definitions 2. Procedures � �2.1. Authentication Key (A-Key) Procedures � � � � 2.1.1. A-Key Checksum calculation � � � � � 2.1.2. A-Key Verification � �2.2. SSD Generation and Update � � � � 2.2.1. SSD Generation Procedure � � � � � 2.2.2. SSD Update Procedure � �2.3. Authentication Signature Calculation Procedure � �2.4. Encryption Key and VPM Generation Procedure � � � � 2.4.1. CMEA key Generation � � � � � 2.4.2. Voice Privacy Mask Generation � �2.5. CMEA Encryption/Decryption Procedure � �2.6. Wireless Residential Extension Procedures � � � � 2.6.1. WIKEY Generation � � � � � 2.6.2. WIKEY Update Procedure � � � � � 2.6.3. Wireline Interface Authentication Signature Calculation Procedure � � � � � 2.6.4. Wireless Residential Extension Authentication Signature Calculation Procedure � �2.7. Cellular Data Encryption � � � � 2.7.1. Data Encryption Key Generation Procedure � � � � � 2.7.2. Data Encryption Mask Generation Procedure 3. TEST VECTORS � �3.1. CAVE Test Vectors � � � � 3.1.1. Vector 1 � � � � � 3.1.2. Vector 2 � � � � � 3.1.3. Test Program � �3.2. Wireless Residential Extension Test Vectors � � � 3.2.1. Input data � � � � � 3.2.2. Test program � � � � � 3.2.3. Test Program Output � �3.3. Data Encryption Test Vector � � � � 3.3.1. Input data � � � � � 3.3.2. Test Program � � � � � 3.3.3. Test Program Output 1. Introduction This document describes detailed cryptographic procedures for cellular system applications. These procedures are used to perform the security services of mobile station authentication, subscriber message encryption, and encryption key and subscriber voice privacy key generation within cellular equipment. This document is organized as follows: �2 describes the Cellular Authentication, Voice Privacy and Encryption (CAVE) algorithm used for authentication for mobile subscriber equipment and for generation of cryptovariables to be used in other procedures. �2.1 describes the procedure to verify the manual entry of the subscriber authentication key (A-key). �2.2 describes the generation of intermediate subscriber cryptovariablcs, Shared Secret Data (SSD), from the unique and private subscriber A-key. �2.3 describes the procedure to calculate an authentication signature used by cellular base station equipment for verifying the authenticity of a mobile station. �2.4 describes the procedures used for generating cryptographic keys. These keys include the Voice Privacy Mask (VPM) and the Cellular Message Encryption Algorithm (CMEA) key. Thc VPM is used to provide forward link and reverse link voice confidentiality over the air interface. Thc CMEA key is used with the CMEA algorithm for protection of digital data exchanged between the mobile station and the base station. �2.5 describes the Cellular Message Encryption Algorithm (CMEA) used for enciphering and deciphering subscriber data exchanged between the mobile station and the base station. �2.6 describes the procedures for key and authentication signature generation for wireless residential extension applications. �2.7 describes the ORYX algorithm and procedures for key and mask generation for encryption and decryption in cellular data services. �3 provides test data (vectors) that may be employed to verify the correct operation of the cryptographic algorithms described in this document. ... [End CCA Introduction] The related CCA Interface Specification "describes the interfaces to cryptographic procedures for cellular system applications" described in the CCA. Its purpose "is to describe the cryptographic functions without revealing the technical details that are subject to" ITAR. The two Appendices A to IS-136 and 627 "contain requirements for message encryption and voice privacy for cellular systems" supplemental to those described in the main documents, the CCA and the CCA Interface Specs. ----- This note will be put with other CAVE info at: http://jya.com/cave.htm Thanks to TIA/EIA for prompt and courteous reply to our requests. Maybe they welcome help persuading USG/NSA to allow stronger crypto and boost the market for cellular systems. From vznuri at netcom.com Sat Feb 1 13:56:14 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Sat, 1 Feb 1997 13:56:14 -0800 (PST) Subject: Junger web site In-Reply-To: <199702010347.WAA21877@upaya.multiverse.com> Message-ID: <199702012156.NAA20854@netcom13.netcom.com> PJ sent me his web site which others may be interested in, with pointers to Karn and Bernstein: http://samsara.law.cwru.edu/comp_law/crypto_export/ so, essentially, there are now 3 pretty significant cases challenging ITAR on constitutional grounds, which I find highly encouraging. of course the Bernstein case has already had very positive results so far. From WlkngOwl at unix.asb.com Sat Feb 1 14:42:51 1997 From: WlkngOwl at unix.asb.com (Robert Rothenburg 'Walking-Owl') Date: Sat, 1 Feb 1997 14:42:51 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702012305.SAA24688@unix.asb.com> -----BEGIN PGP SIGNED MESSAGE----- On 1 Feb 97 at 9:39, Duncan Frissell wrote: > Mail Storage Box keys? I think they use combination locks, actually. Supposedly it's the same combination nationally too. There was an article in 2600 Magazine about that. The locks are actually 'insecure' and you can test every possible combo in about 10-20 minutes. - --Rob -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAgUBMvPFpgTNlSxdPy6ZAQF7QAf+IFPhGavlD7p5WFsmhESHi+PKd9msqYhN pxl8ZdUZMDJg61F6nLF4Oa7rfoCmzDXqP4w0WU1pk8MkkwwVb9oTTJg2k4hY4AKr IixesiAcDlGc9+11314Nao+PuU6epJYmLddGSIc0Ra3FKrqamyueW6qunsJQT1Z6 5E/BiqpEGAiEGqog9J/xXtSra4q9g1SzrMCGcR5z077gCzb5ONxIgWzQ6zlL0leb X1Y9pzABnm1iJbq7Q2HRAVAQVBiPC/vg+hW8COfao4XHGqsqVg2UBcZWT8TdbV4N cwqVw5fDpoZXPyQtzRynmq55xH4OIJWZ2HnNNK3KHdRcyS+JW24MBQ== =oAVd -----END PGP SIGNATURE----- ----- "The word to kill ain't dirty | Robert Rothenburg (WlkngOwl at unix.asb.com) I used it in the last line | http://www.asb.com/usr/wlkngowl/ but use a short word for lovin' | Se habla PGP: Reply with the subject and dad you wind up doin' time." | 'send pgp-key' for my public key. From gbroiles at netbox.com Sat Feb 1 15:04:33 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Sat, 1 Feb 1997 15:04:33 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <3.0.32.19970201144910.0068e100@ricochet.net> Someone (Igor?) suggested I said that libel can't be criminalized. I don't think that's correct, but I may have been unclear. I haven't researched the question and can't call to mind a case directly on point, but my hunch is that states may criminalize libel, but a conviction would require that the state prove, beyond a reasonable doubt (because it's a criminal case), and that the defendant acted with actual malice (because the state is seeking to punish speech, and punitive damages in civil cases require proving actual malice). "Actual malice" means that the defendant said something s/he knew was untrue or recklessly disregarded the truth of what s/he said. (This excludes, for example, an "honest mistake" about what's true.) _Times v. Sullivan_, the case which introduced the actual malice standard, discussed Alabama's criminal libel statute - so the Supreme Court, in the mid 60's, didn't seem to have a problem with criminalizing libel. I can't seem to find a criminal libel statute in California; and if I remember correctly the Oregon Legislature contemplated but did not pass one during its last legislative session. Also, people interested in _Times v. Sullivan_ and the interplay between defamation and the First Amendment might find "Make No Law: The Sullivan Case and the First Amendment" by Anthony Lewis (ISBN 0-697-73939-4) of interest. The decision itself is online at - the factual summary of the Sullivan case posted here was not correct, and the first few pages of the opinion provide a description of the underlying facts. Since we've now got Jim Bell arguing that it's obvious that a free and open society must tolerate anything which might be defamatory, and Jim Choate arguing that it's obvious that a free and open society cannot tolerate anything which might be defamatory, I think I'm going to wander away from this discussion confident that the answer is, at least, nonobvious. :) -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From blancw at cnw.com Sat Feb 1 15:15:24 1997 From: blancw at cnw.com (blanc) Date: Sat, 1 Feb 1997 15:15:24 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <01BC1053.485521C0@king1-06.cnw.com> From: Toto, quoting the Cyphernomicon 3.5.1 Contrary to what people sometimes claim, there is no ruling clique of Cypherpunks. Anybody is free to do nearly anything, just not free to commit others to course of action, or claim to speak for the "Cypherpunks" as a group (and this last point is unenforceable except through reputation and social repercussions). ......................................................................... Toto, I'm surprised at how seriously you take the underlying anarchist philosophy of the list; you identify so closely with it, and have responded to its moderation as though it really would be "the end of freedom", even though you seem to have appeared, or else come out of lurking, only recently. Is this because you value anarchy, or free speech, or the existence of the Cypherpunks as a unique group of stray cats [ :>) ]? Side note: Since Tim isn't on the list and hasn't been for a month, I've been wondering if it had anything to do with the moderation experiment, although it is unlike him to have left without either an argument or at least some kind of statement about it. .. Blanc From shamrock at netcom.com Sat Feb 1 15:31:24 1997 From: shamrock at netcom.com (Lucky Green) Date: Sat, 1 Feb 1997 15:31:24 -0800 (PST) Subject: Crypto in New Zealand - an update Message-ID: <3.0.32.19970201151843.006ec2d0@192.100.81.137> At 06:03 AM 2/2/97, pgut001 at cs.auckland.ac.nz wrote: [...] >The following week Andrew Mayo wrote a letter to the editor of the NBR >containing an eloquent defense of the use of encryption to protect personal >privacy. MFAT replied to say that they were only following orders, and were >required by the Wassenaar agreement to restrict crypto exports: [...] Just for clarification, it is the Wassenaar *arrangement* (somehow the term is more fitting anyway...) and it does *not* require the signatory countries to implement crypto export controls. Not that this will make any difference, since it would be the first time that a government would allow facts to stand in the way of politics. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From nobody at huge.cajones.com Sat Feb 1 15:54:09 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sat, 1 Feb 1997 15:54:09 -0800 (PST) Subject: Degaussing diskettes Message-ID: <199702012354.PAA11855@mailmasher.com> Dr.Dopehead L[ice] Vilus K[rust]OfTheMoment wears satin lingerie embroidered with pink swastikas, prancing around for his faggot, AIDS infected lovers. \|/ @ @ -oOO-(_)-OOo- Dr.Dopehead L[ice] Vilus K[rust]OfTheMoment From smb at research.att.com Sat Feb 1 15:55:53 1997 From: smb at research.att.com (Steven Bellovin) Date: Sat, 1 Feb 1997 15:55:53 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702012355.PAA00552@toad.com> Many low-level phone company people don't know from encryption, and consider just being digital to be enough to satisfy their market's demand for privacy :-( On the other hand, if they're telling the truth that the FBI had somebody's cellphone shut down because they couldn't wiretap it, that's pretty outrageous, and would seem to constitute a "taking". And an illegal wiretap besides, most likely -- with a warrant, they could simply put the tap at the base station. The story may be true, but it doesn't sound quite right to me. I recently got a TDMA phone (a Nokia 2160), which is capable of doing some sort of encryption, though I'm not sure what algorithm. It doesn't always encrypt even when in digital mode (it can handle AMPS, too), but there's a configuration option to tell the user whether or not encryption is in use. From ericm at lne.com Sat Feb 1 15:57:34 1997 From: ericm at lne.com (Eric Murray) Date: Sat, 1 Feb 1997 15:57:34 -0800 (PST) Subject: Key Security Question Message-ID: <199702012357.PAA00605@toad.com> Alan Olsen writes: > At 10:41 AM 1/31/97 -0800, Z.B. wrote: > >My computer went into the shop a few days ago, and I was unable to take > >my PGP keys off it before it went in. What are the security risks here? > >If the repairman chooses to snoop through the files, what would he be > >able to do with my key pair? Will I need to revoke the key and make a > >new one, or will I be relatively safe since he doesn't have my > >passphrase? > > Depends on how guessable your passphrase is. If you use something that would > fall to a dictionary attack, then you are vulnerable. (Providing that they > actually looked for your keyring and made a copy.) > > If you had nyms on your keyring, then those nyms can be associated with your > "true name" with no passphrase required. (Unless you keep your keyring > encrypted. Private Idaho supports encrypted keyrings, but little else does.) Other attacks would be installing a keyboard sniffer, replacing your PGP binary with a trojan that records your passphrase, etc. This sort of stuff is quite possible but not likely. Yet. > If you are really concerned about it, you could learn to do your own computer > repairs. Or put your PGP keys on removeable media. -- Eric Murray ericm at lne.com ericm at motorcycle.com http://www.lne.com/ericm PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF From jya at pipeline.com Sat Feb 1 15:59:19 1997 From: jya at pipeline.com (John Young) Date: Sat, 1 Feb 1997 15:59:19 -0800 (PST) Subject: More on Cellular Encryption Docs Message-ID: <199702012359.PAA00661@toad.com> Here's more on the controlled documents for cellular encryption from TIA/EIA we described in a 26 January post to cpunks: Sharon Vargish of TIA (1-703-907-7702) sent the documents after=20 I signed and returned the NDA: TR45.0.A Common Cryptographic Algorithms, Revision B June 21, 1995, 72 pp. (With ITAR notice on every page) TR45.0.A Interface Specification for Common Cryptographic Algorithms, Revision B, August 6, 1996, 15 pp. (No ITAR notice, but=20 "sensitive information should be protected from general=20 distribution.") TR45 Appendix A to PN-3474 (IS-36) October 16, 1995, 10 pp. (ITAR notice on every page.) TR45 Appendix-A to TIA/EIA 627 December 23, 1996, 7 pp. (No ITAR, but "sensitive"notice) "Common Cryptographic Algorithms" (CCA) supercedes the 1992=20 CAVE document, but is considerbly longer -- 72 pp. for the latest compared to 25 pp. for the 1992 version. Here're the CCA's TOC and Introduction: Table of Contents 1. Introduction=20 =A01.1. Notations=20 =A0 =A01.2. Definitions=20 2. Procedures=20 =A0 =A02.1. Authentication Key (A-Key) Procedures =A0 =A0 =A0 =A0 2.1.1. A-Key Checksum calculation =A0 =A0 =A0 =A0 =A0=20 2.1.2. A-Key Verification =A0 =A02.2. SSD Generation and Update =A0 =A0 =A0 =A0 2.2.1. SSD Generation Procedure =A0 =A0 =A0 =A0 =A0=20 2.2.2. SSD Update Procedure =A0 =A02.3. Authentication Signature Calculation Procedure =A0 =A02.4. Encryption Key and VPM Generation Procedure =A0 =A0 =A0 =A0 2.4.1. CMEA key Generation =A0 =A0 =A0 =A0 =A0=20 2.4.2. Voice Privacy Mask Generation =A0 =A02.5. CMEA Encryption/Decryption Procedure =A0 =A02.6. Wireless Residential Extension Procedures =A0 =A0 =A0 =A0 2.6.1. WIKEY Generation =A0 =A0 =A0 =A0 =A0=20 2.6.2. WIKEY Update Procedure =A0 =A0 =A0 =A0 =A0=20 2.6.3. Wireline Interface Authentication Signature=20 Calculation Procedure =A0 =A0 =A0 =A0 =A0=20 2.6.4. Wireless Residential Extension Authentication=20 Signature Calculation Procedure =A0 =A02.7. Cellular Data Encryption=20 =A0 =A0 =A0 =A0 2.7.1. Data Encryption Key Generation Procedure =A0 =A0 = =A0 =A0 =A0=20 2.7.2. Data Encryption Mask Generation Procedure 3. TEST VECTORS =A0 =A03.1. CAVE Test Vectors =A0 =A0 =A0 =A0 3.1.1. Vector 1 =A0 =A0 =A0 =A0 =A0=20 3.1.2. Vector 2 =A0 =A0 =A0 =A0 =A0=20 3.1.3. Test Program =A0 =A03.2. Wireless Residential Extension Test Vectors =A0 =A0 =A0 3.2.1. Input data =A0 =A0 =A0 =A0 =A0=20 3.2.2. Test program =A0 =A0 =A0 =A0 =A0=20 3.2.3. Test Program Output =A0 =A03.3. Data Encryption Test Vector =A0 =A0 =A0 =A0 3.3.1. Input data =A0 =A0 =A0 =A0 =A0=20 3.3.2. Test Program =A0 =A0 =A0 =A0 =A0=20 3.3.3. Test Program Output =20 1. Introduction This document describes detailed cryptographic procedures for=20 cellular system applications. These procedures are used to=20 perform the security services of mobile station authentication,=20 subscriber message encryption, and encryption key and subscriber=20 voice privacy key generation within cellular equipment. This document is organized as follows: =A72 describes the Cellular Authentication, Voice Privacy and=20 Encryption (CAVE) algorithm used for authentication for mobile=20 subscriber equipment and for generation of cryptovariables to=20 be used in other procedures. =A72.1 describes the procedure to verify the manual entry of the=20 subscriber authentication key (A-key). =A72.2 describes the generation of intermediate subscriber=20 cryptovariablcs, Shared Secret Data (SSD), from the unique and=20 private subscriber A-key. =A72.3 describes the procedure to calculate an authentication=20 signature used by cellular base station equipment for verifying=20 the authenticity of a mobile station. =A72.4 describes the procedures used for generating cryptographic=20 keys. These keys include the Voice Privacy Mask (VPM) and the=20 Cellular Message Encryption Algorithm (CMEA) key. Thc VPM is used=20 to provide forward link and reverse link voice confidentiality=20 over the air interface. Thc CMEA key is used with the CMEA=20 algorithm for protection of digital data exchanged between the=20 mobile station and the base station. =A72.5 describes the Cellular Message Encryption Algorithm (CMEA)=20 used for enciphering and deciphering subscriber data exchanged=20 between the mobile station and the base station. =A72.6 describes the procedures for key and authentication=20 signature generation for wireless residential extension=20 applications. =A72.7 describes the ORYX algorithm and procedures for key and mask=20 generation for encryption and decryption in cellular data services. =A73 provides test data (vectors) that may be employed to verify=20 the correct operation of the cryptographic algorithms described=20 in this document. ... [End CCA Introduction] The related CCA Interface Specification "describes the interfaces to cryptographic procedures for cellular system applications" described in the CCA. Its purpose "is to describe the cryptographic functions without revealing the technical details that are subject to" ITAR. The two Appendices A to IS-136 and 627 "contain requirements for=20 message encryption and voice privacy for cellular systems"=20 supplemental to those described in the main documents, the CCA and=20 the CCA Interface Specs. ----- This note will be put with other CAVE info at: http://jya.com/cave.htm Thanks to TIA/EIA for prompt and courteous reply to our requests. Maybe they welcome help persuading USG/NSA to allow stronger crypto and boost the market for cellular systems. From vznuri at netcom.com Sat Feb 1 16:10:53 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Sat, 1 Feb 1997 16:10:53 -0800 (PST) Subject: Junger web site Message-ID: <199702020010.QAA01056@toad.com> PJ sent me his web site which others may be interested in, with pointers to Karn and Bernstein: http://samsara.law.cwru.edu/comp_law/crypto_export/ so, essentially, there are now 3 pretty significant cases challenging ITAR on constitutional grounds, which I find highly encouraging. of course the Bernstein case has already had very positive results so far. From blancw at cnw.com Sat Feb 1 16:11:04 1997 From: blancw at cnw.com (blanc) Date: Sat, 1 Feb 1997 16:11:04 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702020011.QAA01078@toad.com> From: Toto, quoting the Cyphernomicon 3.5.1 Contrary to what people sometimes claim, there is no ruling clique of Cypherpunks. Anybody is free to do nearly anything, just not free to commit others to course of action, or claim to speak for the "Cypherpunks" as a group (and this last point is unenforceable except through reputation and social repercussions). ......................................................................... Toto, I'm surprised at how seriously you take the underlying anarchist philosophy of the list; you identify so closely with it, and have responded to its moderation as though it really would be "the end of freedom", even though you seem to have appeared, or else come out of lurking, only recently. Is this because you value anarchy, or free speech, or the existence of the Cypherpunks as a unique group of stray cats [ :>) ]? Side note: Since Tim isn't on the list and hasn't been for a month, I've been wondering if it had anything to do with the moderation experiment, although it is unlike him to have left without either an argument or at least some kind of statement about it. .. Blanc From gbroiles at netbox.com Sat Feb 1 16:11:15 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Sat, 1 Feb 1997 16:11:15 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702020011.QAA01095@toad.com> Someone (Igor?) suggested I said that libel can't be criminalized. I don't think that's correct, but I may have been unclear. I haven't researched the question and can't call to mind a case directly on point, but my hunch is that states may criminalize libel, but a conviction would require that the state prove, beyond a reasonable doubt (because it's a criminal case), and that the defendant acted with actual malice (because the state is seeking to punish speech, and punitive damages in civil cases require proving actual malice). "Actual malice" means that the defendant said something s/he knew was untrue or recklessly disregarded the truth of what s/he said. (This excludes, for example, an "honest mistake" about what's true.) _Times v. Sullivan_, the case which introduced the actual malice standard, discussed Alabama's criminal libel statute - so the Supreme Court, in the mid 60's, didn't seem to have a problem with criminalizing libel. I can't seem to find a criminal libel statute in California; and if I remember correctly the Oregon Legislature contemplated but did not pass one during its last legislative session. Also, people interested in _Times v. Sullivan_ and the interplay between defamation and the First Amendment might find "Make No Law: The Sullivan Case and the First Amendment" by Anthony Lewis (ISBN 0-697-73939-4) of interest. The decision itself is online at - the factual summary of the Sullivan case posted here was not correct, and the first few pages of the opinion provide a description of the underlying facts. Since we've now got Jim Bell arguing that it's obvious that a free and open society must tolerate anything which might be defamatory, and Jim Choate arguing that it's obvious that a free and open society cannot tolerate anything which might be defamatory, I think I'm going to wander away from this discussion confident that the answer is, at least, nonobvious. :) -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From WlkngOwl at unix.asb.com Sat Feb 1 16:12:44 1997 From: WlkngOwl at unix.asb.com (Robert Rothenburg 'Walking-Owl') Date: Sat, 1 Feb 1997 16:12:44 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702020012.QAA01104@toad.com> -----BEGIN PGP SIGNED MESSAGE----- On 1 Feb 97 at 9:39, Duncan Frissell wrote: > Mail Storage Box keys? I think they use combination locks, actually. Supposedly it's the same combination nationally too. There was an article in 2600 Magazine about that. The locks are actually 'insecure' and you can test every possible combo in about 10-20 minutes. - --Rob -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAgUBMvPFpgTNlSxdPy6ZAQF7QAf+IFPhGavlD7p5WFsmhESHi+PKd9msqYhN pxl8ZdUZMDJg61F6nLF4Oa7rfoCmzDXqP4w0WU1pk8MkkwwVb9oTTJg2k4hY4AKr IixesiAcDlGc9+11314Nao+PuU6epJYmLddGSIc0Ra3FKrqamyueW6qunsJQT1Z6 5E/BiqpEGAiEGqog9J/xXtSra4q9g1SzrMCGcR5z077gCzb5ONxIgWzQ6zlL0leb X1Y9pzABnm1iJbq7Q2HRAVAQVBiPC/vg+hW8COfao4XHGqsqVg2UBcZWT8TdbV4N cwqVw5fDpoZXPyQtzRynmq55xH4OIJWZ2HnNNK3KHdRcyS+JW24MBQ== =oAVd -----END PGP SIGNATURE----- ----- "The word to kill ain't dirty | Robert Rothenburg (WlkngOwl at unix.asb.com) I used it in the last line | http://www.asb.com/usr/wlkngowl/ but use a short word for lovin' | Se habla PGP: Reply with the subject and dad you wind up doin' time." | 'send pgp-key' for my public key. From shamrock at netcom.com Sat Feb 1 16:25:46 1997 From: shamrock at netcom.com (Lucky Green) Date: Sat, 1 Feb 1997 16:25:46 -0800 (PST) Subject: Crypto in New Zealand - an update Message-ID: <199702020025.QAA01481@toad.com> At 06:03 AM 2/2/97, pgut001 at cs.auckland.ac.nz wrote: [...] >The following week Andrew Mayo wrote a letter to the editor of the NBR >containing an eloquent defense of the use of encryption to protect personal >privacy. MFAT replied to say that they were only following orders, and were >required by the Wassenaar agreement to restrict crypto exports: [...] Just for clarification, it is the Wassenaar *arrangement* (somehow the term is more fitting anyway...) and it does *not* require the signatory countries to implement crypto export controls. Not that this will make any difference, since it would be the first time that a government would allow facts to stand in the way of politics. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From toto at sk.sympatico.ca Sat Feb 1 17:25:59 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 17:25:59 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <3.0.1.32.19970201115431.047a4e50@popd.ix.netcom.com> Message-ID: <32F4011A.1B3C@sk.sympatico.ca> Bill Stewart wrote: > >>>Postal Service offers $25,000 reward for stolen . . . something > I was also guessing keys - truck keys are a less subtle target than > box storage keys, and telling every thug in the country that > mail trucks are an easy target, just take the keys from the carrier, > seems almost worth sounding really stupid in public to avoid. > They did say that it wasn't something they carried in their pockets, > but do mail carriers hang their keys on their belts? Mail carriers in some areas carry keys for buildings with security doors (sometimes Master keys). Or perhaps they've taken over the CIA's crack distribution route. Is anyone on the list willing to 'knock off' a couple of mail carriers and get back to us with a definitive answer on this? (Doesn't this kind of thing fall under the moderator's job description?) Toto From toto at sk.sympatico.ca Sat Feb 1 17:26:05 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 17:26:05 -0800 (PST) Subject: Crypto in New Zealand - an update In-Reply-To: <3.0.32.19970201151843.006ec2d0@192.100.81.137> Message-ID: <32F4096D.789@sk.sympatico.ca> Lucky Green wrote: > At 06:03 AM 2/2/97, pgut001 at cs.auckland.ac.nz wrote: > [...] > >The following week Andrew Mayo wrote a letter to the editor of the NBR > >containing an eloquent defense of the use of encryption to protect personal > >privacy. MFAT replied to say that they were only following orders, and were > >required by the Wassenaar agreement to restrict crypto exports: > [...] MFAT doesn't put crypto in the ovens, they just turn on the gas. > Just for clarification, it is the Wassenaar *arrangement* (somehow the term > is more fitting anyway...) and it does *not* require the signatory > countries to implement crypto export controls. > Not that this will make any difference, since it would be the first time > that a government would allow facts to stand in the way of politics. ...or allow 'citizens' to stand in the way of politics. Toto From hallam at ai.mit.edu Sat Feb 1 17:30:38 1997 From: hallam at ai.mit.edu (Phillip M Hallam-Baker) Date: Sat, 1 Feb 1997 17:30:38 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702020129.UAA28314@life.ai.mit.edu> > I'm still waiting for you to explain what you believe to be the "problem" > for which we are searching a solution. The problem is that you are a crushing bore. You peddle your crackpot scheme long after it has been made plain nobody is interested. Yet another reason to believe you are an FBI agent provocateur. Phill From wb8foz at nrk.com Sat Feb 1 17:35:19 1997 From: wb8foz at nrk.com (David Lesher) Date: Sat, 1 Feb 1997 17:35:19 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <199702020012.QAA01104@toad.com> Message-ID: <199702020134.UAA08012@nrk.com> Robert Rothenburg 'Walking-Owl' sez: > > > > Mail Storage Box keys? > > I think they use combination locks, actually. Supposedly it's the same > combination nationally too. > > There was an article in 2600 Magazine about that. The locks are > actually 'insecure' and you can test every possible combo in about > 10-20 minutes. I think you are confusing USPS and FedEx. USPS uses key locks seemingly designed by Ben Franklin himself. Look at them someday. FedEx boxes used to have Simplex 926 5 pushbutton ""locks"" if you stretch the point. I'm guessing what they lost was a reloader for postage meters. -- A host is a host from coast to coast.................wb8foz at nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433 From jimbell at pacifier.com Sat Feb 1 17:56:42 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 17:56:42 -0800 (PST) Subject: Libel & the 1st Amendment Message-ID: <199702020156.RAA13867@mail.pacifier.com> At 12:52 PM 2/1/97 -0500, Mark M. wrote: >On Sat, 1 Feb 1997, Peter J. Capelli wrote: > >> You mean to say, rich people can overcrowd the courts as much as they >> like, while others are restricted by contigency-only lawyers ( Call >> 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to >> control >> a poor one with many frivolous lawsuits ... while they can afford to file >> lawsuit after lawsuit, the poor person cannot defend himself. > >What, exactly, would be the point of suing a poor person? To quiet him from political dissent, presumably. I think the term coined a few years ago was "SLAPP", something akin to "Strategic Lawsuit Against Public Policy," or similar. For example, "Company A" wants to build a mine or factory or something similar at a location. Citizens object, causing political problems. Company sues the individuals for damages, which costs the individuals a great deal of money to defend against even if they never lose the suit. The real problem is actually a series of mistakes: 1. Individual should not be able to cause political problems for company. 2. "Government" should not be able to impact company activities short of actual harm. 3. Company should not be able to impact individual by suing except for actual harm done by that individual. Naturally, the source of these problems is that by each of their existence, lawyers make more money. As usual, I have a solution to that problem. Jim Bell jimbell at pacifier.com From ravage at einstein.ssz.com Sat Feb 1 18:00:11 1997 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 1 Feb 1997 18:00:11 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702020201.UAA00977@einstein> Hi, It has been asserted that I am claiming that a free and open society should not abide any and all actions in contrast to Jim Bell's assertion that a free and open society must tolerate any action. This is not my case at all. I hold that a DEMOCRATIC society with a HEALTHY ECONOMIC system must have some minimum standards on what is allowed. By no means do I hold that the ONLY means of a free and open society is a democracy. It is quite possible to have an anarchy which would also be a free and open society and by DEFINITION would tolerate any action by its members acting individualy or in concert. I hold that for a democratic society to retain concepts of freedom and equity under the law as well as be economicaly viable, especialy in an environment where 'reputation' is critical such as a network over which economic transactions can take place with nothing more than a email order and a EFT, must not provide ex post facto AND carte blanche protection of the speech of the citizens. For such a system to operate requires a 'reputation' system to be in place. For such a system to be viable it MUST protect those reputations otherwise the concept of a 'contract' is worthless. I DO hold that this system MUST provide a priori protection of all speech. I further hold that any distinction between the 'government' and the people of a nation is a false and misleading distinction which is not in the best interest of the society because it by DEFINITION promotes a class society which is by definition contrary to the goal of equity under a democracy. It further provides a mechanism by which the representatives of the 'state' may claim immunity from the very standards they are charged with enforcing. This is because the charter of such a society is itself simply a contract between any arbitrary individual of that society and the sum total of the remaining citizenry (ie the 'state'). I further hold that one of the current legal practices based on precidence which MUST be replaced is our system dealing with defamation. I further hold that our current system of legal representation is inherently flawed and prevents equal representation under the law. Jim Choate CyberTects ravage at ssz.com From toto at sk.sympatico.ca Sat Feb 1 18:22:07 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 18:22:07 -0800 (PST) Subject: Fighting the cybercensor In-Reply-To: <199702020129.UAA28314@life.ai.mit.edu> Message-ID: <32F411DF.75C7@sk.sympatico.ca> Phillip M Hallam-Baker wrote: > The problem is that you are a crushing bore. You peddle your crackpot > scheme long after it has been made plain nobody is interested. I also thing that the other list members involved in this thread are 'nobodies', but I was too polite to say anything. > Yet another reason to believe you are an FBI agent provocateur. I agree. He just strips down to his badge, but never 'comes across'. > Phill From dthorn at gte.net Sat Feb 1 18:23:46 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 18:23:46 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <32F32D6C.126C@sk.sympatico.ca> Message-ID: <32F3F8FB.154B@gte.net> Toto wrote: > 3.5.1 Contrary to what people sometimes claim, there is no ruling > clique of Cypherpunks. Anybody is free to do nearly anything, > just not free to commit others to course of action, or claim > to speak for the "Cypherpunks" as a group (and this last > point is unenforceable except through reputation and social > repercussions). > 3.6.3 "Why isn't the list moderated?" > ...hardly consistent with many of our anarchist leanings, is it? > - "No, please, let's not become a 'moderated' newsgroup. This > would be the end of freedom! Is this why T.C. May hasn't posted in quite a while? From toto at sk.sympatico.ca Sat Feb 1 18:26:15 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 18:26:15 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702020226.SAA04649@toad.com> Bill Stewart wrote: > >>>Postal Service offers $25,000 reward for stolen . . . something > I was also guessing keys - truck keys are a less subtle target than > box storage keys, and telling every thug in the country that > mail trucks are an easy target, just take the keys from the carrier, > seems almost worth sounding really stupid in public to avoid. > They did say that it wasn't something they carried in their pockets, > but do mail carriers hang their keys on their belts? Mail carriers in some areas carry keys for buildings with security doors (sometimes Master keys). Or perhaps they've taken over the CIA's crack distribution route. Is anyone on the list willing to 'knock off' a couple of mail carriers and get back to us with a definitive answer on this? (Doesn't this kind of thing fall under the moderator's job description?) Toto From wb8foz at nrk.com Sat Feb 1 18:29:27 1997 From: wb8foz at nrk.com (David Lesher) Date: Sat, 1 Feb 1997 18:29:27 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702020229.SAA04750@toad.com> Robert Rothenburg 'Walking-Owl' sez: > > > > Mail Storage Box keys? > > I think they use combination locks, actually. Supposedly it's the same > combination nationally too. > > There was an article in 2600 Magazine about that. The locks are > actually 'insecure' and you can test every possible combo in about > 10-20 minutes. I think you are confusing USPS and FedEx. USPS uses key locks seemingly designed by Ben Franklin himself. Look at them someday. FedEx boxes used to have Simplex 926 5 pushbutton ""locks"" if you stretch the point. I'm guessing what they lost was a reloader for postage meters. -- A host is a host from coast to coast.................wb8foz at nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433 From toto at sk.sympatico.ca Sat Feb 1 18:29:29 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 18:29:29 -0800 (PST) Subject: Crypto in New Zealand - an update Message-ID: <199702020229.SAA04751@toad.com> Lucky Green wrote: > At 06:03 AM 2/2/97, pgut001 at cs.auckland.ac.nz wrote: > [...] > >The following week Andrew Mayo wrote a letter to the editor of the NBR > >containing an eloquent defense of the use of encryption to protect personal > >privacy. MFAT replied to say that they were only following orders, and were > >required by the Wassenaar agreement to restrict crypto exports: > [...] MFAT doesn't put crypto in the ovens, they just turn on the gas. > Just for clarification, it is the Wassenaar *arrangement* (somehow the term > is more fitting anyway...) and it does *not* require the signatory > countries to implement crypto export controls. > Not that this will make any difference, since it would be the first time > that a government would allow facts to stand in the way of politics. ...or allow 'citizens' to stand in the way of politics. Toto From jimbell at pacifier.com Sat Feb 1 18:29:37 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 18:29:37 -0800 (PST) Subject: Libel & the 1st Amendment Message-ID: <199702020229.SAA04759@toad.com> At 12:52 PM 2/1/97 -0500, Mark M. wrote: >On Sat, 1 Feb 1997, Peter J. Capelli wrote: > >> You mean to say, rich people can overcrowd the courts as much as they >> like, while others are restricted by contigency-only lawyers ( Call >> 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to >> control >> a poor one with many frivolous lawsuits ... while they can afford to file >> lawsuit after lawsuit, the poor person cannot defend himself. > >What, exactly, would be the point of suing a poor person? To quiet him from political dissent, presumably. I think the term coined a few years ago was "SLAPP", something akin to "Strategic Lawsuit Against Public Policy," or similar. For example, "Company A" wants to build a mine or factory or something similar at a location. Citizens object, causing political problems. Company sues the individuals for damages, which costs the individuals a great deal of money to defend against even if they never lose the suit. The real problem is actually a series of mistakes: 1. Individual should not be able to cause political problems for company. 2. "Government" should not be able to impact company activities short of actual harm. 3. Company should not be able to impact individual by suing except for actual harm done by that individual. Naturally, the source of these problems is that by each of their existence, lawyers make more money. As usual, I have a solution to that problem. Jim Bell jimbell at pacifier.com From ravage at einstein.ssz.com Sat Feb 1 18:30:22 1997 From: ravage at einstein.ssz.com (Jim Choate) Date: Sat, 1 Feb 1997 18:30:22 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702020230.SAA04826@toad.com> Hi, It has been asserted that I am claiming that a free and open society should not abide any and all actions in contrast to Jim Bell's assertion that a free and open society must tolerate any action. This is not my case at all. I hold that a DEMOCRATIC society with a HEALTHY ECONOMIC system must have some minimum standards on what is allowed. By no means do I hold that the ONLY means of a free and open society is a democracy. It is quite possible to have an anarchy which would also be a free and open society and by DEFINITION would tolerate any action by its members acting individualy or in concert. I hold that for a democratic society to retain concepts of freedom and equity under the law as well as be economicaly viable, especialy in an environment where 'reputation' is critical such as a network over which economic transactions can take place with nothing more than a email order and a EFT, must not provide ex post facto AND carte blanche protection of the speech of the citizens. For such a system to operate requires a 'reputation' system to be in place. For such a system to be viable it MUST protect those reputations otherwise the concept of a 'contract' is worthless. I DO hold that this system MUST provide a priori protection of all speech. I further hold that any distinction between the 'government' and the people of a nation is a false and misleading distinction which is not in the best interest of the society because it by DEFINITION promotes a class society which is by definition contrary to the goal of equity under a democracy. It further provides a mechanism by which the representatives of the 'state' may claim immunity from the very standards they are charged with enforcing. This is because the charter of such a society is itself simply a contract between any arbitrary individual of that society and the sum total of the remaining citizenry (ie the 'state'). I further hold that one of the current legal practices based on precidence which MUST be replaced is our system dealing with defamation. I further hold that our current system of legal representation is inherently flawed and prevents equal representation under the law. Jim Choate CyberTects ravage at ssz.com From dthorn at gte.net Sat Feb 1 18:34:43 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 18:34:43 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <01BC1053.485521C0@king1-06.cnw.com> Message-ID: <32F3FC93.7269@gte.net> blanc wrote: > From: Toto, quoting the Cyphernomicon > 3.5.1 Contrary to what people sometimes claim, there is no ruling > clique of Cypherpunks. Anybody is free to do nearly anything, > just not free to commit others to course of action, or claim > to speak for the "Cypherpunks" as a group (and this last > point is unenforceable except through reputation and social repercussions). > Toto, I'm surprised at how seriously you take the underlying anarchist > philosophy of the list; you identify so closely with it, and have responded > to its moderation as though it really would be "the end of freedom", even > though you seem to have appeared, or else come out of lurking, only > recently. Is this because you value anarchy, or free speech, or the > existence of the Cypherpunks as a unique group of stray cats [ :>) ]? > Side note: Since Tim isn't on the list and hasn't been for a month, I've been > wondering if it had anything to do with the moderation experiment, although > it is unlike him to have left without either an argument or at least some > kind of statement about it. Maybe Tim's Last Words got "lost", eh? So far, several people have stated that "it could happen". From jya at pipeline.com Sat Feb 1 18:50:25 1997 From: jya at pipeline.com (John Young) Date: Sat, 1 Feb 1997 18:50:25 -0800 (PST) Subject: NSA Material at the National Archives Message-ID: <1.5.4.32.19970202024456.0072d818@pop.pipeline.com> For access to the 5,000 items declassified under NSA's OPENDOOR program (http://www.nsa.gov:8080/programs/opendoor), we got this answer from the National Archives: Dear Mr. Young: This is in response to your electronic mail inquiry of December 20, 1996, concerning National Security Agency records transferred to the National Archives. The material described on the NSA web site was transferred to the National Archives and made available in April 1996. We can supply you with electrostatic (paper) copies of select files for $0.25 per page. Please let us know which files you would like copied, and we will send you a reproduction price quote (please include your mailing address with all such requests). We ask that you limit each request to five files. Should you choose to come to Washington to do research, our records and microfilm publications are available for consultation without charge in our research room. The National Archives at College Park (Archives II), is located at 8601 Adelphi Road, College Park, Maryland. If you do not have a research card, you must apply for one in the reception area. Research room hours (except legal holidays) are 8:45 a.m. to 5 p.m., Monday and Wednesday; and 8:45 a.m. to 9 p.m., Tuesday, Thursday and Friday. Our subject matter specialists are not on duty after 5:15 p.m. The research rooms also are open on Saturday from 8:45 a.m. to 4:45 p.m., with a small research room staff present. Requests for records must be made before 3:30 p.m. Monday-Friday; no requests can be made on Saturday. The telephone number for the Archives II Reference Branch is 301-713-7250. Ken Schlessinger Archives II Textual Reference Branch National Archives at College Park 8601 Adelphi Rd College Park, MD 20740-6001 kenneth.schlessinger at ARCH2.NARA.GOV From ichudov at algebra.com Sat Feb 1 18:58:43 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Sat, 1 Feb 1997 18:58:43 -0800 (PST) Subject: Fighting the cybercensor In-Reply-To: <199702020129.UAA28314@life.ai.mit.edu> Message-ID: <199702020255.UAA16001@manifold.algebra.com> Phillip M Hallam-Baker wrote: > > > I'm still waiting for you to explain what you believe to be the "problem" > > > for which we are searching a solution. > > The problem is that you are a crushing bore. You peddle your crackpot > scheme long after it has been made plain nobody is interested. I am interested. Who else is? > Yet another reason to believe you are an FBI agent provocateur. - Igor. From stewarts at ix.netcom.com Sat Feb 1 19:00:47 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 19:00:47 -0800 (PST) Subject: More on Cellular Encryption Docs In-Reply-To: <199702012359.PAA00661@toad.com> Message-ID: <3.0.1.32.19970201183101.006369c8@popd.ix.netcom.com> At 04:10 PM 2/1/97 -0500, John Young wrote: >Here's more on the controlled documents for cellular encryption >from TIA/EIA we described in a 26 January post to cpunks: ... > TR45.0.A > Common Cryptographic Algorithms, Revision B > June 21, 1995, 72 pp. (With ITAR notice on every page) Of course, ITAR as recently modified says it's ok to send this stuff overseas to foreigners, as long as it's on paper. There may be separate restrictions on sending it, or on copying, but they're based on copyright or contractual non-disclosure. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From jimbell at pacifier.com Sat Feb 1 19:14:13 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 19:14:13 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702020313.TAA20622@mail.pacifier.com> At 02:52 PM 2/1/97 -0800, Greg Broiles wrote: >Also, people interested in _Times v. Sullivan_ and the interplay between >defamation and the First Amendment might find "Make No Law: The Sullivan >Case and the First Amendment" by Anthony Lewis (ISBN 0-697-73939-4) of >interest. The decision itself is online at >=254> - the factual summary of the Sullivan case posted here was not >correct, and the first few pages of the opinion provide a description of >the underlying facts. > >Since we've now got Jim Bell arguing that it's obvious that a free and open >society must tolerate anything which might be defamatory, and Jim Choate >arguing that it's obvious that a free and open society cannot tolerate >anything which might be defamatory, I think I'm going to wander away from >this discussion confident that the answer is, at least, nonobvious. :) Your last paragraph looks like an exercise of the silly game the TV show "60 minutes" producers often play when they read the letters from the audience about a previous report on a controversial subject. They first read a letter from an outraged viewer who claims that the TV show's producers must have been biased in one direction, and then they read another letter from a different viewer who alleges they showed a bias in the opposite direction. The show is trying to leave you with the impression that they MUST have been unbiased, because they are being accused of diametrically opposite leanings. All they are really showing is that given the hundreds and probably thousands of letters they receive on each show weekly (which are, by definition, written by self-motivated people) they can get at least one on each end of the spectrum for whatever subject they've just covered. Not surprising. (If anything, I'd be surprised if they ever DON'T recieve at least two such letters which could be misused in this way...) So before you "wander away," perhaps you ought to explain why we NEED defamation laws? The sun would still rise tomorrow morning absent them. A few feelings might be hurt, that's true, but on the other hand the implied endorsement of The State ("If that statement wasn't true, he couldn't print it!") has a, cumulatively, far greater impact on all of us. A clue is present in the likely fact that the origins of defamation laws were primarily to keep the king and the upper-crust free of printed and verbal attack directed by the lower-classes, even given the presence of whatever nominal "free-speech" guarantees were present. Explain, for example, that while it is now universally recognized by the truth is a defense for libel accusations, it was NOT true when William Penn went on trial for libel in the late 1600's. Jim Bell jimbell at pacifier.com From dthorn at gte.net Sat Feb 1 19:19:50 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 19:19:50 -0800 (PST) Subject: Free & Open Society & toleration In-Reply-To: <199702020201.UAA00977@einstein> Message-ID: <32F40783.5EBF@gte.net> Jim Choate wrote: > It has been asserted that I am claiming that a free and open society should > not abide any and all actions in contrast to Jim Bell's assertion that a > free and open society must tolerate any action. > This is not my case at all. I hold that a DEMOCRATIC society with a HEALTHY > ECONOMIC system must have some minimum standards on what is allowed. By no > means do I hold that the ONLY means of a free and open society is a democracy. > It is quite possible to have an anarchy which would also be a free and open > society and by DEFINITION would tolerate any action by its members acting > individualy or in concert. [snip] Nobody has a problem with your ideals, it's just that Jim Bell is trying to say (correct me and forgive me if I'm wrong) that: 1. Society will never subscribe to your ideals. 2. Society is not static, i.e., instead of remaining at a constant level of corruption, the officials will keep demanding more, until there's a sudden, catastrophic break. 3. The AP solution has the potential to stabilize the level of corruption, which should make violent revolutions and genocide unnecessary. From dthorn at gte.net Sat Feb 1 19:25:59 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 19:25:59 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702020325.TAA06428@toad.com> Toto wrote: > 3.5.1 Contrary to what people sometimes claim, there is no ruling > clique of Cypherpunks. Anybody is free to do nearly anything, > just not free to commit others to course of action, or claim > to speak for the "Cypherpunks" as a group (and this last > point is unenforceable except through reputation and social > repercussions). > 3.6.3 "Why isn't the list moderated?" > ...hardly consistent with many of our anarchist leanings, is it? > - "No, please, let's not become a 'moderated' newsgroup. This > would be the end of freedom! Is this why T.C. May hasn't posted in quite a while? From stewarts at ix.netcom.com Sat Feb 1 19:26:02 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 19:26:02 -0800 (PST) Subject: More on Cellular Encryption Docs Message-ID: <199702020326.TAA06429@toad.com> At 04:10 PM 2/1/97 -0500, John Young wrote: >Here's more on the controlled documents for cellular encryption >from TIA/EIA we described in a 26 January post to cpunks: ... > TR45.0.A > Common Cryptographic Algorithms, Revision B > June 21, 1995, 72 pp. (With ITAR notice on every page) Of course, ITAR as recently modified says it's ok to send this stuff overseas to foreigners, as long as it's on paper. There may be separate restrictions on sending it, or on copying, but they're based on copyright or contractual non-disclosure. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From dthorn at gte.net Sat Feb 1 19:26:04 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 19:26:04 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702020326.TAA06430@toad.com> blanc wrote: > From: Toto, quoting the Cyphernomicon > 3.5.1 Contrary to what people sometimes claim, there is no ruling > clique of Cypherpunks. Anybody is free to do nearly anything, > just not free to commit others to course of action, or claim > to speak for the "Cypherpunks" as a group (and this last > point is unenforceable except through reputation and social repercussions). > Toto, I'm surprised at how seriously you take the underlying anarchist > philosophy of the list; you identify so closely with it, and have responded > to its moderation as though it really would be "the end of freedom", even > though you seem to have appeared, or else come out of lurking, only > recently. Is this because you value anarchy, or free speech, or the > existence of the Cypherpunks as a unique group of stray cats [ :>) ]? > Side note: Since Tim isn't on the list and hasn't been for a month, I've been > wondering if it had anything to do with the moderation experiment, although > it is unlike him to have left without either an argument or at least some > kind of statement about it. Maybe Tim's Last Words got "lost", eh? So far, several people have stated that "it could happen". From jya at pipeline.com Sat Feb 1 19:27:44 1997 From: jya at pipeline.com (John Young) Date: Sat, 1 Feb 1997 19:27:44 -0800 (PST) Subject: NSA Material at the National Archives Message-ID: <199702020327.TAA06468@toad.com> For access to the 5,000 items declassified under NSA's OPENDOOR program (http://www.nsa.gov:8080/programs/opendoor), we got this answer from the National Archives: Dear Mr. Young: This is in response to your electronic mail inquiry of December 20, 1996, concerning National Security Agency records transferred to the National Archives. The material described on the NSA web site was transferred to the National Archives and made available in April 1996. We can supply you with electrostatic (paper) copies of select files for $0.25 per page. Please let us know which files you would like copied, and we will send you a reproduction price quote (please include your mailing address with all such requests). We ask that you limit each request to five files. Should you choose to come to Washington to do research, our records and microfilm publications are available for consultation without charge in our research room. The National Archives at College Park (Archives II), is located at 8601 Adelphi Road, College Park, Maryland. If you do not have a research card, you must apply for one in the reception area. Research room hours (except legal holidays) are 8:45 a.m. to 5 p.m., Monday and Wednesday; and 8:45 a.m. to 9 p.m., Tuesday, Thursday and Friday. Our subject matter specialists are not on duty after 5:15 p.m. The research rooms also are open on Saturday from 8:45 a.m. to 4:45 p.m., with a small research room staff present. Requests for records must be made before 3:30 p.m. Monday-Friday; no requests can be made on Saturday. The telephone number for the Archives II Reference Branch is 301-713-7250. Ken Schlessinger Archives II Textual Reference Branch National Archives at College Park 8601 Adelphi Rd College Park, MD 20740-6001 kenneth.schlessinger at ARCH2.NARA.GOV From stewarts at ix.netcom.com Sat Feb 1 19:40:45 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 19:40:45 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702020340.TAA06830@toad.com> At 06:51 PM 2/1/97 -0800, you wrote: > Is anyone on the list willing to 'knock off' a couple of mail >carriers and get back to us with a definitive answer on this? We were joking about this last night - this is just encouraging people to hold up mail carriers and say "Hand it over!" "Hand over what?" "You, know, the thingie" "What thingie?" "The one they steal from mailmen in Miami" "You mean this?" "No, it wouldn't be one of them, not worth enough" "How about one of these?" "Maybe, but that's probably not it" "My mailbag?" "No, that's too obvious." "ID card?" "No, you don't look enough like me" "Dog repellent?" "No, that's kind of smelly*" Of course, as Toto suggested, it could be just that the carriers are delivering dope on the side, or maybe they're stealing the mail carriers' shirts to complete their disgruntled postal workers' costumes. [*"Cheshire perhaps?" "No, we're all out of that"...] # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From jimbell at pacifier.com Sat Feb 1 19:40:45 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 19:40:45 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702020340.TAA06831@toad.com> At 02:52 PM 2/1/97 -0800, Greg Broiles wrote: >Also, people interested in _Times v. Sullivan_ and the interplay between >defamation and the First Amendment might find "Make No Law: The Sullivan >Case and the First Amendment" by Anthony Lewis (ISBN 0-697-73939-4) of >interest. The decision itself is online at >=254> - the factual summary of the Sullivan case posted here was not >correct, and the first few pages of the opinion provide a description of >the underlying facts. > >Since we've now got Jim Bell arguing that it's obvious that a free and open >society must tolerate anything which might be defamatory, and Jim Choate >arguing that it's obvious that a free and open society cannot tolerate >anything which might be defamatory, I think I'm going to wander away from >this discussion confident that the answer is, at least, nonobvious. :) Your last paragraph looks like an exercise of the silly game the TV show "60 minutes" producers often play when they read the letters from the audience about a previous report on a controversial subject. They first read a letter from an outraged viewer who claims that the TV show's producers must have been biased in one direction, and then they read another letter from a different viewer who alleges they showed a bias in the opposite direction. The show is trying to leave you with the impression that they MUST have been unbiased, because they are being accused of diametrically opposite leanings. All they are really showing is that given the hundreds and probably thousands of letters they receive on each show weekly (which are, by definition, written by self-motivated people) they can get at least one on each end of the spectrum for whatever subject they've just covered. Not surprising. (If anything, I'd be surprised if they ever DON'T recieve at least two such letters which could be misused in this way...) So before you "wander away," perhaps you ought to explain why we NEED defamation laws? The sun would still rise tomorrow morning absent them. A few feelings might be hurt, that's true, but on the other hand the implied endorsement of The State ("If that statement wasn't true, he couldn't print it!") has a, cumulatively, far greater impact on all of us. A clue is present in the likely fact that the origins of defamation laws were primarily to keep the king and the upper-crust free of printed and verbal attack directed by the lower-classes, even given the presence of whatever nominal "free-speech" guarantees were present. Explain, for example, that while it is now universally recognized by the truth is a defense for libel accusations, it was NOT true when William Penn went on trial for libel in the late 1600's. Jim Bell jimbell at pacifier.com From dthorn at gte.net Sat Feb 1 19:42:25 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 19:42:25 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702020342.TAA06926@toad.com> Jim Choate wrote: > It has been asserted that I am claiming that a free and open society should > not abide any and all actions in contrast to Jim Bell's assertion that a > free and open society must tolerate any action. > This is not my case at all. I hold that a DEMOCRATIC society with a HEALTHY > ECONOMIC system must have some minimum standards on what is allowed. By no > means do I hold that the ONLY means of a free and open society is a democracy. > It is quite possible to have an anarchy which would also be a free and open > society and by DEFINITION would tolerate any action by its members acting > individualy or in concert. [snip] Nobody has a problem with your ideals, it's just that Jim Bell is trying to say (correct me and forgive me if I'm wrong) that: 1. Society will never subscribe to your ideals. 2. Society is not static, i.e., instead of remaining at a constant level of corruption, the officials will keep demanding more, until there's a sudden, catastrophic break. 3. The AP solution has the potential to stabilize the level of corruption, which should make violent revolutions and genocide unnecessary. From markm at voicenet.com Sat Feb 1 19:51:41 1997 From: markm at voicenet.com (Mark M.) Date: Sat, 1 Feb 1997 19:51:41 -0800 (PST) Subject: Libel & the 1st Amendment In-Reply-To: <199702020156.RAA13867@mail.pacifier.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On Sat, 1 Feb 1997, jim bell wrote: > At 12:52 PM 2/1/97 -0500, Mark M. wrote: > >On Sat, 1 Feb 1997, Peter J. Capelli wrote: > > > >> You mean to say, rich people can overcrowd the courts as much as they > >> like, while others are restricted by contigency-only lawyers ( Call > >> 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to > >> control > >> a poor one with many frivolous lawsuits ... while they can afford to file > >> lawsuit after lawsuit, the poor person cannot defend himself. > > > >What, exactly, would be the point of suing a poor person? > > To quiet him from political dissent, presumably. I think the term coined a > few years ago was "SLAPP", something akin to "Strategic Lawsuit Against > Public Policy," or similar. I should point out that in my previous post, I was refering to the specific instance of libel -- not any general lawsuit. I can think of very few instances where a rich person would sue someone without the resources to even defend himself for libel just to harass the defendant. I'm sure there are a few cases, but it wouldn't be worth the plaintiff's time or money. I would be interested if anyone knows of any specific examples of this. Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMvQQAyzIPc7jvyFpAQFAfQgAp5qsAm9LZdXeR3+8s4LkUv5qH6Ju8Rda te3EJ90gjHxDcv/QRopQ3fRM5KzsHgr5JqPRWDFF0Zo3CxbRsB8x/CK3aIo2axpt xEAeA/TT3oBWOCXFs2fVR6dCy4XAMh4e/q58kNnDqqUnJNBgto5kr8Hp4op9Ypgi WO0G0Su6L8JuBwnui6Ni5XxHSBchBwu6Z0Jv0TFrG43lnS++K+UriX9cIYxR8JVH roUg/9SDCZysmuEvNh8VMLAd492wD2jhge4LiiYaSNWrpe5JD2jA/nJ9Olevpu3v 4+75YOpRIgHAugMyl/bbNZgTjStoLUicHATyt7PLEUtj/sbmPbakkQ== =qrVu -----END PGP SIGNATURE----- From toto at sk.sympatico.ca Sat Feb 1 20:00:16 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 20:00:16 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <01BC1053.485521C0@king1-06.cnw.com> Message-ID: <32F42C19.50EA@sk.sympatico.ca> blanc wrote: > Toto, I'm surprised at how seriously you take the underlying anarchist > philosophy of the list; you identify so closely with it, and have responded > to its moderation as though it really would be "the end of freedom", even > though you seem to have appeared, or else come out of lurking, only > recently. Is this because you value anarchy, or free speech, or the > existence of the Cypherpunks as a unique group of stray cats [ :>) ]? I value Reason (big 'R'), humor (small 'h'), and A/ambiguity (take your pick). Anarchy is only a pause between dictators. Fascism is necessary to remind us not to take freedom for granted. One should call for 'order' during the rein of anarchy and for 'freedom during times of Fascism. I have 'appeared' and/or 'come out of lurking' on the CypherPunks list at various times since it's inception, under various personas. Few have noticed, and fewer, still, have ever accurately described, as you have, what I truly value about the CypherPunks--"a unique group of stray cats." The CypherPunks have, over the years, weathered varying sorts of 'problems' in the development of the list, as a result of various 'voices of Reason' prevailing in the setting the list's direction--even when those 'voices' were diametrically opposed in their beliefs. What currently threatens the list, in my opinion, is not the dissension, but the rise of a cliquish sheep-mentality and the resulting dismissal of the opinions of people of Reason (and the opinions of 'anyone', in general, whom 'I' perceive as being on the 'other side' of an issue). If the day comes when I am able to file away the CypherPunks list under this-or-that category, then I will put a tombstone in the file, as well, and put flowers in it once a year. Toto > Side note: > Since Tim isn't on the list and hasn't been for a month, I've been > wondering if it had anything to do with the moderation experiment, although > it is unlike him to have left without either an argument or at least some > kind of statement about it. > > .. > Blanc From azur at netcom.com Sat Feb 1 20:14:17 1997 From: azur at netcom.com (Steve Schear) Date: Sat, 1 Feb 1997 20:14:17 -0800 (PST) Subject: "Strong" crypto and export rule changes. Message-ID: > What the US government will allow to be exported is not "strong >encryption." It is encryption only slightly too strong to be broken >by an amateur effort. For the right investment in custom hardware, it >falls quickly. (500,000 $US = 3.5 hour avg break). > Considering Ian's feat you certainly seem to have had your crystal ball in hand. --Steve From ravage at EINSTEIN.ssz.com Sat Feb 1 20:16:19 1997 From: ravage at EINSTEIN.ssz.com (Jim Choate) Date: Sat, 1 Feb 1997 20:16:19 -0800 (PST) Subject: Free & Open Society & toleration (fwd) Message-ID: <199702020418.WAA01210@einstein> Forwarded message: > Nobody has a problem with your ideals, it's just that Jim Bell is > trying to say (correct me and forgive me if I'm wrong) that: > > 1. Society will never subscribe to your ideals. But other than two points they already do. The two points being, 1. Libel is a recognized legal concept now, the difference is one of degree. That degree of difference being how much money there is available for the lawyer and their willingness to enforce the concepts of justice in the society based upon their perceived ability to profit by it. 2. The extension of acceptance of reasonable legal representation by lot from not only the defence but also the prosecution. My solutions to these two issues are: 1. Removal of the lawyer from the ultimate choice of whether the case should be pursued. 2. The minimalization of the defendants and plaintiffs monetary resources by removing them from the legal system by choosing the legal representation of both parties by lot. 3. By moving the responsibility of police to provide evidence from the prosecution to the court we equalize the impact of irregularities in evidence selection as well as minimizing the sorts of evidence disputes which so impact some trials (ie OJ Simpson). 4. By the implimentation of a bond proviso on the part of the plaintiff the system provides a check and balance reducing nuisance cases as well as reducing the taxation load on the citizenry. > 2. Society is not static, i.e., instead of remaining at a constant > level of corruption, the officials will keep demanding more, > until there's a sudden, catastrophic break. Absolutely, that is one of the reasons I refuse to seperate those who represent the social contract (eg the Constitution) and those who are impacted by it, which includes even those who represent it and enforce its various responsibilities. AP relies on this distinction as axiomatic. This axiomatic view is ultimately based in a jealous greed for what others have (ie power, percieved or real) and the implicit belief that all people are NOT created equal. > 3. The AP solution has the potential to stabilize the level of > corruption, which should make violent revolutions and genocide > unnecessary. But it doesn't. What it does is provide a mechanism for de-stabalization. Just look at the Middle East and the history of assassination. Assassinations have never stabalized that region or any other. There is nothging in our current understanding of human psychology and social interactions that leads to the conclusion that threats of violence will necessarily force people to comply. If it did the government (as perceived by AP) would not have to deal with real opposition. Simply threaten the opposition and it melts away for the same reason that supposedly the government would cease to oppose radicalism (ie changes in the status quo forced by small groups upon the masses). If anything every real world example of AP demonstrates an increase in corruption (eg. Beirut). The closest analog in history to AP is the "Flowery Wars" as practiced by the Aztecs. However, these were motivated by a belief in religous homogeneity and not one of politics. Also, implicit in this was the axiomatic acceptance of a real class seperation between those who ruled and those who were ruled. By no means could one accept the premise that this caused the Aztec rulers to be more sensitive to corruption or the continued existance of their system. Another good example is assassination in ancient Rome, it is clear that such activities in no way reduced corruption. If anything AP provides a rationale (ie self-defence) to impose even harsher a priori conditions on sections of a society by another part of that society. Hardly what I would consider a stabalizing condition let alone democratic. What is required for stability is for each group to feel unthreatened and secure in expressing their beliefs without fear of reprisals and at the same time recognizing they must provide room for others beliefs. There must also be the realization that refusal to abide by these precepts will be met with immediate consequences. Something AP can't do, as it explicitly promotes threats and the carrying out thereof. On another issue, it was asked what purpose there is in suing a poor person. Simple lack of monetary wealth should be no more reason to exempt a party from justice than having large quantities. A citizen should face the consequences of their actions, how rich or poor they are is an irrelevant issue. Concepts required for a true working democracy: Liberty Justice Equality Fraternity Jim Choate CyberTects ravage at ssz.com From toto at sk.sympatico.ca Sat Feb 1 20:34:10 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 20:34:10 -0800 (PST) Subject: Libel, Times v. Sullivan In-Reply-To: <199702020313.TAA20622@mail.pacifier.com> Message-ID: <32F431BA.DBF@sk.sympatico.ca> jim bell wrote: > Your last paragraph looks like an exercise of the silly game the TV show "60 > minutes" producers often play when they read the letters from the audience > about a previous report on a controversial subject. They first read a > letter from an outraged viewer who claims that the TV show's producers must > have been biased in one direction, and then they read another letter from a > different viewer who alleges they showed a bias in the opposite direction. > The show is trying to leave you with the impression that they MUST have been > unbiased, because they are being accused of diametrically opposite leanings. Sounds suspiciously like Sandy's approach to 'fair' moderation, to me. > All they are really showing is that given the hundreds and probably > thousands of letters they receive on each show weekly (which are, by > definition, written by self-motivated people) they can get at least one on > each end of the spectrum for whatever subject they've just covered. Perhaps they author these 'letters' themselves: "I agree wholeheartedly with the position espoused by '60 Minutes'. and, "I don't not think maybe dat dese guys are write, nohow." > A clue is present in the likely fact that the origins of defamation laws > were primarily to keep the king and the upper-crust free of printed and > verbal attack directed by the lower-classes, even given the presence of > whatever nominal "free-speech" guarantees were present. Next thing you know, saying, "The king is fucking the queen.", is libel and defamation. Go figure... Toto From jimbell at pacifier.com Sat Feb 1 20:36:44 1997 From: jimbell at pacifier.com (jim bell) Date: Sat, 1 Feb 1997 20:36:44 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702020435.UAA27638@mail.pacifier.com> At 08:02 PM 2/1/97 -0800, Toto wrote: >Phillip M Hallam-Baker wrote: >> The problem is that you are a crushing bore. You peddle your crackpot >> scheme long after it has been made plain nobody is interested. > > I also thing that the other list members involved in this thread are >'nobodies', but I was too polite to say anything. It's odd that you would say this. I get that impression ("nobodies") about practically EVERY subject discussed here. Why name this particular one, as if it were somehow special? Jim Bell jimbell at pacifier.com From scott-b at ix.netcom.com Sat Feb 1 20:44:01 1997 From: scott-b at ix.netcom.com (Scott) Date: Sat, 1 Feb 1997 20:44:01 -0800 (PST) Subject: Keystroke sniffer question Message-ID: <2.2.32.19970202043909.006c8dd0@popd.ix.netcom.com> How can you detect if there is a keystroke sniffer on your computer. Is there a file name to look for? Where do people get them? ======================================= Scott Bellavance scott-b at ix.netcom.com http://www.netcom.com/~scott-b/homepage.html ======================================= -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzAu56UAAAEEAL8pOdPu2pw5E91f99ByJWT+O1smtcOlIr6GL9TdCbdZ6I2U UPLl7RL5cV4e3Wv4nIIZiOIePMAUouM5fQZib4vnGpCKM/WxfGQBRGafsq2mlzvE IKLBrdYhQ5STl/qZIaCKI2+V4hdsvTPaI0PCqGzGoiDv9gbbZ40Gi3F38KqtAAUR tCtTY290dCBSLiBCZWxsYXZhbmNlIDxzY290dC1iQGl4Lm5ldGNvbS5jb20+ =Hfbk -----END PGP PUBLIC KEY BLOCK----- From adam at homeport.org Sat Feb 1 20:59:53 1997 From: adam at homeport.org (Adam Shostack) Date: Sat, 1 Feb 1997 20:59:53 -0800 (PST) Subject: "Strong" crypto and export rule changes. In-Reply-To: Message-ID: <199702020455.XAA02857@homeport.org> Steve Schear wrote: | > What the US government will allow to be exported is not "strong | >encryption." It is encryption only slightly too strong to be broken | >by an amateur effort. For the right investment in custom hardware, it | >falls quickly. (500,000 $US = 3.5 hour avg break). | > | | Considering Ian's feat you certainly seem to have had your crystal | ball in hand. I wear three around my neck. Its a new age thing. More seriously, that estimate is the cost of breaking DES on custom hardware, based on Wiener's figures. Ian got RC4-40 in 3.5 hours on I don't know how much hardware, not a lot of it custom, AFAIK. Adam -- Pet peeve of the day: Security companies whose protocols dare not speak their name, because they don't have one. Guilty company of the day is now V-One. From declan at pathfinder.com Sat Feb 1 21:10:17 1997 From: declan at pathfinder.com (Declan McCullagh) Date: Sat, 1 Feb 1997 21:10:17 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <199702020325.TAA06428@toad.com> Message-ID: That question is one for Tim to answer, but I should point out that philosophical anarchists are not necessarily opposed to rules, just government rules -- which this moderation policy clearly is not. -Declan On Sat, 1 Feb 1997, Dale Thorn wrote: > Toto wrote: > > 3.5.1 Contrary to what people sometimes claim, there is no ruling > > clique of Cypherpunks. Anybody is free to do nearly anything, > > just not free to commit others to course of action, or claim > > to speak for the "Cypherpunks" as a group (and this last > > point is unenforceable except through reputation and social > > repercussions). > > 3.6.3 "Why isn't the list moderated?" > > ...hardly consistent with many of our anarchist leanings, is it? > > - "No, please, let's not become a 'moderated' newsgroup. This > > would be the end of freedom! > > Is this why T.C. May hasn't posted in quite a while? > > > From toto at sk.sympatico.ca Sat Feb 1 21:17:23 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 21:17:23 -0800 (PST) Subject: Free & Open Society & toleration In-Reply-To: <199702020201.UAA00977@einstein> Message-ID: <32F4401E.3F73@sk.sympatico.ca> Jim Choate wrote: > It has been asserted that I am claiming that a free and open society should > not abide any and all actions in contrast to Jim Bell's assertion that a > free and open society must tolerate any action. > > This is not my case at all. I hold that a DEMOCRATIC society with a HEALTHY > ECONOMIC system must have some minimum standards on what is allowed. By no > means do I hold that the ONLY means of a free and open society is a democracy. > It is quite possible to have an anarchy which would also be a free and open > society and by DEFINITION would tolerate any action by its members acting > individualy or in concert. I have waited, with bated breath, for you to take a position which is short, concise, and well-reasoned. Well, you finally did, but you just couldn't leave it alone, could you? I think that what you have written (above) is a valid and meaningful statement of your position. I see what follows, however, as a train of 'logic' which follows a pre-defined, emotionally-charged justification of a defensive position you have taken, as a result of a real or imagined 'slight'. I have followed your 'libel' thread, as rambling (and sometimes dichotomously incoherent) as it is, and I recognize that you are passionate in your beliefs (for which I salute you), but I think that perhaps your interests might be better served if you let logic lead your emotions. If you did so, I might well hire you as my lawyer (to defend me in your libel suit against me), since you do have a 'bulldog' sense of determination in pursing any position you take. The million-and-one posts you made with the results of your search-engine research on libel only served to accentuate your inability to fully understand the issues underlying libel and defamation. Your own opinions regarding your thoughts and opinions regarding these same issues were much more poignant and enlightening. I would hope that, in the future, you would justify your beliefs and opinions with a revelation of your own points of logic (or illogic) rather than attempting to support them with legalese rulings which often stand on a foundation of sand, especially under close judicial scrutiny. You do, indeed, raise some points that are worthy of valid consideration, and debate, but they tend to get lost in your excessive arguments regarding them. Toto From dthorn at gte.net Sat Feb 1 21:42:00 1997 From: dthorn at gte.net (Dale Thorn) Date: Sat, 1 Feb 1997 21:42:00 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: Message-ID: <32F428CD.AB9@gte.net> Declan McCullagh wrote: > That question is one for Tim to answer, but I should point out that > philosophical anarchists are not necessarily opposed to rules, just > government rules -- which this moderation policy clearly is not. I've seen this kind of statement so many times I just have to point it out: "which this moderation policy *clearly* (emph. mine) is not". Why is it so clear to you, but not everyone? Am I missing something? Didn't Reagan, Bush, North et al make it clear enough to Americans that much of what the govt. does has been privatized, as if we didn't know already from the 1970's assassination hearings in the Congress, or from when Carter fired the 900 security guys and they went to work for "private" contractors? I ask you again to look at the motives of the people involved. John Gilmore isn't about to waste a second of his personal time "moderating" this list (who could blame him?), and I can't for the life of me see a reason why Sandy would want to devote so much time to it. Have you or anyone seen a real reason why Sandy would want to do this? Is he so devoted to crypto and personal freedom that he'll do *anything* to eliminate the postings which "threaten" this list, or could there be some other, hidden motivation? My long experience in the real world says that professional people do *not* devote a great deal of their time to things like this unless there is an *awfully* good reason. > On Sat, 1 Feb 1997, Dale Thorn wrote: > > Toto wrote: > > > 3.5.1 Contrary to what people sometimes claim, there is no ruling > > > clique of Cypherpunks. Anybody is free to do nearly anything, > > > just not free to commit others to course of action, or claim > > > to speak for the "Cypherpunks" as a group (and this last > > > point is unenforceable except through reputation and social > > > repercussions). > > > 3.6.3 "Why isn't the list moderated?" > > > ...hardly consistent with many of our anarchist leanings, is it? > > > - "No, please, let's not become a 'moderated' newsgroup. This > > > would be the end of freedom! > > Is this why T.C. May hasn't posted in quite a while? From toto at sk.sympatico.ca Sat Feb 1 21:43:40 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 21:43:40 -0800 (PST) Subject: Fighting the cybercensor In-Reply-To: <199702020435.UAA27638@mail.pacifier.com> Message-ID: <32F4447D.2F6C@sk.sympatico.ca> jim bell wrote: > At 08:02 PM 2/1/97 -0800, Toto wrote: > > I also think that the other list members involved in this thread are > >'nobodies', but I was too polite to say anything. > > It's odd that you would say this. I get that impression ("nobodies") about > practically EVERY subject discussed here. Why name this particular one, as > if it were somehow special? Jim, "You're 'nobody', till 'somebody' loves you..." Everybody has their own prediliction as to what interests them, and what is 'frivilous' on the list. Someone, in private email, mentioned that they felt that 60% of the posts were 'uninteresting'. I replied that this seemed to be a close approximation of many list members' beliefs, but that, if we all moderated/censored out 'our' 60% of 'uninteresting' posts before the list was sent out, that there would be precious little left. I don't know if you recognized my comment as humor, since I have an aversion to using 'happy faces' (the result of a childhood trauma), but I just love to poke fun at the plethora of personas on the list who seem to believe that anything outside of their immediate scope of interest is somehow 'unworthy' of being posted the list. By the way, in order to prevent this post from going to the 'flames' list, I will NOT say that you are a low-life, scum-sucking Nazi piece of shit. I will likewise refrain from suggesting that your mother wears army boots, you are a child-pornographer, an imbecile, and a pervert, or that you beat your wife and children regularly. By golly, I think I'm 'getting the hang of' this new, improved, Politically Correct, nicey-nice list format. Toto From dlv at bwalk.dm.com Sat Feb 1 21:50:16 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sat, 1 Feb 1997 21:50:16 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702012055.MAA26123@toad.com> Message-ID: <9gDH2D8w165w@bwalk.dm.com> Bill Stewart writes: > >> My computer went into the shop a few days ago, and I was unable to take > >> my PGP keys off it before it went in. What are the security risks here? > >> If the repairman chooses to snoop through the files, what would he be > >> able to do with my key pair? Will I need to revoke the key and make a > >> new one, or will I be relatively safe since he doesn't have my > >> passphrase? > > Passphrases are MD5-hashed into 128-bit IDEA keys and used to > encrypt the secret key; there's a "pgpcrack" program out there > that does dictionary-style searches to find if you've got > wimpy passphrases. So if your passphrases is "secret", you lose, > but if it's "fjhw;doifvjuc-[09efiu v` 2 4rnhc;ljoipcvjpoiewujfgv;loik" > you're probably pretty safe, unless that's written on the yellow > sticky you left on the side of the PC. > > On the other hand, if the "repairman" replaced your pgp executable > with version 2.6.3kgb, which uses your hashed passphrase as the > session key, you're hosed. Or if he installed a keystroke sniffer, > or added a small radio transmitter to your keyboard, or whatever. > Depends on your threat model. If you need to be paranoid, > they've already gotten you.... If you're really paranoid, you can boot from a clean floppy and reinstall everything from your backup tapes. You do have a contingency plan in case your hard disk goes bad, or gets a virus, don't you? Well, if you're in doubt, exercise it. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From mhayes at infomatch.com Sat Feb 1 21:54:52 1997 From: mhayes at infomatch.com (Murray Hayes) Date: Sat, 1 Feb 1997 21:54:52 -0800 (PST) Subject: GSM technology Message-ID: <199702020554.VAA17925@infomatch.com> On Mon, 20 Jan 1997 13:37:38 -0800, Lucky Green wrote: >At 09:43 AM 1/20/97 -0500, Nurdane Oksas wrote: >> Does anyone use ADSL lines? or are they still very expensive? > >I just had a very interesting talk with somebody from Northern Telecom (Canada's Phone Company). NorTel has apparently skipped ISDN and is now deploying ADSL. Some areas already have access to ADSL at, can you believe this, $60/month. > I'm not sure about Nortel but ADSL is availible in Calgary from CadVision. http://www.cadvision.ca It's not cheap. BCTel is yapping about offering it by the end of the year. From unicorn at schloss.li Sat Feb 1 21:58:12 1997 From: unicorn at schloss.li (Black Unicorn) Date: Sat, 1 Feb 1997 21:58:12 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: Message-ID: On Fri, 31 Jan 1997, rex wrote: > Black Unicorn wrote: > > >If you want to look at it a different way, if you are involved with a drug > >offense and are not using a weapon, you'll get a lower sentence than a > >full fledged drug crime. It's a step in the right direction - i.e. away > >from manadatory sentencing of a flat time period for a crime regardless of > >circumstances. > > But Putra got the same sentence she would have gotten had she been > convicted on both charges. The fact that she was acquitted meant nothing. That this is true once, does not make it so in all cases. You also lose sight of the general scheme of things. That the sentence imposed may have the same maximum sentence with sentencing enhancements and a lesser included offense as with conviction of a "great offense" means nothing with regard to the validity of sentencing enhancements. That theft and low level bank fraud have the same penality when theft is enhanced with a "victim was infirm or helpless" or a "firearm was used in furtherance of the crime" could as easily reflect a lack of vigor and spite in the prosecution of bank fraud as it could reflect severe vigor and spite in the prosecution of theft. Please note that the difference between: "But he got the same sentence as he would have if he was convicted of carrying a gun in furtherance of the crime." and "But he got the same sentence as he would have is he was not convicted of carrying a gun in furtherance of the crime." is subtle at best. Next time don't get caught stealing with a gun nearby. -- Forward complaints to : European Association of Envelope Manufactures Finger for Public Key Gutenbergstrasse 21;Postfach;CH-3001;Bern Vote Monarchist Switzerland From blancw at cnw.com Sat Feb 1 22:00:20 1997 From: blancw at cnw.com (blanc) Date: Sat, 1 Feb 1997 22:00:20 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <01BC108B.EE831D80@king1-20.cnw.com> From: Greg Broiles Since we've now got Jim Bell arguing that it's obvious that a free and open society must tolerate anything which might be defamatory, and Jim Choate arguing that it's obvious that a free and open society cannot tolerate anything which might be defamatory, I think I'm going to wander away from this discussion confident that the answer is, at least, nonobvious. :) .................................................................. Heh - Jim B. and Jim C.: the Yin & Yang of Society At Large. What could a discussion between them produce. .. Blanc From wlkngowl at unix.asb.com Sat Feb 1 22:02:25 1997 From: wlkngowl at unix.asb.com (Rob) Date: Sat, 1 Feb 1997 22:02:25 -0800 (PST) Subject: Key Security Question Message-ID: <199702020625.BAA07602@unix.asb.com> On 31 Jan 1997 15:37:01 -0500, you wrote: >My computer went into the shop a few days ago, and I was unable to take >my PGP keys off it before it went in. What are the security risks here? >If the repairman chooses to snoop through the files, what would he be >able to do with my key pair? Will I need to revoke the key and make a >new one, or will I be relatively safe since he doesn't have my >passphrase? Depends how paranoid you are, how good your passphrase is, how much you trust the repairman not to snoop, etc. For the hell of it I'd revoke my key and issue a new one though. It's not a minor inconvenience, and when people use your old key you can still decrypt the message... just send 'em a note that you prefer they use you're current (unrevoked) key. --Rob From ichudov at algebra.com Sat Feb 1 22:02:56 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Sat, 1 Feb 1997 22:02:56 -0800 (PST) Subject: Key Security Question In-Reply-To: <9gDH2D8w165w@bwalk.dm.com> Message-ID: <199702020557.XAA17186@manifold.algebra.com> Dr.Dimitri Vulis KOTM wrote: > Bill Stewart writes: > > On the other hand, if the "repairman" replaced your pgp executable > > with version 2.6.3kgb, which uses your hashed passphrase as the > > session key, you're hosed. Or if he installed a keystroke sniffer, > > or added a small radio transmitter to your keyboard, or whatever. > > Depends on your threat model. If you need to be paranoid, > > they've already gotten you.... > > If you're really paranoid, you can boot from a clean floppy and > reinstall everything from your backup tapes. You do have a > contingency plan in case your hard disk goes bad, or gets a > virus, don't you? Well, if you're in doubt, exercise it. And what if the repairman replaces BIOS ROM chips with KGBios? - Igor. From wlkngowl at unix.asb.com Sat Feb 1 22:12:16 1997 From: wlkngowl at unix.asb.com (Rob) Date: Sat, 1 Feb 1997 22:12:16 -0800 (PST) Subject: NOISE.SYS Home Page Message-ID: <199702020635.BAA07796@unix.asb.com> I now have an under-construction home page for NOISE.SYS, in case you're interested: http://www.asb.com/usr/wlkngowl/software.htm#noise (NOISE.SYS is a crypto-RNG device for DOS boxes.) Rob ----- "The word to kill ain't dirty | Robert Rothenburg (WlkngOwl at unix.asb.com) I used it in the last line | http://www.asb.com/usr/wlkngowl/ but use a short word for lovin' | Se habla PGP: Reply with the subject and dad you wind up doin' time." | 'send pgp-key' for my public key. From blancw at cnw.com Sat Feb 1 22:30:00 1997 From: blancw at cnw.com (blanc) Date: Sat, 1 Feb 1997 22:30:00 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <01BC108F.F7C3BFE0@king1-20.cnw.com> From: Toto What currently threatens the list, in my opinion, is not the dissension, but the rise of a cliquish sheep-mentality and the resulting dismissal of the opinions of people of Reason (and the opinions of 'anyone', in general, whom 'I' perceive as being on the 'other side' of an issue). ........................................................................ Who are these sheep you're talking about? At the end of the trial period, anyone still on the list who doesn't like the moderation can at their leisure either protest vehemently its continuation, producing masterly works of eloquence in favor of continuing the free-for-all, or they can unsubscribe (sp?). They *don't* have to take it, or identify with the cpunks any longer. I think what threatens the list is the absence of really major issues to fire up everyone's sense of indignation & imagination, plus the fact that many of the long-timers are pretty sophisticated on all the political issues which have been discussed before (how many of Tim May's long treatises, engaging, thorough, and relevant as they may be, can one read yet again without recognizing the repetitive themes therein), plus a lack of interest in engaging in rhetorical arguments with people who find it difficult to think in a straight line. Sometimes the posts on the list come to resemble more attempts at educating the clueless than discussions among peers which could truly advance an understanding of between fine points of difference. Whom can one blame for what does not exist (on the list) - there is no mechanism for its production; only the attractions of the subject and the aim, are what bring in the participants who could provide substance and depth. Perhaps waxing lyrical on the features of Eudora and regular reminders on the benefits of mail filtering would be encouraging to "the timid"? .. Blanc From haystack at holy.cow.net Sat Feb 1 22:38:48 1997 From: haystack at holy.cow.net (Bovine Remailer) Date: Sat, 1 Feb 1997 22:38:48 -0800 (PST) Subject: No Subject Message-ID: <199702020620.BAA23384@holy.cow.net> Timmy May was born when his mother was on the toilet. O |'| /\ | | Timmy May /\ \-------| / / |-------| From nobody at huge.cajones.com Sat Feb 1 22:47:18 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sat, 1 Feb 1997 22:47:18 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <199702020229.SAA04750@toad.com> Message-ID: <199702020647.WAA00216@mailmasher.com> David Lesher writes: > USPS uses key locks seemingly designed by Ben Franklin himself. > Look at them someday. FedEx boxes used to have Simplex 926 > 5 pushbutton ""locks"" if you stretch the point. Don't let the old-fashioned look deceive you. Most mail storage boxes use lever tumbler locks (similar to what's used in safe deposit vaults, though obviously the mailbox locks have a flimsier plug). Lever tumbler locks are in general much harder to pick than pin tumbler locks (the kind on most doors). From winsock at rigel.cyberpass.net Sat Feb 1 22:47:54 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Sat, 1 Feb 1997 22:47:54 -0800 (PST) Subject: Biham on DES keysearch Message-ID: <199702020647.WAA24187@sirius.infonex.com> The arrival of warm weather is heralded by the pig shit getting soft in Dr.Desperado L[ingerie] Vinegar K[unt]OTM's mini-cranium and the resulting green slime seeping through his cocaine- and syphilis- damaged nose and onto his keyboard. (___) (o o)_____/ @@ ` \ Dr.Desperado L[ingerie] Vinegar K[unt]OTM \ ____, / // // ^^ ^^ From nobody at huge.cajones.com Sat Feb 1 22:50:56 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sat, 1 Feb 1997 22:50:56 -0800 (PST) Subject: Media seekers, reputation and banishment Message-ID: <199702020650.WAA00961@mailmasher.com> Dr.Dimwit Vibrator K>ockock Dense Vomit is so in love with himself, he cries out his own name when orgasming. Then again, no one else is ever around. __[I]__ o-o' __oOo__(-)_oOo__ Dense Vomit V From toto at sk.sympatico.ca Sat Feb 1 23:17:35 1997 From: toto at sk.sympatico.ca (Toto) Date: Sat, 1 Feb 1997 23:17:35 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <01BC108F.F7C3BFE0@king1-20.cnw.com> Message-ID: <32F45C3F.2FB1@sk.sympatico.ca> blanc wrote: > From: Toto > What currently threatens the list, in my opinion, is not the dissension, > but the rise of a cliquish sheep-mentality and the resulting dismissal > of the opinions of people of Reason (and the opinions of 'anyone', in > general, whom 'I' perceive as being on the 'other side' of an issue). > ........................................................................ > Who are these sheep you're talking about? At the end of the trial period, > anyone still on the list who doesn't like the moderation can at their > leisure either protest vehemently its continuation, producing masterly > works of eloquence in favor of continuing the free-for-all, or they can > unsubscribe (sp?). I am not speaking of the sheep-mentality in regard to moderation or any other single issue on the list. I am speaking of the tendency of many list-members to fall into common ruts of thought wherein the comments and opinions of others are auto-files as this-or-that, and interpreted in that light, no matter what the actual content of their messages. I told Attila the Hun, in private email, that when I opened his messages, that I never knew whether to "pucker-up or duck", because he was just as likely to chastise me as agree with me, depending on his personal opinion of an individual post of mine. I regard Igor and yourself, and a number of others, in the same light. I'm reluctant to bend over and drop my pants, waiting for you to kiss my butt, because I realize that I am just as likely to feel the sting of your toe-nailed boots instead of soft lips. > I think what threatens the list is the absence of really major issues to > fire up everyone's sense of indignation & imagination, But, under the New List Order, any strong opinion risks being thrown in the crapper as a 'flame'. >plus the fact that > many of the long-timers are pretty sophisticated on all the political > issues which have been discussed before (how many of Tim May's long > treatises, engaging, thorough, and relevant as they may be, can one read > yet again without recognizing the repetitive themes therein), Yes, but there are always members to whom these treatises and orientation of thought are 'new', and people only notice the repetiveness when they are, indeed, following these posts, which means that they must be getting some value out of them. > plus a lack > of interest in engaging in rhetorical arguments with people who find it > difficult to think in a straight line. I, too, agree that you can lead a horse to water, but a stitch in time saves nine. > Sometimes the posts on the list > come to resemble more attempts at educating the clueless than discussions > among peers which could truly advance an understanding of between fine > points of difference. Some of the more rambling threads are indeed the result of not understanding that some of the clueless aren't seeking a clue, but merely to hold on to their ignorance. But I would rather err on the side of believing that the person I am replying to is sincere in wanting to discuss an issue in order to gain a broader understanding of it. Toto From kent at songbird.com Sat Feb 1 23:36:39 1997 From: kent at songbird.com (Kent Crispin) Date: Sat, 1 Feb 1997 23:36:39 -0800 (PST) Subject: Free & Open Society & toleration In-Reply-To: <199702020230.SAA04826@toad.com> Message-ID: <199702020840.AAA10277@songbird.com> Jim Choate allegedly said: > > It has been asserted that I am claiming that a free and open society should [...] > > This is not my case at all. I hold that [...] > means do I hold [...] > I hold [...] > worthless. I DO hold [...] > all speech. I further hold [...] > I further hold [...] > I further hold [...] Whew! That's a lot of holding, my friend. I've heard that prunes help. -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From stewarts at ix.netcom.com Sat Feb 1 23:50:25 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sat, 1 Feb 1997 23:50:25 -0800 (PST) Subject: How I Would Ban Strong Crypto in the U.S. In-Reply-To: Message-ID: <3.0.1.32.19970201223051.00685d20@popd.ix.netcom.com> At 09:58 AM 7/15/96 -0400, about six months ago, when Clipper III was new, Raph Levien wrote: >1. The battle over whether applications can contain strong encryption >algorithms has basically been lost. For example, SSL-enabled >applications are widely available over the world, thanks in large part >to the work of Eric Young. The same will happen for any other encryption >protocol that catches on. Unfortunately, the Government hasn't given up on this one; Peter Gutman's recent articles on export policy in New Zealand and Australia suggest that Our Public Servants are trying an end-run by getting those countries to stop export and development by productive crypto authors, targeting the toolkits that are being widely used inside and outside the US. >2. The battle for key management has not yet been fought. Yeah. I haven't heard much from Clipper III recently, since they've been trumpeting Clipper IV "Key Recovery" recently, but that doesn't mean it's not going on. Unlike politican efforts such as Key Recovery, infrastructure attacks such as PKI may require long-term technical development - the Cooperative Research and Development Alliances (CRADAs) are not just to bribe otherwise-valuable companies to stay out of the way, they're to do things that may be sprung on us later; I'd predict this coming summer. For instance, back in July, John Young quoted a Business Wire article about = Toronto -- Certicom Corp. a leading information security = company, today announced that it will participate in an = initiative by the U.S. Commerce Department's National = Institute of Standards and Technology (NIST) which will = lead to the development of the elements of a public key = infrastructure (PKI). Certicom are the folks who do Elliptic Curve Cryptosystems, which haven't been used much due to patent questions and RSA's dominance, but which allow much shorter public keys and may have some speed advantages, both of which are quite important for smartcard use. >3. Anybody can write an application that supports strong encryption >algorithms. Witness SSH, a very impressive and useful program, which was >basically done by one person, Tatu Ylonen. However, building a key >management infrastructure will take lots of money, hard work, and >cooperation. .... >4. Thus, the best leverage for the TLAs to win is to guide the >development of a key management infrastructure with the following >property: if you don't register your key, you can't play. I believe that >this is the true meaning of the word "voluntary:" you're free to make >the choice not to participate. .. >6. Export is a two player game. The other country has to allow import of >the stuff, too. If the Burns bill passes, the "administration" would >strong-arm other countries to prohibit import of strong crypto, still >leaving US developers with no market. It failed, and they've now got an Ambassador strong-arming other countries to prohibit export. >7. Building this stuff is too much of a task for the TLAs. They tried it >with Clipper, and it failed. They hoped that building the Tessera card >would be enough - that once they threw it over the wall, it would be >eagerly snapped up by industry. >8. Thus, they're going to cajole, bribe, and coerce software companies >to play along. This fact is quite nakedly exposed in the document (good >thing the injunction against the CDA is still in force :-). Yeah. Clipper IV is getting a lot of people jumping on the bandwagon to get export permission for their 56-bit software. Many of the people who are most vocal about it are the usual suspects anyway, but it's closer to commercial usability that industry's more cooperative this round, especially with more Internet money fever. >> Don't be fooled. >Who? Us cypherpunks? >Raph :-) # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From attila at primenet.com Sat Feb 1 23:52:00 1997 From: attila at primenet.com (Attila T. Hun) Date: Sat, 1 Feb 1997 23:52:00 -0800 (PST) Subject: Libel, Times v. Sullivan In-Reply-To: <3.0.32.19970201144910.0068e100@ricochet.net> Message-ID: <199702020751.AAA25240@infowest.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970201:1452, Greg Broiles said: +Since we've now got Jim Bell arguing that it's obvious that a free and +open society must tolerate anything which might be defamatory, and Jim +Choate arguing that it's obvious that a free and open society cannot +tolerate anything which might be defamatory, ... for what it is worth, anti-defamation, Germany's anti-Holocaust denial, and anti- just about anything legislation dealing with free speech is of and by its very nature an abridgement of your personal freedoms. If you deny one form of speech, it is easy to deny another, and then another... do you wish to march foolishly to Fahrenheit 451? Before the current generation of government vipers and revisionists remove or rewrite even more of the immortal words of history: "Those who deny freedom to others deserve it not for themselves." --Abraham Lincoln let's look at one more famous speech on "nibbling" your rights: "Let us contemplate our forefathers, and posterity, and resolve to maintain the rights bequeathed to us from the former, for the sake of the latter. "Let us remember that 'if we suffer tamely a lawless attack upon our liberty, we encourage it, and involve others in our doom.' It is a very serious consideration that millions yet unborn may be the miserable sharers of the event." --Samuel Adams ("patriot, statesman..."), speech, 1771 and: "The more difficult it is to interact with the government, the more the government wants gun control." --attila in other words, the more they deny our inaliable right to free speech, the more they need gun control before we rise against the usurpers of our rights. Now, if there ever was a liberal do-gooder, Eleanor certainly was: "No one can make you feel inferior without your consent." --Eleanor Roosevelt now, does she mean what she says literally? in other words, is she saying to say what you want, and she will not be harmed or "feel inferior" in this case? I can presume Eleanor could be offended, but is that sufficient to abridge your rights? Nietzsche expresses a defiant tone on first glance -no, the general interpretation is absolute freedom --speech included. "I understand by 'freedom of Spirit' something quite definite - the unconditional will to say No, where it is dangerous to say No." --Friedrich Nietzsche Is not the right to bear arms the same basic freedom as free speech, with one limitation: improper use carries criminal penalties --basically, because the act denies another his freedom. "The right of self-defense is the first law of nature ...and when the right of the people to keep and bear arms is, under any color or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction." --St. George Tucker, in his edition of Blackstone's Commentaries did not the Magna Carta guarantee the right of free speech? Of course, there was not full suffrage at that time, but the Magna Carta is the basis of our common law. Then, let's look at another concept of freedom and a "democracy" Just because a mob calls itself a government, doesn't make it so. Democracy is two wolves and a sheep voting on what to have for dinner. People who claim that money doesn't matter, are usually living on someone else's money. Society is a mental construct, formed by those people who are too insecure to handle the concept of people as individuals. which gets down to just what the hell did my forefathers, and maybe yours, fight for in 1776 if it was not for freedom of speech and assembly, the right to bear arms, to be free from unreasonable search and seizure; and enjoy the protection of law? if we do not pick up that fight and stop corrupt governments from usurping the power of the people, we will lose all freedom. If we give in on _any_ of the first 10 amendments, our Bill of Rights, we are surrendering our deserved personal franchise to a usurping government. and it starts with society and government trying to tell us what we can freely say. I may not like what you have to say, or that you insult my sensibilities or my rectitude, but I will defend your right to my death so that you may do so. Therefore: "With heart and hand I pledge you while I load my gun again, you will never be forgotten or the enemy forgiven, my good comrade..." --Anton Szandor LaVay -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvRHa704kQrCC2kFAQE9dgP8D+q2ZFytBzdgWDh+QdtunUa8nqhopHrS OVc5yWkG+UJzcVhtRFyu5O4nhSkgzhjbiGxYUWM1ZNZwaIDehFmieCv8GG/c+Cal 0BHWha5cHqL0pEiFs/NTWAVoVGfPZl2jcikViXMRAqt8mmXmbC3bxPjBtlfnTzmB yTZ51fvB3tU= =aTWw -----END PGP SIGNATURE----- From attila at primenet.com Sat Feb 1 23:52:28 1997 From: attila at primenet.com (Attila T. Hun) Date: Sat, 1 Feb 1997 23:52:28 -0800 (PST) Subject: Libel, Times v. Sullivan In-Reply-To: <3.0.32.19970201144910.0068e100@ricochet.net> Message-ID: <199702020752.AAA25251@infowest.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970201:1452, Greg Broiles said: +Since we've now got Jim Bell arguing that it's obvious that a free and +open society must tolerate anything which might be defamatory, and Jim +Choate arguing that it's obvious that a free and open society cannot +tolerate anything which might be defamatory, ... for what it is worth, anti-defamation, Germany's anti-Holocaust denial, and anti- just about anything legislation dealing with free speech is of and by its very nature an abridgement of your personal freedoms. If you deny one form of speech, it is easy to deny another, and then another... do you wish to march foolishly to Fahrenheit 451? Before the current generation of government vipers and revisionists remove or rewrite even more of the immortal words of history: "Those who deny freedom to others deserve it not for themselves." --Abraham Lincoln let's look at one more famous speech on "nibbling" your rights: "Let us contemplate our forefathers, and posterity, and resolve to maintain the rights bequeathed to us from the former, for the sake of the latter. "Let us remember that 'if we suffer tamely a lawless attack upon our liberty, we encourage it, and involve others in our doom.' It is a very serious consideration that millions yet unborn may be the miserable sharers of the event." --Samuel Adams ("patriot, statesman..."), speech, 1771 and: "The more difficult it is to interact with the government, the more the government wants gun control." --attila in other words, the more they deny our inaliable right to free speech, the more they need gun control before we rise against the usurpers of our rights. Now, if there ever was a liberal do-gooder, Eleanor certainly was: "No one can make you feel inferior without your consent." --Eleanor Roosevelt now, does she mean what she says literally? in other words, is she saying to say what you want, and she will not be harmed or "feel inferior" in this case? I can presume Eleanor could be offended, but is that sufficient to abridge your rights? Nietzsche expresses a defiant tone on first glance -no, the general interpretation is absolute freedom --speech included. "I understand by 'freedom of Spirit' something quite definite - the unconditional will to say No, where it is dangerous to say No." --Friedrich Nietzsche Is not the right to bear arms the same basic freedom as free speech, with one limitation: improper use carries criminal penalties --basically, because the act denies another his freedom. "The right of self-defense is the first law of nature ...and when the right of the people to keep and bear arms is, under any color or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction." --St. George Tucker, in his edition of Blackstone's Commentaries did not the Magna Carta guarantee the right of free speech? Of course, there was not full suffrage at that time, but the Magna Carta is the basis of our common law. Then, let's look at another concept of freedom and a "democracy" Just because a mob calls itself a government, doesn't make it so. Democracy is two wolves and a sheep voting on what to have for dinner. People who claim that money doesn't matter, are usually living on someone else's money. Society is a mental construct, formed by those people who are too insecure to handle the concept of people as individuals. which gets down to just what the hell did my forefathers, and maybe yours, fight for in 1776 if it was not for freedom of speech and assembly, the right to bear arms, to be free from unreasonable search and seizure; and enjoy the protection of law? if we do not pick up that fight and stop corrupt governments from usurping the power of the people, we will lose all freedom. If we give in on _any_ of the first 10 amendments, our Bill of Rights, we are surrendering our deserved personal franchise to a usurping government. and it starts with society and government trying to tell us what we can freely say. I may not like what you have to say, or that you insult my sensibilities or my rectitude, but I will defend your right to my death so that you may do so. Therefore: "With heart and hand I pledge you while I load my gun again, you will never be forgotten or the enemy forgiven, my good comrade..." --Anton Szandor LaVay -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvRHa704kQrCC2kFAQE9dgP8D+q2ZFytBzdgWDh+QdtunUa8nqhopHrS OVc5yWkG+UJzcVhtRFyu5O4nhSkgzhjbiGxYUWM1ZNZwaIDehFmieCv8GG/c+Cal 0BHWha5cHqL0pEiFs/NTWAVoVGfPZl2jcikViXMRAqt8mmXmbC3bxPjBtlfnTzmB yTZ51fvB3tU= =aTWw -----END PGP SIGNATURE----- From nobody at huge.cajones.com Sun Feb 2 00:02:06 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sun, 2 Feb 1997 00:02:06 -0800 (PST) Subject: [IMPORTANT] Mondex Message-ID: <199702020802.AAA10932@mailmasher.com> Dr.Deceptive Vilest K[rud]OfTheMoment will fuck anything that moves, but he'd rather be fucking his own mother's dead body. /\_./o__ Dr.Deceptive Vilest K[rud]OfTheMoment (/^/(_^^' ._.(_.)_ From coryt at rain.org Sun Feb 2 00:51:47 1997 From: coryt at rain.org (coryt at rain.org) Date: Sun, 2 Feb 1997 00:51:47 -0800 (PST) Subject: New Member Registration Message-ID: <199702020851.CAA14408@fs1.sccsi.com> Requested Account Name: ashley Requested Password: eyez THIS MEMBER HAS BEEN ADDED TO THE UPDATE LIST From toto at sk.sympatico.ca Sun Feb 2 01:07:18 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:07:18 -0800 (PST) Subject: Flaming Moderators In-Reply-To: <199702020751.AAA25240@infowest.com> Message-ID: <32F46CFD.1122@sk.sympatico.ca> Attila T. Hun wrote: > "Let us remember that 'if we suffer tamely a lawless attack > upon our liberty, we encourage it, and involve others in our > doom.' > --Samuel Adams ("patriot, statesman..."), speech, 1771 Looks like Sam needs to be autobotted to the 'flames' list. Toto From azur at netcom.com Sun Feb 2 01:40:41 1997 From: azur at netcom.com (Steve Schear) Date: Sun, 2 Feb 1997 01:40:41 -0800 (PST) Subject: "Strong" crypto and export rule changes. Message-ID: <199702020940.BAA15580@toad.com> > What the US government will allow to be exported is not "strong >encryption." It is encryption only slightly too strong to be broken >by an amateur effort. For the right investment in custom hardware, it >falls quickly. (500,000 $US = 3.5 hour avg break). > Considering Ian's feat you certainly seem to have had your crystal ball in hand. --Steve From toto at sk.sympatico.ca Sun Feb 2 01:40:52 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:40:52 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702020940.BAA15621@toad.com> jim bell wrote: > Your last paragraph looks like an exercise of the silly game the TV show "60 > minutes" producers often play when they read the letters from the audience > about a previous report on a controversial subject. They first read a > letter from an outraged viewer who claims that the TV show's producers must > have been biased in one direction, and then they read another letter from a > different viewer who alleges they showed a bias in the opposite direction. > The show is trying to leave you with the impression that they MUST have been > unbiased, because they are being accused of diametrically opposite leanings. Sounds suspiciously like Sandy's approach to 'fair' moderation, to me. > All they are really showing is that given the hundreds and probably > thousands of letters they receive on each show weekly (which are, by > definition, written by self-motivated people) they can get at least one on > each end of the spectrum for whatever subject they've just covered. Perhaps they author these 'letters' themselves: "I agree wholeheartedly with the position espoused by '60 Minutes'. and, "I don't not think maybe dat dese guys are write, nohow." > A clue is present in the likely fact that the origins of defamation laws > were primarily to keep the king and the upper-crust free of printed and > verbal attack directed by the lower-classes, even given the presence of > whatever nominal "free-speech" guarantees were present. Next thing you know, saying, "The king is fucking the queen.", is libel and defamation. Go figure... Toto From toto at sk.sympatico.ca Sun Feb 2 01:40:53 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:40:53 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702020940.BAA15622@toad.com> blanc wrote: > Toto, I'm surprised at how seriously you take the underlying anarchist > philosophy of the list; you identify so closely with it, and have responded > to its moderation as though it really would be "the end of freedom", even > though you seem to have appeared, or else come out of lurking, only > recently. Is this because you value anarchy, or free speech, or the > existence of the Cypherpunks as a unique group of stray cats [ :>) ]? I value Reason (big 'R'), humor (small 'h'), and A/ambiguity (take your pick). Anarchy is only a pause between dictators. Fascism is necessary to remind us not to take freedom for granted. One should call for 'order' during the rein of anarchy and for 'freedom during times of Fascism. I have 'appeared' and/or 'come out of lurking' on the CypherPunks list at various times since it's inception, under various personas. Few have noticed, and fewer, still, have ever accurately described, as you have, what I truly value about the CypherPunks--"a unique group of stray cats." The CypherPunks have, over the years, weathered varying sorts of 'problems' in the development of the list, as a result of various 'voices of Reason' prevailing in the setting the list's direction--even when those 'voices' were diametrically opposed in their beliefs. What currently threatens the list, in my opinion, is not the dissension, but the rise of a cliquish sheep-mentality and the resulting dismissal of the opinions of people of Reason (and the opinions of 'anyone', in general, whom 'I' perceive as being on the 'other side' of an issue). If the day comes when I am able to file away the CypherPunks list under this-or-that category, then I will put a tombstone in the file, as well, and put flowers in it once a year. Toto > Side note: > Since Tim isn't on the list and hasn't been for a month, I've been > wondering if it had anything to do with the moderation experiment, although > it is unlike him to have left without either an argument or at least some > kind of statement about it. > > .. > Blanc From markm at voicenet.com Sun Feb 2 01:42:32 1997 From: markm at voicenet.com (Mark M.) Date: Sun, 2 Feb 1997 01:42:32 -0800 (PST) Subject: Libel & the 1st Amendment Message-ID: <199702020942.BAA15658@toad.com> -----BEGIN PGP SIGNED MESSAGE----- On Sat, 1 Feb 1997, jim bell wrote: > At 12:52 PM 2/1/97 -0500, Mark M. wrote: > >On Sat, 1 Feb 1997, Peter J. Capelli wrote: > > > >> You mean to say, rich people can overcrowd the courts as much as they > >> like, while others are restricted by contigency-only lawyers ( Call > >> 1-800-AMBULANCE! ) ... and what of the case of a rich person trying to > >> control > >> a poor one with many frivolous lawsuits ... while they can afford to file > >> lawsuit after lawsuit, the poor person cannot defend himself. > > > >What, exactly, would be the point of suing a poor person? > > To quiet him from political dissent, presumably. I think the term coined a > few years ago was "SLAPP", something akin to "Strategic Lawsuit Against > Public Policy," or similar. I should point out that in my previous post, I was refering to the specific instance of libel -- not any general lawsuit. I can think of very few instances where a rich person would sue someone without the resources to even defend himself for libel just to harass the defendant. I'm sure there are a few cases, but it wouldn't be worth the plaintiff's time or money. I would be interested if anyone knows of any specific examples of this. Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMvQQAyzIPc7jvyFpAQFAfQgAp5qsAm9LZdXeR3+8s4LkUv5qH6Ju8Rda te3EJ90gjHxDcv/QRopQ3fRM5KzsHgr5JqPRWDFF0Zo3CxbRsB8x/CK3aIo2axpt xEAeA/TT3oBWOCXFs2fVR6dCy4XAMh4e/q58kNnDqqUnJNBgto5kr8Hp4op9Ypgi WO0G0Su6L8JuBwnui6Ni5XxHSBchBwu6Z0Jv0TFrG43lnS++K+UriX9cIYxR8JVH roUg/9SDCZysmuEvNh8VMLAd492wD2jhge4LiiYaSNWrpe5JD2jA/nJ9Olevpu3v 4+75YOpRIgHAugMyl/bbNZgTjStoLUicHATyt7PLEUtj/sbmPbakkQ== =qrVu -----END PGP SIGNATURE----- From ravage at EINSTEIN.ssz.com Sun Feb 2 01:42:33 1997 From: ravage at EINSTEIN.ssz.com (Jim Choate) Date: Sun, 2 Feb 1997 01:42:33 -0800 (PST) Subject: Free & Open Society & toleration (fwd) Message-ID: <199702020942.BAA15659@toad.com> Forwarded message: > Nobody has a problem with your ideals, it's just that Jim Bell is > trying to say (correct me and forgive me if I'm wrong) that: > > 1. Society will never subscribe to your ideals. But other than two points they already do. The two points being, 1. Libel is a recognized legal concept now, the difference is one of degree. That degree of difference being how much money there is available for the lawyer and their willingness to enforce the concepts of justice in the society based upon their perceived ability to profit by it. 2. The extension of acceptance of reasonable legal representation by lot from not only the defence but also the prosecution. My solutions to these two issues are: 1. Removal of the lawyer from the ultimate choice of whether the case should be pursued. 2. The minimalization of the defendants and plaintiffs monetary resources by removing them from the legal system by choosing the legal representation of both parties by lot. 3. By moving the responsibility of police to provide evidence from the prosecution to the court we equalize the impact of irregularities in evidence selection as well as minimizing the sorts of evidence disputes which so impact some trials (ie OJ Simpson). 4. By the implimentation of a bond proviso on the part of the plaintiff the system provides a check and balance reducing nuisance cases as well as reducing the taxation load on the citizenry. > 2. Society is not static, i.e., instead of remaining at a constant > level of corruption, the officials will keep demanding more, > until there's a sudden, catastrophic break. Absolutely, that is one of the reasons I refuse to seperate those who represent the social contract (eg the Constitution) and those who are impacted by it, which includes even those who represent it and enforce its various responsibilities. AP relies on this distinction as axiomatic. This axiomatic view is ultimately based in a jealous greed for what others have (ie power, percieved or real) and the implicit belief that all people are NOT created equal. > 3. The AP solution has the potential to stabilize the level of > corruption, which should make violent revolutions and genocide > unnecessary. But it doesn't. What it does is provide a mechanism for de-stabalization. Just look at the Middle East and the history of assassination. Assassinations have never stabalized that region or any other. There is nothging in our current understanding of human psychology and social interactions that leads to the conclusion that threats of violence will necessarily force people to comply. If it did the government (as perceived by AP) would not have to deal with real opposition. Simply threaten the opposition and it melts away for the same reason that supposedly the government would cease to oppose radicalism (ie changes in the status quo forced by small groups upon the masses). If anything every real world example of AP demonstrates an increase in corruption (eg. Beirut). The closest analog in history to AP is the "Flowery Wars" as practiced by the Aztecs. However, these were motivated by a belief in religous homogeneity and not one of politics. Also, implicit in this was the axiomatic acceptance of a real class seperation between those who ruled and those who were ruled. By no means could one accept the premise that this caused the Aztec rulers to be more sensitive to corruption or the continued existance of their system. Another good example is assassination in ancient Rome, it is clear that such activities in no way reduced corruption. If anything AP provides a rationale (ie self-defence) to impose even harsher a priori conditions on sections of a society by another part of that society. Hardly what I would consider a stabalizing condition let alone democratic. What is required for stability is for each group to feel unthreatened and secure in expressing their beliefs without fear of reprisals and at the same time recognizing they must provide room for others beliefs. There must also be the realization that refusal to abide by these precepts will be met with immediate consequences. Something AP can't do, as it explicitly promotes threats and the carrying out thereof. On another issue, it was asked what purpose there is in suing a poor person. Simple lack of monetary wealth should be no more reason to exempt a party from justice than having large quantities. A citizen should face the consequences of their actions, how rich or poor they are is an irrelevant issue. Concepts required for a true working democracy: Liberty Justice Equality Fraternity Jim Choate CyberTects ravage at ssz.com From toto at sk.sympatico.ca Sun Feb 2 01:45:56 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:45:56 -0800 (PST) Subject: [GSM] Hardening mailing lists against spam attacks In-Reply-To: <199701310157.RAA01193@toad.com> Message-ID: <32F47F09.118D@sk.sympatico.ca> Huge Cajones Remailer wrote: > > __o > _ \<_ > (_)/(_) This guy keeps forgetting to add 'crypto-relevant' to his headings. No wonder they go to 'flames'. From toto at sk.sympatico.ca Sun Feb 2 01:46:03 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:46:03 -0800 (PST) Subject: New Member Registration In-Reply-To: <199702020851.CAA14408@fs1.sccsi.com> Message-ID: <32F47E22.2C@sk.sympatico.ca> coryt at rain.org wrote: > > Requested Account Name: ashley > Requested Password: eyez > THIS MEMBER HAS BEEN ADDED TO THE UPDATE LIST Yup, the password worked for me, OK. Did it work for everyone else? Toto From toto at sk.sympatico.ca Sun Feb 2 01:47:05 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:47:05 -0800 (PST) Subject: [GSM] Hardening mailing lists against spam attacks In-Reply-To: <199701310033.QAA27430@mailmasher.com> Message-ID: <32F47F71.3A8@sk.sympatico.ca> Huge Cajones Remailer wrote: > > Dr.Derisve Vitriol K[reep]OfTheMoment died of AIDS last night > with his faggot lover. > > __o > _ \<_ Dr.Derisve Vitriol K[reep]OfTheMoment > (_)/(_) From blancw at cnw.com Sun Feb 2 01:49:50 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 01:49:50 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <01BC10AB.F9523E60@king1-10.cnw.com> From: Toto I am not speaking of the sheep-mentality in regard to moderation or any other single issue on the list. I am speaking of the tendency of many list-members to fall into common ruts of thought wherein the comments and opinions of others are auto-files as this-or-that, and interpreted in that light, no matter what the actual content of their messages. ................................................ Hm, well, what's an anarchist to do about other people's psychological makeup? = I regard Igor and yourself, and a number of others, in the same light. I'm reluctant to bend over and drop my pants, waiting for you to kiss my butt, because I realize that I am just as likely to feel the sting of your toe-nailed boots instead of soft lips. .......................................... Hm, well, I'm not in the custom of doing either of those things, but thanks for the compliment! = But, under the New List Order, any strong opinion risks being thrown in the crapper as a 'flame'. ............................................... Not that I'm condoning centralized management, but I bet I could flame anyone pretty good yet by-pass the moderator. It's all in the style, you know. Some people are very delicate about what offends them - I know I could get on some particular people's nerves any day without trying. An opportunist can take advantage of another's infirmity by being perfectly polite while yet excruciatingly annoying. = Yes, but there are always members to whom these treatises and orientation of thought are 'new', and people only notice the repetiveness when they are, indeed, following these posts, which means that they must be getting some value out of them. ............................................ Oh, I wasn't condemning Tim's posts as being repetitive and boring - it's commendable that he would write about the same ideas in fresh new ways, for the benefit of the newbies and the entertainment of the oldies. But not everyone is as interested & willing (or have the time) to re-iterate this way, and with only one or a few "holding up the ship", so to speak, it leaves a lot of room for wayless bickering degenerating into unproductive ad hominems - ad absurdum, ad nauseam. You, know, Toto, I heard that there's a vacancy in the Cypherpunk Division of History & Philosophy .... .. Blanc From lwjohnson at grill.sk.ca Sun Feb 2 01:55:13 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Sun, 2 Feb 1997 01:55:13 -0800 (PST) Subject: PGP 2.1 Message-ID: <32F480AB.2341@grill.sk.ca> Hello, Can any;one tell me how to get a version of PGP 2.1? Thanks From adam at homeport.org Sun Feb 2 01:56:23 1997 From: adam at homeport.org (Adam Shostack) Date: Sun, 2 Feb 1997 01:56:23 -0800 (PST) Subject: "Strong" crypto and export rule changes. Message-ID: <199702020956.BAA16024@toad.com> Steve Schear wrote: | > What the US government will allow to be exported is not "strong | >encryption." It is encryption only slightly too strong to be broken | >by an amateur effort. For the right investment in custom hardware, it | >falls quickly. (500,000 $US = 3.5 hour avg break). | > | | Considering Ian's feat you certainly seem to have had your crystal | ball in hand. I wear three around my neck. Its a new age thing. More seriously, that estimate is the cost of breaking DES on custom hardware, based on Wiener's figures. Ian got RC4-40 in 3.5 hours on I don't know how much hardware, not a lot of it custom, AFAIK. Adam -- Pet peeve of the day: Security companies whose protocols dare not speak their name, because they don't have one. Guilty company of the day is now V-One. From scott-b at ix.netcom.com Sun Feb 2 01:56:25 1997 From: scott-b at ix.netcom.com (Scott) Date: Sun, 2 Feb 1997 01:56:25 -0800 (PST) Subject: Keystroke sniffer question Message-ID: <199702020956.BAA16025@toad.com> How can you detect if there is a keystroke sniffer on your computer. Is there a file name to look for? Where do people get them? ======================================= Scott Bellavance scott-b at ix.netcom.com http://www.netcom.com/~scott-b/homepage.html ======================================= -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAzAu56UAAAEEAL8pOdPu2pw5E91f99ByJWT+O1smtcOlIr6GL9TdCbdZ6I2U UPLl7RL5cV4e3Wv4nIIZiOIePMAUouM5fQZib4vnGpCKM/WxfGQBRGafsq2mlzvE IKLBrdYhQ5STl/qZIaCKI2+V4hdsvTPaI0PCqGzGoiDv9gbbZ40Gi3F38KqtAAUR tCtTY290dCBSLiBCZWxsYXZhbmNlIDxzY290dC1iQGl4Lm5ldGNvbS5jb20+ =Hfbk -----END PGP PUBLIC KEY BLOCK----- From dlv at bwalk.dm.com Sun Feb 2 01:56:27 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sun, 2 Feb 1997 01:56:27 -0800 (PST) Subject: Key Security Question Message-ID: <199702020956.BAA16034@toad.com> Bill Stewart writes: > >> My computer went into the shop a few days ago, and I was unable to take > >> my PGP keys off it before it went in. What are the security risks here? > >> If the repairman chooses to snoop through the files, what would he be > >> able to do with my key pair? Will I need to revoke the key and make a > >> new one, or will I be relatively safe since he doesn't have my > >> passphrase? > > Passphrases are MD5-hashed into 128-bit IDEA keys and used to > encrypt the secret key; there's a "pgpcrack" program out there > that does dictionary-style searches to find if you've got > wimpy passphrases. So if your passphrases is "secret", you lose, > but if it's "fjhw;doifvjuc-[09efiu v` 2 4rnhc;ljoipcvjpoiewujfgv;loik" > you're probably pretty safe, unless that's written on the yellow > sticky you left on the side of the PC. > > On the other hand, if the "repairman" replaced your pgp executable > with version 2.6.3kgb, which uses your hashed passphrase as the > session key, you're hosed. Or if he installed a keystroke sniffer, > or added a small radio transmitter to your keyboard, or whatever. > Depends on your threat model. If you need to be paranoid, > they've already gotten you.... If you're really paranoid, you can boot from a clean floppy and reinstall everything from your backup tapes. You do have a contingency plan in case your hard disk goes bad, or gets a virus, don't you? Well, if you're in doubt, exercise it. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From toto at sk.sympatico.ca Sun Feb 2 01:56:30 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:56:30 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702020956.BAA16038@toad.com> Jim Choate wrote: > It has been asserted that I am claiming that a free and open society should > not abide any and all actions in contrast to Jim Bell's assertion that a > free and open society must tolerate any action. > > This is not my case at all. I hold that a DEMOCRATIC society with a HEALTHY > ECONOMIC system must have some minimum standards on what is allowed. By no > means do I hold that the ONLY means of a free and open society is a democracy. > It is quite possible to have an anarchy which would also be a free and open > society and by DEFINITION would tolerate any action by its members acting > individualy or in concert. I have waited, with bated breath, for you to take a position which is short, concise, and well-reasoned. Well, you finally did, but you just couldn't leave it alone, could you? I think that what you have written (above) is a valid and meaningful statement of your position. I see what follows, however, as a train of 'logic' which follows a pre-defined, emotionally-charged justification of a defensive position you have taken, as a result of a real or imagined 'slight'. I have followed your 'libel' thread, as rambling (and sometimes dichotomously incoherent) as it is, and I recognize that you are passionate in your beliefs (for which I salute you), but I think that perhaps your interests might be better served if you let logic lead your emotions. If you did so, I might well hire you as my lawyer (to defend me in your libel suit against me), since you do have a 'bulldog' sense of determination in pursing any position you take. The million-and-one posts you made with the results of your search-engine research on libel only served to accentuate your inability to fully understand the issues underlying libel and defamation. Your own opinions regarding your thoughts and opinions regarding these same issues were much more poignant and enlightening. I would hope that, in the future, you would justify your beliefs and opinions with a revelation of your own points of logic (or illogic) rather than attempting to support them with legalese rulings which often stand on a foundation of sand, especially under close judicial scrutiny. You do, indeed, raise some points that are worthy of valid consideration, and debate, but they tend to get lost in your excessive arguments regarding them. Toto From dthorn at gte.net Sun Feb 2 01:58:06 1997 From: dthorn at gte.net (Dale Thorn) Date: Sun, 2 Feb 1997 01:58:06 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702020958.BAA16066@toad.com> Declan McCullagh wrote: > That question is one for Tim to answer, but I should point out that > philosophical anarchists are not necessarily opposed to rules, just > government rules -- which this moderation policy clearly is not. I've seen this kind of statement so many times I just have to point it out: "which this moderation policy *clearly* (emph. mine) is not". Why is it so clear to you, but not everyone? Am I missing something? Didn't Reagan, Bush, North et al make it clear enough to Americans that much of what the govt. does has been privatized, as if we didn't know already from the 1970's assassination hearings in the Congress, or from when Carter fired the 900 security guys and they went to work for "private" contractors? I ask you again to look at the motives of the people involved. John Gilmore isn't about to waste a second of his personal time "moderating" this list (who could blame him?), and I can't for the life of me see a reason why Sandy would want to devote so much time to it. Have you or anyone seen a real reason why Sandy would want to do this? Is he so devoted to crypto and personal freedom that he'll do *anything* to eliminate the postings which "threaten" this list, or could there be some other, hidden motivation? My long experience in the real world says that professional people do *not* devote a great deal of their time to things like this unless there is an *awfully* good reason. > On Sat, 1 Feb 1997, Dale Thorn wrote: > > Toto wrote: > > > 3.5.1 Contrary to what people sometimes claim, there is no ruling > > > clique of Cypherpunks. Anybody is free to do nearly anything, > > > just not free to commit others to course of action, or claim > > > to speak for the "Cypherpunks" as a group (and this last > > > point is unenforceable except through reputation and social > > > repercussions). > > > 3.6.3 "Why isn't the list moderated?" > > > ...hardly consistent with many of our anarchist leanings, is it? > > > - "No, please, let's not become a 'moderated' newsgroup. This > > > would be the end of freedom! > > Is this why T.C. May hasn't posted in quite a while? From toto at sk.sympatico.ca Sun Feb 2 01:58:06 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 01:58:06 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702020958.BAA16065@toad.com> jim bell wrote: > At 08:02 PM 2/1/97 -0800, Toto wrote: > > I also think that the other list members involved in this thread are > >'nobodies', but I was too polite to say anything. > > It's odd that you would say this. I get that impression ("nobodies") about > practically EVERY subject discussed here. Why name this particular one, as > if it were somehow special? Jim, "You're 'nobody', till 'somebody' loves you..." Everybody has their own prediliction as to what interests them, and what is 'frivilous' on the list. Someone, in private email, mentioned that they felt that 60% of the posts were 'uninteresting'. I replied that this seemed to be a close approximation of many list members' beliefs, but that, if we all moderated/censored out 'our' 60% of 'uninteresting' posts before the list was sent out, that there would be precious little left. I don't know if you recognized my comment as humor, since I have an aversion to using 'happy faces' (the result of a childhood trauma), but I just love to poke fun at the plethora of personas on the list who seem to believe that anything outside of their immediate scope of interest is somehow 'unworthy' of being posted the list. By the way, in order to prevent this post from going to the 'flames' list, I will NOT say that you are a low-life, scum-sucking Nazi piece of shit. I will likewise refrain from suggesting that your mother wears army boots, you are a child-pornographer, an imbecile, and a pervert, or that you beat your wife and children regularly. By golly, I think I'm 'getting the hang of' this new, improved, Politically Correct, nicey-nice list format. Toto From declan at pathfinder.com Sun Feb 2 01:59:48 1997 From: declan at pathfinder.com (Declan McCullagh) Date: Sun, 2 Feb 1997 01:59:48 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702020959.BAA16083@toad.com> That question is one for Tim to answer, but I should point out that philosophical anarchists are not necessarily opposed to rules, just government rules -- which this moderation policy clearly is not. -Declan On Sat, 1 Feb 1997, Dale Thorn wrote: > Toto wrote: > > 3.5.1 Contrary to what people sometimes claim, there is no ruling > > clique of Cypherpunks. Anybody is free to do nearly anything, > > just not free to commit others to course of action, or claim > > to speak for the "Cypherpunks" as a group (and this last > > point is unenforceable except through reputation and social > > repercussions). > > 3.6.3 "Why isn't the list moderated?" > > ...hardly consistent with many of our anarchist leanings, is it? > > - "No, please, let's not become a 'moderated' newsgroup. This > > would be the end of freedom! > > Is this why T.C. May hasn't posted in quite a while? > > > From mhayes at infomatch.com Sun Feb 2 02:11:06 1997 From: mhayes at infomatch.com (Murray Hayes) Date: Sun, 2 Feb 1997 02:11:06 -0800 (PST) Subject: GSM technology Message-ID: <199702021011.CAA16465@toad.com> On Mon, 20 Jan 1997 13:37:38 -0800, Lucky Green wrote: >At 09:43 AM 1/20/97 -0500, Nurdane Oksas wrote: >> Does anyone use ADSL lines? or are they still very expensive? > >I just had a very interesting talk with somebody from Northern Telecom (Canada's Phone Company). NorTel has apparently skipped ISDN and is now deploying ADSL. Some areas already have access to ADSL at, can you believe this, $60/month. > I'm not sure about Nortel but ADSL is availible in Calgary from CadVision. http://www.cadvision.ca It's not cheap. BCTel is yapping about offering it by the end of the year. From wlkngowl at unix.asb.com Sun Feb 2 02:11:23 1997 From: wlkngowl at unix.asb.com (Rob) Date: Sun, 2 Feb 1997 02:11:23 -0800 (PST) Subject: NOISE.SYS Home Page Message-ID: <199702021011.CAA16500@toad.com> I now have an under-construction home page for NOISE.SYS, in case you're interested: http://www.asb.com/usr/wlkngowl/software.htm#noise (NOISE.SYS is a crypto-RNG device for DOS boxes.) Rob ----- "The word to kill ain't dirty | Robert Rothenburg (WlkngOwl at unix.asb.com) I used it in the last line | http://www.asb.com/usr/wlkngowl/ but use a short word for lovin' | Se habla PGP: Reply with the subject and dad you wind up doin' time." | 'send pgp-key' for my public key. From blancw at cnw.com Sun Feb 2 02:11:29 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 02:11:29 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702021011.CAA16502@toad.com> From: Greg Broiles Since we've now got Jim Bell arguing that it's obvious that a free and open society must tolerate anything which might be defamatory, and Jim Choate arguing that it's obvious that a free and open society cannot tolerate anything which might be defamatory, I think I'm going to wander away from this discussion confident that the answer is, at least, nonobvious. :) .................................................................. Heh - Jim B. and Jim C.: the Yin & Yang of Society At Large. What could a discussion between them produce. .. Blanc From nobody at huge.cajones.com Sun Feb 2 02:11:33 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sun, 2 Feb 1997 02:11:33 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702021011.CAA16505@toad.com> David Lesher writes: > USPS uses key locks seemingly designed by Ben Franklin himself. > Look at them someday. FedEx boxes used to have Simplex 926 > 5 pushbutton ""locks"" if you stretch the point. Don't let the old-fashioned look deceive you. Most mail storage boxes use lever tumbler locks (similar to what's used in safe deposit vaults, though obviously the mailbox locks have a flimsier plug). Lever tumbler locks are in general much harder to pick than pin tumbler locks (the kind on most doors). From unicorn at schloss.li Sun Feb 2 02:11:41 1997 From: unicorn at schloss.li (Black Unicorn) Date: Sun, 2 Feb 1997 02:11:41 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702021011.CAA16508@toad.com> On Fri, 31 Jan 1997, rex wrote: > Black Unicorn wrote: > > >If you want to look at it a different way, if you are involved with a drug > >offense and are not using a weapon, you'll get a lower sentence than a > >full fledged drug crime. It's a step in the right direction - i.e. away > >from manadatory sentencing of a flat time period for a crime regardless of > >circumstances. > > But Putra got the same sentence she would have gotten had she been > convicted on both charges. The fact that she was acquitted meant nothing. That this is true once, does not make it so in all cases. You also lose sight of the general scheme of things. That the sentence imposed may have the same maximum sentence with sentencing enhancements and a lesser included offense as with conviction of a "great offense" means nothing with regard to the validity of sentencing enhancements. That theft and low level bank fraud have the same penality when theft is enhanced with a "victim was infirm or helpless" or a "firearm was used in furtherance of the crime" could as easily reflect a lack of vigor and spite in the prosecution of bank fraud as it could reflect severe vigor and spite in the prosecution of theft. Please note that the difference between: "But he got the same sentence as he would have if he was convicted of carrying a gun in furtherance of the crime." and "But he got the same sentence as he would have is he was not convicted of carrying a gun in furtherance of the crime." is subtle at best. Next time don't get caught stealing with a gun nearby. -- Forward complaints to : European Association of Envelope Manufactures Finger for Public Key Gutenbergstrasse 21;Postfach;CH-3001;Bern Vote Monarchist Switzerland From kent at songbird.com Sun Feb 2 02:11:43 1997 From: kent at songbird.com (Kent Crispin) Date: Sun, 2 Feb 1997 02:11:43 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702021011.CAA16509@toad.com> Jim Choate allegedly said: > > It has been asserted that I am claiming that a free and open society should [...] > > This is not my case at all. I hold that [...] > means do I hold [...] > I hold [...] > worthless. I DO hold [...] > all speech. I further hold [...] > I further hold [...] > I further hold [...] Whew! That's a lot of holding, my friend. I've heard that prunes help. -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From stewarts at ix.netcom.com Sun Feb 2 02:11:45 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sun, 2 Feb 1997 02:11:45 -0800 (PST) Subject: How I Would Ban Strong Crypto in the U.S. Message-ID: <199702021011.CAA16513@toad.com> At 09:58 AM 7/15/96 -0400, about six months ago, when Clipper III was new, Raph Levien wrote: >1. The battle over whether applications can contain strong encryption >algorithms has basically been lost. For example, SSL-enabled >applications are widely available over the world, thanks in large part >to the work of Eric Young. The same will happen for any other encryption >protocol that catches on. Unfortunately, the Government hasn't given up on this one; Peter Gutman's recent articles on export policy in New Zealand and Australia suggest that Our Public Servants are trying an end-run by getting those countries to stop export and development by productive crypto authors, targeting the toolkits that are being widely used inside and outside the US. >2. The battle for key management has not yet been fought. Yeah. I haven't heard much from Clipper III recently, since they've been trumpeting Clipper IV "Key Recovery" recently, but that doesn't mean it's not going on. Unlike politican efforts such as Key Recovery, infrastructure attacks such as PKI may require long-term technical development - the Cooperative Research and Development Alliances (CRADAs) are not just to bribe otherwise-valuable companies to stay out of the way, they're to do things that may be sprung on us later; I'd predict this coming summer. For instance, back in July, John Young quoted a Business Wire article about = Toronto -- Certicom Corp. a leading information security = company, today announced that it will participate in an = initiative by the U.S. Commerce Department's National = Institute of Standards and Technology (NIST) which will = lead to the development of the elements of a public key = infrastructure (PKI). Certicom are the folks who do Elliptic Curve Cryptosystems, which haven't been used much due to patent questions and RSA's dominance, but which allow much shorter public keys and may have some speed advantages, both of which are quite important for smartcard use. >3. Anybody can write an application that supports strong encryption >algorithms. Witness SSH, a very impressive and useful program, which was >basically done by one person, Tatu Ylonen. However, building a key >management infrastructure will take lots of money, hard work, and >cooperation. .... >4. Thus, the best leverage for the TLAs to win is to guide the >development of a key management infrastructure with the following >property: if you don't register your key, you can't play. I believe that >this is the true meaning of the word "voluntary:" you're free to make >the choice not to participate. .. >6. Export is a two player game. The other country has to allow import of >the stuff, too. If the Burns bill passes, the "administration" would >strong-arm other countries to prohibit import of strong crypto, still >leaving US developers with no market. It failed, and they've now got an Ambassador strong-arming other countries to prohibit export. >7. Building this stuff is too much of a task for the TLAs. They tried it >with Clipper, and it failed. They hoped that building the Tessera card >would be enough - that once they threw it over the wall, it would be >eagerly snapped up by industry. >8. Thus, they're going to cajole, bribe, and coerce software companies >to play along. This fact is quite nakedly exposed in the document (good >thing the injunction against the CDA is still in force :-). Yeah. Clipper IV is getting a lot of people jumping on the bandwagon to get export permission for their 56-bit software. Many of the people who are most vocal about it are the usual suspects anyway, but it's closer to commercial usability that industry's more cooperative this round, especially with more Internet money fever. >> Don't be fooled. >Who? Us cypherpunks? >Raph :-) # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From ichudov at algebra.com Sun Feb 2 02:13:14 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Sun, 2 Feb 1997 02:13:14 -0800 (PST) Subject: Key Security Question Message-ID: <199702021013.CAA16577@toad.com> Dr.Dimitri Vulis KOTM wrote: > Bill Stewart writes: > > On the other hand, if the "repairman" replaced your pgp executable > > with version 2.6.3kgb, which uses your hashed passphrase as the > > session key, you're hosed. Or if he installed a keystroke sniffer, > > or added a small radio transmitter to your keyboard, or whatever. > > Depends on your threat model. If you need to be paranoid, > > they've already gotten you.... > > If you're really paranoid, you can boot from a clean floppy and > reinstall everything from your backup tapes. You do have a > contingency plan in case your hard disk goes bad, or gets a > virus, don't you? Well, if you're in doubt, exercise it. And what if the repairman replaces BIOS ROM chips with KGBios? - Igor. From toto at sk.sympatico.ca Sun Feb 2 02:13:17 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 02:13:17 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702021013.CAA16582@toad.com> blanc wrote: > From: Toto > What currently threatens the list, in my opinion, is not the dissension, > but the rise of a cliquish sheep-mentality and the resulting dismissal > of the opinions of people of Reason (and the opinions of 'anyone', in > general, whom 'I' perceive as being on the 'other side' of an issue). > ........................................................................ > Who are these sheep you're talking about? At the end of the trial period, > anyone still on the list who doesn't like the moderation can at their > leisure either protest vehemently its continuation, producing masterly > works of eloquence in favor of continuing the free-for-all, or they can > unsubscribe (sp?). I am not speaking of the sheep-mentality in regard to moderation or any other single issue on the list. I am speaking of the tendency of many list-members to fall into common ruts of thought wherein the comments and opinions of others are auto-files as this-or-that, and interpreted in that light, no matter what the actual content of their messages. I told Attila the Hun, in private email, that when I opened his messages, that I never knew whether to "pucker-up or duck", because he was just as likely to chastise me as agree with me, depending on his personal opinion of an individual post of mine. I regard Igor and yourself, and a number of others, in the same light. I'm reluctant to bend over and drop my pants, waiting for you to kiss my butt, because I realize that I am just as likely to feel the sting of your toe-nailed boots instead of soft lips. > I think what threatens the list is the absence of really major issues to > fire up everyone's sense of indignation & imagination, But, under the New List Order, any strong opinion risks being thrown in the crapper as a 'flame'. >plus the fact that > many of the long-timers are pretty sophisticated on all the political > issues which have been discussed before (how many of Tim May's long > treatises, engaging, thorough, and relevant as they may be, can one read > yet again without recognizing the repetitive themes therein), Yes, but there are always members to whom these treatises and orientation of thought are 'new', and people only notice the repetiveness when they are, indeed, following these posts, which means that they must be getting some value out of them. > plus a lack > of interest in engaging in rhetorical arguments with people who find it > difficult to think in a straight line. I, too, agree that you can lead a horse to water, but a stitch in time saves nine. > Sometimes the posts on the list > come to resemble more attempts at educating the clueless than discussions > among peers which could truly advance an understanding of between fine > points of difference. Some of the more rambling threads are indeed the result of not understanding that some of the clueless aren't seeking a clue, but merely to hold on to their ignorance. But I would rather err on the side of believing that the person I am replying to is sincere in wanting to discuss an issue in order to gain a broader understanding of it. Toto From wlkngowl at unix.asb.com Sun Feb 2 02:13:26 1997 From: wlkngowl at unix.asb.com (Rob) Date: Sun, 2 Feb 1997 02:13:26 -0800 (PST) Subject: Key Security Question Message-ID: <199702021013.CAA16583@toad.com> On 31 Jan 1997 15:37:01 -0500, you wrote: >My computer went into the shop a few days ago, and I was unable to take >my PGP keys off it before it went in. What are the security risks here? >If the repairman chooses to snoop through the files, what would he be >able to do with my key pair? Will I need to revoke the key and make a >new one, or will I be relatively safe since he doesn't have my >passphrase? Depends how paranoid you are, how good your passphrase is, how much you trust the repairman not to snoop, etc. For the hell of it I'd revoke my key and issue a new one though. It's not a minor inconvenience, and when people use your old key you can still decrypt the message... just send 'em a note that you prefer they use you're current (unrevoked) key. --Rob From toto at sk.sympatico.ca Sun Feb 2 02:15:01 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 02:15:01 -0800 (PST) Subject: Flaming Moderators Message-ID: <199702021015.CAA16608@toad.com> Attila T. Hun wrote: > "Let us remember that 'if we suffer tamely a lawless attack > upon our liberty, we encourage it, and involve others in our > doom.' > --Samuel Adams ("patriot, statesman..."), speech, 1771 Looks like Sam needs to be autobotted to the 'flames' list. Toto From blancw at cnw.com Sun Feb 2 02:15:07 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 02:15:07 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702021015.CAA16619@toad.com> From: Toto What currently threatens the list, in my opinion, is not the dissension, but the rise of a cliquish sheep-mentality and the resulting dismissal of the opinions of people of Reason (and the opinions of 'anyone', in general, whom 'I' perceive as being on the 'other side' of an issue). ........................................................................ Who are these sheep you're talking about? At the end of the trial period, anyone still on the list who doesn't like the moderation can at their leisure either protest vehemently its continuation, producing masterly works of eloquence in favor of continuing the free-for-all, or they can unsubscribe (sp?). They *don't* have to take it, or identify with the cpunks any longer. I think what threatens the list is the absence of really major issues to fire up everyone's sense of indignation & imagination, plus the fact that many of the long-timers are pretty sophisticated on all the political issues which have been discussed before (how many of Tim May's long treatises, engaging, thorough, and relevant as they may be, can one read yet again without recognizing the repetitive themes therein), plus a lack of interest in engaging in rhetorical arguments with people who find it difficult to think in a straight line. Sometimes the posts on the list come to resemble more attempts at educating the clueless than discussions among peers which could truly advance an understanding of between fine points of difference. Whom can one blame for what does not exist (on the list) - there is no mechanism for its production; only the attractions of the subject and the aim, are what bring in the participants who could provide substance and depth. Perhaps waxing lyrical on the features of Eudora and regular reminders on the benefits of mail filtering would be encouraging to "the timid"? .. Blanc From attila at primenet.com Sun Feb 2 02:17:03 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 02:17:03 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702021017.CAA16668@toad.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970201:1452, Greg Broiles said: +Since we've now got Jim Bell arguing that it's obvious that a free and +open society must tolerate anything which might be defamatory, and Jim +Choate arguing that it's obvious that a free and open society cannot +tolerate anything which might be defamatory, ... for what it is worth, anti-defamation, Germany's anti-Holocaust denial, and anti- just about anything legislation dealing with free speech is of and by its very nature an abridgement of your personal freedoms. If you deny one form of speech, it is easy to deny another, and then another... do you wish to march foolishly to Fahrenheit 451? Before the current generation of government vipers and revisionists remove or rewrite even more of the immortal words of history: "Those who deny freedom to others deserve it not for themselves." --Abraham Lincoln let's look at one more famous speech on "nibbling" your rights: "Let us contemplate our forefathers, and posterity, and resolve to maintain the rights bequeathed to us from the former, for the sake of the latter. "Let us remember that 'if we suffer tamely a lawless attack upon our liberty, we encourage it, and involve others in our doom.' It is a very serious consideration that millions yet unborn may be the miserable sharers of the event." --Samuel Adams ("patriot, statesman..."), speech, 1771 and: "The more difficult it is to interact with the government, the more the government wants gun control." --attila in other words, the more they deny our inaliable right to free speech, the more they need gun control before we rise against the usurpers of our rights. Now, if there ever was a liberal do-gooder, Eleanor certainly was: "No one can make you feel inferior without your consent." --Eleanor Roosevelt now, does she mean what she says literally? in other words, is she saying to say what you want, and she will not be harmed or "feel inferior" in this case? I can presume Eleanor could be offended, but is that sufficient to abridge your rights? Nietzsche expresses a defiant tone on first glance -no, the general interpretation is absolute freedom --speech included. "I understand by 'freedom of Spirit' something quite definite - the unconditional will to say No, where it is dangerous to say No." --Friedrich Nietzsche Is not the right to bear arms the same basic freedom as free speech, with one limitation: improper use carries criminal penalties --basically, because the act denies another his freedom. "The right of self-defense is the first law of nature ...and when the right of the people to keep and bear arms is, under any color or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction." --St. George Tucker, in his edition of Blackstone's Commentaries did not the Magna Carta guarantee the right of free speech? Of course, there was not full suffrage at that time, but the Magna Carta is the basis of our common law. Then, let's look at another concept of freedom and a "democracy" Just because a mob calls itself a government, doesn't make it so. Democracy is two wolves and a sheep voting on what to have for dinner. People who claim that money doesn't matter, are usually living on someone else's money. Society is a mental construct, formed by those people who are too insecure to handle the concept of people as individuals. which gets down to just what the hell did my forefathers, and maybe yours, fight for in 1776 if it was not for freedom of speech and assembly, the right to bear arms, to be free from unreasonable search and seizure; and enjoy the protection of law? if we do not pick up that fight and stop corrupt governments from usurping the power of the people, we will lose all freedom. If we give in on _any_ of the first 10 amendments, our Bill of Rights, we are surrendering our deserved personal franchise to a usurping government. and it starts with society and government trying to tell us what we can freely say. I may not like what you have to say, or that you insult my sensibilities or my rectitude, but I will defend your right to my death so that you may do so. Therefore: "With heart and hand I pledge you while I load my gun again, you will never be forgotten or the enemy forgiven, my good comrade..." --Anton Szandor LaVay -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvRHa704kQrCC2kFAQE9dgP8D+q2ZFytBzdgWDh+QdtunUa8nqhopHrS OVc5yWkG+UJzcVhtRFyu5O4nhSkgzhjbiGxYUWM1ZNZwaIDehFmieCv8GG/c+Cal 0BHWha5cHqL0pEiFs/NTWAVoVGfPZl2jcikViXMRAqt8mmXmbC3bxPjBtlfnTzmB yTZ51fvB3tU= =aTWw -----END PGP SIGNATURE----- From lwjohnson at grill.sk.ca Sun Feb 2 02:25:54 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Sun, 2 Feb 1997 02:25:54 -0800 (PST) Subject: PGP 2.1 Message-ID: <199702021025.CAA16822@toad.com> Hello, Can any;one tell me how to get a version of PGP 2.1? Thanks From blancw at cnw.com Sun Feb 2 02:27:39 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 02:27:39 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702021027.CAA16906@toad.com> From: Toto I am not speaking of the sheep-mentality in regard to moderation or any other single issue on the list. I am speaking of the tendency of many list-members to fall into common ruts of thought wherein the comments and opinions of others are auto-files as this-or-that, and interpreted in that light, no matter what the actual content of their messages. ................................................ Hm, well, what's an anarchist to do about other people's psychological makeup? = I regard Igor and yourself, and a number of others, in the same light. I'm reluctant to bend over and drop my pants, waiting for you to kiss my butt, because I realize that I am just as likely to feel the sting of your toe-nailed boots instead of soft lips. .......................................... Hm, well, I'm not in the custom of doing either of those things, but thanks for the compliment! = But, under the New List Order, any strong opinion risks being thrown in the crapper as a 'flame'. ............................................... Not that I'm condoning centralized management, but I bet I could flame anyone pretty good yet by-pass the moderator. It's all in the style, you know. Some people are very delicate about what offends them - I know I could get on some particular people's nerves any day without trying. An opportunist can take advantage of another's infirmity by being perfectly polite while yet excruciatingly annoying. = Yes, but there are always members to whom these treatises and orientation of thought are 'new', and people only notice the repetiveness when they are, indeed, following these posts, which means that they must be getting some value out of them. ............................................ Oh, I wasn't condemning Tim's posts as being repetitive and boring - it's commendable that he would write about the same ideas in fresh new ways, for the benefit of the newbies and the entertainment of the oldies. But not everyone is as interested & willing (or have the time) to re-iterate this way, and with only one or a few "holding up the ship", so to speak, it leaves a lot of room for wayless bickering degenerating into unproductive ad hominems - ad absurdum, ad nauseam. You, know, Toto, I heard that there's a vacancy in the Cypherpunk Division of History & Philosophy .... .. Blanc From toto at sk.sympatico.ca Sun Feb 2 02:34:15 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 02:34:15 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <01BC10AB.F9523E60@king1-10.cnw.com> Message-ID: <32F48A52.66D1@sk.sympatico.ca> blanc wrote: > From: Toto > Hm, well, what's an anarchist to do about other people's psychological > makeup? Hold up a mirror. > Not that I'm condoning centralized management, but I bet I could flame > anyone pretty good yet by-pass the moderator. It's all in the style, you > know. Some people are very delicate about what offends them - I know I > could get on some particular people's nerves any day without trying. An > opportunist can take advantage of another's infirmity by being perfectly > polite while yet excruciatingly annoying. What constitutes a 'flame' seems to depend heavily on whose mouth it comes out of. Jim Choate called me a schizophrenic, and it seemed to be acceptable enough to make the censored list. He tends to call people "Bessie", basically saying they are a Cow, and that also seems acceptable. Personally, I could care less when people want to play footsie-games with flaming, but I think it points out the ludicrousness of having a moderator limiting people to 'childish' insults. I prefer someone screaming at me what a cocksucker I am. Ray Hettinga forwards these long, literate missives advertising this-or-that million dollar a plate conferences, but when he chose to insult me with his own words, the result was an immature blathering which showed questionable literary skills. > Oh, I wasn't condemning Tim's posts as being repetitive and boring - it's > commendable that he would write about the same ideas in fresh new ways, for > the benefit of the newbies and the entertainment of the oldies. > But not everyone is as interested & willing (or have the time) to > re-iterate this way, and with only one or a few "holding up the ship", so > to speak, it leaves a lot of room for wayless bickering degenerating into > unproductive ad hominems - ad absurdum, ad nauseam. There are some good socio/politico posts by a variety of list members who are highly knowlegeable about a range of topics surrounding crypto, but they tend to come sporadically. I suppose that this is because they actually have real lives. > You, know, Toto, I heard that there's a vacancy in the Cypherpunk Division > of History & Philosophy .... I suppose that Sandy might nominate me, just for the pleasure of sitting back and enjoying the flood of, "A Vote of FUCK OFF for Toto" postings. It would be nice, however, to try to twist the rest of the list around to my own world-view. It gets lonely here in the 'rubber room' at the Home, and I could use some company. Toto From frissell at panix.com Sun Feb 2 04:02:32 1997 From: frissell at panix.com (Duncan Frissell) Date: Sun, 2 Feb 1997 04:02:32 -0800 (PST) Subject: IRS Can't Compete Message-ID: <3.0.1.32.19970202070316.0183023c@panix.com> -----BEGIN PGP SIGNED MESSAGE----- Note proof that government agencies are running up against serious problems competing with market actors even though they have the guns. - From today's NYT: February 1, 1997 Leaders of I.R.S. Panel Urge Sweeping Overhaul of Agency By DAVID CAY JOHNSTON The IRS had publicly defended its management of computer modernization until Thursday, when Arthur A. Gross, who was hired last year as an assistant commissioner of the agency to rescue the effort, told the restructuring commission that the new systems being developed "do not work in the real world." Gross also said the IRS lacked the "intellectual capital" to modernize. ["intellectual capital" = brains] Kerrey said that although the modernization project was bigger than any corporate computer system the government would have a hard time hiring the necessary talent to manage the project. "The market is bidding up the price for people who have these skills, and we just can't dole out big salaries," he said. Executives who oversee information systems make as much as $378,000 in salary and bonuses, according to William M. Mercer, the nation's largest pay consulting firm. That is more than twice the highest federal salary and bonus, and corporate information executives typically also get options and other incentive payments. ****************** Translation - since the Feds can't afford to pay CIOs what they're worth, and governments don't offer stock options, they can't get the talent they need to keep up with the market. We are talking about senior management here. If they try and respond by contracting senior management out, eventually the institution disappears as a government institution. DCF -----BEGIN PGP SIGNATURE----- Version: 4.5 iQCVAgUBMvSCgYVO4r4sgSPhAQHhYAP+N80RhT0efc2seO+P99WLVYMJ8/1Q1R7e CkLY8guJw2PnuQlaGG3lj14mYvTPMitZFsQ4pFnkSzzyF57QN4nXPbXajkNeWao+ Kcr2T3TJa5gZcGv309/I7FbZp2MfaugEjyNoielY12q9qsyuJyCv1l4Uh1L/tq9c wEKoLyMoh5U= =orfk -----END PGP SIGNATURE----- From blancw at cnw.com Sun Feb 2 04:54:17 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 04:54:17 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <01BC10C5.A58834A0@king1-10.cnw.com> From: Attila T. Hun, member of the Early Bird Consortium of Stray Cats, quoting from the Pages of History: did not the Magna Carta guarantee the right of free speech? Of course, there was not full suffrage at that time, but the Magna Carta is the basis of our common law. [and...] which gets down to just what the hell did my forefathers, and maybe yours, fight for in 1776 if it was not for freedom of speech and assembly, the right to bear arms, to be free from unreasonable search and seizure; and enjoy the protection of law? ................................................ Yes, if the Magna Carta guaranteed a right and the forefathers fought to secure it, why should any of us ever have to lift a finger in our own defense. My contribution to this thread from the Cpunk History & Philosophy Division: a Jewish saying from a book I glanced through of couple of weeks ago, something like: "What good is it to a man who has lost his sight that his ancestors had perfect vision." .. Blanc From frissell at panix.com Sun Feb 2 07:10:48 1997 From: frissell at panix.com (Duncan Frissell) Date: Sun, 2 Feb 1997 07:10:48 -0800 (PST) Subject: IRS Can't Compete Message-ID: <199702021510.HAA24723@toad.com> -----BEGIN PGP SIGNED MESSAGE----- Note proof that government agencies are running up against serious problems competing with market actors even though they have the guns. - From today's NYT: February 1, 1997 Leaders of I.R.S. Panel Urge Sweeping Overhaul of Agency By DAVID CAY JOHNSTON The IRS had publicly defended its management of computer modernization until Thursday, when Arthur A. Gross, who was hired last year as an assistant commissioner of the agency to rescue the effort, told the restructuring commission that the new systems being developed "do not work in the real world." Gross also said the IRS lacked the "intellectual capital" to modernize. ["intellectual capital" = brains] Kerrey said that although the modernization project was bigger than any corporate computer system the government would have a hard time hiring the necessary talent to manage the project. "The market is bidding up the price for people who have these skills, and we just can't dole out big salaries," he said. Executives who oversee information systems make as much as $378,000 in salary and bonuses, according to William M. Mercer, the nation's largest pay consulting firm. That is more than twice the highest federal salary and bonus, and corporate information executives typically also get options and other incentive payments. ****************** Translation - since the Feds can't afford to pay CIOs what they're worth, and governments don't offer stock options, they can't get the talent they need to keep up with the market. We are talking about senior management here. If they try and respond by contracting senior management out, eventually the institution disappears as a government institution. DCF -----BEGIN PGP SIGNATURE----- Version: 4.5 iQCVAgUBMvSCgYVO4r4sgSPhAQHhYAP+N80RhT0efc2seO+P99WLVYMJ8/1Q1R7e CkLY8guJw2PnuQlaGG3lj14mYvTPMitZFsQ4pFnkSzzyF57QN4nXPbXajkNeWao+ Kcr2T3TJa5gZcGv309/I7FbZp2MfaugEjyNoielY12q9qsyuJyCv1l4Uh1L/tq9c wEKoLyMoh5U= =orfk -----END PGP SIGNATURE----- From dlv at bwalk.dm.com Sun Feb 2 07:11:25 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sun, 2 Feb 1997 07:11:25 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702020557.XAA17186@manifold.algebra.com> Message-ID: ichudov at algebra.com (Igor Chudov @ home) writes: > Dr.Dimitri Vulis KOTM wrote: > > Bill Stewart writes: > > > On the other hand, if the "repairman" replaced your pgp executable > > > with version 2.6.3kgb, which uses your hashed passphrase as the > > > session key, you're hosed. Or if he installed a keystroke sniffer, > > > or added a small radio transmitter to your keyboard, or whatever. > > > Depends on your threat model. If you need to be paranoid, > > > they've already gotten you.... > > > > If you're really paranoid, you can boot from a clean floppy and > > reinstall everything from your backup tapes. You do have a > > contingency plan in case your hard disk goes bad, or gets a > > virus, don't you? Well, if you're in doubt, exercise it. > > And what if the repairman replaces BIOS ROM chips with KGBios? On some computers it's possible to add executable code to the boot sequence without replacing the actual ROM chip because they're rewritiable. Examples: most Sun boxes; intel motherboards with 'flash bios'. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From blancw at cnw.com Sun Feb 2 07:12:28 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 07:12:28 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702021512.HAA24745@toad.com> From: Attila T. Hun, member of the Early Bird Consortium of Stray Cats, quoting from the Pages of History: did not the Magna Carta guarantee the right of free speech? Of course, there was not full suffrage at that time, but the Magna Carta is the basis of our common law. [and...] which gets down to just what the hell did my forefathers, and maybe yours, fight for in 1776 if it was not for freedom of speech and assembly, the right to bear arms, to be free from unreasonable search and seizure; and enjoy the protection of law? ................................................ Yes, if the Magna Carta guaranteed a right and the forefathers fought to secure it, why should any of us ever have to lift a finger in our own defense. My contribution to this thread from the Cpunk History & Philosophy Division: a Jewish saying from a book I glanced through of couple of weeks ago, something like: "What good is it to a man who has lost his sight that his ancestors had perfect vision." .. Blanc From toto at sk.sympatico.ca Sun Feb 2 07:14:10 1997 From: toto at sk.sympatico.ca (Toto) Date: Sun, 2 Feb 1997 07:14:10 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702021514.HAA24774@toad.com> blanc wrote: > From: Toto > Hm, well, what's an anarchist to do about other people's psychological > makeup? Hold up a mirror. > Not that I'm condoning centralized management, but I bet I could flame > anyone pretty good yet by-pass the moderator. It's all in the style, you > know. Some people are very delicate about what offends them - I know I > could get on some particular people's nerves any day without trying. An > opportunist can take advantage of another's infirmity by being perfectly > polite while yet excruciatingly annoying. What constitutes a 'flame' seems to depend heavily on whose mouth it comes out of. Jim Choate called me a schizophrenic, and it seemed to be acceptable enough to make the censored list. He tends to call people "Bessie", basically saying they are a Cow, and that also seems acceptable. Personally, I could care less when people want to play footsie-games with flaming, but I think it points out the ludicrousness of having a moderator limiting people to 'childish' insults. I prefer someone screaming at me what a cocksucker I am. Ray Hettinga forwards these long, literate missives advertising this-or-that million dollar a plate conferences, but when he chose to insult me with his own words, the result was an immature blathering which showed questionable literary skills. > Oh, I wasn't condemning Tim's posts as being repetitive and boring - it's > commendable that he would write about the same ideas in fresh new ways, for > the benefit of the newbies and the entertainment of the oldies. > But not everyone is as interested & willing (or have the time) to > re-iterate this way, and with only one or a few "holding up the ship", so > to speak, it leaves a lot of room for wayless bickering degenerating into > unproductive ad hominems - ad absurdum, ad nauseam. There are some good socio/politico posts by a variety of list members who are highly knowlegeable about a range of topics surrounding crypto, but they tend to come sporadically. I suppose that this is because they actually have real lives. > You, know, Toto, I heard that there's a vacancy in the Cypherpunk Division > of History & Philosophy .... I suppose that Sandy might nominate me, just for the pleasure of sitting back and enjoying the flood of, "A Vote of FUCK OFF for Toto" postings. It would be nice, however, to try to twist the rest of the list around to my own world-view. It gets lonely here in the 'rubber room' at the Home, and I could use some company. Toto From dlv at bwalk.dm.com Sun Feb 2 07:24:57 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sun, 2 Feb 1997 07:24:57 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <32F428CD.AB9@gte.net> Message-ID: Dale Thorn writes: > I ask you again to look at the motives of the people involved. John > Gilmore isn't about to waste a second of his personal time "moderating" > this list (who could blame him?), and I can't for the life of me see > a reason why Sandy would want to devote so much time to it. Have you > or anyone seen a real reason why Sandy would want to do this? You know one reason: Sandy makes sure that submissions critical of his employer don't appear on *either* the censored or the flames list (but result in lawyer letters). There probably are other reasons. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From cynthb at homer.sonetis.com Sun Feb 2 07:30:12 1997 From: cynthb at homer.sonetis.com (Cynthia H. Brown) Date: Sun, 2 Feb 1997 07:30:12 -0800 (PST) Subject: Trigger-Words... Message-ID: <199702021530.KAA01205@homer.iosphere.net> -----BEGIN PGP SIGNED MESSAGE----- On Wed, 29 Jan 1997, harka at nycmetro.com queried: > Actually, I might not have chosen the correct words for what I > wanted... > I am looking for sniffer-programs, that analyze e-mail traffic on > the Net and filtering out all e-mails potentially interesting for > _intelligence services_. For example, I've heard, that if an e-mail > contains the words: "assassinate President" (DISCLAIMER: I hope, our > President lives a long and happy life, even after his > impeachment...:)), it will automatically get filtered and checked > out by the Secret Service. > Different intelligence agencies might have similar things in place. > Where could I get some more information about that? Many Un*xes (SunOS, Solaris, IRIX, Linux, and probably others) have included their own versions of sniffers, supposedly for network debugging. These are typically called something like "tcpdump", "etherfind", "snoop", etc. You would need to run a sniffer at a "choke point" of an organisation, for example the external router to the Internet, to capture all of the packets to / from that organisation. Putting a sniffer on some arbitrary router out there in cloud-land would probably not be all that productive, since there's no guarantee that all of the IP packets carrying a given TCP connection would take the same route. Cynthia -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: cp850 iQCVAwUBMvSyq5Og7xGCJGQtAQFJPwQAiXbxtfdfVEDL5ZHdktdy6bfH/Wmio3oU J1bYKpfwY4H4NnIoXipGF+oo48Pe4j8x46UneVZ8d4ZsSy93/JsvmQw38TxSj/8o cPbtIaagBw9eofsdimzlwx9Y0VvaTRWt+2Cjd8aQKmG5nwUBSF9BlFoX2/TU3QZY IP+hiecLaag= =rHlB -----END PGP SIGNATURE----- =============================================================== Cynthia H. Brown Ottawa, Ontario, Canada E-mail: cynthb at sonetis.com Home Page: http://www.sonetis.com/~cynthb/ PGP Key: See Home Page Junk mail will be ignored in the order in which it is received. It is morally as bad not to care whether a thing is true or not, so long as it makes you feel good, as it is not to care how you got your money as long as you have got it. - Edmund Way Teale, "Circle of the Seasons" From dlv at bwalk.dm.com Sun Feb 2 07:55:43 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sun, 2 Feb 1997 07:55:43 -0800 (PST) Subject: Key Security Question Message-ID: <199702021555.HAA25423@toad.com> ichudov at algebra.com (Igor Chudov @ home) writes: > Dr.Dimitri Vulis KOTM wrote: > > Bill Stewart writes: > > > On the other hand, if the "repairman" replaced your pgp executable > > > with version 2.6.3kgb, which uses your hashed passphrase as the > > > session key, you're hosed. Or if he installed a keystroke sniffer, > > > or added a small radio transmitter to your keyboard, or whatever. > > > Depends on your threat model. If you need to be paranoid, > > > they've already gotten you.... > > > > If you're really paranoid, you can boot from a clean floppy and > > reinstall everything from your backup tapes. You do have a > > contingency plan in case your hard disk goes bad, or gets a > > virus, don't you? Well, if you're in doubt, exercise it. > > And what if the repairman replaces BIOS ROM chips with KGBios? On some computers it's possible to add executable code to the boot sequence without replacing the actual ROM chip because they're rewritiable. Examples: most Sun boxes; intel motherboards with 'flash bios'. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From cynthb at homer.sonetis.com Sun Feb 2 07:55:48 1997 From: cynthb at homer.sonetis.com (Cynthia H. Brown) Date: Sun, 2 Feb 1997 07:55:48 -0800 (PST) Subject: Trigger-Words... Message-ID: <199702021555.HAA25437@toad.com> -----BEGIN PGP SIGNED MESSAGE----- On Wed, 29 Jan 1997, harka at nycmetro.com queried: > Actually, I might not have chosen the correct words for what I > wanted... > I am looking for sniffer-programs, that analyze e-mail traffic on > the Net and filtering out all e-mails potentially interesting for > _intelligence services_. For example, I've heard, that if an e-mail > contains the words: "assassinate President" (DISCLAIMER: I hope, our > President lives a long and happy life, even after his > impeachment...:)), it will automatically get filtered and checked > out by the Secret Service. > Different intelligence agencies might have similar things in place. > Where could I get some more information about that? Many Un*xes (SunOS, Solaris, IRIX, Linux, and probably others) have included their own versions of sniffers, supposedly for network debugging. These are typically called something like "tcpdump", "etherfind", "snoop", etc. You would need to run a sniffer at a "choke point" of an organisation, for example the external router to the Internet, to capture all of the packets to / from that organisation. Putting a sniffer on some arbitrary router out there in cloud-land would probably not be all that productive, since there's no guarantee that all of the IP packets carrying a given TCP connection would take the same route. Cynthia -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: cp850 iQCVAwUBMvSyq5Og7xGCJGQtAQFJPwQAiXbxtfdfVEDL5ZHdktdy6bfH/Wmio3oU J1bYKpfwY4H4NnIoXipGF+oo48Pe4j8x46UneVZ8d4ZsSy93/JsvmQw38TxSj/8o cPbtIaagBw9eofsdimzlwx9Y0VvaTRWt+2Cjd8aQKmG5nwUBSF9BlFoX2/TU3QZY IP+hiecLaag= =rHlB -----END PGP SIGNATURE----- =============================================================== Cynthia H. Brown Ottawa, Ontario, Canada E-mail: cynthb at sonetis.com Home Page: http://www.sonetis.com/~cynthb/ PGP Key: See Home Page Junk mail will be ignored in the order in which it is received. It is morally as bad not to care whether a thing is true or not, so long as it makes you feel good, as it is not to care how you got your money as long as you have got it. - Edmund Way Teale, "Circle of the Seasons" From haystack at holy.cow.net Sun Feb 2 08:00:45 1997 From: haystack at holy.cow.net (Bovine Remailer) Date: Sun, 2 Feb 1997 08:00:45 -0800 (PST) Subject: No Subject In-Reply-To: <199702021011.CAA16505@toad.com> Message-ID: <199702021542.KAA27029@holy.cow.net> Someone using the Huge Cajones mailer wrote: David Lesher writes: > USPS uses key locks seemingly designed by Ben Franklin himself. > Look at them someday. FedEx boxes used to have Simplex 926 > 5 pushbutton ""locks"" if you stretch the point. Still did last I checked. Don't let the old-fashioned look deceive you. Most mail storage boxes use lever tumbler locks (similar to what's used in safe deposit vaults, though obviously the mailbox locks have a flimsier plug). How is that obvious? Safe deposit locks generally aren't designed to be hard to open, just hard to open without damage. There's always either a guard or a locked vault door protecting the locks. Mailboxes, on the other hand, generally aren't kept under guard or in vaults. From haystack at holy.cow.net Sun Feb 2 08:55:42 1997 From: haystack at holy.cow.net (Bovine Remailer) Date: Sun, 2 Feb 1997 08:55:42 -0800 (PST) Subject: No Subject Message-ID: <199702021655.IAA26447@toad.com> Someone using the Huge Cajones mailer wrote: David Lesher writes: > USPS uses key locks seemingly designed by Ben Franklin himself. > Look at them someday. FedEx boxes used to have Simplex 926 > 5 pushbutton ""locks"" if you stretch the point. Still did last I checked. Don't let the old-fashioned look deceive you. Most mail storage boxes use lever tumbler locks (similar to what's used in safe deposit vaults, though obviously the mailbox locks have a flimsier plug). How is that obvious? Safe deposit locks generally aren't designed to be hard to open, just hard to open without damage. There's always either a guard or a locked vault door protecting the locks. Mailboxes, on the other hand, generally aren't kept under guard or in vaults. From asgaard at cor.sos.sll.se Sun Feb 2 09:12:16 1997 From: asgaard at cor.sos.sll.se (Asgaard) Date: Sun, 2 Feb 1997 09:12:16 -0800 (PST) Subject: Cyphernomicon by Tim May In-Reply-To: <199702020959.BAA16083@toad.com> Message-ID: On Sun, 2 Feb 1997, Declan McCullagh wrote: >That question is one for Tim to answer, but I should point out that TC May hasn't posted in a month or so. I miss his posts. Without any official role he was the de facto moderator, mostly by example but also by pointing out the core of the issues when things went astray, for all those years. Did he mention going away for so long in any of his latest posts? I remember 'for the holiday season' but that is long gone. I hope he hasn't left the list for good, being pissed off by Gilmore's choice of moderator(s) or some such reason. Asgaard From asgaard at Cor.sos.sll.se Sun Feb 2 09:56:19 1997 From: asgaard at Cor.sos.sll.se (Asgaard) Date: Sun, 2 Feb 1997 09:56:19 -0800 (PST) Subject: Cyphernomicon by Tim May Message-ID: <199702021756.JAA27430@toad.com> On Sun, 2 Feb 1997, Declan McCullagh wrote: >That question is one for Tim to answer, but I should point out that TC May hasn't posted in a month or so. I miss his posts. Without any official role he was the de facto moderator, mostly by example but also by pointing out the core of the issues when things went astray, for all those years. Did he mention going away for so long in any of his latest posts? I remember 'for the holiday season' but that is long gone. I hope he hasn't left the list for good, being pissed off by Gilmore's choice of moderator(s) or some such reason. Asgaard From zachb at netcom.com Sun Feb 2 10:15:27 1997 From: zachb at netcom.com (Z.B.) Date: Sun, 2 Feb 1997 10:15:27 -0800 (PST) Subject: Keystroke sniffer question In-Reply-To: <2.2.32.19970202043909.006c8dd0@popd.ix.netcom.com> Message-ID: On Sat, 1 Feb 1997, Scott wrote: > How can you detect if there is a keystroke sniffer on your computer. > All sniffers have to write to disk at some point. You can detect one by checking to see how much disk space you have (DIR on MSDOS), typing a few lines of random characters, and check your disk space again. If it's gone down a little, then you probably have one. > Is there a file name to look for? Try checking in your TEMP directory...the few ones that I've seen default to creating an invisible file in that directory. > Where do people get them? They either buy them or write them. Zach Babayco zachb at netcom.com <-------finger for PGP public key If you need to know how to set up a mail filter or defend against emailbombs, send me a message with the words "get helpfile" (without the " marks) in the SUBJECT: header, *NOT THE BODY OF THE MESSAGE!* I have several useful FAQs and documents available. From zachb at netcom.com Sun Feb 2 10:25:44 1997 From: zachb at netcom.com (Z.B.) Date: Sun, 2 Feb 1997 10:25:44 -0800 (PST) Subject: Keystroke sniffer question Message-ID: <199702021825.KAA28058@toad.com> On Sat, 1 Feb 1997, Scott wrote: > How can you detect if there is a keystroke sniffer on your computer. > All sniffers have to write to disk at some point. You can detect one by checking to see how much disk space you have (DIR on MSDOS), typing a few lines of random characters, and check your disk space again. If it's gone down a little, then you probably have one. > Is there a file name to look for? Try checking in your TEMP directory...the few ones that I've seen default to creating an invisible file in that directory. > Where do people get them? They either buy them or write them. Zach Babayco zachb at netcom.com <-------finger for PGP public key If you need to know how to set up a mail filter or defend against emailbombs, send me a message with the words "get helpfile" (without the " marks) in the SUBJECT: header, *NOT THE BODY OF THE MESSAGE!* I have several useful FAQs and documents available. From attila at primenet.com Sun Feb 2 10:39:16 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 10:39:16 -0800 (PST) Subject: Libel, Times v. Sullivan In-Reply-To: <01BC10C5.A58834A0@king1-10.cnw.com> Message-ID: <199702021838.LAA06964@infowest.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970202:0457 blanc said: +Yes, if the Magna Carta guaranteed a right and the forefathers fought +to secure it, why should any of us ever have to lift a finger in our +own defense. seems to me Jefferson said it took a rebellion every 20 years or so to keep democracy awake... other than presuming your answer is tongue in cheek (not elsewhere), complacency == welfare. +My contribution to this thread from the Cpunk History & Philosophy +Division: a Jewish saying from a book I glanced through of couple of +weeks ago, something like: + + "What good is it to a man who has lost his sight + that his ancestors had perfect vision." not a lot, but that does not mean he should scorn those who have managed to retain their sight. your saying is rather characteristic of the genre --best glamourized in Mad magazine. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvTfKL04kQrCC2kFAQG48gQA3LCObnHCe09r1jtV/0HbeilmKqSuP7ue lf6yScJiBHCwgm8aGT+NqjmSdvKUlTEfjV4H2zVCfoYyQEh5tMs4LnnDpd4zPL0M EBUrCdu2KBgLQpgbzP9g64cUCsq6LMGsfe7mqKaYYFIUmYJMBLsrYrLtPLPGlJ0S +LRYfJexD1s= =y085 -----END PGP SIGNATURE----- From jimbell at pacifier.com Sun Feb 2 10:48:29 1997 From: jimbell at pacifier.com (jim bell) Date: Sun, 2 Feb 1997 10:48:29 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702021847.KAA17527@mail.pacifier.com> At 12:56 AM 2/2/97 -0500, Black Unicorn wrote: >Please note that the difference between: > >"But he got the same sentence as he would have if he was convicted of >carrying a gun in furtherance of the crime." > >and > >"But he got the same sentence as he would have is he was not convicted of >carrying a gun in furtherance of the crime." > >is subtle at best. > >Next time don't get caught stealing with a gun nearby. Better yet, set up a system to encourage the public to USE those guns (and other weapons) to get rid of the people who pass such laws, and the problem is solved. Jim Bell jimbell at pacifier.com From jya at pipeline.com Sun Feb 2 10:55:05 1997 From: jya at pipeline.com (John Young) Date: Sun, 2 Feb 1997 10:55:05 -0800 (PST) Subject: National Cryptologic School Message-ID: <1.5.4.32.19970202184922.006cda74@pop.pipeline.com> DAW provided this URL: http://csrc.nist.gov/training/in170.zip 1996-04-29 Introduction to Computer Security National Cryptologic School Interactive Courseware Trainee Guide (formerly, CP-133) (37 zipped files, DOS program) We've had a look at this course, a primer on CompSec and a required course for all DoD employees. It takes some fiddling to get past the sign-on block. Hint: after unzipping execute "student.exe" and enter "CP" as the lesson. Repeat for other listed files, CPxxx - CPxxx. It's basic stuff but worthwhile for its claims, these among others: 1. Most hackers are employees of the target. 2. Negligence, accidents and sloppy sys-administration are prime causes of disruptions, perhaps more than deliberate attacks. 3. Environmental weaknesses are often overlooked by security experts too focussed on computer systems. It lists these security documents as references: EO 12356 [superceded by EO 12958] DCID 1/16 [Director of Central Intelligence Directive] DoDDir 5200.28 DoD 5200.28 STD Public Law 100-235 NSA/CSS Dir 10-27 NSA/CSS Manual 130-1 (NSAM 130-1) NSA/CSS Manual 130-2 (NSAM 130-2) NSA/CSS Reg 130-2 NTISSAM COMPSEC 1-87 The Rainbow Series OMB A-130 Does anyone know of a source for the DCID series and the NSA/CSS series? Some of the others are available on the Web -- see AltaVista. While looking for these we ran across an informative implementation of infosec and compsec: Information Systems Accreditation Document, 4 Volumes System Security Requirements for the Department of Defense Intelligence Information System Automated Message Handling System (AMHS) V2.x By: McDonnell Douglas Aerospace For: Electronic Systems Center, Air Force Materiel Command Which we've put at: http://jya.com/amhs.htm From mch at squirrel.com Sun Feb 2 12:37:56 1997 From: mch at squirrel.com (Mark Henderson) Date: Sun, 2 Feb 1997 12:37:56 -0800 (PST) Subject: PGP 2.1 In-Reply-To: <199702021025.CAA16822@toad.com> Message-ID: Larry Johnson writes: > Hello, > Can any;one tell me how to get a version of PGP 2.1? > Thanks > If you are a U.S./Canadian person in the U.S. or Canada you can get 2.1 and most of the release versions of PGP from ftp://ftp.wimsey.com/pub/crypto Easiest thing is to point your web browser to ftp://ftp.wimsey.bc.ca/pub/crypto/software/README.html Then after reading and agreeing to the conditions, click in the appropriate place and descend into the PGP directory. But, why do you want version 2.1? -- Mark Henderson -- mch at squirrel.com, henderso at netcom.com, markh at wimsey.bc.ca PGP key 1024/B2667EFF - 5A 93 7D 29 EB 63 84 09 EA A2 AA 6C FA C5 A6 21 unstrip for Solaris, Wimsey crypto archive, TECO, computer security links, change-sun-hostid, Sun NVRAM/hostid FAQ - http://www.squirrel.com/squirrel/ -------------- next part -------------- A non-text attachment was scrubbed... Name: pgp00000.pgp Type: application/octet-stream Size: 288 bytes Desc: "PGP signature" URL: From aba at dcs.ex.ac.uk Sun Feb 2 14:18:54 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Sun, 2 Feb 1997 14:18:54 -0800 (PST) Subject: Geiger and long, unreadable lines In-Reply-To: <199702011740.JAA21963@toad.com> Message-ID: <199701291607.QAA00392@server.test.net> Dimitri Vulis writes on cpunks-flames: > Adam Back writes on cpunks-flames: > > > > Mr William H. Geiger III "Author of E-Secure" writes on cpunks: > > > for the benifit of those misfortunate enough to be still working on > > > dumb terminals I have disabled my PGP script until I have time to add a > > > word wrap routine to it. > > > > it is you who were demonstrating your ineptitude by spewing > > 120+ line length postings. Why is it so difficult for you to keep > > under 80 chars? Would you like some technical assistance? Notice how > > near every one else apart from yourself is managing to keep under 80 > > chars? > > Notice how near every one else apart from yourself bends over for the NSA, > and is willing to use a 40-bit key "escrowed" with the feds? Why is it so > difficult for you to keep under 40 bits? Would you like some technical > assistance? Why are you setting yourself apart from the Internet community > that so happily embraces GAK? Why do you desire "privacy" for your traffic > when everyone else does not? What have you got to hide? Are you looking to > transmit child pornography, bomb-making instructions, and/or cannabis > legalization propaganda? We better have a look at your hard disk soon. btw Dimitri, a crypto question: Diffie-Hellman key generation, there are two main ways of generating the diffie-hellman prime modulus, method 1: p = 2q+1 where q is a prime also. And method 2: p = r.2q+1 where q is a prime and r is a randomly generated number. With method 1, the security parameter is the size of p in bits (or size of q, as they are related). With method 2, there are two security parameters, size of q and size of p in bits. Method 2 has the advantage that key generation is faster as it is quicker to generate new random numbers r, than to repeatedly generate trial prime q as you have to do in method 1. However is the security weaker in method 2? What size of p and q do you have to use to get the same security as for same size of p in bits as in method 1? What should be the relationship between the size of p and q? (this isn't cpunks, this is cpunks-flames, so your non-crypto pledge shouldn't hold, besides Sandy has a stated policy of killing the whole thread, so I thought it amusing to continue your crypto relevance in moving on to technical topics rather than political) Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 At 12:56 AM 2/2/97 -0500, Black Unicorn wrote: >Please note that the difference between: > >"But he got the same sentence as he would have if he was convicted of >carrying a gun in furtherance of the crime." > >and > >"But he got the same sentence as he would have is he was not convicted of >carrying a gun in furtherance of the crime." > >is subtle at best. > >Next time don't get caught stealing with a gun nearby. Better yet, set up a system to encourage the public to USE those guns (and other weapons) to get rid of the people who pass such laws, and the problem is solved. Jim Bell jimbell at pacifier.com From mch at squirrel.com Sun Feb 2 14:25:46 1997 From: mch at squirrel.com (Mark Henderson) Date: Sun, 2 Feb 1997 14:25:46 -0800 (PST) Subject: PGP 2.1 Message-ID: <199702022225.OAA03367@toad.com> Larry Johnson writes: > Hello, > Can any;one tell me how to get a version of PGP 2.1? > Thanks > If you are a U.S./Canadian person in the U.S. or Canada you can get 2.1 and most of the release versions of PGP from ftp://ftp.wimsey.com/pub/crypto Easiest thing is to point your web browser to ftp://ftp.wimsey.bc.ca/pub/crypto/software/README.html Then after reading and agreeing to the conditions, click in the appropriate place and descend into the PGP directory. But, why do you want version 2.1? -- Mark Henderson -- mch at squirrel.com, henderso at netcom.com, markh at wimsey.bc.ca PGP key 1024/B2667EFF - 5A 93 7D 29 EB 63 84 09 EA A2 AA 6C FA C5 A6 21 unstrip for Solaris, Wimsey crypto archive, TECO, computer security links, change-sun-hostid, Sun NVRAM/hostid FAQ - http://www.squirrel.com/squirrel/ --w=NZbzo6Zc1UmsEa Content-Type: APPLICATION/PGP-SIGNATURE Content-ID: -----BEGIN PGP SIGNATURE----- Version: 2.6.3 iQCVAwUBMvT7LaWYCYyyZn7/AQGJmAP/dQs4nQi07UaNGSdx5pJcwppCnq9Uo77B rIuwJppnWPsvlcN32GF88lf6TupIoIVsReZbYJdu2WPluXsUTQ+oTOwEHNOD831t TXsqDd8QNpwZGGfbhv3tQ5T79jQIVim3jOesWbN9Ix3/qJyKgJnwRR1u0hZKriC3 lQAiUFl/hkg= =VPrH -----END PGP SIGNATURE----- --w=NZbzo6Zc1UmsEa-- From jya at pipeline.com Sun Feb 2 14:25:50 1997 From: jya at pipeline.com (John Young) Date: Sun, 2 Feb 1997 14:25:50 -0800 (PST) Subject: National Cryptologic School Message-ID: <199702022225.OAA03376@toad.com> DAW provided this URL: http://csrc.nist.gov/training/in170.zip 1996-04-29 Introduction to Computer Security National Cryptologic School Interactive Courseware Trainee Guide (formerly, CP-133) (37 zipped files, DOS program) We've had a look at this course, a primer on CompSec and a required course for all DoD employees. It takes some fiddling to get past the sign-on block. Hint: after unzipping execute "student.exe" and enter "CP" as the lesson. Repeat for other listed files, CPxxx - CPxxx. It's basic stuff but worthwhile for its claims, these among others: 1. Most hackers are employees of the target. 2. Negligence, accidents and sloppy sys-administration are prime causes of disruptions, perhaps more than deliberate attacks. 3. Environmental weaknesses are often overlooked by security experts too focussed on computer systems. It lists these security documents as references: EO 12356 [superceded by EO 12958] DCID 1/16 [Director of Central Intelligence Directive] DoDDir 5200.28 DoD 5200.28 STD Public Law 100-235 NSA/CSS Dir 10-27 NSA/CSS Manual 130-1 (NSAM 130-1) NSA/CSS Manual 130-2 (NSAM 130-2) NSA/CSS Reg 130-2 NTISSAM COMPSEC 1-87 The Rainbow Series OMB A-130 Does anyone know of a source for the DCID series and the NSA/CSS series? Some of the others are available on the Web -- see AltaVista. While looking for these we ran across an informative implementation of infosec and compsec: Information Systems Accreditation Document, 4 Volumes System Security Requirements for the Department of Defense Intelligence Information System Automated Message Handling System (AMHS) V2.x By: McDonnell Douglas Aerospace For: Electronic Systems Center, Air Force Materiel Command Which we've put at: http://jya.com/amhs.htm From attila at primenet.com Sun Feb 2 14:27:24 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 14:27:24 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702022227.OAA03410@toad.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970202:0457 blanc said: +Yes, if the Magna Carta guaranteed a right and the forefathers fought +to secure it, why should any of us ever have to lift a finger in our +own defense. seems to me Jefferson said it took a rebellion every 20 years or so to keep democracy awake... other than presuming your answer is tongue in cheek (not elsewhere), complacency == welfare. +My contribution to this thread from the Cpunk History & Philosophy +Division: a Jewish saying from a book I glanced through of couple of +weeks ago, something like: + + "What good is it to a man who has lost his sight + that his ancestors had perfect vision." not a lot, but that does not mean he should scorn those who have managed to retain their sight. your saying is rather characteristic of the genre --best glamourized in Mad magazine. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvTfKL04kQrCC2kFAQG48gQA3LCObnHCe09r1jtV/0HbeilmKqSuP7ue lf6yScJiBHCwgm8aGT+NqjmSdvKUlTEfjV4H2zVCfoYyQEh5tMs4LnnDpd4zPL0M EBUrCdu2KBgLQpgbzP9g64cUCsq6LMGsfe7mqKaYYFIUmYJMBLsrYrLtPLPGlJ0S +LRYfJexD1s= =y085 -----END PGP SIGNATURE----- From tcmay at got.net Sun Feb 2 14:42:38 1997 From: tcmay at got.net (Timothy C. May) Date: Sun, 2 Feb 1997 14:42:38 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: A couple of people have sent me pinging messages, asking about my status on the Cypherpunks list....apparently it has taken several weeks for folks to notice my absence! :-} This may speak volumes about why I have left the list, and what the list has become..... I chose not to write a "departing flame" (or message, but some might call it a flame) when I unsubscribed several weeks ago--within an hour of reading that John and Sandy had decided to make "their" list a moderated list, by the way--as I saw little benefit. I was also fed up with things, and saw no point in wasting even more of my time arguing against the New Cypherpunks World Order, as the NCWO was clearly presented as a fait accompli, not something ablut which opinions of list members (or even list _founders_, at least not me) were being sought. It's my nature to just say "Fuck it" and leave when I feel I have overstayed my time, or things are no longer fun, or I am made to feel unwelcome. But since several people have pinged me, asking about my status, I'll take some time to say a few things. I've had access to the hks.net archive site, and/or the Singapore site, to occasionally see what was being said on the list (old habits die slowly, so I sometimes drop in to see what you people are flaming each other about...not surprisingly--in fact utterly predictably--I see vast amounts of bandwidth consumed by arguments about moderation, about the putative biases of the Moderator and Director of the New Cypherpunks World Order, about alternative moderation strategies (which is stupid, as John and Sandy announced what they were going to do, not just some of their preliminary thoughts), and so on. I've also noticed fewer substantive essays. With no false modesty I tried awfully hard to compose substantive essays on crypto-political topics, often more than one per day. (Others did too, but they seem to be tapering off as well, leaving the list to be dominated by something called a "Toto," the "O.J. was framed!" ravings of Dale Thorn, the love letters between Vulis and someone name Nurdane Oksas, and the occasional bit of crypto news. Ho hum. I'm glad I'm not reading the list in e-mail, and thus can easily avoid replying to these inanities...which would probably not be approved for reading by Sandy, so why bother anyway?) Rather than compose a traditional essay, I'll take the easy way out and list some bulleted points. * First, I don't argue that John Gilmore is unfree to do as he wishes with his machine, toad, which has been the major machine host for the Cypherpunks list. John can tell us we have to write in Pig Latin if he wishes. Much of the debate I saw in the archives was debate that missed the point about what John could and couldn't do. No one can seriously question the right of the owner of a machine, or the owner of a restaurant, etc., to set the policies he wishes. The owner of a restaurant is perfectly free--or used to be, and still is to anyone with even slightly libertarian or freedom tendencies--to set the rules of his "house." He may insist that shirts and shoes be worn, or that smoking is not allowed (or even is required, in theory), etc. He may say "All those eating in my restaurant must wear funny hats and have their costumes approved by Sandy Sandfort." This is unexceptionable. * However, anyone who disputes these rules (disputes in the sense of disliking or disagreeing with them, not legally challenging them) is free to leave. Those who don't like crowded, noisy, smoke-filled sports bars are encourgaged to leave. And so on. Again, unexceptionable. (The more complicated case of contracts, verbal or written, and "changing the rules," does not apply here. No one had a contract with John, or Sandy, or Hugh, etc., so this is not germane.) * But the really important issue is this: is the _physical hosting_ of the Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list was hosted by, say, UC Berkeley or PGP Incorporated, would we consider these hosts to be the "owners" of the Cypherpunks group? Would we think that a corporate host, say, would have the authority to direct what we could say on the list? (Again, not disputing their corporate property rights...as a libertarian, I cannot. Other issues are what I'm getting at.) * If a Boy Scout troop meets at a local church, and has for several years, continuously, would we consider the church to be the owner of the troop? Could the church insist on avoidance of certain "cuss words" and demand that prayers be said before each gathering? Certainly the church could tell the troop what policies were to be followed if the the facilities were to be used, etc., and the troop could leave if it didn't like the terms (or, in parallel with my situation, any troop member could choose to leave....). This is what we mean by "property rights": the legal right of a property owner to do with his property as he wishes, modulo prior contractual relationships, criminal laws, etc. * How did the mailing list for the group, now called Cypherpunks, get started, and how did it end up being run off of John's hardare? Hugh Daniel got the actual mailing list rolling, based on a discussion Eric Hughes, Hugh, and I had the day after the first physical meeting, in September 1992. We thought the group we had just spent the day with ought to be able to stay in touch, and that a mailing list was the right way to go. There was talk of siting it on the UC Berkeley computers (actually, the Undergraduate Association computers, a la the Cypherpunks archive site at "csua"), but Hugh thought he might be able to use "toad," and this is what happened. (I have not heard from Hugh on his views of this New and Moderated Non-Anarchic List.) * I think we should all be very grateful to John for agreeing to let it run on his hardware, but not let our gratitude turn into some sort of subservience and blather about how John "owns" the Cypherpunks group. * Again, is the "Cyherpunks community" the same as the mailing list? And is the mailing list, hosted at toad, the "property" of John Gilmore? * In my view, neither John nor Sandy in any sense "own" our group. It is a virtual community which sometimes has physical meetings at various places (including corporations, restaurants, and bookstores, none of which are even partial "owners" of the group) and which has had several instantiations on the Net, including sub-lists not connected to toad.com in any way. While John is of course free at any time to suspend his hosting of the list, I think it a serious misapprehension of the basic nature of virtual communities to accept the claim that John should decide on what is appropriate to bear the "Cypherpunks" list imprimatur and what is to be consigned to the flame list. * The mechanics of the announcement troubled me greatly. To be blunt, I was seething with anger. I was mightily annoyed to read that John had made a decision to appoint Sandy as his Moderator, with no discussion on the list. I don't know if Eric Hughes and Hugh Daniel were asked their opinions, but I certainly know I was not. I feel that as one of the two or three founders, depending on how one is counting, and as a frequent contributor to the list since its inception, and so on, I (and others) should at least have been told of this plan. Better yet, have the plans discussed on the list, as some good ideas may have been generated. I'll have more to say about my problems with how things were handled. Frankly, it smacked of the same kind of fait accompli decision John made with the unsubscribing of Vulis. While John had (and has) every legal right to do with his property as he wished, the effect was very negative. First, Vulis found other ways to post (duh). Second, the list was consumed with flames about this, many from Vulis, and many from others. Third, journalists (who love sizzle over substance any day of the week) lept into the fray with articles which gave Vulis the publicity he craved. Fourth, it sent a message to enemies of liberty that "Even the Cypherpunks have found it necessary to abandon their anarchic ways." (I'm well aware of the issues with pests like Vulis, who seek to destroy virtual communities like ours. But the solution John used did not work, and generated more crap. As you all should know, it was John himself who coined the wonderful saying, "The Net interprets censorship as damage and routes around it." A delicious irony.) * In the archives, I did see a bunch of "I support Sandy" and "John is our leader" comments from reasonable people. The obvious noise of Vulis and his cohorts like Aga made a "Do something!" attitude somewhat understandable. I don't think the decision made was a wise one, and I strongly doubt it will work to make the list a better one. * The proper solution to bad speech is more speech, not censorship. Censorship just makes opponents of "speech anarchy" happy--it affirms their basic belief that censors are needed. * "Censorship" is another overloaded term. I don't think the "Definition 1" of dictionary definitions, about _governmental_ restrictions, is the only meaningful definition. Everybody knows what it meant when we say that "Lockheed is censoring the views of employees," even though we know Lockheed is not using government power. A censor is one who censors. And even my "American Heritage Dictionary" gives this as its "definition 1": "censor n. 1. A person authorized to examine books, films, or other material and to remove or suppress morally, politically, or otherwise objectionable." (Other dictionaries of course give similar definitions. The notion that censors are confined to being government employees is a misconception.) * OK, even given that John had decided to censor "his" list, what about his choice of Sandy Sandfort as the censor? I've known Sandy for several years (I was the one who invited him to the second Cypherpunks meeting), but he's a poor choice as a censor, moderator, whatever. First, because he has so often gotten involved in protracted flame wars, such as with Vulis (remember the dozens of messages about the "bet" to bring Vulis out? I stayed out of the charade completely.), with Hallam-Baker, and with others. Second, because he has not been actively composing essays for a while, perhaps because of his job with Community Connexion. Other reasons, too. (I count Sandy as a friend, but I'm just being honest here. Sandy is just not a "Peter Neumann" (moderator of the "RISKS" list). * Nor do the announced criteria make any sense. While the inane one-line scatological insults have been filtered out, many "flames" make it through, based on what I've seen in perusing the hks archive site. And some reasonable comments get dumped in the flame bucket. * As expected, those who only want to talk about cryptography (but who rarely do, themselves, also as expected) waste bandwidth saying the "anarchist" and "libertarian" stuff ought to go in to the "rejected" list. More bandwidth wasted, as each group lobbies to have its ideological opponents censored by Sandy. * I would have had no problem had John announced that he was creating a new list, the "Good Stuff" list, with Sandy has his Chooser of Good Stuff. After all, both Eric Blossom and Ray Arachelian already offer just such lists, and more would not hurt. But by making the _main list_ the censored one, this skewed things considerably. * (Frankly, one of my considerations in leaving was the feeling that I would never know if an essay I'd spent hours composing would be rejected by Sandy for whatever reasons....maybe he might think my essay was off-topic, or used one of the Seven Deadly Words, or was "too flamish." Whatever. I realized that life is too short to have Sandy Sandfort deciding whether my essays should go out to the main list (which is really just a list like Eric Blossom's best-of list, except it is be edict now the main list) or be dumped into the flames list, to be read by a handful of people.) * Why, many reasonable people may ask, did I not simply unsubscribe from the "Cypherpunks" list and subscribe to the "Cypherpunks-Unedited) (or whatever it is called) list? Because of my overall anger with the issues raised above. The imperiousness of the decision, the notion of favoring Sandy's tastes in a more "first class" way than, say, the tastes of Eric Blossom, Ray Arachelian, or, for that matter, me. "Some censors are more equal than others." * The decision to "moderate" (censor) the Cypherpunks list is powerful ammunition to give to our opponents, and Vulis is certainly gleeful that his fondest wishes have been realized. And it won't work. People are consuming even more bandwidth arguing the merits of John's decision, the traffic is presumably being slowed down by the need for Sandy to wade through the traffic and stamp "Approved" or "Rejected" on what he glances at, and people are "testing the limits" of what they can say and what they can't say. * It also sends a message that people are incapable of filtering out bad speech, that they need a censor to do it for them. (Again, I have no problem with competing "screeners," a la having Ray, Eric, or David Sternlight filtering what they think is OK and what is not. Let a thousand filtering services bloom.) But the clear message by having Sandy censor the main list (the default list, the list name with the main name, the list we all know about, etc.) is that Cypherpunks need Big Brother to shelter them from Bad Thoughts, from Naughty Words, from Evil Flames, and from Impure Desires. Foo on that. * Psychologists might point to random reinforcement, even to the effects of terror. How many of us are likely to write controversial posts knowing that Sandy might wake up having a "bad hair day" and thus reject our posts? How many will begin to skew their opinions to match those of Sandy? (I would venture a guess that a Duncan Frissell would almost certainly get a libertarian rant past Sandy while a Phill Hallam-Baker might easily fail to get a leftist rant past him.) * Those who want "less noise" should subcontract with the filter services of their own choosing. This is the "Cypherpunk Way." Having Sandy as the censor is the easy way out. * By the way, the moderated list "RISKS" works pretty well. But it is not a _discussion_ group. It is, rather, a digest of news items related to computer and technology risks, with some discussion by various contributors, and with a long turnaround time of a few issues per week, tops. Peter Neumann also devotes a lot of time to making it run smoothly and bases part of his professional career on running it. I surmise that Sandy is not prepared to do the same. Nor would this be a good idea, as this would kill the spirit of the debate. * Had there been a debate about the policy, I can think of several approaches I'd like better. But inasmuch as John made it clear that there would be no debate (and, perhaps as part of the "problem," John has not really been a active member of the mailing list, in terms of participating in the debates), this is all moot. In any case, my several years with the list have taken a huge amount of my time. Given the way this whole thing was handled, and the way the list is degenerating even further, it looks like it's good that I'm moving on to other things. * To summarize: - the decision to censor the list was made without any discussion on the list, without any discussion with at least some of the longterm core contributors, and was presented as a "fait accompli." - while John has every right to do with his hardware as he wishes, he does not "own" the Cypherpunks group (though whether he owns the "list" is a semantically debatable point) - whatever our group once was, or still is, is not dependent on having a particular mailing list running on someone's home machine...and it cannot be claimed that any person "owns" the Cypherpunks group. - there is some talk of creating another Cypherpunks list, on other machines; I don't know whether or not this will fly, or if I'll devote any time to such lists. - the effect of censorship, such as I have seen it so far, is not producing a better list. In fact, as I would have expected, it is producing a more boring and sheltered list. And so there you have it. I had no plans to set down my views, feeling it was a waste of my time and your time. Rather than foam and rant the way some did (and Vulis must have posted 100 messages on the subject), I chose to simply make my exit, quickly. But as I have recently seen several mentions of my absence (including a particularly complimentary comment from Asgaard--thanks), I do feel I owe it to you all to explain my views. Which I have done. Have a nice year, and a nice millenium in a couple of years. --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From whgiii at amaranth.com Sun Feb 2 14:55:23 1997 From: whgiii at amaranth.com (William H. Geiger III) Date: Sun, 2 Feb 1997 14:55:23 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702021555.HAA25423@toad.com> Message-ID: <199702021659.QAA05236@mailhub.amaranth.com> X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.24 From roy at sendai.scytale.com Sun Feb 2 15:18:46 1997 From: roy at sendai.scytale.com (Roy M. Silvernail) Date: Sun, 2 Feb 1997 15:18:46 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <199702020226.SAA04649@toad.com> Message-ID: <970202.103614.3s2.rnr.w165w@sendai.scytale.com> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, toto at sk.sympatico.ca writes: >> >>>Postal Service offers $25,000 reward for stolen . . . something > Mail carriers in some areas carry keys for buildings with security > doors (sometimes Master keys). In Minneapolis and Anchorage (the two cities of which I have knowledge) mail carriers have a key that opens not only apartment-style mailboxes, but little boxes on the outside of apartment buildings that hold a key to the building's lobby. Snag one of those keys and a large portion of the city opens its doors to you. (some buildings have further locked doors beyond the mailbox lobby to counter this threat) - -- Roy M. Silvernail [ ] roy at scytale.com DNRC Minister Plenipotentiary of All Things Confusing, Software Division PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6 Key available from pubkey at scytale.com, which works now -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMvTEUxvikii9febJAQEMEwP+Ji/B1z7uYSJspTij6xH2jUn/JMXmJ7RF drUZruHZNxQv3xGHOPbf4nerDqANgYe/6DzZdrNRhP5RgYTPZp4K1gHDRLhyKAZL EriifeqlXe9X69EDCXSJr8nVSEP1XlSoI2cc9nMFyG42Mwg0Do52WdvhBbZtiM8I zKo9v+3VOqg= =O4dL -----END PGP SIGNATURE----- From whgiii at amaranth.com Sun Feb 2 15:28:24 1997 From: whgiii at amaranth.com (William H. Geiger III) Date: Sun, 2 Feb 1997 15:28:24 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702021555.HAA25423@toad.com> Message-ID: <199702021732.RAA05665@mailhub.amaranth.com> -----BEGIN PGP SIGNED MESSAGE----- In <199702021555.HAA25423 at toad.com>, on 02/02/97 at 09:34 AM, "Dr.Dimitri Vulis KOTM" said: >ichudov at algebra.com (Igor Chudov @ home) writes: >> Dr.Dimitri Vulis KOTM wrote: >> > Bill Stewart writes: >> > > On the other hand, if the "repairman" replaced your pgp executable >> > > with version 2.6.3kgb, which uses your hashed passphrase as the >> > > session key, you're hosed. Or if he installed a keystroke sniffer, >> > > or added a small radio transmitter to your keyboard, or whatever. >> > > Depends on your threat model. If you need to be paranoid, >> > > they've already gotten you.... >> > >> > If you're really paranoid, you can boot from a clean floppy and >> > reinstall everything from your backup tapes. You do have a >> > contingency plan in case your hard disk goes bad, or gets a >> > virus, don't you? Well, if you're in doubt, exercise it. >> >> And what if the repairman replaces BIOS ROM chips with KGBios? >On some computers it's possible to add executable code to the boot >sequence without replacing the actual ROM chip because they're >rewritiable. Examples: most Sun boxes; intel motherboards with 'flash >bios'. V-Communications has a nice Bios Pre-Processor for their dissasembler for anyone intrested it playing with their bios code. Most newer MB's come with Flash Bios and the software to Flash the chip is available for download from the Manufacture. I'v gone and tinkered around with the bios on a couple of my AMI motherboards. Flash bios does open the possibility for a virus infection of ones bios. I have had several intresting discussions with the AMI programmers about this. IMHO any device that has flash bios should have a jumper on the circuit board to enable/disable the flash option. I have not seen anyone that is doing this with their products. The MB bios is relativly safe as the flash process happens pre-post but considering that flash bios can be found in almost all computer prerifials the potential for harm is there. Currently on my system I have flash bios on the HD's, modem's, NIC's, & SCSI card's. All are a potential hiding spot for a virus. - -- - ----------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. Finger whgiii at amaranth.com for PGP Key and other info - ----------------------------------------------------------- Tag-O-Matic: Air conditioned environment - Do not open Windows. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Registered User E-Secure v1.1 0000000 iQCVAwUBMvUl1Y9Co1n+aLhhAQHVcAQAmlU7/gY80+0C3KTowerMkZHa1ro4A5g5 0qKRuuAO08eOmnwND16bBxOo5KKZU/2Xxydvdg2CpE4C9ga/po3QTasa+kKzpsR7 jBQxDAWauirLlJtXCnfiaYQrycxX6YoFoZanRGticT4ObRmFvT0OcqYqqL/fgXe0 oSiw02JDATQ= =S97o -----END PGP SIGNATURE----- From rah at shipwright.com Sun Feb 2 15:52:38 1997 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 2 Feb 1997 15:52:38 -0800 (PST) Subject: Electronic Funds Transfer without stealing PIN/TAN Message-ID: --- begin forwarded text Sender: e$@thumper.vmeng.com Reply-To: Rachel Willmer Mime-Version: 1.0 Precedence: Bulk Date: Sun, 2 Feb 1997 15:03:25 +0000 From: Rachel Willmer To: Multiple recipients of Subject: Electronic Funds Transfer without stealing PIN/TAN --- From RISKS digest --- Date: 1 Feb 1997 05:12:02 GMT From: weberwu at tfh-berlin.de (Debora Weber-Wulff) Subject: Electronic Funds Transfer without stealing PIN/TAN The Berlin newspaper "Tagespiegel" reports on 29 Jan 97 about a television show broadcast the previous evening on which hackers from the Chaos Computer Club demonstrated how to electronically transfer funds without needing a PIN (Personal Identification Number) or TAN (Transaction Number). Apparently it suffices for the victim to visit a site which downloads an ActiveX application, which automatically starts and checks to see if Quicken, a popular financial software package that also offers electronic funds transfer, is on the machine. If so, Quicken is given a transfer order which is saved by Quicken in its pile of pending transfer orders. The next time the victim sends off the pending transfer orders to the bank (and enters in a valid PIN and TAN for that!) all the orders (= 1 transaction) are executed -> money is transferred without the victim noticing! The newspaper quotes various officials at Microsoft et al expressing disbelief/outrage/"we're working on it". We discussed this briefly in class looking for a way to avoid the problem. Demanding a TAN for each transfer is not a solution, for one, the banks only send you 50 at a time, and many small companies pay their bills in bunches. Having to enter a TAN for each transaction would be quite time-consuming. Our only solution would be to forbid browsers from executing any ActiveX component without express authorization, but that rather circumvents part of what ActiveX is intended for. A small consolation: the transfer is trackable, that is, it can be determined at the bank to which account the money went. Some banks even include this information on the statement, but who checks every entry on their statements... Debora Weber-Wulff, Technische Fachhochschule Berlin, Luxemburger Str. 10, 13353 Berlin GERMANY weberwu at tfh-berlin.de -- Rachel Willmer, Intertrader Ltd, Cova House, 4 John's Place, Edinburgh Email: rachel at intertrader.com Tel: +44 131 555 8450 Fax: +44 131 555 8451 Sun Internet Associate and winner of 1996 SMART Award for Innovation "We develop Java Commerce Solutions" --- end forwarded text ----------------- Robert Hettinga (rah at shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "Never attribute to conspiracy what can be explained by stupidity." -- Jerry Pournelle The e$ Home Page: http://www.shipwright.com/rah/ FC97: Anguilla, anyone? http://www.ai/fc97/ From stewarts at ix.netcom.com Sun Feb 2 16:57:31 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sun, 2 Feb 1997 16:57:31 -0800 (PST) Subject: "Strong" crypto and export rule changes. In-Reply-To: <199702020956.BAA16024@toad.com> Message-ID: <3.0.1.32.19970202164850.005fdd50@popd.ix.netcom.com> At 11:55 PM 2/1/97 -0500, Adam Shostack wrote: > More seriously, that estimate is the cost of breaking DES on >custom hardware, based on Wiener's figures. Ian got RC4-40 in 3.5 >hours on I don't know how much hardware, not a lot of it custom, AFAIK. http://now.cs.berkeley.edu is the home page for the Network Of Workstations CPU farm. Mostly Suns with some recent generation of Sparc chip. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From attila at primenet.com Sun Feb 2 17:03:43 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 17:03:43 -0800 (PST) Subject: Free & Open Society & toleration In-Reply-To: <199702020418.WAA01210@einstein> Message-ID: <199702030103.SAA17931@infowest.com> -----BEGIN PGP SIGNED MESSAGE----- are you really saying we must dispose of our time honoured tradition of "the best justice money can buy..." ??? say it is not so; where would our legal system be without body trading? as for the communist/socialist ideal of work/need/want where want is suppressed --it does not work; never has, never will. even the religious orders have not made it work over time (other than by fear). on or about 970201:2218 Jim Choate said: +1. Removal of the lawyer from the ultimate choice of whether the case + should be pursued. whew, open the floodgates. free lunch. +2. The minimalization of the defendants and plaintiffs monetary + resources + by removing them from the legal system by choosing the legal + representation of both parties by lot. damn, free dinner, too. +3. By moving the responsibility of police to provide evidence from the + prosecution to the court we equalize the impact of irregularities + in evidence selection as well as minimizing the sorts of evidence + disputes which so impact some trials (ie OJ Simpson). my, we're on a roll, aren't we? +4. By the implimentation of a bond proviso on the part of the + plaintiff + the system provides a check and balance reducing nuisance cases as + well as reducing the taxation load on the citizenry. this is already a factor in the need to pay an attorney his ridiculous fees. being required to post a plaintiff's bond does nothing to equalize the rights of the have nots --most of whom seem to have unlimited resources from the dogooders anyway. Get real, Jim. it may not be the best system, but other than enforcing the principles on which it is founded, and stripping attorney privileges to a percentage of the take, the system works quite well; corruption on the bench is whose fault? ours, just like the excesses in Washington are our fault. it is _our_ failure to insist on clean, representative government and judiciary. and to convert to a pooled system for equality is not going to stop graft -it is built in to human greed. stop apathy on _our_ part, and we will stop graft. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvTltb04kQrCC2kFAQFRNAP/fJyPvrecq+GEcHygxCqtatySX81OfeaO lCCsgQ5cddvX/tLmSE7+hEN6jBoV3xHkQEbgfDm2mcJWEtGGNMMtNYZCKHrz0Y+l LKUx53PlmByg887Lsf7ta6zjYdE/0pJHtKoBC6hS/uJV3R+2YeWg5sqrsT3t/3oS W4PwmJVq6bc= =mfZQ -----END PGP SIGNATURE----- From attila at primenet.com Sun Feb 2 17:03:52 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 17:03:52 -0800 (PST) Subject: Free & Open Society & toleration In-Reply-To: <199702020201.UAA00977@einstein> Message-ID: <199702030103.SAA17943@infowest.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970201:2001 Jim Choate said: +I further hold that one of the current legal practices based on +precidence which MUST be replaced is our system dealing with +defamation. I further hold that our current system of legal +representation is inherently flawed and prevents equal representation +under the law. BULLSHIT why don't you toll the bell for freedom while you're at it, and think about 'for whom the bell tolls.' --it tolls for thee. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvTgoL04kQrCC2kFAQHeuQP8CtEQx/Rw/fLHqIx9UOfqp3QK4fQXKneV PXDiZvTi9aTLqd/8D64CgNmRizmb26NIMlEBXXt/YreucdYKSWByBkmMozKw7kxY QN3N/of1wZfqbXmJQj2+oV5dG9ieNWM3mkQw8pp79z8qa6jGYMt3xW1aqsYaweR0 Kx8zM9xm8S8= =4Hwo -----END PGP SIGNATURE----- From winsock at rigel.cyberpass.net Sun Feb 2 17:05:49 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Sun, 2 Feb 1997 17:05:49 -0800 (PST) Subject: Lucifer Message-ID: <199702030105.RAA14828@sirius.infonex.com> Deflated Vermin K`adaver'OTM has been fired for masturbating in front of his boss. o o --/-- <~\ Deflated Vermin K`adaver'OTM __\ _/\ From ichudov at algebra.com Sun Feb 2 17:14:54 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Sun, 2 Feb 1997 17:14:54 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: <199702022225.OAA03364@toad.com> Message-ID: <199702030110.TAA24381@manifold.algebra.com> jim bell wrote: > > Better yet, set up a system to encourage the public to USE those guns (and > other weapons) to get rid of the people who pass such laws, and the problem > is solved. > How about this scenario: I borrow 1 million dollars from, let's say, Phill Hallam-Baker. Not wanting to pay it back, I pay to the assassination bot and arrange him to be murdered. Another story: suppose that I negligently caused fire that destroys house of, say, Toto. Toto knows that if he sues me, I can arrange him murdered for the amount less than the amount of damages. As a result, he refrains from suing me, or (if he is a mean person) pays additional money to have me murdered. A suit would probably be a much better outcome. Another story: suppose that OKSAS hired me to work for her, but then our relationships go south and she fires me. Again, her fate is very unclear, although I would probably spare her life if it were she. The bottom line is, it becomes very hard to do ANYTHING that disappoints at least somebody. That can lead to a lot of inefficiencies. - Igor. From lucifer at dhp.com Sun Feb 2 17:18:02 1997 From: lucifer at dhp.com (lucifer Anonymous Remailer) Date: Sun, 2 Feb 1997 17:18:02 -0800 (PST) Subject: None[ANNOUNCEMENT] Secure envelopes Message-ID: <199702030117.UAA31219@dhp.com> Tim C[rook] May's aberrant sexual life has negatively impacted his mental integrity. ,,, -ooO(o o)Ooo- Tim C[rook] May (_) From nobody at huge.cajones.com Sun Feb 2 17:22:05 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Sun, 2 Feb 1997 17:22:05 -0800 (PST) Subject: [OFF-TOPIC] Newt's phone calls Message-ID: <199702030122.RAA19571@mailmasher.com> Dipshit Viscera K Of The Month will fuck anything that moves, but he'd rather be fucking his own mother's dead body. ^-^-^-@@-^-^-^ (..) Dipshit Viscera K Of The Month From oksas at asimov.montclair.edu Sun Feb 2 17:40:35 1997 From: oksas at asimov.montclair.edu (OKSAS) Date: Sun, 2 Feb 1997 17:40:35 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: <199702030110.TAA24381@manifold.algebra.com> Message-ID: On Sun, 2 Feb 1997, Igor Chudov @ home wrote: > jim bell wrote: > > > > Better yet, set up a system to encourage the public to USE those guns (and > > other weapons) to get rid of the people who pass such laws, and the problem > > is solved. > > > > How about this scenario: I borrow 1 million dollars from, let's say, > Phill Hallam-Baker. Not wanting to pay it back, I pay to the > assassination bot and arrange him to be murdered. > > Another story: suppose that I negligently caused fire that destroys > house of, say, Toto. Toto knows that if he sues me, I can arrange him > murdered for the amount less than the amount of damages. As a result, > he refrains from suing me, or (if he is a mean person) pays additional > money to have me murdered. A suit would probably be a much better outcome. > > Another story: suppose that OKSAS hired me to work for her, but then > our relationships go south and she fires me. Again, her fate is very > unclear, although I would probably spare her life if it were she. Chudov , do you love me? > > The bottom line is, it becomes very hard to do ANYTHING that disappoints > at least somebody. That can lead to a lot of inefficiencies. > > - Igor. > From blancw at cnw.com Sun Feb 2 17:51:54 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 17:51:54 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <01BC1132.60AFC420@king1-28.cnw.com> From: Attila T. Hun +Yes, if the Magna Carta guaranteed a right and the forefathers fought +to secure it, why should any of us ever have to lift a finger in our +own defense. seems to me Jefferson said it took a rebellion every 20 years or so to keep democracy awake... other than presuming your answer is tongue in cheek (not elsewhere), complacency == welfare. ......................................................... Definitely tongue-in-cheek. Just noting that if a thing has been "guaranteed", this means (by my interpretation) that it is a done deal and nothing further need be done about it - it's established and automatic. But obviously a "right", though it be a basic operant in Nature and existent as an abstract concept in some people's minds, is not recognized either naturally or formally by many. Therefore, as Jefferson remarked, we cannot depend on our forefather's vision to uphold our honor but must re-establish it as needed. .. Blanc From blancw at cnw.com Sun Feb 2 17:52:02 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 17:52:02 -0800 (PST) Subject: FW: Cyphernomicon by Tim May Message-ID: <01BC1132.6711FB80@king1-28.cnw.com> (meant to send this to the list earlier) From: Toto Personally, I could care less when people want to play footsie-games with flaming, but I think it points out the ludicrousness of having a moderator limiting people to 'childish' insults. I prefer someone screaming at me what a cocksucker I am. ................................................... Now, you know it has to do with proportion: if Jim Choate, in the course of an ADD-induced discourse on the reprehensability of libelous indiscretions, happens to let out a "Bessie", it's going to be less disconcerting than to read continuous content-less alerts consisting of nothing but declarations against your personal virtue. At the very least, the one provides some cause for educated clarification, while the other leaves nothing to say, but only to filter. However, it's 3:00 a.m. PST and Sandy's asleep right now, so if you really feel like flaming somebody uninhibitedly, now's the time to get past the flame-bot (hee-hee). = Ray Hettinga forwards these long, literate missives advertising this-or-that million dollar a plate conferences, but when he chose to insult me with his own words, the result was an immature blathering which showed questionable literary skills. ............................................. Bad, Ray - Bad! = It would be nice, however, to try to twist the rest of the list around to my own world-view. It gets lonely here in the 'rubber room' at the Home, and I could use some company. ............................................. You're at liberty to try. Why don't you start with Messrs. Jim and Jim. (but, wait - let me set up my Inbox Rules.....) .. Blanc From dthorn at gte.net Sun Feb 2 18:31:36 1997 From: dthorn at gte.net (Dale Thorn) Date: Sun, 2 Feb 1997 18:31:36 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: <199702030110.TAA24381@manifold.algebra.com> Message-ID: <32F54DB1.5D6F@gte.net> Igor Chudov @ home wrote: > jim bell wrote: > > Better yet, set up a system to encourage the public to USE those guns (and > > other weapons) to get rid of the people who pass such laws, and the problem > > is solved. > How about this scenario: I borrow 1 million dollars from, let's say, > Phill Hallam-Baker. Not wanting to pay it back, I pay to the > assassination bot and arrange him to be murdered. Igor, there's an old saying in this country: the best way to lose a friend is to lend him money. > Another story: suppose that I negligently caused fire that destroys > house of, say, Toto. Toto knows that if he sues me, I can arrange him > murdered for the amount less than the amount of damages. As a result, > he refrains from suing me, or (if he is a mean person) pays additional > money to have me murdered. A suit would probably be a much better outcome. Sometimes you have to pay a steep price for negligence, like neglecting to watch how close you get to the edge of the road on, say, Topanga Canyon or one of those (long way down). Now, since people *know* to be extra careful on the canyon roads, don't you think by the same analogy they'd be extra careful with other things when AP is running? > Another story: suppose that OKSAS hired me to work for her, but then > our relationships go south and she fires me. Again, her fate is very > unclear, although I would probably spare her life if it were she. If she does it right, with empathy, there is not likely to be a problem. On the other hand, if she bad-mouths you to prospective employers or customers you want to do business with, you might be inclined to hit her. This happens a lot when AP is not available. > The bottom line is, it becomes very hard to do ANYTHING that disappoints > at least somebody. That can lead to a lot of inefficiencies. To get rid of everyone who pisses you off, you'd have to pay a lot more money than you'll ever have, therefore not a problem. Those people who have such money are not going to bump off very many more people than they already do, because: 1. They need the people to make money off of (Mafia rule #4, never kill someone who owes you money [or is a money source]). 2. Rich people have a lot of eyes on them, and it would be easy to triangulate a series of murders to them, even without hard evidence. In an AP world, this triangulation/correlation would be enough to convince people to either shun this killer, or kill him outright. From winsock at rigel.cyberpass.net Sun Feb 2 18:32:35 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Sun, 2 Feb 1997 18:32:35 -0800 (PST) Subject: [ITAR] Key Security Question Message-ID: <199702030232.SAA19017@sirius.infonex.com> Dr.Decoy L[esbian] Vagina K[ankersore]OTM uses an Adolf Hitler action figure as a dildo. O |'| /\ | | Dr.Decoy L[esbian] Vagina K[ankersore]OTM /\ \-------| / / |-------| From winsock at rigel.cyberpass.net Sun Feb 2 18:32:41 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Sun, 2 Feb 1997 18:32:41 -0800 (PST) Subject: [DSS] overview.htm Message-ID: <199702030232.SAA19022@sirius.infonex.com> Dimitri Vehement K[arcinogen] Of The Month's wee-wee is so tiny that only his mommy is allowed to touch it. /\ \ / /\ //\\ .. //\\ Dimitri Vehement K[arcinogen] Of The Month //\(( ))/\\ / < `' > \ From winsock at rigel.cyberpass.net Sun Feb 2 18:35:21 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Sun, 2 Feb 1997 18:35:21 -0800 (PST) Subject: [FWD] Making OCR'ed code transfer easier Message-ID: <199702030235.SAA19253@sirius.infonex.com> Dopefiend Liar Villain Kondom Of The Moment will fuck anything that moves, but he'd rather be fucking his own son's prepubescent body. _ O O _ \-|-\_/-|-/ Dopefiend Liar Villain Kondom Of The Moment /^\ /^\ ^^ ^^ ^^ ^^ From dthorn at gte.net Sun Feb 2 18:49:52 1997 From: dthorn at gte.net (Dale Thorn) Date: Sun, 2 Feb 1997 18:49:52 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: <32F55207.21E5@gte.net> Timothy C. May wrote: > With no false modesty I tried awfully hard to compose > substantive essays on crypto-political topics, often more than one per day. > (Others did too, but they seem to be tapering off as well, leaving the list > to be dominated by something called a "Toto," the "O.J. was framed!" > ravings of Dale Thorn, Dale, that's me! > * To summarize: > - the decision to censor the list was made without any discussion on the > list, without any discussion with at least some of the longterm core > contributors, and was presented as a "fait accompli." > - while John has every right to do with his hardware as he wishes, he does > not "own" the Cypherpunks group (though whether he owns the "list" is a > semantically debatable point) Which is exactly the point I labored so long on while Tim May was sitting on the sidelines. > - whatever our group once was, or still is, is not dependent on having a > particular mailing list running on someone's home machine...and it cannot > be claimed that any person "owns" the Cypherpunks group. Ditto. From blancw at cnw.com Sun Feb 2 18:53:21 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 18:53:21 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <01BC113A.E314D560@king1-28.cnw.com> From: Steve Schear I sincerely doubt that many would use AP to right small slights, anymore than many now kill others for the same reasons. The world has always been inhabited by bullies and tyrants who cared little of what harm they caused others. An AP system would quickly eliminate bullies and tyrants. .................................................... Some of them. But like an infection which can be potentialy killed with antibiotics, ignoring the unhealthy conditions which made it possible to establish itself will frustrate the attempts to prevent the phenomena of its recurrence. .. Blanc From ichudov at algebra.com Sun Feb 2 18:59:43 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Sun, 2 Feb 1997 18:59:43 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: <32F54DB1.5D6F@gte.net> Message-ID: <199702030241.UAA25010@manifold.algebra.com> Dale Thorn wrote: > Igor Chudov @ home wrote: > > > How about this scenario: I borrow 1 million dollars from, let's say, > > Phill Hallam-Baker. Not wanting to pay it back, I pay to the > > assassination bot and arrange him to be murdered. > > Igor, there's an old saying in this country: the best way to lose a > friend is to lend him money. Phill, in this example, is not my friend, but a lender. > > Another story: suppose that I negligently caused fire that destroys > > house of, say, Toto. Toto knows that if he sues me, I can arrange him > > murdered for the amount less than the amount of damages. As a result, > > he refrains from suing me, or (if he is a mean person) pays additional > > money to have me murdered. A suit would probably be a much better outcome. > > Sometimes you have to pay a steep price for negligence, like neglecting > to watch how close you get to the edge of the road on, say, Topanga > Canyon or one of those (long way down). Now, since people *know* to > be extra careful on the canyon roads, don't you think by the same > analogy they'd be extra careful with other things when AP is running? Mmm, likely the result will be that Toto will be impoverished (it is an example, do not take it personally) and will not only not be able to murder me, but also will be too afraid to sue me (because I would rather pay for a cheaper assassination than to pay damages). > > Another story: suppose that OKSAS hired me to work for her, but then > > our relationships go south and she fires me. Again, her fate is very > > unclear, although I would probably spare her life if it were she. > > If she does it right, with empathy, there is not likely to be a > problem. On the other hand, if she bad-mouths you to prospective > employers or customers you want to do business with, you might be > inclined to hit her. This happens a lot when AP is not available. ... But would happen more often if it was. > > The bottom line is, it becomes very hard to do ANYTHING that disappoints > > at least somebody. That can lead to a lot of inefficiencies. > > To get rid of everyone who pisses you off, you'd have to pay a lot > more money than you'll ever have, therefore not a problem. Those Why, I will have a lot of money. > people who have such money are not going to bump off very many more > people than they already do, because: > > 1. They need the people to make money off of (Mafia rule #4, never > kill someone who owes you money [or is a money source]). This is a wrong Mafia rule, they do kill debtors who are in default. > 2. Rich people have a lot of eyes on them, and it would be easy to > triangulate a series of murders to them, even without hard evidence. > In an AP world, this triangulation/correlation would be enough to > convince people to either shun this killer, or kill him outright. When ten people make deals with each other, it becomes hard to triangulate. And it is easy, if you know what deals are done, to change the result of triangulation: suppose that I know that you borrowed 1 million from Toto, that my _and_ yours business partner had been murdered (by me, but no one knows), and I am afraid that someone will triangulate me and implicate me in that murder. I secretly order the AP bot to kill Toto, and you get implicated. Not good. - Igor. From tcmay at got.net Sun Feb 2 19:25:50 1997 From: tcmay at got.net (Timothy C. May) Date: Sun, 2 Feb 1997 19:25:50 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702030325.TAA09985@toad.com> A couple of people have sent me pinging messages, asking about my status on the Cypherpunks list....apparently it has taken several weeks for folks to notice my absence! :-} This may speak volumes about why I have left the list, and what the list has become..... I chose not to write a "departing flame" (or message, but some might call it a flame) when I unsubscribed several weeks ago--within an hour of reading that John and Sandy had decided to make "their" list a moderated list, by the way--as I saw little benefit. I was also fed up with things, and saw no point in wasting even more of my time arguing against the New Cypherpunks World Order, as the NCWO was clearly presented as a fait accompli, not something ablut which opinions of list members (or even list _founders_, at least not me) were being sought. It's my nature to just say "Fuck it" and leave when I feel I have overstayed my time, or things are no longer fun, or I am made to feel unwelcome. But since several people have pinged me, asking about my status, I'll take some time to say a few things. I've had access to the hks.net archive site, and/or the Singapore site, to occasionally see what was being said on the list (old habits die slowly, so I sometimes drop in to see what you people are flaming each other about...not surprisingly--in fact utterly predictably--I see vast amounts of bandwidth consumed by arguments about moderation, about the putative biases of the Moderator and Director of the New Cypherpunks World Order, about alternative moderation strategies (which is stupid, as John and Sandy announced what they were going to do, not just some of their preliminary thoughts), and so on. I've also noticed fewer substantive essays. With no false modesty I tried awfully hard to compose substantive essays on crypto-political topics, often more than one per day. (Others did too, but they seem to be tapering off as well, leaving the list to be dominated by something called a "Toto," the "O.J. was framed!" ravings of Dale Thorn, the love letters between Vulis and someone name Nurdane Oksas, and the occasional bit of crypto news. Ho hum. I'm glad I'm not reading the list in e-mail, and thus can easily avoid replying to these inanities...which would probably not be approved for reading by Sandy, so why bother anyway?) Rather than compose a traditional essay, I'll take the easy way out and list some bulleted points. * First, I don't argue that John Gilmore is unfree to do as he wishes with his machine, toad, which has been the major machine host for the Cypherpunks list. John can tell us we have to write in Pig Latin if he wishes. Much of the debate I saw in the archives was debate that missed the point about what John could and couldn't do. No one can seriously question the right of the owner of a machine, or the owner of a restaurant, etc., to set the policies he wishes. The owner of a restaurant is perfectly free--or used to be, and still is to anyone with even slightly libertarian or freedom tendencies--to set the rules of his "house." He may insist that shirts and shoes be worn, or that smoking is not allowed (or even is required, in theory), etc. He may say "All those eating in my restaurant must wear funny hats and have their costumes approved by Sandy Sandfort." This is unexceptionable. * However, anyone who disputes these rules (disputes in the sense of disliking or disagreeing with them, not legally challenging them) is free to leave. Those who don't like crowded, noisy, smoke-filled sports bars are encourgaged to leave. And so on. Again, unexceptionable. (The more complicated case of contracts, verbal or written, and "changing the rules," does not apply here. No one had a contract with John, or Sandy, or Hugh, etc., so this is not germane.) * But the really important issue is this: is the _physical hosting_ of the Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list was hosted by, say, UC Berkeley or PGP Incorporated, would we consider these hosts to be the "owners" of the Cypherpunks group? Would we think that a corporate host, say, would have the authority to direct what we could say on the list? (Again, not disputing their corporate property rights...as a libertarian, I cannot. Other issues are what I'm getting at.) * If a Boy Scout troop meets at a local church, and has for several years, continuously, would we consider the church to be the owner of the troop? Could the church insist on avoidance of certain "cuss words" and demand that prayers be said before each gathering? Certainly the church could tell the troop what policies were to be followed if the the facilities were to be used, etc., and the troop could leave if it didn't like the terms (or, in parallel with my situation, any troop member could choose to leave....). This is what we mean by "property rights": the legal right of a property owner to do with his property as he wishes, modulo prior contractual relationships, criminal laws, etc. * How did the mailing list for the group, now called Cypherpunks, get started, and how did it end up being run off of John's hardare? Hugh Daniel got the actual mailing list rolling, based on a discussion Eric Hughes, Hugh, and I had the day after the first physical meeting, in September 1992. We thought the group we had just spent the day with ought to be able to stay in touch, and that a mailing list was the right way to go. There was talk of siting it on the UC Berkeley computers (actually, the Undergraduate Association computers, a la the Cypherpunks archive site at "csua"), but Hugh thought he might be able to use "toad," and this is what happened. (I have not heard from Hugh on his views of this New and Moderated Non-Anarchic List.) * I think we should all be very grateful to John for agreeing to let it run on his hardware, but not let our gratitude turn into some sort of subservience and blather about how John "owns" the Cypherpunks group. * Again, is the "Cyherpunks community" the same as the mailing list? And is the mailing list, hosted at toad, the "property" of John Gilmore? * In my view, neither John nor Sandy in any sense "own" our group. It is a virtual community which sometimes has physical meetings at various places (including corporations, restaurants, and bookstores, none of which are even partial "owners" of the group) and which has had several instantiations on the Net, including sub-lists not connected to toad.com in any way. While John is of course free at any time to suspend his hosting of the list, I think it a serious misapprehension of the basic nature of virtual communities to accept the claim that John should decide on what is appropriate to bear the "Cypherpunks" list imprimatur and what is to be consigned to the flame list. * The mechanics of the announcement troubled me greatly. To be blunt, I was seething with anger. I was mightily annoyed to read that John had made a decision to appoint Sandy as his Moderator, with no discussion on the list. I don't know if Eric Hughes and Hugh Daniel were asked their opinions, but I certainly know I was not. I feel that as one of the two or three founders, depending on how one is counting, and as a frequent contributor to the list since its inception, and so on, I (and others) should at least have been told of this plan. Better yet, have the plans discussed on the list, as some good ideas may have been generated. I'll have more to say about my problems with how things were handled. Frankly, it smacked of the same kind of fait accompli decision John made with the unsubscribing of Vulis. While John had (and has) every legal right to do with his property as he wished, the effect was very negative. First, Vulis found other ways to post (duh). Second, the list was consumed with flames about this, many from Vulis, and many from others. Third, journalists (who love sizzle over substance any day of the week) lept into the fray with articles which gave Vulis the publicity he craved. Fourth, it sent a message to enemies of liberty that "Even the Cypherpunks have found it necessary to abandon their anarchic ways." (I'm well aware of the issues with pests like Vulis, who seek to destroy virtual communities like ours. But the solution John used did not work, and generated more crap. As you all should know, it was John himself who coined the wonderful saying, "The Net interprets censorship as damage and routes around it." A delicious irony.) * In the archives, I did see a bunch of "I support Sandy" and "John is our leader" comments from reasonable people. The obvious noise of Vulis and his cohorts like Aga made a "Do something!" attitude somewhat understandable. I don't think the decision made was a wise one, and I strongly doubt it will work to make the list a better one. * The proper solution to bad speech is more speech, not censorship. Censorship just makes opponents of "speech anarchy" happy--it affirms their basic belief that censors are needed. * "Censorship" is another overloaded term. I don't think the "Definition 1" of dictionary definitions, about _governmental_ restrictions, is the only meaningful definition. Everybody knows what it meant when we say that "Lockheed is censoring the views of employees," even though we know Lockheed is not using government power. A censor is one who censors. And even my "American Heritage Dictionary" gives this as its "definition 1": "censor n. 1. A person authorized to examine books, films, or other material and to remove or suppress morally, politically, or otherwise objectionable." (Other dictionaries of course give similar definitions. The notion that censors are confined to being government employees is a misconception.) * OK, even given that John had decided to censor "his" list, what about his choice of Sandy Sandfort as the censor? I've known Sandy for several years (I was the one who invited him to the second Cypherpunks meeting), but he's a poor choice as a censor, moderator, whatever. First, because he has so often gotten involved in protracted flame wars, such as with Vulis (remember the dozens of messages about the "bet" to bring Vulis out? I stayed out of the charade completely.), with Hallam-Baker, and with others. Second, because he has not been actively composing essays for a while, perhaps because of his job with Community Connexion. Other reasons, too. (I count Sandy as a friend, but I'm just being honest here. Sandy is just not a "Peter Neumann" (moderator of the "RISKS" list). * Nor do the announced criteria make any sense. While the inane one-line scatological insults have been filtered out, many "flames" make it through, based on what I've seen in perusing the hks archive site. And some reasonable comments get dumped in the flame bucket. * As expected, those who only want to talk about cryptography (but who rarely do, themselves, also as expected) waste bandwidth saying the "anarchist" and "libertarian" stuff ought to go in to the "rejected" list. More bandwidth wasted, as each group lobbies to have its ideological opponents censored by Sandy. * I would have had no problem had John announced that he was creating a new list, the "Good Stuff" list, with Sandy has his Chooser of Good Stuff. After all, both Eric Blossom and Ray Arachelian already offer just such lists, and more would not hurt. But by making the _main list_ the censored one, this skewed things considerably. * (Frankly, one of my considerations in leaving was the feeling that I would never know if an essay I'd spent hours composing would be rejected by Sandy for whatever reasons....maybe he might think my essay was off-topic, or used one of the Seven Deadly Words, or was "too flamish." Whatever. I realized that life is too short to have Sandy Sandfort deciding whether my essays should go out to the main list (which is really just a list like Eric Blossom's best-of list, except it is be edict now the main list) or be dumped into the flames list, to be read by a handful of people.) * Why, many reasonable people may ask, did I not simply unsubscribe from the "Cypherpunks" list and subscribe to the "Cypherpunks-Unedited) (or whatever it is called) list? Because of my overall anger with the issues raised above. The imperiousness of the decision, the notion of favoring Sandy's tastes in a more "first class" way than, say, the tastes of Eric Blossom, Ray Arachelian, or, for that matter, me. "Some censors are more equal than others." * The decision to "moderate" (censor) the Cypherpunks list is powerful ammunition to give to our opponents, and Vulis is certainly gleeful that his fondest wishes have been realized. And it won't work. People are consuming even more bandwidth arguing the merits of John's decision, the traffic is presumably being slowed down by the need for Sandy to wade through the traffic and stamp "Approved" or "Rejected" on what he glances at, and people are "testing the limits" of what they can say and what they can't say. * It also sends a message that people are incapable of filtering out bad speech, that they need a censor to do it for them. (Again, I have no problem with competing "screeners," a la having Ray, Eric, or David Sternlight filtering what they think is OK and what is not. Let a thousand filtering services bloom.) But the clear message by having Sandy censor the main list (the default list, the list name with the main name, the list we all know about, etc.) is that Cypherpunks need Big Brother to shelter them from Bad Thoughts, from Naughty Words, from Evil Flames, and from Impure Desires. Foo on that. * Psychologists might point to random reinforcement, even to the effects of terror. How many of us are likely to write controversial posts knowing that Sandy might wake up having a "bad hair day" and thus reject our posts? How many will begin to skew their opinions to match those of Sandy? (I would venture a guess that a Duncan Frissell would almost certainly get a libertarian rant past Sandy while a Phill Hallam-Baker might easily fail to get a leftist rant past him.) * Those who want "less noise" should subcontract with the filter services of their own choosing. This is the "Cypherpunk Way." Having Sandy as the censor is the easy way out. * By the way, the moderated list "RISKS" works pretty well. But it is not a _discussion_ group. It is, rather, a digest of news items related to computer and technology risks, with some discussion by various contributors, and with a long turnaround time of a few issues per week, tops. Peter Neumann also devotes a lot of time to making it run smoothly and bases part of his professional career on running it. I surmise that Sandy is not prepared to do the same. Nor would this be a good idea, as this would kill the spirit of the debate. * Had there been a debate about the policy, I can think of several approaches I'd like better. But inasmuch as John made it clear that there would be no debate (and, perhaps as part of the "problem," John has not really been a active member of the mailing list, in terms of participating in the debates), this is all moot. In any case, my several years with the list have taken a huge amount of my time. Given the way this whole thing was handled, and the way the list is degenerating even further, it looks like it's good that I'm moving on to other things. * To summarize: - the decision to censor the list was made without any discussion on the list, without any discussion with at least some of the longterm core contributors, and was presented as a "fait accompli." - while John has every right to do with his hardware as he wishes, he does not "own" the Cypherpunks group (though whether he owns the "list" is a semantically debatable point) - whatever our group once was, or still is, is not dependent on having a particular mailing list running on someone's home machine...and it cannot be claimed that any person "owns" the Cypherpunks group. - there is some talk of creating another Cypherpunks list, on other machines; I don't know whether or not this will fly, or if I'll devote any time to such lists. - the effect of censorship, such as I have seen it so far, is not producing a better list. In fact, as I would have expected, it is producing a more boring and sheltered list. And so there you have it. I had no plans to set down my views, feeling it was a waste of my time and your time. Rather than foam and rant the way some did (and Vulis must have posted 100 messages on the subject), I chose to simply make my exit, quickly. But as I have recently seen several mentions of my absence (including a particularly complimentary comment from Asgaard--thanks), I do feel I owe it to you all to explain my views. Which I have done. Have a nice year, and a nice millenium in a couple of years. --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From lucifer at dhp.com Sun Feb 2 19:31:17 1997 From: lucifer at dhp.com (lucifer Anonymous Remailer) Date: Sun, 2 Feb 1997 19:31:17 -0800 (PST) Subject: None[STEGO] Elliptic curves Message-ID: <199702030331.WAA06501@dhp.com> Timmy C[reep] May's 16Kb brain's single convolution is directly wired to his rectum for input and his T1 mouth for output. That's 16K bits, not bytes. Anal intercourse has caused extensive brain damage. \ o/\_ Timmy C[reep] May <\__,\ '\, | From jimbell at pacifier.com Sun Feb 2 20:26:27 1997 From: jimbell at pacifier.com (jim bell) Date: Sun, 2 Feb 1997 20:26:27 -0800 (PST) Subject: VOICE STRESS ANALYSIS Message-ID: <199702030426.UAA15221@mail.pacifier.com> Awhile back we were discussing voice-stress analysis; just got this item on the subject; he said it's okay to post it. >From: Spectre334 at aol.com >Date: Sun, 2 Feb 1997 09:31:17 -0500 (EST) >To: jimbell at pacifier.com >cc: BLAMES2778 at aol.com, AFSCA at aol.com, JLeek426 at aol.com >Subject: VOICE STRESS ANALYSIS > >MR. BELL: > >I FOUND YOUR QUERY ABOUT VOICE STRESS ANALYSIS ON THE INTERNET, AND I TOO, >HAVE FOUND A DEARTH OF INFORMATION THERE - UNTIL NOW. > >I'M PLEASED TO REPORT THAT VOICE STRESS ANALYSIS (VSA) IS ALIVE AND WELL. IT >HAS BEEN QUIETLY PERFORMING IN THE SHADOW OF THE POLYGRAPH FOR MANY YEARS. > NOW, HOWEVER, IT IS COMING INTO ITS AND IS USED IN MANY STATES TO AID IN >CRIMINAL INVESTIGATIONS AND OTHER APPLICATIONS. > >AMONG ITS OTHER BENEFITS, VSA REQUIRES NO INTIMIDATING HOOKUP TO THE >SUBJECT'S BODY, IN ORDER TO MEASURE THE LEVEL OF STRESS. IT CAN BE CONDUCTED >VIRTUALLY ANYWHERE - EVEN WHERE NO ELECTRICITY IS PRESENT. PERHAPS MOST >PERTINENT TO YOUR QUESTION, VSA CAN BE SOMETIMES PERFORMED ON PEOPLE WHO ARE >NO LONGER AROUND, THROUGH THEIR RECORDED VOICES. THIS IS CALLED "NARRATIVE >ANALYSIS" AND IS SOMEWHAT TOUGHER THAN THE BASIC QUESTION - AND -ANSWER >APPROACH, SINCE THE EXAMINER CANNOT CONTROL THE CONTENT AND SEQUENCE OF >QUESTIONS, IF THE SOURCE IS A PAST RECORDING. > >THE DIOGENES GROUP, INC., OF WHICH I AM PRESIDENT, HAS DEVELOPED A TOTALLY >DIGITAL APPROACH TO VSA, AND BEGAN DELIVERING SYSTEMS TO LAW ENFORCEMENT >AGENCIES IN DECEMBER, 1996. THE PREMIER DIOGENES VSA PRODUCT IS REDUCED TO >THE SIZE OF A NOTEBOOK COMPUTER, BUT PRODUCES REALTIME PROCESSING FOR >SOFTCOPY DISPLAY, AND HARDCOPY PRINTING WITHIN SECONDS. > >YOU MAY BE FAMILIAR WITH THE PREVIOUS STATE-OF-THE-ART, WHICH WAS A >RELATIVELY LARGE ANALOG MACHINE, USING A SINGLE CHANNEL AND PRINTING OUT THAT >DATA ON A ROLL OF THERMAL PAPER. THOSE DAYS ARE GONE FOREVER. > >IF YOU WOULD LIKE MORE INFORMATION ON THE DIOGENES GROUP AND ITS PRODUCTS, >PLEASE USE THIS CHANNEL TO SEND ME YOUR MAILING ADDRESS, PHONE NUMBER, AND >FAX NUMBER. > >THANKS FOR YOUR INTEREST IN VOICE STRESS ANALYSIS. > >SINCERELY, > >TOM > >(THOMAS F. MCGRAW) > > Jim Bell jimbell at pacifier.com From nobody at zifi.genetics.utah.edu Sun Feb 2 20:27:15 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Sun, 2 Feb 1997 20:27:15 -0800 (PST) Subject: [STATS] Dr. Denning Message-ID: <199702030427.VAA28260@zifi.genetics.utah.edu> Dr.Deceased L"amentation" Vibrator likes to be the man in the middle, getting it both up the ass and in his mouth. O |'| /\ | | Dr.Deceased L"amentation" Vibrator /\ \-------| / / |-------| From vin at shore.net Sun Feb 2 20:49:07 1997 From: vin at shore.net (Vin McLellan) Date: Sun, 2 Feb 1997 20:49:07 -0800 (PST) Subject: "Strong" crypto and export rule changes. In-Reply-To: <199702020956.BAA16024@toad.com> Message-ID: Ian popped the 40-bit RC5 (not RC4) challenge with 259 processors, almost all standard Unix college-lab workstations, as I understand it. (RC5 has a variable block size and a variable number of rounds; but the unknown plaintexts for this contest were enciphered using a declared 12-round RC5 with a 32-bit word size.) The message Ian revealed was something like: "That's why you need a longer key!!!!!" RSA posted rewards for anyone who can break a 56-bit DES challenge and/or any of 12 variable-length RC5 challenge messages. The 40-bit RC5 cipher was the least of these and was expected to fall quickly. The initial RSA announcement of the contest emphatically declared that even 56-bit-key crypto (DES or RC5) offers only "marginal protection" against a committed adversary -- which is not to in any way minimize Ian's accomplishment, or the efforts (some also successful!) of others who also tackled the 40-bit challenge. SDTI/RSA celebrated Ian's achievement enthusiastically at the RSA Security Conference in San Fran last week. Burt Kalisky, the Chief Scientist at RSA, preempted a main session at the Conference to do an on-stage telephone interview with Ian about his attack. SDTI (RSA) apparently hopes to use Ian's "timely" achievement to urge Congress to challenge the idiotic 40-bit EAR ceiling and the key-escrow contracts required to get a 56-bit export license. (The network Ian used to link his lab workstations, NOW at Berkeley, is definitely not standard, however. I think there is a description of it online; but briefly, NOW seems designed to very efficiently handle this sort of intensive distributed processing project. More important, perhaps, was the fact that Ian just chewed through the possible keys with a pure brute-force attack on the key space. His attack was not really optimized for RC5, or designed to attack any specific element in the RC5 crypto architecture.) Jim Bitzos of RSA also gave a thought-provoking thumbnail summary of the IBM Key Recovery Alliance (making a better case for it in 30 seconds than the long technical presentatations from IBM.) As Bitzos explained it, the variable key-size control allows a corporate user to communicate through encrypted links to a variety of international recipients -- dynamically adjusting the encryption mechanism to whatever varied restrictions are required by the French, German, US, UK, etc. , govenments. "It's an imperfect world," growled Bitzos -- but both users and vendors need workable mechanisms today to allow them to adapt to whatever contraints on strong encryption that are, or will be, required by the various national authorities. It's a mistake, he suggested, to think of the IBM Key Recovery Initiative soley in terms of US controls. Many governments are reacting with hostility to the availability of strong encryption -- and until the Market finds a voice and educates the political and spook cultures, commercial entities will inevitably have to adapt their work-a-day communications security to a wide variety of national crypto controls and key-length restrictions. (What I got about the IBM presentations was the realization that there is nothing in the key recovery mechanism, per se, that requires the recovery key to be held by a third party. That, to my mind, is the essential distinction between key escrow and key recovery. I also realized that IBM has, for years, quietly held a crucial piece of the PKC scheme in its patented "control vector" tech, which irrevocably binds a whole set of context-specific rules and constraints to a decryption key. I now realize that the control vector technology was the foundation much of the the DoD's Blacknet development. Important stuff -- check it out!) Like Big Jim said, it's an imperfect world -- and likely to become more so, from the C'punk perspective, before it becomes better. The rumor mill among the 2,500 cryptographers, mostly developers, who attended the RSA Conference was pumping overtime. One of the saddest and most persistent rumors was that the Clinton Administration would, within months, introduce a Congressional bill to make unescrowed strong encryption illegal in the US. (Personally, I'd put bitter money on that one. ) David Aaron, US Crypto Ambassador and the US permanent rep to the OECD -- in which role he has strove to convince the newly liberated nations of Eastern Europe that built-in wiretap links are essential design components for a modern democratic nation's communications infrastructure -- was charming and gracious... but it was no surprise that he didn't budge a bit from the "sovereign right to listen" policy line. You shouldn't have skipped the RSA bash, Adam, not even for your DCS gig in the sunny Caribbean. There were numerous Lion and the Lamb drinking bouts thoughout the week (some rather amazing, in terms of both the participants and the volume of "input".) You would have loved it. Passions often ran high, but usually in quiet intense coversations. I (one Lamb, white wool turning gray;-) had distinct impression that there many US government cryptographers uncomfortable with the Administration's NSA/FBI-inspired absolutist POV. Not even all senior feds feel that Constitutional Law should be (re)written by FBI case agents obsessed with making it easier to bust some two-bit crack dealer next month. (Doesn't mean much in the larger scheme of things, but the pained ambivalence vividly reminded me of Vietnam debates so many years ago.) My favorite quote, from a federal LEA lawyer deep in his cups: "If the colonial cops, rather than the philosophers, had drafted the Constitution -- would Madison and Jefferson, et al, have been willing to even put their names to it??" Suerte, _Vin -------- In Reply To: >Steve Schear wrote: >| > What the US government will allow to be exported is not "strong >| >encryption." It is encryption only slightly too strong to be broken >| >by an amateur effort. For the right investment in custom hardware, it >| >falls quickly. (500,000 $US = 3.5 hour avg break). >| > >| >| Considering Ian's feat you certainly seem to have had your crystal >| ball in hand. Adam Shostack responded: > I wear three around my neck. Its a new age thing. > > More seriously, that estimate is the cost of breaking DES on >custom hardware, based on Wiener's figures. Ian got RC4-40 in 3.5 >hours on I don't know how much hardware, not a lot of it custom, >AFAIK. Vin McLellan + The Privacy Guild + 53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548 From dlv at bwalk.dm.com Sun Feb 2 21:30:17 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Sun, 2 Feb 1997 21:30:17 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: Message-ID: OKSAS writes: > > On Sun, 2 Feb 1997, Igor Chudov @ home wrote: > > > jim bell wrote: > > > > > > Better yet, set up a system to encourage the public to USE those guns (an > > > other weapons) to get rid of the people who pass such laws, and the probl > > > is solved. > > > > > > > How about this scenario: I borrow 1 million dollars from, let's say, > > Phill Hallam-Baker. Not wanting to pay it back, I pay to the > > assassination bot and arrange him to be murdered. > > > > Another story: suppose that I negligently caused fire that destroys > > house of, say, Toto. Toto knows that if he sues me, I can arrange him > > murdered for the amount less than the amount of damages. As a result, > > he refrains from suing me, or (if he is a mean person) pays additional > > money to have me murdered. A suit would probably be a much better outcome. > > > > Another story: suppose that OKSAS hired me to work for her, but then > > our relationships go south and she fires me. Again, her fate is very > > unclear, although I would probably spare her life if it were she. > > Chudov , do you love me? Oksas, do you really believe in long-distance romance over the Internet? --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From whgiii at amaranth.com Sun Feb 2 22:10:41 1997 From: whgiii at amaranth.com (William H. Geiger III) Date: Sun, 2 Feb 1997 22:10:41 -0800 (PST) Subject: Key Security Question Message-ID: <199702030610.WAA14061@toad.com> X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.24 From stewarts at ix.netcom.com Sun Feb 2 22:10:56 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Sun, 2 Feb 1997 22:10:56 -0800 (PST) Subject: "Strong" crypto and export rule changes. Message-ID: <199702030610.WAA14116@toad.com> At 11:55 PM 2/1/97 -0500, Adam Shostack wrote: > More seriously, that estimate is the cost of breaking DES on >custom hardware, based on Wiener's figures. Ian got RC4-40 in 3.5 >hours on I don't know how much hardware, not a lot of it custom, AFAIK. http://now.cs.berkeley.edu is the home page for the Network Of Workstations CPU farm. Mostly Suns with some recent generation of Sparc chip. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From blancw at cnw.com Sun Feb 2 22:11:23 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 22:11:23 -0800 (PST) Subject: Fighting the cybercensor Message-ID: <199702030611.WAA14240@toad.com> From: Steve Schear I sincerely doubt that many would use AP to right small slights, anymore than many now kill others for the same reasons. The world has always been inhabited by bullies and tyrants who cared little of what harm they caused others. An AP system would quickly eliminate bullies and tyrants. .................................................... Some of them. But like an infection which can be potentialy killed with antibiotics, ignoring the unhealthy conditions which made it possible to establish itself will frustrate the attempts to prevent the phenomena of its recurrence. .. Blanc From ichudov at algebra.com Sun Feb 2 22:11:24 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Sun, 2 Feb 1997 22:11:24 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702030611.WAA14241@toad.com> jim bell wrote: > > Better yet, set up a system to encourage the public to USE those guns (and > other weapons) to get rid of the people who pass such laws, and the problem > is solved. > How about this scenario: I borrow 1 million dollars from, let's say, Phill Hallam-Baker. Not wanting to pay it back, I pay to the assassination bot and arrange him to be murdered. Another story: suppose that I negligently caused fire that destroys house of, say, Toto. Toto knows that if he sues me, I can arrange him murdered for the amount less than the amount of damages. As a result, he refrains from suing me, or (if he is a mean person) pays additional money to have me murdered. A suit would probably be a much better outcome. Another story: suppose that OKSAS hired me to work for her, but then our relationships go south and she fires me. Again, her fate is very unclear, although I would probably spare her life if it were she. The bottom line is, it becomes very hard to do ANYTHING that disappoints at least somebody. That can lead to a lot of inefficiencies. - Igor. From dthorn at gte.net Sun Feb 2 22:11:32 1997 From: dthorn at gte.net (Dale Thorn) Date: Sun, 2 Feb 1997 22:11:32 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702030611.WAA14254@toad.com> Timothy C. May wrote: > With no false modesty I tried awfully hard to compose > substantive essays on crypto-political topics, often more than one per day. > (Others did too, but they seem to be tapering off as well, leaving the list > to be dominated by something called a "Toto," the "O.J. was framed!" > ravings of Dale Thorn, Dale, that's me! > * To summarize: > - the decision to censor the list was made without any discussion on the > list, without any discussion with at least some of the longterm core > contributors, and was presented as a "fait accompli." > - while John has every right to do with his hardware as he wishes, he does > not "own" the Cypherpunks group (though whether he owns the "list" is a > semantically debatable point) Which is exactly the point I labored so long on while Tim May was sitting on the sidelines. > - whatever our group once was, or still is, is not dependent on having a > particular mailing list running on someone's home machine...and it cannot > be claimed that any person "owns" the Cypherpunks group. Ditto. From attila at primenet.com Sun Feb 2 22:11:34 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 22:11:34 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702030611.WAA14255@toad.com> -----BEGIN PGP SIGNED MESSAGE----- are you really saying we must dispose of our time honoured tradition of "the best justice money can buy..." ??? say it is not so; where would our legal system be without body trading? as for the communist/socialist ideal of work/need/want where want is suppressed --it does not work; never has, never will. even the religious orders have not made it work over time (other than by fear). on or about 970201:2218 Jim Choate said: +1. Removal of the lawyer from the ultimate choice of whether the case + should be pursued. whew, open the floodgates. free lunch. +2. The minimalization of the defendants and plaintiffs monetary + resources + by removing them from the legal system by choosing the legal + representation of both parties by lot. damn, free dinner, too. +3. By moving the responsibility of police to provide evidence from the + prosecution to the court we equalize the impact of irregularities + in evidence selection as well as minimizing the sorts of evidence + disputes which so impact some trials (ie OJ Simpson). my, we're on a roll, aren't we? +4. By the implimentation of a bond proviso on the part of the + plaintiff + the system provides a check and balance reducing nuisance cases as + well as reducing the taxation load on the citizenry. this is already a factor in the need to pay an attorney his ridiculous fees. being required to post a plaintiff's bond does nothing to equalize the rights of the have nots --most of whom seem to have unlimited resources from the dogooders anyway. Get real, Jim. it may not be the best system, but other than enforcing the principles on which it is founded, and stripping attorney privileges to a percentage of the take, the system works quite well; corruption on the bench is whose fault? ours, just like the excesses in Washington are our fault. it is _our_ failure to insist on clean, representative government and judiciary. and to convert to a pooled system for equality is not going to stop graft -it is built in to human greed. stop apathy on _our_ part, and we will stop graft. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvTltb04kQrCC2kFAQFRNAP/fJyPvrecq+GEcHygxCqtatySX81OfeaO lCCsgQ5cddvX/tLmSE7+hEN6jBoV3xHkQEbgfDm2mcJWEtGGNMMtNYZCKHrz0Y+l LKUx53PlmByg887Lsf7ta6zjYdE/0pJHtKoBC6hS/uJV3R+2YeWg5sqrsT3t/3oS W4PwmJVq6bc= =mfZQ -----END PGP SIGNATURE----- From sandfort at crl.com Sun Feb 2 22:11:37 1997 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 2 Feb 1997 22:11:37 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Where to begin? Tim May has taken the time to write broad and thought provoking essay on this list's current moderation experiment. I appreciate his analysis--and candor. While I do not agree with all he has written, I enormously respect his dedication to his point of view. On Sun, 2 Feb 1997, Timothy C. May wrote: > I chose not to write a "departing flame" (or message, but some might call > it a flame) when I unsubscribed several weeks ago--within an hour of > reading that John and Sandy had decided to make "their" list a moderated > list,... This is Tim's first error of fact. I point it out not to insult him, but because it seriously affects much of the rest of his analysis. We are conducting an experiment. It will last one month. After that, it's over if list members want it to be over. If, on the other hand, moderation is seen by the list members as beneficial to their use and enjoyment of the list, the current form of moderation--or some variation will continue. > ...and saw no point in wasting even more of my time arguing against the New > Cypherpunks World Order, as the NCWO was clearly presented as a fait > accompli, not something ablut which opinions of list members (or even list > _founders_, at least not me) were being sought. Factual error #2. There was a call for comment; Tim chose not to do so. In retrospect, I wish we had run it by Tim, Eric and Hugh in more detail before making the annoucement, but we didn't. Certainly a tactical error and a breach of protocol, but not the end of the world. Sorry Tim. I should have spoken to you first. > I see vast amounts of bandwidth consumed by arguments about > moderation, about the putative biases of the Moderator and Director of the > New Cypherpunks World Order, about alternative moderation strategies (which > is stupid, as John and Sandy announced what they were going to do, not just > some of their preliminary thoughts), and so on. I've also noticed fewer > substantive essays. And I see something different. Since previously, Tim actively filter the list, I'm not sure on what basis he can make his comparison. As just one example (though a signicant one) Dimitri has posted more non-flaming, on-topic posts during the two weeks of this experiment then in the previous several months. In my opinion, other than for the hysterical posts of a very few self-righteous loudmouths, the overall quality of the posts has been far superior to what it had become in the weeks before the experiment began. YMMV. > With no false modesty I tried awfully hard to compose substantive > essays on crypto-political topics, often more than one per day. I would hope that Tim will return to this practice irrespective of whether the list remains moderated or returns to its previous policies. More on this, below. > (Others did too, but they seem to be tapering off as well, leaving the list > to be dominated by something called a "Toto," the "O.J. was framed!" > ravings of Dale Thorn, the love letters between Vulis and someone name > Nurdane Oksas,... Two points: Since Tim largely agrees with those in opposition to moderation, and because of the extraordinary nature of Tim's post, I did not send it to the "flames" list. It was a judgment call. The problems Tim describes, did not arise with moderation. Indeed, they were the imputus for the moderation. > * But the really important issue is this: is the _physical hosting_ of the > Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list > was hosted by, say, UC Berkeley or PGP Incorporated, would we consider > these hosts to be the "owners" of the Cypherpunks group?... I think this is a Straw Man. John and I have never argued that John "owns" cypherpunks. When a Cypherpunk meeting is held in someone's living room, however, I don't think it's asking to much to ask everyone to follow the local rules (e.g., "no shoes in the house" or "no smoking" or even "no ad hominem attacks"). As Tim is fond of saying, "my house; my rules." I don't think this means Tim "owns" a physical meeting in his house. > While John had (and has) every legal right > to do with his property as he wished, the effect was very negative. First, > Vulis found other ways to post (duh). Tim, do you really believe that John did not anticipate this? > Second, the list was consumed with > flames about this, many from Vulis, and many from others. It was consumed with flames before. Now, at least, the vast majority of folks on the list don't have to read them, nor jump through any hoops to implement some sort of dynamic filtering half-measure. > Third, journalists (who love sizzle over substance any day of > the week) lept into the fray with articles which gave Vulis the > publicity he craved. That's what journalist do, though I wasn't aware of ANY articles on this issue. I would appreciate it if Tim could give us some citations. > Fourth, it sent a message to enemies of liberty that "Even the > Cypherpunks have found it necessary to abandon their anarchic > ways." That's one message that one could take from all this, I suppose. I don't see it that way, nor do several list members who thanked me in private e-mail for improving the list. Again, YMMV. > (I'm well aware of the issues with pests like Vulis, who seek to destroy > virtual communities like ours. But the solution John used did not work, and > generated more crap.... What didn't work was "local filtering" which has no feed-back loop to engender comity. This might not work either, but I see no evidence that it has made things worse. Remember, there are a hand-full of subscribers to the Flames list, 20-30 on the Unedited list and *2000* or so on the Moderated list. Sure some of that may be due to laziness, but it would be cavalier in the extreme to claim that such an overwhelming acceptance of moderation is merely an artifact of inertia. But to make things perfectly clear one more time, ANYONE WHO WANTS TO READ THE ENTIRE CYPHERPUNKS FEED SHOULD SUBSCRIBE TO "CYPHERPUNKS-UNEDITED" AND/OR "CYPHERPUNK-FLAMES." > * "Censorship" is another overloaded term. I don't think the "Definition 1" > of dictionary definitions, about _governmental_ restrictions, is the only > meaningful definition. Everybody knows what it meant when we say that > "Lockheed is censoring the views of employees," even though we know > Lockheed is not using government power. A censor is one who censors. And > even my "American Heritage Dictionary" gives this as its "definition 1": > > "censor n. 1. A person authorized to examine books, films, or other > material and to remove or suppress morally, politically, or otherwise > objectionable." Tim and I disagree on which definition of "censorship" applies in this situation. Dale Thorne, and others, have argued, in essence, that there is censorship if ANY definition would apply. I'm not sure time is going that far, but if so, I respectfully disagree. But let's apply Tim's above definition for the sake of argument. Am I, thereby, a censor? Well I am examining "other material" and I am making judgments with regard to whether or not it is "objectionable," unfortunately for Tim's argument, I am neither "removing" nor "supressing" anything. Anybody can read anything that gets posted to Cypherpunks--in two places. I am sorting, but even my sorting can be completely avoided. > * OK, even given that John had decided to censor "his" list, what about his > choice of Sandy Sandfort as the censor? John didn't choose me, I approached him. I offered my opinion as to what I thought HE ought to do about the list disruptions. The short version of his answer was, "if you think you can do a better job, go for it." I accepted the challenge, so here I am. I don't want this job. If the list members decide to keep the list moderated, I hope to keep my involvement as a moderator to a minimum. Any volunteers? > * Nor do the announced criteria make any sense. While the inane one-line > scatological insults have been filtered out, many "flames" make it through, > based on what I've seen in perusing the hks archive site. And some > reasonable comments get dumped in the flame bucket. Very possibly true. Moderation is like crypto, perfection isn't and option. However, a 90% solution is a heck of a lot better than no solution at all. Yes, I've made what I consider to be errors, but I think on some, I've done a very good job overall. > * (Frankly, one of my considerations in leaving was the feeling that I > would never know if an essay I'd spent hours composing would be rejected by > Sandy for whatever reasons.... Tim, I think this is disingenuous. I have been quite clear on my moderation criteria. You are too intelligent to feign such a lack of understanding. > maybe he might think my essay was off-topic, Clearly not a criterion I ever enunciated. > or used one of the Seven Deadly Words, Clearly not a criterion I ever enunciated. >or was "too flamish." Bingo (with the proviso that it be a personal attack on a list member as opposed to the substance of his or her argument). > * The decision to "moderate" (censor) the Cypherpunks list is powerful > ammunition to give to our opponents, Piffle. Letting spoiled children destroy the list puts a far more powerful weapon in the hands of our enemies. > and Vulis is certainly gleeful that > his fondest wishes have been realized. I do not have a crystal ball. My Vulcan mind meld is in the shop. No one--neither Tim, nor I, nor probably even Vulis--knows whether is gleeful about all this or not. An frankly, who cares? The question is, are list members happy or not with moderation. Tim was not. I am. By the end of the experiment, I dare say we will have a good idea what most list members think. > (I would venture a guess that a Duncan Frissell would almost certainly get a > libertarian rant past Sandy while a Phill Hallam-Baker might easily fail to > get a leftist rant past him.) I sorry Tim gives me so little credit. Rather than merely post a self-serving denial, I would ask that Phill confirm or deny Tim's supposition. To the best of my recollection, I have sent only one post of Phill's to the Flames list. It flamed Jim Bell. As far as moderating political rants go, I'm agnostic. Look folks, when you stop trying new things, and stop questioning conventional wisdom, you are as good as dead. Maybe moderation is the best think since sliced bread; maybe it sucks. How about we give it a good-faith try for the next 2+ weeks and see how it goes? If the consensus is it sucks, I intend to be gracious in defeat. If it goes the other way, I hope that the neighsayers will accept it and let the list get on with its role as a forum for the protection of privacy. Thanks again, Tim, for sharing your views with us. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From roy at sendai.scytale.com Sun Feb 2 22:12:57 1997 From: roy at sendai.scytale.com (Roy M. Silvernail) Date: Sun, 2 Feb 1997 22:12:57 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702030612.WAA14298@toad.com> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, toto at sk.sympatico.ca writes: >> >>>Postal Service offers $25,000 reward for stolen . . . something > Mail carriers in some areas carry keys for buildings with security > doors (sometimes Master keys). In Minneapolis and Anchorage (the two cities of which I have knowledge) mail carriers have a key that opens not only apartment-style mailboxes, but little boxes on the outside of apartment buildings that hold a key to the building's lobby. Snag one of those keys and a large portion of the city opens its doors to you. (some buildings have further locked doors beyond the mailbox lobby to counter this threat) - -- Roy M. Silvernail [ ] roy at scytale.com DNRC Minister Plenipotentiary of All Things Confusing, Software Division PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6 Key available from pubkey at scytale.com, which works now -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMvTEUxvikii9febJAQEMEwP+Ji/B1z7uYSJspTij6xH2jUn/JMXmJ7RF drUZruHZNxQv3xGHOPbf4nerDqANgYe/6DzZdrNRhP5RgYTPZp4K1gHDRLhyKAZL EriifeqlXe9X69EDCXSJr8nVSEP1XlSoI2cc9nMFyG42Mwg0Do52WdvhBbZtiM8I zKo9v+3VOqg= =O4dL -----END PGP SIGNATURE----- From attila at primenet.com Sun Feb 2 22:12:59 1997 From: attila at primenet.com (Attila T. Hun) Date: Sun, 2 Feb 1997 22:12:59 -0800 (PST) Subject: Free & Open Society & toleration Message-ID: <199702030612.WAA14299@toad.com> -----BEGIN PGP SIGNED MESSAGE----- on or about 970201:2001 Jim Choate said: +I further hold that one of the current legal practices based on +precidence which MUST be replaced is our system dealing with +defamation. I further hold that our current system of legal +representation is inherently flawed and prevents equal representation +under the law. BULLSHIT why don't you toll the bell for freedom while you're at it, and think about 'for whom the bell tolls.' --it tolls for thee. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: latin1 Comment: Encrypted with 2.6.3i. Requires 2.6 or later. iQCVAwUBMvTgoL04kQrCC2kFAQHeuQP8CtEQx/Rw/fLHqIx9UOfqp3QK4fQXKneV PXDiZvTi9aTLqd/8D64CgNmRizmb26NIMlEBXXt/YreucdYKSWByBkmMozKw7kxY QN3N/of1wZfqbXmJQj2+oV5dG9ieNWM3mkQw8pp79z8qa6jGYMt3xW1aqsYaweR0 Kx8zM9xm8S8= =4Hwo -----END PGP SIGNATURE----- From rgm3 at chrysler.com Sun Feb 2 22:12:59 1997 From: rgm3 at chrysler.com (Robert Moskowitz) Date: Sun, 2 Feb 1997 22:12:59 -0800 (PST) Subject: Reminder: Release 0.4 of my Linux IPSEC code is out. Message-ID: <199702030612.WAA14304@toad.com> At 09:29 AM 1/29/97 +0200, John Ioannidis wrote: > >Please note that in some countries such as the USA, it is unlawful for a >citizen of that country to provide technical assistance "with the intent to >aid a foreign person in the development or manufacture outside the United >States" of >"Encryption Items". I think there is a partial 'out'. If a US company is attempting to interoperate with your code and fails, they can point to the part of a public specification related to the failure. Such as our implementations failed to interoperate related to section n.m.o of rfc wxyz. But I am not a lawyer, only heard this explaination 3rd hand from a lawyer. Robert Moskowitz Chrysler Corporation (810) 758-8212 From blancw at cnw.com Sun Feb 2 22:13:10 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 22:13:10 -0800 (PST) Subject: FW: Cyphernomicon by Tim May Message-ID: <199702030613.WAA14330@toad.com> (meant to send this to the list earlier) From: Toto Personally, I could care less when people want to play footsie-games with flaming, but I think it points out the ludicrousness of having a moderator limiting people to 'childish' insults. I prefer someone screaming at me what a cocksucker I am. ................................................... Now, you know it has to do with proportion: if Jim Choate, in the course of an ADD-induced discourse on the reprehensability of libelous indiscretions, happens to let out a "Bessie", it's going to be less disconcerting than to read continuous content-less alerts consisting of nothing but declarations against your personal virtue. At the very least, the one provides some cause for educated clarification, while the other leaves nothing to say, but only to filter. However, it's 3:00 a.m. PST and Sandy's asleep right now, so if you really feel like flaming somebody uninhibitedly, now's the time to get past the flame-bot (hee-hee). = Ray Hettinga forwards these long, literate missives advertising this-or-that million dollar a plate conferences, but when he chose to insult me with his own words, the result was an immature blathering which showed questionable literary skills. ............................................. Bad, Ray - Bad! = It would be nice, however, to try to twist the rest of the list around to my own world-view. It gets lonely here in the 'rubber room' at the Home, and I could use some company. ............................................. You're at liberty to try. Why don't you start with Messrs. Jim and Jim. (but, wait - let me set up my Inbox Rules.....) .. Blanc From dthorn at gte.net Sun Feb 2 22:13:11 1997 From: dthorn at gte.net (Dale Thorn) Date: Sun, 2 Feb 1997 22:13:11 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702030613.WAA14331@toad.com> Igor Chudov @ home wrote: > jim bell wrote: > > Better yet, set up a system to encourage the public to USE those guns (and > > other weapons) to get rid of the people who pass such laws, and the problem > > is solved. > How about this scenario: I borrow 1 million dollars from, let's say, > Phill Hallam-Baker. Not wanting to pay it back, I pay to the > assassination bot and arrange him to be murdered. Igor, there's an old saying in this country: the best way to lose a friend is to lend him money. > Another story: suppose that I negligently caused fire that destroys > house of, say, Toto. Toto knows that if he sues me, I can arrange him > murdered for the amount less than the amount of damages. As a result, > he refrains from suing me, or (if he is a mean person) pays additional > money to have me murdered. A suit would probably be a much better outcome. Sometimes you have to pay a steep price for negligence, like neglecting to watch how close you get to the edge of the road on, say, Topanga Canyon or one of those (long way down). Now, since people *know* to be extra careful on the canyon roads, don't you think by the same analogy they'd be extra careful with other things when AP is running? > Another story: suppose that OKSAS hired me to work for her, but then > our relationships go south and she fires me. Again, her fate is very > unclear, although I would probably spare her life if it were she. If she does it right, with empathy, there is not likely to be a problem. On the other hand, if she bad-mouths you to prospective employers or customers you want to do business with, you might be inclined to hit her. This happens a lot when AP is not available. > The bottom line is, it becomes very hard to do ANYTHING that disappoints > at least somebody. That can lead to a lot of inefficiencies. To get rid of everyone who pisses you off, you'd have to pay a lot more money than you'll ever have, therefore not a problem. Those people who have such money are not going to bump off very many more people than they already do, because: 1. They need the people to make money off of (Mafia rule #4, never kill someone who owes you money [or is a money source]). 2. Rich people have a lot of eyes on them, and it would be easy to triangulate a series of murders to them, even without hard evidence. In an AP world, this triangulation/correlation would be enough to convince people to either shun this killer, or kill him outright. From rah at shipwright.com Sun Feb 2 22:13:13 1997 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 2 Feb 1997 22:13:13 -0800 (PST) Subject: Electronic Funds Transfer without stealing PIN/TAN Message-ID: <199702030613.WAA14332@toad.com> --- begin forwarded text Sender: e$@thumper.vmeng.com Reply-To: Rachel Willmer Mime-Version: 1.0 Precedence: Bulk Date: Sun, 2 Feb 1997 15:03:25 +0000 From: Rachel Willmer To: Multiple recipients of Subject: Electronic Funds Transfer without stealing PIN/TAN --- From RISKS digest --- Date: 1 Feb 1997 05:12:02 GMT From: weberwu at tfh-berlin.de (Debora Weber-Wulff) Subject: Electronic Funds Transfer without stealing PIN/TAN The Berlin newspaper "Tagespiegel" reports on 29 Jan 97 about a television show broadcast the previous evening on which hackers from the Chaos Computer Club demonstrated how to electronically transfer funds without needing a PIN (Personal Identification Number) or TAN (Transaction Number). Apparently it suffices for the victim to visit a site which downloads an ActiveX application, which automatically starts and checks to see if Quicken, a popular financial software package that also offers electronic funds transfer, is on the machine. If so, Quicken is given a transfer order which is saved by Quicken in its pile of pending transfer orders. The next time the victim sends off the pending transfer orders to the bank (and enters in a valid PIN and TAN for that!) all the orders (= 1 transaction) are executed -> money is transferred without the victim noticing! The newspaper quotes various officials at Microsoft et al expressing disbelief/outrage/"we're working on it". We discussed this briefly in class looking for a way to avoid the problem. Demanding a TAN for each transfer is not a solution, for one, the banks only send you 50 at a time, and many small companies pay their bills in bunches. Having to enter a TAN for each transaction would be quite time-consuming. Our only solution would be to forbid browsers from executing any ActiveX component without express authorization, but that rather circumvents part of what ActiveX is intended for. A small consolation: the transfer is trackable, that is, it can be determined at the bank to which account the money went. Some banks even include this information on the statement, but who checks every entry on their statements... Debora Weber-Wulff, Technische Fachhochschule Berlin, Luxemburger Str. 10, 13353 Berlin GERMANY weberwu at tfh-berlin.de -- Rachel Willmer, Intertrader Ltd, Cova House, 4 John's Place, Edinburgh Email: rachel at intertrader.com Tel: +44 131 555 8450 Fax: +44 131 555 8451 Sun Internet Associate and winner of 1996 SMART Award for Innovation "We develop Java Commerce Solutions" --- end forwarded text ----------------- Robert Hettinga (rah at shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "Never attribute to conspiracy what can be explained by stupidity." -- Jerry Pournelle The e$ Home Page: http://www.shipwright.com/rah/ FC97: Anguilla, anyone? http://www.ai/fc97/ From ichudov at algebra.com Sun Feb 2 22:13:14 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Sun, 2 Feb 1997 22:13:14 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702030613.WAA14333@toad.com> Dale Thorn wrote: > Igor Chudov @ home wrote: > > > How about this scenario: I borrow 1 million dollars from, let's say, > > Phill Hallam-Baker. Not wanting to pay it back, I pay to the > > assassination bot and arrange him to be murdered. > > Igor, there's an old saying in this country: the best way to lose a > friend is to lend him money. Phill, in this example, is not my friend, but a lender. > > Another story: suppose that I negligently caused fire that destroys > > house of, say, Toto. Toto knows that if he sues me, I can arrange him > > murdered for the amount less than the amount of damages. As a result, > > he refrains from suing me, or (if he is a mean person) pays additional > > money to have me murdered. A suit would probably be a much better outcome. > > Sometimes you have to pay a steep price for negligence, like neglecting > to watch how close you get to the edge of the road on, say, Topanga > Canyon or one of those (long way down). Now, since people *know* to > be extra careful on the canyon roads, don't you think by the same > analogy they'd be extra careful with other things when AP is running? Mmm, likely the result will be that Toto will be impoverished (it is an example, do not take it personally) and will not only not be able to murder me, but also will be too afraid to sue me (because I would rather pay for a cheaper assassination than to pay damages). > > Another story: suppose that OKSAS hired me to work for her, but then > > our relationships go south and she fires me. Again, her fate is very > > unclear, although I would probably spare her life if it were she. > > If she does it right, with empathy, there is not likely to be a > problem. On the other hand, if she bad-mouths you to prospective > employers or customers you want to do business with, you might be > inclined to hit her. This happens a lot when AP is not available. ... But would happen more often if it was. > > The bottom line is, it becomes very hard to do ANYTHING that disappoints > > at least somebody. That can lead to a lot of inefficiencies. > > To get rid of everyone who pisses you off, you'd have to pay a lot > more money than you'll ever have, therefore not a problem. Those Why, I will have a lot of money. > people who have such money are not going to bump off very many more > people than they already do, because: > > 1. They need the people to make money off of (Mafia rule #4, never > kill someone who owes you money [or is a money source]). This is a wrong Mafia rule, they do kill debtors who are in default. > 2. Rich people have a lot of eyes on them, and it would be easy to > triangulate a series of murders to them, even without hard evidence. > In an AP world, this triangulation/correlation would be enough to > convince people to either shun this killer, or kill him outright. When ten people make deals with each other, it becomes hard to triangulate. And it is easy, if you know what deals are done, to change the result of triangulation: suppose that I know that you borrowed 1 million from Toto, that my _and_ yours business partner had been murdered (by me, but no one knows), and I am afraid that someone will triangulate me and implicate me in that murder. I secretly order the AP bot to kill Toto, and you get implicated. Not good. - Igor. From sandfort at crl.com Sun Feb 2 22:14:40 1997 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 2 Feb 1997 22:14:40 -0800 (PST) Subject: "Secret" Postal Device stolen In-Reply-To: <970202.103614.3s2.rnr.w165w@sendai.scytale.com> Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Sun, 2 Feb 1997, Roy M. Silvernail wrote: > In Minneapolis and Anchorage (the two cities of which I have knowledge) > mail carriers have a key that opens not only apartment-style mailboxes, > but little boxes on the outside of apartment buildings that hold a key > to the building's lobby. Snag one of those keys and a large portion of > the city opens its doors to you. (some buildings have further locked > doors beyond the mailbox lobby to counter this threat) So much for key escrow. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From whgiii at amaranth.com Sun Feb 2 22:14:55 1997 From: whgiii at amaranth.com (William H. Geiger III) Date: Sun, 2 Feb 1997 22:14:55 -0800 (PST) Subject: Key Security Question Message-ID: <199702030614.WAA14344@toad.com> -----BEGIN PGP SIGNED MESSAGE----- In <199702021555.HAA25423 at toad.com>, on 02/02/97 at 09:34 AM, "Dr.Dimitri Vulis KOTM" said: >ichudov at algebra.com (Igor Chudov @ home) writes: >> Dr.Dimitri Vulis KOTM wrote: >> > Bill Stewart writes: >> > > On the other hand, if the "repairman" replaced your pgp executable >> > > with version 2.6.3kgb, which uses your hashed passphrase as the >> > > session key, you're hosed. Or if he installed a keystroke sniffer, >> > > or added a small radio transmitter to your keyboard, or whatever. >> > > Depends on your threat model. If you need to be paranoid, >> > > they've already gotten you.... >> > >> > If you're really paranoid, you can boot from a clean floppy and >> > reinstall everything from your backup tapes. You do have a >> > contingency plan in case your hard disk goes bad, or gets a >> > virus, don't you? Well, if you're in doubt, exercise it. >> >> And what if the repairman replaces BIOS ROM chips with KGBios? >On some computers it's possible to add executable code to the boot >sequence without replacing the actual ROM chip because they're >rewritiable. Examples: most Sun boxes; intel motherboards with 'flash >bios'. V-Communications has a nice Bios Pre-Processor for their dissasembler for anyone intrested it playing with their bios code. Most newer MB's come with Flash Bios and the software to Flash the chip is available for download from the Manufacture. I'v gone and tinkered around with the bios on a couple of my AMI motherboards. Flash bios does open the possibility for a virus infection of ones bios. I have had several intresting discussions with the AMI programmers about this. IMHO any device that has flash bios should have a jumper on the circuit board to enable/disable the flash option. I have not seen anyone that is doing this with their products. The MB bios is relativly safe as the flash process happens pre-post but considering that flash bios can be found in almost all computer prerifials the potential for harm is there. Currently on my system I have flash bios on the HD's, modem's, NIC's, & SCSI card's. All are a potential hiding spot for a virus. - -- - ----------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. Finger whgiii at amaranth.com for PGP Key and other info - ----------------------------------------------------------- Tag-O-Matic: Air conditioned environment - Do not open Windows. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Registered User E-Secure v1.1 0000000 iQCVAwUBMvUl1Y9Co1n+aLhhAQHVcAQAmlU7/gY80+0C3KTowerMkZHa1ro4A5g5 0qKRuuAO08eOmnwND16bBxOo5KKZU/2Xxydvdg2CpE4C9ga/po3QTasa+kKzpsR7 jBQxDAWauirLlJtXCnfiaYQrycxX6YoFoZanRGticT4ObRmFvT0OcqYqqL/fgXe0 oSiw02JDATQ= =S97o -----END PGP SIGNATURE----- From blancw at cnw.com Sun Feb 2 22:16:23 1997 From: blancw at cnw.com (blanc) Date: Sun, 2 Feb 1997 22:16:23 -0800 (PST) Subject: Libel, Times v. Sullivan Message-ID: <199702030616.WAA14387@toad.com> From: Attila T. Hun +Yes, if the Magna Carta guaranteed a right and the forefathers fought +to secure it, why should any of us ever have to lift a finger in our +own defense. seems to me Jefferson said it took a rebellion every 20 years or so to keep democracy awake... other than presuming your answer is tongue in cheek (not elsewhere), complacency == welfare. ......................................................... Definitely tongue-in-cheek. Just noting that if a thing has been "guaranteed", this means (by my interpretation) that it is a done deal and nothing further need be done about it - it's established and automatic. But obviously a "right", though it be a basic operant in Nature and existent as an abstract concept in some people's minds, is not recognized either naturally or formally by many. Therefore, as Jefferson remarked, we cannot depend on our forefather's vision to uphold our honor but must re-establish it as needed. .. Blanc From jimbell at pacifier.com Sun Feb 2 22:26:01 1997 From: jimbell at pacifier.com (jim bell) Date: Sun, 2 Feb 1997 22:26:01 -0800 (PST) Subject: VOICE STRESS ANALYSIS Message-ID: <199702030626.WAA14604@toad.com> Awhile back we were discussing voice-stress analysis; just got this item on the subject; he said it's okay to post it. >From: Spectre334 at aol.com >Date: Sun, 2 Feb 1997 09:31:17 -0500 (EST) >To: jimbell at pacifier.com >cc: BLAMES2778 at aol.com, AFSCA at aol.com, JLeek426 at aol.com >Subject: VOICE STRESS ANALYSIS > >MR. BELL: > >I FOUND YOUR QUERY ABOUT VOICE STRESS ANALYSIS ON THE INTERNET, AND I TOO, >HAVE FOUND A DEARTH OF INFORMATION THERE - UNTIL NOW. > >I'M PLEASED TO REPORT THAT VOICE STRESS ANALYSIS (VSA) IS ALIVE AND WELL. IT >HAS BEEN QUIETLY PERFORMING IN THE SHADOW OF THE POLYGRAPH FOR MANY YEARS. > NOW, HOWEVER, IT IS COMING INTO ITS AND IS USED IN MANY STATES TO AID IN >CRIMINAL INVESTIGATIONS AND OTHER APPLICATIONS. > >AMONG ITS OTHER BENEFITS, VSA REQUIRES NO INTIMIDATING HOOKUP TO THE >SUBJECT'S BODY, IN ORDER TO MEASURE THE LEVEL OF STRESS. IT CAN BE CONDUCTED >VIRTUALLY ANYWHERE - EVEN WHERE NO ELECTRICITY IS PRESENT. PERHAPS MOST >PERTINENT TO YOUR QUESTION, VSA CAN BE SOMETIMES PERFORMED ON PEOPLE WHO ARE >NO LONGER AROUND, THROUGH THEIR RECORDED VOICES. THIS IS CALLED "NARRATIVE >ANALYSIS" AND IS SOMEWHAT TOUGHER THAN THE BASIC QUESTION - AND -ANSWER >APPROACH, SINCE THE EXAMINER CANNOT CONTROL THE CONTENT AND SEQUENCE OF >QUESTIONS, IF THE SOURCE IS A PAST RECORDING. > >THE DIOGENES GROUP, INC., OF WHICH I AM PRESIDENT, HAS DEVELOPED A TOTALLY >DIGITAL APPROACH TO VSA, AND BEGAN DELIVERING SYSTEMS TO LAW ENFORCEMENT >AGENCIES IN DECEMBER, 1996. THE PREMIER DIOGENES VSA PRODUCT IS REDUCED TO >THE SIZE OF A NOTEBOOK COMPUTER, BUT PRODUCES REALTIME PROCESSING FOR >SOFTCOPY DISPLAY, AND HARDCOPY PRINTING WITHIN SECONDS. > >YOU MAY BE FAMILIAR WITH THE PREVIOUS STATE-OF-THE-ART, WHICH WAS A >RELATIVELY LARGE ANALOG MACHINE, USING A SINGLE CHANNEL AND PRINTING OUT THAT >DATA ON A ROLL OF THERMAL PAPER. THOSE DAYS ARE GONE FOREVER. > >IF YOU WOULD LIKE MORE INFORMATION ON THE DIOGENES GROUP AND ITS PRODUCTS, >PLEASE USE THIS CHANNEL TO SEND ME YOUR MAILING ADDRESS, PHONE NUMBER, AND >FAX NUMBER. > >THANKS FOR YOUR INTEREST IN VOICE STRESS ANALYSIS. > >SINCERELY, > >TOM > >(THOMAS F. MCGRAW) > > Jim Bell jimbell at pacifier.com From vin at shore.net Sun Feb 2 22:26:06 1997 From: vin at shore.net (Vin McLellan) Date: Sun, 2 Feb 1997 22:26:06 -0800 (PST) Subject: "Strong" crypto and export rule changes. Message-ID: <199702030626.WAA14616@toad.com> Ian popped the 40-bit RC5 (not RC4) challenge with 259 processors, almost all standard Unix college-lab workstations, as I understand it. (RC5 has a variable block size and a variable number of rounds; but the unknown plaintexts for this contest were enciphered using a declared 12-round RC5 with a 32-bit word size.) The message Ian revealed was something like: "That's why you need a longer key!!!!!" RSA posted rewards for anyone who can break a 56-bit DES challenge and/or any of 12 variable-length RC5 challenge messages. The 40-bit RC5 cipher was the least of these and was expected to fall quickly. The initial RSA announcement of the contest emphatically declared that even 56-bit-key crypto (DES or RC5) offers only "marginal protection" against a committed adversary -- which is not to in any way minimize Ian's accomplishment, or the efforts (some also successful!) of others who also tackled the 40-bit challenge. SDTI/RSA celebrated Ian's achievement enthusiastically at the RSA Security Conference in San Fran last week. Burt Kalisky, the Chief Scientist at RSA, preempted a main session at the Conference to do an on-stage telephone interview with Ian about his attack. SDTI (RSA) apparently hopes to use Ian's "timely" achievement to urge Congress to challenge the idiotic 40-bit EAR ceiling and the key-escrow contracts required to get a 56-bit export license. (The network Ian used to link his lab workstations, NOW at Berkeley, is definitely not standard, however. I think there is a description of it online; but briefly, NOW seems designed to very efficiently handle this sort of intensive distributed processing project. More important, perhaps, was the fact that Ian just chewed through the possible keys with a pure brute-force attack on the key space. His attack was not really optimized for RC5, or designed to attack any specific element in the RC5 crypto architecture.) Jim Bitzos of RSA also gave a thought-provoking thumbnail summary of the IBM Key Recovery Alliance (making a better case for it in 30 seconds than the long technical presentatations from IBM.) As Bitzos explained it, the variable key-size control allows a corporate user to communicate through encrypted links to a variety of international recipients -- dynamically adjusting the encryption mechanism to whatever varied restrictions are required by the French, German, US, UK, etc. , govenments. "It's an imperfect world," growled Bitzos -- but both users and vendors need workable mechanisms today to allow them to adapt to whatever contraints on strong encryption that are, or will be, required by the various national authorities. It's a mistake, he suggested, to think of the IBM Key Recovery Initiative soley in terms of US controls. Many governments are reacting with hostility to the availability of strong encryption -- and until the Market finds a voice and educates the political and spook cultures, commercial entities will inevitably have to adapt their work-a-day communications security to a wide variety of national crypto controls and key-length restrictions. (What I got about the IBM presentations was the realization that there is nothing in the key recovery mechanism, per se, that requires the recovery key to be held by a third party. That, to my mind, is the essential distinction between key escrow and key recovery. I also realized that IBM has, for years, quietly held a crucial piece of the PKC scheme in its patented "control vector" tech, which irrevocably binds a whole set of context-specific rules and constraints to a decryption key. I now realize that the control vector technology was the foundation much of the the DoD's Blacknet development. Important stuff -- check it out!) Like Big Jim said, it's an imperfect world -- and likely to become more so, from the C'punk perspective, before it becomes better. The rumor mill among the 2,500 cryptographers, mostly developers, who attended the RSA Conference was pumping overtime. One of the saddest and most persistent rumors was that the Clinton Administration would, within months, introduce a Congressional bill to make unescrowed strong encryption illegal in the US. (Personally, I'd put bitter money on that one. ) David Aaron, US Crypto Ambassador and the US permanent rep to the OECD -- in which role he has strove to convince the newly liberated nations of Eastern Europe that built-in wiretap links are essential design components for a modern democratic nation's communications infrastructure -- was charming and gracious... but it was no surprise that he didn't budge a bit from the "sovereign right to listen" policy line. You shouldn't have skipped the RSA bash, Adam, not even for your DCS gig in the sunny Caribbean. There were numerous Lion and the Lamb drinking bouts thoughout the week (some rather amazing, in terms of both the participants and the volume of "input".) You would have loved it. Passions often ran high, but usually in quiet intense coversations. I (one Lamb, white wool turning gray;-) had distinct impression that there many US government cryptographers uncomfortable with the Administration's NSA/FBI-inspired absolutist POV. Not even all senior feds feel that Constitutional Law should be (re)written by FBI case agents obsessed with making it easier to bust some two-bit crack dealer next month. (Doesn't mean much in the larger scheme of things, but the pained ambivalence vividly reminded me of Vietnam debates so many years ago.) My favorite quote, from a federal LEA lawyer deep in his cups: "If the colonial cops, rather than the philosophers, had drafted the Constitution -- would Madison and Jefferson, et al, have been willing to even put their names to it??" Suerte, _Vin -------- In Reply To: >Steve Schear wrote: >| > What the US government will allow to be exported is not "strong >| >encryption." It is encryption only slightly too strong to be broken >| >by an amateur effort. For the right investment in custom hardware, it >| >falls quickly. (500,000 $US = 3.5 hour avg break). >| > >| >| Considering Ian's feat you certainly seem to have had your crystal >| ball in hand. Adam Shostack responded: > I wear three around my neck. Its a new age thing. > > More seriously, that estimate is the cost of breaking DES on >custom hardware, based on Wiener's figures. Ian got RC4-40 in 3.5 >hours on I don't know how much hardware, not a lot of it custom, >AFAIK. Vin McLellan + The Privacy Guild + 53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548 From sandfort at crl11.crl.com Sun Feb 2 22:26:08 1997 From: sandfort at crl11.crl.com (Sandy Sandfort) Date: Sun, 2 Feb 1997 22:26:08 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702030626.WAA14617@toad.com> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Where to begin? Tim May has taken the time to write broad and thought provoking essay on this list's current moderation experiment. I appreciate his analysis--and candor. While I do not agree with all he has written, I enormously respect his dedication to his point of view. On Sun, 2 Feb 1997, Timothy C. May wrote: > I chose not to write a "departing flame" (or message, but some might call > it a flame) when I unsubscribed several weeks ago--within an hour of > reading that John and Sandy had decided to make "their" list a moderated > list,... This is Tim's first error of fact. I point it out not to insult him, but because it seriously affects much of the rest of his analysis. We are conducting an experiment. It will last one month. After that, it's over if list members want it to be over. If, on the other hand, moderation is seen by the list members as beneficial to their use and enjoyment of the list, the current form of moderation--or some variation will continue. > ...and saw no point in wasting even more of my time arguing against the New > Cypherpunks World Order, as the NCWO was clearly presented as a fait > accompli, not something ablut which opinions of list members (or even list > _founders_, at least not me) were being sought. Factual error #2. There was a call for comment; Tim chose not to do so. In retrospect, I wish we had run it by Tim, Eric and Hugh in more detail before making the annoucement, but we didn't. Certainly a tactical error and a breach of protocol, but not the end of the world. Sorry Tim. I should have spoken to you first. > I see vast amounts of bandwidth consumed by arguments about > moderation, about the putative biases of the Moderator and Director of the > New Cypherpunks World Order, about alternative moderation strategies (which > is stupid, as John and Sandy announced what they were going to do, not just > some of their preliminary thoughts), and so on. I've also noticed fewer > substantive essays. And I see something different. Since previously, Tim actively filter the list, I'm not sure on what basis he can make his comparison. As just one example (though a signicant one) Dimitri has posted more non-flaming, on-topic posts during the two weeks of this experiment then in the previous several months. In my opinion, other than for the hysterical posts of a very few self-righteous loudmouths, the overall quality of the posts has been far superior to what it had become in the weeks before the experiment began. YMMV. > With no false modesty I tried awfully hard to compose substantive > essays on crypto-political topics, often more than one per day. I would hope that Tim will return to this practice irrespective of whether the list remains moderated or returns to its previous policies. More on this, below. > (Others did too, but they seem to be tapering off as well, leaving the list > to be dominated by something called a "Toto," the "O.J. was framed!" > ravings of Dale Thorn, the love letters between Vulis and someone name > Nurdane Oksas,... Two points: Since Tim largely agrees with those in opposition to moderation, and because of the extraordinary nature of Tim's post, I did not send it to the "flames" list. It was a judgment call. The problems Tim describes, did not arise with moderation. Indeed, they were the imputus for the moderation. > * But the really important issue is this: is the _physical hosting_ of the > Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list > was hosted by, say, UC Berkeley or PGP Incorporated, would we consider > these hosts to be the "owners" of the Cypherpunks group?... I think this is a Straw Man. John and I have never argued that John "owns" cypherpunks. When a Cypherpunk meeting is held in someone's living room, however, I don't think it's asking to much to ask everyone to follow the local rules (e.g., "no shoes in the house" or "no smoking" or even "no ad hominem attacks"). As Tim is fond of saying, "my house; my rules." I don't think this means Tim "owns" a physical meeting in his house. > While John had (and has) every legal right > to do with his property as he wished, the effect was very negative. First, > Vulis found other ways to post (duh). Tim, do you really believe that John did not anticipate this? > Second, the list was consumed with > flames about this, many from Vulis, and many from others. It was consumed with flames before. Now, at least, the vast majority of folks on the list don't have to read them, nor jump through any hoops to implement some sort of dynamic filtering half-measure. > Third, journalists (who love sizzle over substance any day of > the week) lept into the fray with articles which gave Vulis the > publicity he craved. That's what journalist do, though I wasn't aware of ANY articles on this issue. I would appreciate it if Tim could give us some citations. > Fourth, it sent a message to enemies of liberty that "Even the > Cypherpunks have found it necessary to abandon their anarchic > ways." That's one message that one could take from all this, I suppose. I don't see it that way, nor do several list members who thanked me in private e-mail for improving the list. Again, YMMV. > (I'm well aware of the issues with pests like Vulis, who seek to destroy > virtual communities like ours. But the solution John used did not work, and > generated more crap.... What didn't work was "local filtering" which has no feed-back loop to engender comity. This might not work either, but I see no evidence that it has made things worse. Remember, there are a hand-full of subscribers to the Flames list, 20-30 on the Unedited list and *2000* or so on the Moderated list. Sure some of that may be due to laziness, but it would be cavalier in the extreme to claim that such an overwhelming acceptance of moderation is merely an artifact of inertia. But to make things perfectly clear one more time, ANYONE WHO WANTS TO READ THE ENTIRE CYPHERPUNKS FEED SHOULD SUBSCRIBE TO "CYPHERPUNKS-UNEDITED" AND/OR "CYPHERPUNK-FLAMES." > * "Censorship" is another overloaded term. I don't think the "Definition 1" > of dictionary definitions, about _governmental_ restrictions, is the only > meaningful definition. Everybody knows what it meant when we say that > "Lockheed is censoring the views of employees," even though we know > Lockheed is not using government power. A censor is one who censors. And > even my "American Heritage Dictionary" gives this as its "definition 1": > > "censor n. 1. A person authorized to examine books, films, or other > material and to remove or suppress morally, politically, or otherwise > objectionable." Tim and I disagree on which definition of "censorship" applies in this situation. Dale Thorne, and others, have argued, in essence, that there is censorship if ANY definition would apply. I'm not sure time is going that far, but if so, I respectfully disagree. But let's apply Tim's above definition for the sake of argument. Am I, thereby, a censor? Well I am examining "other material" and I am making judgments with regard to whether or not it is "objectionable," unfortunately for Tim's argument, I am neither "removing" nor "supressing" anything. Anybody can read anything that gets posted to Cypherpunks--in two places. I am sorting, but even my sorting can be completely avoided. > * OK, even given that John had decided to censor "his" list, what about his > choice of Sandy Sandfort as the censor? John didn't choose me, I approached him. I offered my opinion as to what I thought HE ought to do about the list disruptions. The short version of his answer was, "if you think you can do a better job, go for it." I accepted the challenge, so here I am. I don't want this job. If the list members decide to keep the list moderated, I hope to keep my involvement as a moderator to a minimum. Any volunteers? > * Nor do the announced criteria make any sense. While the inane one-line > scatological insults have been filtered out, many "flames" make it through, > based on what I've seen in perusing the hks archive site. And some > reasonable comments get dumped in the flame bucket. Very possibly true. Moderation is like crypto, perfection isn't and option. However, a 90% solution is a heck of a lot better than no solution at all. Yes, I've made what I consider to be errors, but I think on some, I've done a very good job overall. > * (Frankly, one of my considerations in leaving was the feeling that I > would never know if an essay I'd spent hours composing would be rejected by > Sandy for whatever reasons.... Tim, I think this is disingenuous. I have been quite clear on my moderation criteria. You are too intelligent to feign such a lack of understanding. > maybe he might think my essay was off-topic, Clearly not a criterion I ever enunciated. > or used one of the Seven Deadly Words, Clearly not a criterion I ever enunciated. >or was "too flamish." Bingo (with the proviso that it be a personal attack on a list member as opposed to the substance of his or her argument). > * The decision to "moderate" (censor) the Cypherpunks list is powerful > ammunition to give to our opponents, Piffle. Letting spoiled children destroy the list puts a far more powerful weapon in the hands of our enemies. > and Vulis is certainly gleeful that > his fondest wishes have been realized. I do not have a crystal ball. My Vulcan mind meld is in the shop. No one--neither Tim, nor I, nor probably even Vulis--knows whether is gleeful about all this or not. An frankly, who cares? The question is, are list members happy or not with moderation. Tim was not. I am. By the end of the experiment, I dare say we will have a good idea what most list members think. > (I would venture a guess that a Duncan Frissell would almost certainly get a > libertarian rant past Sandy while a Phill Hallam-Baker might easily fail to > get a leftist rant past him.) I sorry Tim gives me so little credit. Rather than merely post a self-serving denial, I would ask that Phill confirm or deny Tim's supposition. To the best of my recollection, I have sent only one post of Phill's to the Flames list. It flamed Jim Bell. As far as moderating political rants go, I'm agnostic. Look folks, when you stop trying new things, and stop questioning conventional wisdom, you are as good as dead. Maybe moderation is the best think since sliced bread; maybe it sucks. How about we give it a good-faith try for the next 2+ weeks and see how it goes? If the consensus is it sucks, I intend to be gracious in defeat. If it goes the other way, I hope that the neighsayers will accept it and let the list get on with its role as a forum for the protection of privacy. Thanks again, Tim, for sharing your views with us. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl10.crl.com Sun Feb 2 22:40:42 1997 From: sandfort at crl10.crl.com (Sandy Sandfort) Date: Sun, 2 Feb 1997 22:40:42 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702030640.WAA15028@toad.com> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Sun, 2 Feb 1997, Roy M. Silvernail wrote: > In Minneapolis and Anchorage (the two cities of which I have knowledge) > mail carriers have a key that opens not only apartment-style mailboxes, > but little boxes on the outside of apartment buildings that hold a key > to the building's lobby. Snag one of those keys and a large portion of > the city opens its doors to you. (some buildings have further locked > doors beyond the mailbox lobby to counter this threat) So much for key escrow. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From mpd at netcom.com Sun Feb 2 22:47:22 1997 From: mpd at netcom.com (Mike Duvos) Date: Sun, 2 Feb 1997 22:47:22 -0800 (PST) Subject: Gilmore's Moderated Cypherpunks List In-Reply-To: <199702030325.TAA09985@toad.com> Message-ID: <199702030647.WAA09811@netcom9.netcom.com> Our Former Titular Leader Bails and Expounds Thusly Over the Smoking Remains of the Once Mighty Cypherpunks List: > First, I don't argue that John Gilmore is unfree to do as > he wishes with his machine, toad, which has been the major > machine host for the Cypherpunks list. John can tell us we > have to write in Pig Latin if he wishes. Freedom of the Press belongs to those who own one. Since there are no legal restrictions on the name "Cypherpunks", anyone with a working box can host a "Cypherpunks List", and individuals may choose to spend their reputation capital improving the S/N ratio of whatever Cypherpunks Lists they favor. In this sense, a "Cypherpunks List" is like a "Webster's Dictionary." Anyone can use the name, and the deluxe leather bound edition put out by a University is better than the tacky newsprint one offered as a premium by your local book club. Gilmore's Moderated Cypherpunks List is one of many forums where Cypherpunks may choose to congregate, some of which carry the name "Cypherpunks," and some of which do not. > I think we should all be very grateful to John for agreeing > to let it run on his hardware, but not let our gratitude > turn into some sort of subservience and blather about how > John "owns" the Cypherpunks group. I think we should have nipped Gilmore in the bud when he censored Vulis, and immediately looked for a new site to host a Cypherpunks list which was not subject to sudden and arbitrary censorship by the site owner. John, of course, would have been perfectly free to continue to host "Gilmore's Moderated Cypherpunks List", and we would have perfectly free not to post there any more. Instead, being comfortable and lazy, we tolerated Gilmore's pathetic attempts to exterminate the pesky Vulis, and given that Vulis was more than a match for Gilmore mentally, the pissing contest soon escalated as the frantic Gilmore took more and more extreme measures to find "the final solution" to the good Doctor's posts. Again, predictable behavior by everyone involved. > Again, is the "Cyherpunks community" the same as the mailing > list? And is the mailing list, hosted at toad, the "property" of > John Gilmore? Of course not. What a silly notion. All mailing lists that survive more than a few months are organized around some strong personality who nudges the list back on-topic when it begins to stray, and who posts articles interesting enough that people will make regular visits to read them. If no one performs this function on a list, the list will die. I think most people will agree with me that Timothy C. May has been the person who performed this function here on Cypherpunks, from its creation until fairly recently. If he chooses not to perform this function on "Gilmore's Moderated Cypherpunks List", that is Mr. Gilmore's tough luck. Perhaps if Mr. Gilmore asks nicely, Dr. Vulis will volunteer. Then again, perhaps not. :) > I'll have more to say about my problems with how things > were handled. Frankly, it smacked of the same kind of fait > accompli decision John made with the unsubscribing of Vulis. > While John had (and has) every legal right to do with his > property as he wished, the effect was very negative. First, > Vulis found other ways to post (duh). Second, the list was > consumed with flames about this, many from Vulis, and many > from others. Third, journalists (who love sizzle over > substance any day of the week) lept into the fray with > articles which gave Vulis the publicity he craved. Fourth, > it sent a message to enemies of liberty that "Even the > Cypherpunks have found it necessary to abandon their > anarchic ways." I agree completely. Do real Cypherpunks want to post to a list run by someone who has undermined their agenda and made them look like hypocritical idiots to the world? Gilmore has done more damage to the good name of Crypto Anarchy in the last few weeks than the government spooks could ever have hoped for in their wildest dreams. > But by making the _main list_ the censored one, this skewed > things considerably. Yes, this was a sleezy and perfidious trick by Gilmore, who apparently wanted to transform "Cypherpunks" into "Gilmore's Moderated Cypherpunks List" by fiat. Even the unedited list was an afterthought to pacify critics, and you can be sure that it will evaporate as soon as he thinks no ones complaints will be heard. > Had there been a debate about the policy, I can think of > several approaches I'd like better. But inasmuch as John > made it clear that there would be no debate (and, perhaps as > part of the "problem," John has not really been a active > member of the mailing list, in terms of participating in the > debates), this is all moot. > In any case, my several years with the list have taken a > huge amount of my time. Given the way this whole thing was > handled, and the way the list is degenerating even further, > it looks like it's good that I'm moving on to other things. Hey - if John Gilmore can attract readers to "Gilmore's Moderated Cypherpunks List" by virtue of his charming personality, more power to him. Really. :) -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From haystack at holy.cow.net Sun Feb 2 22:56:18 1997 From: haystack at holy.cow.net (Bovine Remailer) Date: Sun, 2 Feb 1997 22:56:18 -0800 (PST) Subject: No Subject Message-ID: <199702030637.BAA04034@holy.cow.net> Timmy May has been a source of endless embarassments to his sympathizers on and off the net. o/ Timmy May <| / > From winsock at rigel.cyberpass.net Sun Feb 2 23:07:34 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Sun, 2 Feb 1997 23:07:34 -0800 (PST) Subject: Man in the Middle Message-ID: <199702030707.XAA03474@sirius.infonex.com> Derisve Vibrator K[retin]OfTheMonth had his foreskin ripped off last night by a vacuum cleaner. .-._ {_}^ )o {\________//~` ( ) Derisve Vibrator K[retin]OfTheMonth /||~~~~~||\ |_\\_ \\_\_ "' ""' ""'"' From lwjohnson at grill.sk.ca Sun Feb 2 23:07:54 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Sun, 2 Feb 1997 23:07:54 -0800 (PST) Subject: About: My Departure, Moderation, and "Ownership of the List" Message-ID: <32F5AB1A.1B49@grill.sk.ca> For what it's worth, I think that this Tim May, not being a user of the list, has no place to talk. His type, to me, characterate those who quit something and complain later, knowing that some people will listen to them. So what, if he decided to leave? It was his own choice and he can't just come back and say everyone who stayed is now impelled to listen to him, just because he used to do a bunch of posts. I don't think that hardly any of you would listened to me later if I left the list. From nobody at zifi.genetics.utah.edu Sun Feb 2 23:29:46 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Sun, 2 Feb 1997 23:29:46 -0800 (PST) Subject: None Message-ID: <199702030729.AAA00107@zifi.genetics.utah.edu> Dimitri Vinyl K{rust}OfTheMonth will fuck anything that moves, but he'd rather be fucking his own mother's dead body. v-v-v-@@-v-v-v (..) Dimitri Vinyl K{rust}OfTheMonth From nobody at zifi.genetics.utah.edu Mon Feb 3 00:19:41 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 00:19:41 -0800 (PST) Subject: None Message-ID: <199702030819.BAA00723@zifi.genetics.utah.edu> Dimitri Vinyl K{rust}OfTheMonth will fuck anything that moves, but he'd rather be fucking his own mother's dead body. v-v-v-@@-v-v-v (..) Dimitri Vinyl K{rust}OfTheMonth From tcmay at got.net Mon Feb 3 00:32:36 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 00:32:36 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: Unfortunately, Sandy responded to my post with his own flames ("piffle," "disingenous," "straw man," etc.). Now he may well think his points are not flames becuase they are "true," but to me they take the form of flames. But then I have long disliked Sandy's method of argument. Nothing personal. But I find Sandy's series of dismissals--in other posts from other people, not just this one--to be "flamish." As Sandy says, your mileage may vary. As Sandy did a too-common section-by-section disssection, I'll do the same for his comments. At 9:55 PM -0800 2/2/97, Sandy Sandfort wrote: >> I chose not to write a "departing flame" (or message, but some might call >> it a flame) when I unsubscribed several weeks ago--within an hour of >> reading that John and Sandy had decided to make "their" list a moderated >> list,... > >This is Tim's first error of fact. I point it out not to insult >him, but because it seriously affects much of the rest of his How can this be an "error of fact" when I am clearly setting out a point of view? Is it an error of fact that moderation was happening? Or is the disagreement with my quotes around "their"? This was clearly an expression of sarcasm. Hardly an "error of fact." >> ...and saw no point in wasting even more of my time arguing against the New >> Cypherpunks World Order, as the NCWO was clearly presented as a fait >> accompli, not something ablut which opinions of list members (or even list >> _founders_, at least not me) were being sought. > >Factual error #2. There was a call for comment; Tim chose not to >do so. In retrospect, I wish we had run it by Tim, Eric and John's message did not say he was thinking about instituting censorship, it said he was in the process of setting up such a system. As for the comments solicited, I noticed no changes whatsoever. (I guess the several dozen comments were "errors of fact," "piffle," and "straw men." Can anyone think of a single one of the various points made after John's announcement that changed the plan in any significant way?) >> I see vast amounts of bandwidth consumed by arguments about >> moderation, about the putative biases of the Moderator and Director of the >> New Cypherpunks World Order, about alternative moderation strategies (which >> is stupid, as John and Sandy announced what they were going to do, not just >> some of their preliminary thoughts), and so on. I've also noticed fewer >> substantive essays. > >And I see something different. Since previously, Tim actively >filter the list, I'm not sure on what basis he can make his >comparison. As just one example (though a signicant one) Dimitri That's an easy one, one I explained at least two or three times in the last half year: I used Eudora Pro to sort mail into various folders. I'm quite aware of what is going into various folders, and sometimes I even look in them. Clear enough? >has posted more non-flaming, on-topic posts during the two weeks >of this experiment then in the previous several months. In my >opinion, other than for the hysterical posts of a very few >self-righteous loudmouths, the overall quality of the posts has >been far superior to what it had become in the weeks before the >experiment began. YMMV. Piffle. Nonsense. If you think the overall quality of posts is superior now to what it had been, your bias in favor of your own brain child is so powerful that it's warped your judgment. Who else thinks the quality is now higher? (By the way, I don't think the proper statistical method is to "average" all of the posts, including the Vulisgrams and the scatolological insults, as these were easily filtered by anyone with a clue. Rather, look at the substantive and stimulating essays, the important ones, and ask if they have gotten better. It's disingenuous to claim that filtering out the childish insults has improved the quality of the essays. As I said, I've seen the opposite. You apparently think differently.) >> (Others did too, but they seem to be tapering off as well, leaving the list >> to be dominated by something called a "Toto," the "O.J. was framed!" >> ravings of Dale Thorn, the love letters between Vulis and someone name >> Nurdane Oksas,... > >Two points: Since Tim largely agrees with those in opposition to >moderation, and because of the extraordinary nature of Tim's post, >I did not send it to the "flames" list. It was a judgment call. Here Sandy is really going over the line. He is saying he _almost_ filtered my message into the reject pile, where later he claims I would have no problem writing an essay and not knowing whether it would be filtered into the Good or the Bad pile. He later writes, in response to my point: "(Frankly, one of my considerations in leaving was the feeling that I >> would never know if an essay I'd spent hours composing would be rejected by >> Sandy for whatever reasons.... > >Tim, I think this is disingenuous. I have been quite clear on >my moderation criteria. You are too intelligent to feign such >a lack of understanding." So, given that I wrote my essay today, should I have known if it would be filtered into Sandy's "Not Fit for True Cypherpunks" list, or the Approved list? Sandy implies that he himself had to make a "judment call" on this one. Hey, people, this shows how fucked up things have gotten. Lord Almighty Sandy says my long-considered, well-written essay was _almost_ shitcanned ("It was a judgment call"). And for what reason? Apparently because of a single paragraph that mentioned "Toto" and Dale Thorn (oh, and Nurdane and Vulis and their love relationship) in unflattering terms. Is this the crap the Cypherpunks were founded to put up with? A petty satrap deciding to filter out a long and substantive essay because he feels some paragraph is insulting? What a state of affairs. This more than anything demonstrates the truth of Lord Acton's maxim about absolute power corrupting absolutely. Sandy feels free to flame away (piffle, straw man, logical fallacy), but expresses umbrage at my very accurate comments about ravings and rantings of certain list memmbers. (Perhaps Sandy will censor this message, feeling you readers are not able to handle my dismissal of his asinine views. This will leave the Censor having the final word, which is "not unexpected." When a censor gets into a debate with one of his charges, this is what often happens.) >> * But the really important issue is this: is the _physical hosting_ of the >> Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list >> was hosted by, say, UC Berkeley or PGP Incorporated, would we consider >> these hosts to be the "owners" of the Cypherpunks group?... > >I think this is a Straw Man. John and I have never argued that >John "owns" cypherpunks. When a Cypherpunk meeting is held in >someone's living room, however, I don't think it's asking to much >to ask everyone to follow the local rules (e.g., "no shoes in the >house" or "no smoking" or even "no ad hominem attacks"). As Tim >is fond of saying, "my house; my rules." I don't think this >means Tim "owns" a physical meeting in his house. This is precisely the point I made! As for John instituting a censorhip policy, as I said, he is of course free to do it. It may be foolish to do so, but he is free to do so. And those of us who don't like what this all means are free to leave. Sounds fair to me. >> While John had (and has) every legal right >> to do with his property as he wished, the effect was very negative. First, >> Vulis found other ways to post (duh). > >Tim, do you really believe that John did not anticipate this? I have no idea what John anticipated and didn't. But if he knew it wouldn't work, why bother? Not only did Vulis actually start posting _more_, it also consumed the list in a frenzy of posts about it. (By the way, remember that we are here talking about the unsubscription of Vulis by John. My reason for this reminder will be clear in a moment.) >> Second, the list was consumed with >> flames about this, many from Vulis, and many from others. > >It was consumed with flames before. Now, at least, the vast >majority of folks on the list don't have to read them, nor jump >through any hoops to implement some sort of dynamic filtering >half-measure. We're talking about Vulis being unsubscribed, not the list censorship episode. >> Third, journalists (who love sizzle over substance any day of >> the week) lept into the fray with articles which gave Vulis the >> publicity he craved. > >That's what journalist do, though I wasn't aware of ANY articles >on this issue. I would appreciate it if Tim could give us some >citations. Again, we're talking about the Vulis unsubscription episode. Go back to the archives covering this period. Declan McCullough wrote an article about this, giving Vulis much publicity. And some of us were contacted by other journalists asking for our views, for what this meant about for the list's espoused philosophy about anarchy, etc. (I refused to comment, of course.) >> Fourth, it sent a message to enemies of liberty that "Even the >> Cypherpunks have found it necessary to abandon their anarchic >> ways." > >That's one message that one could take from all this, I suppose. >I don't see it that way, nor do several list members who thanked >me in private e-mail for improving the list. Again, YMMV. Once again, the subject of the section you're citing was about the Vulis unsubscription matter. I think, Sandy, you need to read more carefully before you denounce arguments. >> (I'm well aware of the issues with pests like Vulis, who seek to destroy >> virtual communities like ours. But the solution John used did not work, and >> generated more crap.... > >What didn't work was "local filtering" which has no feed-back >loop to engender comity. This might not work either, but I see >no evidence that it has made things worse. Remember, there are a If you see no evidence that is has made things worse, then apparently you haven't seen that I have not been posting for the past month. Whatever my reasons, if you can seriously claim that you can see "no evidence" that a change of some sort has occurred... >hand-full of subscribers to the Flames list, 20-30 on the >Unedited list and *2000* or so on the Moderated list. Sure some >of that may be due to laziness, but it would be cavalier in the >extreme to claim that such an overwhelming acceptance of >moderation is merely an artifact of inertia. I still maintain, as others have as well, that a better approach would have been to announce the "Sandy-approved" list as a new option. Changing the main list to the censored version was a way to exploit the name of the list, etc. (Consider if Eric Blossom's filtered list was suddenly declared to be the "Cypherpunks" list. This is essentially what has happened. A major screw up. And I don't really think it germane to cite how many are on each list. Sheep are sheep, and, frankly, about 1850 of those putative "*2000*" on the main list are never, ever heard from.) .... >Tim and I disagree on which definition of "censorship" applies in >this situation. Dale Thorne, and others, have argued, in essence, >that there is censorship if ANY definition would apply. I'm not >sure time is going that far, but if so, I respectfully disagree. > >But let's apply Tim's above definition for the sake of argument. >Am I, thereby, a censor? Well I am examining "other material" >and I am making judgments with regard to whether or not it is >"objectionable," unfortunately for Tim's argument, I am neither >"removing" nor "supressing" anything. Anybody can read anything >that gets posted to Cypherpunks--in two places. I am sorting, >but even my sorting can be completely avoided. Sophistry. >> * OK, even given that John had decided to censor "his" list, what about his >> choice of Sandy Sandfort as the censor? > >John didn't choose me, I approached him. I offered my opinion as >to what I thought HE ought to do about the list disruptions. The >short version of his answer was, "if you think you can do a >better job, go for it." I accepted the challenge, so here I am. >I don't want this job. If the list members decide to keep the ^^^^^^^^^^^^^^^^^^^ By the way, how is this to be "decided"? A democratic vote of the herd? Do all "*2000*" get a vote? Are we moving from benevolent dictatorship to direct democracy? >> * Nor do the announced criteria make any sense. While the inane one-line >> scatological insults have been filtered out, many "flames" make it through, >> based on what I've seen in perusing the hks archive site. And some >> reasonable comments get dumped in the flame bucket. > >Very possibly true. Moderation is like crypto, perfection isn't >and option. However, a 90% solution is a heck of a lot better >than no solution at all. Yes, I've made what I consider to be >errors, but I think on some, I've done a very good job overall. You seriously think that establishing the idea that "even the Cypherpunks group accepts the need for censorship of unpopular views" is worth the minimal bandwidth savings of not having some of the scatological one-liners and insults? The huge amount of list animosity (so much for "comity") and bandwidth on this censorship issue dwarfs the bandwidth taken up by the Vulisgrams. >> * (Frankly, one of my considerations in leaving was the feeling that I >> would never know if an essay I'd spent hours composing would be rejected by >> Sandy for whatever reasons.... > >Tim, I think this is disingenuous. I have been quite clear on >my moderation criteria. You are too intelligent to feign such >a lack of understanding. As I noted earlier, you yourself said it was a "judgment call" for you to not put my message in the flames pile. So, did I truly not understand your criteria for approval (which means I wasn't feigning ignorance), or did I understand that which you yourself acknowledged having to make a judgment call (kissing cousin to a "guess" where I come from) on? If you are unsure whether to dump a major, substantive essay into the flames pile or allow it to be read by the main list, then this makes my point precisely. I don't want Sandy Sandfort sitting in judgment on my posts, deciding what the Cypherpunks--a group I co-founded for God's sake!!!!--are to be allowed to read and what they may not. (Saying what Sandy is doing is not "censorship" but is only "sorting" is pure sophistry.) >> maybe he might think my essay was off-topic, > >Clearly not a criterion I ever enunciated. Another part of the problem is that the standards have not been clearly stated. "Flames" have not been defined in any meaningful way. Apparently it's OK for you to refer to my arguments as "disingenuous" and "piffle," but referring to someone's repeated ravings about how O.J. was framed is "flaming." Piffle. >> * The decision to "moderate" (censor) the Cypherpunks list is powerful >> ammunition to give to our opponents, > >Piffle. Letting spoiled children destroy the list puts a far >more powerful weapon in the hands of our enemies. See what I mean? "Piffle." ("piffle, n. Foolish or futile talk or ideas") Hardly a substantive argument. I'd call it an insult. And I'll bet that if Phill Hallam-Baker dismisses an argument with a "foolish" one-line characterization, it will be viewed as a flame. (Well, not now, now that Sandy is apprised of this.) >> and Vulis is certainly gleeful that >> his fondest wishes have been realized. > >I do not have a crystal ball. My Vulcan mind meld is in the ^^^^^^^^^^^^^^^^ Ah, a non-flamish way of making an argument. Dismissive jokes substituting for responding to my _opinion_. >> (I would venture a guess that a Duncan Frissell would almost certainly get a >> libertarian rant past Sandy while a Phill Hallam-Baker might easily fail to >> get a leftist rant past him.) > >I sorry Tim gives me so little credit. Rather than merely post a >self-serving denial, I would ask that Phill confirm or deny Tim's >supposition. To the best of my recollection, I have sent only >one post of Phill's to the Flames list. It flamed Jim Bell. As >far as moderating political rants go, I'm agnostic. Again, look at what the Cypherpunks list has become! Because some of the barnyard insults were getting to some people, we now have a situation where a thoughtful commentator like Phill H-B (who I rarely agree with, by the way, but his essays show he's thinking about issues deeply) has his stuff sent to the scrap heap because he "flamed" Jim Bell? Or was it a critique of Bell's "assassination politics" ideas and the way he presents them, perhaps with a single flamish comment (a la the comment I made that caused Sandy to almost mark my entire essay as unfit for Cypherpunks)? I urge Phill, or others, to retrieve this offending article and repost it. Or use "*%&$" symbols where the banned flame language was contained, so it will pass muster with Sandy. Then we can better judge just what we're giving up in order to have the kind of "comity" which Sandy thinks he is creating. --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From jimbell at pacifier.com Mon Feb 3 00:38:05 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 00:38:05 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702030837.AAA08330@mail.pacifier.com> At 07:10 PM 2/2/97 -0600, ichudov at algebra.com wrote: >jim bell wrote: >> >> Better yet, set up a system to encourage the public to USE those guns (and >> other weapons) to get rid of the people who pass such laws, and the problem >> is solved. >> > >How about this scenario: I borrow 1 million dollars from, let's say, >Phill Hallam-Baker. Not wanting to pay it back, I pay to the >assassination bot and arrange him to be murdered. Simple. Even if a lendor dies (whether by murder or some other cause, perhaps undetermined) you (the debtor) presumably will still be obligated to pay back the debt, to his estate if nowhere else. If you WEREN'T responsible for the killing, you should still make the payments. If you do, then you had no reason to kill him in the first place. Even in the hypothetical scenario that the lendor is single, has no family or other likely heirs, it would be in his interest to declare that his estate goes to charity, including debts to it such as yours. After all, we can assume that he doesn't want to get murdered, and the best way of avoiding that fate is to remove whatever incentive might otherwise exist for anyone else to kill him. Making sure that all of his debtors are revealed would make it difficult for any of them to get away with murder. Or, at least, prevent the fact of such a murder from eliminating the need to repay the debt. If the fact of the loan were revealed, perhaps only after the lendor's death, and ALSO the fact that you (alone among his other debtors) refused to pay it back, everyone else in that society might reasonably come to the conclusion (absent proof or a good explanation to the contrary) that you were probably responsible for the death. At the very least, they wouldn't want to deal with you for fear of a similar outcome (non-payment or death), and some of the public would be likely to punish you by donating money to see you dead. They would do this, even if they had no particular link to the dead lendor, precisely because the publicity from such an outcome would deter other people who might be contemplating a similar thing. The logic is essentially the same as the situation where a person would donate small amounts money to see car thieves dead, even if his car hadn't (yet) been stolen: If it is essentially certain that such a penalty will always exist, it will tend to deter future incidents. All car owners have a motivation to maintain that system. >Another story: suppose that I negligently caused fire that destroys >house of, say, Toto. Toto knows that if he sues me, I can arrange him >murdered for the amount less than the amount of damages. As he could, you. Remember, if your bad actions were publicized, your reputation would suffer. If he's satisfied that you are guilty, and can prove it to others, you'll be in trouble to have the information published. (On the other hand, if nobody knows it was you who were responsible, you won't suffer, but that's no worse than the status quo.) > As a result, >he refrains from suing me, or (if he is a mean person) pays additional >money to have me murdered. A suit would probably be a much better outcome. A "suit" implies that he needs assistance to get the fact of the obligation enforced. Assuming he has enough proof to win a lawsuit, he has more than enough proof to sour everyone else on dealing with you in the future, and possibly get them to donate to see you dead. Do you risk it? >Another story: suppose that OKSAS hired me to work for her, but then >our relationships go south and she fires me. Again, her fate is very >unclear, although I would probably spare her life if it were she. > >The bottom line is, it becomes very hard to do ANYTHING that disappoints >at least somebody. That can lead to a lot of inefficiencies. I predict that agreements will simply change to avoid (or anticipate) such disappointments, in order to ensure that neither party feels "taken" if things don't work out as planned. Or, if there is an innocent-and-unavoidable breach of the agreement that harms one person, the other will be motivated to make it up to the first. In effect, they'll have to find a mutually-agreeable middle ground. Jim Bell jimbell at pacifier.com From jimbell at pacifier.com Mon Feb 3 00:39:45 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 00:39:45 -0800 (PST) Subject: Free & Open Society & toleration (fwd) Message-ID: <199702030837.AAA08320@mail.pacifier.com> At 10:18 PM 2/1/97 -0600, Jim Choate wrote: > >Forwarded message: > >> Nobody has a problem with your ideals, it's just that Jim Bell is >> trying to say (correct me and forgive me if I'm wrong) that: >> >> 1. Society will never subscribe to your ideals. > >But other than two points they already do. The two points being, > >1. Libel is a recognized legal concept now, the difference is one of degree. Maybe this will appear to you to be too-subtle a distinction, but I don't share the misimpression of equating what "society" (the citizenry?) accepts and what government-types accept. For instance, as I understand it the public uniformly rejects the concept of wiretaps as a method of law-enforcement, yet they are done anyway. In effect, it would be correct both to say: a. Society will never accept wiretapping. (where "society" is defined as the collection of individuals) as well as saying... b. Wiretapping is a "recognized legal concept now." (because the implication is that "recognized" refers to a tiny subset of society, the thugs who run the "justice system.") Now, it's my own personal opinion that wiretapping is unconstitutional, but is done anyway for the same reason other unconstitutional things are regularly done by government: Despite public disapproval, the public is never actually given the opportunity to make the decision. The fact is, libel lawsuits are apparently a rather rare "tool" that we don't even need. Perhaps a REAL LAWYER who is aware of the statistics can tell us how often they actually occur. I argue that something that rare is, almost by definition, not really needed. >My solutions to these two issues are: > >1. Removal of the lawyer from the ultimate choice of whether the case > should be pursued. Yes, I'd like to "remove a few lawyers," as well. Not quite the way you would, however. >4. By the implimentation of a bond proviso on the part of the plaintiff > the system provides a check and balance reducing nuisance cases as > well as reducing the taxation load on the citizenry. Why not a full "loser pays" system? And I mean NOT ONLY for civil cases, but also criminal cases! Perhaps the government would be a bit less enthusiastic about harassing drug defendants if it was forced to pay for their acquittals after a FIJA loss! Consider, for example, that if the government had to pay after a loss, it would become very difficult for the government to harrass a person like Phil Zimmermann, unlike today where charges can be brought even if it is recognized they won't stick, secure in the knowledge that he'd be out a great deal of money in his defense. How much sweeter would the victory be if all costs were compensated? > >> 2. Society is not static, i.e., instead of remaining at a constant >> level of corruption, the officials will keep demanding more, >> until there's a sudden, catastrophic break. > >Absolutely, that is one of the reasons I refuse to seperate those who >represent the social contract (eg the Constitution) and those who are >impacted by it, which includes even those who represent it and enforce its >various responsibilities. AP relies on this distinction as axiomatic. Do you always produce such opaque commentary? Perhaps you could re-write the above statement in ordinary English. The reality is, the guarantees supposedly provided by the US Constitution are guarantees in name only. The system is thoroughly corrupted and biased. >This >axiomatic view is ultimately based in a jealous greed for what others have >(ie power, percieved or real) and the implicit belief that all people are >NOT created equal. It's hard to know how you come to this conclusion. If anything, what I'm trying to do is to permanently destroy a system which has allowed a tiny fraction of society to control things for the rest of us for centuries, and longer. If anything, it is the system I'm trying to destroy which has taken the position that, in reality, people are not equal. On the other hand, I'm NOT a proponent for "egalitarianism," or enforced equality, at all! I'm confident that once the system is dismantled that enforces inequality on us, we can live with the result. >> 3. The AP solution has the potential to stabilize the level of >> corruption, which should make violent revolutions and genocide >> unnecessary. > >But it doesn't. What it does is provide a mechanism for de-stabalization. >Just look at the Middle East and the history of assassination. >Assassinations have never stabalized that region or any other. It's interesting that I keep seeing the same misinterpretations of the AP system. AP is not simply about killing people. And no, it hasn't been tried before. The occasional assassination is no more like AP than a random shot in the dark is like a well-aimed round. The first may, rarely, do the same thing as the second, but there is no prospect of a likely repetition. _SOME_ people seem to "get" this, why not you? The _absolutely_essential_ element that distinguishes AP is the system that allows people's individual desires to be denominated in terms of money, and accumulated until an anonymous person satisfies that desire and collects the reward. And, moreover, that this system remains in place forever. > There is >nothging in our current understanding of human psychology and social >interactions that leads to the conclusion that threats of violence will >necessarily force people to comply. If it did the government (as perceived >by AP) would not have to deal with real opposition. Simply threaten the >opposition and it melts away for the same reason that supposedly the >government would cease to oppose radicalism (ie changes in the status quo >forced by small groups upon the masses). If anything every real world >example of AP demonstrates an increase in corruption (eg. Beirut). I keep telling you that "AP has never been tried before." > >The closest analog in history to AP is the "Flowery Wars" as practiced by >the Aztecs. However, these were motivated by a belief in religous homogeneity >and not one of politics. Also, implicit in this was the axiomatic acceptance >of a real class seperation between those who ruled and those who were ruled. >By no means could one accept the premise that this caused the Aztec rulers >to be more sensitive to corruption or the continued existance of their >system. Another good example is assassination in ancient Rome, it is clear >that such activities in no way reduced corruption. AP is NOT the same thing as mere assassination. Period. If anything, there are excellent reasons why ordinary assassination can, indeed, increase corruption while the AP system would reduce it. The most obvious difference is this: The motivations are vastly different. Heretofore, assassinations have occurred based on the desires of only a tiny fraction of the population. Often one person, or only a few. In other words, the assassinations which DO occur are NOT the ones that "the rest of us" would choose. The latter type DO NOT occur! >If anything AP provides a rationale (ie self-defence) to impose even harsher >a priori conditions on sections of a society by another part of that society. >Hardly what I would consider a stabalizing condition let alone democratic. It isn't necessary that any system be "democratic." "Democracy" assumes that certain questions need to be answered by VOTE, as opposed to simply allowing individuals to answer those questions for themselves. We don't all get together and vote on what religion we'll all be forced to observe, do we? No. That's because it is accepted that certain areas are off-limits for even a "democratic" system to decide. We don't have a national vote to decide what color to paint ALL of our houses. We don't have a vote to decide what meal to eat next Thursday. Well, in my opinion there are few if any proper functions for a so-called "democratic" system. That's because I believe that most if not all decisions currently made in any "democratic" system shouldn't be made at that level at all! >What is required for stability is for each group to feel unthreatened and >secure in expressing their beliefs without fear of reprisals and at the same >time recognizing they must provide room for others beliefs. There must also >be the realization that refusal to abide by these precepts will be met with >immediate consequences. Something AP can't do, as it explicitly promotes >threats and the carrying out thereof. You clearly don't understand it! Jim Bell jimbell at pacifier.com From nobody at huge.cajones.com Mon Feb 3 00:48:13 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Mon, 3 Feb 1997 00:48:13 -0800 (PST) Subject: PGPmail 4.5 exported Message-ID: <199702030848.AAA20795@mailmasher.com> There is a pgpmail45.exe at ftp.hacktic.nl/pub/replay/pub/incoming. The file has an md5 sum of 'ffd56d7647c30152a5c9fe7616a3d9ef'. Could somebody who bought the software check that this is the same file. It is presumably free for use outside of North America, since PGP Inc. can't be expected to accept payment from foreigners... :-) From woody at hi.net Mon Feb 3 01:12:19 1997 From: woody at hi.net (Howard W Campbell) Date: Mon, 3 Feb 1997 01:12:19 -0800 (PST) Subject: moderation sucks Message-ID: <32F5ABC9.6594@hi.net> �unsubscribe cypherpunks at toad.com From lwjohnson at grill.sk.ca Mon Feb 3 01:24:25 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 01:24:25 -0800 (PST) Subject: PGP 2.1 In-Reply-To: <199702022225.OAA03367@toad.com> Message-ID: <32F5C84E.10B9@grill.sk.ca> Mark Henderson wrote: > > Larry Johnson writes: > > Hello, > > Can any;one tell me how to get a version of PGP 2.1? > > Thanks > > > But, why do you want version 2.1? Because the guy who wrote it was let off after that on his jail charges, so I'm not going to use anything he made after that if I don't know why. I'm not saying that he rolled over or nothin buyt I'm gonna be paranoyd like he said in the book. I dont suposse he'd mind, since he said it. I'm not real smart sometimes but I'nm not a real lamer, either. (I don't think) From winsock at rigel.cyberpass.net Mon Feb 3 02:01:32 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Mon, 3 Feb 1997 02:01:32 -0800 (PST) Subject: Shave the Whales Message-ID: <199702031001.CAA08382@sirius.infonex.com> The arrival of warm weather is heralded by the pig shit getting soft in Dainty L Vinegar's mini-cranium and the resulting green slime seeping through his cocaine- and syphilis- damaged nose and onto his keyboard. ^-^-^-@@-^-^-^ (..) Dainty L Vinegar From lwjohnson at grill.sk.ca Mon Feb 3 02:59:37 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 02:59:37 -0800 (PST) Subject: Trigger-Words...Trigger-Fingers In-Reply-To: <199702021555.HAA25437@toad.com> Message-ID: <32F5E155.2B0F@grill.sk.ca> Cynthia H. Brown wrote: > You would need to run a sniffer at a "choke point" of an > organisation, for example the external router to the Internet, to > capture all of the packets to / from that organisation. Putting a > sniffer on some arbitrary router out there in cloud-land would > probably not be all that productive, since there's no guarantee that > all of the IP packets carrying a given TCP connection would take the > same route. > > Cynthia > > Junk mail will be ignored in the order in which it is received. > > It is morally as bad not to care whether a thing > is true or not, so long as it makes you feel > good, as it is not to care how you got your money > as long as you have got it. > > - Edmund Way Teale, "Circle of the Seasons" Thats a good thing to say. I wonder howcom no one on this list figures that all the cool things they say at the end should be thoght about when it comes to what everyones doing on the list, with all the carp and the like. (I maeant _crap_) Everyone talks like their real smart, but I wonder if their not just a bunch of lamers if they cant get their problems fixed without doing all the stuff their mottos and stuff say not to do. I'm on some lists run by kids and they don't tell anyone to shut up but they still dont have to get all that stuff from the guys advrtising because the kids running it know how to use their computers. It sounds like a bunch of old guys on this list, since they don't think someone should be called a dork when they _are_ one. If their old then maybe they could ask their kids how to get rid of all the lamer-stuff. But if they just want the other guys on the list to shut up then their lamer-guys themselves, probablly7. I guess all the Canadian guys are on the flame list, eh?, because they're all hockey players. I'm only on the list because I got a bunch of your mail that someone put _fuck_you_ at the top, and when I tracked him down and gave him hell, he used my internet guys to send bogus posts to you guys. My uncle got on his machine and fixed it so it sends itself the Ping of Death from a remailer. Hes been doing that for years, but only to lamers who screw with him, otherwise he minds his own business. Theres not many girls on this list, is there? Do you spit or swallow? (Thats a joke---you dont have to answer) Are you married? I bet the guys on the list dont like it because you sound a whole lot smarter than a lot of them. Old guys think that girls arent good with computers, except for my uncle. He has to give a forteen year old girl on my list a hundred dollars because she got the Ping Of Death past his firewall when his buddies at Lost Alamo New Mexico couldnt, and their supposed to be experts because they belong to secret stuff and some of them are cypherpunks, too, but they don't let anyone know about it. Anyway, myu ncle prints out the girl-cypherpunks stuff for the girls on my list and they think its real cool and they all want to marry technicians so that they can make them work on the computers for them, kind of like making them do the computer dishes, you know. I'm supossed to be in bed, but Im not, but I have to go. My uncle is going to be mad when he finds out I'mn on cypherpunks but the rule is that if I get on his secret machine I can do anything I want to. When his machine boots Duke Nukem 3D is going to boot up and he's going to be really m-bare-assed. He will shit when he finds out I'm on cypherpunks list but it was because of him that the guy started sending me all that junk from you so he cant say nothing. (I hope!!!!) He could whack those guys sending you penis drawings and stuff, because he had his friends at Lost Alamo set up some remailers or get into them or something to find out who it was, but hes not supposed to interfere with your stuff but just watch and give people hints of stuff they already know and stuff like that. He says you guys arent lamers (even if you cant keep penis drawings off your machine) but just dont care anymore about fixing your problems yourself. I still think that you should just let your kids run your machine or just pick the guy with the coolest name, like Attila the Hun or Genocide or OttOmatic. I've got to go to bed really! p.s. - My lists go t mail from fuck at yourself.up too but we didn't _run_ his stuff, and were only kids. My uncle says you guys did. (I wont call you guys a _lamer_ cause that would make me a _flamer_) p.p.s. -> It is morally as bad not to care whether a thing > is true or not, so long as it makes you feel > good, as it is not to care how you got your _list_ > as long as you have got it. > > - B. D'Shauneaux, "Circle of the Eunuchs" (You guys should really read your own scrips at the end of your messages sometimes and see if your doing it yourselfs) Goodnight, you have a nice name and I bet your pretty too. Human Gus-Peter From harka at nycmetro.com Mon Feb 3 05:50:51 1997 From: harka at nycmetro.com (harka at nycmetro.com) Date: Mon, 3 Feb 1997 05:50:51 -0800 (PST) Subject: My Departure, Moderat Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hi there, > ...and saw no point in wasting even more of my time arguing against the New > Cypherpunks World Order, as the NCWO was clearly presented as a fait > accompli, not something ablut which opinions of list members (or even list > _founders_, at least not me) were being sought. -=> Quoting In:sandfort at crl11.crl.com to Harka <=- In> Factual error #2. There was a call for comment; Tim chose not to In> do so. In retrospect, I wish we had run it by Tim, Eric and In> Hugh in more detail before making the annoucement, but we didn't. In> Certainly a tactical error and a breach of protocol, but not the In> end of the world. Sorry Tim. I should have spoken to you first. Tactical error and breach of protocol, but not the end of the world?? Very weak and dangerous argument. I already hear the Administration saying: "Oh sorry, we didn't tell you about the new wiretaps affecting 50 percent of all phone lines. Certainly a tactical error and a breach of protocol, but HEY, it's _not_ the end of the world! Plus, it's good for you!" > * But the really important issue is this: is the _physical hosting_ of the > Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list > was hosted by, say, UC Berkeley or PGP Incorporated, would we consider > these hosts to be the "owners" of the Cypherpunks group?... In> I think this is a Straw Man. John and I have never argued that In> John "owns" cypherpunks. When a Cypherpunk meeting is held in In> someone's living room, however, I don't think it's asking to much In> to ask everyone to follow the local rules (e.g., "no shoes in the In> house" or "no smoking" or even "no ad hominem attacks"). As Tim In> is fond of saying, "my house; my rules." I don't think this In> means Tim "owns" a physical meeting in his house. It really doesn't matter. I do agree, that having a meeting in, let's say, your house, everybody has to submit to the "local rules", i.e. no shoes, no smoking etc.. To avoid those rules means not to go to that location. However, any rules in a certain location do NOT affect speech. While I may enforce the rule for people not to smoke in my house, I can't enforce anything in regards to their speech. The mere try would be counterproductice to having a meeting in the first place. On a mailing list like this one, trying to enforce certain _subjective_ standards is even more counterproductive, especially on the self-proclaimed fore-front of liberty (Cypherpunks). I do agree with TCM, that this is an argument for the very enemies of free speech and neglecting the individual filtering-capabilities of each subscriber. In> no evidence that it has made things worse. Remember, there are a In> hand-full of subscribers to the Flames list, 20-30 on the In> Unedited list and *2000* or so on the Moderated list. Sure some In> of that may be due to laziness, but it would be cavalier in the In> extreme to claim that such an overwhelming acceptance of In> moderation is merely an artifact of inertia. Not necessarely. By subscribing the regular way: one gets on the moderated list by default. It might take (esp. new) people a while to realize, it's moderated. And since it's Cypherpunks, they subscribed to, they don't even _expect_ such things in the first place... I'd do it vice versa, having them subscribe to unedited by default and only if they make the effort (deliberate choice) to get on any kind of moderated version, they can do so by sending a message to majordomo. Ciao Harka /*************************************************************/ /* This user supports FREE SPEECH ONLINE ...more info at */ /* and PRIVATE ONLINE COMMUNICATIONS! --> http://www.eff.org */ /* E-mail: harka at nycmetro.com (PGP-encrypted mail preferred) */ /* PGP public key available upon request. [KeyID: 04174301] */ /* F-print: FD E4 F8 6D C1 6A 44 F5 28 9C 40 6E B8 94 78 E8 */ /*<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/ /* May there be peace in this world, may all anger dissolve */ /* and may all living beings find the way to happiness... */ /*************************************************************/ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAgUBMvCiUzltEBIEF0MBAQHYGAf+In7n3Us+4g7GtHTlXynV5f1r1n0kF2/1 KCmMvng05kHUL9c2ucG/oVZAy821quvbbgQNGmEbpkbPQezCFLesWLSQ+SaA0XGm KNC8PqjiqGVHyi0UonhE6z48j0tyt1pbgYFk15nm8pb2ejSR77suXGqDNYKabqu3 MsGnn/JFWlBEArvkSjnQ6Psgs9kqi+6DLsGlKhICkaRGj5/lTfvoLvdW183WqbAt 9SkpJBjBSTFSDc6IuC0oYWZnEvbVMO8KCkOJGjgOxYDCjh5kRzQn6lB2cKXmQmyH KxAfMsTLcHV6AcFAONUKzp+TwaUcw2LA4Eu21NtD3bWo03JeHoCQLA== =f+Ki -----END PGP SIGNATURE----- If encryption is outlawed, only outlaws will have encryption... From lwjohnson at grill.sk.ca Mon Feb 3 06:40:56 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 06:40:56 -0800 (PST) Subject: About: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702031440.GAA25293@toad.com> For what it's worth, I think that this Tim May, not being a user of the list, has no place to talk. His type, to me, characterate those who quit something and complain later, knowing that some people will listen to them. So what, if he decided to leave? It was his own choice and he can't just come back and say everyone who stayed is now impelled to listen to him, just because he used to do a bunch of posts. I don't think that hardly any of you would listened to me later if I left the list. From mpd at netcom.com Mon Feb 3 06:41:01 1997 From: mpd at netcom.com (Mike Duvos) Date: Mon, 3 Feb 1997 06:41:01 -0800 (PST) Subject: Gilmore's Moderated Cypherpunks List Message-ID: <199702031441.GAA25301@toad.com> Our Former Titular Leader Bails and Expounds Thusly Over the Smoking Remains of the Once Mighty Cypherpunks List: > First, I don't argue that John Gilmore is unfree to do as > he wishes with his machine, toad, which has been the major > machine host for the Cypherpunks list. John can tell us we > have to write in Pig Latin if he wishes. Freedom of the Press belongs to those who own one. Since there are no legal restrictions on the name "Cypherpunks", anyone with a working box can host a "Cypherpunks List", and individuals may choose to spend their reputation capital improving the S/N ratio of whatever Cypherpunks Lists they favor. In this sense, a "Cypherpunks List" is like a "Webster's Dictionary." Anyone can use the name, and the deluxe leather bound edition put out by a University is better than the tacky newsprint one offered as a premium by your local book club. Gilmore's Moderated Cypherpunks List is one of many forums where Cypherpunks may choose to congregate, some of which carry the name "Cypherpunks," and some of which do not. > I think we should all be very grateful to John for agreeing > to let it run on his hardware, but not let our gratitude > turn into some sort of subservience and blather about how > John "owns" the Cypherpunks group. I think we should have nipped Gilmore in the bud when he censored Vulis, and immediately looked for a new site to host a Cypherpunks list which was not subject to sudden and arbitrary censorship by the site owner. John, of course, would have been perfectly free to continue to host "Gilmore's Moderated Cypherpunks List", and we would have perfectly free not to post there any more. Instead, being comfortable and lazy, we tolerated Gilmore's pathetic attempts to exterminate the pesky Vulis, and given that Vulis was more than a match for Gilmore mentally, the pissing contest soon escalated as the frantic Gilmore took more and more extreme measures to find "the final solution" to the good Doctor's posts. Again, predictable behavior by everyone involved. > Again, is the "Cyherpunks community" the same as the mailing > list? And is the mailing list, hosted at toad, the "property" of > John Gilmore? Of course not. What a silly notion. All mailing lists that survive more than a few months are organized around some strong personality who nudges the list back on-topic when it begins to stray, and who posts articles interesting enough that people will make regular visits to read them. If no one performs this function on a list, the list will die. I think most people will agree with me that Timothy C. May has been the person who performed this function here on Cypherpunks, from its creation until fairly recently. If he chooses not to perform this function on "Gilmore's Moderated Cypherpunks List", that is Mr. Gilmore's tough luck. Perhaps if Mr. Gilmore asks nicely, Dr. Vulis will volunteer. Then again, perhaps not. :) > I'll have more to say about my problems with how things > were handled. Frankly, it smacked of the same kind of fait > accompli decision John made with the unsubscribing of Vulis. > While John had (and has) every legal right to do with his > property as he wished, the effect was very negative. First, > Vulis found other ways to post (duh). Second, the list was > consumed with flames about this, many from Vulis, and many > from others. Third, journalists (who love sizzle over > substance any day of the week) lept into the fray with > articles which gave Vulis the publicity he craved. Fourth, > it sent a message to enemies of liberty that "Even the > Cypherpunks have found it necessary to abandon their > anarchic ways." I agree completely. Do real Cypherpunks want to post to a list run by someone who has undermined their agenda and made them look like hypocritical idiots to the world? Gilmore has done more damage to the good name of Crypto Anarchy in the last few weeks than the government spooks could ever have hoped for in their wildest dreams. > But by making the _main list_ the censored one, this skewed > things considerably. Yes, this was a sleezy and perfidious trick by Gilmore, who apparently wanted to transform "Cypherpunks" into "Gilmore's Moderated Cypherpunks List" by fiat. Even the unedited list was an afterthought to pacify critics, and you can be sure that it will evaporate as soon as he thinks no ones complaints will be heard. > Had there been a debate about the policy, I can think of > several approaches I'd like better. But inasmuch as John > made it clear that there would be no debate (and, perhaps as > part of the "problem," John has not really been a active > member of the mailing list, in terms of participating in the > debates), this is all moot. > In any case, my several years with the list have taken a > huge amount of my time. Given the way this whole thing was > handled, and the way the list is degenerating even further, > it looks like it's good that I'm moving on to other things. Hey - if John Gilmore can attract readers to "Gilmore's Moderated Cypherpunks List" by virtue of his charming personality, more power to him. Really. :) -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From jya at pipeline.com Mon Feb 3 06:48:15 1997 From: jya at pipeline.com (John Young) Date: Mon, 3 Feb 1997 06:48:15 -0800 (PST) Subject: COM_int Message-ID: <1.5.4.32.19970203144238.006c1920@pop.pipeline.com> 2-2-97: "Telecom equipment makers to develop encryption for mobile phones" Matsushita, NEC and Mitsubishi will cooperate in developing scrambler technology to prevent interception of mobile phone calls and other misuse, and will open a research laboratory in Yokohama on Feb. 12. Within five years the facility is to perfect encryption technology to protect wireless communications and data transmissions, and for possible use in electronic commerce. Researchers will work to develop a mobile communications version of "public key" scrambling technology now used to secure data transmitted online. "Electronic Cash Via Wireless Phone, Smart Card In Works" Wireless telephones are about to get a new mission as portable money machines. PacBell intends to test ways to blend its mobile phone technology with a smart card that can dramatically upgrade the intelligence of a wireless telephone. People on the go could transfer funds into the card's memory, slide the card into the phone, and then use the phone as a communications device to buy a variety of goods and services. "Sierra Wireless Combines Cellular Data, GPS; MP 200-GPS Modem Provides Both in a Single Package" The combination MP200-GPS product includes an MP200 rugged CDPD/cellular 3-watt mobile modem, a state-of-the-art Trimble GPS receiver module and a choice of magnetic mount or hard mount GPS active antennas. In addition, the MP200-GPS includes an internal microcontroller, so it can operate without a PC or mobile data terminal as a standalone tracking monitor. A remote host computer can wirelessly program the unit to report position on a preset timeout, whenever the unit moves a certain distance, or if an external alarm is triggered. ----- COM_int From raph at CS.Berkeley.EDU Mon Feb 3 06:50:26 1997 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 3 Feb 1997 06:50:26 -0800 (PST) Subject: List of reliable remailers Message-ID: <199702031450.GAA01129@kiwi.cs.berkeley.edu> I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, plus lots of interesting links to remailer-related resources, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail. For more information, see: http://www.c2.org/~raph/premail.html For the PGP public keys of the remailers, finger pgpkeys at kiwi.cs.berkeley.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"extropia"} = " cpunk pgp special"; $remailer{"mix"} = " cpunk mix pgp hash latent cut ek ksub reord ?"; $remailer{"replay"} = " cpunk mix pgp hash latent cut post ek"; $remailer{'alpha'} = ' alpha pgp'; $remailer{'nymrod'} = ' alpha pgp'; $remailer{"lead"} = " cpunk mix pgp hash latent cut ek"; $remailer{"exon"} = " cpunk pgp hash latent cut ek"; $remailer{"haystack"} = " cpunk mix pgp hash latent cut ek"; $remailer{"lucifer"} = " cpunk mix pgp hash latent cut ek"; $remailer{"jam"} = " cpunk mix pgp hash latent cut ek"; $remailer{"winsock"} = " cpunk pgp pgponly hash cut ksub reord"; $remailer{'nym'} = ' newnym pgp'; $remailer{"balls"} = " cpunk pgp hash latent cut ek"; $remailer{"squirrel"} = " cpunk mix pgp pgponly hash latent cut ek"; $remailer{"middle"} = " cpunk mix pgp hash middle latent cut ek reord ?"; $remailer{'cyber'} = ' alpha pgp'; $remailer{"dustbin"} = " cpunk pgp hash latent cut ek mix reord middle ?"; $remailer{'weasel'} = ' newnym pgp'; $remailer{"death"} = " cpunk pgp hash latent post"; $remailer{"reno"} = " cpunk mix pgp hash middle latent cut ek reord ?"; catalyst at netcom.com is _not_ a remailer. lmccarth at ducie.cs.umass.edu is _not_ a remailer. usura at replay.com is _not_ a remailer. remailer at crynwr.com is _not_ a remailer. There is no remailer at relay.com. Groups of remailers sharing a machine or operator: (cyber mix) (weasel squirrel) The alpha and nymrod nymservers are down due to abuse. However, you can use the nym or weasel (newnym style) nymservers. The cyber nymserver is quite reliable for outgoing mail (which is what's measured here), but is exhibiting serious reliability problems for incoming mail. The squirrel and winsock remailers accept PGP encrypted mail only. 403 Permission denied errors have been caused by a flaky disk on the Berkeley WWW server. This seems to be fixed now. The penet remailer is closed. Last update: Mon 3 Feb 97 6:48:17 PST remailer email address history latency uptime ----------------------------------------------------------------------- nym config at nym.alias.net #**#+*#**-#+ 4:51 100.00% dustbin dustman at athensnet.com ---+-------+ 1:50:51 99.99% weasel config at weasel.owl.de ++++--+++++ 1:09:14 99.85% lead mix at zifi.genetics.utah.edu ++--++++++++ 50:42 99.80% balls remailer at huge.cajones.com ###*###+-- # 5:45 99.62% squirrel mix at squirrel.owl.de ++++--+++ + 1:07:30 99.46% cyber alias at alias.cyberpass.net +*+ *++++*++ 40:43 99.23% winsock winsock at rigel.cyberpass.net ----------- 3:42:43 99.09% lucifer lucifer at dhp.com + ++++++++ 47:05 99.03% exon remailer at remailer.nl.com ##### #* *# 2:02 98.68% middle middleman at jpunix.com ++.--.- ---+ 5:48:30 98.23% haystack haystack at holy.cow.net ***#*+# *#-+ 15:27 97.21% extropia remail at miron.vip.best.com ------- .- 6:28:55 96.31% replay remailer at replay.com * +++-*** 15:53 93.06% reno middleman at cyberpass.net +--+ --+ 1:20:32 91.27% mix mixmaster at remail.obscura.com +-.-_-*+ 14:45:36 77.02% History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. ek Encrypt responses in reply blocks using Encrypt-Key: header. special Accepts only pgp encrypted messages. mix Can accept messages in Mixmaster format. reord Attempts to foil traffic analysis by reordering messages. Note: I'm relying on the word of the remailer operator here, and haven't verified the reord info myself. mon Remailer has been known to monitor contents of private email. filter Remailer has been known to filter messages based on content. If not listed in conjunction with mon, then only messages destined for public forums are subject to filtering. Raph Levien From tcmay at got.net Mon Feb 3 06:55:47 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 06:55:47 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702031455.GAA25476@toad.com> Unfortunately, Sandy responded to my post with his own flames ("piffle," "disingenous," "straw man," etc.). Now he may well think his points are not flames becuase they are "true," but to me they take the form of flames. But then I have long disliked Sandy's method of argument. Nothing personal. But I find Sandy's series of dismissals--in other posts from other people, not just this one--to be "flamish." As Sandy says, your mileage may vary. As Sandy did a too-common section-by-section disssection, I'll do the same for his comments. At 9:55 PM -0800 2/2/97, Sandy Sandfort wrote: >> I chose not to write a "departing flame" (or message, but some might call >> it a flame) when I unsubscribed several weeks ago--within an hour of >> reading that John and Sandy had decided to make "their" list a moderated >> list,... > >This is Tim's first error of fact. I point it out not to insult >him, but because it seriously affects much of the rest of his How can this be an "error of fact" when I am clearly setting out a point of view? Is it an error of fact that moderation was happening? Or is the disagreement with my quotes around "their"? This was clearly an expression of sarcasm. Hardly an "error of fact." >> ...and saw no point in wasting even more of my time arguing against the New >> Cypherpunks World Order, as the NCWO was clearly presented as a fait >> accompli, not something ablut which opinions of list members (or even list >> _founders_, at least not me) were being sought. > >Factual error #2. There was a call for comment; Tim chose not to >do so. In retrospect, I wish we had run it by Tim, Eric and John's message did not say he was thinking about instituting censorship, it said he was in the process of setting up such a system. As for the comments solicited, I noticed no changes whatsoever. (I guess the several dozen comments were "errors of fact," "piffle," and "straw men." Can anyone think of a single one of the various points made after John's announcement that changed the plan in any significant way?) >> I see vast amounts of bandwidth consumed by arguments about >> moderation, about the putative biases of the Moderator and Director of the >> New Cypherpunks World Order, about alternative moderation strategies (which >> is stupid, as John and Sandy announced what they were going to do, not just >> some of their preliminary thoughts), and so on. I've also noticed fewer >> substantive essays. > >And I see something different. Since previously, Tim actively >filter the list, I'm not sure on what basis he can make his >comparison. As just one example (though a signicant one) Dimitri That's an easy one, one I explained at least two or three times in the last half year: I used Eudora Pro to sort mail into various folders. I'm quite aware of what is going into various folders, and sometimes I even look in them. Clear enough? >has posted more non-flaming, on-topic posts during the two weeks >of this experiment then in the previous several months. In my >opinion, other than for the hysterical posts of a very few >self-righteous loudmouths, the overall quality of the posts has >been far superior to what it had become in the weeks before the >experiment began. YMMV. Piffle. Nonsense. If you think the overall quality of posts is superior now to what it had been, your bias in favor of your own brain child is so powerful that it's warped your judgment. Who else thinks the quality is now higher? (By the way, I don't think the proper statistical method is to "average" all of the posts, including the Vulisgrams and the scatolological insults, as these were easily filtered by anyone with a clue. Rather, look at the substantive and stimulating essays, the important ones, and ask if they have gotten better. It's disingenuous to claim that filtering out the childish insults has improved the quality of the essays. As I said, I've seen the opposite. You apparently think differently.) >> (Others did too, but they seem to be tapering off as well, leaving the list >> to be dominated by something called a "Toto," the "O.J. was framed!" >> ravings of Dale Thorn, the love letters between Vulis and someone name >> Nurdane Oksas,... > >Two points: Since Tim largely agrees with those in opposition to >moderation, and because of the extraordinary nature of Tim's post, >I did not send it to the "flames" list. It was a judgment call. Here Sandy is really going over the line. He is saying he _almost_ filtered my message into the reject pile, where later he claims I would have no problem writing an essay and not knowing whether it would be filtered into the Good or the Bad pile. He later writes, in response to my point: "(Frankly, one of my considerations in leaving was the feeling that I >> would never know if an essay I'd spent hours composing would be rejected by >> Sandy for whatever reasons.... > >Tim, I think this is disingenuous. I have been quite clear on >my moderation criteria. You are too intelligent to feign such >a lack of understanding." So, given that I wrote my essay today, should I have known if it would be filtered into Sandy's "Not Fit for True Cypherpunks" list, or the Approved list? Sandy implies that he himself had to make a "judment call" on this one. Hey, people, this shows how fucked up things have gotten. Lord Almighty Sandy says my long-considered, well-written essay was _almost_ shitcanned ("It was a judgment call"). And for what reason? Apparently because of a single paragraph that mentioned "Toto" and Dale Thorn (oh, and Nurdane and Vulis and their love relationship) in unflattering terms. Is this the crap the Cypherpunks were founded to put up with? A petty satrap deciding to filter out a long and substantive essay because he feels some paragraph is insulting? What a state of affairs. This more than anything demonstrates the truth of Lord Acton's maxim about absolute power corrupting absolutely. Sandy feels free to flame away (piffle, straw man, logical fallacy), but expresses umbrage at my very accurate comments about ravings and rantings of certain list memmbers. (Perhaps Sandy will censor this message, feeling you readers are not able to handle my dismissal of his asinine views. This will leave the Censor having the final word, which is "not unexpected." When a censor gets into a debate with one of his charges, this is what often happens.) >> * But the really important issue is this: is the _physical hosting_ of the >> Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list >> was hosted by, say, UC Berkeley or PGP Incorporated, would we consider >> these hosts to be the "owners" of the Cypherpunks group?... > >I think this is a Straw Man. John and I have never argued that >John "owns" cypherpunks. When a Cypherpunk meeting is held in >someone's living room, however, I don't think it's asking to much >to ask everyone to follow the local rules (e.g., "no shoes in the >house" or "no smoking" or even "no ad hominem attacks"). As Tim >is fond of saying, "my house; my rules." I don't think this >means Tim "owns" a physical meeting in his house. This is precisely the point I made! As for John instituting a censorhip policy, as I said, he is of course free to do it. It may be foolish to do so, but he is free to do so. And those of us who don't like what this all means are free to leave. Sounds fair to me. >> While John had (and has) every legal right >> to do with his property as he wished, the effect was very negative. First, >> Vulis found other ways to post (duh). > >Tim, do you really believe that John did not anticipate this? I have no idea what John anticipated and didn't. But if he knew it wouldn't work, why bother? Not only did Vulis actually start posting _more_, it also consumed the list in a frenzy of posts about it. (By the way, remember that we are here talking about the unsubscription of Vulis by John. My reason for this reminder will be clear in a moment.) >> Second, the list was consumed with >> flames about this, many from Vulis, and many from others. > >It was consumed with flames before. Now, at least, the vast >majority of folks on the list don't have to read them, nor jump >through any hoops to implement some sort of dynamic filtering >half-measure. We're talking about Vulis being unsubscribed, not the list censorship episode. >> Third, journalists (who love sizzle over substance any day of >> the week) lept into the fray with articles which gave Vulis the >> publicity he craved. > >That's what journalist do, though I wasn't aware of ANY articles >on this issue. I would appreciate it if Tim could give us some >citations. Again, we're talking about the Vulis unsubscription episode. Go back to the archives covering this period. Declan McCullough wrote an article about this, giving Vulis much publicity. And some of us were contacted by other journalists asking for our views, for what this meant about for the list's espoused philosophy about anarchy, etc. (I refused to comment, of course.) >> Fourth, it sent a message to enemies of liberty that "Even the >> Cypherpunks have found it necessary to abandon their anarchic >> ways." > >That's one message that one could take from all this, I suppose. >I don't see it that way, nor do several list members who thanked >me in private e-mail for improving the list. Again, YMMV. Once again, the subject of the section you're citing was about the Vulis unsubscription matter. I think, Sandy, you need to read more carefully before you denounce arguments. >> (I'm well aware of the issues with pests like Vulis, who seek to destroy >> virtual communities like ours. But the solution John used did not work, and >> generated more crap.... > >What didn't work was "local filtering" which has no feed-back >loop to engender comity. This might not work either, but I see >no evidence that it has made things worse. Remember, there are a If you see no evidence that is has made things worse, then apparently you haven't seen that I have not been posting for the past month. Whatever my reasons, if you can seriously claim that you can see "no evidence" that a change of some sort has occurred... >hand-full of subscribers to the Flames list, 20-30 on the >Unedited list and *2000* or so on the Moderated list. Sure some >of that may be due to laziness, but it would be cavalier in the >extreme to claim that such an overwhelming acceptance of >moderation is merely an artifact of inertia. I still maintain, as others have as well, that a better approach would have been to announce the "Sandy-approved" list as a new option. Changing the main list to the censored version was a way to exploit the name of the list, etc. (Consider if Eric Blossom's filtered list was suddenly declared to be the "Cypherpunks" list. This is essentially what has happened. A major screw up. And I don't really think it germane to cite how many are on each list. Sheep are sheep, and, frankly, about 1850 of those putative "*2000*" on the main list are never, ever heard from.) .... >Tim and I disagree on which definition of "censorship" applies in >this situation. Dale Thorne, and others, have argued, in essence, >that there is censorship if ANY definition would apply. I'm not >sure time is going that far, but if so, I respectfully disagree. > >But let's apply Tim's above definition for the sake of argument. >Am I, thereby, a censor? Well I am examining "other material" >and I am making judgments with regard to whether or not it is >"objectionable," unfortunately for Tim's argument, I am neither >"removing" nor "supressing" anything. Anybody can read anything >that gets posted to Cypherpunks--in two places. I am sorting, >but even my sorting can be completely avoided. Sophistry. >> * OK, even given that John had decided to censor "his" list, what about his >> choice of Sandy Sandfort as the censor? > >John didn't choose me, I approached him. I offered my opinion as >to what I thought HE ought to do about the list disruptions. The >short version of his answer was, "if you think you can do a >better job, go for it." I accepted the challenge, so here I am. >I don't want this job. If the list members decide to keep the ^^^^^^^^^^^^^^^^^^^ By the way, how is this to be "decided"? A democratic vote of the herd? Do all "*2000*" get a vote? Are we moving from benevolent dictatorship to direct democracy? >> * Nor do the announced criteria make any sense. While the inane one-line >> scatological insults have been filtered out, many "flames" make it through, >> based on what I've seen in perusing the hks archive site. And some >> reasonable comments get dumped in the flame bucket. > >Very possibly true. Moderation is like crypto, perfection isn't >and option. However, a 90% solution is a heck of a lot better >than no solution at all. Yes, I've made what I consider to be >errors, but I think on some, I've done a very good job overall. You seriously think that establishing the idea that "even the Cypherpunks group accepts the need for censorship of unpopular views" is worth the minimal bandwidth savings of not having some of the scatological one-liners and insults? The huge amount of list animosity (so much for "comity") and bandwidth on this censorship issue dwarfs the bandwidth taken up by the Vulisgrams. >> * (Frankly, one of my considerations in leaving was the feeling that I >> would never know if an essay I'd spent hours composing would be rejected by >> Sandy for whatever reasons.... > >Tim, I think this is disingenuous. I have been quite clear on >my moderation criteria. You are too intelligent to feign such >a lack of understanding. As I noted earlier, you yourself said it was a "judgment call" for you to not put my message in the flames pile. So, did I truly not understand your criteria for approval (which means I wasn't feigning ignorance), or did I understand that which you yourself acknowledged having to make a judgment call (kissing cousin to a "guess" where I come from) on? If you are unsure whether to dump a major, substantive essay into the flames pile or allow it to be read by the main list, then this makes my point precisely. I don't want Sandy Sandfort sitting in judgment on my posts, deciding what the Cypherpunks--a group I co-founded for God's sake!!!!--are to be allowed to read and what they may not. (Saying what Sandy is doing is not "censorship" but is only "sorting" is pure sophistry.) >> maybe he might think my essay was off-topic, > >Clearly not a criterion I ever enunciated. Another part of the problem is that the standards have not been clearly stated. "Flames" have not been defined in any meaningful way. Apparently it's OK for you to refer to my arguments as "disingenuous" and "piffle," but referring to someone's repeated ravings about how O.J. was framed is "flaming." Piffle. >> * The decision to "moderate" (censor) the Cypherpunks list is powerful >> ammunition to give to our opponents, > >Piffle. Letting spoiled children destroy the list puts a far >more powerful weapon in the hands of our enemies. See what I mean? "Piffle." ("piffle, n. Foolish or futile talk or ideas") Hardly a substantive argument. I'd call it an insult. And I'll bet that if Phill Hallam-Baker dismisses an argument with a "foolish" one-line characterization, it will be viewed as a flame. (Well, not now, now that Sandy is apprised of this.) >> and Vulis is certainly gleeful that >> his fondest wishes have been realized. > >I do not have a crystal ball. My Vulcan mind meld is in the ^^^^^^^^^^^^^^^^ Ah, a non-flamish way of making an argument. Dismissive jokes substituting for responding to my _opinion_. >> (I would venture a guess that a Duncan Frissell would almost certainly get a >> libertarian rant past Sandy while a Phill Hallam-Baker might easily fail to >> get a leftist rant past him.) > >I sorry Tim gives me so little credit. Rather than merely post a >self-serving denial, I would ask that Phill confirm or deny Tim's >supposition. To the best of my recollection, I have sent only >one post of Phill's to the Flames list. It flamed Jim Bell. As >far as moderating political rants go, I'm agnostic. Again, look at what the Cypherpunks list has become! Because some of the barnyard insults were getting to some people, we now have a situation where a thoughtful commentator like Phill H-B (who I rarely agree with, by the way, but his essays show he's thinking about issues deeply) has his stuff sent to the scrap heap because he "flamed" Jim Bell? Or was it a critique of Bell's "assassination politics" ideas and the way he presents them, perhaps with a single flamish comment (a la the comment I made that caused Sandy to almost mark my entire essay as unfit for Cypherpunks)? I urge Phill, or others, to retrieve this offending article and repost it. Or use "*%&$" symbols where the banned flame language was contained, so it will pass muster with Sandy. Then we can better judge just what we're giving up in order to have the kind of "comity" which Sandy thinks he is creating. --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From nobody at huge.cajones.com Mon Feb 3 07:10:43 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Mon, 3 Feb 1997 07:10:43 -0800 (PST) Subject: PGPmail 4.5 exported Message-ID: <199702031510.HAA25655@toad.com> There is a pgpmail45.exe at ftp.hacktic.nl/pub/replay/pub/incoming. The file has an md5 sum of 'ffd56d7647c30152a5c9fe7616a3d9ef'. Could somebody who bought the software check that this is the same file. It is presumably free for use outside of North America, since PGP Inc. can't be expected to accept payment from foreigners... :-) From lwjohnson at grill.sk.ca Mon Feb 3 07:10:58 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 07:10:58 -0800 (PST) Subject: PGP 2.1 Message-ID: <199702031510.HAA25728@toad.com> Mark Henderson wrote: > > Larry Johnson writes: > > Hello, > > Can any;one tell me how to get a version of PGP 2.1? > > Thanks > > > But, why do you want version 2.1? Because the guy who wrote it was let off after that on his jail charges, so I'm not going to use anything he made after that if I don't know why. I'm not saying that he rolled over or nothin buyt I'm gonna be paranoyd like he said in the book. I dont suposse he'd mind, since he said it. I'm not real smart sometimes but I'nm not a real lamer, either. (I don't think) From sandfort at crl.com Mon Feb 3 07:11:07 1997 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 3 Feb 1997 07:11:07 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Mon, 3 Feb 1997, Timothy C. May wrote: > Unfortunately, Sandy responded to my post with his own flames ("piffle," > "disingenous," "straw man," etc.). Now he may well think his points are not > flames becuase they are "true," but to me they take the form of flames. But they are not ad hominem attacks on Tim May. The are my opinions of some of his arguments. Even very smart people such as Tim say poorly thought out or even silly things. > But then I have long disliked Sandy's method of argument. Nothing personal. But Nor I, Tim's. Nothing personal, but that's the point. It is still possible to conduct ourselves with mutual respect even if our views and styles differ. > As Sandy did a too-common section-by-section disssection, I'll do the same > for his comments. After reading through Tim's post, I don't think much would be served by doing another point by point response. From Tim's tone, it appears he is still seething about how this all came about, so I'll just leave our two expressions of opinions where they were. I have no wish to exacerbate any hard feelings Tim may be having. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jya at pipeline.com Mon Feb 3 07:11:08 1997 From: jya at pipeline.com (John Young) Date: Mon, 3 Feb 1997 07:11:08 -0800 (PST) Subject: COM_int Message-ID: <199702031511.HAA25741@toad.com> 2-2-97: "Telecom equipment makers to develop encryption for mobile phones" Matsushita, NEC and Mitsubishi will cooperate in developing scrambler technology to prevent interception of mobile phone calls and other misuse, and will open a research laboratory in Yokohama on Feb. 12. Within five years the facility is to perfect encryption technology to protect wireless communications and data transmissions, and for possible use in electronic commerce. Researchers will work to develop a mobile communications version of "public key" scrambling technology now used to secure data transmitted online. "Electronic Cash Via Wireless Phone, Smart Card In Works" Wireless telephones are about to get a new mission as portable money machines. PacBell intends to test ways to blend its mobile phone technology with a smart card that can dramatically upgrade the intelligence of a wireless telephone. People on the go could transfer funds into the card's memory, slide the card into the phone, and then use the phone as a communications device to buy a variety of goods and services. "Sierra Wireless Combines Cellular Data, GPS; MP 200-GPS Modem Provides Both in a Single Package" The combination MP200-GPS product includes an MP200 rugged CDPD/cellular 3-watt mobile modem, a state-of-the-art Trimble GPS receiver module and a choice of magnetic mount or hard mount GPS active antennas. In addition, the MP200-GPS includes an internal microcontroller, so it can operate without a PC or mobile data terminal as a standalone tracking monitor. A remote host computer can wirelessly program the unit to report position on a preset timeout, whenever the unit moves a certain distance, or if an external alarm is triggered. ----- COM_int From raph at CS.Berkeley.EDU Mon Feb 3 07:11:10 1997 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 3 Feb 1997 07:11:10 -0800 (PST) Subject: List of reliable remailers Message-ID: <199702031511.HAA25742@toad.com> I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, plus lots of interesting links to remailer-related resources, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail. For more information, see: http://www.c2.org/~raph/premail.html For the PGP public keys of the remailers, finger pgpkeys at kiwi.cs.berkeley.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"extropia"} = " cpunk pgp special"; $remailer{"mix"} = " cpunk mix pgp hash latent cut ek ksub reord ?"; $remailer{"replay"} = " cpunk mix pgp hash latent cut post ek"; $remailer{'alpha'} = ' alpha pgp'; $remailer{'nymrod'} = ' alpha pgp'; $remailer{"lead"} = " cpunk mix pgp hash latent cut ek"; $remailer{"exon"} = " cpunk pgp hash latent cut ek"; $remailer{"haystack"} = " cpunk mix pgp hash latent cut ek"; $remailer{"lucifer"} = " cpunk mix pgp hash latent cut ek"; $remailer{"jam"} = " cpunk mix pgp hash latent cut ek"; $remailer{"winsock"} = " cpunk pgp pgponly hash cut ksub reord"; $remailer{'nym'} = ' newnym pgp'; $remailer{"balls"} = " cpunk pgp hash latent cut ek"; $remailer{"squirrel"} = " cpunk mix pgp pgponly hash latent cut ek"; $remailer{"middle"} = " cpunk mix pgp hash middle latent cut ek reord ?"; $remailer{'cyber'} = ' alpha pgp'; $remailer{"dustbin"} = " cpunk pgp hash latent cut ek mix reord middle ?"; $remailer{'weasel'} = ' newnym pgp'; $remailer{"death"} = " cpunk pgp hash latent post"; $remailer{"reno"} = " cpunk mix pgp hash middle latent cut ek reord ?"; catalyst at netcom.com is _not_ a remailer. lmccarth at ducie.cs.umass.edu is _not_ a remailer. usura at replay.com is _not_ a remailer. remailer at crynwr.com is _not_ a remailer. There is no remailer at relay.com. Groups of remailers sharing a machine or operator: (cyber mix) (weasel squirrel) The alpha and nymrod nymservers are down due to abuse. However, you can use the nym or weasel (newnym style) nymservers. The cyber nymserver is quite reliable for outgoing mail (which is what's measured here), but is exhibiting serious reliability problems for incoming mail. The squirrel and winsock remailers accept PGP encrypted mail only. 403 Permission denied errors have been caused by a flaky disk on the Berkeley WWW server. This seems to be fixed now. The penet remailer is closed. Last update: Mon 3 Feb 97 6:48:17 PST remailer email address history latency uptime ----------------------------------------------------------------------- nym config at nym.alias.net #**#+*#**-#+ 4:51 100.00% dustbin dustman at athensnet.com ---+-------+ 1:50:51 99.99% weasel config at weasel.owl.de ++++--+++++ 1:09:14 99.85% lead mix at zifi.genetics.utah.edu ++--++++++++ 50:42 99.80% balls remailer at huge.cajones.com ###*###+-- # 5:45 99.62% squirrel mix at squirrel.owl.de ++++--+++ + 1:07:30 99.46% cyber alias at alias.cyberpass.net +*+ *++++*++ 40:43 99.23% winsock winsock at rigel.cyberpass.net ----------- 3:42:43 99.09% lucifer lucifer at dhp.com + ++++++++ 47:05 99.03% exon remailer at remailer.nl.com ##### #* *# 2:02 98.68% middle middleman at jpunix.com ++.--.- ---+ 5:48:30 98.23% haystack haystack at holy.cow.net ***#*+# *#-+ 15:27 97.21% extropia remail at miron.vip.best.com ------- .- 6:28:55 96.31% replay remailer at replay.com * +++-*** 15:53 93.06% reno middleman at cyberpass.net +--+ --+ 1:20:32 91.27% mix mixmaster at remail.obscura.com +-.-_-*+ 14:45:36 77.02% History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. ek Encrypt responses in reply blocks using Encrypt-Key: header. special Accepts only pgp encrypted messages. mix Can accept messages in Mixmaster format. reord Attempts to foil traffic analysis by reordering messages. Note: I'm relying on the word of the remailer operator here, and haven't verified the reord info myself. mon Remailer has been known to monitor contents of private email. filter Remailer has been known to filter messages based on content. If not listed in conjunction with mon, then only messages destined for public forums are subject to filtering. Raph Levien From jimbell at pacifier.com Mon Feb 3 07:11:12 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 07:11:12 -0800 (PST) Subject: Free & Open Society & toleration (fwd) Message-ID: <199702031511.HAA25748@toad.com> At 10:18 PM 2/1/97 -0600, Jim Choate wrote: > >Forwarded message: > >> Nobody has a problem with your ideals, it's just that Jim Bell is >> trying to say (correct me and forgive me if I'm wrong) that: >> >> 1. Society will never subscribe to your ideals. > >But other than two points they already do. The two points being, > >1. Libel is a recognized legal concept now, the difference is one of degree. Maybe this will appear to you to be too-subtle a distinction, but I don't share the misimpression of equating what "society" (the citizenry?) accepts and what government-types accept. For instance, as I understand it the public uniformly rejects the concept of wiretaps as a method of law-enforcement, yet they are done anyway. In effect, it would be correct both to say: a. Society will never accept wiretapping. (where "society" is defined as the collection of individuals) as well as saying... b. Wiretapping is a "recognized legal concept now." (because the implication is that "recognized" refers to a tiny subset of society, the thugs who run the "justice system.") Now, it's my own personal opinion that wiretapping is unconstitutional, but is done anyway for the same reason other unconstitutional things are regularly done by government: Despite public disapproval, the public is never actually given the opportunity to make the decision. The fact is, libel lawsuits are apparently a rather rare "tool" that we don't even need. Perhaps a REAL LAWYER who is aware of the statistics can tell us how often they actually occur. I argue that something that rare is, almost by definition, not really needed. >My solutions to these two issues are: > >1. Removal of the lawyer from the ultimate choice of whether the case > should be pursued. Yes, I'd like to "remove a few lawyers," as well. Not quite the way you would, however. >4. By the implimentation of a bond proviso on the part of the plaintiff > the system provides a check and balance reducing nuisance cases as > well as reducing the taxation load on the citizenry. Why not a full "loser pays" system? And I mean NOT ONLY for civil cases, but also criminal cases! Perhaps the government would be a bit less enthusiastic about harassing drug defendants if it was forced to pay for their acquittals after a FIJA loss! Consider, for example, that if the government had to pay after a loss, it would become very difficult for the government to harrass a person like Phil Zimmermann, unlike today where charges can be brought even if it is recognized they won't stick, secure in the knowledge that he'd be out a great deal of money in his defense. How much sweeter would the victory be if all costs were compensated? > >> 2. Society is not static, i.e., instead of remaining at a constant >> level of corruption, the officials will keep demanding more, >> until there's a sudden, catastrophic break. > >Absolutely, that is one of the reasons I refuse to seperate those who >represent the social contract (eg the Constitution) and those who are >impacted by it, which includes even those who represent it and enforce its >various responsibilities. AP relies on this distinction as axiomatic. Do you always produce such opaque commentary? Perhaps you could re-write the above statement in ordinary English. The reality is, the guarantees supposedly provided by the US Constitution are guarantees in name only. The system is thoroughly corrupted and biased. >This >axiomatic view is ultimately based in a jealous greed for what others have >(ie power, percieved or real) and the implicit belief that all people are >NOT created equal. It's hard to know how you come to this conclusion. If anything, what I'm trying to do is to permanently destroy a system which has allowed a tiny fraction of society to control things for the rest of us for centuries, and longer. If anything, it is the system I'm trying to destroy which has taken the position that, in reality, people are not equal. On the other hand, I'm NOT a proponent for "egalitarianism," or enforced equality, at all! I'm confident that once the system is dismantled that enforces inequality on us, we can live with the result. >> 3. The AP solution has the potential to stabilize the level of >> corruption, which should make violent revolutions and genocide >> unnecessary. > >But it doesn't. What it does is provide a mechanism for de-stabalization. >Just look at the Middle East and the history of assassination. >Assassinations have never stabalized that region or any other. It's interesting that I keep seeing the same misinterpretations of the AP system. AP is not simply about killing people. And no, it hasn't been tried before. The occasional assassination is no more like AP than a random shot in the dark is like a well-aimed round. The first may, rarely, do the same thing as the second, but there is no prospect of a likely repetition. _SOME_ people seem to "get" this, why not you? The _absolutely_essential_ element that distinguishes AP is the system that allows people's individual desires to be denominated in terms of money, and accumulated until an anonymous person satisfies that desire and collects the reward. And, moreover, that this system remains in place forever. > There is >nothging in our current understanding of human psychology and social >interactions that leads to the conclusion that threats of violence will >necessarily force people to comply. If it did the government (as perceived >by AP) would not have to deal with real opposition. Simply threaten the >opposition and it melts away for the same reason that supposedly the >government would cease to oppose radicalism (ie changes in the status quo >forced by small groups upon the masses). If anything every real world >example of AP demonstrates an increase in corruption (eg. Beirut). I keep telling you that "AP has never been tried before." > >The closest analog in history to AP is the "Flowery Wars" as practiced by >the Aztecs. However, these were motivated by a belief in religous homogeneity >and not one of politics. Also, implicit in this was the axiomatic acceptance >of a real class seperation between those who ruled and those who were ruled. >By no means could one accept the premise that this caused the Aztec rulers >to be more sensitive to corruption or the continued existance of their >system. Another good example is assassination in ancient Rome, it is clear >that such activities in no way reduced corruption. AP is NOT the same thing as mere assassination. Period. If anything, there are excellent reasons why ordinary assassination can, indeed, increase corruption while the AP system would reduce it. The most obvious difference is this: The motivations are vastly different. Heretofore, assassinations have occurred based on the desires of only a tiny fraction of the population. Often one person, or only a few. In other words, the assassinations which DO occur are NOT the ones that "the rest of us" would choose. The latter type DO NOT occur! >If anything AP provides a rationale (ie self-defence) to impose even harsher >a priori conditions on sections of a society by another part of that society. >Hardly what I would consider a stabalizing condition let alone democratic. It isn't necessary that any system be "democratic." "Democracy" assumes that certain questions need to be answered by VOTE, as opposed to simply allowing individuals to answer those questions for themselves. We don't all get together and vote on what religion we'll all be forced to observe, do we? No. That's because it is accepted that certain areas are off-limits for even a "democratic" system to decide. We don't have a national vote to decide what color to paint ALL of our houses. We don't have a vote to decide what meal to eat next Thursday. Well, in my opinion there are few if any proper functions for a so-called "democratic" system. That's because I believe that most if not all decisions currently made in any "democratic" system shouldn't be made at that level at all! >What is required for stability is for each group to feel unthreatened and >secure in expressing their beliefs without fear of reprisals and at the same >time recognizing they must provide room for others beliefs. There must also >be the realization that refusal to abide by these precepts will be met with >immediate consequences. Something AP can't do, as it explicitly promotes >threats and the carrying out thereof. You clearly don't understand it! Jim Bell jimbell at pacifier.com From harka at nycmetro.com Mon Feb 3 07:12:45 1997 From: harka at nycmetro.com (harka at nycmetro.com) Date: Mon, 3 Feb 1997 07:12:45 -0800 (PST) Subject: My Departure, Moderat Message-ID: <199702031512.HAA25754@toad.com> -----BEGIN PGP SIGNED MESSAGE----- Hi there, > ...and saw no point in wasting even more of my time arguing against the New > Cypherpunks World Order, as the NCWO was clearly presented as a fait > accompli, not something ablut which opinions of list members (or even list > _founders_, at least not me) were being sought. -=> Quoting In:sandfort at crl11.crl.com to Harka <=- In> Factual error #2. There was a call for comment; Tim chose not to In> do so. In retrospect, I wish we had run it by Tim, Eric and In> Hugh in more detail before making the annoucement, but we didn't. In> Certainly a tactical error and a breach of protocol, but not the In> end of the world. Sorry Tim. I should have spoken to you first. Tactical error and breach of protocol, but not the end of the world?? Very weak and dangerous argument. I already hear the Administration saying: "Oh sorry, we didn't tell you about the new wiretaps affecting 50 percent of all phone lines. Certainly a tactical error and a breach of protocol, but HEY, it's _not_ the end of the world! Plus, it's good for you!" > * But the really important issue is this: is the _physical hosting_ of the > Cypherpunks mailing list coterminous with the "Cypherpunks"? If the list > was hosted by, say, UC Berkeley or PGP Incorporated, would we consider > these hosts to be the "owners" of the Cypherpunks group?... In> I think this is a Straw Man. John and I have never argued that In> John "owns" cypherpunks. When a Cypherpunk meeting is held in In> someone's living room, however, I don't think it's asking to much In> to ask everyone to follow the local rules (e.g., "no shoes in the In> house" or "no smoking" or even "no ad hominem attacks"). As Tim In> is fond of saying, "my house; my rules." I don't think this In> means Tim "owns" a physical meeting in his house. It really doesn't matter. I do agree, that having a meeting in, let's say, your house, everybody has to submit to the "local rules", i.e. no shoes, no smoking etc.. To avoid those rules means not to go to that location. However, any rules in a certain location do NOT affect speech. While I may enforce the rule for people not to smoke in my house, I can't enforce anything in regards to their speech. The mere try would be counterproductice to having a meeting in the first place. On a mailing list like this one, trying to enforce certain _subjective_ standards is even more counterproductive, especially on the self-proclaimed fore-front of liberty (Cypherpunks). I do agree with TCM, that this is an argument for the very enemies of free speech and neglecting the individual filtering-capabilities of each subscriber. In> no evidence that it has made things worse. Remember, there are a In> hand-full of subscribers to the Flames list, 20-30 on the In> Unedited list and *2000* or so on the Moderated list. Sure some In> of that may be due to laziness, but it would be cavalier in the In> extreme to claim that such an overwhelming acceptance of In> moderation is merely an artifact of inertia. Not necessarely. By subscribing the regular way: one gets on the moderated list by default. It might take (esp. new) people a while to realize, it's moderated. And since it's Cypherpunks, they subscribed to, they don't even _expect_ such things in the first place... I'd do it vice versa, having them subscribe to unedited by default and only if they make the effort (deliberate choice) to get on any kind of moderated version, they can do so by sending a message to majordomo. Ciao Harka /*************************************************************/ /* This user supports FREE SPEECH ONLINE ...more info at */ /* and PRIVATE ONLINE COMMUNICATIONS! --> http://www.eff.org */ /* E-mail: harka at nycmetro.com (PGP-encrypted mail preferred) */ /* PGP public key available upon request. [KeyID: 04174301] */ /* F-print: FD E4 F8 6D C1 6A 44 F5 28 9C 40 6E B8 94 78 E8 */ /*<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>*/ /* May there be peace in this world, may all anger dissolve */ /* and may all living beings find the way to happiness... */ /*************************************************************/ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAgUBMvCiUzltEBIEF0MBAQHYGAf+In7n3Us+4g7GtHTlXynV5f1r1n0kF2/1 KCmMvng05kHUL9c2ucG/oVZAy821quvbbgQNGmEbpkbPQezCFLesWLSQ+SaA0XGm KNC8PqjiqGVHyi0UonhE6z48j0tyt1pbgYFk15nm8pb2ejSR77suXGqDNYKabqu3 MsGnn/JFWlBEArvkSjnQ6Psgs9kqi+6DLsGlKhICkaRGj5/lTfvoLvdW183WqbAt 9SkpJBjBSTFSDc6IuC0oYWZnEvbVMO8KCkOJGjgOxYDCjh5kRzQn6lB2cKXmQmyH KxAfMsTLcHV6AcFAONUKzp+TwaUcw2LA4Eu21NtD3bWo03JeHoCQLA== =f+Ki -----END PGP SIGNATURE----- If encryption is outlawed, only outlaws will have encryption... From jimbell at pacifier.com Mon Feb 3 07:12:46 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 07:12:46 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702031512.HAA25755@toad.com> At 07:10 PM 2/2/97 -0600, ichudov at algebra.com wrote: >jim bell wrote: >> >> Better yet, set up a system to encourage the public to USE those guns (and >> other weapons) to get rid of the people who pass such laws, and the problem >> is solved. >> > >How about this scenario: I borrow 1 million dollars from, let's say, >Phill Hallam-Baker. Not wanting to pay it back, I pay to the >assassination bot and arrange him to be murdered. Simple. Even if a lendor dies (whether by murder or some other cause, perhaps undetermined) you (the debtor) presumably will still be obligated to pay back the debt, to his estate if nowhere else. If you WEREN'T responsible for the killing, you should still make the payments. If you do, then you had no reason to kill him in the first place. Even in the hypothetical scenario that the lendor is single, has no family or other likely heirs, it would be in his interest to declare that his estate goes to charity, including debts to it such as yours. After all, we can assume that he doesn't want to get murdered, and the best way of avoiding that fate is to remove whatever incentive might otherwise exist for anyone else to kill him. Making sure that all of his debtors are revealed would make it difficult for any of them to get away with murder. Or, at least, prevent the fact of such a murder from eliminating the need to repay the debt. If the fact of the loan were revealed, perhaps only after the lendor's death, and ALSO the fact that you (alone among his other debtors) refused to pay it back, everyone else in that society might reasonably come to the conclusion (absent proof or a good explanation to the contrary) that you were probably responsible for the death. At the very least, they wouldn't want to deal with you for fear of a similar outcome (non-payment or death), and some of the public would be likely to punish you by donating money to see you dead. They would do this, even if they had no particular link to the dead lendor, precisely because the publicity from such an outcome would deter other people who might be contemplating a similar thing. The logic is essentially the same as the situation where a person would donate small amounts money to see car thieves dead, even if his car hadn't (yet) been stolen: If it is essentially certain that such a penalty will always exist, it will tend to deter future incidents. All car owners have a motivation to maintain that system. >Another story: suppose that I negligently caused fire that destroys >house of, say, Toto. Toto knows that if he sues me, I can arrange him >murdered for the amount less than the amount of damages. As he could, you. Remember, if your bad actions were publicized, your reputation would suffer. If he's satisfied that you are guilty, and can prove it to others, you'll be in trouble to have the information published. (On the other hand, if nobody knows it was you who were responsible, you won't suffer, but that's no worse than the status quo.) > As a result, >he refrains from suing me, or (if he is a mean person) pays additional >money to have me murdered. A suit would probably be a much better outcome. A "suit" implies that he needs assistance to get the fact of the obligation enforced. Assuming he has enough proof to win a lawsuit, he has more than enough proof to sour everyone else on dealing with you in the future, and possibly get them to donate to see you dead. Do you risk it? >Another story: suppose that OKSAS hired me to work for her, but then >our relationships go south and she fires me. Again, her fate is very >unclear, although I would probably spare her life if it were she. > >The bottom line is, it becomes very hard to do ANYTHING that disappoints >at least somebody. That can lead to a lot of inefficiencies. I predict that agreements will simply change to avoid (or anticipate) such disappointments, in order to ensure that neither party feels "taken" if things don't work out as planned. Or, if there is an innocent-and-unavoidable breach of the agreement that harms one person, the other will be motivated to make it up to the first. In effect, they'll have to find a mutually-agreeable middle ground. Jim Bell jimbell at pacifier.com From shamrock at netcom.com Mon Feb 3 07:14:26 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 07:14:26 -0800 (PST) Subject: Ireland: Bid To Ban "Tamper Proof" Phones Message-ID: <199702031514.HAA25769@toad.com> At 02:32 PM 2/2/97 +0000, Mani wrote: >>From today's Sunday Independent: > >Bid to ban "tamper proof" telephones. >Liz Allen, Crime Correspondent [...] >Justice Minister Nora Owen is presiding over the conference which will agree >on a memorandum of understanding whereby all of the 22 governments will >agree to allow the sale of only telephones which can be intercepted. [...] >Among the countries which will be in attendance at the conference >are America, Australia, Hong Kong, and Britain. I would like to point out two items: 1. A US ban on domestic sales of secure telephony products will require an act of Congress. 2. Insiders have known for months that the US Department of Justice is planning to introduce crypto legislation during the current session of Congress. You draw your own conclusions. IMHO, we will see the USG approaching Congress, pointing to the multilateral agreement, and ask that Congress pass a law to implement the agreement (which, let us not forget about it, has of course been instigated by the USG). It just might work. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From nobody at huge.cajones.com Mon Feb 3 07:25:43 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Mon, 3 Feb 1997 07:25:43 -0800 (PST) Subject: Voice Encrytion/Scrambling Message-ID: <199702031525.HAA26006@toad.com> Can anyone comment on and give pointers to devices designed to encrypt voice transmission over POTS lines? I am interested in the respective sound qualities (if you've tried it) and relative strengths of encryption algorithms. Thus far, I've found: http://www-jb.cs.uni-sb.de/~khuwig/lc-1eng.html http://www.cescomm.co.nz/cesindex.html http://www.worldaccess.com/~djm/crytek.htm The first on the list claims to use RSA but gives no ordering or pricing information. Conversely, the last two seem more "available", however they are each vague on the specifics of their respective encryption/scrambling algorithm. Anyone? From adam at homeport.org Mon Feb 3 07:25:44 1997 From: adam at homeport.org (Adam Shostack) Date: Mon, 3 Feb 1997 07:25:44 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702031525.HAA26007@toad.com> John Young wrote: | http://www.nsa.gov:8080/programs/missi/condor.html # How secure is CONDOR? # # Current proof-of-concept hardware is FORTEZZA(TM) based # (sensitive but unclassified) Product versions will use STU # for cellular voice and FORTEZZA(TM) Plus for net broadcast # mode and data I was under the impression that Fortezza was ok for classified traffic. Did I miss the changeover, was it unannounced, or was I simply misremembering? Adam -- Pet peeve of the day: Security companies whose protocols dare not speak their name, because they don't have one. Guilty company of the day is now V-One. From ggr at Qualcomm.com Mon Feb 3 07:25:52 1997 From: ggr at Qualcomm.com (Greg Rose) Date: Mon, 3 Feb 1997 07:25:52 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702031525.HAA26015@toad.com> "Douglas C. Merrill" writes: >At 03:30 PM 2/1/97 -0500, Steven Bellovin wrote: >>And an illegal wiretap besides, most likely -- with a warrant, they could >>simply put the tap at the base station. The story may be true, but it >>doesn't sound quite right to me. It doesn't sound quite right to me either. >Phil Karn is, of course, the expert on this -- I hope he'll chime in soon >-- Phil, you out there?? I'm not Phil, but maybe I'll do. The three different digital standards in North America are TDMA, CDMA, and GSM (in NY and DC only AFAIK). Newer analog phones use at least some of this, but I don't know much about them. I'll ignore GSM. There is a fair bit of commonality in the security of TDMA and CDMA because of their use of the "Common Cryptographic Algorithms". I like to think I'm only telling you things which are in the "Interface Specification for Common Cryptographic Algorithms Rev B.1". CAVE is used as a hashing algorithm for a number of purposes. Starting at the beginning (that's a very good place to start... shut up Julie) it is used to verify that the A-key programmed into the phone is correct; the dealer or whoever puts in 26 digits, 20 of which are the A-key, and the other 6 are a checksum calculated with CAVE, and the Equipment Serial Number. (The ESN is always used by CAVE -- I won't mention it again.) If they agree, the phone buries the A-key very deep, never to be seen again. (A_Key_Checksum, A_Key_Verify) >From time to time, but not very often, the network and the phone create "Shared Secret Data"; they start with a 56-bit random number and run CAVE on it and the A-key. The resulting 128 bits is split into two 64-bit chunks called SSD_A and SSD_B. SSD_A is used for authentication purposes only, while SSD_B is used for the generation of keys for other cryptographic stuff. (SSD_Generation, SSD_Update) At various times, the base station authenticates the phone by sending down a random challenge (32 bits); this is hashed by CAVE with some other use-dependent data (not secret, but intended to defeat replays) and SSD_A (either current or new, depending on context) to form an 18-bit signature. Since you only get one go to get it right, 18 bits was deemed enough. Again depending on context, the state of CAVE at the end of this process may be saved for use later. (Auth_Signature) The original intent seems to be that Auth_Signature would happen at the beginning of every call, but I don't think that is actually the case. I'm not certain about the telephony end of this stuff. Now comes the encryption stuff. At the beginning of each call, Key_VPM_Generation is called. (VPM is Voice Privacy Mask.) This uses CAVE, initialised to the saved state it had at the last Auth_Signature, and SSD_B, to achieve two things; it generates the CMEA key (64 bits), and it generates the Voice Privacy Mask. CMEA (Cellular Message Encryption Algorithm) is used to encrypt bits of the signalling stuff over the air, but never any end-user data. It is used in different ways by the three standards, as they have different message formats, but they all (AMPS, TDMA, CDMA) use it. The VPM is ignored by analog (I think). It is constant for the entire call, and is XORed with every frame for TDMA (cryptographically weak, as you can XOR any two frames to cancel it out, but since the frames are heavily compressed actually getting anything from this is not trivial). CDMA ignores all but the last 40 bits, which becomes the initial "long code" for the PN (Psuedo-random Noise) generator. This is a straightforward LFSR, which again, is not cryptographically strong in the face of known plaintext, but again, the input is heavily compressed. More importantly, though, for CDMA you need to have the long code before you can easily sort out the signal from the noise around it (it was originally developed from anti-jamming technology), and since it has a period of days before it repeats, the call will probably be over... The conclusion is that neither way of doing it is truly cryptographically strong, but both are a lot better than listening to Princess Di call Newt "Squidgy" on a Radio Shack scanner. Note, at this point, that neither the phone industry or the NSA particularly cares about end-user stuff being strong. The signalling messages have a 64-bit key used much more appropriately, and so cell-phone fraud is harder to achieve. >Many folks think that "digital = secure" because you can't use radio >shack(TM) listening devices. This much is true. However, you *Can* build >other devices to listen in, and computer hardware is so cheap it's almost >feasible -- though I haven't built one... Or you can take the bits out of existing phones. Greg. Greg Rose INTERNET: ggr at Qualcomm.com Qualcomm Australia VOICE: +61-2-9743 4646 FAX: +61-2-9736 3262 6 Kingston Avenue homepage. Mortlake NSW 2137 35 0A 79 7D 5E 21 8D 47 E3 53 75 66 AC FB D9 45 From tmcghan at gill-simpson.com Mon Feb 3 07:48:34 1997 From: tmcghan at gill-simpson.com (tmcghan at gill-simpson.com) Date: Mon, 3 Feb 1997 07:48:34 -0800 (PST) Subject: GAK cracking? Message-ID: <199702031548.KAA03773@mail.bcpl.lib.md.us> Just days after a U.S. graduate student cracked the most powerful computer encryption system allowed out of the country, the Commerce Department announced it would allow three companies to export an even stronger system. Until this year, computer encryption programs, which scramble information and render it unreadable without a password or software "key," were classified as munitions and stronger programs could not be exported. But under a controversial new Clinton administration policy that took effect Jan. 1, companies may receive permission to export stronger programs. "I'm happy that we've been able to do this within the first month without rancor or difficulty," Under Secretary of Commerce for Export Administration William Reinsch told Reuters in a telephone interview. To export stronger programs immediately, companies must agree to incorporate features within two years allowing the government to decode encrypted messages by recovering the software keys, however. The administration's policy has been widely criticized as not relaxing the export limits enough and some companies feared the requirement for a two-year plan would substantially delay export approvals. The quick approvals should quell some of the criticism and encourage more applicants, Reinsch said. "As a result of this, you will have more companies taking it seriously and we will expect more plans over the next couple of months," he said. Encryption was once the realm of spies and generals. But with the explosion of online commerce on the Internet, encryption has become a vital tool for protecting everything from a business' email message to a consumer's credit card number sent over the net. The amount of protection afforded by encryption is largely a function of the length of the software key measured in bits, the smallest unit of computer data. Companies said products with just 40-bit long keys, the old limit, were too easy to crack. The approvals came just days after Ian Goldberg, a graduate student at the University of California, cracked a message encoded with a software key 40-bits long. The government did not name the companies given permission to export stronger, 56-bit programs, but Glenwood, Md.,-based Trusted Information Systems acknowledged that it was one of the three. From m5 at vail.tivoli.com Mon Feb 3 07:54:00 1997 From: m5 at vail.tivoli.com (Mike McNally) Date: Mon, 3 Feb 1997 07:54:00 -0800 (PST) Subject: Fortune, 3 Feb Message-ID: <32F60A0E.4DB0@vail.tivoli.com> Big article in Fortune about e-mail privace. One little paragraph about encryption ("scrambling"). Fairly clue-free overall, but entertaining. -- ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ Mike McNally -- Egregiously Pointy -- Tivoli Systems, "IBM" -- Austin mailto:m5 at tivoli.com mailto:m101 at io.com http://www.io.com/~m101 ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ From pjm at spe.com Mon Feb 3 08:01:38 1997 From: pjm at spe.com (Patrick May) Date: Mon, 3 Feb 1997 08:01:38 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702030626.WAA14617@toad.com> Message-ID: <199702031552.HAA11689@gulch.spe.com> Sandy Sandfort writes: [ . . . ] > On Sun, 2 Feb 1997, Timothy C. May wrote: [ . . . ] > > Fourth, it sent a message to enemies of liberty that "Even the > > Cypherpunks have found it necessary to abandon their anarchic > > ways." > > That's one message that one could take from all this, I suppose. > I don't see it that way, nor do several list members who thanked > me in private e-mail for improving the list. Again, YMMV. This is the strongest point in Mr. May's essay, and it is not easily dismissed as a difference in perspective. I admit to looking forward to the moderation experiment when it was announce; the noise on the list was phenomenal even by cypherpunk standards. My procmail filters were approaching the level of complexity required for self-awareness and the ASCII art still slipped through. Plus, I generally agree with Mr. Sandfort's positions. The point above demonstrates that support of the current solution is not rationally justified. Banning people from the list, however ineffectually, and imposing moderation on the main list, rather than offering another filtering service, does indeed support the thesis that even a virtual anarchic society must resort to a central authority to solve some problems. The moderation mechanism is the message. > What didn't work was "local filtering" which has no feed-back > loop to engender comity. This is a strong rebuttal. The primary affect of local filtering is that posts which are filtered do not garner as many responses as those which are not. This feedback is swamped by the tendency of filtered messages to generate flames from those who do not filter them. Filtered sublists are a more effective technique, available to non-technical subscribers as well. Some of the more advanced tools discussed here, such as collaborative filtering, rating schemes, etc. have potential if the ease-of-use barriers can be overcome. A cryptoanarchic solution, however, should be technical and individual. Centralized human moderation does not have the cypherpunk nature. Regards, Patrick May From jya at pipeline.com Mon Feb 3 08:09:41 1997 From: jya at pipeline.com (John Young) Date: Mon, 3 Feb 1997 08:09:41 -0800 (PST) Subject: PCS Encryption? Message-ID: <1.5.4.32.19970203160358.006b87a4@pop.pipeline.com> > I was under the impression that Fortezza was ok for classified >traffic. Did I miss the changeover, was it unannounced, or was I >simply misremembering? Fortezza now comes in several implementations for various, variable and multiple levels of classification and message handling. There is info on latest mani-dexterous products at NSA's armadillo and missi sites. If you don't want to be logged by NSA, see the Mykronyx bouquet at: http://jya.com/fortezza.htm To be sure, you might get logged anyway: jya.com may have been approved by the Administrative Office of the United States Courts for a snoop. From m5 at vail.tivoli.com Mon Feb 3 08:10:43 1997 From: m5 at vail.tivoli.com (Mike McNally) Date: Mon, 3 Feb 1997 08:10:43 -0800 (PST) Subject: Fortune, 3 Feb Message-ID: <199702031610.IAA26568@toad.com> Big article in Fortune about e-mail privace. One little paragraph about encryption ("scrambling"). Fairly clue-free overall, but entertaining. -- ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ Mike McNally -- Egregiously Pointy -- Tivoli Systems, "IBM" -- Austin mailto:m5 at tivoli.com mailto:m101 at io.com http://www.io.com/~m101 ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ From sandfort at crl12.crl.com Mon Feb 3 08:10:58 1997 From: sandfort at crl12.crl.com (Sandy Sandfort) Date: Mon, 3 Feb 1997 08:10:58 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702031610.IAA26576@toad.com> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Mon, 3 Feb 1997, Timothy C. May wrote: > Unfortunately, Sandy responded to my post with his own flames ("piffle," > "disingenous," "straw man," etc.). Now he may well think his points are not > flames becuase they are "true," but to me they take the form of flames. But they are not ad hominem attacks on Tim May. The are my opinions of some of his arguments. Even very smart people such as Tim say poorly thought out or even silly things. > But then I have long disliked Sandy's method of argument. Nothing personal. But Nor I, Tim's. Nothing personal, but that's the point. It is still possible to conduct ourselves with mutual respect even if our views and styles differ. > As Sandy did a too-common section-by-section disssection, I'll do the same > for his comments. After reading through Tim's post, I don't think much would be served by doing another point by point response. From Tim's tone, it appears he is still seething about how this all came about, so I'll just leave our two expressions of opinions where they were. I have no wish to exacerbate any hard feelings Tim may be having. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From tmcghan at gill-simpson.com Mon Feb 3 08:11:02 1997 From: tmcghan at gill-simpson.com (tmcghan at gill-simpson.com) Date: Mon, 3 Feb 1997 08:11:02 -0800 (PST) Subject: GAK cracking? Message-ID: <199702031611.IAA26584@toad.com> Just days after a U.S. graduate student cracked the most powerful computer encryption system allowed out of the country, the Commerce Department announced it would allow three companies to export an even stronger system. Until this year, computer encryption programs, which scramble information and render it unreadable without a password or software "key," were classified as munitions and stronger programs could not be exported. But under a controversial new Clinton administration policy that took effect Jan. 1, companies may receive permission to export stronger programs. "I'm happy that we've been able to do this within the first month without rancor or difficulty," Under Secretary of Commerce for Export Administration William Reinsch told Reuters in a telephone interview. To export stronger programs immediately, companies must agree to incorporate features within two years allowing the government to decode encrypted messages by recovering the software keys, however. The administration's policy has been widely criticized as not relaxing the export limits enough and some companies feared the requirement for a two-year plan would substantially delay export approvals. The quick approvals should quell some of the criticism and encourage more applicants, Reinsch said. "As a result of this, you will have more companies taking it seriously and we will expect more plans over the next couple of months," he said. Encryption was once the realm of spies and generals. But with the explosion of online commerce on the Internet, encryption has become a vital tool for protecting everything from a business' email message to a consumer's credit card number sent over the net. The amount of protection afforded by encryption is largely a function of the length of the software key measured in bits, the smallest unit of computer data. Companies said products with just 40-bit long keys, the old limit, were too easy to crack. The approvals came just days after Ian Goldberg, a graduate student at the University of California, cracked a message encoded with a software key 40-bits long. The government did not name the companies given permission to export stronger, 56-bit programs, but Glenwood, Md.,-based Trusted Information Systems acknowledged that it was one of the three. From dlv at bwalk.dm.com Mon Feb 3 08:32:07 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Mon, 3 Feb 1997 08:32:07 -0800 (PST) Subject: Key Security Question In-Reply-To: <199702030610.WAA14061@toad.com> Message-ID: "William H. Geiger III" writes: > X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.24 > I wonder why this message by bill got auto-posted to the censored list, while his very thoughtful and crypto-relevant post got canned? --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From tmcghan at gill-simpson.com Mon Feb 3 08:33:15 1997 From: tmcghan at gill-simpson.com (tmcghan at gill-simpson.com) Date: Mon, 3 Feb 1997 08:33:15 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702031632.LAA10670@mail.bcpl.lib.md.us> on or about: Sun, 2 Feb 1997 14:51:47 -0800 in a message allegedly from: "Timothy C. May" {snip} > the really important issue is this: is the _physical hosting_ of the > Cypherpunks mailing list coterminous with the "Cypherpunks"? { much thoughtful and well-phrased commentary elided } > I would have had no problem had John announced that he was creating > a new list, the "Good Stuff" list, with Sandy has his Chooser of > Good Stuff. > But by making the _main list_ the censored one, this skewed things > considerably. > * Why, many reasonable people may ask, did I not simply unsubscribe > from the "Cypherpunks" list and subscribe to the"Cypherpunks-Unedited) >(or whatever it is called) list? Because of my overall anger > But the clear message by having Sandy censor the > main list (the default list, the list name with the main name, the > list we all know about, etc.) {snip} Now that the horse is out of the barn, ( or maybe not? ), I can't help but ask whether one specific 'change to the change' would have satisfied most of your objections: retaining 'cypherpunks' as the name of the unedited, all-the-crud-you-can-read-and-then-some, version, and adding an 'cp-worthwhile' list for those of us who prefer not to wade thru mountains of garbage to glean a few precious tidbits. What's in a name? Is perception more important ( to you ) than reality? If just swapping names between cp and cp-unedited would make such a large difference, I humbly suggest to you that you consider how much labels need to matter. Is the title of the group more important the the content? From where I sit, this looks a lot like a style-over-substance complaint. Of course, I don't have my trifocals on just at the moment. It may also be worth noting that the current 'status quo' is a transient experiment, with a fairly short time limit. When JG, Sandy, et al. evaluate the results with an eye to future direction(s), they may well consider an 'inverted default' for the two list names (i.e.: cp / cp-unedited) In any event, please accept my .02 in the spirit in which it is intended ( constructive criticism ). /* */ From jya at pipeline.com Mon Feb 3 08:41:13 1997 From: jya at pipeline.com (John Young) Date: Mon, 3 Feb 1997 08:41:13 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702031641.IAA27146@toad.com> > I was under the impression that Fortezza was ok for classified >traffic. Did I miss the changeover, was it unannounced, or was I >simply misremembering? Fortezza now comes in several implementations for various, variable and multiple levels of classification and message handling. There is info on latest mani-dexterous products at NSA's armadillo and missi sites. If you don't want to be logged by NSA, see the Mykronyx bouquet at: http://jya.com/fortezza.htm To be sure, you might get logged anyway: jya.com may have been approved by the Administrative Office of the United States Courts for a snoop. From pjm at spe.com Mon Feb 3 08:41:28 1997 From: pjm at spe.com (Patrick May) Date: Mon, 3 Feb 1997 08:41:28 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702031641.IAA27154@toad.com> Sandy Sandfort writes: [ . . . ] > On Sun, 2 Feb 1997, Timothy C. May wrote: [ . . . ] > > Fourth, it sent a message to enemies of liberty that "Even the > > Cypherpunks have found it necessary to abandon their anarchic > > ways." > > That's one message that one could take from all this, I suppose. > I don't see it that way, nor do several list members who thanked > me in private e-mail for improving the list. Again, YMMV. This is the strongest point in Mr. May's essay, and it is not easily dismissed as a difference in perspective. I admit to looking forward to the moderation experiment when it was announce; the noise on the list was phenomenal even by cypherpunk standards. My procmail filters were approaching the level of complexity required for self-awareness and the ASCII art still slipped through. Plus, I generally agree with Mr. Sandfort's positions. The point above demonstrates that support of the current solution is not rationally justified. Banning people from the list, however ineffectually, and imposing moderation on the main list, rather than offering another filtering service, does indeed support the thesis that even a virtual anarchic society must resort to a central authority to solve some problems. The moderation mechanism is the message. > What didn't work was "local filtering" which has no feed-back > loop to engender comity. This is a strong rebuttal. The primary affect of local filtering is that posts which are filtered do not garner as many responses as those which are not. This feedback is swamped by the tendency of filtered messages to generate flames from those who do not filter them. Filtered sublists are a more effective technique, available to non-technical subscribers as well. Some of the more advanced tools discussed here, such as collaborative filtering, rating schemes, etc. have potential if the ease-of-use barriers can be overcome. A cryptoanarchic solution, however, should be technical and individual. Centralized human moderation does not have the cypherpunk nature. Regards, Patrick May From declan at pathfinder.com Mon Feb 3 09:24:10 1997 From: declan at pathfinder.com (Declan McCullagh) Date: Mon, 3 Feb 1997 09:24:10 -0800 (PST) Subject: PGP 2.1 In-Reply-To: <199702031510.HAA25728@toad.com> Message-ID: Of course, the mind-flayers of the NSA might have altered every version of PGP 2.1! Let paranoia be your watchword... I wouldn't be so quick to rule out the possibility of you being "a real lamer," if I were you. -Declan Larry writes: >Mark Henderson wrote: >> >> Larry Johnson writes: >> > Hello, >> > Can any;one tell me how to get a version of PGP 2.1? >> > Thanks >> > >> But, why do you want version 2.1? > >Because the guy who wrote it was let off after that on his jail >charges, so I'm not going to use anything he made after that if >I don't know why. >I'm not saying that he rolled over or nothin buyt I'm gonna be >paranoyd like he said in the book. I dont suposse he'd mind, >since he said it. >I'm not real smart sometimes but I'nm not a real lamer, either. >(I don't think) ------------------------- Washington Correspondent The Netly News Network http://netlynews.com/ From tmcghan at gill-simpson.com Mon Feb 3 09:42:38 1997 From: tmcghan at gill-simpson.com (tmcghan at gill-simpson.com) Date: Mon, 3 Feb 1997 09:42:38 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702031742.JAA28108@toad.com> on or about: Sun, 2 Feb 1997 14:51:47 -0800 in a message allegedly from: "Timothy C. May" {snip} > the really important issue is this: is the _physical hosting_ of the > Cypherpunks mailing list coterminous with the "Cypherpunks"? { much thoughtful and well-phrased commentary elided } > I would have had no problem had John announced that he was creating > a new list, the "Good Stuff" list, with Sandy has his Chooser of > Good Stuff. > But by making the _main list_ the censored one, this skewed things > considerably. > * Why, many reasonable people may ask, did I not simply unsubscribe > from the "Cypherpunks" list and subscribe to the"Cypherpunks-Unedited) >(or whatever it is called) list? Because of my overall anger > But the clear message by having Sandy censor the > main list (the default list, the list name with the main name, the > list we all know about, etc.) {snip} Now that the horse is out of the barn, ( or maybe not? ), I can't help but ask whether one specific 'change to the change' would have satisfied most of your objections: retaining 'cypherpunks' as the name of the unedited, all-the-crud-you-can-read-and-then-some, version, and adding an 'cp-worthwhile' list for those of us who prefer not to wade thru mountains of garbage to glean a few precious tidbits. What's in a name? Is perception more important ( to you ) than reality? If just swapping names between cp and cp-unedited would make such a large difference, I humbly suggest to you that you consider how much labels need to matter. Is the title of the group more important the the content? From where I sit, this looks a lot like a style-over-substance complaint. Of course, I don't have my trifocals on just at the moment. It may also be worth noting that the current 'status quo' is a transient experiment, with a fairly short time limit. When JG, Sandy, et al. evaluate the results with an eye to future direction(s), they may well consider an 'inverted default' for the two list names (i.e.: cp / cp-unedited) In any event, please accept my .02 in the spirit in which it is intended ( constructive criticism ). /* */ From froomkin at law.miami.edu Mon Feb 3 09:49:14 1997 From: froomkin at law.miami.edu (Michael Froomkin - U.Miami School of Law) Date: Mon, 3 Feb 1997 09:49:14 -0800 (PST) Subject: swiss buy centralized euro-smartcard system Message-ID: http://www.hotwired.com/staff/pointcast/Features/1814.html A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin at law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here. From wlkngowl at unix.asb.com Mon Feb 3 09:56:18 1997 From: wlkngowl at unix.asb.com (Mutatis Mutantdis) Date: Mon, 3 Feb 1997 09:56:18 -0800 (PST) Subject: PGP 2.1 Message-ID: <199702031820.NAA18754@unix.asb.com> On 3 Feb 1997 10:46:20 -0500, you wrote: >Mark Henderson wrote: >> >> Larry Johnson writes: >> > Hello, >> > Can any;one tell me how to get a version of PGP 2.1? >> > Thanks >> > >> But, why do you want version 2.1? >Because the guy who wrote it was let off after that on his jail Phil Zimmerman? >charges, so I'm not going to use anything he made after that if No, the charges were not "jail charges". They were for exporting munitions. He was let off after 2.5 or 2.6. The urban myth is that 2.3a is safe. You can read the source code yourself. 2.6.2 is fine. Older versions actually have some minor bugs. >I don't know why. >I'm not saying that he rolled over or nothin buyt I'm gonna be >paranoyd like he said in the book. I dont suposse he'd mind, >since he said it. You'd be using a version with holes in it. Why not read the source code of the new version and verify it's security yourself? (If you can't undertsand it, it won't matter which version you're using because you're trusting it no matter what.) >I'm not real smart sometimes but I'nm not a real lamer, either. >(I don't think) Well, start thinking.... Rob ----- "The word to kill ain't dirty | Robert Rothenburg (WlkngOwl at unix.asb.com) I used it in the last line | http://www.asb.com/usr/wlkngowl/ but use a short word for lovin' | Se habla PGP: Reply with the subject and dad you wind up doin' time." | 'send pgp-key' for my public key. From krenn at nym.alias.net Mon Feb 3 10:00:42 1997 From: krenn at nym.alias.net (Krenn) Date: Mon, 3 Feb 1997 10:00:42 -0800 (PST) Subject: No Subject Message-ID: <19970203180027.1972.qmail@anon.lcs.mit.edu> > Mark Henderson wrote: > > > > Larry Johnson writes: > > > Hello, > > > Can any;one tell me how to get a version of PGP 2.1? > > > Thanks > > > > > But, why do you want version 2.1? > > Because the guy who wrote it was let off after that on his jail > charges, so I'm not going to use anything he made after that if > I don't know why. > I'm not saying that he rolled over or nothin buyt I'm gonna be > paranoyd like he said in the book. I dont suposse he'd mind, > since he said it. > I'm not real smart sometimes but I'nm not a real lamer, either. > (I don't think) > No, you're not real smart. The source code is _provided_ with PGP. If you are paranoid, _read_ it. Krenn From paul at fatmans.demon.co.uk Mon Feb 3 10:04:02 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Mon, 3 Feb 1997 10:04:02 -0800 (PST) Subject: Key Security Question Message-ID: <854982969.56802.0@fatmans.demon.co.uk> > > > On the other hand, if the "repairman" replaced your pgp executable > > > with version 2.6.3kgb, which uses your hashed passphrase as the > > > session key, you're hosed. Or if he installed a keystroke sniffer, > > > or added a small radio transmitter to your keyboard, or whatever. > > > Depends on your threat model. If you need to be paranoid, > > > they've already gotten you.... > > > > If you're really paranoid, you can boot from a clean floppy and > > reinstall everything from your backup tapes. You do have a > > contingency plan in case your hard disk goes bad, or gets a > > virus, don't you? Well, if you're in doubt, exercise it. Face it, the only solution is to wrap your computer, cat, family, car and yourself in aluminium foil and burn your hard disk whilst chanting "yamma yamma yamma yaaaaamaa" Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From tcmay at got.net Mon Feb 3 10:25:20 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 10:25:20 -0800 (PST) Subject: Filling Power Vacuums In-Reply-To: Message-ID: At 6:57 AM -0800 2/3/97, Sandy Sandfort wrote: >After reading through Tim's post, I don't think much would be >served by doing another point by point response. From Tim's >tone, it appears he is still seething about how this all came >about, so I'll just leave our two expressions of opinions where >they were. I have no wish to exacerbate any hard feelings Tim >may be having. Indeed, I have been seething for the past several weeks (off and on, as I am fortunately able to usually put it out of my mind and do other things with my mental energies....). I think I have figured out why I'm seething. It's about "power grabs." You see, in any anarchic situation, where reliance on self-control and self-filtering is emphasized, there is always a _temptation_ for some to "fill the power vacuum" and grab power. I learned in my years at Intel how easy it was to start bossing people around, and as I hired engineers and scientists, I built up quite a little empire. But I didn't like what it was doing to me, as it distanced me from the technology and also brought out "control freak" tendencies....I started worrying about how my people were using their time ("my" time), and I increasingly applied my own notions of what they should talk about and what were suitable topics for laboratory chatter. In other words, I became a censor. (Not a government censor, but a censor in the broader definition I've already cited.) So I gave it up. Even before eventually retiring from Intel, I elected to leave the management track and rejoin the "technical ladder," becoming one of Intel's so-called Principal Engineers. No longer could I control others, except through the example I set and the information I provided. And I was happy I had moved away from "the dark side of the force." (I accept the role hierarchies play in corporations. They can't be built with just people like me. They need leaders, controllers, power freaks, etc. But a virtual community like the Cypherpunks group is not such a heirarchical organization, and it needs few rules, leaders, etc. "We don't need no steenking leaders.") As this relates to Cypherpunks, I have steadfastly refused to consider any "management role," so to speak, in how the list is run, the formal policies, etc. I'm not saying there has been a call for management (though Detweiler used to rail against us for not having a management heirarchy, for not having rules and democratic procedures for "making decisions"), just that the power vacuum in anarchies such as ours is often an open invitation for someone to step in and "provide structure and guidance." I resisted any thoughts of doing this, and argued against this sort of thing whenever the topic came up in conversation. I chose to lead only by the posts I wrote and the ideas I worked on. There have been frequent calls over the years for the Cypherpunks to have a more permanent presence, perhaps even an office in Washington, D.C., such as the EFF had, the CPSR still has, and so on. And to have an Official Spokesman, a contact person for the media droids to contact. The calls for this have declined in the last couple of years, as people figured out that the Cypherpunks are not about having spokespunks for us, and that the media will just have to deal with the "anarchy" of having to herd cats to get information out of us. Now, of course, the message is being sent that Sandy Sandfort is in some sense the de facto leader, being that he determines what traffic goes out to the main list and what traffic gets bounced into the flames list. In fact, I'll make a prediction: The media will see that he is the chief censor and arbiter of worthiness and will increasingly contact him for the Official Point of View on various items they are interested in. It distresses me greatly that Sandy Sandfort has elected to move into this "power vacuum" to nominate himself as our Leader and Chief Censor. Foo on that. (I used to hear this at Intel, where the argument for a hierarchical structure was much stronger, to wit: "Tim, if you won't agree to manage others, you'll have to accept that people less technically competent than yourself are going to elect to become managers and they'll probably become _your_ manager in the not too distant future.") So, I sort of thank Sandy for helping me to realize certain things that I may not have explicitly realized before. Namely, I realize that I don't want the karmic burdens of power myself, preferring to lead only by the example I set and the ideas I generate. This is why "market anarchies" (books, music, ideas, all things where "no ruler" exists) appeal to me so much. And since I don't wish to assume the mantle of leadership, and don't see much need for leadership or global censorship (as opposed to locally contracted for filtering, a la Eric Blossom's list, or Siskel and Ebert giving recommendations, or ratings of restaurants, etc.), I am resentful and suspicious of people who _do_ step into the "power vacuum" to lead and control. Now I grant you that Sandy's form of leadership and control is relatively mild, but the very notion that Sandy can reject a long essay because of a couple of phrasings he dislikes (this was his "judgment call" point about why he (reluctantly?) allowed my post to go out) is a step in the wrong direction. And given our strong ideological bias toward market anarchies, this move toward censorship stands out like a sore thumb. At least the issue would be clearer if Sandy passed all posts through but deleted sections that offended him and marked deleted sections as "**CENSORED**." Yes, I'm seething. Sandy is right about that. I saw a group I helped create and spent thousands of hours on, writing articles and developing ideas choose--by fiat from the owner of the machine the list was being sent out from--to embrace the dark side, the control freak side. In the name of "comity," Sandy's term for the bonhomie he thinks he can cultivate, we lose our ideological purity. "Hey, even the Cypherpunks have embraced censorship." Instead of letting the power vacuum remain unfilled, and suggesting to people that they solve the problems it creates as best they can, Sandy jumped in to fill the vacuum. This is what I'm seething about. And even dropping the power grab at the end of the "experiment" will not stop this seething. Fuck it. --Tim May " Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From EJENKINS at mhz.com Mon Feb 3 10:27:35 1997 From: EJENKINS at mhz.com (Eldon Jenkins) Date: Mon, 3 Feb 1997 10:27:35 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" -Reply Message-ID: Sandy, I've been a member of this list off and on for the past few years. In reading this list daily for quite some time I feel that the filtering you are doing has made quite a substantial and positive change. Normally I would spend an hour or so at work filtering through the list deleting endless threads of nonsense just so I could glean the valuable information that is hidden in midst of the mindless chatter. Now the time I spend searching for information has been drastically reduced and I would like to thank you for this. While I am against censorship and moderation whole-heartedly I see this as a different case. You are not preventing anyone from posting, you just sort the posts and place them in their appropriate list. I see your efforts as more of an organizing project rather then censorship. I would love to see the list continue to be moderated. Just my two cents though. Eldon Jenkins USRobotics Programmer From pdh at best.com Mon Feb 3 10:55:57 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 10:55:57 -0800 (PST) Subject: Dissolving Choke Points Message-ID: I was amused by the similarities of USG crypto policy and the moderation of the cypherpunks list. Recently a number of new regulations were announced to go into effect by a certain date. Requests for comments were made after the policy was announced. Many of us thought that was pretty sneaky. I feel the same way about the moderation plan. Moderation has been a failure. I'm pretty good at filtering and I can sadly report that there is very little signal out there. There are lessons to be learned here. One is that censorship does not promote a stimulating and creative dialogue. The cypherpunks list right now is about as interesting as hanging out by the 7-11. Another lesson is the danger of choke points. We can see how tempting it is for people to exercise their control. Even John Gilmore was unable to restrain himself from involuntary social engineering experiments. Who would we have considered to be more trustworthy? Toad.com is a choke point, not just in terms of moderation but in terms of the rate at which it can distribute messages. Let's replace it. What we want are many machines carrying the cypherpunks list. A message posted to any machine goes to all of the others. Each machine sends messages to its subscribers only once. Some of these machines should be across borders. The mail loop and multiple posting problems are solved by observing the message IDs. Fast implementation: use moderated mailing list software. Put a filter in the .forward file of the "moderator" account which looks at the message ID and forwards the message if it hasn't been seen already. The mailing list machines all subscribe each other. I've been looking for a stable machine with a good net connection to do this. I haven't found one. However, if we have many machines sharing the load, the stability of any one unit is not as important because the list will survive multiple "hits". Only the subscribers on one machine will be affected by having their messages delayed. This greatly reduces the work and responsibility for any one list operator. (As John will attest, keeping a machine running 24 hours a day, 7 days a week, rain or shine, is a lot of work.) Also, with multiple machines, each unit handles a small amount of the load. This makes more machines available and has less impact on people's net connections. Last I checked, there were about 1200 addresses on the mailing list at toad.com. All we need are about 10 machines to take 120 subscribers each. (This is a completely manageable load.) Do you have a Unix machine on the Net? Does it have sendmail and Perl? Then you have all that it takes to participate. Send me mail and I'll help you set it up. Peter Hendrickson ph at netcom.com P.S. I like and respect John and Sandy and I've learned a lot from both of them. While basically well-intentioned, they just made a mistake in this instance. From ichudov at algebra.com Mon Feb 3 11:15:22 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Mon, 3 Feb 1997 11:15:22 -0800 (PST) Subject: Dissolving Choke Points In-Reply-To: Message-ID: <199702031908.NAA04918@manifold.algebra.com> i do have unix (linux) and stuff, but i can't take a lot of subscribers -- maybe 200-300 or so. i actually wrote a proposal for a mailing list without a central control point, with several advantages being impossibility of control, absense of a single point of failure, and cryptographic verification of honesty of moderators. if there is any interest, i will post it here. igor Peter Hendrickson wrote: > > I was amused by the similarities of USG crypto policy and the > moderation of the cypherpunks list. Recently a number of new > regulations were announced to go into effect by a certain date. > Requests for comments were made after the policy was announced. Many > of us thought that was pretty sneaky. I feel the same way about the > moderation plan. > > Moderation has been a failure. I'm pretty good at filtering and I > can sadly report that there is very little signal out there. > > There are lessons to be learned here. One is that censorship does > not promote a stimulating and creative dialogue. The cypherpunks list > right now is about as interesting as hanging out by the 7-11. > > Another lesson is the danger of choke points. We can see how > tempting it is for people to exercise their control. Even John Gilmore > was unable to restrain himself from involuntary social engineering > experiments. Who would we have considered to be more trustworthy? > > Toad.com is a choke point, not just in terms of moderation but in > terms of the rate at which it can distribute messages. Let's > replace it. > > What we want are many machines carrying the cypherpunks list. A > message posted to any machine goes to all of the others. Each > machine sends messages to its subscribers only once. Some of > these machines should be across borders. > > The mail loop and multiple posting problems are solved by observing > the message IDs. > > Fast implementation: use moderated mailing list software. Put a > filter in the .forward file of the "moderator" account which looks > at the message ID and forwards the message if it hasn't been seen > already. The mailing list machines all subscribe each other. > > I've been looking for a stable machine with a good net connection to > do this. I haven't found one. However, if we have many machines > sharing the load, the stability of any one unit is not as important > because the list will survive multiple "hits". Only the subscribers > on one machine will be affected by having their messages delayed. > This greatly reduces the work and responsibility for any one list > operator. (As John will attest, keeping a machine running 24 hours a > day, 7 days a week, rain or shine, is a lot of work.) > > Also, with multiple machines, each unit handles a small amount of the > load. This makes more machines available and has less impact on > people's net connections. > > Last I checked, there were about 1200 addresses on the mailing list at > toad.com. All we need are about 10 machines to take 120 subscribers > each. (This is a completely manageable load.) > > Do you have a Unix machine on the Net? Does it have sendmail and > Perl? Then you have all that it takes to participate. Send me > mail and I'll help you set it up. > > Peter Hendrickson > ph at netcom.com > > P.S. I like and respect John and Sandy and I've learned a lot from > both of them. While basically well-intentioned, they just made a > mistake in this instance. > > - Igor. From ichudov at algebra.com Mon Feb 3 11:15:22 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Mon, 3 Feb 1997 11:15:22 -0800 (PST) Subject: Fortune, 3 Feb In-Reply-To: <32F60A0E.4DB0@vail.tivoli.com> Message-ID: <199702031911.NAA04962@manifold.algebra.com> Mike McNally wrote: > > Big article in Fortune about e-mail privace. One little paragraph > about encryption ("scrambling"). Fairly clue-free overall, but > entertaining. > I found the article to be extremely silly, although it was probably useful for "management". Anyway, computer security is an oxymoron. - Igor. From ckuethe at gpu.srv.ualberta.ca Mon Feb 3 11:33:32 1997 From: ckuethe at gpu.srv.ualberta.ca (C. Kuethe) Date: Mon, 3 Feb 1997 11:33:32 -0800 (PST) Subject: GAK cracking? In-Reply-To: <199702031611.IAA26584@toad.com> Message-ID: On Mon, 3 Feb 1997, tmcghan at gill-simpson.com wrote: > Just days after a U.S. graduate student cracked the most powerful > computer encryption system allowed out of the country, the Commerce > Department announced it would allow three companies to export an > even stronger system. [snip] > Companies said products with just 40-bit long keys, the old limit, > were too easy to crack. The approvals came just days after Ian Goldberg, a > graduate student at the University of California, cracked a message > encoded with a software key 40-bits long. > > The government did not name the companies given permission to export > stronger, 56-bit programs, but Glenwood, Md.,-based Trusted > Information Systems acknowledged that it was one of the three. Why does it not surprise me that TIS gets permission to export 56-bit (DES?) ? They do key recovery (is it GAK?) They brag about government consulting. The clients they will admit to having are listed on: http://www.tis.com/docs/products/consulting/govt/govcon.html and, purely unsubstantiated rumors here, but I've heard (seen) TIS, NSA, FBI and other "friends" of ours all together in the same paragraph. Conspiracy? Maybe... This is both good and bad.... yes, longer codes are now exportable, but only to / by certain people? I notice that the new cipher length is 56 bit...same size as DES? hopefully that's just a coincidence (yeah, right) or maybe somebody's starting to see the real world where people download pirate cryptosystems and says "so let's export bigger ones and make a buck off it, too..." (yeah, right) PLUR chris -- Chris Kuethe LPGV Electronics and Controls http://www.ualberta.ca/~ckuethe/ RSA in 2 lines of PERL lives at http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 Since it seems to be the topic of the day, here are some of my thoughts on moderating CP. o Moderation achieved what it could achieve. Spam is no longer clogging up the list. Insults, i.e., "Tim Mayo fucks children", are no longer polluting the list. o Moderation did not achieve what it couldn't achieve. The level of noise has been reduced, but signal has not been increased. This is sad, but true. The attempt was probably bound to fail, since many of the "top signal generators" have long left the list and are not about to come back. All that is remaining are a few diehards, such as myself, some TLA goons (knowingly or unknowingly) working against the cause, and many newbies and observers. I believe that Cypherpunks is beyond hope of recovery. In fact, each day Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the cause. Let's kill the list. Once and for all. Let the hard core crypto go to Coderpunks, the politics to Cryptography, and the garbage into the void. I am well aware of the name recognition and reputation capital associated with CP, still I believe it best to *kill the list*. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From haystack at holy.cow.net Mon Feb 3 11:55:27 1997 From: haystack at holy.cow.net (Bovine Remailer) Date: Mon, 3 Feb 1997 11:55:27 -0800 (PST) Subject: No Subject Message-ID: <199702031936.OAA08771@holy.cow.net> Timmy Maytag's father, an idiot, stumbled across Timmy Maytag's mother, an imbecile, when she had no clothes on. Nine months later she had a little moron. \\\ (0 0) _ooO_(_)_Ooo____ Timmy Maytag From froomkin at law.miami.edu Mon Feb 3 11:56:21 1997 From: froomkin at law.miami.edu (Michael Froomkin - U.Miami School of Law) Date: Mon, 3 Feb 1997 11:56:21 -0800 (PST) Subject: swiss buy centralized euro-smartcard system Message-ID: <199702031956.LAA00517@toad.com> http://www.hotwired.com/staff/pointcast/Features/1814.html A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin at law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here. From paul at fatmans.demon.co.uk Mon Feb 3 11:57:30 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Mon, 3 Feb 1997 11:57:30 -0800 (PST) Subject: Key Security Question Message-ID: <199702031957.LAA00537@toad.com> > > > On the other hand, if the "repairman" replaced your pgp executable > > > with version 2.6.3kgb, which uses your hashed passphrase as the > > > session key, you're hosed. Or if he installed a keystroke sniffer, > > > or added a small radio transmitter to your keyboard, or whatever. > > > Depends on your threat model. If you need to be paranoid, > > > they've already gotten you.... > > > > If you're really paranoid, you can boot from a clean floppy and > > reinstall everything from your backup tapes. You do have a > > contingency plan in case your hard disk goes bad, or gets a > > virus, don't you? Well, if you're in doubt, exercise it. Face it, the only solution is to wrap your computer, cat, family, car and yourself in aluminium foil and burn your hard disk whilst chanting "yamma yamma yamma yaaaaamaa" Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From marcusb at wspice.com Mon Feb 3 11:58:17 1997 From: marcusb at wspice.com (Marcus Butler) Date: Mon, 3 Feb 1997 11:58:17 -0800 (PST) Subject: PGP 2.1 In-Reply-To: <199702031510.HAA25728@toad.com> Message-ID: On Mon, 3 Feb 1997, Larry Johnson wrote: > Mark Henderson wrote: > > > > Larry Johnson writes: > > > Hello, > > > Can any;one tell me how to get a version of PGP 2.1? > > > Thanks > > > > > But, why do you want version 2.1? > > Because the guy who wrote it was let off after that on his jail > charges, so I'm not going to use anything he made after that if > I don't know why. > I'm not saying that he rolled over or nothin buyt I'm gonna be > paranoyd like he said in the book. I dont suposse he'd mind, > since he said it. > I'm not real smart sometimes but I'nm not a real lamer, either. > (I don't think) Phillip Zimmerman never went to jail. He was just under investigation. If you are going to be that paranoid about things, you should not use anything you did not write yourself, afterall, even the cypherpunks list could be an elaborate government scheme to lull people into using PGP and similar technologies (JJ). Go get the source code if you are concerned about it. Marcus From andrew_loewenstern at il.us.swissbank.com Mon Feb 3 12:11:06 1997 From: andrew_loewenstern at il.us.swissbank.com (Andrew Loewenstern) Date: Mon, 3 Feb 1997 12:11:06 -0800 (PST) Subject: "Secret" Postal Device stolen Message-ID: <199702032011.MAA00965@toad.com> > So much for key escrow. *ding!* we have a winner! andrew From ichudov at algebra.com Mon Feb 3 12:11:16 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Mon, 3 Feb 1997 12:11:16 -0800 (PST) Subject: Fortune, 3 Feb Message-ID: <199702032011.MAA01001@toad.com> Mike McNally wrote: > > Big article in Fortune about e-mail privace. One little paragraph > about encryption ("scrambling"). Fairly clue-free overall, but > entertaining. > I found the article to be extremely silly, although it was probably useful for "management". Anyway, computer security is an oxymoron. - Igor. From shamrock at netcom.com Mon Feb 3 12:11:17 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 12:11:17 -0800 (PST) Subject: Voice Encrytion/Scrambling Message-ID: <199702032011.MAA01002@toad.com> At 05:09 PM 2/2/97 -0800, Huge Cajones Remailer wrote: >Can anyone comment on and give pointers to devices designed to >encrypt voice transmission over POTS lines? I am interested in >the respective sound qualities (if you've tried it) and >relative strengths of encryption algorithms. http://www.comsec.com/ Uses 2048 bit DH and 3DES. The voice quality is excellent. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From EJENKINS at mhz.com Mon Feb 3 12:11:25 1997 From: EJENKINS at mhz.com (Eldon Jenkins) Date: Mon, 3 Feb 1997 12:11:25 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" -Reply Message-ID: <199702032011.MAA01019@toad.com> Sandy, I've been a member of this list off and on for the past few years. In reading this list daily for quite some time I feel that the filtering you are doing has made quite a substantial and positive change. Normally I would spend an hour or so at work filtering through the list deleting endless threads of nonsense just so I could glean the valuable information that is hidden in midst of the mindless chatter. Now the time I spend searching for information has been drastically reduced and I would like to thank you for this. While I am against censorship and moderation whole-heartedly I see this as a different case. You are not preventing anyone from posting, you just sort the posts and place them in their appropriate list. I see your efforts as more of an organizing project rather then censorship. I would love to see the list continue to be moderated. Just my two cents though. Eldon Jenkins USRobotics Programmer From ggr at Qualcomm.com Mon Feb 3 12:11:30 1997 From: ggr at Qualcomm.com (Greg Rose) Date: Mon, 3 Feb 1997 12:11:30 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702032011.MAA01039@toad.com> David Lesher writes: >Greg Rose sez: >> >> The three different digital standards in North >> America are TDMA, CDMA, and GSM (in NY and DC >> only AFAIK). Newer analog phones use at least >> some of this, but I don't know much about them. > >? I always thought GSM was a specific application >of TDMA... Technologically, GSM *is* a kind of time division multiple access, but the term "TDMA" as I used it is meant to apply to North American IS-128(?) compliant things. They are definitely not interoperable. Greg. Greg Rose INTERNET: ggr at Qualcomm.com Qualcomm Australia VOICE: +61-2-9743 4646 FAX: +61-2-9736 3262 6 Kingston Avenue homepage. Mortlake NSW 2137 35 0A 79 7D 5E 21 8D 47 E3 53 75 66 AC FB D9 45 From shamrock at netcom.com Mon Feb 3 12:11:35 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 12:11:35 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: <199702032011.MAA01053@toad.com> Since it seems to be the topic of the day, here are some of my thoughts on moderating CP. o Moderation achieved what it could achieve. Spam is no longer clogging up the list. Insults, i.e., "Tim Mayo fucks children", are no longer polluting the list. o Moderation did not achieve what it couldn't achieve. The level of noise has been reduced, but signal has not been increased. This is sad, but true. The attempt was probably bound to fail, since many of the "top signal generators" have long left the list and are not about to come back. All that is remaining are a few diehards, such as myself, some TLA goons (knowingly or unknowingly) working against the cause, and many newbies and observers. I believe that Cypherpunks is beyond hope of recovery. In fact, each day Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the cause. Let's kill the list. Once and for all. Let the hard core crypto go to Coderpunks, the politics to Cryptography, and the garbage into the void. I am well aware of the name recognition and reputation capital associated with CP, still I believe it best to *kill the list*. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From meredith at ecid.cig.mot.com Mon Feb 3 12:11:41 1997 From: meredith at ecid.cig.mot.com (Andrew Meredith) Date: Mon, 3 Feb 1997 12:11:41 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702032011.MAA01060@toad.com> Greg Rose wrote: > > The three different digital standards in North America are TDMA, > CDMA, and GSM (in NY and DC only AFAIK). GSM is also a Time Division Multiple Access (TDMA) system. In it's original form it uses specrum around 900 MHz, which I believe not to be available in the US. Shame really, I can roam with my GSM phone over pretty much the rest of the planet ... except the US. Anyway, there are two higher frequency derivatives, PCS1800 & PCS1900, which have been deployed in the US. I'm not involved directly in the US market so I'm not sure where. I assume however that these are the systems to which Greg refers. > Newer analog phones use at least some of this, but I don't know much > about them. I'll ignore GSM. ^^^^^^^^^^^^^^^ Aww shame ;) > The conclusion is that neither way of doing it is truly > cryptographically strong, but both are a lot better than > listening to Princess Di call Newt "Squidgy" on a Radio Shack > scanner. GSM uses the A5 algorithm which *is* cryptographically strong, but is unfortunately considered to be top secret stuff. If, however, you were to pick up a copy of "Applied Cryptography, 2nd Edition" by Bruce Schneier you may find something of interest. I hope that you'll work out from my .sig why I can't say much more. Hope this helps Andy M -- ___________________________________________________________________ Andrew Meredith Senior Systems Engineer Tel: +44(0) 1793 565377 Network Engineering Tools Grp Fax: +44(0) 1793 565161 GSM Products Division Page: +44(0) 839 421153 Motorola SMTP: meredith at ecid.cig.mot.com 16, Euroway, Blagrove X400: QSWI016 at email.mot.com Swindon, SN5 8YQ, UK SMS: 44860608008 at sms.telco.mot.com ___________________________________________________________________ From pdh at best.com Mon Feb 3 12:11:47 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 12:11:47 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702032011.MAA01075@toad.com> I was amused by the similarities of USG crypto policy and the moderation of the cypherpunks list. Recently a number of new regulations were announced to go into effect by a certain date. Requests for comments were made after the policy was announced. Many of us thought that was pretty sneaky. I feel the same way about the moderation plan. Moderation has been a failure. I'm pretty good at filtering and I can sadly report that there is very little signal out there. There are lessons to be learned here. One is that censorship does not promote a stimulating and creative dialogue. The cypherpunks list right now is about as interesting as hanging out by the 7-11. Another lesson is the danger of choke points. We can see how tempting it is for people to exercise their control. Even John Gilmore was unable to restrain himself from involuntary social engineering experiments. Who would we have considered to be more trustworthy? Toad.com is a choke point, not just in terms of moderation but in terms of the rate at which it can distribute messages. Let's replace it. What we want are many machines carrying the cypherpunks list. A message posted to any machine goes to all of the others. Each machine sends messages to its subscribers only once. Some of these machines should be across borders. The mail loop and multiple posting problems are solved by observing the message IDs. Fast implementation: use moderated mailing list software. Put a filter in the .forward file of the "moderator" account which looks at the message ID and forwards the message if it hasn't been seen already. The mailing list machines all subscribe each other. I've been looking for a stable machine with a good net connection to do this. I haven't found one. However, if we have many machines sharing the load, the stability of any one unit is not as important because the list will survive multiple "hits". Only the subscribers on one machine will be affected by having their messages delayed. This greatly reduces the work and responsibility for any one list operator. (As John will attest, keeping a machine running 24 hours a day, 7 days a week, rain or shine, is a lot of work.) Also, with multiple machines, each unit handles a small amount of the load. This makes more machines available and has less impact on people's net connections. Last I checked, there were about 1200 addresses on the mailing list at toad.com. All we need are about 10 machines to take 120 subscribers each. (This is a completely manageable load.) Do you have a Unix machine on the Net? Does it have sendmail and Perl? Then you have all that it takes to participate. Send me mail and I'll help you set it up. Peter Hendrickson ph at netcom.com P.S. I like and respect John and Sandy and I've learned a lot from both of them. While basically well-intentioned, they just made a mistake in this instance. From ichudov at algebra.com Mon Feb 3 12:11:48 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Mon, 3 Feb 1997 12:11:48 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702032011.MAA01076@toad.com> i do have unix (linux) and stuff, but i can't take a lot of subscribers -- maybe 200-300 or so. i actually wrote a proposal for a mailing list without a central control point, with several advantages being impossibility of control, absense of a single point of failure, and cryptographic verification of honesty of moderators. if there is any interest, i will post it here. igor Peter Hendrickson wrote: > > I was amused by the similarities of USG crypto policy and the > moderation of the cypherpunks list. Recently a number of new > regulations were announced to go into effect by a certain date. > Requests for comments were made after the policy was announced. Many > of us thought that was pretty sneaky. I feel the same way about the > moderation plan. > > Moderation has been a failure. I'm pretty good at filtering and I > can sadly report that there is very little signal out there. > > There are lessons to be learned here. One is that censorship does > not promote a stimulating and creative dialogue. The cypherpunks list > right now is about as interesting as hanging out by the 7-11. > > Another lesson is the danger of choke points. We can see how > tempting it is for people to exercise their control. Even John Gilmore > was unable to restrain himself from involuntary social engineering > experiments. Who would we have considered to be more trustworthy? > > Toad.com is a choke point, not just in terms of moderation but in > terms of the rate at which it can distribute messages. Let's > replace it. > > What we want are many machines carrying the cypherpunks list. A > message posted to any machine goes to all of the others. Each > machine sends messages to its subscribers only once. Some of > these machines should be across borders. > > The mail loop and multiple posting problems are solved by observing > the message IDs. > > Fast implementation: use moderated mailing list software. Put a > filter in the .forward file of the "moderator" account which looks > at the message ID and forwards the message if it hasn't been seen > already. The mailing list machines all subscribe each other. > > I've been looking for a stable machine with a good net connection to > do this. I haven't found one. However, if we have many machines > sharing the load, the stability of any one unit is not as important > because the list will survive multiple "hits". Only the subscribers > on one machine will be affected by having their messages delayed. > This greatly reduces the work and responsibility for any one list > operator. (As John will attest, keeping a machine running 24 hours a > day, 7 days a week, rain or shine, is a lot of work.) > > Also, with multiple machines, each unit handles a small amount of the > load. This makes more machines available and has less impact on > people's net connections. > > Last I checked, there were about 1200 addresses on the mailing list at > toad.com. All we need are about 10 machines to take 120 subscribers > each. (This is a completely manageable load.) > > Do you have a Unix machine on the Net? Does it have sendmail and > Perl? Then you have all that it takes to participate. Send me > mail and I'll help you set it up. > > Peter Hendrickson > ph at netcom.com > > P.S. I like and respect John and Sandy and I've learned a lot from > both of them. While basically well-intentioned, they just made a > mistake in this instance. > > - Igor. From tcmay at got.net Mon Feb 3 12:11:54 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 12:11:54 -0800 (PST) Subject: Filling Power Vacuums Message-ID: <199702032011.MAA01084@toad.com> At 6:57 AM -0800 2/3/97, Sandy Sandfort wrote: >After reading through Tim's post, I don't think much would be >served by doing another point by point response. From Tim's >tone, it appears he is still seething about how this all came >about, so I'll just leave our two expressions of opinions where >they were. I have no wish to exacerbate any hard feelings Tim >may be having. Indeed, I have been seething for the past several weeks (off and on, as I am fortunately able to usually put it out of my mind and do other things with my mental energies....). I think I have figured out why I'm seething. It's about "power grabs." You see, in any anarchic situation, where reliance on self-control and self-filtering is emphasized, there is always a _temptation_ for some to "fill the power vacuum" and grab power. I learned in my years at Intel how easy it was to start bossing people around, and as I hired engineers and scientists, I built up quite a little empire. But I didn't like what it was doing to me, as it distanced me from the technology and also brought out "control freak" tendencies....I started worrying about how my people were using their time ("my" time), and I increasingly applied my own notions of what they should talk about and what were suitable topics for laboratory chatter. In other words, I became a censor. (Not a government censor, but a censor in the broader definition I've already cited.) So I gave it up. Even before eventually retiring from Intel, I elected to leave the management track and rejoin the "technical ladder," becoming one of Intel's so-called Principal Engineers. No longer could I control others, except through the example I set and the information I provided. And I was happy I had moved away from "the dark side of the force." (I accept the role hierarchies play in corporations. They can't be built with just people like me. They need leaders, controllers, power freaks, etc. But a virtual community like the Cypherpunks group is not such a heirarchical organization, and it needs few rules, leaders, etc. "We don't need no steenking leaders.") As this relates to Cypherpunks, I have steadfastly refused to consider any "management role," so to speak, in how the list is run, the formal policies, etc. I'm not saying there has been a call for management (though Detweiler used to rail against us for not having a management heirarchy, for not having rules and democratic procedures for "making decisions"), just that the power vacuum in anarchies such as ours is often an open invitation for someone to step in and "provide structure and guidance." I resisted any thoughts of doing this, and argued against this sort of thing whenever the topic came up in conversation. I chose to lead only by the posts I wrote and the ideas I worked on. There have been frequent calls over the years for the Cypherpunks to have a more permanent presence, perhaps even an office in Washington, D.C., such as the EFF had, the CPSR still has, and so on. And to have an Official Spokesman, a contact person for the media droids to contact. The calls for this have declined in the last couple of years, as people figured out that the Cypherpunks are not about having spokespunks for us, and that the media will just have to deal with the "anarchy" of having to herd cats to get information out of us. Now, of course, the message is being sent that Sandy Sandfort is in some sense the de facto leader, being that he determines what traffic goes out to the main list and what traffic gets bounced into the flames list. In fact, I'll make a prediction: The media will see that he is the chief censor and arbiter of worthiness and will increasingly contact him for the Official Point of View on various items they are interested in. It distresses me greatly that Sandy Sandfort has elected to move into this "power vacuum" to nominate himself as our Leader and Chief Censor. Foo on that. (I used to hear this at Intel, where the argument for a hierarchical structure was much stronger, to wit: "Tim, if you won't agree to manage others, you'll have to accept that people less technically competent than yourself are going to elect to become managers and they'll probably become _your_ manager in the not too distant future.") So, I sort of thank Sandy for helping me to realize certain things that I may not have explicitly realized before. Namely, I realize that I don't want the karmic burdens of power myself, preferring to lead only by the example I set and the ideas I generate. This is why "market anarchies" (books, music, ideas, all things where "no ruler" exists) appeal to me so much. And since I don't wish to assume the mantle of leadership, and don't see much need for leadership or global censorship (as opposed to locally contracted for filtering, a la Eric Blossom's list, or Siskel and Ebert giving recommendations, or ratings of restaurants, etc.), I am resentful and suspicious of people who _do_ step into the "power vacuum" to lead and control. Now I grant you that Sandy's form of leadership and control is relatively mild, but the very notion that Sandy can reject a long essay because of a couple of phrasings he dislikes (this was his "judgment call" point about why he (reluctantly?) allowed my post to go out) is a step in the wrong direction. And given our strong ideological bias toward market anarchies, this move toward censorship stands out like a sore thumb. At least the issue would be clearer if Sandy passed all posts through but deleted sections that offended him and marked deleted sections as "**CENSORED**." Yes, I'm seething. Sandy is right about that. I saw a group I helped create and spent thousands of hours on, writing articles and developing ideas choose--by fiat from the owner of the machine the list was being sent out from--to embrace the dark side, the control freak side. In the name of "comity," Sandy's term for the bonhomie he thinks he can cultivate, we lose our ideological purity. "Hey, even the Cypherpunks have embraced censorship." Instead of letting the power vacuum remain unfilled, and suggesting to people that they solve the problems it creates as best they can, Sandy jumped in to fill the vacuum. This is what I'm seething about. And even dropping the power grab at the end of the "experiment" will not stop this seething. Fuck it. --Tim May " Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From ckuethe at gpu.srv.ualberta.ca Mon Feb 3 12:13:22 1997 From: ckuethe at gpu.srv.ualberta.ca (C. Kuethe) Date: Mon, 3 Feb 1997 12:13:22 -0800 (PST) Subject: GAK cracking? Message-ID: <199702032013.MAA01096@toad.com> On Mon, 3 Feb 1997, tmcghan at gill-simpson.com wrote: > Just days after a U.S. graduate student cracked the most powerful > computer encryption system allowed out of the country, the Commerce > Department announced it would allow three companies to export an > even stronger system. [snip] > Companies said products with just 40-bit long keys, the old limit, > were too easy to crack. The approvals came just days after Ian Goldberg, a > graduate student at the University of California, cracked a message > encoded with a software key 40-bits long. > > The government did not name the companies given permission to export > stronger, 56-bit programs, but Glenwood, Md.,-based Trusted > Information Systems acknowledged that it was one of the three. Why does it not surprise me that TIS gets permission to export 56-bit (DES?) ? They do key recovery (is it GAK?) They brag about government consulting. The clients they will admit to having are listed on: http://www.tis.com/docs/products/consulting/govt/govcon.html and, purely unsubstantiated rumors here, but I've heard (seen) TIS, NSA, FBI and other "friends" of ours all together in the same paragraph. Conspiracy? Maybe... This is both good and bad.... yes, longer codes are now exportable, but only to / by certain people? I notice that the new cipher length is 56 bit...same size as DES? hopefully that's just a coincidence (yeah, right) or maybe somebody's starting to see the real world where people download pirate cryptosystems and says "so let's export bigger ones and make a buck off it, too..." (yeah, right) PLUR chris -- Chris Kuethe LPGV Electronics and Controls http://www.ualberta.ca/~ckuethe/ RSA in 2 lines of PERL lives at http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 -------+..........................................................+------- + ^ + : Ray Arachelian : #include :../|\.. \|/ : ray at earthweb.com :.....................................:./\|/\. <--+-->: ................ : My oppinions are my own and do not :.\/|\/. /|\ :voice: 212-725-6550 : neccesairly represent those of my :..\|/.. + v + :....................: employer. :....... .... http://www.sundernet.com ...personal.email sunder at sundernet.com ..... ---------- Forwarded message ---------- Date: Mon, 03 Feb 1997 13:26:44 -0500 From: Andy Breen To: yak at earthweb.com Subject: Another ActiveX hole hmmmmmmmmmmmmm.... ------------------ DMK: An application of covert channels. From RISKS Digest Vol 18, Issue 80. Date: 1 Feb 1997 05:12:02 GMT From: weberwu at tfh-berlin.de (Debora Weber-Wulff) Subject: Electronic Funds Transfer without stealing PIN/TAN The Berlin newspaper "Tagespiegel" reports on 29 Jan 97 about a television show broadcast the previous evening on which hackers from the Chaos Computer Club demonstrated how to electronically transfer funds without needing a PIN (Personal Identification Number) or TAN (Transaction Number). Apparently it suffices for the victim to visit a site which downloads an ActiveX application, which automatically starts and checks to see if Quicken, a popular financial software package that also offers electronic funds transfer, is on the machine. If so, Quicken is given a transfer order which is saved by Quicken in its pile of pending transfer orders. The next time the victim sends off the pending transfer orders to the bank (and enters in a valid PIN and TAN for that!) all the orders (= 1 transaction) are executed - money is transferred without the victim noticing! The newspaper quotes various officials at Microsoft et al expressing disbelief/outrage/"we're working on it". We discussed this briefly in class looking for a way to avoid the problem. Demanding a TAN for each transfer is not a solution, for one, the banks only send you 50 at a time, and many small companies pay their bills in bunches. Having to enter a TAN for each transaction would be quite time-consuming. Our only solution would be to forbid browsers from executing any ActiveX component without express authorization, but that rather circumvents part of what ActiveX is intended for. A small consolation: the transfer is trackable, that is, it can be determined at the bank to which account the money went. Some banks even include this information on the statement, but who checks every entry on their statements... Debora Weber-Wulff, Technische Fachhochschule Berlin, Luxemburger Str. 10, 13353 Berlin GERMANY weberwu at tfh-berlin.de At 12:28 PM 2/3/97 -0800, Peter Hendrickson wrote: >At 11:38 AM 2/3/1997, Lucky Green wrote: >> I am well aware of the name recognition and reputation capital associated >> with CP, still I believe it best to *kill the list*. > >If you don't like the list, why not unsubscribe? That won't solve the problem. The list has become counterproductive. It is impossible for other lists to provide a real forum for the discussion of the topics that this list used to be about while CP still exists. At the same time, CP has long stopped providing such a forum. CP is draining energy from its subscribers and the cause. Kill it! Kill it now! -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From emc at wire.insync.net Mon Feb 3 13:15:14 1997 From: emc at wire.insync.net (Eric Cordian) Date: Mon, 3 Feb 1997 13:15:14 -0800 (PST) Subject: Dissolving Choke Points In-Reply-To: Message-ID: <199702032118.PAA05476@wire.insync.net> Peter Hendrickson writes: > Moderation has been a failure. I'm pretty good at filtering and I > can sadly report that there is very little signal out there. The quality of the Cypherpunks list is determined solely by the amount of signal. The amount of noise is irrelevant. Barring someone continuously mail-bombing the list 24 hours a day from a T3, it is easy to pick and choose the posts one wishes to read, and wipe the rest with a single keystroke afterwards. I read the list selectively depending upon the amount of free time I have. I always try to read serious crypto articles, and all posts by Tim, Hal, Eric, Duncan, and a few other notables. If I have additional time, I will read other threads of interest, a little Vulis, and selected Toto, who happens to be a very funny person at times. Now that we have moderation, I can't do this while subscribed to the main list, and have to live in eternal fear that I am writing for an audience of 20 every time I respond to something on the unedited list. Foo on that. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From blancw at MICROSOFT.com Mon Feb 3 13:16:47 1997 From: blancw at MICROSOFT.com (Blanc Weber) Date: Mon, 3 Feb 1997 13:16:47 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: From: Timothy C. May With no false modesty I tried awfully hard to compose substantive essays on crypto-political topics, often more than one per day. (Others did too, but they seem to be tapering off as well, leaving the list to be dominated by something called a "Toto," the "O.J. was framed!" ravings of Dale Thorn, the love letters between Vulis and someone name Nurdane Oksas, and the occasional bit of crypto news. Ho hum. I'm glad I'm not reading the list in e-mail, and thus can easily avoid replying to these inanities... .......................................... Your thoughtful contributions to the list are missed, Tim. As soon as I realized that you had left the list I suspected it had something to do with its moderation. However, I must protest the inclusion of Toto's posts as one of the "inane". His posts were intentionally formulated to cause to stand out what was, indeed, inane - as he said, to "hold up a mirror". And he continually decried the list experiment, pointing out the philosophical contradiction of a moderated "anarchist" forum. If the antidote to bad speech is more speech, then he certainly provided some, although not on the level or style as yourself. And you may say that some of these posts are not worth replying to, but didn't I see you respond to one of Dale's, regarding a photo of Jessica-the-pilot which he keeps above his desk? .. Blanc From tcmay at got.net Mon Feb 3 13:43:39 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 13:43:39 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: At 1:15 PM -0800 2/3/97, Blanc Weber wrote: >Your thoughtful contributions to the list are missed, Tim. As soon as >I realized that you had left the list I suspected it had something to do >with its moderation. > >However, I must protest the inclusion of Toto's posts as one of the >"inane". His posts were intentionally formulated to cause to stand >out what was, indeed, inane - as he said, to "hold up a mirror". And >he continually decried the list experiment, pointing out the >philosophical contradiction of a moderated "anarchist" forum. Well, "Toto" wrote in a style I found hard to grasp, and his/her/its points were often lost to me. But I was only scanning the list via the hks.net archive site, and so may have missed the subtleties. One way thoughtful posts get "absorbed" is when others quote them (or the parts they like best, disagree with, etc.). This gives people a second or third look. (And, of course, when one _replies_ to a post this is how it gets read most carefully.) I saw few people I respect a lot replying substantively to the posts of some of these people who seemed to dominate the list in the last month, and of course I myself did not reply to any of them, so whatever points they were making were lost on me. >If the antidote to bad speech is more speech, then he certainly provided >some, although not on the level or style as yourself. And you may say >that some of these posts are not worth replying to, but didn't I see you >respond to one of Dale's, regarding a photo of Jessica-the-pilot which >he keeps above his desk? Sure, but that was months ago. In any case, I didn't say Dale nor Toto nor anyone else should be shunned; I posted when I felt like it. Nor of course have I ever argued for censoring Toto or Dale or anyone else. My point to Sandy was just that the new censorship policy was still clearly letting a lot of crap^H^H^H^H "piffle" (a Sandy-used and hence Sandy-approved synonym for "cr*p") through, and that certain folks were issuing lots and lots of rants and raves. Personally, I think "flames" are not the problem. Not flames from obviously thoughtful folks who are angered or peeved about something. The "flames" posted by bots--targetted at me, usually--were not especially helpful, but I see nothing wrong with, say, Hallam-Baker flaming Bell. Or vice versa. Flames and intense argument are often useful in explicating hard subjects...and who can deny that Bell's ideas are controversial and may generate intense opinions? To expunge the list of Vulis' ASCII art and "Timmy May was born on a toilet as the spawn of a dandruff-covered Armenian tchurka and his nekulturny peasant mother" bot-generated insults we have apparently now gotten a list where Lord Sandy apprises us that he almost rejected my long, carefully-constructed essay because I committed the NewCyphepunk (TM) sin of referring to Toto, Dale, Dimitri, and Nurgaine in unflattering ways. Like I said, "fuck that." Or, more politely, it's throwing the baby out with the bathwater. Not to mention sending the strong message that "Even Cypherpunks gave up their experiment with anarchy and now have a moderator deciding what the main list is permitted to read." Far too high a price to pay for the "comity" Sandy craves. (And if Sandy wants comity and good cheer, let him either form his own list or establish a filtered list just the way Blossom and Arachelian did. Hijacking the list to reform it in his own image is dirty pool.) --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From vznuri at netcom.com Mon Feb 3 13:44:20 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Mon, 3 Feb 1997 13:44:20 -0800 (PST) Subject: Govt & cyberspace In-Reply-To: <199702021510.HAA24723@toad.com> Message-ID: <199702032143.NAA12677@netcom9.netcom.com> DF raises the question of whether the IRS will be able to modernize in the lack of "intellectual capital" (i.e. brains). This is actually a very interesting topic which I've not seen a lot of analysis on elsewhere, but which I expect to see a lot more in the future. the basic issue is this: private industry is moving into cyberspace at a lightening pace. yet the government is painfully incapable of doing the same for reasons of bureacracy. numerous articles have been documenting the inability of the government to successfully pull of massive software and hardware upgrade projects. I suspect it will only be a matter of time before this is called a major "crisis" by politicians and milked for all of its conceivable tax value. eeks. I've seen a lot of articles about govt agencies in a computational crisis due to this problem. maybe someone can come up with a cute tag item. "technology envy" maybe? I read about how the FAA was trying to install a new flight control system that's insanely over budget and lightyears from a conceivable completion. another *major* computation problem is the year 2000 crisis. private companies can barely get it together to do the upgrading and investigation required to fix the 2000-flip problem. the government is even farther behind. if there is going to be a year 2000 "crisis" due to the millenium bug, I suspect much of it will be focused in government agencies. "tech envy"-- what impact is this going to have on our government? it's becoming a huge issue. it may be a really great opportunity for a populist movement to truly reform the government in the process of upgrading their computers. I suspect that the "groupware" technology that is just getting started will have major influence in these areas. as private companies find increasingly sophisticated ways of managing themselves, the obvious question will arise, "why can't we have an efficient govt when our private industries are"? the answer is, we can!! I've written about "electronic democracy" repeatedly. many people object to the idea. but when it is phrased in terms of groupware, it becomes more palatable. imagine a small company humming along with its groupware application that allows it to make company-wide decisions using a democratic process. moreover, the software is robust and scales well. why can't the same principles be scaled up, up, up? I predict that they will be in a rather extraordinary revolution. a new "velvet revolution"? comments anyone? From pdh at best.com Mon Feb 3 13:53:04 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 13:53:04 -0800 (PST) Subject: Information Warfare Message-ID: The cypherpunks list has been under "attack" for some time. How have we managed it? Very poorly in my view. Some people have dismissed the idea that rogue governmental elements are behind some of our problems. Yet, there is no reason to rule out this hypothesis. The government has not always behaved well with regards to its perceived enemies in the last few decades. The FBI seems to infiltrate everything - even churches!. This is well documented. The CIA has worked hard on disrupting various political movements of which it did not approve using provocateurs and other conspiratorial dirty tricks. (I believe the FBI has, too, but I do not recall any documentation offhand.) We know that "Information Warfare" is the big thing in the defense establishment right now. It's all over their web pages. We see articles from the Kennedy School which seem to compare free speech with disease. Etc. Etc. We also believe that the things the Cypherpunks are interested in are on the radar screen. Maybe the Cypherpunks are, too. Is it unreasonable to ask whether some people are getting funding to experiment with disrupting "groups" like the Cypherpunks? I can easily picture people inventing all sorts of important sounding words like "psy-op" for what is little more than rudeness. Whatever the cause of the disruptions, the solutions are the same. Most of the proposals I've been hearing have to do with controlling the behavior of other cypherpunks and creating more structure. This is a mistake. It's clear that even the definitions of "spam" and "flame" are hard to nail down. The next idea will be to moderate on the basis of content. How will we decide what is content? Clearly that's much too important a question to leave to just one person. What we need is a committee to decide! What's next? Robert's Rules of Order? All of this detracts from the work we have before us. If you've ever been involved with a non-profit organization, you will know that enormous energy is spent on internal political scheming. That's a boring waste of time. Let's go down a better path. Let's think about the best way for each cypherpunk to manage disruptions. Please consider these suggestions: 1. Filter noise. I filter based on origin. If a kill file doesn't work, use a positive filter to read messages only from people who are worthwhile. It has been suggested that this doesn't work because some people post garbage, but also occasionally post something good. There's gold in the ocean, too. Why don't we retrieve it? If you don't want to manage a filter yourself, find somebody to do it for you. A number of people offer filtering services. Remember that in an open forum, noise increases with signal. The more worthwhile and interesting threads are on the list, the more worthless postings we are going to see, particlarly when people are consciously disruptive. 2. Post signal. Filters are useless when there is no signal. Signal comes from cypherpunks. You are a cypherpunk. 3. Birds of a feather flock together. When you respond to somebody, you mingle your on-line identity with theirs. Fly with the eagles. Peter Hendrickson ph at netcom.com From vznuri at netcom.com Mon Feb 3 14:04:55 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Mon, 3 Feb 1997 14:04:55 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702030325.TAA09985@toad.com> Message-ID: <199702032204.OAA24923@netcom9.netcom.com> <* The mechanics of the announcement troubled me greatly. To be blunt, I was Message-ID: <199702032135.NAA17688@comsec.com> A. Padgett Peterson P.E. Information Security apparently wrote: > Have good reason to believe your estimate for a purpose built machine this > year (expect 600,000,000 to 1,000,000,000 kps per sieve - these will not > be cheap chips but will be commecially available). Expect 400 arrays > would be required to do DES in a day (average) but is a lot more > achievable than the 65k postulated by the gang of nine. I received a nice flyer in the mail the other day from "Chip Express" (www.chipexpress.com, 800-95-CHIPX). They are offering Laser Programmed Gate Arrays. It appears to be a reasonable way to get some Wiener chips built. As I recall, the Wiener design required about 23,000 gates. Their blurb had the following table in in: FPGA Gates ASIC Gates 500 Units 1000 Units 5000 Units 40,000 20,000 $77 $45 $10 Not Avail 200,000 $176 $150 $82 So it appears that you can get 5000 Wiener key search chips build for about $50K. I'm not sure about the speed, but I wouldn't be surprised if you could clock these at 50 MHz. The Wiener design is pipelined and searches one key per clock, so each chip could search 50e6 keys / second. 50e6 * 5000 = 250e9 keys / second for $50K Happy Hunting... Eric From pdh at best.com Mon Feb 3 14:19:41 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 14:19:41 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: At 1:12 PM 2/3/1997, Lucky Green wrote: >At 12:28 PM 2/3/97 -0800, Peter Hendrickson wrote: >>At 11:38 AM 2/3/1997, Lucky Green wrote: >>> I am well aware of the name recognition and reputation capital associated >>> with CP, still I believe it best to *kill the list*. >> If you don't like the list, why not unsubscribe? > That won't solve the problem. The list has become counterproductive. It is > impossible for other lists to provide a real forum for the discussion of > the topics that this list used to be about while CP still exists. At the > same time, CP has long stopped providing such a forum. CP is draining > energy from its subscribers and the cause. Kill it! Kill it now! Who should do what to comply with your proposal? Should John shut down the list? Are you asking everybody to unsubscribe? I don't think "killing the list" is an option for you or anybody else. The List transcends all domains. Peter Hendrickson ph at netcom.com From lharrison at mhv.net Mon Feb 3 14:23:19 1997 From: lharrison at mhv.net (Lynne L. Harrison) Date: Mon, 3 Feb 1997 14:23:19 -0800 (PST) Subject: PGP 2.1 Message-ID: <9702032223.AA11951@super.mhv.net> -----BEGIN PGP SIGNED MESSAGE----- Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit To: cypherpunks at toad.com Date: Mon Feb 03 17:19:14 1997 > Mark Henderson wrote: > > > > Larry Johnson writes: > > > Hello, > > > Can any;one tell me how to get a version of PGP 2.1? > > > Thanks > > > > > But, why do you want version 2.1? > > Because the guy who wrote it was let off after that on his jail > charges, so I'm not going to use anything he made after that if > I don't know why. > I'm not saying that he rolled over or nothin buyt I'm gonna be > paranoyd like he said in the book. I dont suposse he'd mind, > since he said it. > I'm not real smart sometimes but I'nm not a real lamer, either. > (I don't think) I bite my tongue.... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMvZkYj5A4+Z4Wnt9AQEtNwP/TXMTZcozL0dNIJjBbdX7mwu0DiEJZV29 nzmIOPZFQyqeVgc1+DrYc0oB6hILAdC5Juf2k7sHr3bzqwNUWERY+PskVRWxRsi6 onN5OqNiAZxVJMcUDZx2r34vZd9Z3TtkGqHDY91xr6Q8UgBYcsmI1SwyjUTwgwST oraGSR/h8eE= =YYIb -----END PGP SIGNATURE----- From vznuri at netcom.com Mon Feb 3 14:24:34 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Mon, 3 Feb 1997 14:24:34 -0800 (PST) Subject: Filling Power Vacuums In-Reply-To: <199702032011.MAA01084@toad.com> Message-ID: <199702032224.OAA00880@netcom9.netcom.com> timmy writes: And since I don't wish to assume the mantle Several months back there were discussions on the list regarding renaming the government's key escrow/recovery proposals (KRAP comes to mind). I think we need something that's catchy and simple (perhaps already familiar) to understand for the semi-litterate citizen units. I propose we encourage use of the terms "crippleware" or "crypto crippleware" when refering to the products limited to their weak crypto and/or key escrow/recovery. --Steve From emc at wire.insync.net Mon Feb 3 14:41:11 1997 From: emc at wire.insync.net (Eric Cordian) Date: Mon, 3 Feb 1997 14:41:11 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702032241.OAA04512@toad.com> Peter Hendrickson writes: > Moderation has been a failure. I'm pretty good at filtering and I > can sadly report that there is very little signal out there. The quality of the Cypherpunks list is determined solely by the amount of signal. The amount of noise is irrelevant. Barring someone continuously mail-bombing the list 24 hours a day from a T3, it is easy to pick and choose the posts one wishes to read, and wipe the rest with a single keystroke afterwards. I read the list selectively depending upon the amount of free time I have. I always try to read serious crypto articles, and all posts by Tim, Hal, Eric, Duncan, and a few other notables. If I have additional time, I will read other threads of interest, a little Vulis, and selected Toto, who happens to be a very funny person at times. Now that we have moderation, I can't do this while subscribed to the main list, and have to live in eternal fear that I am writing for an audience of 20 every time I respond to something on the unedited list. Foo on that. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law" From vznuri at netcom.com Mon Feb 3 14:41:46 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Mon, 3 Feb 1997 14:41:46 -0800 (PST) Subject: Govt & cyberspace Message-ID: <199702032241.OAA04535@toad.com> DF raises the question of whether the IRS will be able to modernize in the lack of "intellectual capital" (i.e. brains). This is actually a very interesting topic which I've not seen a lot of analysis on elsewhere, but which I expect to see a lot more in the future. the basic issue is this: private industry is moving into cyberspace at a lightening pace. yet the government is painfully incapable of doing the same for reasons of bureacracy. numerous articles have been documenting the inability of the government to successfully pull of massive software and hardware upgrade projects. I suspect it will only be a matter of time before this is called a major "crisis" by politicians and milked for all of its conceivable tax value. eeks. I've seen a lot of articles about govt agencies in a computational crisis due to this problem. maybe someone can come up with a cute tag item. "technology envy" maybe? I read about how the FAA was trying to install a new flight control system that's insanely over budget and lightyears from a conceivable completion. another *major* computation problem is the year 2000 crisis. private companies can barely get it together to do the upgrading and investigation required to fix the 2000-flip problem. the government is even farther behind. if there is going to be a year 2000 "crisis" due to the millenium bug, I suspect much of it will be focused in government agencies. "tech envy"-- what impact is this going to have on our government? it's becoming a huge issue. it may be a really great opportunity for a populist movement to truly reform the government in the process of upgrading their computers. I suspect that the "groupware" technology that is just getting started will have major influence in these areas. as private companies find increasingly sophisticated ways of managing themselves, the obvious question will arise, "why can't we have an efficient govt when our private industries are"? the answer is, we can!! I've written about "electronic democracy" repeatedly. many people object to the idea. but when it is phrased in terms of groupware, it becomes more palatable. imagine a small company humming along with its groupware application that allows it to make company-wide decisions using a democratic process. moreover, the software is robust and scales well. why can't the same principles be scaled up, up, up? I predict that they will be in a rather extraordinary revolution. a new "velvet revolution"? comments anyone? From tcmay at got.net Mon Feb 3 14:41:47 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 14:41:47 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702032241.OAA04539@toad.com> At 1:15 PM -0800 2/3/97, Blanc Weber wrote: >Your thoughtful contributions to the list are missed, Tim. As soon as >I realized that you had left the list I suspected it had something to do >with its moderation. > >However, I must protest the inclusion of Toto's posts as one of the >"inane". His posts were intentionally formulated to cause to stand >out what was, indeed, inane - as he said, to "hold up a mirror". And >he continually decried the list experiment, pointing out the >philosophical contradiction of a moderated "anarchist" forum. Well, "Toto" wrote in a style I found hard to grasp, and his/her/its points were often lost to me. But I was only scanning the list via the hks.net archive site, and so may have missed the subtleties. One way thoughtful posts get "absorbed" is when others quote them (or the parts they like best, disagree with, etc.). This gives people a second or third look. (And, of course, when one _replies_ to a post this is how it gets read most carefully.) I saw few people I respect a lot replying substantively to the posts of some of these people who seemed to dominate the list in the last month, and of course I myself did not reply to any of them, so whatever points they were making were lost on me. >If the antidote to bad speech is more speech, then he certainly provided >some, although not on the level or style as yourself. And you may say >that some of these posts are not worth replying to, but didn't I see you >respond to one of Dale's, regarding a photo of Jessica-the-pilot which >he keeps above his desk? Sure, but that was months ago. In any case, I didn't say Dale nor Toto nor anyone else should be shunned; I posted when I felt like it. Nor of course have I ever argued for censoring Toto or Dale or anyone else. My point to Sandy was just that the new censorship policy was still clearly letting a lot of crap^H^H^H^H "piffle" (a Sandy-used and hence Sandy-approved synonym for "cr*p") through, and that certain folks were issuing lots and lots of rants and raves. Personally, I think "flames" are not the problem. Not flames from obviously thoughtful folks who are angered or peeved about something. The "flames" posted by bots--targetted at me, usually--were not especially helpful, but I see nothing wrong with, say, Hallam-Baker flaming Bell. Or vice versa. Flames and intense argument are often useful in explicating hard subjects...and who can deny that Bell's ideas are controversial and may generate intense opinions? To expunge the list of Vulis' ASCII art and "Timmy May was born on a toilet as the spawn of a dandruff-covered Armenian tchurka and his nekulturny peasant mother" bot-generated insults we have apparently now gotten a list where Lord Sandy apprises us that he almost rejected my long, carefully-constructed essay because I committed the NewCyphepunk (TM) sin of referring to Toto, Dale, Dimitri, and Nurgaine in unflattering ways. Like I said, "fuck that." Or, more politely, it's throwing the baby out with the bathwater. Not to mention sending the strong message that "Even Cypherpunks gave up their experiment with anarchy and now have a moderator deciding what the main list is permitted to read." Far too high a price to pay for the "comity" Sandy craves. (And if Sandy wants comity and good cheer, let him either form his own list or establish a filtered list just the way Blossom and Arachelian did. Hijacking the list to reform it in his own image is dirty pool.) --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From aba at dcs.ex.ac.uk Mon Feb 3 14:42:29 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Mon, 3 Feb 1997 14:42:29 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702030626.WAA14617@toad.com> Message-ID: <199702031011.KAA00295@server.test.net> My main complaints about the `filtering' service forced upon the list readership are that: 1. It was done to the main list! If cypherpunks were left unchanged, and a `cypherpunks-edited' were created I wouldn't have a problem, it would be just another filtered list. However there are already several filtered lists, so the usefulness of this is limited anyway. Merely including details of these filtered lists in the sign on message, and posting a reminder every few weeks would suffice. I and apparently, most others didn't choose to subscribe to a filtering service. I object to this choice being over-ridden. OK, so I can re-subscribe to cypherpunks (cypherpunks-unedited), but many won't bother. (Actually I subscribe to cypherpunks-flames and cypherpunks, as the most efficient way of receiving all messages, and still being able to see the moderation results). 2. The impetus for moderating the main list seems to be as a result of a few posts by Dimitri. Really, if this is all it takes to destroy an unmoderated list, I've got to laugh at cypherpunks collectively. Why is it such a big deal to press the `n' key, if you don't like what Dimitri, or anyone else, has to say? If your time is too valuable to press `n' keys, what is wrong with subscribing to the existing filtered lists? Or with setting up a kill-file? Or maybe generating a bit of signal yourself? 3. It is even more funny that in my opinion Dimitri purposefully set out to raise the issue of censorship (after his own partial censorship), and has succeeded to this extent. The whole thing is just allowing yourself to be manipulated by his transparent efforts. 4. There is already a moderated forum for discussion of cypherpunks issues: cryptography at c2.net, why do we need another one? My vote is for renaming: `cypherpunks-unedited' -> `cypherpunks' and `cypherpunks' -> `cypherpunks-edited' and for moving all those still on the edited list to the unedited list. Post a note advertising the availability of a new filtering service called `cypherpunks-edited at toad.com', along with the references to the other competing filtering services. If at the end of the trial forced moderation period, John Gilmore doesn't have the bandwidth on toad.com to support all of `cypherpunks', `cypherpunks-edited' and `cypherpunks-flames', I suggest that a new home is found for `cypherpunks'. Or perhaps Sandy as proponent of his filtering service, would be able to find a home for `sandys-filtered-cypherpunks' service, as with the other filtering services. Personally, I am not in the habit of flaming people, or using the word `fuck', in general discussion, but I find the way this `filtering service' was foisted on the main list highly objectionable. Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 At 12:28 PM 2/3/97 -0800, Peter Hendrickson wrote: >At 11:38 AM 2/3/1997, Lucky Green wrote: >> I am well aware of the name recognition and reputation capital associated >> with CP, still I believe it best to *kill the list*. > >If you don't like the list, why not unsubscribe? That won't solve the problem. The list has become counterproductive. It is impossible for other lists to provide a real forum for the discussion of the topics that this list used to be about while CP still exists. At the same time, CP has long stopped providing such a forum. CP is draining energy from its subscribers and the cause. Kill it! Kill it now! -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From ray at earthweb.com Mon Feb 3 14:43:29 1997 From: ray at earthweb.com (Ray Arachelian) Date: Mon, 3 Feb 1997 14:43:29 -0800 (PST) Subject: Another ActiveX hole (fwd) Message-ID: <199702032243.OAA04600@toad.com> -------+..........................................................+------- + ^ + : Ray Arachelian : #include :../|\.. \|/ : ray at earthweb.com :.....................................:./\|/\. <--+-->: ................ : My oppinions are my own and do not :.\/|\/. /|\ :voice: 212-725-6550 : neccesairly represent those of my :..\|/.. + v + :....................: employer. :....... .... http://www.sundernet.com ...personal.email sunder at sundernet.com ..... ---------- Forwarded message ---------- Date: Mon, 03 Feb 1997 13:26:44 -0500 From: Andy Breen To: yak at earthweb.com Subject: Another ActiveX hole hmmmmmmmmmmmmm.... ------------------ DMK: An application of covert channels. From RISKS Digest Vol 18, Issue 80. Date: 1 Feb 1997 05:12:02 GMT From: weberwu at tfh-berlin.de (Debora Weber-Wulff) Subject: Electronic Funds Transfer without stealing PIN/TAN The Berlin newspaper "Tagespiegel" reports on 29 Jan 97 about a television show broadcast the previous evening on which hackers from the Chaos Computer Club demonstrated how to electronically transfer funds without needing a PIN (Personal Identification Number) or TAN (Transaction Number). Apparently it suffices for the victim to visit a site which downloads an ActiveX application, which automatically starts and checks to see if Quicken, a popular financial software package that also offers electronic funds transfer, is on the machine. If so, Quicken is given a transfer order which is saved by Quicken in its pile of pending transfer orders. The next time the victim sends off the pending transfer orders to the bank (and enters in a valid PIN and TAN for that!) all the orders (= 1 transaction) are executed - money is transferred without the victim noticing! The newspaper quotes various officials at Microsoft et al expressing disbelief/outrage/"we're working on it". We discussed this briefly in class looking for a way to avoid the problem. Demanding a TAN for each transfer is not a solution, for one, the banks only send you 50 at a time, and many small companies pay their bills in bunches. Having to enter a TAN for each transaction would be quite time-consuming. Our only solution would be to forbid browsers from executing any ActiveX component without express authorization, but that rather circumvents part of what ActiveX is intended for. A small consolation: the transfer is trackable, that is, it can be determined at the bank to which account the money went. Some banks even include this information on the statement, but who checks every entry on their statements... Debora Weber-Wulff, Technische Fachhochschule Berlin, Luxemburger Str. 10, 13353 Berlin GERMANY weberwu at tfh-berlin.de From: Timothy C. May With no false modesty I tried awfully hard to compose substantive essays on crypto-political topics, often more than one per day. (Others did too, but they seem to be tapering off as well, leaving the list to be dominated by something called a "Toto," the "O.J. was framed!" ravings of Dale Thorn, the love letters between Vulis and someone name Nurdane Oksas, and the occasional bit of crypto news. Ho hum. I'm glad I'm not reading the list in e-mail, and thus can easily avoid replying to these inanities... .......................................... Your thoughtful contributions to the list are missed, Tim. As soon as I realized that you had left the list I suspected it had something to do with its moderation. However, I must protest the inclusion of Toto's posts as one of the "inane". His posts were intentionally formulated to cause to stand out what was, indeed, inane - as he said, to "hold up a mirror". And he continually decried the list experiment, pointing out the philosophical contradiction of a moderated "anarchist" forum. If the antidote to bad speech is more speech, then he certainly provided some, although not on the level or style as yourself. And you may say that some of these posts are not worth replying to, but didn't I see you respond to one of Dale's, regarding a photo of Jessica-the-pilot which he keeps above his desk? .. Blanc From ichudov at algebra.com Mon Feb 3 14:46:56 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Mon, 3 Feb 1997 14:46:56 -0800 (PST) Subject: Filling Power Vacuums In-Reply-To: <199702032224.OAA00880@netcom9.netcom.com> Message-ID: <199702032242.QAA01249@manifold.algebra.com> vovochka wrote: > timmy writes: > > < > <"fill the power vacuum" and grab power. > > ah, so what's the solution? Maybe there is a way to set up a structure that allows for no power to appear. In fact, I know one. > don't worry timmy, you'll feel better later after you've forgotten > that there was some deep lesson in all this. - Igor. From azur at netcom.com Mon Feb 3 14:56:00 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 14:56:00 -0800 (PST) Subject: GAK/KR spin Message-ID: <199702032256.OAA04944@toad.com> Several months back there were discussions on the list regarding renaming the government's key escrow/recovery proposals (KRAP comes to mind). I think we need something that's catchy and simple (perhaps already familiar) to understand for the semi-litterate citizen units. I propose we encourage use of the terms "crippleware" or "crypto crippleware" when refering to the products limited to their weak crypto and/or key escrow/recovery. --Steve From ichudov at algebra.com Mon Feb 3 14:56:07 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Mon, 3 Feb 1997 14:56:07 -0800 (PST) Subject: Filling Power Vacuums Message-ID: <199702032256.OAA04959@toad.com> vovochka wrote: > timmy writes: > > < > <"fill the power vacuum" and grab power. > > ah, so what's the solution? Maybe there is a way to set up a structure that allows for no power to appear. In fact, I know one. > don't worry timmy, you'll feel better later after you've forgotten > that there was some deep lesson in all this. - Igor. From eb at comsec.com Mon Feb 3 14:56:33 1997 From: eb at comsec.com (Eric Blossom) Date: Mon, 3 Feb 1997 14:56:33 -0800 (PST) Subject: RC5-12/32/5 contest solved Message-ID: <199702032256.OAA04984@toad.com> A. Padgett Peterson P.E. Information Security apparently wrote: > Have good reason to believe your estimate for a purpose built machine this > year (expect 600,000,000 to 1,000,000,000 kps per sieve - these will not > be cheap chips but will be commecially available). Expect 400 arrays > would be required to do DES in a day (average) but is a lot more > achievable than the 65k postulated by the gang of nine. I received a nice flyer in the mail the other day from "Chip Express" (www.chipexpress.com, 800-95-CHIPX). They are offering Laser Programmed Gate Arrays. It appears to be a reasonable way to get some Wiener chips built. As I recall, the Wiener design required about 23,000 gates. Their blurb had the following table in in: FPGA Gates ASIC Gates 500 Units 1000 Units 5000 Units 40,000 20,000 $77 $45 $10 Not Avail 200,000 $176 $150 $82 So it appears that you can get 5000 Wiener key search chips build for about $50K. I'm not sure about the speed, but I wouldn't be surprised if you could clock these at 50 MHz. The Wiener design is pipelined and searches one key per clock, so each chip could search 50e6 keys / second. 50e6 * 5000 = 250e9 keys / second for $50K Happy Hunting... Eric From pdh at best.com Mon Feb 3 14:57:01 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 14:57:01 -0800 (PST) Subject: Information Warfare Message-ID: <199702032257.OAA05015@toad.com> The cypherpunks list has been under "attack" for some time. How have we managed it? Very poorly in my view. Some people have dismissed the idea that rogue governmental elements are behind some of our problems. Yet, there is no reason to rule out this hypothesis. The government has not always behaved well with regards to its perceived enemies in the last few decades. The FBI seems to infiltrate everything - even churches!. This is well documented. The CIA has worked hard on disrupting various political movements of which it did not approve using provocateurs and other conspiratorial dirty tricks. (I believe the FBI has, too, but I do not recall any documentation offhand.) We know that "Information Warfare" is the big thing in the defense establishment right now. It's all over their web pages. We see articles from the Kennedy School which seem to compare free speech with disease. Etc. Etc. We also believe that the things the Cypherpunks are interested in are on the radar screen. Maybe the Cypherpunks are, too. Is it unreasonable to ask whether some people are getting funding to experiment with disrupting "groups" like the Cypherpunks? I can easily picture people inventing all sorts of important sounding words like "psy-op" for what is little more than rudeness. Whatever the cause of the disruptions, the solutions are the same. Most of the proposals I've been hearing have to do with controlling the behavior of other cypherpunks and creating more structure. This is a mistake. It's clear that even the definitions of "spam" and "flame" are hard to nail down. The next idea will be to moderate on the basis of content. How will we decide what is content? Clearly that's much too important a question to leave to just one person. What we need is a committee to decide! What's next? Robert's Rules of Order? All of this detracts from the work we have before us. If you've ever been involved with a non-profit organization, you will know that enormous energy is spent on internal political scheming. That's a boring waste of time. Let's go down a better path. Let's think about the best way for each cypherpunk to manage disruptions. Please consider these suggestions: 1. Filter noise. I filter based on origin. If a kill file doesn't work, use a positive filter to read messages only from people who are worthwhile. It has been suggested that this doesn't work because some people post garbage, but also occasionally post something good. There's gold in the ocean, too. Why don't we retrieve it? If you don't want to manage a filter yourself, find somebody to do it for you. A number of people offer filtering services. Remember that in an open forum, noise increases with signal. The more worthwhile and interesting threads are on the list, the more worthless postings we are going to see, particlarly when people are consciously disruptive. 2. Post signal. Filters are useless when there is no signal. Signal comes from cypherpunks. You are a cypherpunk. 3. Birds of a feather flock together. When you respond to somebody, you mingle your on-line identity with theirs. Fly with the eagles. Peter Hendrickson ph at netcom.com From vznuri at netcom.com Mon Feb 3 14:57:04 1997 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Mon, 3 Feb 1997 14:57:04 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702032257.OAA05024@toad.com> <* The mechanics of the announcement troubled me greatly. To be blunt, I was At 1:12 PM 2/3/1997, Lucky Green wrote: >At 12:28 PM 2/3/97 -0800, Peter Hendrickson wrote: >>At 11:38 AM 2/3/1997, Lucky Green wrote: >>> I am well aware of the name recognition and reputation capital associated >>> with CP, still I believe it best to *kill the list*. >> If you don't like the list, why not unsubscribe? > That won't solve the problem. The list has become counterproductive. It is > impossible for other lists to provide a real forum for the discussion of > the topics that this list used to be about while CP still exists. At the > same time, CP has long stopped providing such a forum. CP is draining > energy from its subscribers and the cause. Kill it! Kill it now! Who should do what to comply with your proposal? Should John shut down the list? Are you asking everybody to unsubscribe? I don't think "killing the list" is an option for you or anybody else. The List transcends all domains. Peter Hendrickson ph at netcom.com From aba at dcs.ex.ac.uk Mon Feb 3 14:59:04 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Mon, 3 Feb 1997 14:59:04 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702032259.OAA05072@toad.com> My main complaints about the `filtering' service forced upon the list readership are that: 1. It was done to the main list! If cypherpunks were left unchanged, and a `cypherpunks-edited' were created I wouldn't have a problem, it would be just another filtered list. However there are already several filtered lists, so the usefulness of this is limited anyway. Merely including details of these filtered lists in the sign on message, and posting a reminder every few weeks would suffice. I and apparently, most others didn't choose to subscribe to a filtering service. I object to this choice being over-ridden. OK, so I can re-subscribe to cypherpunks (cypherpunks-unedited), but many won't bother. (Actually I subscribe to cypherpunks-flames and cypherpunks, as the most efficient way of receiving all messages, and still being able to see the moderation results). 2. The impetus for moderating the main list seems to be as a result of a few posts by Dimitri. Really, if this is all it takes to destroy an unmoderated list, I've got to laugh at cypherpunks collectively. Why is it such a big deal to press the `n' key, if you don't like what Dimitri, or anyone else, has to say? If your time is too valuable to press `n' keys, what is wrong with subscribing to the existing filtered lists? Or with setting up a kill-file? Or maybe generating a bit of signal yourself? 3. It is even more funny that in my opinion Dimitri purposefully set out to raise the issue of censorship (after his own partial censorship), and has succeeded to this extent. The whole thing is just allowing yourself to be manipulated by his transparent efforts. 4. There is already a moderated forum for discussion of cypherpunks issues: cryptography at c2.net, why do we need another one? My vote is for renaming: `cypherpunks-unedited' -> `cypherpunks' and `cypherpunks' -> `cypherpunks-edited' and for moving all those still on the edited list to the unedited list. Post a note advertising the availability of a new filtering service called `cypherpunks-edited at toad.com', along with the references to the other competing filtering services. If at the end of the trial forced moderation period, John Gilmore doesn't have the bandwidth on toad.com to support all of `cypherpunks', `cypherpunks-edited' and `cypherpunks-flames', I suggest that a new home is found for `cypherpunks'. Or perhaps Sandy as proponent of his filtering service, would be able to find a home for `sandys-filtered-cypherpunks' service, as with the other filtering services. Personally, I am not in the habit of flaming people, or using the word `fuck', in general discussion, but I find the way this `filtering service' was foisted on the main list highly objectionable. Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 timmy writes: And since I don't wish to assume the mantle ... Cylink (CYLK) announced today that the government has approved export of the company's security products containing strong encryption. Likewise, Digital Equipment (DEC) has also won approval and plans to begin shipments of encryption-enabled networking and system software immediately. A third company, Trusted Information Systems, effectively had approval before January 1 because of its existing key recovery technology. ... http://www.news.com/News/Item/0,4,7575,00.html From roach_s at alph.swosu.edu Mon Feb 3 15:31:53 1997 From: roach_s at alph.swosu.edu (Sean Roach) Date: Mon, 3 Feb 1997 15:31:53 -0800 (PST) Subject: concerning Ben Franklin Message-ID: <199702032331.PAA05637@toad.com> I was reading one of the posts in the thread reguarding sone stolen object in Miami, the one reffering to the locks of the boxes, and it got me thinking. Ben Franklin was a revolutionary, scientist, inventor, publisher, statesman, and bookburner (according to F451). Perhaps he should be considered to be a cypherpunk, not that he necessarily knew anything about crypto, but because he was interested in many of the same ideals. It is my belief that were he alive today, he would be on this list. If the work of fiction referred to above, and in another recent post, is accurate in its reference to Franklin, then he would seem to have had the same solution to net pollution, burn it. Rather than considering Ben Franklin the first fireman, I would like to think of him as an early breed of cypherpunk. By this I consider cypherpunk to be interested in the subject, and its outcome, and a cryptographer to be just one faction of cypherpunk. Merely my opinion. Does anyone know whether or not Mr. Franklin may have played with code as well? All of my sources were assimilated into my understanding of the man several years ago, and at the time crypto was less in the public eye than it is now. From winsock at rigel.cyberpass.net Mon Feb 3 15:31:54 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Mon, 3 Feb 1997 15:31:54 -0800 (PST) Subject: [PKP] Info please! Message-ID: <199702032331.PAA13031@sirius.infonex.com> Debauchery L[ethargic] Vilus K[unt]OTM likes to be the man in the middle, getting it both up the ass and in his mouth. ,/ \, ((__,-"""-,__)) `--)~ ~(--` .-'( )`-, Debauchery L[ethargic] Vilus K[unt]OTM `~~`d\ /b`~~` | | (6___6) `---` From winsock at rigel.cyberpass.net Mon Feb 3 15:35:31 1997 From: winsock at rigel.cyberpass.net (WinSock Remailer) Date: Mon, 3 Feb 1997 15:35:31 -0800 (PST) Subject: Editted Edupage Message-ID: <199702032334.PAA13147@sirius.infonex.com> When Dimitri L[eisuresuit] Vulis K[arcinogen] Of The Month's mother gave birth to him after fucking with a bunch of sailors, she didn't know who the father was but decided to tell him that he was a Russian as the Russian sailor was the one who satisfied her the most. _ I I I~I I~I __ _ I~I _ . \ \ I_I/I-II-II \~~\' `-'`-'~I \_ ) ~\_ /~~ ) Dimitri L[eisuresuit] Vulis K[arcinogen] Of The Month \_ Y )' \ ^ / |~ ~| ===== From svmcguir at syr.edu Mon Feb 3 15:43:04 1997 From: svmcguir at syr.edu (Scott V. McGuire) Date: Mon, 3 Feb 1997 15:43:04 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702030626.WAA14617@toad.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I've been quiet about the moderation experiment (and I never posted frequently anyway) but something Sandy wrote requires comment. In responding to Tim, Sandy points to the number of people on the censored list as evidence of the acceptance of the filtering. I am included in that group and object to my silence being interpreted as support. As Tim has pointed out, the bulk of the 2000 or so people who have remained on the filtered list have never been active participants on the list. As we have never heard from them, we don't even know that they were bothered by the flames and noise of the pre-filtered list. And, even if we did know, I don't think that there opinions should count as much as those of the more active participants to the list. A subscription to the list does not make one a member of the Cypherpunks "community". It is the opinion of the members of the community and not the observers of it which should matter. (Even within the community, some people are more a part of it than others, and nobody is more a part of it then Tim.) As for the rest of us on the filtered list who are active (or occasionally active) participants, our remaining on the list still can not be taken as support for censorship. Moderation of the list was announced as a one month experiment. I didn't change my subscription from the filtered to the unfiltered list because I expected this to end in a month and I was willing to participate in the experiment. You can't ask someone to try something for a month to see if they like it and call there use of it in that month evidence that they like it. As long as I am writing, I may as well write the rest of my thoughts. While there was a period between the announcement of moderation and the start of it during which people could (and did) comment on the change, the announcement was clear that there would be moderation. It was indeed a fait accompli. The moderated list should have been offered but not imposed. Then the experiment would have determined how many people thought the list was so bad that they would seek moderation, rather than determining how many thought moderation was so bad that they would seek to avoid it. Sandy, you said that you thought the list had improved since you began moderating. How could you think otherwise? When you send an article to the flames list its because you think the list would have been worse otherwise. I don't think the moderators opinion should be considered in determining if moderation is a good thing. I think there is a conflict of interest there. - -------------------- Scott V. McGuire PGP key available at http://web.syr.edu/~svmcguir Key fingerprint = 86 B1 10 3F 4E 48 75 0E 96 9B 1E 52 8B B1 26 05 -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBMvZ3lN7xoXfnt4lpAQGjbgQAs9qqrOZCgHeT19yh6LOS8rsXVAglssVI 2VLCiKb/X0Ny1+p3kzTiit42uykv5IhoCn+GdJF0X08zW02ymRf6JIv2sLksW2ln E+SZuUoLFk18emLIJMEVGNPW7cJEl7/a75IdETrU14RcdBN8F86bm5VK36kyNMIY kPfB825uWxU= =N3va -----END PGP SIGNATURE----- From nobody at huge.cajones.com Mon Feb 3 15:56:08 1997 From: nobody at huge.cajones.com (Huge Cajones Remailer) Date: Mon, 3 Feb 1997 15:56:08 -0800 (PST) Subject: now we know why it was called altavista! Message-ID: <199702032356.PAA06433@toad.com> ... Cylink (CYLK) announced today that the government has approved export of the company's security products containing strong encryption. Likewise, Digital Equipment (DEC) has also won approval and plans to begin shipments of encryption-enabled networking and system software immediately. A third company, Trusted Information Systems, effectively had approval before January 1 because of its existing key recovery technology. ... http://www.news.com/News/Item/0,4,7575,00.html From azur at netcom.com Mon Feb 3 15:56:19 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 15:56:19 -0800 (PST) Subject: New X-Ray Imager Message-ID: New X-ray gun trades privacy for safety Reported by Andy C Seen in The Nando Times on 13 August 1996 ---------------------------------------------------------------------------- The Passive Millimeter Wave Imager can X-ray through clothing to "see" a concealed weapon, plastic explosives or drugs. A police officer can surreptitiously aim it into a crowd from as far away as 90 feet. The new X-ray gun is becoming a symbol for an unlikely alliance of civil libertarians and gun owners who fear the fight against crime and terrorism may be waged at the expense of personal freedoms. "I'm incredibly concerned," said John Henry Hingson, a past president of the National Association of Criminal Defense Lawyers, meeting here this past week. "The entire nation could become a victim of illegal searches and seizures and the law is powerless to protect them from these police abuses." But in these nervous times following the the crash of TWA Fight 800 and bombings at the Olympics, Oklahoma City and the World Trade Center, many Americans are now willing to trade some of their privacy and civil liberties for greater security. A poll last week by the Los Angeles Times found that a majority of people -- 58 percent -- said they would curtail some civil liberties if it would help thwart terrorism. Thirteen percent said it would depend on what rights were at stake. The poll didn't ask people to single out any rights. The Clinton administration has proposed increased wiretapping and other anti-terrorism steps, and is doling out research grants for cutting edge anti-crime technology that once may have been intended for only military use. Last year, the National Institute of Justice awarded $2.1 million to three companies to develop weapon detectors for airports, stores and public buildings. Two models are being developed of the Passive Millimeter Wave Imager, a creation of Hadley, Massachusetts-based Millimetrix Corp. The larger one, about the size of a shoebox, is mounted on a patrol car and pointed at the unsuspecting person. The gadget doesn't send out X-rays; instead, it picks up electromagnetic waves emitted by human flesh. Anything that stands in the way of those waves -- like a gun -- or anything that emits weaker waves -- like a bag of cocaine or a plastic explosive -- will show up on a little screen in the patrol car. Clothes emit no waves. Neither do walls, allowing the device to be used from even outside a room. A second model is a smaller, battery-operated version that an officer can operate by hand, like a radar gun. Millimetrix hopes to field test the larger model soon at a police agency. Hingson argues the device runs roughshod over bans against illegal searches and seizures. The law says police can stop and frisk a person only when an officer has a "reasonable suspicion" the person is armed or involved in a crime. Millimetrix points out that while the imager can see through clothing, it still leaves people some privacy. The device's display screen, the company says, "does not reveal intimate anatomical details of the person." Chip Walker, spokesman for the National Rifle Association, noted that devices like the imager threaten the legal rights of people in 31 states who are allowed to carry concealed weapons with proper licenses. "We certainly support efforts to disarm criminals, but we need to be careful that we're not painting with too broad a brush here," he said. Walker said that as troubling as terrorism is, people may be playing into terrorists' hands by giving up their privacy. "One of the broader issues is that if we start giving up certain civil liberties, that essentially means that the terrorists are starting to accomplish one of their goals," he said. Contact email address: acobley at mic.dundee.ac.uk --------------------- (From a TRW development program description) The Passive Millimeter Wave sensor detects thermal energy, which is radiated from objects and reflected from other objects such as the sky in the 94 Giga Hertz frequency band. The advantage of this frequency is that there is little attenuation of the energy by water particles in the air (fog). The camera operates very much like a television camera except that it operates at mm-wave frequencies (near 90 GHz) instead of in the visible spectrum. It has components analogous to a television camera: optics to focus the image, a readout device to convert the electromagnetic energy into electrical signals, signal processing electronics to prepare the signals for display, and display unit to view the scene. The optical system images the blackbody radiation emanating from the scene on the Focal Plane Array (FPA), which consists of an array of small antennas, each coupled to a very small MMIC W-band (90 GHz) direct-detection receiver. ---------------- >From a description of the National Law Enforcement & Corrections Technology Center/Northeast (NLECTC) at Rome Laboratory (more on that later). The Millimeter Wave Imaging Radar Consortium seeks development of a suitable technology and effective, affordable products for concealed weapon detection (CWD) and through-the-wall surveillance (TWS) application --- well-established objectives for both military operations other than war and civilian law enforcement agencies. Consortium members include Millimetrix Corp., South Deerfield, Mass.; Technology Service Corp., Trumbull, Conn.; and Riverside Research Institute of Lexington, Mass. They will contribute $2,035,087 to the research program, while the government's share will be $2,018,491. Military applications of the envisioned technology, in addition to operations other than war, would include use by military police and special forces personnel, all weather aircraft operation, shipboard and airborne missile warning, helicopter obstacle avoidance, battlefield surveillance, fire control, and missile seekers. Civilian law enforcement agencies would be able to use the technology in curtailing terrorist acts and juvenile handgun crimes that frequently involve the use of concealed weapons, bombs and other contraband that cannot be detected using currently available technology see --Steve From azur at netcom.com Mon Feb 3 15:56:33 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 15:56:33 -0800 (PST) Subject: Your tax dollars at work Message-ID: NIJ Opens Regional Technology Center in Rome: Representatives of the U.S. Department of Justice, state and local elected officials, and Air Force leaders officially opened the National Law Enforcement & Corrections Technology Center/Northeast (NLECTC) at Rome Laboratory. The Center will work with law en forcement and corrections organizations from 16 states --- stretching from Maine to Minnesota --- to determine operational requirem ents and identify, evaluate, develop, demonstrate and assess new or improved technology applications to meet those needs. The Center will also provide assessment of law enforcement products information, standards and testing. The Northeast NLECTC is co-located with Rome Laboratory within the Griffiss Business and Technology Park. Rome Laboratory is the Air Force's research and development laboratory responsible for command, control, communications, computer and intelligence technologies. The laboratory was selected as a regional technology center for the Justice Department's National Institute of Justice (NIJ) in December 1994. It joins four other regional centers across the country that use existing facilities and resources to support the NI J's Office of Science and Technology and law enforcement and corrections organizations. The Northeast NLECTC will support law enforcement and corrections activities in the following states: Maine, New Hampshire, Verm ont, Massachusetts, Connecticut, Rhode Island, New York, New Jersey, Delaware, Maryland, Pennsylvania, Ohio Michigan, Wisconsin, Io wa and Minnesota. It will facilitate technical interchange between prospective users and developers or technology through regional symposia, exhibitions and workshops. Participants range from the law enforcement and corrections community to the Department of De fense and the commercial sector. Each of the five regional centers has a specific technological focus, with the Northeast NLECTC capitalizing on Rome Laboratory' s more than 40 years of expertise developing technologies that provided the vital eyes, ears and voices for the nation's military. The Rome Laboratory Law Enforcement Team will be working with the Northeast NLECTC to convert a variety of defense technologies to the benefit of law enforcement and corrections. At the current time, efforts are directed at transferring technologies in the foll owing areas: *** Sensors: concealed weapon detection, Over-the-Horizon radar, wall penetration surveillance, and passive location, tracking and tagging. *** Information Technology: image processing, natural language processing, and identification using optical correlation. *** Intelligence Exploitation: speech processing, timeline analysis, automated firearm identification, and forensic sciences. *** Communications: applications of high-speed networks, multiband multifunction radios, and rapidly deployable communications. *** Command and Control: collaborative planning, visualization techniques, and Joint Automated Booking Station. Over the past four decades, researchers at Rome Laboratory have developed a vast array of technological tools for the military to e mploy in our national defense. Within the shared framework of command, control, communications and intelligence, many of those tech nologies apply to the domestic law enforcement mission as well. As one of NLECTC's regional law enforcement technology centers, Ro me Laboratory will continue to make substantial contributions to the war on crime by developing technologies that meet the increasi ng needs of law enforcement. Rome Laboratory Signs Law Enforcement Technology Agreement with City of Rome Representatives of Rome Laboratory and the City of Rome signed a Cooperative Research and Development Agreement (CRDA) to establ ish a formal working agreement for the purpose of testing and evaluating military technologies in a law enforcement setting. The C RDA signing was the first official action following a ribbon-cutting that opened the National Institute of Justice's Northeast Regi on National Law Enforcement & Corrections Technology Center at Rome Laboratory. Signing the agreement were Col. Ted. F. Bowlds, com mander of Rome Laboratory, and Rome Police Chief Merino J. Ciccone. During the five-year agreement, Rome Laboratory will supply a variety of technologies to the Rome Police Department. Police department officers and officials will then test, evaluate and report back to Rome Laboratory regarding the effectiveness of the test technologies. Some of the technical tasks to be performed under t he CRDA are enhancing the computing capability of the Rome Police Department, including improved access to law enforcement data bas es and access to the World Wide Web/Internet, as well as synchronization of 911 Emergency System, computer and alarm time clocks. Rome Police Department personnel will also gain access to advanced technologies such as the "sniffer alcohol detection flashlight," night-vision goggles and hand-held digital assistants. German Magazine interested in Rome Laboratory's Law Enforcement Efforts Dr. Frank Ochmann, a science editor for Germany's Stern Magazine, visited Rome Laboratory to interview engineers and managers involved in law enforcement technology. The interview was requested in light of the April issue of the FBI Law Enforcement Bulletin, which carried an eight-page article covering a wide variety of C3I technologies developed by the Laboratory. Rome Laboratory Awards Funding to Research Consortia for Dual-Use Military and Law Enforcement Applications ROME, N.Y., June 25, 1996 --- Rome Laboratory has awarded funding totaling more than $5 million to three research consortia. Combined with investment by the consortia partners, the total amount of research will approach $17 million. Rome Laboratory will serve as the agent for the Defense Advanced Research Projects Agency (DARPA) in managing the three research programs that were instituted under DARPA's Technology Reinvestment Project. The goal of all three programs is to develop new technologies with applications to both the military and commercial markets. The Quick Reaction Spoken Language Translator (QRSLT) Consortium seeks to develop a product prototype of a hand-held or body-mounted QRSLT that would allow military personnel in a hostile environment or civilian law enforcement personnel in an emergency situation to communicate with a non-English speaking individual using an easily portable, automatic translation device. The government is contributing $2,374,821 to the program, with consortium members sharing a cost of $3,632,852. Consortium members include Language Systems Inc., Woodland, Calif.; Entropic Research Laboratories Inc., Menlo Park, Calif.; and Eloquent Technology Inc. of Ithaca, N.Y. Language Systems Incorporated, developed the initial spoken language translation prototype under the direction and funding of Rome Laboratory, in support of military requirements. The QRSLT will accept spoken English input from a military or law enforcement user, translate the input into Spanish or Arabic, and generate the computer-spoken translation. The translator will also accept spoken Spanish and Arabic inputs and translate them into spoken English output. This will be an innovative advance over currently available "speaking translators," which produce speech based on typed inputs, which cannot accept spoken input, and which are not customized for military or law enforcement operations. The Millimeter Wave Imaging Radar Consortium seeks development of a suitable technology and effective, affordable products for concealed weapon detection (CWD) and through-the-wall surveillance (TWS) application --- well-established objectives for both military operations other than war and civilian law enforcement agencies. Consortium members include Millimetrix Corp., South Deerfield, Mass.; Technology Service Corp., Trumbull, Conn.; and Riverside Research Institute of Lexington, Mass. They will contribute $2,035,087 to the research program, while the government's share will be $2,018,491. Military applications of the envisioned technology, in addition to operations other than war, would include use by military police and special forces personnel, all weather aircraft operation, shipboard and airborne missile warning, helicopter obstacle avoidance, battlefield surveillance, fire control, and missile seekers. Civilian law enforcement agencies would be able to use the technology in curtailing terrorist acts and juvenile handgun crimes that frequently involve the use of concealed weapons, bombs and other contraband that cannot be detected using currently available technology. The Speaker Identification for Law Enforcement Consortium will be funded with $3.2 million, evenly divided between the government and consortium members T-NETIX Inc. of Englewood, Colo., and Dictaphone of Stratford, Conn. The goal of the consortium is to transfer previously developed speaker identification technology into commercial and military applications. With specific emphasis on minimal size, weight, power and cost, the technology is envisioned to have widespread civilian law enforcement surveillance applications. see From jmr at shopmiami.com Mon Feb 3 15:56:54 1997 From: jmr at shopmiami.com (Jim Ray) Date: Mon, 3 Feb 1997 15:56:54 -0800 (PST) Subject: "Secret" Postal Device -- Update. Message-ID: <199702032356.PAA06506@toad.com> It seems as though it's a keyring(!) with one (some?) of the/those key(s) they use to unlock all the mailboxes for apartment houses. I guess it's a keyring too big for a pocket, but I don't know. Herald reporter revealed this today, but didn't want to. I guessed right, and he ended up admitting it after I informed him of how I know various Herald reporters and sorta social engineered him into saying too much by keeping him talking. :-) My mail has been acting up all weekend due to something unknown happening at Sprint. JMR -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEPAwUBMvZg9TUhsGSn1j2pAQFSNQfPTQ5WVwEu5AoNGoAY/jguoMIMdmOBtp0i fB6ralJD29b0VJ0ci8Z7l/vDoqhwMCT+nbP0Upp8xFDP391hbg4I2/H3KcDUxEen YRzB61k64UOuEVVQoeLJDq8/yyutZHLc599J93lTC6nmPqaogUzdYEjcyMnLuW/D j91pXvst+4IddZ7Aavnucu5AdwN84AitWc5/1sCBUpNlE6StcDtMtndkDnZT3f5H SZezlFpBB0UcRPirehSjaeSbWkgFeiLBIVLfLfFfJ+Fn1zHAeJ20L5fw7M7dAwp6 DruKucQ0jaIGpfeZJnPkwqYyKAmD63e+fFprw2/LaGQgxw== =pcrs -----END PGP SIGNATURE----- Regards, Jim Ray DNRC Minister of Encryption Advocacy One of the "legitimate concerns of law enforcement" seems to be that I was born innocent until proven guilty and not the other way around. -- me http://shopmiami.com/prs/jimray/ PGP id.A7D63DA9 98 1F 39 BA 93 86 B4 F5 57 52 64 0E DA BA 2C 71 From roach_s at alph.swosu.edu Mon Feb 3 15:58:36 1997 From: roach_s at alph.swosu.edu (Sean Roach) Date: Mon, 3 Feb 1997 15:58:36 -0800 (PST) Subject: concerning Ben Franklin Message-ID: <199702032358.PAA06548@toad.com> I was reading one of the posts in the thread reguarding sone stolen object in Miami, the one reffering to the locks of the boxes, and it got me thinking. Ben Franklin was a revolutionary, scientist, inventor, publisher, statesman, and bookburner (according to F451). Perhaps he should be considered to be a cypherpunk, not that he necessarily knew anything about crypto, but because he was interested in many of the same ideals. It is my belief that were he alive today, he would be on this list. If the work of fiction referred to above, and in another recent post, is accurate in its reference to Franklin, then he would seem to have had the same solution to net pollution, burn it. Rather than considering Ben Franklin the first fireman, I would like to think of him as an early breed of cypherpunk. By this I consider cypherpunk to be interested in the subject, and its outcome, and a cryptographer to be just one faction of cypherpunk. Merely my opinion. Does anyone know whether or not Mr. Franklin may have played with code as well? All of my sources were assimilated into my understanding of the man several years ago, and at the time crypto was less in the public eye than it is now. From nobody at zifi.genetics.utah.edu Mon Feb 3 15:59:03 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 15:59:03 -0800 (PST) Subject: Race and IQ Message-ID: <199702032359.QAA11023@zifi.genetics.utah.edu> Dense Vinegar had his foreskin ripped off last night by a vacuum cleaner. ^-^-^-@@-^-^-^ (..) Dense Vinegar From roach_s at alph.swosu.edu Mon Feb 3 16:15:51 1997 From: roach_s at alph.swosu.edu (Sean Roach) Date: Mon, 3 Feb 1997 16:15:51 -0800 (PST) Subject: VOICE STRESS ANALYSIS Message-ID: <199702040015.QAA06962@toad.com> At 08:25 PM 2/2/97 -0800, jim bell wrote: >Awhile back we were discussing voice-stress analysis; just got this item on >the subject; he said it's okay to post it. > > > >>From: Spectre334 at aol.com >>Date: Sun, 2 Feb 1997 09:31:17 -0500 (EST) >>To: jimbell at pacifier.com >>cc: BLAMES2778 at aol.com, AFSCA at aol.com, JLeek426 at aol.com >>Subject: VOICE STRESS ANALYSIS >> >>MR. BELL: >> >>I FOUND YOUR QUERY ABOUT VOICE STRESS ANALYSIS ON THE INTERNET, AND I TOO, >>HAVE FOUND A DEARTH OF INFORMATION THERE - UNTIL NOW. >> >>I'M PLEASED TO REPORT THAT VOICE STRESS ANALYSIS (VSA) IS ALIVE AND WELL. IT >>HAS BEEN QUIETLY PERFORMING IN THE SHADOW OF THE POLYGRAPH FOR MANY YEARS. >> NOW, HOWEVER, IT IS COMING INTO ITS AND IS USED IN MANY STATES TO AID IN >>CRIMINAL INVESTIGATIONS AND OTHER APPLICATIONS. >> ... >>THE DIOGENES GROUP, INC., OF WHICH I AM PRESIDENT, HAS DEVELOPED A TOTALLY >>DIGITAL APPROACH TO VSA, AND BEGAN DELIVERING SYSTEMS TO LAW ENFORCEMENT >>AGENCIES IN DECEMBER, 1996. THE PREMIER DIOGENES VSA PRODUCT IS REDUCED TO >>THE SIZE OF A NOTEBOOK COMPUTER, BUT PRODUCES REALTIME PROCESSING FOR >>SOFTCOPY DISPLAY, AND HARDCOPY PRINTING WITHIN SECONDS. >> >>YOU MAY BE FAMILIAR WITH THE PREVIOUS STATE-OF-THE-ART, WHICH WAS A >>RELATIVELY LARGE ANALOG MACHINE, USING A SINGLE CHANNEL AND PRINTING OUT THAT >>DATA ON A ROLL OF THERMAL PAPER. THOSE DAYS ARE GONE FOREVER. >> >>IF YOU WOULD LIKE MORE INFORMATION ON THE DIOGENES GROUP AND ITS PRODUCTS, >>PLEASE USE THIS CHANNEL TO SEND ME YOUR MAILING ADDRESS, PHONE NUMBER, AND >>FAX NUMBER. >> >>THANKS FOR YOUR INTEREST IN VOICE STRESS ANALYSIS. ... Check the Readers Guide for the last couple of years. I don't have my Popular Electronics collection handy, but not too long ago they put out the plans to a smaller unit based around some Cell Phone part. It operated on a single frequency as opposed to a varient modulation of the voice. This allowed the unit to be much smaller and simpler, sacrificing some of the accuracy for a reasonable price (PC board, parts and case available for, I think, less than $100). The whole unit fit in a case about the size of a transistor radio and used a couple of bar graph displays (LED) for output. The whole operating theory is regulary printed with the schematics, and a parts list and foil diagrams are included for those who want to make the project from scratch. While your at it, look up the subliminal mixer from about 1992, I made one of these and only prevented from using it by the lack of a decent power supply. The single frequency mentioned above is further explained in the text. The local library can get a copy of either of these issues, or any others that catch your interest, for you if you ask really nicely. From PADGETT at hobbes.orl.mmc.com Mon Feb 3 16:27:44 1997 From: PADGETT at hobbes.orl.mmc.com (A. Padgett Peterson P.E. Information Security) Date: Mon, 3 Feb 1997 16:27:44 -0800 (PST) Subject: RC5-12/32/5 contest solved Message-ID: <970203192628.2021835b@hobbes.orl.mmc.com> >I received a nice flyer in the mail the other day from "Chip Express" >(www.chipexpress.com, 800-95-CHIPX). They are offering Laser >Programmed Gate Arrays. It appears to be a reasonable way to get some >Wiener chips built. As I recall, the Wiener design required about >23,000 gates. Their blurb had the following table in in: > FPGA Gates ASIC Gates 500 Units 1000 Units 5000 Units > 40,000 20,000 $77 $45 $10 > Not Avail 200,000 $176 $150 $82 First I can buy a 486DX-66 (with fan) for $37, but to make it into a PC takes just a wee bit more. Second, there is a world of difference in speed between a Field Programmable Gate Array and an Application Specific Integrated Circuit. The second is much faster (have heard of up to 200 Mhz) but doubt that you can get there with a laser (probably where the 50 Mhz figure comes from). I suspect you will need to have a mask made first - that is where the real money goes. However lets consider that you are really lucky and the first mask works and you get 100% yield (good chips). Next you need a backplane with an input mechanism to prime each of those chips with the text to break (will assume you have built in the initialization sequences for each chip). Then you need a path to provide the KPT to the XOR at the output, powersupply, RF shielding, and a few other minor items (can probably use a PC for a front end). Then, you need a way to report success but that is trivial. Finally, you need to hope that none of those 5000 chips experiences infant mortality or that you have some scheme to detect if that happens and to which chip (was there BITE in the design ?). Personally, would design the 5,000 to provide possible answers (say 2^32) as an initial step and then push that into a single MasPar or similar. Might find out some interesting things that way while reducing the overall complexity. Just some food for thought. Warmly, Padgett ps couple of people last year were working with FPGAs, I corresponded with them briefly. Why not ask them how my "guesstimates" correlated with their experiments... From weidai at eskimo.com Mon Feb 3 17:01:39 1997 From: weidai at eskimo.com (Wei Dai) Date: Mon, 3 Feb 1997 17:01:39 -0800 (PST) Subject: what's in a name? Message-ID: I've stayed out of the debate about list moderation so far, but a recent post from tmcghan at gill-simpson.com reminds me of something I've been thinking about. An interesting way to look at what happened is that John Gilmore owns the name "cypherpunks at toad.com" and has chosen to exercise that ownership. Even though those of us who disagree with the way he has done so are free to leave and set up our own mailing list, it is costly to do so, and the problem of central name ownership remains. List subscribers have made investments that are specific to the name "cypherpunks at toad.com", and most of the cost of switching to a new list is in the new investments they would have to (re)make. The fact is that a promise of no censorship is not enough incentive for us to do so. I suspect that the hierarchical nature of name ownership on the Internet today will be an important technological barrier for the establishment of truly anarchic virtual communities. Unless this problem is solved, the closest we'll come is pseudo-anarchies that exist with the tolerance of beneficent dictators. Wei Dai From aba at dcs.ex.ac.uk Mon Feb 3 17:10:25 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Mon, 3 Feb 1997 17:10:25 -0800 (PST) Subject: Dissolving Choke Points In-Reply-To: <199702032011.MAA01075@toad.com> Message-ID: <199702040045.AAA00292@server.test.net> Peter Hendrickson writes: > There are lessons to be learned here. One is that censorship does > not promote a stimulating and creative dialogue. The cypherpunks list > right now is about as interesting as hanging out by the 7-11. Censorship adds a social hierarchy, and this is inevitably resented. A similar problem existed with ICS (Internet Chess Servers), they include a MUD like facility where users can discuss chess. For misc reasons certain behaviour was frowned on, and a system of control was added to the software where certain users where given moderator status, and could kick others off. The fact that some of the moderators were particularly poor players helped to annoy others who though outspoken, where good chess players, and led to the particularly long thread in alt.chess (or whatever group it was) titled `guppies rule the goldfish bowl' or something. (A `fish' is a newbie chess player, a guppie being a small fish,...) Interesting repetition of the social phenomena of resentment of power in electronic forums (however well intentioned, and for whatever perceived social good). > Another lesson is the danger of choke points. We can see how > tempting it is for people to exercise their control. Even John Gilmore > was unable to restrain himself from involuntary social engineering > experiments. Who would we have considered to be more trustworthy? Quite. For a pedigree of championing free speech, and unpaid efforts to further freedom, he was high up on the list. I'd feel happier if he was joining in with these discussions, rather than getting interested to the extent to set up moderation, even though not participating in the discussions. > [distributed list homing ideas] sounds good. But what about USENET groups? They're distributed, what feature of your proposed solution is superior to using USENET groups distribution mechanisms in your opinion? Several times in the past, a USENET newsgroup alt.cypherpunks was suggested. Some people were against it because they felt that it would attract more noisy posters. Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As an aside, it is ironic that John Gilmore was the guy who started the alt.* USENET hierarchy, specifically to facilitate freedom of speech). > P.S. I like and respect John and Sandy and I've learned a lot from > both of them. While basically well-intentioned, they just made a > mistake in this instance. Agree. Also, the quicker they acknowledge their actions as mistakes, and correct the results, the less their reputations will suffer. Perhaps at the end of the trial moderation experiment would be a good time to change position without loosing face. (If acknowledging mistakes bothers them). Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 Message-ID: <199702032348.XAA00259@server.test.net> Lucky Green writes: > I believe that Cypherpunks is beyond hope of recovery. In fact, each day > Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the > cause. Let's kill the list. Once and for all. Let the hard core crypto go > to Coderpunks, the politics to Cryptography, and the garbage into the void. What about the leaks? (rc4.c, Mykotronics dumpster contents, etc) Where do they go? You expect Perry to stick his neck out and approve them? (Perry Metzger is the moderator of cryptography at c2.net, started recently as a moderated version of cypherpunks for those who don't know what the `cryptography' list is). The existance of cryptography argues against the need for `cypherpunks' to be moderated. Why two competing moderated lists? Secondly the status of garbage is in the eye of the beholder. There are a few posts which are probably considered garbage by near everyone, but lots of other stuff which really just depends on what the reader is interested in. The problem with censorship or moderation is that it waters down the absolutism of free speech. Free speech in electronic media, with cypherpunks type I, and type II remailers, is the closest thing to truly free speech yet. A lot of people seem to regard Jim Bell's assasination politics as suitable material for censoring. Yet it is pretty crypto relevant. Sandy's job is pretty hard to do. For instance I recently posted this, which ended up in cpunks-flames, due to being in a thread which contained a mild flame 2 messages back: : Diffie-Hellman key generation, there are two main ways of generating : the diffie-hellman prime modulus, method 1: : : p = 2q+1 : : where q is a prime also. : : And method 2: : : p = r.2q+1 : : where q is a prime and r is a randomly generated number. : : With method 1, the security parameter is the size of p in bits (or : size of q, as they are related). : : With method 2, there are two security parameters, size of q and size : of p in bits. : : Method 2 has the advantage that key generation is faster as it is : quicker to generate new random numbers r, than to repeatedly generate : trial prime q as you have to do in method 1. However is the security : weaker in method 2? What size of p and q do you have to use to get : the same security as for same size of p in bits as in method 1? What : should be the relationship between the size of p and q? (I freely admit to injecting additional crypto relevance just for the fun of seeing it be filtered cpunks-flames -- though I was interested in discussion also). > I am well aware of the name recognition and reputation capital associated > with CP, still I believe it best to *kill the list*. I'd prefer to see various filtering services offered, and the list retained. My main objection with the moderation experiment is that the main list was renamed. Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 Message-ID: <199702040027.AAA00276@server.test.net> writes: > in a message allegedly from: "Timothy C. May" > > > I would have had no problem had John announced that he was creating > > a new list, the "Good Stuff" list, with Sandy has his Chooser of > > Good Stuff. > > > But by making the _main list_ the censored one, this skewed things > > considerably. > > > But the clear message by having Sandy censor the > > main list (the default list, the list name with the main name, the > > list we all know about, etc.) > > Now that the horse is out of the barn, ( or maybe not? ), I can't help > but ask whether one specific 'change to the change' would have > satisfied most of your objections: retaining 'cypherpunks' as the > name of the unedited, all-the-crud-you-can-read-and-then-some, > version, and adding an 'cp-worthwhile' list for those of us who prefer > not to wade thru mountains of garbage to glean a few precious tidbits. That was the objectionable part of the moderation experiment to me. > What's in a name? Is perception more important ( to you ) than > reality? If just swapping names between cp and cp-unedited would make > such a large difference, I humbly suggest to you that you consider how > much labels need to matter. Is the title of the group more important > the the content? From where I sit, this looks a lot like a > style-over-substance complaint. There is a lot in a name. The name `Cypherpunks' has, or had a reputation. Tricks like censoring the list are not helping that reputation. This wording indicates that the other two lists are to satisfy purists: (relevant output from sending message with body `lists' to majordomo at toad.com) : cypherpunks (THE MAIN LIST) Fermenting ideas on crypto and society : cypherpunks-flames (FLAMES DELETED BY MODERATOR) Ideas on crypto and society : cypherpunks-unedited (THE UN-MODERATED LIST) Ideas on crypto and society The naming convention indicates that cypherpunks is the main list, as does the ordering (moderated first). The text in the sign up message: (extracts from output from sending message with body `info cypherpunks' to majordomo at toad.com) : cypherpunks moderated to suppress spam and flames : cypherpunks-unedited all submissions, just as they arrived : cypherpunks-flames the submissions that didn't pass moderation Also I note in passing that if I recall correctly this section used to give Hugh Daniel's email address. Seems John is managing majordomo himself now? Is Hugh's no longer being list manager related to the moderation decision? : For other questions, my list management address is not the best place, : since I don't read it every day. To reach me otherwise, send mail to : : gnu at toad.com > It may also be worth noting that the current 'status quo' is a > transient experiment, with a fairly short time limit. When JG, > Sandy, et al. evaluate the results with an eye to future > direction(s), they may well consider an 'inverted default' for the two > list names (i.e.: cp / cp-unedited) It would be nice also if JG, Sandy et al, took some notice of the list opinions next time. It really would have been better to create a _new_ moderated list, rather than take over the existing list address, and subscribers. Maybe those who initiated the moderation experiment thought they wouldn't get many people moving over to the moderated list if they had to go to that effort. Another alternative would have been to discontinue `cypherpunks' and start `cypherpunks-edited' and `cypherpunks-unedited' forcing people to choose. I wouldn't have liked that either, but it would have been a better experiment. (Likely that would have lost many altogether, who simply wouldn't have bothered to resubscribe at all). Several times in the past, a USENET newsgroup alt.cypherpunks was suggested. Some people were against it because they felt that it would attract more noisy posters. Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As an aside, it is ironic that John Gilmore was the guy who started the alt.* USENET hierarchy, specifically to facilitate freedom of speech). Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 --- begin forwarded text Date: Mon, 3 Feb 1997 19:25:51 -0500 (EST) To: Multiple Recipients of e$pam From: e$pam at intertrader.com (e$pam) Reply-To: e$@thumper.vmeng.com X-Comment: To unsubscribe, send any email to e$pam-off at intertrader.com Precedence: Bulk Subject: Embarrass a Marylander, Go to Jail X-orig-from: Randy Cassingham X-e$pam-source: Various Forwarded by Robert Hettinga ----------------------------------------------------------------------- Date: Mon, 3 Feb 1997 14:37:56 -0700 (MST) From: Randy Cassingham Subject: Embarrass a Marylander, Go to Jail To: listmom-talk at skyweyr.com Mime-Version: 1.0 Precedence: Bulk Reply-To: listmom-talk at skyweyr.com Passed on without comment. / Randy Cassingham * Author, "This is True" * arcie at netcom.com \ | For info on What I Do, send a blank e-mail to TrueInfo at freecom.com | \ or check out * I promise you'll like it / + FIGHT SPAM! Send a blank e-mail to nospam at mailback.com for help! + ---------- Forwarded message ---------- Excerpted from... ============================================================= AOP Bulletin Friday, February 3, 1997 Volume 97:05 ============================================================= The following is information distributed to members of the Association of Online Professionals and others involved in the online communications industry. Contacts and other information about AOP may be found at http://www.aop.org. ***************************************************** Maryland Recycles Law On "Annoying" E-Mail ***************************************************** A Maryland bill that would make it illegal to send "annoying" or "embarrassing" e-mail was introduced this week by Democratic General Assembly member Samuel Rosenberg. The bill got little support when it was introduced last year, but Rosenberg hopes to play off of recent murders involving electronic mail to see the bill passed. Civil liberties groups argue that the law would be unconstitutional, and that the terms "annoy" and "embarrass" are too vague to be meaningful. If passed, House Bill 778 would amend the state's criminal harassment law to prohibit the use of email to annoy, abuse, torment, harass, or embarrass other people, with violators receiving a fine up to $500 and three years in jail. A similar bill introduced last year is quietly progressing through New York's state legislature. Senate Bill 1414, introduced by Democratic State Senator Ray Goodman, could be voted on in the House early this year. Full text of the Maryland bill can be found at http://mlis.state.md.us/1997rs/billfile/HB0778.htm. -------------------------------------------------- The e$ lists are brought to you by: Intertrader Ltd - Java e$ Software Developers in the UK Visit for details ... Where people, networks and money come together: Consult Hyperion http://www.hyperion.co.uk info at hyperion.co.uk Like e$pam? Help pay for it! See Or, for e$pam sponsorship, see Thanks to the e$ e$lves: Of Counsel: Vinnie Moscaritolo (Majordomo)^2: Rachel Willmer Commermeister: Anthony Templer Interturge: Rodney Thayer HTMLurgist: Cynthia Zwerling --- end forwarded text ----------------- Robert Hettinga (rah at shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "Never attribute to conspiracy what can be explained by stupidity." -- Jerry Pournelle The e$ Home Page: http://www.shipwright.com/rah/ FC97: Anguilla, anyone? http://www.ai/fc97/ From sandfort at crl.com Mon Feb 3 17:26:04 1997 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 3 Feb 1997 17:26:04 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Mon, 3 Feb 1997, Scott V. McGuire wrote: > Sandy, you said that you thought the list had improved since you began > moderating. How could you think otherwise? When you send an article to > the flames list its because you think the list would have been worse > otherwise. If I wasn't clear, I'm sorry. I think the quality of content and the degree of civility have improved. My extreme example was the increase in polite, on-topic posts from Dimitri, but are others. That's the sort of improvement to which I was referring. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From svmcguir at syr.edu Mon Feb 3 17:26:06 1997 From: svmcguir at syr.edu (Scott V. McGuire) Date: Mon, 3 Feb 1997 17:26:06 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702040126.RAA08926@toad.com> -----BEGIN PGP SIGNED MESSAGE----- I've been quiet about the moderation experiment (and I never posted frequently anyway) but something Sandy wrote requires comment. In responding to Tim, Sandy points to the number of people on the censored list as evidence of the acceptance of the filtering. I am included in that group and object to my silence being interpreted as support. As Tim has pointed out, the bulk of the 2000 or so people who have remained on the filtered list have never been active participants on the list. As we have never heard from them, we don't even know that they were bothered by the flames and noise of the pre-filtered list. And, even if we did know, I don't think that there opinions should count as much as those of the more active participants to the list. A subscription to the list does not make one a member of the Cypherpunks "community". It is the opinion of the members of the community and not the observers of it which should matter. (Even within the community, some people are more a part of it than others, and nobody is more a part of it then Tim.) As for the rest of us on the filtered list who are active (or occasionally active) participants, our remaining on the list still can not be taken as support for censorship. Moderation of the list was announced as a one month experiment. I didn't change my subscription from the filtered to the unfiltered list because I expected this to end in a month and I was willing to participate in the experiment. You can't ask someone to try something for a month to see if they like it and call there use of it in that month evidence that they like it. As long as I am writing, I may as well write the rest of my thoughts. While there was a period between the announcement of moderation and the start of it during which people could (and did) comment on the change, the announcement was clear that there would be moderation. It was indeed a fait accompli. The moderated list should have been offered but not imposed. Then the experiment would have determined how many people thought the list was so bad that they would seek moderation, rather than determining how many thought moderation was so bad that they would seek to avoid it. Sandy, you said that you thought the list had improved since you began moderating. How could you think otherwise? When you send an article to the flames list its because you think the list would have been worse otherwise. I don't think the moderators opinion should be considered in determining if moderation is a good thing. I think there is a conflict of interest there. - -------------------- Scott V. McGuire PGP key available at http://web.syr.edu/~svmcguir Key fingerprint = 86 B1 10 3F 4E 48 75 0E 96 9B 1E 52 8B B1 26 05 -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBMvZ3lN7xoXfnt4lpAQGjbgQAs9qqrOZCgHeT19yh6LOS8rsXVAglssVI 2VLCiKb/X0Ny1+p3kzTiit42uykv5IhoCn+GdJF0X08zW02ymRf6JIv2sLksW2ln E+SZuUoLFk18emLIJMEVGNPW7cJEl7/a75IdETrU14RcdBN8F86bm5VK36kyNMIY kPfB825uWxU= =N3va -----END PGP SIGNATURE----- From azur at netcom.com Mon Feb 3 17:26:11 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 17:26:11 -0800 (PST) Subject: New X-Ray Imager Message-ID: <199702040126.RAA08938@toad.com> New X-ray gun trades privacy for safety Reported by Andy C Seen in The Nando Times on 13 August 1996 ---------------------------------------------------------------------------- The Passive Millimeter Wave Imager can X-ray through clothing to "see" a concealed weapon, plastic explosives or drugs. A police officer can surreptitiously aim it into a crowd from as far away as 90 feet. The new X-ray gun is becoming a symbol for an unlikely alliance of civil libertarians and gun owners who fear the fight against crime and terrorism may be waged at the expense of personal freedoms. "I'm incredibly concerned," said John Henry Hingson, a past president of the National Association of Criminal Defense Lawyers, meeting here this past week. "The entire nation could become a victim of illegal searches and seizures and the law is powerless to protect them from these police abuses." But in these nervous times following the the crash of TWA Fight 800 and bombings at the Olympics, Oklahoma City and the World Trade Center, many Americans are now willing to trade some of their privacy and civil liberties for greater security. A poll last week by the Los Angeles Times found that a majority of people -- 58 percent -- said they would curtail some civil liberties if it would help thwart terrorism. Thirteen percent said it would depend on what rights were at stake. The poll didn't ask people to single out any rights. The Clinton administration has proposed increased wiretapping and other anti-terrorism steps, and is doling out research grants for cutting edge anti-crime technology that once may have been intended for only military use. Last year, the National Institute of Justice awarded $2.1 million to three companies to develop weapon detectors for airports, stores and public buildings. Two models are being developed of the Passive Millimeter Wave Imager, a creation of Hadley, Massachusetts-based Millimetrix Corp. The larger one, about the size of a shoebox, is mounted on a patrol car and pointed at the unsuspecting person. The gadget doesn't send out X-rays; instead, it picks up electromagnetic waves emitted by human flesh. Anything that stands in the way of those waves -- like a gun -- or anything that emits weaker waves -- like a bag of cocaine or a plastic explosive -- will show up on a little screen in the patrol car. Clothes emit no waves. Neither do walls, allowing the device to be used from even outside a room. A second model is a smaller, battery-operated version that an officer can operate by hand, like a radar gun. Millimetrix hopes to field test the larger model soon at a police agency. Hingson argues the device runs roughshod over bans against illegal searches and seizures. The law says police can stop and frisk a person only when an officer has a "reasonable suspicion" the person is armed or involved in a crime. Millimetrix points out that while the imager can see through clothing, it still leaves people some privacy. The device's display screen, the company says, "does not reveal intimate anatomical details of the person." Chip Walker, spokesman for the National Rifle Association, noted that devices like the imager threaten the legal rights of people in 31 states who are allowed to carry concealed weapons with proper licenses. "We certainly support efforts to disarm criminals, but we need to be careful that we're not painting with too broad a brush here," he said. Walker said that as troubling as terrorism is, people may be playing into terrorists' hands by giving up their privacy. "One of the broader issues is that if we start giving up certain civil liberties, that essentially means that the terrorists are starting to accomplish one of their goals," he said. Contact email address: acobley at mic.dundee.ac.uk --------------------- (From a TRW development program description) The Passive Millimeter Wave sensor detects thermal energy, which is radiated from objects and reflected from other objects such as the sky in the 94 Giga Hertz frequency band. The advantage of this frequency is that there is little attenuation of the energy by water particles in the air (fog). The camera operates very much like a television camera except that it operates at mm-wave frequencies (near 90 GHz) instead of in the visible spectrum. It has components analogous to a television camera: optics to focus the image, a readout device to convert the electromagnetic energy into electrical signals, signal processing electronics to prepare the signals for display, and display unit to view the scene. The optical system images the blackbody radiation emanating from the scene on the Focal Plane Array (FPA), which consists of an array of small antennas, each coupled to a very small MMIC W-band (90 GHz) direct-detection receiver. ---------------- >From a description of the National Law Enforcement & Corrections Technology Center/Northeast (NLECTC) at Rome Laboratory (more on that later). The Millimeter Wave Imaging Radar Consortium seeks development of a suitable technology and effective, affordable products for concealed weapon detection (CWD) and through-the-wall surveillance (TWS) application --- well-established objectives for both military operations other than war and civilian law enforcement agencies. Consortium members include Millimetrix Corp., South Deerfield, Mass.; Technology Service Corp., Trumbull, Conn.; and Riverside Research Institute of Lexington, Mass. They will contribute $2,035,087 to the research program, while the government's share will be $2,018,491. Military applications of the envisioned technology, in addition to operations other than war, would include use by military police and special forces personnel, all weather aircraft operation, shipboard and airborne missile warning, helicopter obstacle avoidance, battlefield surveillance, fire control, and missile seekers. Civilian law enforcement agencies would be able to use the technology in curtailing terrorist acts and juvenile handgun crimes that frequently involve the use of concealed weapons, bombs and other contraband that cannot be detected using currently available technology see --Steve From azur at netcom.com Mon Feb 3 17:26:16 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 17:26:16 -0800 (PST) Subject: Your tax dollars at work Message-ID: <199702040126.RAA08939@toad.com> NIJ Opens Regional Technology Center in Rome: Representatives of the U.S. Department of Justice, state and local elected officials, and Air Force leaders officially opened the National Law Enforcement & Corrections Technology Center/Northeast (NLECTC) at Rome Laboratory. The Center will work with law en forcement and corrections organizations from 16 states --- stretching from Maine to Minnesota --- to determine operational requirem ents and identify, evaluate, develop, demonstrate and assess new or improved technology applications to meet those needs. The Center will also provide assessment of law enforcement products information, standards and testing. The Northeast NLECTC is co-located with Rome Laboratory within the Griffiss Business and Technology Park. Rome Laboratory is the Air Force's research and development laboratory responsible for command, control, communications, computer and intelligence technologies. The laboratory was selected as a regional technology center for the Justice Department's National Institute of Justice (NIJ) in December 1994. It joins four other regional centers across the country that use existing facilities and resources to support the NI J's Office of Science and Technology and law enforcement and corrections organizations. The Northeast NLECTC will support law enforcement and corrections activities in the following states: Maine, New Hampshire, Verm ont, Massachusetts, Connecticut, Rhode Island, New York, New Jersey, Delaware, Maryland, Pennsylvania, Ohio Michigan, Wisconsin, Io wa and Minnesota. It will facilitate technical interchange between prospective users and developers or technology through regional symposia, exhibitions and workshops. Participants range from the law enforcement and corrections community to the Department of De fense and the commercial sector. Each of the five regional centers has a specific technological focus, with the Northeast NLECTC capitalizing on Rome Laboratory' s more than 40 years of expertise developing technologies that provided the vital eyes, ears and voices for the nation's military. The Rome Laboratory Law Enforcement Team will be working with the Northeast NLECTC to convert a variety of defense technologies to the benefit of law enforcement and corrections. At the current time, efforts are directed at transferring technologies in the foll owing areas: *** Sensors: concealed weapon detection, Over-the-Horizon radar, wall penetration surveillance, and passive location, tracking and tagging. *** Information Technology: image processing, natural language processing, and identification using optical correlation. *** Intelligence Exploitation: speech processing, timeline analysis, automated firearm identification, and forensic sciences. *** Communications: applications of high-speed networks, multiband multifunction radios, and rapidly deployable communications. *** Command and Control: collaborative planning, visualization techniques, and Joint Automated Booking Station. Over the past four decades, researchers at Rome Laboratory have developed a vast array of technological tools for the military to e mploy in our national defense. Within the shared framework of command, control, communications and intelligence, many of those tech nologies apply to the domestic law enforcement mission as well. As one of NLECTC's regional law enforcement technology centers, Ro me Laboratory will continue to make substantial contributions to the war on crime by developing technologies that meet the increasi ng needs of law enforcement. Rome Laboratory Signs Law Enforcement Technology Agreement with City of Rome Representatives of Rome Laboratory and the City of Rome signed a Cooperative Research and Development Agreement (CRDA) to establ ish a formal working agreement for the purpose of testing and evaluating military technologies in a law enforcement setting. The C RDA signing was the first official action following a ribbon-cutting that opened the National Institute of Justice's Northeast Regi on National Law Enforcement & Corrections Technology Center at Rome Laboratory. Signing the agreement were Col. Ted. F. Bowlds, com mander of Rome Laboratory, and Rome Police Chief Merino J. Ciccone. During the five-year agreement, Rome Laboratory will supply a variety of technologies to the Rome Police Department. Police department officers and officials will then test, evaluate and report back to Rome Laboratory regarding the effectiveness of the test technologies. Some of the technical tasks to be performed under t he CRDA are enhancing the computing capability of the Rome Police Department, including improved access to law enforcement data bas es and access to the World Wide Web/Internet, as well as synchronization of 911 Emergency System, computer and alarm time clocks. Rome Police Department personnel will also gain access to advanced technologies such as the "sniffer alcohol detection flashlight," night-vision goggles and hand-held digital assistants. German Magazine interested in Rome Laboratory's Law Enforcement Efforts Dr. Frank Ochmann, a science editor for Germany's Stern Magazine, visited Rome Laboratory to interview engineers and managers involved in law enforcement technology. The interview was requested in light of the April issue of the FBI Law Enforcement Bulletin, which carried an eight-page article covering a wide variety of C3I technologies developed by the Laboratory. Rome Laboratory Awards Funding to Research Consortia for Dual-Use Military and Law Enforcement Applications ROME, N.Y., June 25, 1996 --- Rome Laboratory has awarded funding totaling more than $5 million to three research consortia. Combined with investment by the consortia partners, the total amount of research will approach $17 million. Rome Laboratory will serve as the agent for the Defense Advanced Research Projects Agency (DARPA) in managing the three research programs that were instituted under DARPA's Technology Reinvestment Project. The goal of all three programs is to develop new technologies with applications to both the military and commercial markets. The Quick Reaction Spoken Language Translator (QRSLT) Consortium seeks to develop a product prototype of a hand-held or body-mounted QRSLT that would allow military personnel in a hostile environment or civilian law enforcement personnel in an emergency situation to communicate with a non-English speaking individual using an easily portable, automatic translation device. The government is contributing $2,374,821 to the program, with consortium members sharing a cost of $3,632,852. Consortium members include Language Systems Inc., Woodland, Calif.; Entropic Research Laboratories Inc., Menlo Park, Calif.; and Eloquent Technology Inc. of Ithaca, N.Y. Language Systems Incorporated, developed the initial spoken language translation prototype under the direction and funding of Rome Laboratory, in support of military requirements. The QRSLT will accept spoken English input from a military or law enforcement user, translate the input into Spanish or Arabic, and generate the computer-spoken translation. The translator will also accept spoken Spanish and Arabic inputs and translate them into spoken English output. This will be an innovative advance over currently available "speaking translators," which produce speech based on typed inputs, which cannot accept spoken input, and which are not customized for military or law enforcement operations. The Millimeter Wave Imaging Radar Consortium seeks development of a suitable technology and effective, affordable products for concealed weapon detection (CWD) and through-the-wall surveillance (TWS) application --- well-established objectives for both military operations other than war and civilian law enforcement agencies. Consortium members include Millimetrix Corp., South Deerfield, Mass.; Technology Service Corp., Trumbull, Conn.; and Riverside Research Institute of Lexington, Mass. They will contribute $2,035,087 to the research program, while the government's share will be $2,018,491. Military applications of the envisioned technology, in addition to operations other than war, would include use by military police and special forces personnel, all weather aircraft operation, shipboard and airborne missile warning, helicopter obstacle avoidance, battlefield surveillance, fire control, and missile seekers. Civilian law enforcement agencies would be able to use the technology in curtailing terrorist acts and juvenile handgun crimes that frequently involve the use of concealed weapons, bombs and other contraband that cannot be detected using currently available technology. The Speaker Identification for Law Enforcement Consortium will be funded with $3.2 million, evenly divided between the government and consortium members T-NETIX Inc. of Englewood, Colo., and Dictaphone of Stratford, Conn. The goal of the consortium is to transfer previously developed speaker identification technology into commercial and military applications. With specific emphasis on minimal size, weight, power and cost, the technology is envisioned to have widespread civilian law enforcement surveillance applications. see From shamrock at netcom.com Mon Feb 3 17:40:33 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 17:40:33 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: <3.0.32.19970203174114.006ec708@192.100.81.136> At 11:48 PM 2/3/97 GMT, Adam Back wrote: > >Lucky Green writes: >> I believe that Cypherpunks is beyond hope of recovery. In fact, each day >> Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the >> cause. Let's kill the list. Once and for all. Let the hard core crypto go >> to Coderpunks, the politics to Cryptography, and the garbage into the void. > >What about the leaks? (rc4.c, Mykotronics dumpster contents, etc) >Where do they go? I have been thinking about this question. I don't really have an answer other than that the more recent leaks posted to this list drew zero response. How many of you remember the anonymous message posted to this list revealing that Skipjack is an elliptic curve cipher? [One of the most respected names in cryptography confirmed this to me in private conversation. No, the person was not privy to the secret specs. The person didn't need to be. :-] If nobody cares about the leaks, why do we need to provide a forum for them? Besides, there are other fora that could be used. sci.crypt or Coderpunks are both good places to post "found" code. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From weidai at eskimo.com Mon Feb 3 17:40:54 1997 From: weidai at eskimo.com (Wei Dai) Date: Mon, 3 Feb 1997 17:40:54 -0800 (PST) Subject: what's in a name? Message-ID: <199702040140.RAA09183@toad.com> I've stayed out of the debate about list moderation so far, but a recent post from tmcghan at gill-simpson.com reminds me of something I've been thinking about. An interesting way to look at what happened is that John Gilmore owns the name "cypherpunks at toad.com" and has chosen to exercise that ownership. Even though those of us who disagree with the way he has done so are free to leave and set up our own mailing list, it is costly to do so, and the problem of central name ownership remains. List subscribers have made investments that are specific to the name "cypherpunks at toad.com", and most of the cost of switching to a new list is in the new investments they would have to (re)make. The fact is that a promise of no censorship is not enough incentive for us to do so. I suspect that the hierarchical nature of name ownership on the Internet today will be an important technological barrier for the establishment of truly anarchic virtual communities. Unless this problem is solved, the closest we'll come is pseudo-anarchies that exist with the tolerance of beneficent dictators. Wei Dai From PADGETT at hobbes.orl.mmc.com Mon Feb 3 17:41:11 1997 From: PADGETT at hobbes.orl.mmc.com (A. Padgett Peterson P.E. Information Security) Date: Mon, 3 Feb 1997 17:41:11 -0800 (PST) Subject: RC5-12/32/5 contest solved Message-ID: <199702040141.RAA09191@toad.com> >I received a nice flyer in the mail the other day from "Chip Express" >(www.chipexpress.com, 800-95-CHIPX). They are offering Laser >Programmed Gate Arrays. It appears to be a reasonable way to get some >Wiener chips built. As I recall, the Wiener design required about >23,000 gates. Their blurb had the following table in in: > FPGA Gates ASIC Gates 500 Units 1000 Units 5000 Units > 40,000 20,000 $77 $45 $10 > Not Avail 200,000 $176 $150 $82 First I can buy a 486DX-66 (with fan) for $37, but to make it into a PC takes just a wee bit more. Second, there is a world of difference in speed between a Field Programmable Gate Array and an Application Specific Integrated Circuit. The second is much faster (have heard of up to 200 Mhz) but doubt that you can get there with a laser (probably where the 50 Mhz figure comes from). I suspect you will need to have a mask made first - that is where the real money goes. However lets consider that you are really lucky and the first mask works and you get 100% yield (good chips). Next you need a backplane with an input mechanism to prime each of those chips with the text to break (will assume you have built in the initialization sequences for each chip). Then you need a path to provide the KPT to the XOR at the output, powersupply, RF shielding, and a few other minor items (can probably use a PC for a front end). Then, you need a way to report success but that is trivial. Finally, you need to hope that none of those 5000 chips experiences infant mortality or that you have some scheme to detect if that happens and to which chip (was there BITE in the design ?). Personally, would design the 5,000 to provide possible answers (say 2^32) as an initial step and then push that into a single MasPar or similar. Might find out some interesting things that way while reducing the overall complexity. Just some food for thought. Warmly, Padgett ps couple of people last year were working with FPGAs, I corresponded with them briefly. Why not ask them how my "guesstimates" correlated with their experiments... From roach_s at alph.swosu.edu Mon Feb 3 17:41:20 1997 From: roach_s at alph.swosu.edu (Sean Roach) Date: Mon, 3 Feb 1997 17:41:20 -0800 (PST) Subject: VOICE STRESS ANALYSIS Message-ID: <199702040141.RAA09207@toad.com> At 08:25 PM 2/2/97 -0800, jim bell wrote: >Awhile back we were discussing voice-stress analysis; just got this item on >the subject; he said it's okay to post it. > > > >>From: Spectre334 at aol.com >>Date: Sun, 2 Feb 1997 09:31:17 -0500 (EST) >>To: jimbell at pacifier.com >>cc: BLAMES2778 at aol.com, AFSCA at aol.com, JLeek426 at aol.com >>Subject: VOICE STRESS ANALYSIS >> >>MR. BELL: >> >>I FOUND YOUR QUERY ABOUT VOICE STRESS ANALYSIS ON THE INTERNET, AND I TOO, >>HAVE FOUND A DEARTH OF INFORMATION THERE - UNTIL NOW. >> >>I'M PLEASED TO REPORT THAT VOICE STRESS ANALYSIS (VSA) IS ALIVE AND WELL. IT >>HAS BEEN QUIETLY PERFORMING IN THE SHADOW OF THE POLYGRAPH FOR MANY YEARS. >> NOW, HOWEVER, IT IS COMING INTO ITS AND IS USED IN MANY STATES TO AID IN >>CRIMINAL INVESTIGATIONS AND OTHER APPLICATIONS. >> ... >>THE DIOGENES GROUP, INC., OF WHICH I AM PRESIDENT, HAS DEVELOPED A TOTALLY >>DIGITAL APPROACH TO VSA, AND BEGAN DELIVERING SYSTEMS TO LAW ENFORCEMENT >>AGENCIES IN DECEMBER, 1996. THE PREMIER DIOGENES VSA PRODUCT IS REDUCED TO >>THE SIZE OF A NOTEBOOK COMPUTER, BUT PRODUCES REALTIME PROCESSING FOR >>SOFTCOPY DISPLAY, AND HARDCOPY PRINTING WITHIN SECONDS. >> >>YOU MAY BE FAMILIAR WITH THE PREVIOUS STATE-OF-THE-ART, WHICH WAS A >>RELATIVELY LARGE ANALOG MACHINE, USING A SINGLE CHANNEL AND PRINTING OUT THAT >>DATA ON A ROLL OF THERMAL PAPER. THOSE DAYS ARE GONE FOREVER. >> >>IF YOU WOULD LIKE MORE INFORMATION ON THE DIOGENES GROUP AND ITS PRODUCTS, >>PLEASE USE THIS CHANNEL TO SEND ME YOUR MAILING ADDRESS, PHONE NUMBER, AND >>FAX NUMBER. >> >>THANKS FOR YOUR INTEREST IN VOICE STRESS ANALYSIS. ... Check the Readers Guide for the last couple of years. I don't have my Popular Electronics collection handy, but not too long ago they put out the plans to a smaller unit based around some Cell Phone part. It operated on a single frequency as opposed to a varient modulation of the voice. This allowed the unit to be much smaller and simpler, sacrificing some of the accuracy for a reasonable price (PC board, parts and case available for, I think, less than $100). The whole unit fit in a case about the size of a transistor radio and used a couple of bar graph displays (LED) for output. The whole operating theory is regulary printed with the schematics, and a parts list and foil diagrams are included for those who want to make the project from scratch. While your at it, look up the subliminal mixer from about 1992, I made one of these and only prevented from using it by the lack of a decent power supply. The single frequency mentioned above is further explained in the text. The local library can get a copy of either of these issues, or any others that catch your interest, for you if you ask really nicely. From aba at dcs.ex.ac.uk Mon Feb 3 17:41:22 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Mon, 3 Feb 1997 17:41:22 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040141.RAA09208@toad.com> Peter Hendrickson writes: > There are lessons to be learned here. One is that censorship does > not promote a stimulating and creative dialogue. The cypherpunks list > right now is about as interesting as hanging out by the 7-11. Censorship adds a social hierarchy, and this is inevitably resented. A similar problem existed with ICS (Internet Chess Servers), they include a MUD like facility where users can discuss chess. For misc reasons certain behaviour was frowned on, and a system of control was added to the software where certain users where given moderator status, and could kick others off. The fact that some of the moderators were particularly poor players helped to annoy others who though outspoken, where good chess players, and led to the particularly long thread in alt.chess (or whatever group it was) titled `guppies rule the goldfish bowl' or something. (A `fish' is a newbie chess player, a guppie being a small fish,...) Interesting repetition of the social phenomena of resentment of power in electronic forums (however well intentioned, and for whatever perceived social good). > Another lesson is the danger of choke points. We can see how > tempting it is for people to exercise their control. Even John Gilmore > was unable to restrain himself from involuntary social engineering > experiments. Who would we have considered to be more trustworthy? Quite. For a pedigree of championing free speech, and unpaid efforts to further freedom, he was high up on the list. I'd feel happier if he was joining in with these discussions, rather than getting interested to the extent to set up moderation, even though not participating in the discussions. > [distributed list homing ideas] sounds good. But what about USENET groups? They're distributed, what feature of your proposed solution is superior to using USENET groups distribution mechanisms in your opinion? Several times in the past, a USENET newsgroup alt.cypherpunks was suggested. Some people were against it because they felt that it would attract more noisy posters. Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As an aside, it is ironic that John Gilmore was the guy who started the alt.* USENET hierarchy, specifically to facilitate freedom of speech). > P.S. I like and respect John and Sandy and I've learned a lot from > both of them. While basically well-intentioned, they just made a > mistake in this instance. Agree. Also, the quicker they acknowledge their actions as mistakes, and correct the results, the less their reputations will suffer. Perhaps at the end of the trial moderation experiment would be a good time to change position without loosing face. (If acknowledging mistakes bothers them). Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 My favorate Ben Franklin quote is "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Ben Franklin, ~1784 From ichudov at algebra.com Mon Feb 3 17:46:41 1997 From: ichudov at algebra.com (Igor Chudov @ home) Date: Mon, 3 Feb 1997 17:46:41 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702040027.AAA00276@server.test.net> Message-ID: <199702040139.TAA01626@manifold.algebra.com> Adam Back wrote: > > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As > an aside, it is ironic that John Gilmore was the guy who started the > alt.* USENET hierarchy, specifically to facilitate freedom of speech). > An interesting idea. - Igor. From nobody at zifi.genetics.utah.edu Mon Feb 3 17:51:50 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 17:51:50 -0800 (PST) Subject: RSA Algorithm Message-ID: <199702040151.SAA12297@zifi.genetics.utah.edu> Drunkard Vagina has been fired for masturbating in front of his boss. ^-^-^-@@-^-^-^ (..) Drunkard Vagina From farber at cis.upenn.edu Mon Feb 3 17:55:51 1997 From: farber at cis.upenn.edu (David Farber) Date: Mon, 3 Feb 1997 17:55:51 -0800 (PST) Subject: concerning Ben Franklin Message-ID: <199702040155.RAA09584@toad.com> My favorate Ben Franklin quote is "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Ben Franklin, ~1784 From sandfort at crl.crl.com Mon Feb 3 17:56:06 1997 From: sandfort at crl.crl.com (Sandy Sandfort) Date: Mon, 3 Feb 1997 17:56:06 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702040156.RAA09599@toad.com> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Mon, 3 Feb 1997, Scott V. McGuire wrote: > Sandy, you said that you thought the list had improved since you began > moderating. How could you think otherwise? When you send an article to > the flames list its because you think the list would have been worse > otherwise. If I wasn't clear, I'm sorry. I think the quality of content and the degree of civility have improved. My extreme example was the increase in polite, on-topic posts from Dimitri, but are others. That's the sort of improvement to which I was referring. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From shamrock at netcom.com Mon Feb 3 17:56:45 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 17:56:45 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: <199702040156.RAA09627@toad.com> At 11:48 PM 2/3/97 GMT, Adam Back wrote: > >Lucky Green writes: >> I believe that Cypherpunks is beyond hope of recovery. In fact, each day >> Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the >> cause. Let's kill the list. Once and for all. Let the hard core crypto go >> to Coderpunks, the politics to Cryptography, and the garbage into the void. > >What about the leaks? (rc4.c, Mykotronics dumpster contents, etc) >Where do they go? I have been thinking about this question. I don't really have an answer other than that the more recent leaks posted to this list drew zero response. How many of you remember the anonymous message posted to this list revealing that Skipjack is an elliptic curve cipher? [One of the most respected names in cryptography confirmed this to me in private conversation. No, the person was not privy to the secret specs. The person didn't need to be. :-] If nobody cares about the leaks, why do we need to provide a forum for them? Besides, there are other fora that could be used. sci.crypt or Coderpunks are both good places to post "found" code. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From rah at shipwright.com Mon Feb 3 17:56:48 1997 From: rah at shipwright.com (Robert Hettinga) Date: Mon, 3 Feb 1997 17:56:48 -0800 (PST) Subject: Embarrass a Marylander, Go to Jail Message-ID: <199702040156.RAA09633@toad.com> --- begin forwarded text Date: Mon, 3 Feb 1997 19:25:51 -0500 (EST) To: Multiple Recipients of e$pam From: e$pam at intertrader.com (e$pam) Reply-To: e$@thumper.vmeng.com X-Comment: To unsubscribe, send any email to e$pam-off at intertrader.com Precedence: Bulk Subject: Embarrass a Marylander, Go to Jail X-orig-from: Randy Cassingham X-e$pam-source: Various Forwarded by Robert Hettinga ----------------------------------------------------------------------- Date: Mon, 3 Feb 1997 14:37:56 -0700 (MST) From: Randy Cassingham Subject: Embarrass a Marylander, Go to Jail To: listmom-talk at skyweyr.com Mime-Version: 1.0 Precedence: Bulk Reply-To: listmom-talk at skyweyr.com Passed on without comment. / Randy Cassingham * Author, "This is True" * arcie at netcom.com \ | For info on What I Do, send a blank e-mail to TrueInfo at freecom.com | \ or check out * I promise you'll like it / + FIGHT SPAM! Send a blank e-mail to nospam at mailback.com for help! + ---------- Forwarded message ---------- Excerpted from... ============================================================= AOP Bulletin Friday, February 3, 1997 Volume 97:05 ============================================================= The following is information distributed to members of the Association of Online Professionals and others involved in the online communications industry. Contacts and other information about AOP may be found at http://www.aop.org. ***************************************************** Maryland Recycles Law On "Annoying" E-Mail ***************************************************** A Maryland bill that would make it illegal to send "annoying" or "embarrassing" e-mail was introduced this week by Democratic General Assembly member Samuel Rosenberg. The bill got little support when it was introduced last year, but Rosenberg hopes to play off of recent murders involving electronic mail to see the bill passed. Civil liberties groups argue that the law would be unconstitutional, and that the terms "annoy" and "embarrass" are too vague to be meaningful. If passed, House Bill 778 would amend the state's criminal harassment law to prohibit the use of email to annoy, abuse, torment, harass, or embarrass other people, with violators receiving a fine up to $500 and three years in jail. A similar bill introduced last year is quietly progressing through New York's state legislature. Senate Bill 1414, introduced by Democratic State Senator Ray Goodman, could be voted on in the House early this year. Full text of the Maryland bill can be found at http://mlis.state.md.us/1997rs/billfile/HB0778.htm. -------------------------------------------------- The e$ lists are brought to you by: Intertrader Ltd - Java e$ Software Developers in the UK Visit for details ... Where people, networks and money come together: Consult Hyperion http://www.hyperion.co.uk info at hyperion.co.uk Like e$pam? Help pay for it! See Or, for e$pam sponsorship, see Thanks to the e$ e$lves: Of Counsel: Vinnie Moscaritolo (Majordomo)^2: Rachel Willmer Commermeister: Anthony Templer Interturge: Rodney Thayer HTMLurgist: Cynthia Zwerling --- end forwarded text ----------------- Robert Hettinga (rah at shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "Never attribute to conspiracy what can be explained by stupidity." -- Jerry Pournelle The e$ Home Page: http://www.shipwright.com/rah/ FC97: Anguilla, anyone? http://www.ai/fc97/ From aba at dcs.ex.ac.uk Mon Feb 3 17:56:49 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Mon, 3 Feb 1997 17:56:49 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702040156.RAA09634@toad.com> writes: > in a message allegedly from: "Timothy C. May" > > > I would have had no problem had John announced that he was creating > > a new list, the "Good Stuff" list, with Sandy has his Chooser of > > Good Stuff. > > > But by making the _main list_ the censored one, this skewed things > > considerably. > > > But the clear message by having Sandy censor the > > main list (the default list, the list name with the main name, the > > list we all know about, etc.) > > Now that the horse is out of the barn, ( or maybe not? ), I can't help > but ask whether one specific 'change to the change' would have > satisfied most of your objections: retaining 'cypherpunks' as the > name of the unedited, all-the-crud-you-can-read-and-then-some, > version, and adding an 'cp-worthwhile' list for those of us who prefer > not to wade thru mountains of garbage to glean a few precious tidbits. That was the objectionable part of the moderation experiment to me. > What's in a name? Is perception more important ( to you ) than > reality? If just swapping names between cp and cp-unedited would make > such a large difference, I humbly suggest to you that you consider how > much labels need to matter. Is the title of the group more important > the the content? From where I sit, this looks a lot like a > style-over-substance complaint. There is a lot in a name. The name `Cypherpunks' has, or had a reputation. Tricks like censoring the list are not helping that reputation. This wording indicates that the other two lists are to satisfy purists: (relevant output from sending message with body `lists' to majordomo at toad.com) : cypherpunks (THE MAIN LIST) Fermenting ideas on crypto and society : cypherpunks-flames (FLAMES DELETED BY MODERATOR) Ideas on crypto and society : cypherpunks-unedited (THE UN-MODERATED LIST) Ideas on crypto and society The naming convention indicates that cypherpunks is the main list, as does the ordering (moderated first). The text in the sign up message: (extracts from output from sending message with body `info cypherpunks' to majordomo at toad.com) : cypherpunks moderated to suppress spam and flames : cypherpunks-unedited all submissions, just as they arrived : cypherpunks-flames the submissions that didn't pass moderation Also I note in passing that if I recall correctly this section used to give Hugh Daniel's email address. Seems John is managing majordomo himself now? Is Hugh's no longer being list manager related to the moderation decision? : For other questions, my list management address is not the best place, : since I don't read it every day. To reach me otherwise, send mail to : : gnu at toad.com > It may also be worth noting that the current 'status quo' is a > transient experiment, with a fairly short time limit. When JG, > Sandy, et al. evaluate the results with an eye to future > direction(s), they may well consider an 'inverted default' for the two > list names (i.e.: cp / cp-unedited) It would be nice also if JG, Sandy et al, took some notice of the list opinions next time. It really would have been better to create a _new_ moderated list, rather than take over the existing list address, and subscribers. Maybe those who initiated the moderation experiment thought they wouldn't get many people moving over to the moderated list if they had to go to that effort. Another alternative would have been to discontinue `cypherpunks' and start `cypherpunks-edited' and `cypherpunks-unedited' forcing people to choose. I wouldn't have liked that either, but it would have been a better experiment. (Likely that would have lost many altogether, who simply wouldn't have bothered to resubscribe at all). Several times in the past, a USENET newsgroup alt.cypherpunks was suggested. Some people were against it because they felt that it would attract more noisy posters. Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As an aside, it is ironic that John Gilmore was the guy who started the alt.* USENET hierarchy, specifically to facilitate freedom of speech). Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 Adam Back wrote: > > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As > an aside, it is ironic that John Gilmore was the guy who started the > alt.* USENET hierarchy, specifically to facilitate freedom of speech). > An interesting idea. - Igor. From azur at netcom.com Mon Feb 3 17:58:24 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 17:58:24 -0800 (PST) Subject: Govt & cyberspace Message-ID: [snip] >"tech envy"-- what impact is this going to have on our >government? it's becoming a huge issue. it may be a >really great opportunity for a populist movement to >truly reform the government in the process of upgrading >their computers. Even better, this is an opportunity to choke off all, or certainly increased, funding in order to hasten its collapse. >I suspect that the "groupware" technology >that is just getting started will have major influence >in these areas. as private companies find increasingly >sophisticated ways of managing themselves, the obvious >question will arise, "why can't we have an efficient govt >when our private industries are"? the answer is, we >can!! Don't improve it, remove it! > >I've written about "electronic democracy" repeatedly. many >people object to the idea. but when it is phrased in terms >of groupware, it becomes more palatable. imagine a small >company humming along with its groupware application that >allows it to make company-wide decisions using a democratic >process. moreover, the software is robust and scales well. >why can't the same principles be scaled up, up, up? I predict >that they will be in a rather extraordinary revolution. > >a new "velvet revolution"? comments anyone? Democracy is not without its significant shortcomings. If you doubt this read Tocquevelle. --Steve From aba at dcs.ex.ac.uk Mon Feb 3 17:58:32 1997 From: aba at dcs.ex.ac.uk (Adam Back) Date: Mon, 3 Feb 1997 17:58:32 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: <199702040158.RAA09697@toad.com> Lucky Green writes: > I believe that Cypherpunks is beyond hope of recovery. In fact, each day > Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the > cause. Let's kill the list. Once and for all. Let the hard core crypto go > to Coderpunks, the politics to Cryptography, and the garbage into the void. What about the leaks? (rc4.c, Mykotronics dumpster contents, etc) Where do they go? You expect Perry to stick his neck out and approve them? (Perry Metzger is the moderator of cryptography at c2.net, started recently as a moderated version of cypherpunks for those who don't know what the `cryptography' list is). The existance of cryptography argues against the need for `cypherpunks' to be moderated. Why two competing moderated lists? Secondly the status of garbage is in the eye of the beholder. There are a few posts which are probably considered garbage by near everyone, but lots of other stuff which really just depends on what the reader is interested in. The problem with censorship or moderation is that it waters down the absolutism of free speech. Free speech in electronic media, with cypherpunks type I, and type II remailers, is the closest thing to truly free speech yet. A lot of people seem to regard Jim Bell's assasination politics as suitable material for censoring. Yet it is pretty crypto relevant. Sandy's job is pretty hard to do. For instance I recently posted this, which ended up in cpunks-flames, due to being in a thread which contained a mild flame 2 messages back: : Diffie-Hellman key generation, there are two main ways of generating : the diffie-hellman prime modulus, method 1: : : p = 2q+1 : : where q is a prime also. : : And method 2: : : p = r.2q+1 : : where q is a prime and r is a randomly generated number. : : With method 1, the security parameter is the size of p in bits (or : size of q, as they are related). : : With method 2, there are two security parameters, size of q and size : of p in bits. : : Method 2 has the advantage that key generation is faster as it is : quicker to generate new random numbers r, than to repeatedly generate : trial prime q as you have to do in method 1. However is the security : weaker in method 2? What size of p and q do you have to use to get : the same security as for same size of p in bits as in method 1? What : should be the relationship between the size of p and q? (I freely admit to injecting additional crypto relevance just for the fun of seeing it be filtered cpunks-flames -- though I was interested in discussion also). > I am well aware of the name recognition and reputation capital associated > with CP, still I believe it best to *kill the list*. I'd prefer to see various filtering services offered, and the list retained. My main objection with the moderation experiment is that the main list was renamed. Adam -- print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0 > From: ####### ### <###@###.com> > To: ichudov at algebra.com > Subject: Re: Dissolving Choke Points > > ichudov at algebra.com writes: > > i do have unix (linux) and stuff, but i can't take a lot of subscribers > > -- maybe 200-300 or so. > > > > i actually wrote a proposal for a mailing list without a central control > > point, with several advantages being impossibility of control, absense > > of a single point of failure, and cryptographic verification of honesty > > of moderators. > > > > if there is any interest, i will post it here. > > Please do. > > Regards, > > ####### ### Here, I propose a new scheme for the Cypherpunks mailing list that would 1) Ensure that no one person is able to take over the control over the list 2) Ensure that there will be no single point of failure, i.e., shutdown of any single computer will not kill the list 3) Ensure that even people with relatively small Net resources can help keep the list afloat. The idea is as follows: even though Cypherpunks is one group, the group will be based on multiple mailing lists with identical content. These lists may be named, for example, cypherpunks at algebra.com, cypherpunks at toad.com, and cypherpunks at netcom.com (obviously, these names are used as an example only). Any user is free to subscribe to any of these lists. All of these lists will interact with each other in the following way: 1) Each node would forward ALL incoming submissions to a) all other nodes and b) to all subscribers "attached" to the node 2) Each node will send information about all new subscriptions to each other node. The following procmail recipes for cypherpunks@ accounts may be used to ensure quick forwarding: # is it sent to cypherpunks (some spams will be trashed here) # and is it not a mail loop? :0 * ^TOcypherpunks * !^X-Loop: { # # This recipe removes duplicates! # :0 Wh: msgid.lock | formail -D 32768 msgid.cache # forward it to other cypherpunks lists :0 c !cypherpunks at netcom.com cypherpunks at toad.com # send it to all local subscribers :0 c !majordomo -some -arguments # store the checksum and message-id for honesty verification (see below) :0 |accounting } # suSCRibe/unsuSCRibe recipes go here This scheme ensures that the list is run in a cooperative fashion and can be maintained by a number of individuals without any one of them having an expensive internet connection or being "in charge". It also ensures that even if one node fails, traffic can be re-routed to other nodes. Just as well, it ensures that any attempts of cheating will be noticed: it is easy to write a bot that would subscribe to all of these lists and see if any messages get "lost". Users can send their articles to only one node, or, if they feel paranoid, to several nodes at once. All we need is to make sure that all Message-IDs of outgoing messages are unique at every node. Honesty verification: I suppose that there may be some more elaborate, crypto-based schemes to control and monitor article distribution. For example, there can be another list, cypherpunks-control, where each of the nodes posts a publicly available signed summary of checksums of articles that went through, and individual users would be able (with the help of s simple client program) to verify that 1) They received these articles 2) That summaries received from all nodes are identical 3) That all articles were received by all nodes They do not HAVE to do it, but they can if they want. If they do, there will be no way for list maintainers to censor anything. If a node goes down or if the users' verification scripts indicate a potential for cheating, they can resubscribe to some other node and let everyone else know what's going on. My proposal strikes me as fairly simple and potentially workable. Even though 90% of the users will never get to usnig the verification mechanism, it will ensure honesty. Note also that this mechanism is a gross simplification of the way USENET works, so some may vouch for a usenet group instead. Your opinions will be appreciated. - Igor. From roach_s at alph.swosu.edu Mon Feb 3 18:08:08 1997 From: roach_s at alph.swosu.edu (Sean Roach) Date: Mon, 3 Feb 1997 18:08:08 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040208.SAA09884@toad.com> At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: ... >Another lesson is the danger of choke points. We can see how >tempting it is for people to exercise their control. Even John Gilmore >was unable to restrain himself from involuntary social engineering >experiments. Who would we have considered to be more trustworthy? > >Toad.com is a choke point, not just in terms of moderation but in >terms of the rate at which it can distribute messages. Let's >replace it. > >What we want are many machines carrying the cypherpunks list. A >message posted to any machine goes to all of the others. Each >machine sends messages to its subscribers only once. Some of >these machines should be across borders. > >The mail loop and multiple posting problems are solved by observing >the message IDs. > >Fast implementation: use moderated mailing list software. Put a >filter in the .forward file of the "moderator" account which looks >at the message ID and forwards the message if it hasn't been seen >already. The mailing list machines all subscribe each other. ... What you are suggesting is reminiscent of IRC. Except, I think that each IRC network has a central computer which could be controlled. On your idea for fast implementation, this could be hacked by would-be censors. A message comes into the list, the censor sees that the post is from a regular enemy. The censor then copies the header information onto a new message, one containing garbage, or snippets from old posts, reads the new post to see if it is acceptable, and if it is, adds a new header, probably only the time would be changed, and transmits it out. If the would be censor was the sysop of a machine near the origin of the message, and if the censor operated the censorship either by bots, or monitored the feed 24 hours a day, (not likely), then the actual message would get to few. From nobody at REPLAY.COM Mon Feb 3 18:10:07 1997 From: nobody at REPLAY.COM (Anonymous) Date: Mon, 3 Feb 1997 18:10:07 -0800 (PST) Subject: More Hacking of the Mykotronx Site! Message-ID: <199702040150.CAA13253@basement.replay.com> Hey, d00dz, remember the dumpster diving at Mykotronx facilities in Torrance? Where they dumped their secret plans for the Clipper chip in the dumpsters right outside their little building in Torrance? Where guys like me could find their spreadsheets for budget planning, production run rates, deals with VLSI Technology, Sandia, and the other NSA stooges? Remember how they suddenly started shredding their papers? Well, it's been 3 years, and apparently the new guys at Rainbow (the parent company) have forgotten their lesson! So, here's the latest stuff: >>>quote * INTERNAL USE ONLY * COMINT-restricted, limited to M3 classifications Distribution beyond M3 a national security felony Mykotronx has agreed to provide to the Estonian government 79.000 MYK-82 processors for its Personnel Surveillance System, as part of the negotiations to provide Observer Status for Estonia in NATO. Negotiations continue between Ambassador Aaron and the NATO nations have established as a minimum that new entrants into the NATO community adhere to the Unified Cryptography Initiative, initialed by NATO ministers in Bruxelles, 10-13-96. Estonia has signified compliance, as noted by their Internal Security Directorate: "Kiipe valimistatakse praegu Californias asuvas firmas MYKOTRONX Ltd. ja ta hind k�igub 10 kuni 30 dollarini olenevalt konkreetsest t��bist ning ta on v�imline kr�pteerima/deshifreerima 15-20 MB/s." Spysrus agrees to integrate into Personel Surveillance System (PSS) modules for Internal Security Service (ISS) use.for over 79,000 of Mykotronx's new Capstone encryption processor (MYK-82). The devices will be used to build part of the Estonian government's order of Fortezza Cryptographic Cards for the PSS awarded November 1996. Initial delivery of the new cryptographic processor will begin June 1997. The MYK-82, developed by Mykotronx and fabricated by VLSI Technology, Inc., is the first of a series of security products to be developed as part of an alliance with the NSA, targeting both Government and commercial citizen monitoring markets. -- From snow at smoke.suba.com Mon Feb 3 18:40:55 1997 From: snow at smoke.suba.com (snow) Date: Mon, 3 Feb 1997 18:40:55 -0800 (PST) Subject: Moderation [Tim,Sandy] In-Reply-To: <199702032011.MAA01053@toad.com> Message-ID: <199702040258.UAA02235@smoke.suba.com> > I believe that Cypherpunks is beyond hope of recovery. In fact, each day > Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the > cause. Let's kill the list. Once and for all. Let the hard core crypto go > to Coderpunks, the politics to Cryptography, and the garbage into the void. Correct me if I am wrong, but isn't(wasn't) there an implied threat of moderation on the cryptography at c2.net list? Mr. M started it with the intent of getting away from much of the cruft (ADD, & etc.) that had accumlated here, and he was quite open about moderating it if he thought it needed it. From snow at smoke.suba.com Mon Feb 3 19:25:48 1997 From: snow at smoke.suba.com (snow) Date: Mon, 3 Feb 1997 19:25:48 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: <199702040325.TAA12034@toad.com> > I believe that Cypherpunks is beyond hope of recovery. In fact, each day > Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the > cause. Let's kill the list. Once and for all. Let the hard core crypto go > to Coderpunks, the politics to Cryptography, and the garbage into the void. Correct me if I am wrong, but isn't(wasn't) there an implied threat of moderation on the cryptography at c2.net list? Mr. M started it with the intent of getting away from much of the cruft (ADD, & etc.) that had accumlated here, and he was quite open about moderating it if he thought it needed it. From azur at netcom.com Mon Feb 3 19:25:55 1997 From: azur at netcom.com (Steve Schear) Date: Mon, 3 Feb 1997 19:25:55 -0800 (PST) Subject: Govt & cyberspace Message-ID: <199702040325.TAA12048@toad.com> [snip] >"tech envy"-- what impact is this going to have on our >government? it's becoming a huge issue. it may be a >really great opportunity for a populist movement to >truly reform the government in the process of upgrading >their computers. Even better, this is an opportunity to choke off all, or certainly increased, funding in order to hasten its collapse. >I suspect that the "groupware" technology >that is just getting started will have major influence >in these areas. as private companies find increasingly >sophisticated ways of managing themselves, the obvious >question will arise, "why can't we have an efficient govt >when our private industries are"? the answer is, we >can!! Don't improve it, remove it! > >I've written about "electronic democracy" repeatedly. many >people object to the idea. but when it is phrased in terms >of groupware, it becomes more palatable. imagine a small >company humming along with its groupware application that >allows it to make company-wide decisions using a democratic >process. moreover, the software is robust and scales well. >why can't the same principles be scaled up, up, up? I predict >that they will be in a rather extraordinary revolution. > >a new "velvet revolution"? comments anyone? Democracy is not without its significant shortcomings. If you doubt this read Tocquevelle. --Steve From nobody at replay.com Mon Feb 3 19:26:07 1997 From: nobody at replay.com (Anonymous) Date: Mon, 3 Feb 1997 19:26:07 -0800 (PST) Subject: More Hacking of the Mykotronx Site! Message-ID: <199702040326.TAA12074@toad.com> Hey, d00dz, remember the dumpster diving at Mykotronx facilities in Torrance? Where they dumped their secret plans for the Clipper chip in the dumpsters right outside their little building in Torrance? Where guys like me could find their spreadsheets for budget planning, production run rates, deals with VLSI Technology, Sandia, and the other NSA stooges? Remember how they suddenly started shredding their papers? Well, it's been 3 years, and apparently the new guys at Rainbow (the parent company) have forgotten their lesson! So, here's the latest stuff: >>>quote * INTERNAL USE ONLY * COMINT-restricted, limited to M3 classifications Distribution beyond M3 a national security felony Mykotronx has agreed to provide to the Estonian government 79.000 MYK-82 processors for its Personnel Surveillance System, as part of the negotiations to provide Observer Status for Estonia in NATO. Negotiations continue between Ambassador Aaron and the NATO nations have established as a minimum that new entrants into the NATO community adhere to the Unified Cryptography Initiative, initialed by NATO ministers in Bruxelles, 10-13-96. Estonia has signified compliance, as noted by their Internal Security Directorate: "Kiipe valimistatakse praegu Californias asuvas firmas MYKOTRONX Ltd. ja ta hind kuigub 10 kuni 30 dollarini olenevalt konkreetsest t||bist ning ta on vuimline kr|pteerima/deshifreerima 15-20 MB/s." Spysrus agrees to integrate into Personel Surveillance System (PSS) modules for Internal Security Service (ISS) use.for over 79,000 of Mykotronx's new Capstone encryption processor (MYK-82). The devices will be used to build part of the Estonian government's order of Fortezza Cryptographic Cards for the PSS awarded November 1996. Initial delivery of the new cryptographic processor will begin June 1997. The MYK-82, developed by Mykotronx and fabricated by VLSI Technology, Inc., is the first of a series of security products to be developed as part of an alliance with the NSA, targeting both Government and commercial citizen monitoring markets. -- From ichudov at algebra.com Mon Feb 3 19:26:10 1997 From: ichudov at algebra.com (ichudov at algebra.com) Date: Mon, 3 Feb 1997 19:26:10 -0800 (PST) Subject: Dissolving Choke Points (fwd) Message-ID: <199702040326.TAA12077@toad.com> > From: ####### ### <###@###.com> > To: ichudov at algebra.com > Subject: Re: Dissolving Choke Points > > ichudov at algebra.com writes: > > i do have unix (linux) and stuff, but i can't take a lot of subscribers > > -- maybe 200-300 or so. > > > > i actually wrote a proposal for a mailing list without a central control > > point, with several advantages being impossibility of control, absense > > of a single point of failure, and cryptographic verification of honesty > > of moderators. > > > > if there is any interest, i will post it here. > > Please do. > > Regards, > > ####### ### Here, I propose a new scheme for the Cypherpunks mailing list that would 1) Ensure that no one person is able to take over the control over the list 2) Ensure that there will be no single point of failure, i.e., shutdown of any single computer will not kill the list 3) Ensure that even people with relatively small Net resources can help keep the list afloat. The idea is as follows: even though Cypherpunks is one group, the group will be based on multiple mailing lists with identical content. These lists may be named, for example, cypherpunks at algebra.com, cypherpunks at toad.com, and cypherpunks at netcom.com (obviously, these names are used as an example only). Any user is free to subscribe to any of these lists. All of these lists will interact with each other in the following way: 1) Each node would forward ALL incoming submissions to a) all other nodes and b) to all subscribers "attached" to the node 2) Each node will send information about all new subscriptions to each other node. The following procmail recipes for cypherpunks@ accounts may be used to ensure quick forwarding: # is it sent to cypherpunks (some spams will be trashed here) # and is it not a mail loop? :0 * ^TOcypherpunks * !^X-Loop: { # # This recipe removes duplicates! # :0 Wh: msgid.lock | formail -D 32768 msgid.cache # forward it to other cypherpunks lists :0 c !cypherpunks at netcom.com cypherpunks at toad.com # send it to all local subscribers :0 c !majordomo -some -arguments # store the checksum and message-id for honesty verification (see below) :0 |accounting } # suSCRibe/unsuSCRibe recipes go here This scheme ensures that the list is run in a cooperative fashion and can be maintained by a number of individuals without any one of them having an expensive internet connection or being "in charge". It also ensures that even if one node fails, traffic can be re-routed to other nodes. Just as well, it ensures that any attempts of cheating will be noticed: it is easy to write a bot that would subscribe to all of these lists and see if any messages get "lost". Users can send their articles to only one node, or, if they feel paranoid, to several nodes at once. All we need is to make sure that all Message-IDs of outgoing messages are unique at every node. Honesty verification: I suppose that there may be some more elaborate, crypto-based schemes to control and monitor article distribution. For example, there can be another list, cypherpunks-control, where each of the nodes posts a publicly available signed summary of checksums of articles that went through, and individual users would be able (with the help of s simple client program) to verify that 1) They received these articles 2) That summaries received from all nodes are identical 3) That all articles were received by all nodes They do not HAVE to do it, but they can if they want. If they do, there will be no way for list maintainers to censor anything. If a node goes down or if the users' verification scripts indicate a potential for cheating, they can resubscribe to some other node and let everyone else know what's going on. My proposal strikes me as fairly simple and potentially workable. Even though 90% of the users will never get to usnig the verification mechanism, it will ensure honesty. Note also that this mechanism is a gross simplification of the way USENET works, so some may vouch for a usenet group instead. Your opinions will be appreciated. - Igor. From roach_s at alph.swosu.edu Mon Feb 3 19:27:47 1997 From: roach_s at alph.swosu.edu (Sean Roach) Date: Mon, 3 Feb 1997 19:27:47 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040327.TAA12103@toad.com> At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: ... >Another lesson is the danger of choke points. We can see how >tempting it is for people to exercise their control. Even John Gilmore >was unable to restrain himself from involuntary social engineering >experiments. Who would we have considered to be more trustworthy? > >Toad.com is a choke point, not just in terms of moderation but in >terms of the rate at which it can distribute messages. Let's >replace it. > >What we want are many machines carrying the cypherpunks list. A >message posted to any machine goes to all of the others. Each >machine sends messages to its subscribers only once. Some of >these machines should be across borders. > >The mail loop and multiple posting problems are solved by observing >the message IDs. > >Fast implementation: use moderated mailing list software. Put a >filter in the .forward file of the "moderator" account which looks >at the message ID and forwards the message if it hasn't been seen >already. The mailing list machines all subscribe each other. ... What you are suggesting is reminiscent of IRC. Except, I think that each IRC network has a central computer which could be controlled. On your idea for fast implementation, this could be hacked by would-be censors. A message comes into the list, the censor sees that the post is from a regular enemy. The censor then copies the header information onto a new message, one containing garbage, or snippets from old posts, reads the new post to see if it is acceptable, and if it is, adds a new header, probably only the time would be changed, and transmits it out. If the would be censor was the sysop of a machine near the origin of the message, and if the censor operated the censorship either by bots, or monitored the feed 24 hours a day, (not likely), then the actual message would get to few. From thad at hammerhead.com Mon Feb 3 19:29:39 1997 From: thad at hammerhead.com (Thaddeus J. Beier) Date: Mon, 3 Feb 1997 19:29:39 -0800 (PST) Subject: GAK cracking? Message-ID: <199702040329.TAA28399@hammerhead.com> TIS's press releases, and the article in the paper, imply that TIS has been approved for 128 bit (uncrackable, except by prior arrangement) cryptography...not just 56 bit. They say, and they should know, that you can export 56 bits now with just a "plan" of key escrow, and that you can export more if you have a system... which, what do you know, they have! thad -- Thaddeus Beier thad at hammerhead.com Visual Effects Supervisor 408) 287-6770 Hammerhead Productions http://www.got.net/people/thad From cbarnett at eciad.bc.ca Mon Feb 3 19:38:41 1997 From: cbarnett at eciad.bc.ca (Clint Barnett) Date: Mon, 3 Feb 1997 19:38:41 -0800 (PST) Subject: Getting into MIT is impossible In-Reply-To: <199701290659.WAA21869@toad.com> Message-ID: wasn't Dolph Lundgren an MIT grad? I seem to remember something about him having a degree in Chemical Engineering or something along those lines. clint barnett lord of the cosmos emily carr institute On Wed, 29 Jan 1997, Anonymous wrote: > > > According to Rick Osborne: > > "I disagree and can speak from experience. I was denied admission to MIT > even thought I had a 3.82 GPA, 1440 SAT (one try), and had taken 9 AP tests > with two 5's, four 4's, two 3's, and one 2. As for being well-rounded, I > was on several academic teams, sang in Chorus, acted and stage managed in > Drama, and played Tennis." > > People get into MIT--or don't get into MIT--for lots of reasons. Most > intelligent people apply to several schools, knowing that admissions > practices are subject to the vagaries of reality. > > In my case, my SATs were about 1500, with some 800s in achievement tests. > And the usual bullshit high school clubs, political offices, etc. etc. I > was accepted by MIT, but not by Caltech. I didn't lose any sleep over the > way things turned out. > > And I decided not to go to MIT, either. > > "The only thing I didn't have that the next MIT applicant had was money. I > made the mistake of letting them know that I was dirt poor and would need > full aid/grants/etc, and to quote "The Great Escape" it was "Zzzt! To the > Russian front!"" > > My guess is that "other factors" were involved. > > I noted with some interest, but little surprise, that the guy claiming MIT > required a 4.0 GPA and a 1600 combined SAT score could barely spell, and > had major problems making a coherent point. Methinks this is why MIT > rejected him, not his lack of a "1600." > > ">For what it's worth, I wanted to go to MIT my sophomore year in high > >school, too > > "Lucky you. It had been a dream of mine since I was an annoying > overachiever of 6. Sux to be white trash, I guess." > > MIT offered me a substantial economic aid package, in the form of loans, > grants, and various campus jobs. What does this tell you? > > "MIT may be a great school, but they tend to be snooty assholes for the most > part. (DISCLAIMER: Not all MIT grads/attendees are necessarily "snooty > assholes", I'm just saying that I've yet to meet one that wasn't.) > > I've known about a dozen or so MIT grads, and only one of them was a snooty > asshole, and it was a _she_, one of the first MIT women grads (and she was > _very_ impressed by this). > > Most MIT grads are perfectly reasonable. > > Xanthar > > > > > -- > From jimbell at pacifier.com Mon Feb 3 19:45:44 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 19:45:44 -0800 (PST) Subject: Embarrass a Marylander, Go to Jail Message-ID: <199702040345.TAA03330@mail.pacifier.com> At 08:04 PM 2/3/97 -0500, Robert Hettinga wrote: > >--- begin forwarded text > Excerpted from... > > ============================================================= > AOP Bulletin Friday, February 3, 1997 Volume 97:05 > ============================================================= > > The following is information distributed to members of the > Association of Online Professionals and others involved in the > online communications industry. Contacts and other information > about AOP may be found at http://www.aop.org. > > > ***************************************************** > Maryland Recycles Law On "Annoying" E-Mail > ***************************************************** > > A Maryland bill that would make it illegal to send "annoying" or > "embarrassing" e-mail was introduced this week by Democratic General > Assembly member Samuel Rosenberg. I would find any email "annoying" that supported such a bill. Maybe we ought to send emails to Rosenberg, stating that we find his entire proposal "annoying," and ask him when he's going to turn himself in for his misdeeds. Another good argument for AP. Jim Bell jimbell at pacifier.com From jimbell at pacifier.com Mon Feb 3 19:45:49 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 19:45:49 -0800 (PST) Subject: GAK cracking? Message-ID: <199702040345.TAA03337@mail.pacifier.com> At 10:45 AM 2/3/97 -0500, tmcghan at gill-simpson.com wrote: >But under a controversial new Clinton administration policy that took >effect Jan. 1, companies may receive permission to export stronger >programs. > >"I'm happy that we've been able to do this within the first month >without rancor or difficulty," Under Secretary of Commerce for Export >Administration William Reinsch told Reuters in a telephone interview. > >To export stronger programs immediately, companies must agree to >incorporate features within two years allowing the government to >decode encrypted messages by recovering the software keys, however. This ought to be challengeable. (equal-protection violation?) And while the government's actions are normally phrased in this way, another way to describe them is to argue that the government is: 1. Wanting a product or service to be developed. 2. Wants private companies to do this. 3. Wants to do so without Congress appropriating the money. (And they're doing it by, in effect, "paying" for it by allowing certain companies to export freely, with the requirement that the company does the work "gratis".) 4. Wants to do so without any sort of competitive bidding process. (The terms of the contract have not gone through any of the normal procedures.) I assume there are laws and/or rules which prohibit exactly this kind of behavior. Would it be possible to file a lawsuit, and then file for an injunction to prevent this de-facto deal from going through? Might this constitute an anti-trust violation, because multiple companies are acting in concert to restrict access to the foreign crypto market by agreeing to develop ONLY A CERTAIN KIND OF ENCRYPTION, namely GAKked encryption? Jim Bell jimbell at pacifier.com From froomkin at law.miami.edu Mon Feb 3 19:46:46 1997 From: froomkin at law.miami.edu (Michael Froomkin - U.Miami School of Law) Date: Mon, 3 Feb 1997 19:46:46 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702031455.GAA25476@toad.com> Message-ID: I agree with two of Tim's points. I express no opinion about the others, except that I think these are the two most important. (1) I agree with Tim that as a matter of principle, it would be preferable to create a new moderated list, with a similar but distinguishable name, and leave the existing list as it was. I happen to think less turns on this than does Tim, given the opportunity to exercise truth-in-labeling, but it seems to me that because the cost of this approach is zero, and it has real benefits in the eyes of some, it's a no-brainer. I expect that I would subscribe to the filtered version. If someone is really worried that the new list will be too low traffic (please, G*d), they can send an automatic ballot to all subscribers, USENET style,asking what list(s) they want to be on. My own view is that if you are not ready, willing or able to read and follow a periodic posting explaining how to sign on/off various lists (and I assume there should and would be one), I am willing to take the risk of missing your input. (2) Much to my surprise, so far moderation is a failure. I think it is a failure because it achieves neither of the moderation "sweet spots". No moderation is one "sweet spot". Strict moderation -- the kind you get on RISKS, where you know nearly every post is on-topic or at least worth your time -- is another. This is neither. My clumsy procmail filters are almost as busy as ever. What slips through is largely duplicative of what I get from other lists, or is not to my taste. (NB *my taste*.) And it gets here slower. It's true that the venom from anonymous remailers is gone, and that is a plus, but even so little of what slips through is of interest modulo other lists. I happen to think that *stricter* moderation might lure back some of the better content-providers, but it would help to set it up in a manner that offends the smallest possible number. As Oscar Wilde either said, or should have said, the worst crime is to be boring. PS. New members of the list may justly ask, where does he get off calling the posters he doesn't killfile bores? I stopped posting a lot to the list some time ago, back when I decided my energies were better spent writing long stuff (see my web page) and playing with my kids. I kept reading the list primarily to read the work of about six people -- and Tim was one of them. A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin at law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here. From gbroiles at netbox.com Mon Feb 3 19:53:53 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Mon, 3 Feb 1997 19:53:53 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <3.0.1.32.19970203195901.006ea230@mail.io.com> At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: >Moderation has been a failure. I'm pretty good at filtering and I >can sadly report that there is very little signal out there. I don't think it's reasonable to expect an increase in signal within 2 1/2 weeks of the start of moderation. Improvement in the s/n ratio, yes. But (at least if my speculation is correct), the good posts driven away by bad posts (because some good authors are too busy to wade through lots of crap, and some good authors are reluctant to publish their work amidst crap) would take a much longer time to return. (I'm working on a message re moderation and the list which will better explain what I think about that - but I'm not trying to argue, above, that we *must* have moderation for a long time - simply that it's too early to call it a failure for failing to significantly increase the number of useful messages.) >There are lessons to be learned here. One is that censorship does >not promote a stimulating and creative dialogue. No, that is a silly lesson to draw from this experiment. There are lots of useful and interesting "moderated" (on paper, it's called "editing") publications/lists/digests where the content is intentionally controlled for content and style. This particular implementation is imperfect. However, just as it would be overreaching to conclude from the relative uselessness of the pre-moderation list that "every list must be moderated, unmoderated lists cannot succeed", it overreaches to conclude from the current results that moderated lists cannot succeed. >Toad.com is a choke point, not just in terms of moderation but in >terms of the rate at which it can distribute messages. Let's >replace it. > >What we want are many machines carrying the cypherpunks list. A >message posted to any machine goes to all of the others. Each >machine sends messages to its subscribers only once. Some of >these machines should be across borders. > >The mail loop and multiple posting problems are solved by observing >the message IDs. I think you misspelled "Usenet". Hope this helps. Seriously, if you want a distributed no-choke-points "flooding" message distribution system, you're talking about Usenet. Robust software exists for clients and servers, and it's already supported worldwide on many operating systems. No need to write more software to graft that functionality onto E-mail. If the list is going to turn into Usenet (we've already got most of Usenet's better kooks), we might as well just move the damn thing over to alt.cypherpunks and be done with it. (Anyone care to guess who founded alt.* as a way to route around censorship?) (Of course, Usenet is a technical success and a spectacular failure, content-wise. So opponents of moderation will be forgiven for failing to mention this sparkling example of an unmoderated, anything-goes forum for discussion.) -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From lwjohnson at grill.sk.ca Mon Feb 3 20:06:29 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 20:06:29 -0800 (PST) Subject: Let Paranoia Be Your Watchword... In-Reply-To: Message-ID: <32F6CAEF.7508@grill.sk.ca> Declan McCullagh wrote: > > Of course, the mind-flayers of the NSA might have altered every version of > PGP 2.1! Let paranoia be your watchword... My uncle says that sometimes (your last sentence). Maybe he got it from you? He keeps your messages in a dir called NotADork. This is the one he keeps track the size of by bytes. He says that he keeps track of the size of his Dorks dir by wieghing it on the bathroom scale. (This is a compliment5 to you.) > I wouldn't be so quick to rule out the possibility of you being "a real > lamer," if I were you. I don't. I let _lamer_ be my watchword... Everyones a lamer, sometimes. A "real lamer" is a lamer all the time. Cypherpunks have some guys who talk real intelligent with a lot of words but when you read it all, you can tell that their full-time lamers instead of just ocassional ones. Your hardly ever a lamer. From lwjohnson at grill.sk.ca Mon Feb 3 20:06:30 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 20:06:30 -0800 (PST) Subject: PGP 2.1 Reasons In-Reply-To: <199702022225.OAA03367@toad.com> Message-ID: <32F6D1E4.19D6@grill.sk.ca> Mark Henderson wrote: > > I've heard this rumour before. I didnt hear any rumor or anything. It just makes sense to me to be paranoid like Mr. Zimmerman said. Besides, my uncles friends write cryptagraphy for government guys and big businesses and they mostly use 2.1 and 2.3 instead of the stuff they write. They say the code for the new stuff (PGP) is ok but there are too many funny-stuff programs being written that mess with it but that nobody is bothering to write funny-stuff to mess with the old versions. They say the same thing about their own stuff that they are writing. > Of course, feel free not to trust what I say. You can look at the > source code yourself. But from what I've seen, you'll be better off > with the latest version. I cant read code real good, so i just listen to the best guys I know to know how paraniod to be. > The world is a strange and dangerous place. "No shit, Sherlock!" Thats what we say on my lists when people say stuff that nobody should forget. I think a lot of the cypherpunks forgot the stuff that they put at the end of their messages since they dont do it. Thanks for writing me. Your polite and helpful. Mutatis Mutantdis wrote:> Well, start thinking.... My uncle says I must be a cryptagrapher because I think in random umbers. Then he laughs. Marcus Butler wrote: If you are going to be that paranoid about things, you should not use anything you did not write yourself, afterall, even the cypherpunks list could be an elaborate government scheme to lull people into using PGP and similar technologies (JJ). I dont write good code yet. My uncle and his friends say that the government guys couldnt ever do what they wanted with the cypherpunks because of the shit-disturbers on the list but that the big business guys who want to own the list to themselves will do what the government guys couldnt do. (They ought to know cause some of them are the government guys who watch the cypherpunks. I know cause they let me drink Scotch with them.) From lwjohnson at grill.sk.ca Mon Feb 3 20:08:12 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Mon, 3 Feb 1997 20:08:12 -0800 (PST) Subject: PGP 2.1 In-Reply-To: <199702022225.OAA03367@toad.com> Message-ID: <32F6C659.2B24@grill.sk.ca> Mark Henderson wrote: > > I've heard this rumour before. I didnt hear any rumor or anything. It just makes sense to me to be paranoid like Mr. Zimmerman said. Besides, my uncles friends write cryptagraphy for government guys and big businesses and they mostly use 2.1 and 2.3 instead of the stuff they write. They say the code for the new stuff (PGP) is ok but there are too many funny-stuff programs being written that mess with it but that nobody is bothering to write funny-stuff to mess with the old versions. They say the same thing about their own stuff that they are writing. > Of course, feel free not to trust what I say. You can look at the > source code yourself. But from what I've seen, you'll be better off > with the latest version. I cant read code real good, so i just listen to the best guys I know to know how paraniod to be. > The world is a strange and dangerous place. "No shit, Sherlock!" Thats what we say on my lists when people say stuff that nobody should forget. I think a lot of the cypherpunks forgot the stuff that they put at the end of their messages since they dont do it. Thanks for writing me. Your polite and helpful. From jimbell at pacifier.com Mon Feb 3 20:11:16 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 20:11:16 -0800 (PST) Subject: Embarrass a Marylander, Go to Jail Message-ID: <199702040411.UAA13267@toad.com> At 08:04 PM 2/3/97 -0500, Robert Hettinga wrote: > >--- begin forwarded text > Excerpted from... > > ============================================================= > AOP Bulletin Friday, February 3, 1997 Volume 97:05 > ============================================================= > > The following is information distributed to members of the > Association of Online Professionals and others involved in the > online communications industry. Contacts and other information > about AOP may be found at http://www.aop.org. > > > ***************************************************** > Maryland Recycles Law On "Annoying" E-Mail > ***************************************************** > > A Maryland bill that would make it illegal to send "annoying" or > "embarrassing" e-mail was introduced this week by Democratic General > Assembly member Samuel Rosenberg. I would find any email "annoying" that supported such a bill. Maybe we ought to send emails to Rosenberg, stating that we find his entire proposal "annoying," and ask him when he's going to turn himself in for his misdeeds. Another good argument for AP. Jim Bell jimbell at pacifier.com From cbarnett at eciad.bc.ca Mon Feb 3 20:11:17 1997 From: cbarnett at eciad.bc.ca (Clint Barnett) Date: Mon, 3 Feb 1997 20:11:17 -0800 (PST) Subject: Getting into MIT is impossible Message-ID: <199702040411.UAA13268@toad.com> wasn't Dolph Lundgren an MIT grad? I seem to remember something about him having a degree in Chemical Engineering or something along those lines. clint barnett lord of the cosmos emily carr institute On Wed, 29 Jan 1997, Anonymous wrote: > > > According to Rick Osborne: > > "I disagree and can speak from experience. I was denied admission to MIT > even thought I had a 3.82 GPA, 1440 SAT (one try), and had taken 9 AP tests > with two 5's, four 4's, two 3's, and one 2. As for being well-rounded, I > was on several academic teams, sang in Chorus, acted and stage managed in > Drama, and played Tennis." > > People get into MIT--or don't get into MIT--for lots of reasons. Most > intelligent people apply to several schools, knowing that admissions > practices are subject to the vagaries of reality. > > In my case, my SATs were about 1500, with some 800s in achievement tests. > And the usual bullshit high school clubs, political offices, etc. etc. I > was accepted by MIT, but not by Caltech. I didn't lose any sleep over the > way things turned out. > > And I decided not to go to MIT, either. > > "The only thing I didn't have that the next MIT applicant had was money. I > made the mistake of letting them know that I was dirt poor and would need > full aid/grants/etc, and to quote "The Great Escape" it was "Zzzt! To the > Russian front!"" > > My guess is that "other factors" were involved. > > I noted with some interest, but little surprise, that the guy claiming MIT > required a 4.0 GPA and a 1600 combined SAT score could barely spell, and > had major problems making a coherent point. Methinks this is why MIT > rejected him, not his lack of a "1600." > > ">For what it's worth, I wanted to go to MIT my sophomore year in high > >school, too > > "Lucky you. It had been a dream of mine since I was an annoying > overachiever of 6. Sux to be white trash, I guess." > > MIT offered me a substantial economic aid package, in the form of loans, > grants, and various campus jobs. What does this tell you? > > "MIT may be a great school, but they tend to be snooty assholes for the most > part. (DISCLAIMER: Not all MIT grads/attendees are necessarily "snooty > assholes", I'm just saying that I've yet to meet one that wasn't.) > > I've known about a dozen or so MIT grads, and only one of them was a snooty > asshole, and it was a _she_, one of the first MIT women grads (and she was > _very_ impressed by this). > > Most MIT grads are perfectly reasonable. > > Xanthar > > > > > -- > From thad at hammerhead.com Mon Feb 3 20:11:31 1997 From: thad at hammerhead.com (Thaddeus J. Beier) Date: Mon, 3 Feb 1997 20:11:31 -0800 (PST) Subject: GAK cracking? Message-ID: <199702040411.UAA13277@toad.com> TIS's press releases, and the article in the paper, imply that TIS has been approved for 128 bit (uncrackable, except by prior arrangement) cryptography...not just 56 bit. They say, and they should know, that you can export 56 bits now with just a "plan" of key escrow, and that you can export more if you have a system... which, what do you know, they have! thad -- Thaddeus Beier thad at hammerhead.com Visual Effects Supervisor 408) 287-6770 Hammerhead Productions http://www.got.net/people/thad From blancw at MICROSOFT.com Mon Feb 3 20:12:07 1997 From: blancw at MICROSOFT.com (Blanc Weber) Date: Mon, 3 Feb 1997 20:12:07 -0800 (PST) Subject: Govt & cyberspace Message-ID: <88CE23A0B727D0118BB000805FD47524AF3DAB@RED-81-MSG> Comments From: Steve Schear (in response to Vladimir Nuri-logical) Even better, this [govmt "tech envy"] is an opportunity to choke off all, or certainly increased, funding in order to hasten its [govmt] collapse. ...&... Don't improve it, remove it! ...&... Democracy is not without its significant shortcomings. If you doubt this read Tocquevelle. ........................................ Very pertinent suggestions. Anyone who knows his history on the list knows how Nuri-logical looks forward to the collapse of governments and is especially fond of reading Tocqueville. .. Blanc From jimbell at pacifier.com Mon Feb 3 20:13:01 1997 From: jimbell at pacifier.com (jim bell) Date: Mon, 3 Feb 1997 20:13:01 -0800 (PST) Subject: GAK cracking? Message-ID: <199702040413.UAA13311@toad.com> At 10:45 AM 2/3/97 -0500, tmcghan at gill-simpson.com wrote: >But under a controversial new Clinton administration policy that took >effect Jan. 1, companies may receive permission to export stronger >programs. > >"I'm happy that we've been able to do this within the first month >without rancor or difficulty," Under Secretary of Commerce for Export >Administration William Reinsch told Reuters in a telephone interview. > >To export stronger programs immediately, companies must agree to >incorporate features within two years allowing the government to >decode encrypted messages by recovering the software keys, however. This ought to be challengeable. (equal-protection violation?) And while the government's actions are normally phrased in this way, another way to describe them is to argue that the government is: 1. Wanting a product or service to be developed. 2. Wants private companies to do this. 3. Wants to do so without Congress appropriating the money. (And they're doing it by, in effect, "paying" for it by allowing certain companies to export freely, with the requirement that the company does the work "gratis".) 4. Wants to do so without any sort of competitive bidding process. (The terms of the contract have not gone through any of the normal procedures.) I assume there are laws and/or rules which prohibit exactly this kind of behavior. Would it be possible to file a lawsuit, and then file for an injunction to prevent this de-facto deal from going through? Might this constitute an anti-trust violation, because multiple companies are acting in concert to restrict access to the foreign crypto market by agreeing to develop ONLY A CERTAIN KIND OF ENCRYPTION, namely GAKked encryption? Jim Bell jimbell at pacifier.com From nobody at zifi.genetics.utah.edu Mon Feb 3 20:23:35 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 20:23:35 -0800 (PST) Subject: Dissolving Choke Points In-Reply-To: Message-ID: <199702040423.VAA14422@zifi.genetics.utah.edu> pdh at best.com (Peter Hendrickson) writes: > What we want are many machines carrying the cypherpunks list. A > message posted to any machine goes to all of the others. Each > machine sends messages to its subscribers only once. Some of > these machines should be across borders. Ever heard of Usenet? It works exactly like that... From froomkin at law.miami.edu Mon Feb 3 20:26:33 1997 From: froomkin at law.miami.edu (Michael Froomkin - U.Miami School of Law) Date: Mon, 3 Feb 1997 20:26:33 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702040426.UAA13722@toad.com> I agree with two of Tim's points. I express no opinion about the others, except that I think these are the two most important. (1) I agree with Tim that as a matter of principle, it would be preferable to create a new moderated list, with a similar but distinguishable name, and leave the existing list as it was. I happen to think less turns on this than does Tim, given the opportunity to exercise truth-in-labeling, but it seems to me that because the cost of this approach is zero, and it has real benefits in the eyes of some, it's a no-brainer. I expect that I would subscribe to the filtered version. If someone is really worried that the new list will be too low traffic (please, G*d), they can send an automatic ballot to all subscribers, USENET style,asking what list(s) they want to be on. My own view is that if you are not ready, willing or able to read and follow a periodic posting explaining how to sign on/off various lists (and I assume there should and would be one), I am willing to take the risk of missing your input. (2) Much to my surprise, so far moderation is a failure. I think it is a failure because it achieves neither of the moderation "sweet spots". No moderation is one "sweet spot". Strict moderation -- the kind you get on RISKS, where you know nearly every post is on-topic or at least worth your time -- is another. This is neither. My clumsy procmail filters are almost as busy as ever. What slips through is largely duplicative of what I get from other lists, or is not to my taste. (NB *my taste*.) And it gets here slower. It's true that the venom from anonymous remailers is gone, and that is a plus, but even so little of what slips through is of interest modulo other lists. I happen to think that *stricter* moderation might lure back some of the better content-providers, but it would help to set it up in a manner that offends the smallest possible number. As Oscar Wilde either said, or should have said, the worst crime is to be boring. PS. New members of the list may justly ask, where does he get off calling the posters he doesn't killfile bores? I stopped posting a lot to the list some time ago, back when I decided my energies were better spent writing long stuff (see my web page) and playing with my kids. I kept reading the list primarily to read the work of about six people -- and Tim was one of them. A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin at law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here. From gbroiles at netbox.com Mon Feb 3 20:26:37 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Mon, 3 Feb 1997 20:26:37 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040426.UAA13731@toad.com> At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: >Moderation has been a failure. I'm pretty good at filtering and I >can sadly report that there is very little signal out there. I don't think it's reasonable to expect an increase in signal within 2 1/2 weeks of the start of moderation. Improvement in the s/n ratio, yes. But (at least if my speculation is correct), the good posts driven away by bad posts (because some good authors are too busy to wade through lots of crap, and some good authors are reluctant to publish their work amidst crap) would take a much longer time to return. (I'm working on a message re moderation and the list which will better explain what I think about that - but I'm not trying to argue, above, that we *must* have moderation for a long time - simply that it's too early to call it a failure for failing to significantly increase the number of useful messages.) >There are lessons to be learned here. One is that censorship does >not promote a stimulating and creative dialogue. No, that is a silly lesson to draw from this experiment. There are lots of useful and interesting "moderated" (on paper, it's called "editing") publications/lists/digests where the content is intentionally controlled for content and style. This particular implementation is imperfect. However, just as it would be overreaching to conclude from the relative uselessness of the pre-moderation list that "every list must be moderated, unmoderated lists cannot succeed", it overreaches to conclude from the current results that moderated lists cannot succeed. >Toad.com is a choke point, not just in terms of moderation but in >terms of the rate at which it can distribute messages. Let's >replace it. > >What we want are many machines carrying the cypherpunks list. A >message posted to any machine goes to all of the others. Each >machine sends messages to its subscribers only once. Some of >these machines should be across borders. > >The mail loop and multiple posting problems are solved by observing >the message IDs. I think you misspelled "Usenet". Hope this helps. Seriously, if you want a distributed no-choke-points "flooding" message distribution system, you're talking about Usenet. Robust software exists for clients and servers, and it's already supported worldwide on many operating systems. No need to write more software to graft that functionality onto E-mail. If the list is going to turn into Usenet (we've already got most of Usenet's better kooks), we might as well just move the damn thing over to alt.cypherpunks and be done with it. (Anyone care to guess who founded alt.* as a way to route around censorship?) (Of course, Usenet is a technical success and a spectacular failure, content-wise. So opponents of moderation will be forgiven for failing to mention this sparkling example of an unmoderated, anything-goes forum for discussion.) -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From nobody at zifi.genetics.utah.edu Mon Feb 3 20:30:32 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 20:30:32 -0800 (PST) Subject: Moderation [Tim,Sandy] In-Reply-To: <199702032348.XAA00259@server.test.net> Message-ID: <199702040430.VAA14550@zifi.genetics.utah.edu> Adam Back writes: > Lucky Green writes: > > I believe that Cypherpunks is beyond hope of recovery. In fact, each day > > Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the > > cause. Let's kill the list. Once and for all. Let the hard core crypto go > > to Coderpunks, the politics to Cryptography, and the garbage into the void. > > What about the leaks? (rc4.c, Mykotronics dumpster contents, etc) > Where do they go? How about sci.crypt, where they usually go before being forwarded to cypherpunks? From dlv at bwalk.dm.com Mon Feb 3 20:50:22 1997 From: dlv at bwalk.dm.com (Dr.Dimitri Vulis KOTM) Date: Mon, 3 Feb 1997 20:50:22 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702040139.TAA01626@manifold.algebra.com> Message-ID: <8N3k2D1w165w@bwalk.dm.com> ichudov at algebra.com (Igor Chudov @ home) writes: > Adam Back wrote: > > > > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As > > an aside, it is ironic that John Gilmore was the guy who started the > > alt.* USENET hierarchy, specifically to facilitate freedom of speech). > > > > An interesting idea. John Gilmore of EFF is a liar and a hypocrite who likes to claim credit for other people's accomplishments. He had nothing whatsoever to do with the creation of the alt.* Usenet hierarchy. Gilmore is a liar and a censor. On the other hand, creating an alt.cypherpunks sounds like a more robust idea than yet another mailing list. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps From kent at songbird.com Mon Feb 3 21:19:57 1997 From: kent at songbird.com (Kent Crispin) Date: Mon, 3 Feb 1997 21:19:57 -0800 (PST) Subject: what's in a name? In-Reply-To: <199702040140.RAA09183@toad.com> Message-ID: <199702040623.WAA29603@songbird.com> Wei Dai allegedly said: > > I've stayed out of the debate about list moderation so far, but a recent > post from tmcghan at gill-simpson.com reminds me of something I've been > thinking about. An interesting way to look at what happened is that John > Gilmore owns the name "cypherpunks at toad.com" and has chosen to exercise > that ownership. Even though those of us who disagree with the way he has > done so are free to leave and set up our own mailing list, it is costly to > do so, and the problem of central name ownership remains. List > subscribers have made investments that are specific to the name > "cypherpunks at toad.com", and most of the cost of switching to a new list is > in the new investments they would have to (re)make. The fact is that a > promise of no censorship is not enough incentive for us to do so. > > I suspect that the hierarchical nature of name ownership on the Internet > today will be an important technological barrier for the establishment of > truly anarchic virtual communities. Unless this problem is solved, the > closest we'll come is pseudo-anarchies that exist with the tolerance of > beneficent dictators. While the name hierarchy may have some effect similar to what you suggest, I think the real issue is more likely economic hierarchy -- toad.com is a name of some value, true, but toad.com is also a T1 connection and some compute power that many people simply can't afford. -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From kent at songbird.com Mon Feb 3 21:22:37 1997 From: kent at songbird.com (Kent Crispin) Date: Mon, 3 Feb 1997 21:22:37 -0800 (PST) Subject: concerning Ben Franklin In-Reply-To: <199702040155.RAA09584@toad.com> Message-ID: <199702040625.WAA29629@songbird.com> David Farber allegedly said: > > My favorate Ben Franklin quote is > > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." - Ben Franklin, ~1784 In the constitutional convention a property requirement for voting was discussed. Franklin said "A man owns an ass; he can vote. The ass dies; he cannot vote. Who owns the vote?" (I may not have quoted it precisely.) -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From blancw at MICROSOFT.com Mon Feb 3 21:25:58 1997 From: blancw at MICROSOFT.com (Blanc Weber) Date: Mon, 3 Feb 1997 21:25:58 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <88CE23A0B727D0118BB000805FD47524AF3DAC@RED-81-MSG> From: Vladimir Z. Nuri, in his Ruskie disguise: hi timmy, a word to the wise: it amuses me that whenever I referred to a cypherpunk "community" my eyebrows were flamed off, by people who claimed there was no such thing. a community has certain properties, many of which I believe the cypherpunks "crowd" has always lacked. ...................................... LD, when you say "community" it means something else than when others do. When the cpunks said "community" they meant the camaraderie which develops in the company of people with similar interests. When you say it, it means a group of people stuck to each other by rules of order and socialization, with boundary lines predetermining the limits of their arena. The cpunks had intended that everyone would self-determine the extent or limits of their interactions, thus arriving at a sense of "community" from the decision to do so, rather than from being squeezed along through "proper" channels. == one aspect of the "crowd" that is lacking is LEADERSHIP. I have pointed this out again and again. the cpunks believe that leadership is no longer relevant in a digital society, somehow. the list is in the shape it is in because of POOR LEADERSHIP.. neither you nor EH care about what LEADERSHIP entails, or wish to exert the sacrifices that it requires. ............................... Typically, people who yell for LEADERSHIP are those who either need it themselves or are eager to supply it for others - i.e., to determine the course of events. Which one of these categories do you yourself fall into? == <<* The proper solution to bad speech is more speech, not censorship. ah, so everyone should post 5 messages to the list, instead of 1, and those that are quite should post 3. ........................................ I would more precisely say that the solution to bad speech is better speech, thus eliminating the need for 5 messages when 1 will do. YMMV. Do you think this would hold up in reality? == quite an elegant solution. do you see how the silly rhetoric fails to hold up in reality? when will you get a clue about where your own views are really leading you? ................................ You're starting to sound like Ayn Rand. (heh) .. Blanc From blancw at MICROSOFT.com Mon Feb 3 21:29:25 1997 From: blancw at MICROSOFT.com (Blanc Weber) Date: Mon, 3 Feb 1997 21:29:25 -0800 (PST) Subject: Filling Power Vacuums Message-ID: From: Vladimir Z. Nuri, filling in for Mother Theresa: timmy, I encourage you to understand that leadership is not inherently evil. there are enlightened ways to lead people that leave the group better as a whole. you just fell into the trap of "negative leadership", the dark side of the force as you write. imho, however, there is a light side of the force that still involves leadership. ................................................. Well, thank you, Master Yoda ! :>) Not speaking for Tim (I doubt he will answer you, anyway), but he *has* supplied leadership. Leaders can lead by example, and also by the clarity of thought & ideas which they present. I think he has quite often supplied such qualities in his posts, and this has contributed greatly to the atmosphere of anarchic "community". Speaking of leadeship, though, to "lead" implies that there is a place to go, and that the leader is the one at the head of the pack, indicating the proper direction (this would be the opposite of what anarchists want, since they would be going not toward, but away from, something). If leadership is defined to mean setting a course for people who lack direction, this implies the existence of followers who are willing to be led into places and to adopt methodologies when they don't know what else to do; that they will follow a leader who will supply structure and purpose to their indecisive condition. This does place a lot of responsibility upon a leader, then, for setting the goal, the course, and the methodology. That's a lot of formality to impose; too much, when you're only exchanging ideas rather than formally setting out to accomplish something specific (like by a particular time & date). Is it Time for the Revolution? .. Blanc From kent at songbird.com Mon Feb 3 21:33:38 1997 From: kent at songbird.com (Kent Crispin) Date: Mon, 3 Feb 1997 21:33:38 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702040126.RAA08926@toad.com> Message-ID: <199702040636.WAA29734@songbird.com> Scott V. McGuire allegedly said: [...] > I didn't change my subscription from the filtered to > the unfiltered list because I expected this to end in a month and I was > willing to participate in the experiment. You can't ask someone to try > something for a month to see if they like it and call there use of it in > that month evidence that they like it. I agree. But there is more. As much as anything else, I didn't change lists because of inertia and laziness. I suspect that most people are like me in this regard. I suspect that if the tactic had been to require people to subscribe to the moderated list we would see just the reverse of the current numbers. In fact, in the interests of fairness, integrity, and adherence to the scientific method, I suggest that after this month trial has passed that we reverse the lists, and see how many change to the moderated list. [snip] > Sandy, you said that you thought the list had improved since you began > moderating. How could you think otherwise? When you send an article to > the flames list its because you think the list would have been worse > otherwise. I don't think the moderators opinion should be considered in > determining if moderation is a good thing. I think there is a conflict of > interest there. Absolutely no doubt that there is a conflict of interest. In Sandy's shoes a saint couldn't be objective. -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From nobody at zifi.genetics.utah.edu Mon Feb 3 21:38:51 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 21:38:51 -0800 (PST) Subject: [PCS] Fighting the cyber-censors Message-ID: <199702040538.WAA16306@zifi.genetics.utah.edu> Dumbbell Vindictive styles his facial hair to look more like pubic hair. D\___/\ (0_o) Dumbbell Vindictive (V) ---oOo--U--oOo--- From nobody at zifi.genetics.utah.edu Mon Feb 3 21:40:47 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 21:40:47 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040540.VAA15692@toad.com> pdh at best.com (Peter Hendrickson) writes: > What we want are many machines carrying the cypherpunks list. A > message posted to any machine goes to all of the others. Each > machine sends messages to its subscribers only once. Some of > these machines should be across borders. Ever heard of Usenet? It works exactly like that... From nobody at zifi.genetics.utah.edu Mon Feb 3 21:40:57 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 21:40:57 -0800 (PST) Subject: Moderation [Tim,Sandy] Message-ID: <199702040540.VAA15700@toad.com> Adam Back writes: > Lucky Green writes: > > I believe that Cypherpunks is beyond hope of recovery. In fact, each day > > Cypherpunk (as in cypherpunks at toad.com) lives on, it does damage to the > > cause. Let's kill the list. Once and for all. Let the hard core crypto go > > to Coderpunks, the politics to Cryptography, and the garbage into the void. > > What about the leaks? (rc4.c, Mykotronics dumpster contents, etc) > Where do they go? How about sci.crypt, where they usually go before being forwarded to cypherpunks? From kent at songbird.com Mon Feb 3 21:41:48 1997 From: kent at songbird.com (Kent Crispin) Date: Mon, 3 Feb 1997 21:41:48 -0800 (PST) Subject: concerning Ben Franklin Message-ID: <199702040541.VAA15779@toad.com> David Farber allegedly said: > > My favorate Ben Franklin quote is > > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." - Ben Franklin, ~1784 In the constitutional convention a property requirement for voting was discussed. Franklin said "A man owns an ass; he can vote. The ass dies; he cannot vote. Who owns the vote?" (I may not have quoted it precisely.) -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From kent at songbird.com Mon Feb 3 21:41:50 1997 From: kent at songbird.com (Kent Crispin) Date: Mon, 3 Feb 1997 21:41:50 -0800 (PST) Subject: what's in a name? Message-ID: <199702040541.VAA15781@toad.com> Wei Dai allegedly said: > > I've stayed out of the debate about list moderation so far, but a recent > post from tmcghan at gill-simpson.com reminds me of something I've been > thinking about. An interesting way to look at what happened is that John > Gilmore owns the name "cypherpunks at toad.com" and has chosen to exercise > that ownership. Even though those of us who disagree with the way he has > done so are free to leave and set up our own mailing list, it is costly to > do so, and the problem of central name ownership remains. List > subscribers have made investments that are specific to the name > "cypherpunks at toad.com", and most of the cost of switching to a new list is > in the new investments they would have to (re)make. The fact is that a > promise of no censorship is not enough incentive for us to do so. > > I suspect that the hierarchical nature of name ownership on the Internet > today will be an important technological barrier for the establishment of > truly anarchic virtual communities. Unless this problem is solved, the > closest we'll come is pseudo-anarchies that exist with the tolerance of > beneficent dictators. While the name hierarchy may have some effect similar to what you suggest, I think the real issue is more likely economic hierarchy -- toad.com is a name of some value, true, but toad.com is also a T1 connection and some compute power that many people simply can't afford. -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From blancw at microsoft.com Mon Feb 3 21:41:56 1997 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 3 Feb 1997 21:41:56 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702040541.VAA15787@toad.com> From: Vladimir Z. Nuri, in his Ruskie disguise: hi timmy, a word to the wise: it amuses me that whenever I referred to a cypherpunk "community" my eyebrows were flamed off, by people who claimed there was no such thing. a community has certain properties, many of which I believe the cypherpunks "crowd" has always lacked. ...................................... LD, when you say "community" it means something else than when others do. When the cpunks said "community" they meant the camaraderie which develops in the company of people with similar interests. When you say it, it means a group of people stuck to each other by rules of order and socialization, with boundary lines predetermining the limits of their arena. The cpunks had intended that everyone would self-determine the extent or limits of their interactions, thus arriving at a sense of "community" from the decision to do so, rather than from being squeezed along through "proper" channels. == one aspect of the "crowd" that is lacking is LEADERSHIP. I have pointed this out again and again. the cpunks believe that leadership is no longer relevant in a digital society, somehow. the list is in the shape it is in because of POOR LEADERSHIP.. neither you nor EH care about what LEADERSHIP entails, or wish to exert the sacrifices that it requires. ............................... Typically, people who yell for LEADERSHIP are those who either need it themselves or are eager to supply it for others - i.e., to determine the course of events. Which one of these categories do you yourself fall into? == <<* The proper solution to bad speech is more speech, not censorship. ah, so everyone should post 5 messages to the list, instead of 1, and those that are quite should post 3. ........................................ I would more precisely say that the solution to bad speech is better speech, thus eliminating the need for 5 messages when 1 will do. YMMV. Do you think this would hold up in reality? == quite an elegant solution. do you see how the silly rhetoric fails to hold up in reality? when will you get a clue about where your own views are really leading you? ................................ You're starting to sound like Ayn Rand. (heh) .. Blanc From kent at songbird.com Mon Feb 3 21:43:27 1997 From: kent at songbird.com (Kent Crispin) Date: Mon, 3 Feb 1997 21:43:27 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702040543.VAA15856@toad.com> Scott V. McGuire allegedly said: [...] > I didn't change my subscription from the filtered to > the unfiltered list because I expected this to end in a month and I was > willing to participate in the experiment. You can't ask someone to try > something for a month to see if they like it and call there use of it in > that month evidence that they like it. I agree. But there is more. As much as anything else, I didn't change lists because of inertia and laziness. I suspect that most people are like me in this regard. I suspect that if the tactic had been to require people to subscribe to the moderated list we would see just the reverse of the current numbers. In fact, in the interests of fairness, integrity, and adherence to the scientific method, I suggest that after this month trial has passed that we reverse the lists, and see how many change to the moderated list. [snip] > Sandy, you said that you thought the list had improved since you began > moderating. How could you think otherwise? When you send an article to > the flames list its because you think the list would have been worse > otherwise. I don't think the moderators opinion should be considered in > determining if moderation is a good thing. I think there is a conflict of > interest there. Absolutely no doubt that there is a conflict of interest. In Sandy's shoes a saint couldn't be objective. -- Kent Crispin "No reason to get excited", kent at songbird.com,kc at llnl.gov the thief he kindly spoke... PGP fingerprint: 5A 16 DA 04 31 33 40 1E 87 DA 29 02 97 A3 46 2F From blancw at microsoft.com Mon Feb 3 21:43:32 1997 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 3 Feb 1997 21:43:32 -0800 (PST) Subject: Filling Power Vacuums Message-ID: <199702040543.VAA15857@toad.com> From: Vladimir Z. Nuri, filling in for Mother Theresa: timmy, I encourage you to understand that leadership is not inherently evil. there are enlightened ways to lead people that leave the group better as a whole. you just fell into the trap of "negative leadership", the dark side of the force as you write. imho, however, there is a light side of the force that still involves leadership. ................................................. Well, thank you, Master Yoda ! :>) Not speaking for Tim (I doubt he will answer you, anyway), but he *has* supplied leadership. Leaders can lead by example, and also by the clarity of thought & ideas which they present. I think he has quite often supplied such qualities in his posts, and this has contributed greatly to the atmosphere of anarchic "community". Speaking of leadeship, though, to "lead" implies that there is a place to go, and that the leader is the one at the head of the pack, indicating the proper direction (this would be the opposite of what anarchists want, since they would be going not toward, but away from, something). If leadership is defined to mean setting a course for people who lack direction, this implies the existence of followers who are willing to be led into places and to adopt methodologies when they don't know what else to do; that they will follow a leader who will supply structure and purpose to their indecisive condition. This does place a lot of responsibility upon a leader, then, for setting the goal, the course, and the methodology. That's a lot of formality to impose; too much, when you're only exchanging ideas rather than formally setting out to accomplish something specific (like by a particular time & date). Is it Time for the Revolution? .. Blanc From nobody at squirrel.owl.de Mon Feb 3 21:57:27 1997 From: nobody at squirrel.owl.de (Secret Squirrel) Date: Mon, 3 Feb 1997 21:57:27 -0800 (PST) Subject: [PICS] Credentials without Identity--Race Bits Message-ID: <19970204054806.26936.qmail@squirrel.owl.de> Deflated Volcano K[rust] Of The Moment does NOT eat pussy. He only eats asshole if it's got a big dick up in front. Whoever calls him bisexual is a fucking liar. He likes to suck cocks in front of an audience. _ O O _ \-|-\_/-|-/ Deflated Volcano K[rust] Of The Moment /^\ /^\ ^^ ^^ ^^ ^^ From shamrock at netcom.com Mon Feb 3 22:06:08 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 22:06:08 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <3.0.32.19970203220420.006ecc98@192.100.81.136> At 07:59 PM 2/3/97 -0800, Greg Broiles wrote: >At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: > >>Moderation has been a failure. I'm pretty good at filtering and I >>can sadly report that there is very little signal out there. > >I don't think it's reasonable to expect an increase in signal within 2 1/2 >weeks of the start of moderation. Improvement in the s/n ratio, yes. But >(at least if my speculation is correct), the good posts driven away by bad >posts (because some good authors are too busy to wade through lots of crap, >and some good authors are reluctant to publish their work amidst crap) >would take a much longer time to return. Many good authors have already left the list and *nothing* will get them back. The only solution is to move traffic to a different list. [Ever wondered why it is called a "TAZ" and not a "PAZ"? Though, in all fairness, I there is a "SPAZ". .] -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From EALLENSMITH at ocelot.Rutgers.EDU Mon Feb 3 22:18:12 1997 From: EALLENSMITH at ocelot.Rutgers.EDU (E. Allen Smith) Date: Mon, 3 Feb 1997 22:18:12 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <01IF00D6DQPC9AN1BM@mbcl.rutgers.edu> From: IN%"roach_s at alph.swosu.edu" "Sean Roach" 4-FEB-1997 00:47:40.30 >On your idea for fast implementation, this could be hacked by would-be >censors. A message comes into the list, the censor sees that the post is >from a regular enemy. The censor then copies the header information onto a >new message, one containing garbage, or snippets from old posts, reads the >new post to see if it is acceptable, and if it is, adds a new header, >probably only the time would be changed, and transmits it out. If the would >be censor was the sysop of a machine near the origin of the message, and if >the censor operated the censorship either by bots, or monitored the feed 24 >hours a day, (not likely), then the actual message would get to few. I would suggest that the cure for this problem is to have what is examined be a cryptographically secure hash instead of (or as well as) the message ID. The hash should be over the body of the message, and possibly the sender and Subject line. Unless Lance has driven up the prices at Infonex a lot, I'd be willing to support such a server on an Infonex account. I'd _greatly_ appreciate help getting the thing started, preferably as a group endeavour (to spread the load (i.e., keep infonex from being overwhelmed), keep me from temptation, and make it less likely that a legally troublesome message would go through an account that I might be blamed for). -Allen From shamrock at netcom.com Mon Feb 3 22:26:09 1997 From: shamrock at netcom.com (Lucky Green) Date: Mon, 3 Feb 1997 22:26:09 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040626.WAA16881@toad.com> At 07:59 PM 2/3/97 -0800, Greg Broiles wrote: >At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: > >>Moderation has been a failure. I'm pretty good at filtering and I >>can sadly report that there is very little signal out there. > >I don't think it's reasonable to expect an increase in signal within 2 1/2 >weeks of the start of moderation. Improvement in the s/n ratio, yes. But >(at least if my speculation is correct), the good posts driven away by bad >posts (because some good authors are too busy to wade through lots of crap, >and some good authors are reluctant to publish their work amidst crap) >would take a much longer time to return. Many good authors have already left the list and *nothing* will get them back. The only solution is to move traffic to a different list. [Ever wondered why it is called a "TAZ" and not a "PAZ"? Though, in all fairness, I there is a "SPAZ". .] -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From EALLENSMITH at ocelot.Rutgers.EDU Mon Feb 3 22:26:12 1997 From: EALLENSMITH at ocelot.Rutgers.EDU (E. Allen Smith) Date: Mon, 3 Feb 1997 22:26:12 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702040626.WAA16884@toad.com> From: IN%"roach_s at alph.swosu.edu" "Sean Roach" 4-FEB-1997 00:47:40.30 >On your idea for fast implementation, this could be hacked by would-be >censors. A message comes into the list, the censor sees that the post is >from a regular enemy. The censor then copies the header information onto a >new message, one containing garbage, or snippets from old posts, reads the >new post to see if it is acceptable, and if it is, adds a new header, >probably only the time would be changed, and transmits it out. If the would >be censor was the sysop of a machine near the origin of the message, and if >the censor operated the censorship either by bots, or monitored the feed 24 >hours a day, (not likely), then the actual message would get to few. I would suggest that the cure for this problem is to have what is examined be a cryptographically secure hash instead of (or as well as) the message ID. The hash should be over the body of the message, and possibly the sender and Subject line. Unless Lance has driven up the prices at Infonex a lot, I'd be willing to support such a server on an Infonex account. I'd _greatly_ appreciate help getting the thing started, preferably as a group endeavour (to spread the load (i.e., keep infonex from being overwhelmed), keep me from temptation, and make it less likely that a legally troublesome message would go through an account that I might be blamed for). -Allen From nobody at zifi.genetics.utah.edu Mon Feb 3 22:29:35 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 22:29:35 -0800 (PST) Subject: The V chip Message-ID: <199702040629.XAA17045@zifi.genetics.utah.edu> Dr.Demented Vomit was born when his mother was on the toilet. \|/ @ @ -oOO-(_)-OOo- Dr.Demented Vomit From nobody at zifi.genetics.utah.edu Mon Feb 3 22:31:36 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 22:31:36 -0800 (PST) Subject: [DSS] PGP Signatures Message-ID: <199702040631.XAA17062@zifi.genetics.utah.edu> Decoy Vilus K)ankersore( Of The Minute's family tree goes straight up. All of his ancestors were siblings, too dumb to recognize each other in the dark. |\_/| (0_0) Decoy Vilus K)ankersore( Of The Minute ==(Y)== ---(u)---(u)--- From EALLENSMITH at ocelot.Rutgers.EDU Mon Feb 3 22:42:03 1997 From: EALLENSMITH at ocelot.Rutgers.EDU (E. Allen Smith) Date: Mon, 3 Feb 1997 22:42:03 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <01IF016KB5609AN1BM@mbcl.rutgers.edu> From: IN%"gbroiles at netbox.com" "Greg Broiles" 4-FEB-1997 01:26:13.34 >(I'm working on a message re moderation and the list which will better >explain what I think about that - but I'm not trying to argue, above, that >we *must* have moderation for a long time - simply that it's too early to >call it a failure for failing to significantly increase the number of >useful messages.) I'll be interested in that message. I have problems with the takeover of the original list name, personally. While it is certainly John Gilmore's right to do whatever he wants with the mailing list software/hardware (I believe we've settled that, right?), I'd prefer for the cypherpunks _name_ not be associated with a moderated/censored list. (I mean no insult to either Sandy or John in this, BTW... I simply think that they've gone about this the wrong way. For instance, if John was getting an email overload for toad.com and was trying to indirectly reduce the load via reducing responses to flames, there are other ways to solve the problem - such as the distributed mailing list idea. I do think that Sandy's filtered list could provide a valuable service - most of the other filtered lists seem to filter out a bit too much, judging by the "cc any replies to this message directly to me, I'm on the [insert name of filtered list]" messages I see. If the list switches to cypherpunks and cypherpunks-edited, I might go with cypherpunks-edited (or with some combo of cypherpunks-edited and cypherpunks-flames, the latter more filtered by procmail). My objection is mainly due to the principle of the thing.) Incidentally, I checked the cyberpass.net services, and it does list mailing lists - including a 10$ per month charge per 100 subscribers. At that rate, I can afford about 100 subscribers on a local distributed list, given the 10% discount. (Depending on how it goes, I might be able to afford more... I haven't looked at my personal finances in detail recently.) >I think you misspelled "Usenet". Hope this helps. >Seriously, if you want a distributed no-choke-points "flooding" message >distribution system, you're talking about Usenet. Robust software exists >for clients and servers, and it's already supported worldwide on many >operating systems. No need to write more software to graft that >functionality onto E-mail. If the list is going to turn into Usenet (we've >already got most of Usenet's better kooks), we might as well just move the >damn thing over to alt.cypherpunks and be done with it. (Anyone care to >guess who founded alt.* as a way to route around censorship?) I'd point out that we _know_ every list member can get email, but not that they can get Usenet. I can't conveniently get it, for instance - I'd have to read it via HTTP and respond via email to a news-to-mail server. Sure, I can get an account at infonex or wherever and pick up the news groups there... but I'd prefer not to be forced to, and I suspect the same is true of many people. >(Of course, Usenet is a technical success and a spectacular failure, >content-wise. So opponents of moderation will be forgiven for failing to >mention this sparkling example of an unmoderated, anything-goes forum for >discussion.) Usenet also has easy crossposting, has been discovered by just about every spam artist known to humankind, and doesn't have very good filtering software (IMO, the last time I checked). Limited propagation, especially for a new alt group, especially for a _controversial_ alt group, is also a problem. Sure, Usenet has its advantages. (Under allens at earlham.edu and allens at yang.earlham.edu, I was the second or third highest poster on it for a few weeks a few years back. I'm familiar with Usenet.) But it also has its problems. -Allen From die at pig.die.com Mon Feb 3 22:53:10 1997 From: die at pig.die.com (Dave Emery) Date: Mon, 3 Feb 1997 22:53:10 -0800 (PST) Subject: FCPUNX:ecure Phones (fwd) Message-ID: <9702040652.AA11304@pig.die.com> Forwarded message: >From die Tue Feb 4 00:30:04 1997 Subject: Re: FCPUNX:ecure Phones To: eli at gs160.sp.cs.cmu.edu (Eli Brandt) Date: Tue, 4 Feb 1997 00:30:04 -0500 (EST) From: "Dave Emery" Reply-To: die at die.com In-Reply-To: <199702040425.UAA08359 at blacklodge.c2.net> from "Eli Brandt" at Feb 3, 97 11:24:03 pm X-Mailer: ELM [version 2.4 PL24alpha3] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1404 Don't think I will bore the list with it, But a slightly more complex version of this scheme was one of the major tactical medium security voice scrambling systems used by the US in the 70's and 80's and even to a slight extent into the 90's on military radio circuits. The military version is called Parkhill and the crypto gear is the KY-65 and KY-75. At one time (in the 70's) it was used for at least secret traffic. It was downgraded a couple of times since and is now considered obselete and compromised. A Parkhill crypto box can be seen in the NSA museum... The NSA version used time inversion (playing voice samples backwards) and faster shuffling than this one does, and possibly a more secure key generator. But it is rumored to have been broken by more than one opponent, perhaps including drug cartels. Its appeal and why it was so extensively used for a while is that it interfaces to normal voice radio gear at the audio input and output level rather than requiring different modulations and complex digital modems integrated into the radio. It also gives pretty good speech quality and speaker recognition. Its primary replacement is the ANDVT digital voice terminal which takes advantage of modern DSP technology to implement modems usable over radio links and vocoders which can produce acceptable speech at 1200 or 2400 baud. Dave Emery die at die.com From nobody at squirrel.owl.de Mon Feb 3 22:56:56 1997 From: nobody at squirrel.owl.de (Secret Squirrel) Date: Mon, 3 Feb 1997 22:56:56 -0800 (PST) Subject: what's in a name? Message-ID: <19970204065014.28319.qmail@squirrel.owl.de> Without answering any of the points raised by Wei Dai, let me address the subject line. I have been a long time reader of and occasional contributor to the cypherpunks list. Since it is high volume, I prefer not to have it show up in my mailbox, but read it from either nntp.hks.net or infinity.nus.sg/cypherpunks. With the recent change in status of the list, what I get at those two places is the edited list. The same would apply to other sublists subscribed to cypherpunks at toad.com too. If hks and infinity started archiving the unedited list, this wouldn't bother me so much. Other than that, I am saddened, as much as a Tim is enraged, that a supposedly libertarian and anarchistic group of people has decided that censorship is the right solution to their problems. Btw, what is with nntp.hks.net? Seems to have been down for couple of days. From nobody at zifi.genetics.utah.edu Mon Feb 3 22:57:01 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Mon, 3 Feb 1997 22:57:01 -0800 (PST) Subject: [STEGO] Degausser Message-ID: <199702040657.XAA17392@zifi.genetics.utah.edu> Decoy L[esbian] Vitriol K[ancer]OTM has been fired for masturbating in front of his boss. o/ Decoy L[esbian] Vitriol K[ancer]OTM <| / > From tcmay at got.net Mon Feb 3 23:05:25 1997 From: tcmay at got.net (Timothy C. May) Date: Mon, 3 Feb 1997 23:05:25 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702031455.GAA25476@toad.com> Message-ID: At 10:50 PM -0500 2/3/97, Michael Froomkin - U.Miami School of Law wrote: >I agree with two of Tim's points. I express no opinion about the others, >except that I think these are the two most important. > >(1) I agree with Tim that as a matter of principle, it would be preferable >to create a new moderated list, with a similar but distinguishable name, >and leave the existing list as it was. I happen to think less turns on This is a point of view many of the most thoughtful commenters seem to agree on, isn't it? One would have thought that had Sandy and John really been interested in hearing the views of list members, this approach would have eventually won out. >(2) Much to my surprise, so far moderation is a failure. I think it is a It doesn't surprise me, but then I've rarely been a fan of moderation. As Michael points out below, it mostly works on "RISKS," but in most other cases I can think of it merely slows discussion down, introduces strange skewings of opinions (to win "approval" of the moderator), and almost never causes better posts to be written. (The case of skilled editors soliciting good articles is of course an entirely different issue.) >failure because it achieves neither of the moderation "sweet spots". No >moderation is one "sweet spot". Strict moderation -- the kind you get on >RISKS, where you know nearly every post is on-topic or at least worth your >time -- is another. This is neither. My clumsy procmail filters are almost >as busy as ever. What slips through is largely duplicative of what I get Several people have also commented on this, that their filters are still working overtime. As it should be, really, as no moderator can make the list match any given person's preferences. (Personally, I'm not even convinced filters are essential. It takes no longer than 5 seconds to glance at a message and know whether to scrap it or not. Granted, it takes a bit of time to download, especially at slower modem speeds. But whether Sandy's censorship is producing any significant "savings" depends on how many messages he's sorting into each pile...clearly if 20% or less of the total posts are being filtered out, then the savings are ignorable. Anybody have the statistics handy? Hint: Sandy should publish a periodic accounting of how many messages went into each pile, and should also publish his criteria on a regular basis, pointing out any modifications he's made to his criteria since the last report.) >As Oscar Wilde either said, or should have said, the worst crime is to be >boring. Maybe the list is like the portrait of Dorian Gray, with an image of the list sitting in a closet at Toad Hall aging not so gracefully. >PS. New members of the list may justly ask, where does he get off calling >the posters he doesn't killfile bores? I stopped posting a lot to the >list some time ago, back when I decided my energies were better spent >writing long stuff (see my web page) and playing with my kids. I kept >reading the list primarily to read the work of about six people -- and Tim >was one of them. Thanks. And I should point out in fairness that Michael recruited me for his panel on "Governmental and Societal Implications of Digital Cash" (or something like this) at the upcoming CFP. --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From pdh at best.com Mon Feb 3 23:37:45 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 23:37:45 -0800 (PST) Subject: Mailing Lists vs. Usenet Message-ID: At 7:59 PM 2/3/1997, Greg Broiles wrote: > Seriously, if you want a distributed no-choke-points "flooding" > message distribution system, you're talking about Usenet. Robust > software exists for clients and servers, and it's already supported > worldwide on many operating systems. No need to write more software > to graft that functionality onto E-mail. If the list is going to > turn into Usenet (we've already got most of Usenet's better kooks), > we might as well just move the damn thing over to alt.cypherpunks > and be done with it. (Anyone care to guess who founded alt.* as a > way to route around censorship?) > (Of course, Usenet is a technical success and a spectacular failure, > content-wise. So opponents of moderation will be forgiven for > failing to mention this sparkling example of an unmoderated, > anything-goes forum for discussion.) Several people have brought up this point and it is worth discussing. There are some differences. I don't like Usenet's architecture. It is silly to duplicate vast amounts of traffic everywhere. It was a fine idea when there were 100 groups with lots of overlap in what people read. The horse and buggy was a good idea once too. Performance is a problem with Usenet. The system I envision (nearly identical to Igor's) would have about ten mail servers, each of which sends articles to all the others. Even in situations where something is wrong, articles will be nearly instantly transmitted along an alternate path. I think this is harder to arrange with Usenet. Competition among Cypherpunks providers works the right way. If you are getting your mail on a system which is slow and isn't up all the time, you have good reasons to switch to another provider. This is easy - just subscribe yourself to one mailing list and unsubscribe from the other. It's harder for most people to do this with Usenet. You may not want to switch your ISP to get a better Cypherpunks feed. In my opinion, Usenet is less conducive to filtering than is mail. It is true that there are lots of Usenet readers which can do things like kill whole threads and the like, but mail just screams "run me through a perl script!" This is mostly subjective, of course. More subjective opinions: I don't like being associated with Usenet. It is seen as an international bulletin board. Many people believe that it is "public" space and should be subject to zoning. I like the idea of keeping the cypherpunks list "private". I like being able to say "if what's on the list upsets you so much, why did you subscribe?" This is more effective than "so tell your child not look at Usenet". I don't like the whole Usenet cabal and all of the voting to decide which lists to canonize. Less of an issue with alt.cypherpunks, but the association is still there. Peter Hendrickson ph at netcom.com From pdh at best.com Mon Feb 3 23:39:26 1997 From: pdh at best.com (Peter Hendrickson) Date: Mon, 3 Feb 1997 23:39:26 -0800 (PST) Subject: Dissolving Choke Points Message-ID: At 7:59 PM 2/3/1997, Greg Broiles wrote: >At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: >> Moderation has been a failure. I'm pretty good at filtering and I >> can sadly report that there is very little signal out there. > I don't think it's reasonable to expect an increase in signal within 2 1/2 > weeks of the start of moderation. What I have seen is a pretty complete elimination of the signal that was there. Some might argue that this is "just" because Tim stopped posting. But so what? The result of moderation was the elimination of signal. (Aside: Can anybody think of five members of the list whose combined contributions clearly exceed Tim's? I can't.) Also, I am curious when you expect the benefits of moderation to arrive. Two and a half weeks should be plenty of time for a reasoned creative and interesting discussion to develop. It hasn't happened. Instead the value of the list has - in my view - steadily tapered off since the announcement of moderation. >> There are lessons to be learned here. One is that censorship does >> not promote a stimulating and creative dialogue. > No, that is a silly lesson to draw from this experiment. There are > lots of useful and interesting "moderated" (on paper, it's called > "editing") publications/lists/digests where the content is > intentionally controlled for content and style. And in practice people get their friends published. Ever wonder why Denning got so much bandwidth on the RISKS list when she had so little to say? I don't like edited journals, either. I prefer to have somebody I respect say "Did you see so-and-so's paper? Here's the URL." Most of what is in, for instance, peer reviewed scientific journals is fluff designed to enhance somebody's resume. Moderation was a good idea when you had a number of people who couldn't all talk at once in the same room and in which a disruptive influence could not be easily ignored. We have better ways to communicate now. Let's use them. Peter Hendrickson pdh at best.com From dthorn at gte.net Tue Feb 4 00:12:15 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 00:12:15 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702031632.LAA10670@mail.bcpl.lib.md.us> Message-ID: <32F641E3.6783@gte.net> tmcghan at gill-simpson.com wrote: > in a message allegedly from: "Timothy C. May" > > the really important issue is this: is the _physical hosting_ of the > > Cypherpunks mailing list coterminous with the "Cypherpunks"? > { much thoughtful and well-phrased commentary elided } > > I would have had no problem had John announced that he was creating > > a new list, the "Good Stuff" list, with Sandy has his Chooser of > > Good Stuff. But by making the _main list_ the censored one, this > > skewed things considerably. > Now that the horse is out of the barn, ( or maybe not? ), I can't help > but ask whether one specific 'change to the change' would have > satisfied most of your objections: retaining 'cypherpunks' as the > name of the unedited, all-the-crud-you-can-read-and-then-some, > version, and adding an 'cp-worthwhile' list for those of us who prefer > not to wade thru mountains of garbage to glean a few precious tidbits. > What's in a name? Is perception more important ( to you ) than > reality? If just swapping names between cp and cp-unedited would make > such a large difference, I humbly suggest to you that you consider how > much labels need to matter. Is the title of the group more important > the the content? From where I sit, this looks a lot like a > style-over-substance complaint. Of course, I don't have my trifocals > on just at the moment. If it did not suit a specific purpose, they wouldn't have done it that way. You can take it to the bank that they did this because it was the only way to keep the 1300-plus sheep subscribed to what they wanted to be their "main" list. From dthorn at gte.net Tue Feb 4 00:12:27 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 00:12:27 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <8N3k2D1w165w@bwalk.dm.com> Message-ID: <32F6EEFC.3706@gte.net> Dr.Dimitri Vulis KOTM wrote: > ichudov at algebra.com (Igor Chudov @ home) writes: > > Adam Back wrote: > > > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As > > > an aside, it is ironic that John Gilmore was the guy who started the > > > alt.* USENET hierarchy, specifically to facilitate freedom of speech). > > An interesting idea. What's also interesting is Tim May posting after a long "absence", and in his post he repeats virtually sentence-for-sentence what a handful of people have been saying here for the past month. From dthorn at gte.net Tue Feb 4 00:20:29 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 00:20:29 -0800 (PST) Subject: Voting on Moderation [was: Dissolving Choke Points] In-Reply-To: <199702032118.PAA05476@wire.insync.net> Message-ID: <32F6F104.24B9@gte.net> Eric Cordian wrote: > Peter Hendrickson writes: > > Moderation has been a failure. I'm pretty good at filtering and I > > can sadly report that there is very little signal out there. > The quality of the Cypherpunks list is determined solely by the > amount of signal. The amount of noise is irrelevant. [snip] > Now that we have moderation, I can't do this while subscribed to the > main list, and have to live in eternal fear that I am writing for > an audience of 20 every time I respond to something on the unedited > list. Foo on that. I wonder how Sandy will take the vote on continuing or abandoning the moderation experiment? In most states, one juror out of 12 can kill a conviction. In a revolution such as U.S. 1776, only a tiny percent of the people supported the revolution. Will Sandy go with a majority decision (pure democratic), or allow the moderation to go away if a significant minority wants to kill it? From paul at fatmans.demon.co.uk Tue Feb 4 00:24:39 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Tue, 4 Feb 1997 00:24:39 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <855044578.918617.0@fatmans.demon.co.uk> > This is Tim's first error of fact. I point it out not to insult > him, but because it seriously affects much of the rest of his > analysis. We are conducting an experiment. It will last one > month. After that, it's over if list members want it to be over. > If, on the other hand, moderation is seen by the list members as > beneficial to their use and enjoyment of the list, the current > form of moderation--or some variation will continue. How will you allow list members to decide? - Here presumably we have a self proclaimed anarchist in favour of direct democracy. And if the subscribers can call off this "experiment" it seems rather out of place that they did not institute it in the first place. > > With no false modesty I tried awfully hard to compose substantive > > essays on crypto-political topics, often more than one per day. > > I would hope that Tim will return to this practice irrespective > of whether the list remains moderated or returns to its previous > policies. More on this, below. You genuinely expect a thoughtful writer and intelligent author of posts to allow you to approve them or otherwise for general release? > > (Others did too, but they seem to be tapering off as well, leaving the list > > to be dominated by something called a "Toto," the "O.J. was framed!" > > ravings of Dale Thorn, the love letters between Vulis and someone name > > Nurdane Oksas,... > > Two points: Since Tim largely agrees with those in opposition to > moderation, and because of the extraordinary nature of Tim's post, > I did not send it to the "flames" list. It was a judgment call. Why? - I saw nothing whatsoever in Tim`s post that would make it a "judgement call" for any objective moderator^H^H^H^H^H^H^H^H^Hcensor. The real reason it was a judegement call was because it was critical of Gilmore and yourself, in addition Tim`s points where too subtle and deep for you to respond to without resorting to sophistry. The reason on the other hand you did choose to post it to the censored list was because you realised this and could not get away with junking it to the flames list without incurring criticism. > The problems Tim describes, did not arise with moderation. > Indeed, they were the imputus for the moderation. Sophistry once again. I shall not even bother to explore in more detail this issue as any intelligent reader can, even at face value, see this to be a falacious argument. > > Second, the list was consumed with > > flames about this, many from Vulis, and many from others. > > It was consumed with flames before. Now, at least, the vast > majority of folks on the list don't have to read them, nor jump > through any hoops to implement some sort of dynamic filtering > half-measure. Three questions: 1. How do you see filtering to be a "half measure" 2. What hoops? - if you count implementing a simple filtering measure to be "jumping through hoops" how do you consider that readers of the list do not have to "jump through hoops" to subscribe to the uncensored list. 3. What makes you think that your subjective and evidently self serving method of moderation is any better than keyword filtering. > What didn't work was "local filtering" which has no feed-back > loop to engender comity. This might not work either, but I see > no evidence that it has made things worse. Remember, there are a > hand-full of subscribers to the Flames list, 20-30 on the > Unedited list and *2000* or so on the Moderated list. Sure some > of that may be due to laziness, but it would be cavalier in the > extreme to claim that such an overwhelming acceptance of > moderation is merely an artifact of inertia. Cavalier? - I`ll bet you anything you like if you had set up a new list for the censored articles and left cypherpunks at toad.com as an uncensored list you would have seen the same results, that 2000 or so would have remained where they were instead of trying to "unimbibe", and a hardcore of 20 to 30 subscribers would have consciously taken the decision to move to the censored list. As we seem to be in "experiment" mood on the cypherpunks list at the moment I challenge you now to re-configure the list as stated above. The we shall see whose viewpoint is "cavalier" > But to make things perfectly clear one more time, ANYONE WHO > WANTS TO READ THE ENTIRE CYPHERPUNKS FEED SHOULD SUBSCRIBE TO > "CYPHERPUNKS-UNEDITED" AND/OR "CYPHERPUNK-FLAMES." See above argument, the flock stay together. In addition other list members are lazy, stupid, ignorant etc. And cannot/will not subscribe to the uncensored list. > But let's apply Tim's above definition for the sake of argument. > Am I, thereby, a censor? Well I am examining "other material" > and I am making judgments with regard to whether or not it is > "objectionable," unfortunately for Tim's argument, I am neither > "removing" nor "supressing" anything. Anybody can read anything > that gets posted to Cypherpunks--in two places. I am sorting, > but even my sorting can be completely avoided. Waffle. There is a suprising profundity of waffle in this post considering it is supposed to be refuting some very subtle and eloquently stated arguments by Tim. The fact is you are a censor, you are deciding what is seen on the "main" cypherpunks list, you send any comments on your form of censorship, apart from compliments, to the "flames" list in order to protect yourself and John Gilmore. > Very possibly true. Moderation is like crypto, perfection isn't > and option. However, a 90% solution is a heck of a lot better > than no solution at all. Yes, I've made what I consider to be > errors, but I think on some, I've done a very good job overall. > > > * (Frankly, one of my considerations in leaving was the feeling that I > > would never know if an essay I'd spent hours composing would be rejected by > > Sandy for whatever reasons.... > > Tim, I think this is disingenuous. I have been quite clear on > my moderation criteria. You are too intelligent to feign such > a lack of understanding. Not at all, Even if you had been clear (and let me make it clear that I do not believe you have been) you still would not objectively follow those guidelines you had set for yourself. Your censorship is subjective and unethical. However, I am deviating from the point as I happen to be arguing from an anti-censorship point of view whoever were carrying out said censorship. > > * The decision to "moderate" (censor) the Cypherpunks list is powerful > > ammunition to give to our opponents, > > Piffle. Letting spoiled children destroy the list puts a far > more powerful weapon in the hands of our enemies. Piffle, showing that even an anarchic list "requires" censorship is the best ammunition we could have given them. We are better off without a cypherpunks list at all than we are playing into the hands of those who oppose us. > > and Vulis is certainly gleeful that > > his fondest wishes have been realized. > > I do not have a crystal ball. My Vulcan mind meld is in the > shop. No one--neither Tim, nor I, nor probably even Vulis--knows > whether he is gleeful about all this or not. And frankly, who cares? > The question is, are list members happy or not with moderation. > Tim was not. I am. By the end of the experiment, I dare say we > will have a good idea what most list members think. We already have a good idea what they think if we care to look at the flames list where all their relevant comments are junked to. Besides which you are not answering the question here, just picking a random point to put forward an argument you wanted to. > as far as moderating political rants go, I'm agnostic. You mis-spelled self-serving. Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From stewarts at ix.netcom.com Tue Feb 4 00:25:43 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Tue, 4 Feb 1997 00:25:43 -0800 (PST) Subject: Dissolving Choke Points In-Reply-To: <199702040426.UAA13731@toad.com> Message-ID: <3.0.1.32.19970203225806.00600760@popd.ix.netcom.com> At 07:59 PM 2/3/97 -0800, Greg Broiles wrote: >If the list is going to turn into Usenet (we've already got most of >Usenet's better kooks), we might as well just move the >damn thing over to alt.cypherpunks and be done with it. >(Anyone care to guess who founded alt.* as a way to route around >censorship?) The big argument against going to a newsgroup in the past was that signal-to-noise would degrade to the point of alt.2600ness due to newbies, flamers, overflow to/from political ranting newsgroups, etc., and there's already a sci.crypt for that. The main argument in favor of moderation has been that the list has become unreadable due to newbies, flamers, political ranting, and directed attacks and maybe moderation would fix it, at the cost of annoying people who don't like moderation (which is realistically most of us; two practical reasons not to have moderation are that the volume is too high for most people to be willing to moderate, and that the delays inherent in the moderation process reduce the interactivity that's been one of the valuable things about this list.) I'd prefer that we all just get along, but things really were getting uncivil. An advantage of Usenet is the ability to deploy whatever NoCeM is called these days as a way to let people avoid spammers. Personally, I'd switched to the fcpunx filtered list a couple months ago, mainly to cut down on volume but also because I was getting fed up with Vulis's attacks through remailers, which were getting to be too much trouble to filter out. I switched back to the main list after the moderation announcement, with Eudora filters to make some discussions and some people go away. Of course, there have been several different demonstrations of ways around the moderation since then. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From dthorn at gte.net Tue Feb 4 00:29:24 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 00:29:24 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater In-Reply-To: <199702030241.UAA25010@manifold.algebra.com> Message-ID: <32F6F314.6E28@gte.net> Igor Chudov @ home wrote: > Dale Thorn wrote: > > Igor Chudov @ home wrote: [some arguments deleted for lack of time to reply] > > > Another story: suppose that OKSAS hired me to work for her, but then > > > our relationships go south and she fires me. Again, her fate is very > > > unclear, although I would probably spare her life if it were she. > > If she does it right, with empathy, there is not likely to be a > > problem. On the other hand, if she bad-mouths you to prospective > > employers or customers you want to do business with, you might be > > inclined to hit her. This happens a lot when AP is not available. > ... But would happen more often if it was. Why, if AP was readily available, would she want to risk being hit by bad-mouthing you unnecessarily? > > people who have such money are not going to bump off very many more > > people than they already do, because: > > 1. They need the people to make money off of (Mafia rule #4, never > > kill someone who owes you money [or is a money source]). > This is a wrong Mafia rule, they do kill debtors who are in default. Really? Then how do they collect their money? BTW, I heard the rule from the mouth of a real mob hitman. > > 2. Rich people have a lot of eyes on them, and it would be easy to > > triangulate a series of murders to them, even without hard evidence. > > In an AP world, this triangulation/correlation would be enough to > > convince people to either shun this killer, or kill him outright. > When ten people make deals with each other, it becomes hard to > triangulate. And it is easy, if you know what deals are done, to change > the result of triangulation: suppose that I know that you borrowed 1 > million from Toto, that my _and_ yours business partner had been > murdered (by me, but no one knows), and I am afraid that someone will > triangulate me and implicate me in that murder. I secretly order > the AP bot to kill Toto, and you get implicated. Not good. We all know how people are framed, and we've seen the Hitchcockian murder scenarios on TV, in movies, etc. Certainly the CIA et al can create these scenarios, but what does that have to do with AP as used by ordinary persons? From paul at fatmans.demon.co.uk Tue Feb 4 00:34:58 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Tue, 4 Feb 1997 00:34:58 -0800 (PST) Subject: About: My Departure, Moderation, and "Ownership of the List Message-ID: <855044577.918616.0@fatmans.demon.co.uk> > For what it's worth, I think that this Tim May, not being a > user of the list, has no place to talk. His type, to me, > characterate those who quit something and complain later, > knowing that some people will listen to them. Tim May has been one of the most intelligent, eloquent and on-topic posters to this list in it`s entire history... Who the hell are you? I would respond to your post with reasoned and logical argument but I cannot find one substantive point in it that is worthy of comment. I will muddle through as best I can anyway: One easy jibe here is you don`t know how to spell characterise, maybe you would be better off unimbibing? > So what, if he decided to leave? It was his own choice > and he can't just come back and say everyone who stayed is > now impelled to listen to him, just because he used to > do a bunch of posts. I don't think that hardly any of > you would listened to me later if I left the list. No-one knows who you are nor do we care, you have not accumulated any reputation capital nor are you likely to with posts like this. Tim tried to cover in as much depth as possible without resorting to verbosity the points he felt were important and worthy of discussion regarding the censorship of the list and other associated issues. You were not impelled to read his post nor to reply to it with a content-free rant as you did. If you felt "impelled" to read a post simply because it was on a screen in front of you you clearly do not understand even the rudiments of anarchism. Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From dthorn at gte.net Tue Feb 4 01:00:13 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 01:00:13 -0800 (PST) Subject: Trigger-Words...Trigger-Fingers In-Reply-To: <199702021555.HAA25437@toad.com> Message-ID: <32F6FA51.7D5D@gte.net> Larry Johnson wrote: > Cynthia H. Brown wrote: [snippo] > Theres not many girls on this list, is there? [mo' snippo] > Anyway, my uncle prints out the girl-cypherpunks stuff for the girls > on my list and they think its real cool and they all want to marry > technicians so that they can make them work on the computers for them, > kind of like making them do the computer dishes, you know. [yet mo' snippo] I want to get married. Lots of times. Are the girls cute? I don't do hardware, tho, I'm a software guy. From dthorn at gte.net Tue Feb 4 01:11:54 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 01:11:54 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: Message-ID: <32F6FD0C.5D98@gte.net> Scott V. McGuire wrote: > (Even within the community, some people are more a part of > it than others, and nobody is more a part of it then Tim.) Is this like saying "some of the pigs were more equal than the others"? From dthorn at gte.net Tue Feb 4 01:19:32 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 01:19:32 -0800 (PST) Subject: New X-Ray Imager In-Reply-To: Message-ID: <32F6FED6.3A5F@gte.net> Steve Schear wrote: > New X-ray gun trades privacy for safety > Reported by Andy C > Seen in The Nando Times on 13 August 1996 > "I'm incredibly concerned," said John Henry Hingson, a past president of the > National Association of Criminal Defense Lawyers, meeting here this past > week. "The entire nation could become a victim of illegal searches and > seizures and the law is powerless to protect them from these police abuses." > But in these nervous times following the the crash of TWA Fight 800 and > bombings at the Olympics, Oklahoma City and the World Trade Center, many > Americans are now willing to trade some of their privacy and civil liberties > for greater security. > A poll last week by the Los Angeles Times found that a majority of people -- > 58 percent -- said they would curtail some civil liberties if it would help > thwart terrorism. Thirteen percent said it would depend on what rights were > at stake. The poll didn't ask people to single out any rights. The L.A. Times quotes this "poll" all the time, and in fact probably just made it up. Why do I know that? Because they ran a "letter" from a "teacher" in the valley somewhere about a year ago which said exactly this same thing. The "teacher" ran a poll of her students and they agreed to give up the rights without even knowing which rights they were giving up. From dthorn at gte.net Tue Feb 4 01:23:23 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 01:23:23 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702031455.GAA25476@toad.com> Message-ID: <32F6FFBF.115@gte.net> Timothy C. May wrote: > At 10:50 PM -0500 2/3/97, Michael Froomkin - U.Miami School of Law wrote: > >(1) I agree with Tim that as a matter of principle, it would be preferable > >to create a new moderated list, with a similar but distinguishable name, > >and leave the existing list as it was. I happen to think less turns on > This is a point of view many of the most thoughtful commenters seem to > agree on, isn't it? One would have thought that had Sandy and John really > been interested in hearing the views of list members, this approach would > have eventually won out. Once again, the reason John and Sandy weren't interested was because the main proponents of this point of view for a long time were me, Dr. Vulis, and Toto. Tim and others were either supportive of Sandy or were silent. From woody at hi.net Tue Feb 4 02:11:10 1997 From: woody at hi.net (Howard W Campbell) Date: Tue, 4 Feb 1997 02:11:10 -0800 (PST) Subject: No Subject Message-ID: <32F70B0F.63DF@hi.net> �subscribe cypherpunks at toad.com From gbroiles at netbox.com Tue Feb 4 02:28:46 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Tue, 4 Feb 1997 02:28:46 -0800 (PST) Subject: Dissolving Choke Points In-Reply-To: <199702040426.UAA13731@toad.com> Message-ID: <3.0.1.32.19970204021403.0071f6f8@mail.io.com> -----BEGIN PGP SIGNED MESSAGE----- At 10:58 PM 2/3/97 -0800, Bill Stewart wrote: >An advantage of Usenet is the ability to deploy whatever NoCeM is >called these days as a way to let people avoid spammers. My mention of Usenet was somewhat tongue-in-cheek; I don't know if I'd bother with the list if it were moved to (or gated with) Usenet, as Usenet has become for the most part 100+ Mb/day of uselessness. But my impression is that many moderation opponents would also be opponents of a move to Usenet. Perhaps I'm wrong. But Usenet offers precisely what many people claim we must have for the list to be viable, e.g., uncontrolled/uncontrollable distribution and messaging. So I'm curious about whether or not the proponents of an open, uncontrolled list really want it to be *that* open and uncontrolled. In the past, there's been strong opposition to that. But it's possible that most of the people who had strong feelings about not wanting to be subjected to the downside of Usenet have already left the list. (And if the current opponents of moderation don't want to see the list be quite that open, I think what we're arguing about here is not "censorship v. no censorship" but "what degree of censorship do we want? one lump, or two?", which pretty much eliminates anyone's claim to have a moral high ground from which to argue.) There's really nothing stopping anyone from just setting up a gateway. The list is already gated one-way to Usenet; it shows up many places as mail.cypherpunks. What's missing is a gateway running the other direction; from looking at the headers as messages are received at my ISP (io.com), toad.com is already in the Path: line, so preventing backfeeding shouldn't be a problem. (Doh, it's been a few years since I fussed with mail-to-news and back again, but this isn't rocket science.) The good side I see to a move to Usenet is that it lets people use the comparatively better tools for managing messages - e.g., NoCeM, threading, nn (whose killfiles will kill by thread, author, regexp, and can be time limited so you can easily give annoying people a 30-day 'timeout' and see if they're still a kook later on), AltaVista and DejaNews archiving/searching, and server architecture that's designed to cope with storing/indexing many messages. The down side is that Usenet is more or less a sewer these days, and some of it's bound to spill over. -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAgUBMvcLpv37pMWUJFlhAQFTJgf/UAFESNbjEK2NRabq56We3PkF+sM7pwHU b7Gy/h6a+KusZECe3epIm9/ubvGiZJtVpkp1zTG/AqBJVkdRb9xyIwWpOXU9HUz+ gjzASY/x0Zwsy9AlCgAk0HSEL1bggFTgAjDPB8SSOaYuxP1czpmAAVHTZiNXioV5 AAsnCXLc0qLgXYZ6/3dQhtIznH41ciNhVgI4RhV9lfheCpIhxJJC0zlh7wX2QzMv VhPidpcCmKiCriULwvOJuIkt0SFLvIjxm18zBh6UIe/APgL6TDsr022DTB+S6G/b qgH1aO9xhZtu84I/+V/pOCyKGk+9qij94CwNumN+Hs/cZMybiaO4bQ== =YwhW -----END PGP SIGNATURE----- -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From SButler at chemson.com Tue Feb 4 02:48:25 1997 From: SButler at chemson.com (Butler, Scott) Date: Tue, 4 Feb 1997 02:48:25 -0800 (PST) Subject: FW: concerning Ben Franklin Message-ID: Kent Crispin wrote: >Franklin said "A man owns an ass; he can vote. The >ass dies; he cannot vote. Who owns the vote?" Poor Timmy May must not be able to vote then, as surely his ass must have been "bashed" to death by now. Scott. REMEMBER: "Dreams are just Screen Savers for the brain" From gbroiles at netbox.com Tue Feb 4 03:07:54 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Tue, 4 Feb 1997 03:07:54 -0800 (PST) Subject: what's in a name? In-Reply-To: <199702040140.RAA09183@toad.com> Message-ID: <3.0.1.32.19970204031255.006f0b58@mail.io.com> -----BEGIN PGP SIGNED MESSAGE----- At 04:58 PM 2/3/97 -0800, Wei Dai wrote: >An interesting way to look at what happened is that John >Gilmore owns the name "cypherpunks at toad.com" and has chosen to exercise >that ownership. [...] >I suspect that the hierarchical nature of name ownership on the Internet >today will be an important technological barrier for the establishment of >truly anarchic virtual communities. Unless this problem is solved, the >closest we'll come is pseudo-anarchies that exist with the tolerance of >beneficent dictators. Wei Dai's message raises an important question: what is the relationship between ownership and list content or quality? Much of the pathology of the list in the past few months can be characterized as a "tragedy of the commons" problem, where several private actors are seeking to maximize the gain they can extract from a finite and commonly owned (or unownable) resource. The resource in this case is the "reputation capital" which has built up in the terms "cypherpunks" and "cypherpunks at toad.com". Dmitri Vulis' behavior, where he seeks to punish the list for failing to punish or ostracize Tim May after Tim was disrespectful to Vulis, is an attempt to achieve private gain (public retribution) at the expense of public goods (the continuing quality and good name of the list). Several authors have characterized John Gilmore and Sandy Sandfort's actions with respect to moderation and the list as an attempt to monopolize or appropriate the good name of the list for their own private purposes. (I do not think that the latter characterization is accurate, but it is at least popular.) I suspect that many people will see at least one "tragedy of the commons" problem related to the list. Some free-market economists have suggested that the solution to "tragedy of the commons" problems is private ownership - that where economic actors are given ownership over what might have been owned in common, that they will seek to maximize their long-term gain through careful management and will not adopt wasteful or harmful short-term strategies which would have otherwise seemed attractive. That view (that private ownership is likely to eliminate or at least minimize wasteful or nonoptimal use of resources) has historically been a popular one on the list. Yet private ownership of the list (or of the list's most concrete identity, the label "cypherpunks") seems wrong to many people. Are mailing lists an example of a situation where "the tragedy of the commons" is not a useful metaphor? Are mailing lists an example of "public goods" where private ownership is impossible, or should be avoided? If not, shouldn't we work towards more private ownership, not less? Is the desire for an anarchic community at odds with a desire for good use of resources? -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAgUBMvcZgv37pMWUJFlhAQEf6gf9FAPo+nF/h3ZAZTTzmZZLpj57xDvpcgKW oXCvalcY20s+ah26SFP5cInGSxgOy+UC5zxAeEz/Oo/M/5n1LVZTFVg7f3PORgJW VwY7uVhqvekaX/vNYutg7RpwvhdEz5dneipZMaFOWm0M+8ipZ5Ffb6vNLpRd6h2v Hf+zF6aTvleTxQX1e3C8nrL1hhXd8HX12nK/Kz4/lOyRYvKw//VxtVa3++2M158t YtBXQKLlYAW/NMUhMMSuqvkWbCW3PrDBhpsZRXXqWyruIeV3TKHlR4N3Rru74wHj DPNH8sek3Ql8sjA0BbziUqbC15mLH6QSZbxy4MPVwc2s8r4Ff6t1Ew== =QFGr -----END PGP SIGNATURE----- -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From lwjohnson at grill.sk.ca Tue Feb 4 03:34:01 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Tue, 4 Feb 1997 03:34:01 -0800 (PST) Subject: Trigger-Words...Trigger-Fingers In-Reply-To: <199702021555.HAA25437@toad.com> Message-ID: <32F73B3A.70AE@grill.sk.ca> Dale Thorn wrote: > > Larry Johnson wrote: > > Cynthia H. Brown wrote: > [snippo] > > Theres not many girls on this list, is there? > [mo' snippo] > > Anyway, my uncle prints out the girl-cypherpunks stuff for the girls > > on my list and they think its real cool and they all want to marry > > technicians so that they can make them work on the computers for them, > > kind of like making them do the computer dishes, you know. > [yet mo' snippo] > > I want to get married. Lots of times. Are the girls cute? > I don't do hardware, tho, I'm a software guy. Yeah their real cute, most of them anyway. Their all nice though. Some of them would like you cause they dont like regular guys, cause their troublemakers too. I know your a troublemaker (I think thats a good thing) because Ive read your stuff and myu uncle keeps you in his NotADork/MyAssholes dir. Thats where he keeps the troublemakers but its not an insult because he likes what Kevin (hes a Bodston Celtic said--"Danny Ange is an asshole, but hes _our_ asshole." He taght me how to read by using the Froggie manual since I could boot it myself when he was out of the rooom when I was two year old. Now he teachs me how to read with the cypherpunk messages and stuff from his govbernment friends. (Their good government guys though, they like you guys. Their really secret guys not lamer regualar secret guys. They laugh at those regular secret guys who screw with you guys cause they leave their pecker tracks all over the place.) Some people thik Im a lamer cause Im not good with grammer (not on the kids lists thogh) bu tmy uncle says Ill learn how to do that but Im better to learn how tho think first. Ive got dsylexia too so I use a spell checkerif I want to look smart but emailers dont have it. You guyhs should keep being troublemakers. Really. My uncle says that if you guys get too polite then you better watcvh your backs when you curtsy, cause you never know whos sneaking up behind you. He told me that if I watch you rmodernation that I wont have to have sex educaton laterer cause I'll already know how to get f*)&%ed. (Hes funny. His governmnt friends call him the fool becaise hes dumb like a fox.) Excuse my spelling but I spell things good once I see them in a dir cause myu uncle make s me look stuff up before I put it in a dir or he erases myu dir to make me learn. I think the girls would like you cause yuou are a computer guy. Ill show them your letter. Theeir smart, too. They dont like lamer guys. When their school computer guy messes up ecveyones stuff then they fix it but they dont tell him cause it makes him mad. Im not real good at 4reading code and stuff but the secret computer guys let me drink Scotch with them evcen in the bar at the Holiday In in Santafe cause Im smarter than them abou t som e stuff even if they are really good. (I go tm y uncles password on his secret machine by putting my video camera on the frige with a dead battery and pluging it into his power supply) (Now when he boots up he will getr Duke Nukem3D and when he leacves it he will get a message telling him hes a _lamer_.) He had to go to Lost Alamo again because of you guys and hell gibve me sh*&)( when he gets back but not too much cause he said I could do anything I want on his secret machine if I got on it. Im getting to play with Unix cause he has a Spark Card on it that has Unix on it. (Dos is for lamers but Bill Gates owns ecerything so its cheaper for kids) Some lamer said on cypherpunks today that it takes him an hour to get the pecker messages off his computer. My uncle has me to do it for him sometimes and it only take me like maybve two minutes. If the guy is such a lmaer that it take s hinm an hour then maybe he should just read only the pecker messages cause they have pictures and then when he mobes his lips to read then he coul d put them on the peckers. (Thats a joke) I like that Tim May is bacvk, if only even for a little while. When you guys fight at least you say stuff that isnt kissing ass for other guys money. Im going to make a message to cypherpunsk that says if anyone wants me to be their moderator then they should not write any messages to the cypherpunks. Then the 2000 people who dont post will be voting for me to be their moderator and I will be their boss. If Im the moderator then I will givbe everyone free pizz a and lots and lots of Scotch. (<--Dewars) I hope you guys stay together. My uncle says sometimes you learn by looking and sometimes you leran by seeing whos looking back. But he tells the secret gobvernmetn guys not to look back cause their might be a cypherpunk gaining on them. (Thats a joke) Ive got to go to bed so I can pretned to get up again. Im sick so I can do what I want bu t Im not supposed to stya up all night either. I wont let the door hit me in the ass on my wayout. Bye, Human Gus-Peter p.s. - dont write me after Thursday cause my dad will be back and Ill get in trouble. My uncle will help me clean u p my mess cause hes not a squealer. From boursy at earthlink.net Tue Feb 4 04:21:06 1997 From: boursy at earthlink.net (ISP_Ratings) Date: Tue, 4 Feb 1997 04:21:06 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <8N3k2D1w165w@bwalk.dm.com> Message-ID: <32F72A82.1C42@earthlink.net> Dr.Dimitri Vulis KOTM wrote: > > ichudov at algebra.com (Igor Chudov @ home) writes: > >> Adam Back wrote: >> > >> > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As >> > an aside, it is ironic that John Gilmore was the guy who started the >> > alt.* USENET hierarchy, specifically to facilitate freedom of speech). >> > >> >> An interesting idea. > >John Gilmore of EFF is a liar and a hypocrite who likes to claim credit for >other people's accomplishments. Well EFF itself is a lie--the were very well exposed by Wired Mag. a while back as being nothing more than a corporate whore. They represent the interests of owners not consumers--the ACLU has been very open in their critisism of the EFF in this regard. A large corporation waves some money in front of their noses and tells them to bend over you can be sure they'll bend over. Respectable free speech advocates do not associate with EFF. >He had nothing whatsoever to do with the creation of the alt.* Usenet >hierarchy. Gilmore is a liar and a censor. > Is Mr. Gilmore making this claim? >On the other hand, creating an alt.cypherpunks sounds like a more robust >idea than yet another mailing list. And you could merely post this mailing list publically in the alt group of your choice--I find it interesting at times but not worth responding to in general since freedom of expressiion is not a given. Steve From nobody at zifi.genetics.utah.edu Tue Feb 4 05:21:43 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Tue, 4 Feb 1997 05:21:43 -0800 (PST) Subject: [ANNOUNCEMENT] Elliptic curves Message-ID: <199702041321.GAA22025@zifi.genetics.utah.edu> Tim May's wee-wee is so tiny that only his mommy is allowed to touch it. /\ /..\ Tim May /_\/_\ From usura at berserk.com Tue Feb 4 05:28:02 1997 From: usura at berserk.com (Alex de Joode) Date: Tue, 4 Feb 1997 05:28:02 -0800 (PST) Subject: PGP sourcecode books Message-ID: <199702041327.OAA03778@asylum.berserk.com> A non-text attachment was scrubbed... Name: not available Type: application/x-pgp-message Size: 26 bytes Desc: not available URL: From tmcghan at mail.bcpl.lib.md.us Tue Feb 4 05:51:20 1997 From: tmcghan at mail.bcpl.lib.md.us (tmcghan at mail.bcpl.lib.md.us) Date: Tue, 4 Feb 1997 05:51:20 -0800 (PST) Subject: Embarrass a Marylander, Go to Jail Message-ID: <199702041350.IAA16896@mail.bcpl.lib.md.us> in a message allegedly from: Robert Hettinga this appeared... > A Maryland bill that would make it illegal to send "annoying" or > "embarrassing" e-mail was introduced this week by Democratic General > Assembly member Samuel Rosenberg. {snip} > "Never attribute to conspiracy what can be explained by stupidity." -- Jerry Pournelle As a marylander, in particular, a baltimoron, I am both embarrassed and annoyed that these legislative bozos have the unmitigated gall to expend time and energy on pursuits such as these. Perhaps they feel that our state attorney general needs to earn his excessive salary by attempting to defend this constitutionally indefensible mental excrement. Did the defeat of CDA not resonate? From tmcghan at mail.bcpl.lib.md.us Tue Feb 4 06:17:58 1997 From: tmcghan at mail.bcpl.lib.md.us (tmcghan at mail.bcpl.lib.md.us) Date: Tue, 4 Feb 1997 06:17:58 -0800 (PST) Subject: Information Warfare Message-ID: <199702041417.JAA22327@mail.bcpl.lib.md.us> in a message allegedly from: Peter Hendrickson > The cypherpunks list has been under "attack" for some time. {snip} > Some people have dismissed the idea that rogue governmental elements > are behind some of our problems. {snip} > We know that "Information Warfare" is the big thing in the defense > establishment right now. Information Warfare Conference sponsored by DPMA/AITP Washington, DC, March 13-14, 1997 Crystal City Marriott 1999 Jefferson Davis Highway Arlington, VA 22202 Presentations by: Major General Michael V. Hayden, Commander, Air Intelligence Agency Dr. C. Kenneth Allard, Competitive Strategies Col. H. Stevens, Land Information Warfare Activity - current service visions and planned program initiatives - operational concepts for 'third-wave' warfare - information warfare drivers for 21st century C4I architectures - emerging technologies and systems for information warfare superiority: opportunities on the horizon 'information warfare targets and vulnerabilities', Maxim I. Kovel, TASC systems management group 'information warfare for deterrence', William H.J. Manthorpe, Jr. Applied Physics Laboratory, Johns Hopkins 'adaptive techniques for counter-deception', James Llinas, technical advisor, DOD JDL, Data Fusion group 'emerging threats come in all sizes and flavors', Eugene Schultz, SRI consulting "Information has been termed the 'fifth dimension' in the conduct of 'third-wave' warfare, and promises to dramatically enhance the role of C4I as a force multiplier. Joint and individual service doctrine is emerging for IW, ans is affecting the needs and requirements for diverse systems: from space-based surveillance and communications systems to terrestrial image processing, visualization, and information fusion systems." "This conference will provide a valuable forum where military and industry staff can interact with key decision-makers to achieve the most current possible understanding of Information Warfare concepts, initiatives, technologies and potential opportunities. The Critical Questions to be addressed include: - how is IW changing operational concepts? - how can we defend the weak links in the planned information-intensive reconnaissance, strike, targeting architecture? - what developments in enabling technologies are needed to support current Information Operations, Battlefield Visualization, and Information Exploitation initiatives? -what can be done to develop defensive information technology capabilities? and last, but _c_e_r_t_a_i_n_l_y_ not least: - how will we move forward to develop a true offensive IW capability ============================================== From jya at pipeline.com Tue Feb 4 06:18:15 1997 From: jya at pipeline.com (John Young) Date: Tue, 4 Feb 1997 06:18:15 -0800 (PST) Subject: More Hacking of the Mykotronx Site! Message-ID: <1.5.4.32.19970204141231.006c9760@pop.pipeline.com> While this report may be true, I wonder if it's not a spoof or even official disinformation to mislead about the details of Aaron's mission as well as what Rainbow and others are really peddling to rabble-fearing paranoids. This last sentence seems a bit too melodramatic even for a suck-up crippled-chip manufacturer: >The MYK-82, developed by Mykotronx and fabricated by VLSI Technology, >Inc., is the first of a series of security products to be developed as >part of an alliance with the NSA, targeting both Government and >commercial citizen monitoring markets. Granted that defense to LEA-market conversionists like to pornograph the godawful carnage their technology can wreak on disobedient civilians to arouse ex-military-to-LEA converted glands -- do they actually write SOF drool like this? From gnu at toad.com Tue Feb 4 06:21:52 1997 From: gnu at toad.com (John Gilmore) Date: Tue, 4 Feb 1997 06:21:52 -0800 (PST) Subject: Moderation, Tim, Sandy, me, etc. * Strong crypto == DES?! Message-ID: <199702041421.GAA27742@toad.com> I'm glad we're talking about some of the real issues here. Tim May said: > I don't want Sandy Sandfort sitting in judgment on my > posts, deciding what the Cypherpunks--a group I co-founded for God's > sake!!!!--are to be allowed to read and what they may not. Tim, the Cypherpunks have chosen to follow Sandy's lead for this month. I'll admit I made it easy for them, but the results are conclusive. There are 1311 addresses in the cypherpunks list today; 42 in the unedited list; and 19 in the flames list. Forty people cared enough to read every posting; the other thousand either wanted to try the experiment -- or didn't care enough to send an email message. Which, as we all know, is a very low threshold. If I was a social scientist I might want to run the experiment both ways, or six different ways. Name it this, or name it that. I'm not; all I want is something that works. The cypherpunks list was unusable for this kind of discussion, only a month ago. It's usable now. I'm definitely bugged by the community's attitude toward my "censorship". Rather than being glad that someone, anyone, was doing something about the major problem on the list, 99% of the reaction was to create even more ill-considered, emotional flamage. *I* didn't make the signal/noise get worse at that point -- *you-all* did. Perhaps at that point I should have shut down the list, as Lucky is now suggesting. "Asking the list what to do" was clearly not a useful option. Sandy cared enough about the community to make some concrete suggestions to me about how to get the list back on track. They involved a lot more work than the previous setup. I told him if he was willing to do the work, we could try it. As Dale suggests, I wasn't about to waste my time reading the whole list in real time and passing judgement on the postings. Sandy was, for a month. The element I find most lacking from the whole discussion, until recently, has been responsibility. In an anarchy, *everyone* is responsible; nothing is "somebody else's job". Sandy felt responsible, so he proposed something. I felt responsible, so I helped. But a large part of the community sat on the sidelines and criticized, without making attempts to make things better; indeed the volume and tone of the criticisms themselves made things worse. Unpaid labor for a peanut gallery of spoiled children isn't very gratifying. You-all remind me of a passage from Booker T. Washington's book _Up From Slavery_, describing what happened on the night that news of the Emancipation Proclamation reached the South: The wild rejoicing on the part of the emancipated coloured people lasted but for a brief period, for I noticed that by the time they returned to their cabins there was a change in their feelings. The great responsibility of being free, of having charge of themselves, of having to think and plan for themselves and their children, seemed to take possesion of them. It was very much like suddenly turning a youth of ten or twelve years out into the world to provide for himself. In a few hours the great questions with which the Anglo-Saxon race had been grappling for centuries had been thrown upon these people to be solved. These were the questions of a home, a living, the rearing of children, education, citizenship, and the establishment and support of churches. Was it any wonder that within a few hours the wild rejoicing ceased and a feeling of deep gloom seemed to pervade the slave quarters? To some it seemed that, now that they were in actual possession of it, freedom was a more serious thing than they had expected to find it. Most of the people on the list haven't bothered to face that freedom. Your de-facto "leaders" have faced it for you. It is a more serious thing than than you expect. All it takes it hard work and judgement. Be responsible for setting your society's privacy policy -- without knowing whether you are right. Face the uncertainty and build anyway. Shall I post you an Emancipation Proclamation -- as if you needed one? Start a mailing list on another site! Move this list to somewhere! Create and nurture an alt group! Make an independent moderated list drawn from the unedited list! Hold meetings! Establish for it a home, a funding, the rearing of newbies, education, citizenship, and the establishment and support of philosophies. Dead simple for people as capable as us. Just takes work. Who's volunteering? Just do it! The experiment will be over in a few weeks. Who's going to take over deciding how to run the list, and running it? If you want to help organize what I'll call the `progressive crypto community', for lack of a better term, then please do. Otherwise, in the immortal words of Lazarus Long, "PIPE DOWN!". John PS: Can we talk about crypto too? It's clear from the last few days of press releases that the pro-GAK forces are again working to confuse novices into thinking that two very different things are the same thing. Last time it was "public key infrastructure" and "key recovery". This time it's "strong crypto" and "56-bit DES". What should we do about this? Educate the public? From nobody at zifi.genetics.utah.edu Tue Feb 4 06:25:46 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Tue, 4 Feb 1997 06:25:46 -0800 (PST) Subject: The V chip Message-ID: <199702041425.GAA27851@toad.com> Dr.Demented Vomit was born when his mother was on the toilet. \|/ @ @ -oOO-(_)-OOo- Dr.Demented Vomit From nobody at zifi.genetics.utah.edu Tue Feb 4 06:25:51 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Tue, 4 Feb 1997 06:25:51 -0800 (PST) Subject: [DSS] PGP Signatures Message-ID: <199702041425.GAA27869@toad.com> Decoy Vilus K)ankersore( Of The Minute's family tree goes straight up. All of his ancestors were siblings, too dumb to recognize each other in the dark. |\_/| (0_0) Decoy Vilus K)ankersore( Of The Minute ==(Y)== ---(u)---(u)--- From nobody at squirrel.owl.de Tue Feb 4 06:25:54 1997 From: nobody at squirrel.owl.de (Secret Squirrel) Date: Tue, 4 Feb 1997 06:25:54 -0800 (PST) Subject: what's in a name? Message-ID: <199702041425.GAA27874@toad.com> Without answering any of the points raised by Wei Dai, let me address the subject line. I have been a long time reader of and occasional contributor to the cypherpunks list. Since it is high volume, I prefer not to have it show up in my mailbox, but read it from either nntp.hks.net or infinity.nus.sg/cypherpunks. With the recent change in status of the list, what I get at those two places is the edited list. The same would apply to other sublists subscribed to cypherpunks at toad.com too. If hks and infinity started archiving the unedited list, this wouldn't bother me so much. Other than that, I am saddened, as much as a Tim is enraged, that a supposedly libertarian and anarchistic group of people has decided that censorship is the right solution to their problems. Btw, what is with nntp.hks.net? Seems to have been down for couple of days. From nobody at zifi.genetics.utah.edu Tue Feb 4 06:25:54 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Tue, 4 Feb 1997 06:25:54 -0800 (PST) Subject: [STEGO] Degausser Message-ID: <199702041425.GAA27875@toad.com> Decoy L[esbian] Vitriol K[ancer]OTM has been fired for masturbating in front of his boss. o/ Decoy L[esbian] Vitriol K[ancer]OTM <| / > From dthorn at gte.net Tue Feb 4 06:25:58 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:25:58 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041425.GAA27890@toad.com> Dr.Dimitri Vulis KOTM wrote: > ichudov at algebra.com (Igor Chudov @ home) writes: > > Adam Back wrote: > > > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As > > > an aside, it is ironic that John Gilmore was the guy who started the > > > alt.* USENET hierarchy, specifically to facilitate freedom of speech). > > An interesting idea. What's also interesting is Tim May posting after a long "absence", and in his post he repeats virtually sentence-for-sentence what a handful of people have been saying here for the past month. From die at pig.die.com Tue Feb 4 06:26:02 1997 From: die at pig.die.com (Dave Emery) Date: Tue, 4 Feb 1997 06:26:02 -0800 (PST) Subject: FCPUNX:ecure Phones Message-ID: <199702041426.GAA27891@toad.com> Don't think I will bore the list with it, But a slightly more complex version of this scheme was one of the major tactical medium security voice scrambling systems used by the US in the 70's and 80's and even to a slight extent into the 90's on military radio circuits. The military version is called Parkhill and the crypto gear is the KY-65 and KY-75. At one time (in the 70's) it was used for at least secret traffic. It was downgraded a couple of times since and is now considered obselete and compromised. A Parkhill crypto box can be seen in the NSA museum... The NSA version used time inversion (playing voice samples backwards) and faster shuffling than this one does, and possibly a more secure key generator. But it is rumored to have been broken by more than one opponent, perhaps including drug cartels. Its appeal and why it was so extensively used for a while is that it interfaces to normal voice radio gear at the audio input and output level rather than requiring different modulations and complex digital modems integrated into the radio. It also gives pretty good speech quality and speaker recognition. Its primary replacement is the ANDVT digital voice terminal which takes advantage of modern DSP technology to implement modems usable over radio links and vocoders which can produce acceptable speech at 1200 or 2400 baud. Dave Emery die at die.com From die at pig.die.com Tue Feb 4 06:26:16 1997 From: die at pig.die.com (Dave Emery) Date: Tue, 4 Feb 1997 06:26:16 -0800 (PST) Subject: FCPUNX:ecure Phones (fwd) Message-ID: <199702041426.GAA27899@toad.com> Forwarded message: From dthorn at gte.net Tue Feb 4 06:26:36 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:26:36 -0800 (PST) Subject: Voting on Moderation [was: Dissolving Choke Points] Message-ID: <199702041426.GAA27943@toad.com> Eric Cordian wrote: > Peter Hendrickson writes: > > Moderation has been a failure. I'm pretty good at filtering and I > > can sadly report that there is very little signal out there. > The quality of the Cypherpunks list is determined solely by the > amount of signal. The amount of noise is irrelevant. [snip] > Now that we have moderation, I can't do this while subscribed to the > main list, and have to live in eternal fear that I am writing for > an audience of 20 every time I respond to something on the unedited > list. Foo on that. I wonder how Sandy will take the vote on continuing or abandoning the moderation experiment? In most states, one juror out of 12 can kill a conviction. In a revolution such as U.S. 1776, only a tiny percent of the people supported the revolution. Will Sandy go with a majority decision (pure democratic), or allow the moderation to go away if a significant minority wants to kill it? From dthorn at gte.net Tue Feb 4 06:26:38 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:26:38 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041426.GAA27956@toad.com> tmcghan at gill-simpson.com wrote: > in a message allegedly from: "Timothy C. May" > > the really important issue is this: is the _physical hosting_ of the > > Cypherpunks mailing list coterminous with the "Cypherpunks"? > { much thoughtful and well-phrased commentary elided } > > I would have had no problem had John announced that he was creating > > a new list, the "Good Stuff" list, with Sandy has his Chooser of > > Good Stuff. But by making the _main list_ the censored one, this > > skewed things considerably. > Now that the horse is out of the barn, ( or maybe not? ), I can't help > but ask whether one specific 'change to the change' would have > satisfied most of your objections: retaining 'cypherpunks' as the > name of the unedited, all-the-crud-you-can-read-and-then-some, > version, and adding an 'cp-worthwhile' list for those of us who prefer > not to wade thru mountains of garbage to glean a few precious tidbits. > What's in a name? Is perception more important ( to you ) than > reality? If just swapping names between cp and cp-unedited would make > such a large difference, I humbly suggest to you that you consider how > much labels need to matter. Is the title of the group more important > the the content? From where I sit, this looks a lot like a > style-over-substance complaint. Of course, I don't have my trifocals > on just at the moment. If it did not suit a specific purpose, they wouldn't have done it that way. You can take it to the bank that they did this because it was the only way to keep the 1300-plus sheep subscribed to what they wanted to be their "main" list. From pdh at best.com Tue Feb 4 06:26:42 1997 From: pdh at best.com (Peter Hendrickson) Date: Tue, 4 Feb 1997 06:26:42 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702041426.GAA27968@toad.com> At 7:59 PM 2/3/1997, Greg Broiles wrote: >At 10:55 AM 2/3/97 -0800, Peter Hendrickson wrote: >> Moderation has been a failure. I'm pretty good at filtering and I >> can sadly report that there is very little signal out there. > I don't think it's reasonable to expect an increase in signal within 2 1/2 > weeks of the start of moderation. What I have seen is a pretty complete elimination of the signal that was there. Some might argue that this is "just" because Tim stopped posting. But so what? The result of moderation was the elimination of signal. (Aside: Can anybody think of five members of the list whose combined contributions clearly exceed Tim's? I can't.) Also, I am curious when you expect the benefits of moderation to arrive. Two and a half weeks should be plenty of time for a reasoned creative and interesting discussion to develop. It hasn't happened. Instead the value of the list has - in my view - steadily tapered off since the announcement of moderation. >> There are lessons to be learned here. One is that censorship does >> not promote a stimulating and creative dialogue. > No, that is a silly lesson to draw from this experiment. There are > lots of useful and interesting "moderated" (on paper, it's called > "editing") publications/lists/digests where the content is > intentionally controlled for content and style. And in practice people get their friends published. Ever wonder why Denning got so much bandwidth on the RISKS list when she had so little to say? I don't like edited journals, either. I prefer to have somebody I respect say "Did you see so-and-so's paper? Here's the URL." Most of what is in, for instance, peer reviewed scientific journals is fluff designed to enhance somebody's resume. Moderation was a good idea when you had a number of people who couldn't all talk at once in the same room and in which a disruptive influence could not be easily ignored. We have better ways to communicate now. Let's use them. Peter Hendrickson pdh at best.com From pdh at best.com Tue Feb 4 06:26:44 1997 From: pdh at best.com (Peter Hendrickson) Date: Tue, 4 Feb 1997 06:26:44 -0800 (PST) Subject: Mailing Lists vs. Usenet Message-ID: <199702041426.GAA27969@toad.com> At 7:59 PM 2/3/1997, Greg Broiles wrote: > Seriously, if you want a distributed no-choke-points "flooding" > message distribution system, you're talking about Usenet. Robust > software exists for clients and servers, and it's already supported > worldwide on many operating systems. No need to write more software > to graft that functionality onto E-mail. If the list is going to > turn into Usenet (we've already got most of Usenet's better kooks), > we might as well just move the damn thing over to alt.cypherpunks > and be done with it. (Anyone care to guess who founded alt.* as a > way to route around censorship?) > (Of course, Usenet is a technical success and a spectacular failure, > content-wise. So opponents of moderation will be forgiven for > failing to mention this sparkling example of an unmoderated, > anything-goes forum for discussion.) Several people have brought up this point and it is worth discussing. There are some differences. I don't like Usenet's architecture. It is silly to duplicate vast amounts of traffic everywhere. It was a fine idea when there were 100 groups with lots of overlap in what people read. The horse and buggy was a good idea once too. Performance is a problem with Usenet. The system I envision (nearly identical to Igor's) would have about ten mail servers, each of which sends articles to all the others. Even in situations where something is wrong, articles will be nearly instantly transmitted along an alternate path. I think this is harder to arrange with Usenet. Competition among Cypherpunks providers works the right way. If you are getting your mail on a system which is slow and isn't up all the time, you have good reasons to switch to another provider. This is easy - just subscribe yourself to one mailing list and unsubscribe from the other. It's harder for most people to do this with Usenet. You may not want to switch your ISP to get a better Cypherpunks feed. In my opinion, Usenet is less conducive to filtering than is mail. It is true that there are lots of Usenet readers which can do things like kill whole threads and the like, but mail just screams "run me through a perl script!" This is mostly subjective, of course. More subjective opinions: I don't like being associated with Usenet. It is seen as an international bulletin board. Many people believe that it is "public" space and should be subject to zoning. I like the idea of keeping the cypherpunks list "private". I like being able to say "if what's on the list upsets you so much, why did you subscribe?" This is more effective than "so tell your child not look at Usenet". I don't like the whole Usenet cabal and all of the voting to decide which lists to canonize. Less of an issue with alt.cypherpunks, but the association is still there. Peter Hendrickson ph at netcom.com From EALLENSMITH at ocelot.Rutgers.EDU Tue Feb 4 06:26:46 1997 From: EALLENSMITH at ocelot.Rutgers.EDU (E. Allen Smith) Date: Tue, 4 Feb 1997 06:26:46 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702041426.GAA27970@toad.com> From: IN%"gbroiles at netbox.com" "Greg Broiles" 4-FEB-1997 01:26:13.34 >(I'm working on a message re moderation and the list which will better >explain what I think about that - but I'm not trying to argue, above, that >we *must* have moderation for a long time - simply that it's too early to >call it a failure for failing to significantly increase the number of >useful messages.) I'll be interested in that message. I have problems with the takeover of the original list name, personally. While it is certainly John Gilmore's right to do whatever he wants with the mailing list software/hardware (I believe we've settled that, right?), I'd prefer for the cypherpunks _name_ not be associated with a moderated/censored list. (I mean no insult to either Sandy or John in this, BTW... I simply think that they've gone about this the wrong way. For instance, if John was getting an email overload for toad.com and was trying to indirectly reduce the load via reducing responses to flames, there are other ways to solve the problem - such as the distributed mailing list idea. I do think that Sandy's filtered list could provide a valuable service - most of the other filtered lists seem to filter out a bit too much, judging by the "cc any replies to this message directly to me, I'm on the [insert name of filtered list]" messages I see. If the list switches to cypherpunks and cypherpunks-edited, I might go with cypherpunks-edited (or with some combo of cypherpunks-edited and cypherpunks-flames, the latter more filtered by procmail). My objection is mainly due to the principle of the thing.) Incidentally, I checked the cyberpass.net services, and it does list mailing lists - including a 10$ per month charge per 100 subscribers. At that rate, I can afford about 100 subscribers on a local distributed list, given the 10% discount. (Depending on how it goes, I might be able to afford more... I haven't looked at my personal finances in detail recently.) >I think you misspelled "Usenet". Hope this helps. >Seriously, if you want a distributed no-choke-points "flooding" message >distribution system, you're talking about Usenet. Robust software exists >for clients and servers, and it's already supported worldwide on many >operating systems. No need to write more software to graft that >functionality onto E-mail. If the list is going to turn into Usenet (we've >already got most of Usenet's better kooks), we might as well just move the >damn thing over to alt.cypherpunks and be done with it. (Anyone care to >guess who founded alt.* as a way to route around censorship?) I'd point out that we _know_ every list member can get email, but not that they can get Usenet. I can't conveniently get it, for instance - I'd have to read it via HTTP and respond via email to a news-to-mail server. Sure, I can get an account at infonex or wherever and pick up the news groups there... but I'd prefer not to be forced to, and I suspect the same is true of many people. >(Of course, Usenet is a technical success and a spectacular failure, >content-wise. So opponents of moderation will be forgiven for failing to >mention this sparkling example of an unmoderated, anything-goes forum for >discussion.) Usenet also has easy crossposting, has been discovered by just about every spam artist known to humankind, and doesn't have very good filtering software (IMO, the last time I checked). Limited propagation, especially for a new alt group, especially for a _controversial_ alt group, is also a problem. Sure, Usenet has its advantages. (Under allens at earlham.edu and allens at yang.earlham.edu, I was the second or third highest poster on it for a few weeks a few years back. I'm familiar with Usenet.) But it also has its problems. -Allen From tcmay at got.net Tue Feb 4 06:26:48 1997 From: tcmay at got.net (Timothy C. May) Date: Tue, 4 Feb 1997 06:26:48 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041426.GAA27971@toad.com> At 10:50 PM -0500 2/3/97, Michael Froomkin - U.Miami School of Law wrote: >I agree with two of Tim's points. I express no opinion about the others, >except that I think these are the two most important. > >(1) I agree with Tim that as a matter of principle, it would be preferable >to create a new moderated list, with a similar but distinguishable name, >and leave the existing list as it was. I happen to think less turns on This is a point of view many of the most thoughtful commenters seem to agree on, isn't it? One would have thought that had Sandy and John really been interested in hearing the views of list members, this approach would have eventually won out. >(2) Much to my surprise, so far moderation is a failure. I think it is a It doesn't surprise me, but then I've rarely been a fan of moderation. As Michael points out below, it mostly works on "RISKS," but in most other cases I can think of it merely slows discussion down, introduces strange skewings of opinions (to win "approval" of the moderator), and almost never causes better posts to be written. (The case of skilled editors soliciting good articles is of course an entirely different issue.) >failure because it achieves neither of the moderation "sweet spots". No >moderation is one "sweet spot". Strict moderation -- the kind you get on >RISKS, where you know nearly every post is on-topic or at least worth your >time -- is another. This is neither. My clumsy procmail filters are almost >as busy as ever. What slips through is largely duplicative of what I get Several people have also commented on this, that their filters are still working overtime. As it should be, really, as no moderator can make the list match any given person's preferences. (Personally, I'm not even convinced filters are essential. It takes no longer than 5 seconds to glance at a message and know whether to scrap it or not. Granted, it takes a bit of time to download, especially at slower modem speeds. But whether Sandy's censorship is producing any significant "savings" depends on how many messages he's sorting into each pile...clearly if 20% or less of the total posts are being filtered out, then the savings are ignorable. Anybody have the statistics handy? Hint: Sandy should publish a periodic accounting of how many messages went into each pile, and should also publish his criteria on a regular basis, pointing out any modifications he's made to his criteria since the last report.) >As Oscar Wilde either said, or should have said, the worst crime is to be >boring. Maybe the list is like the portrait of Dorian Gray, with an image of the list sitting in a closet at Toad Hall aging not so gracefully. >PS. New members of the list may justly ask, where does he get off calling >the posters he doesn't killfile bores? I stopped posting a lot to the >list some time ago, back when I decided my energies were better spent >writing long stuff (see my web page) and playing with my kids. I kept >reading the list primarily to read the work of about six people -- and Tim >was one of them. Thanks. And I should point out in fairness that Michael recruited me for his panel on "Governmental and Societal Implications of Digital Cash" (or something like this) at the upcoming CFP. --Tim May Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway." From ptrei at acm.org Tue Feb 4 06:32:28 1997 From: ptrei at acm.org (Peter Trei) Date: Tue, 4 Feb 1997 06:32:28 -0800 (PST) Subject: GAK/KR spin Message-ID: <199702041432.GAA28075@toad.com> > Date: Mon, 3 Feb 1997 14:34:49 -0800 > From: Steve Schear > To: cypherpunks at toad.com > Subject: GAK/KR spin > Several months back there were discussions on the list regarding renaming > the government's key escrow/recovery proposals (KRAP comes to mind). I > think we need something that's catchy and simple (perhaps already familiar) > to understand for the semi-litterate citizen units. I propose we encourage > use of the terms "crippleware" or "crypto crippleware" when refering to the > products limited to their weak crypto and/or key escrow/recovery. > > --Steve For some time, I have been using the term 'espionage-enabled software' to describe GAK'd products. Also, 'compromised software' - I want to make the point that 'key escrow/recovery' == insecure.' Peter Trei trei at process.com PS: I have SW for working on the $10,000 DES challenge available. From dthorn at gte.net Tue Feb 4 06:40:40 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:40:40 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041440.GAA28269@toad.com> Scott V. McGuire wrote: > (Even within the community, some people are more a part of > it than others, and nobody is more a part of it then Tim.) Is this like saying "some of the pigs were more equal than the others"? From dthorn at gte.net Tue Feb 4 06:40:47 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:40:47 -0800 (PST) Subject: Trigger-Words...Trigger-Fingers Message-ID: <199702041440.GAA28300@toad.com> Larry Johnson wrote: > Cynthia H. Brown wrote: [snippo] > Theres not many girls on this list, is there? [mo' snippo] > Anyway, my uncle prints out the girl-cypherpunks stuff for the girls > on my list and they think its real cool and they all want to marry > technicians so that they can make them work on the computers for them, > kind of like making them do the computer dishes, you know. [yet mo' snippo] I want to get married. Lots of times. Are the girls cute? I don't do hardware, tho, I'm a software guy. From Butler Tue Feb 4 06:40:53 1997 From: Butler (Butler) Date: Tue, 4 Feb 1997 06:40:53 -0800 (PST) Subject: FW: concerning Ben Franklin Message-ID: <199702041440.GAA28320@toad.com> Kent Crispin wrote: >Franklin said "A man owns an ass; he can vote. The >ass dies; he cannot vote. Who owns the vote?" Poor Timmy May must not be able to vote then, as surely his ass must have been "bashed" to death by now. Scott. REMEMBER: "Dreams are just Screen Savers for the brain" From dthorn at gte.net Tue Feb 4 06:40:57 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:40:57 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041440.GAA28334@toad.com> Timothy C. May wrote: > At 10:50 PM -0500 2/3/97, Michael Froomkin - U.Miami School of Law wrote: > >(1) I agree with Tim that as a matter of principle, it would be preferable > >to create a new moderated list, with a similar but distinguishable name, > >and leave the existing list as it was. I happen to think less turns on > This is a point of view many of the most thoughtful commenters seem to > agree on, isn't it? One would have thought that had Sandy and John really > been interested in hearing the views of list members, this approach would > have eventually won out. Once again, the reason John and Sandy weren't interested was because the main proponents of this point of view for a long time were me, Dr. Vulis, and Toto. Tim and others were either supportive of Sandy or were silent. From dthorn at gte.net Tue Feb 4 06:41:00 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:41:00 -0800 (PST) Subject: New X-Ray Imager Message-ID: <199702041441.GAA28345@toad.com> Steve Schear wrote: > New X-ray gun trades privacy for safety > Reported by Andy C > Seen in The Nando Times on 13 August 1996 > "I'm incredibly concerned," said John Henry Hingson, a past president of the > National Association of Criminal Defense Lawyers, meeting here this past > week. "The entire nation could become a victim of illegal searches and > seizures and the law is powerless to protect them from these police abuses." > But in these nervous times following the the crash of TWA Fight 800 and > bombings at the Olympics, Oklahoma City and the World Trade Center, many > Americans are now willing to trade some of their privacy and civil liberties > for greater security. > A poll last week by the Los Angeles Times found that a majority of people -- > 58 percent -- said they would curtail some civil liberties if it would help > thwart terrorism. Thirteen percent said it would depend on what rights were > at stake. The poll didn't ask people to single out any rights. The L.A. Times quotes this "poll" all the time, and in fact probably just made it up. Why do I know that? Because they ran a "letter" from a "teacher" in the valley somewhere about a year ago which said exactly this same thing. The "teacher" ran a poll of her students and they agreed to give up the rights without even knowing which rights they were giving up. From stewarts at ix.netcom.com Tue Feb 4 06:41:02 1997 From: stewarts at ix.netcom.com (Bill Stewart) Date: Tue, 4 Feb 1997 06:41:02 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702041441.GAA28346@toad.com> At 07:59 PM 2/3/97 -0800, Greg Broiles wrote: >If the list is going to turn into Usenet (we've already got most of >Usenet's better kooks), we might as well just move the >damn thing over to alt.cypherpunks and be done with it. >(Anyone care to guess who founded alt.* as a way to route around >censorship?) The big argument against going to a newsgroup in the past was that signal-to-noise would degrade to the point of alt.2600ness due to newbies, flamers, overflow to/from political ranting newsgroups, etc., and there's already a sci.crypt for that. The main argument in favor of moderation has been that the list has become unreadable due to newbies, flamers, political ranting, and directed attacks and maybe moderation would fix it, at the cost of annoying people who don't like moderation (which is realistically most of us; two practical reasons not to have moderation are that the volume is too high for most people to be willing to moderate, and that the delays inherent in the moderation process reduce the interactivity that's been one of the valuable things about this list.) I'd prefer that we all just get along, but things really were getting uncivil. An advantage of Usenet is the ability to deploy whatever NoCeM is called these days as a way to let people avoid spammers. Personally, I'd switched to the fcpunx filtered list a couple months ago, mainly to cut down on volume but also because I was getting fed up with Vulis's attacks through remailers, which were getting to be too much trouble to filter out. I switched back to the main list after the moderation announcement, with Eudora filters to make some discussions and some people go away. Of course, there have been several different demonstrations of ways around the moderation since then. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list, please Cc: me on replies. Thanks.) From dthorn at gte.net Tue Feb 4 06:41:05 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:41:05 -0800 (PST) Subject: If guilty of a lesser crime, you can be sentenced for a greater Message-ID: <199702041441.GAA28349@toad.com> Igor Chudov @ home wrote: > Dale Thorn wrote: > > Igor Chudov @ home wrote: [some arguments deleted for lack of time to reply] > > > Another story: suppose that OKSAS hired me to work for her, but then > > > our relationships go south and she fires me. Again, her fate is very > > > unclear, although I would probably spare her life if it were she. > > If she does it right, with empathy, there is not likely to be a > > problem. On the other hand, if she bad-mouths you to prospective > > employers or customers you want to do business with, you might be > > inclined to hit her. This happens a lot when AP is not available. > ... But would happen more often if it was. Why, if AP was readily available, would she want to risk being hit by bad-mouthing you unnecessarily? > > people who have such money are not going to bump off very many more > > people than they already do, because: > > 1. They need the people to make money off of (Mafia rule #4, never > > kill someone who owes you money [or is a money source]). > This is a wrong Mafia rule, they do kill debtors who are in default. Really? Then how do they collect their money? BTW, I heard the rule from the mouth of a real mob hitman. > > 2. Rich people have a lot of eyes on them, and it would be easy to > > triangulate a series of murders to them, even without hard evidence. > > In an AP world, this triangulation/correlation would be enough to > > convince people to either shun this killer, or kill him outright. > When ten people make deals with each other, it becomes hard to > triangulate. And it is easy, if you know what deals are done, to change > the result of triangulation: suppose that I know that you borrowed 1 > million from Toto, that my _and_ yours business partner had been > murdered (by me, but no one knows), and I am afraid that someone will > triangulate me and implicate me in that murder. I secretly order > the AP bot to kill Toto, and you get implicated. Not good. We all know how people are framed, and we've seen the Hitchcockian murder scenarios on TV, in movies, etc. Certainly the CIA et al can create these scenarios, but what does that have to do with AP as used by ordinary persons? From gbroiles at netbox.com Tue Feb 4 06:41:07 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Tue, 4 Feb 1997 06:41:07 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <199702041441.GAA28354@toad.com> -----BEGIN PGP SIGNED MESSAGE----- At 10:58 PM 2/3/97 -0800, Bill Stewart wrote: >An advantage of Usenet is the ability to deploy whatever NoCeM is >called these days as a way to let people avoid spammers. My mention of Usenet was somewhat tongue-in-cheek; I don't know if I'd bother with the list if it were moved to (or gated with) Usenet, as Usenet has become for the most part 100+ Mb/day of uselessness. But my impression is that many moderation opponents would also be opponents of a move to Usenet. Perhaps I'm wrong. But Usenet offers precisely what many people claim we must have for the list to be viable, e.g., uncontrolled/uncontrollable distribution and messaging. So I'm curious about whether or not the proponents of an open, uncontrolled list really want it to be *that* open and uncontrolled. In the past, there's been strong opposition to that. But it's possible that most of the people who had strong feelings about not wanting to be subjected to the downside of Usenet have already left the list. (And if the current opponents of moderation don't want to see the list be quite that open, I think what we're arguing about here is not "censorship v. no censorship" but "what degree of censorship do we want? one lump, or two?", which pretty much eliminates anyone's claim to have a moral high ground from which to argue.) There's really nothing stopping anyone from just setting up a gateway. The list is already gated one-way to Usenet; it shows up many places as mail.cypherpunks. What's missing is a gateway running the other direction; from looking at the headers as messages are received at my ISP (io.com), toad.com is already in the Path: line, so preventing backfeeding shouldn't be a problem. (Doh, it's been a few years since I fussed with mail-to-news and back again, but this isn't rocket science.) The good side I see to a move to Usenet is that it lets people use the comparatively better tools for managing messages - e.g., NoCeM, threading, nn (whose killfiles will kill by thread, author, regexp, and can be time limited so you can easily give annoying people a 30-day 'timeout' and see if they're still a kook later on), AltaVista and DejaNews archiving/searching, and server architecture that's designed to cope with storing/indexing many messages. The down side is that Usenet is more or less a sewer these days, and some of it's bound to spill over. -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAgUBMvcLpv37pMWUJFlhAQFTJgf/UAFESNbjEK2NRabq56We3PkF+sM7pwHU b7Gy/h6a+KusZECe3epIm9/ubvGiZJtVpkp1zTG/AqBJVkdRb9xyIwWpOXU9HUz+ gjzASY/x0Zwsy9AlCgAk0HSEL1bggFTgAjDPB8SSOaYuxP1czpmAAVHTZiNXioV5 AAsnCXLc0qLgXYZ6/3dQhtIznH41ciNhVgI4RhV9lfheCpIhxJJC0zlh7wX2QzMv VhPidpcCmKiCriULwvOJuIkt0SFLvIjxm18zBh6UIe/APgL6TDsr022DTB+S6G/b qgH1aO9xhZtu84I/+V/pOCyKGk+9qij94CwNumN+Hs/cZMybiaO4bQ== =YwhW -----END PGP SIGNATURE----- -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From gbroiles at netbox.com Tue Feb 4 06:41:32 1997 From: gbroiles at netbox.com (Greg Broiles) Date: Tue, 4 Feb 1997 06:41:32 -0800 (PST) Subject: what's in a name? Message-ID: <199702041441.GAA28375@toad.com> -----BEGIN PGP SIGNED MESSAGE----- At 04:58 PM 2/3/97 -0800, Wei Dai wrote: >An interesting way to look at what happened is that John >Gilmore owns the name "cypherpunks at toad.com" and has chosen to exercise >that ownership. [...] >I suspect that the hierarchical nature of name ownership on the Internet >today will be an important technological barrier for the establishment of >truly anarchic virtual communities. Unless this problem is solved, the >closest we'll come is pseudo-anarchies that exist with the tolerance of >beneficent dictators. Wei Dai's message raises an important question: what is the relationship between ownership and list content or quality? Much of the pathology of the list in the past few months can be characterized as a "tragedy of the commons" problem, where several private actors are seeking to maximize the gain they can extract from a finite and commonly owned (or unownable) resource. The resource in this case is the "reputation capital" which has built up in the terms "cypherpunks" and "cypherpunks at toad.com". Dmitri Vulis' behavior, where he seeks to punish the list for failing to punish or ostracize Tim May after Tim was disrespectful to Vulis, is an attempt to achieve private gain (public retribution) at the expense of public goods (the continuing quality and good name of the list). Several authors have characterized John Gilmore and Sandy Sandfort's actions with respect to moderation and the list as an attempt to monopolize or appropriate the good name of the list for their own private purposes. (I do not think that the latter characterization is accurate, but it is at least popular.) I suspect that many people will see at least one "tragedy of the commons" problem related to the list. Some free-market economists have suggested that the solution to "tragedy of the commons" problems is private ownership - that where economic actors are given ownership over what might have been owned in common, that they will seek to maximize their long-term gain through careful management and will not adopt wasteful or harmful short-term strategies which would have otherwise seemed attractive. That view (that private ownership is likely to eliminate or at least minimize wasteful or nonoptimal use of resources) has historically been a popular one on the list. Yet private ownership of the list (or of the list's most concrete identity, the label "cypherpunks") seems wrong to many people. Are mailing lists an example of a situation where "the tragedy of the commons" is not a useful metaphor? Are mailing lists an example of "public goods" where private ownership is impossible, or should be avoided? If not, shouldn't we work towards more private ownership, not less? Is the desire for an anarchic community at odds with a desire for good use of resources? -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAgUBMvcZgv37pMWUJFlhAQEf6gf9FAPo+nF/h3ZAZTTzmZZLpj57xDvpcgKW oXCvalcY20s+ah26SFP5cInGSxgOy+UC5zxAeEz/Oo/M/5n1LVZTFVg7f3PORgJW VwY7uVhqvekaX/vNYutg7RpwvhdEz5dneipZMaFOWm0M+8ipZ5Ffb6vNLpRd6h2v Hf+zF6aTvleTxQX1e3C8nrL1hhXd8HX12nK/Kz4/lOyRYvKw//VxtVa3++2M158t YtBXQKLlYAW/NMUhMMSuqvkWbCW3PrDBhpsZRXXqWyruIeV3TKHlR4N3Rru74wHj DPNH8sek3Ql8sjA0BbziUqbC15mLH6QSZbxy4MPVwc2s8r4Ff6t1Ew== =QFGr -----END PGP SIGNATURE----- -- Greg Broiles | US crypto export control policy in a nutshell: gbroiles at netbox.com | http://www.io.com/~gbroiles | Export jobs, not crypto. | From paul at fatmans.demon.co.uk Tue Feb 4 06:41:33 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Tue, 4 Feb 1997 06:41:33 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041441.GAA28376@toad.com> > This is Tim's first error of fact. I point it out not to insult > him, but because it seriously affects much of the rest of his > analysis. We are conducting an experiment. It will last one > month. After that, it's over if list members want it to be over. > If, on the other hand, moderation is seen by the list members as > beneficial to their use and enjoyment of the list, the current > form of moderation--or some variation will continue. How will you allow list members to decide? - Here presumably we have a self proclaimed anarchist in favour of direct democracy. And if the subscribers can call off this "experiment" it seems rather out of place that they did not institute it in the first place. > > With no false modesty I tried awfully hard to compose substantive > > essays on crypto-political topics, often more than one per day. > > I would hope that Tim will return to this practice irrespective > of whether the list remains moderated or returns to its previous > policies. More on this, below. You genuinely expect a thoughtful writer and intelligent author of posts to allow you to approve them or otherwise for general release? > > (Others did too, but they seem to be tapering off as well, leaving the list > > to be dominated by something called a "Toto," the "O.J. was framed!" > > ravings of Dale Thorn, the love letters between Vulis and someone name > > Nurdane Oksas,... > > Two points: Since Tim largely agrees with those in opposition to > moderation, and because of the extraordinary nature of Tim's post, > I did not send it to the "flames" list. It was a judgment call. Why? - I saw nothing whatsoever in Tim`s post that would make it a "judgement call" for any objective moderator^H^H^H^H^H^H^H^H^Hcensor. The real reason it was a judegement call was because it was critical of Gilmore and yourself, in addition Tim`s points where too subtle and deep for you to respond to without resorting to sophistry. The reason on the other hand you did choose to post it to the censored list was because you realised this and could not get away with junking it to the flames list without incurring criticism. > The problems Tim describes, did not arise with moderation. > Indeed, they were the imputus for the moderation. Sophistry once again. I shall not even bother to explore in more detail this issue as any intelligent reader can, even at face value, see this to be a falacious argument. > > Second, the list was consumed with > > flames about this, many from Vulis, and many from others. > > It was consumed with flames before. Now, at least, the vast > majority of folks on the list don't have to read them, nor jump > through any hoops to implement some sort of dynamic filtering > half-measure. Three questions: 1. How do you see filtering to be a "half measure" 2. What hoops? - if you count implementing a simple filtering measure to be "jumping through hoops" how do you consider that readers of the list do not have to "jump through hoops" to subscribe to the uncensored list. 3. What makes you think that your subjective and evidently self serving method of moderation is any better than keyword filtering. > What didn't work was "local filtering" which has no feed-back > loop to engender comity. This might not work either, but I see > no evidence that it has made things worse. Remember, there are a > hand-full of subscribers to the Flames list, 20-30 on the > Unedited list and *2000* or so on the Moderated list. Sure some > of that may be due to laziness, but it would be cavalier in the > extreme to claim that such an overwhelming acceptance of > moderation is merely an artifact of inertia. Cavalier? - I`ll bet you anything you like if you had set up a new list for the censored articles and left cypherpunks at toad.com as an uncensored list you would have seen the same results, that 2000 or so would have remained where they were instead of trying to "unimbibe", and a hardcore of 20 to 30 subscribers would have consciously taken the decision to move to the censored list. As we seem to be in "experiment" mood on the cypherpunks list at the moment I challenge you now to re-configure the list as stated above. The we shall see whose viewpoint is "cavalier" > But to make things perfectly clear one more time, ANYONE WHO > WANTS TO READ THE ENTIRE CYPHERPUNKS FEED SHOULD SUBSCRIBE TO > "CYPHERPUNKS-UNEDITED" AND/OR "CYPHERPUNK-FLAMES." See above argument, the flock stay together. In addition other list members are lazy, stupid, ignorant etc. And cannot/will not subscribe to the uncensored list. > But let's apply Tim's above definition for the sake of argument. > Am I, thereby, a censor? Well I am examining "other material" > and I am making judgments with regard to whether or not it is > "objectionable," unfortunately for Tim's argument, I am neither > "removing" nor "supressing" anything. Anybody can read anything > that gets posted to Cypherpunks--in two places. I am sorting, > but even my sorting can be completely avoided. Waffle. There is a suprising profundity of waffle in this post considering it is supposed to be refuting some very subtle and eloquently stated arguments by Tim. The fact is you are a censor, you are deciding what is seen on the "main" cypherpunks list, you send any comments on your form of censorship, apart from compliments, to the "flames" list in order to protect yourself and John Gilmore. > Very possibly true. Moderation is like crypto, perfection isn't > and option. However, a 90% solution is a heck of a lot better > than no solution at all. Yes, I've made what I consider to be > errors, but I think on some, I've done a very good job overall. > > > * (Frankly, one of my considerations in leaving was the feeling that I > > would never know if an essay I'd spent hours composing would be rejected by > > Sandy for whatever reasons.... > > Tim, I think this is disingenuous. I have been quite clear on > my moderation criteria. You are too intelligent to feign such > a lack of understanding. Not at all, Even if you had been clear (and let me make it clear that I do not believe you have been) you still would not objectively follow those guidelines you had set for yourself. Your censorship is subjective and unethical. However, I am deviating from the point as I happen to be arguing from an anti-censorship point of view whoever were carrying out said censorship. > > * The decision to "moderate" (censor) the Cypherpunks list is powerful > > ammunition to give to our opponents, > > Piffle. Letting spoiled children destroy the list puts a far > more powerful weapon in the hands of our enemies. Piffle, showing that even an anarchic list "requires" censorship is the best ammunition we could have given them. We are better off without a cypherpunks list at all than we are playing into the hands of those who oppose us. > > and Vulis is certainly gleeful that > > his fondest wishes have been realized. > > I do not have a crystal ball. My Vulcan mind meld is in the > shop. No one--neither Tim, nor I, nor probably even Vulis--knows > whether he is gleeful about all this or not. And frankly, who cares? > The question is, are list members happy or not with moderation. > Tim was not. I am. By the end of the experiment, I dare say we > will have a good idea what most list members think. We already have a good idea what they think if we care to look at the flames list where all their relevant comments are junked to. Besides which you are not answering the question here, just picking a random point to put forward an argument you wanted to. > as far as moderating political rants go, I'm agnostic. You mis-spelled self-serving. Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From dthorn at gte.net Tue Feb 4 06:42:33 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 06:42:33 -0800 (PST) Subject: Moderation, Tim, Sandy, me, etc. * Strong crypto == DES?! In-Reply-To: <199702041421.GAA27742@toad.com> Message-ID: <32F74A94.5F8B@gte.net> John Gilmore wrote: > I'm glad we're talking about some of the real issues here. > I'm definitely bugged by the community's attitude toward my "censorship". I'll bet you are. > Perhaps at that point I should have shut down the list, as Lucky is > now suggesting. He'd really like to, but... > You-all remind me of a passage from Booker T. > Washington's book _Up From Slavery_, describing what happened on the > night that news of the Emancipation Proclamation reached the South: What we most remind him of are slaves. > Most of the people on the list haven't bothered to face that freedom. Which freedom is that? > If you want to help organize what I'll call the `progressive crypto > community', for lack of a better term, then please do. Otherwise, in > the immortal words of Lazarus Long, "PIPE DOWN!". i.e., stop saying what I don't want to hear and start saying what I do want to hear, after all, it's *my* list. From paul at fatmans.demon.co.uk Tue Feb 4 06:42:40 1997 From: paul at fatmans.demon.co.uk (paul at fatmans.demon.co.uk) Date: Tue, 4 Feb 1997 06:42:40 -0800 (PST) Subject: About: My Departure, Moderation, and "Ownership of the List Message-ID: <199702041442.GAA28392@toad.com> > For what it's worth, I think that this Tim May, not being a > user of the list, has no place to talk. His type, to me, > characterate those who quit something and complain later, > knowing that some people will listen to them. Tim May has been one of the most intelligent, eloquent and on-topic posters to this list in it`s entire history... Who the hell are you? I would respond to your post with reasoned and logical argument but I cannot find one substantive point in it that is worthy of comment. I will muddle through as best I can anyway: One easy jibe here is you don`t know how to spell characterise, maybe you would be better off unimbibing? > So what, if he decided to leave? It was his own choice > and he can't just come back and say everyone who stayed is > now impelled to listen to him, just because he used to > do a bunch of posts. I don't think that hardly any of > you would listened to me later if I left the list. No-one knows who you are nor do we care, you have not accumulated any reputation capital nor are you likely to with posts like this. Tim tried to cover in as much depth as possible without resorting to verbosity the points he felt were important and worthy of discussion regarding the censorship of the list and other associated issues. You were not impelled to read his post nor to reply to it with a content-free rant as you did. If you felt "impelled" to read a post simply because it was on a screen in front of you you clearly do not understand even the rudiments of anarchism. Datacomms Technologies web authoring and data security Paul Bradley, Paul at fatmans.demon.co.uk Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey" From nobody at zifi.genetics.utah.edu Tue Feb 4 06:55:43 1997 From: nobody at zifi.genetics.utah.edu (Anonymous) Date: Tue, 4 Feb 1997 06:55:43 -0800 (PST) Subject: [ANNOUNCEMENT] Elliptic curves Message-ID: <199702041455.GAA28677@toad.com> Tim May's wee-wee is so tiny that only his mommy is allowed to touch it. /\ /..\ Tim May /_\/_\ From sherod at medeserv.com.au Tue Feb 4 06:55:52 1997 From: sherod at medeserv.com.au (Steven Herod) Date: Tue, 4 Feb 1997 06:55:52 -0800 (PST) Subject: Full strength Email Clients. Message-ID: <199702041455.GAA28699@toad.com> Hello, I'm in search of an *EASY TO USE* Internet Email client software that uses full strength (outside US export restriction) RSA encryption. It would be used for end to end encryption of Patient Pathology results, hence the need for "full strength". Any pointers to sites of interest? Best Regards Steven Herod Computer Systems Officer Med-E-Serv Connect, a division of CITEC From shamrock at netcom.com Tue Feb 4 06:56:02 1997 From: shamrock at netcom.com (Lucky Green) Date: Tue, 4 Feb 1997 06:56:02 -0800 (PST) Subject: FCPUNX:ecure Phones Message-ID: <199702041456.GAA28732@toad.com> At 09:41 PM 2/3/97 -0700, C. Kuethe wrote: >As we were both saying (meaning to say) there's a lot of holes in there... and >you're rich if you'd trust $1e4 to this box.... I'd put maybe $100 on it. Not >that I have a problem with wealth. My point there is that I don't think this >device is secure enough to be placing a lot of trust in... For 1E3, you can get the CS8191 from Communication Security Corporation. http://www.comsec.com/ It uses 3DES. No silly "voice inversion". Sigh. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From tmcghan at mail.bcpl.lib.md.us Tue Feb 4 06:56:05 1997 From: tmcghan at mail.bcpl.lib.md.us (tmcghan at mail.bcpl.lib.md.us) Date: Tue, 4 Feb 1997 06:56:05 -0800 (PST) Subject: Embarrass a Marylander, Go to Jail Message-ID: <199702041456.GAA28733@toad.com> in a message allegedly from: Robert Hettinga this appeared... > A Maryland bill that would make it illegal to send "annoying" or > "embarrassing" e-mail was introduced this week by Democratic General > Assembly member Samuel Rosenberg. {snip} > "Never attribute to conspiracy what can be explained by stupidity." -- Jerry Pournelle As a marylander, in particular, a baltimoron, I am both embarrassed and annoyed that these legislative bozos have the unmitigated gall to expend time and energy on pursuits such as these. Perhaps they feel that our state attorney general needs to earn his excessive salary by attempting to defend this constitutionally indefensible mental excrement. Did the defeat of CDA not resonate? From jya at pipeline.com Tue Feb 4 06:56:06 1997 From: jya at pipeline.com (John Young) Date: Tue, 4 Feb 1997 06:56:06 -0800 (PST) Subject: More Hacking of the Mykotronx Site! Message-ID: <199702041456.GAA28734@toad.com> While this report may be true, I wonder if it's not a spoof or even official disinformation to mislead about the details of Aaron's mission as well as what Rainbow and others are really peddling to rabble-fearing paranoids. This last sentence seems a bit too melodramatic even for a suck-up crippled-chip manufacturer: >The MYK-82, developed by Mykotronx and fabricated by VLSI Technology, >Inc., is the first of a series of security products to be developed as >part of an alliance with the NSA, targeting both Government and >commercial citizen monitoring markets. Granted that defense to LEA-market conversionists like to pornograph the godawful carnage their technology can wreak on disobedient civilians to arouse ex-military-to-LEA converted glands -- do they actually write SOF drool like this? From owner-cypherpunks Tue Feb 4 06:56:07 1997 From: owner-cypherpunks (owner-cypherpunks) Date: Tue, 4 Feb 1997 06:56:07 -0800 (PST) Subject: No Subject Message-ID: <199702041456.GAA28735@toad.com> From pgut001 at cs.auckland.ac.nz Tue Feb 4 06:56:36 1997 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Tue, 4 Feb 1997 06:56:36 -0800 (PST) Subject: Secure Phones Message-ID: <199702041456.GAA28776@toad.com> >My guess on the CESCOMM device is that they (would like us to belive that >they) use pure RSA with optional hybrid links... this seems a bit obvious >because of: > >"Guessing the unique Keys is out of the question. Acquiring the keys through >wiretapping is impossible, since they are never transmitted." <--RSA? This thing is snake oil. What it does is move the data through an FIR filter with the taps being controlled by a secret key. The data itself isn't encrypted, but is spread out over a wide spectrum in a (they hope) difficult-to-analyse manner. However with only 1K possible taps and (presumably) something as high-security as an LFSR driving it, I think the strength of the system has been overestimated somewhat. It wasn't designed for security at all, it was designed by an ex-Canterbury uni engineer to provide add-on noise-immunity to fax machines, and they only decided to market it as an encryption device later on - the designer apparently knows very little about encryption. I've got a photo of it, it's in a box the size of a small modem and consists of a circuit board with an ASIC on it and a bit of interface circuitry. The company has a patent on it, but a search for the patent has so far been unsuccessful (mind you I didn't search very hard). If anyone wants to check it themselves, the patent will probably be assigned to Ken Stokes of Cardinal Encryption Services - they claim to have worldwide coverage. >I emailed the German team about the LC-1... don't know if I'll hear back from >them, but if I do, I'll pass on everything I get. This is rather cool, it was designed by a couple of students at the University of Saarbruecken. It uses the Lintel RSA chips which are fast enough to do real-time RSA voice encryption, either singly for 512 bits or chained for 1033 bits. I've got a brochure somewhere which shows one of the inventors using it, it's a small motherboard containing the RSA chip, some other unidentifiable circuitry (presumably a modem chipset), an EPROM, etc etc. It was done as a research project by students who are unlikely to have put backdoors in it. The BSI (German NSA) were not at all happy about it. It's a pretty neat product, but unfortunately due to its origins it's having difficulty getting any market penetration. In addition the Lintel chips are f-ing expensive and there are many other components that go in on top of that, I doubt the whole thing sells for less than DM 1000-1500. Peter. From karn at qualcomm.com Tue Feb 4 06:56:38 1997 From: karn at qualcomm.com (Phil Karn) Date: Tue, 4 Feb 1997 06:56:38 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702041456.GAA28777@toad.com> >Phil Karn is, of course, the expert on this -- I hope he'll chime in soon >-- Phil, you out there?? Yup, I'm out here. Just buried under a pile of email. >Working from my not-so-great memory, CDMA uses a fixed spreading code that >is determined by a pretty simple "cipher-like" process. I believe the >details are covered by an NDA, sorry. At any rate, it isn't "encryption" >by any means -- and tapping it requires little more than building a new >base station (again, given $ and the fact that you're going to have to >follow the bloody thing around as it moves). No, it's not covered by NDA. It is, however, all heavily covered by Qualcomm patents. It's all specified in complete detail in TIA IS-95A. The actual spec is copyrighted TIA (even though we did almost all the work) but you can find an early version, plus a much more readable overview paper, through my web page. The air interface is essentially the same as you'll find on the air. There is essentially no "encryption" in the usual sense of the word in CDMA. It is true that the complexity (and until recently, the obscurity) of the modulation method provides some modest protection against casual eavesdropping (e.g., someone with a Radio Shack scanner). But phones containing the necessary ASICs are now being shipped by the hundreds of thousands per month, and as I said earlier the complete air interface spec has been public for some time. I do note that the forward (base to mobile) and reverse (mobile to base) modulation methods are totally different, because the jobs they have to do are different. Only the reverse link is truly CDMA, as there you have many transmitters sending to a single receiver. Both links are spread to 1.25 MHz bandwidths, but that's about where the similarities end. The phone ASIC contains only a forward link demodulator function and a reverse link modulator function. The base station ASICs are not yet generally available. Also, an echo canceller in the base station effectively blocks any reverse link audio from coming back out on the forward link. Consider also the very low and tightly controlled transmitter powers typically used on the reverse link. One can now make certain conclusions about the relative ease of intercepting the forward link as compared to the reverse link. The closest thing to "encryption" in CDMA is the "private long key" mechanism. The private long key is the starting state of a 42-stage linear feedback shift register (LFSR) that is used to spread (reverse link) or scramble (forward link) the vocoder data. (The IS-95 signal path is too complex to describe fully here -- see the documents on my web page for the details, including the difference between scrambling and spreading). As anyone with even a rudimentary knowledge of cryptanalysis knows, LFSRs are not at all cryptographically secure. The Massey-Berlekamp algorithm can easily determine the state of the long code shift register with a short (42-chip) sample of its output. Furthermore, the long key sequence has other specified uses on the reverse link; in particular it is used as a pseudorandom sequence generator to control the puncturing (on-off transmitter gating pattern) when the phone is transmitting at a low data rate between talk spurts. This obviously suggests other ways to determine the LFSR state without demodulating individual CDMA chips. Nevertheless, NSA has repeatedly objected to the export of the "private long code" feature, and I'm not even sure it's implemented on the domestic models currently being deployed. Phil From lwjohnson at grill.sk.ca Tue Feb 4 06:56:39 1997 From: lwjohnson at grill.sk.ca (Larry Johnson) Date: Tue, 4 Feb 1997 06:56:39 -0800 (PST) Subject: Trigger-Words...Trigger-Fingers Message-ID: <199702041456.GAA28778@toad.com> Dale Thorn wrote: > > Larry Johnson wrote: > > Cynthia H. Brown wrote: > [snippo] > > Theres not many girls on this list, is there? > [mo' snippo] > > Anyway, my uncle prints out the girl-cypherpunks stuff for the girls > > on my list and they think its real cool and they all want to marry > > technicians so that they can make them work on the computers for them, > > kind of like making them do the computer dishes, you know. > [yet mo' snippo] > > I want to get married. Lots of times. Are the girls cute? > I don't do hardware, tho, I'm a software guy. Yeah their real cute, most of them anyway. Their all nice though. Some of them would like you cause they dont like regular guys, cause their troublemakers too. I know your a troublemaker (I think thats a good thing) because Ive read your stuff and myu uncle keeps you in his NotADork/MyAssholes dir. Thats where he keeps the troublemakers but its not an insult because he likes what Kevin (hes a Bodston Celtic said--"Danny Ange is an asshole, but hes _our_ asshole." He taght me how to read by using the Froggie manual since I could boot it myself when he was out of the rooom when I was two year old. Now he teachs me how to read with the cypherpunk messages and stuff from his govbernment friends. (Their good government guys though, they like you guys. Their really secret guys not lamer regualar secret guys. They laugh at those regular secret guys who screw with you guys cause they leave their pecker tracks all over the place.) Some people thik Im a lamer cause Im not good with grammer (not on the kids lists thogh) bu tmy uncle says Ill learn how to do that but Im better to learn how tho think first. Ive got dsylexia too so I use a spell checkerif I want to look smart but emailers dont have it. You guyhs should keep being troublemakers. Really. My uncle says that if you guys get too polite then you better watcvh your backs when you curtsy, cause you never know whos sneaking up behind you. He told me that if I watch you rmodernation that I wont have to have sex educaton laterer cause I'll already know how to get f*)&%ed. (Hes funny. His governmnt friends call him the fool becaise hes dumb like a fox.) Excuse my spelling but I spell things good once I see them in a dir cause myu uncle make s me look stuff up before I put it in a dir or he erases myu dir to make me learn. I think the girls would like you cause yuou are a computer guy. Ill show them your letter. Theeir smart, too. They dont like lamer guys. When their school computer guy messes up ecveyones stuff then they fix it but they dont tell him cause it makes him mad. Im not real good at 4reading code and stuff but the secret computer guys let me drink Scotch with them evcen in the bar at the Holiday In in Santafe cause Im smarter than them abou t som e stuff even if they are really good. (I go tm y uncles password on his secret machine by putting my video camera on the frige with a dead battery and pluging it into his power supply) (Now when he boots up he will getr Duke Nukem3D and when he leacves it he will get a message telling him hes a _lamer_.) He had to go to Lost Alamo again because of you guys and hell gibve me sh*&)( when he gets back but not too much cause he said I could do anything I want on his secret machine if I got on it. Im getting to play with Unix cause he has a Spark Card on it that has Unix on it. (Dos is for lamers but Bill Gates owns ecerything so its cheaper for kids) Some lamer said on cypherpunks today that it takes him an hour to get the pecker messages off his computer. My uncle has me to do it for him sometimes and it only take me like maybve two minutes. If the guy is such a lmaer that it take s hinm an hour then maybe he should just read only the pecker messages cause they have pictures and then when he mobes his lips to read then he coul d put them on the peckers. (Thats a joke) I like that Tim May is bacvk, if only even for a little while. When you guys fight at least you say stuff that isnt kissing ass for other guys money. Im going to make a message to cypherpunsk that says if anyone wants me to be their moderator then they should not write any messages to the cypherpunks. Then the 2000 people who dont post will be voting for me to be their moderator and I will be their boss. If Im the moderator then I will givbe everyone free pizz a and lots and lots of Scotch. (<--Dewars) I hope you guys stay together. My uncle says sometimes you learn by looking and sometimes you leran by seeing whos looking back. But he tells the secret gobvernmetn guys not to look back cause their might be a cypherpunk gaining on them. (Thats a joke) Ive got to go to bed so I can pretned to get up again. Im sick so I can do what I want bu t Im not supposed to stya up all night either. I wont let the door hit me in the ass on my wayout. Bye, Human Gus-Peter p.s. - dont write me after Thursday cause my dad will be back and Ill get in trouble. My uncle will help me clean u p my mess cause hes not a squealer. From gnu at toad.com Tue Feb 4 06:56:40 1997 From: gnu at toad.com (John Gilmore) Date: Tue, 4 Feb 1997 06:56:40 -0800 (PST) Subject: Moderation, Tim, Sandy, me, etc. * Strong crypto == DES?! Message-ID: <199702041456.GAA28779@toad.com> I'm glad we're talking about some of the real issues here. Tim May said: > I don't want Sandy Sandfort sitting in judgment on my > posts, deciding what the Cypherpunks--a group I co-founded for God's > sake!!!!--are to be allowed to read and what they may not. Tim, the Cypherpunks have chosen to follow Sandy's lead for this month. I'll admit I made it easy for them, but the results are conclusive. There are 1311 addresses in the cypherpunks list today; 42 in the unedited list; and 19 in the flames list. Forty people cared enough to read every posting; the other thousand either wanted to try the experiment -- or didn't care enough to send an email message. Which, as we all know, is a very low threshold. If I was a social scientist I might want to run the experiment both ways, or six different ways. Name it this, or name it that. I'm not; all I want is something that works. The cypherpunks list was unusable for this kind of discussion, only a month ago. It's usable now. I'm definitely bugged by the community's attitude toward my "censorship". Rather than being glad that someone, anyone, was doing something about the major problem on the list, 99% of the reaction was to create even more ill-considered, emotional flamage. *I* didn't make the signal/noise get worse at that point -- *you-all* did. Perhaps at that point I should have shut down the list, as Lucky is now suggesting. "Asking the list what to do" was clearly not a useful option. Sandy cared enough about the community to make some concrete suggestions to me about how to get the list back on track. They involved a lot more work than the previous setup. I told him if he was willing to do the work, we could try it. As Dale suggests, I wasn't about to waste my time reading the whole list in real time and passing judgement on the postings. Sandy was, for a month. The element I find most lacking from the whole discussion, until recently, has been responsibility. In an anarchy, *everyone* is responsible; nothing is "somebody else's job". Sandy felt responsible, so he proposed something. I felt responsible, so I helped. But a large part of the community sat on the sidelines and criticized, without making attempts to make things better; indeed the volume and tone of the criticisms themselves made things worse. Unpaid labor for a peanut gallery of spoiled children isn't very gratifying. You-all remind me of a passage from Booker T. Washington's book _Up From Slavery_, describing what happened on the night that news of the Emancipation Proclamation reached the South: The wild rejoicing on the part of the emancipated coloured people lasted but for a brief period, for I noticed that by the time they returned to their cabins there was a change in their feelings. The great responsibility of being free, of having charge of themselves, of having to think and plan for themselves and their children, seemed to take possesion of them. It was very much like suddenly turning a youth of ten or twelve years out into the world to provide for himself. In a few hours the great questions with which the Anglo-Saxon race had been grappling for centuries had been thrown upon these people to be solved. These were the questions of a home, a living, the rearing of children, education, citizenship, and the establishment and support of churches. Was it any wonder that within a few hours the wild rejoicing ceased and a feeling of deep gloom seemed to pervade the slave quarters? To some it seemed that, now that they were in actual possession of it, freedom was a more serious thing than they had expected to find it. Most of the people on the list haven't bothered to face that freedom. Your de-facto "leaders" have faced it for you. It is a more serious thing than than you expect. All it takes it hard work and judgement. Be responsible for setting your society's privacy policy -- without knowing whether you are right. Face the uncertainty and build anyway. Shall I post you an Emancipation Proclamation -- as if you needed one? Start a mailing list on another site! Move this list to somewhere! Create and nurture an alt group! Make an independent moderated list drawn from the unedited list! Hold meetings! Establish for it a home, a funding, the rearing of newbies, education, citizenship, and the establishment and support of philosophies. Dead simple for people as capable as us. Just takes work. Who's volunteering? Just do it! The experiment will be over in a few weeks. Who's going to take over deciding how to run the list, and running it? If you want to help organize what I'll call the `progressive crypto community', for lack of a better term, then please do. Otherwise, in the immortal words of Lazarus Long, "PIPE DOWN!". John PS: Can we talk about crypto too? It's clear from the last few days of press releases that the pro-GAK forces are again working to confuse novices into thinking that two very different things are the same thing. Last time it was "public key infrastructure" and "key recovery". This time it's "strong crypto" and "56-bit DES". What should we do about this? Educate the public? From karn at qualcomm.com Tue Feb 4 06:57:34 1997 From: karn at qualcomm.com (Phil Karn) Date: Tue, 4 Feb 1997 06:57:34 -0800 (PST) Subject: PCS Encryption? Message-ID: <199702041457.GAA28791@toad.com> >While awaiting Phil's response, there's an informative description of >Qualcomm's CONDOR device at: > http://www.nsa.gov:8080/programs/missi/condor.html Condor is, of course, a Fortezza (clipper) application, which makes it less than useful to those outside the government. In fact, from what I've heard even the potential government users are much more interested in STU III support. I wonder why... Phil From boursy at earthlink.net Tue Feb 4 06:57:48 1997 From: boursy at earthlink.net (ISP_Ratings) Date: Tue, 4 Feb 1997 06:57:48 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041457.GAA28808@toad.com> Dr.Dimitri Vulis KOTM wrote: > > ichudov at algebra.com (Igor Chudov @ home) writes: > >> Adam Back wrote: >> > >> > Perhaps it is time to reconsider the benefits of alt.cypherpunks. (As >> > an aside, it is ironic that John Gilmore was the guy who started the >> > alt.* USENET hierarchy, specifically to facilitate freedom of speech). >> > >> >> An interesting idea. > >John Gilmore of EFF is a liar and a hypocrite who likes to claim credit for >other people's accomplishments. Well EFF itself is a lie--the were very well exposed by Wired Mag. a while back as being nothing more than a corporate whore. They represent the interests of owners not consumers--the ACLU has been very open in their critisism of the EFF in this regard. A large corporation waves some money in front of their noses and tells them to bend over you can be sure they'll bend over. Respectable free speech advocates do not associate with EFF. >He had nothing whatsoever to do with the creation of the alt.* Usenet >hierarchy. Gilmore is a liar and a censor. > Is Mr. Gilmore making this claim? >On the other hand, creating an alt.cypherpunks sounds like a more robust >idea than yet another mailing list. And you could merely post this mailing list publically in the alt group of your choice--I find it interesting at times but not worth responding to in general since freedom of expressiion is not a given. Steve From tmcghan at mail.bcpl.lib.md.us Tue Feb 4 06:58:18 1997 From: tmcghan at mail.bcpl.lib.md.us (tmcghan at mail.bcpl.lib.md.us) Date: Tue, 4 Feb 1997 06:58:18 -0800 (PST) Subject: Information Warfare Message-ID: <199702041458.GAA28816@toad.com> in a message allegedly from: Peter Hendrickson > The cypherpunks list has been under "attack" for some time. {snip} > Some people have dismissed the idea that rogue governmental elements > are behind some of our problems. {snip} > We know that "Information Warfare" is the big thing in the defense > establishment right now. Information Warfare Conference sponsored by DPMA/AITP Washington, DC, March 13-14, 1997 Crystal City Marriott 1999 Jefferson Davis Highway Arlington, VA 22202 Presentations by: Major General Michael V. Hayden, Commander, Air Intelligence Agency Dr. C. Kenneth Allard, Competitive Strategies Col. H. Stevens, Land Information Warfare Activity - current service visions and planned program initiatives - operational concepts for 'third-wave' warfare - information warfare drivers for 21st century C4I architectures - emerging technologies and systems for information warfare superiority: opportunities on the horizon 'information warfare targets and vulnerabilities', Maxim I. Kovel, TASC systems management group 'information warfare for deterrence', William H.J. Manthorpe, Jr. Applied Physics Laboratory, Johns Hopkins 'adaptive techniques for counter-deception', James Llinas, technical advisor, DOD JDL, Data Fusion group 'emerging threats come in all sizes and flavors', Eugene Schultz, SRI consulting "Information has been termed the 'fifth dimension' in the conduct of 'third-wave' warfare, and promises to dramatically enhance the role of C4I as a force multiplier. Joint and individual service doctrine is emerging for IW, ans is affecting the needs and requirements for diverse systems: from space-based surveillance and communications systems to terrestrial image processing, visualization, and information fusion systems." "This conference will provide a valuable forum where military and industry staff can interact with key decision-makers to achieve the most current possible understanding of Information Warfare concepts, initiatives, technologies and potential opportunities. The Critical Questions to be addressed include: - how is IW changing operational concepts? - how can we defend the weak links in the planned information-intensive reconnaissance, strike, targeting architecture? - what developments in enabling technologies are needed to support current Information Operations, Battlefield Visualization, and Information Exploitation initiatives? -what can be done to develop defensive information technology capabilities? and last, but _c_e_r_t_a_i_n_l_y_ not least: - how will we move forward to develop a true offensive IW capability ============================================== From jlv at sig.bsh.com Tue Feb 4 07:01:38 1997 From: jlv at sig.bsh.com (Jason Vagner) Date: Tue, 4 Feb 1997 07:01:38 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" In-Reply-To: <199702032241.OAA04539@toad.com> Message-ID: >(And if Sandy wants comity and good cheer, let him either form >his own list or establish a filtered list just the way Blossom >and Arachelian did. Hijacking the list to reform it in his own >image is dirty pool.) Just something from another perspective: I've been on the list for quite a long time, though I've never posted. I've been online for over ten years, ran my share of mailing lists, and understand majordomo quite well. As far as I can tell, nobody has ever advertised or posted instructions for joining Blossom's or Arachelian's lists. At one time I gave a little bit of an effort to find them, to no avail. They don't seem readily available on the search engines (again, as of about 6 months ago). I never did flat out post a request for the information, as it was not that important for *me* to find it. I imagine that these individuals might have limited resources for a list-too-large, but is there really a reason this is request-only info? --- Jason Vagner Resist KRAP and GAK. Police States Are Bad. "All that one can give is what is going to happen, which may have little to do with a present that you can grasp." - Avital Ronell. From dthorn at gte.net Tue Feb 4 07:11:00 1997 From: dthorn at gte.net (Dale Thorn) Date: Tue, 4 Feb 1997 07:11:00 -0800 (PST) Subject: Moderation, Tim, Sandy, me, etc. * Strong crypto == DES?! Message-ID: <199702041511.HAA29113@toad.com> John Gilmore wrote: > I'm glad we're talking about some of the real issues here. > I'm definitely bugged by the community's attitude toward my "censorship". I'll bet you are. > Perhaps at that point I should have shut down the list, as Lucky is > now suggesting. He'd really like to, but... > You-all remind me of a passage from Booker T. > Washington's book _Up From Slavery_, describing what happened on the > night that news of the Emancipation Proclamation reached the South: What we most remind him of are slaves. > Most of the people on the list haven't bothered to face that freedom. Which freedom is that? > If you want to help organize what I'll call the `progressive crypto > community', for lack of a better term, then please do. Otherwise, in > the immortal words of Lazarus Long, "PIPE DOWN!". i.e., stop saying what I don't want to hear and start saying what I do want to hear, after all, it's *my* list. From ptrei at ACM.ORG Tue Feb 4 07:12:42 1997 From: ptrei at ACM.ORG (Peter Trei) Date: Tue, 4 Feb 1997 07:12:42 -0800 (PST) Subject: GAK/KR spin Message-ID: <199702041512.HAA29212@toad.com> > Date: Mon, 3 Feb 1997 14:34:49 -0800 > From: Steve Schear > To: cypherpunks at toad.com > Subject: GAK/KR spin > Several months back there were discussions on the list regarding renaming > the government's key escrow/recovery proposals (KRAP comes to mind). I > think we need something that's catchy and simple (perhaps already familiar) > to understand for the semi-litterate citizen units. I propose we encourage > use of the terms "crippleware" or "crypto crippleware" when refering to the > products limited to their weak crypto and/or key escrow/recovery. > > --Steve For some time, I have been using the term 'espionage-enabled software' to describe GAK'd products. Also, 'compromised software' - I want to make the point that 'key escrow/recovery' == insecure.' Peter Trei trei at process.com PS: I have SW for working on the $10,000 DES challenge available. From adam at homeport.org Tue Feb 4 07:42:51 1997 From: adam at homeport.org (Adam Shostack) Date: Tue, 4 Feb 1997 07:42:51 -0800 (PST) Subject: New X-Ray Imager In-Reply-To: <199702040126.RAA08938@toad.com> Message-ID: <199702041538.KAA16105@homeport.org> | A poll last week by the Los Angeles Times found that a majority of people -- | 58 percent -- said they would curtail some civil liberties if it would help | thwart terrorism. Thirteen percent said it would depend on what rights were | at stake. The poll didn't ask people to single out any rights. Its worth noting the 'if it would help thwart terrorism.' The 'best,' most expensive anti-terrorism measures ever used in the US were at the Summer Olympics. The White House point man on encryption admitted at last years CFP that Clipper and its derivatives would not have prevented the Oklahoma city bombing. A question worth asking is do we want to apply evolutionary pressure to terrorists? I prefer hijacking to bombings wrt aircraft, but the FAA disagrees. I prefer having my car stolen without me in it as well. (I think John Gilmore asked that question, but I could be wrong.) Adam -- Pet peeve of the day: Security companies whose protocols dare not speak their name, because they don't have one. Guilty company of the day is now V-One. From jlv at sig.bsh.com Tue Feb 4 08:18:42 1997 From: jlv at sig.bsh.com (Jason Vagner) Date: Tue, 4 Feb 1997 08:18:42 -0800 (PST) Subject: My Departure, Moderation, and "Ownership of the List" Message-ID: <199702041618.IAA00787@toad.com> >(And if Sandy wants comity and good cheer, let him either form >his own list or establish a filtered list just the way Blossom >and Arachelian did. Hijacking the list to reform it in his own >image is dirty pool.) Just something from another perspective: I've been on the list for quite a long time, though I've never posted. I've been online for over ten years, ran my share of mailing lists, and understand majordomo quite well. As far as I can tell, nobody has ever advertised or posted instructions for joining Blossom's or Arachelian's lists. At one time I gave a little bit of an effort to find them, to no avail. They don't seem readily available on the search engines (again, as of about 6 months ago). I never did flat out post a request for the information, as it was not that important for *me* to find it. I imagine that these individuals might have limited resources for a list-too-large, but is there really a reason this is request-only info? --- Jason Vagner Resist KRAP and GAK. Police States Are Bad. "All that one can give is what is going to happen, which may have little to do with a present that you can grasp." - Avital Ronell. From adam at homeport.org Tue Feb 4 08:26:36 1997 From: adam at homeport.org (Adam Shostack) Date: Tue, 4 Feb 1997 08:26:36 -0800 (PST) Subject: New X-Ray Imager Message-ID: <199702041626.IAA00919@toad.com> | A poll last week by the Los Angeles Times found that a majority of people -- | 58 percent -- said they would curtail some civil liberties if it would help | thwart terrorism. Thirteen percent said it would depend on what rights were | at stake. The poll didn't ask people to single out any rights. Its worth noting the 'if it would help thwart terrorism.' The 'best,' most expensive anti-terrorism measures ever used in the US were at the Summer Olympics. The White House point man on encryption admitted at last years CFP that Clipper and its derivatives would not have prevented the Oklahoma city bombing. A question worth asking is do we want to apply evolutionary pressure to terrorists? I prefer hijacking to bombings wrt aircraft, but the FAA disagrees. I prefer having my car stolen without me in it as well. (I think John Gilmore asked that question, but I could be wrong.) Adam -- Pet peeve of the day: Security companies whose protocols dare not speak their name, because they don't have one. Guilty company of the day is now V-One. From mclow at owl.csusm.edu Tue Feb 4 09:21:22 1997 From: mclow at owl.csusm.edu (Marshall Clow) Date: Tue, 4 Feb 1997 09:21:22 -0800 (PST) Subject: IBM's SecureWay Key Recovery technology Message-ID: >From : >At the RSA Conference, IBM announced the details of its highly >anticipated SecureWay key recovery technology. IBM is developing this >technology in response to market demands for exportable strong >encryption required to advance the growth of global e-business. >[ yada yada yada snipped ] I attended this presentation. Basically, what they do is to add two packets to the "channel setup process", one that depends only on the coorespondents, the other that contains the information about this particular session. A problem with this, as I pointed out to the presenters, is that the first packet can be trivially used for traffic analysis. The eavesdropper may not be able to determine who is cooresponding, but they can tell if it is the same people as in a previous conversation. >From >In order to minimize the preparation overhead, the recovery information >is prepared in two phases: one phase is independent of the particular >session/archive key being prepared; the second phase is dependent on the >particular key and session parameters. The first phase, which uses >public-key encryption, can be shared across multiple invocations of key >recovery preparation, thus reducing overhead. The public-key encryptions >can be stored for repeated use. > As you can see, IBM suggests cacheing the contents of the first packet, so that you don't have to recalculate it each time. Imagine how easy traffic analysis would be if the identification packets were identical instead of just related. -- Marshall Marshall Clow Aladdin Systems Warning: Objects in calendar are closer than they appear. From osborne at gateway.grumman.com Tue Feb 4 09:39:48 1997 From: osborne at gateway.grumman.com (Rick Osborne) Date: Tue, 4 Feb 1997 09:39:48 -0800 (PST) Subject: AltaVista Tunnel Message-ID: <3.0.1.32.19970204123842.0093d9e0@gateway.grumman.com> The Digital / Microsoft "Driving Force" tour is in our parking lot today and I got the opportunity to have a look around. One of the 'stations' inside the truck is on intranets. They were showing off a product called "AltaVista Tunnel" which I assume is their PPTP product. I say "I assume" because the guy showing it off had absolutely no clue what he was talking about. He triumphantly exclaimed that the encryption was 128-bit, but when I said "128-bit what?" he cowered and muttered that he didn't know and went on with his little speech. The rest of my crypto-specific questions met with equal dark stares. And these are the people setting industry standards... _________ o s b o r n e @ g a t e w a y . g r u m m a n . c o m _________ Real programmers programs never work right the first time. But if you throw them on the machine they can be patched into working in only a few 30-hours debugging sessions. From joelm at eskimo.com Tue Feb 4 09:41:36 1997 From: joelm at eskimo.com (Joel McNamara) Date: Tue, 4 Feb 1997 09:41:36 -0800 (PST) Subject: DES keyspace Message-ID: <3.0.32.19970204093946.006a5d88@mail.eskimo.com> Is anyone coordinating (formally or informally) which chunks of the keyspace has been searched for the DES challenge? Yes, I know all the arguments about potential fraud and verification, but it would be nice to have a Web site that informally listed what had been scanned so far (verified or not). Did I perhaps miss something and this is already out there? URLs appreciated if so. If it doesn't exist, I'd be willing to host a site and play coordinator... Joel From Scottauge at aol.com Tue Feb 4 09:51:59 1997 From: Scottauge at aol.com (Scottauge at aol.com) Date: Tue, 4 Feb 1997 09:51:59 -0800 (PST) Subject: Embarrass a Marylander, go to jail Message-ID: <970204112612_275827339@emout09.mail.aol.com> Think they are trying to expand the harrassment laws to directly effect the E world, but I would think the laws on harrassment would apply anyhow (provided your in their domain, but then again thats true for all governments...) --- How has the government interfered in your life today? From joelm at eskimo.com Tue Feb 4 10:05:29 1997 From: joelm at eskimo.com (Joel McNamara) Date: Tue, 4 Feb 1997 10:05:29 -0800 (PST) Subject: DES keyspace Message-ID: <199702041805.KAA02736@toad.com> Is anyone coordinating (formally or informally) which chunks of the keyspace has been searched for the DES challenge? Yes, I know all the arguments about potential fraud and verification, but it would be nice to have a Web site that informally listed what had been scanned so far (verified or not). Did I perhaps miss something and this is already out there? URLs appreciated if so. If it doesn't exist, I'd be willing to host a site and play coordinator... Joel From mclow at owl.csusm.edu Tue Feb 4 10:05:34 1997 From: mclow at owl.csusm.edu (Marshall Clow) Date: Tue, 4 Feb 1997 10:05:34 -0800 (PST) Subject: IBM's SecureWay Key Recovery technology Message-ID: <199702041805.KAA02744@toad.com> >From : >At the RSA Conference, IBM announced the details of its highly >anticipated SecureWay key recovery technology. IBM is developing this >technology in response to market demands for exportable strong >encryption required to advance the growth of global e-business. >[ yada yada yada snipped ] I attended this presentation. Basically, what they do is to add two packets to the "channel setup process", one that depends only on the coorespondents, the other that contains the information about this particular session. A problem with this, as I pointed out to the presenters, is that the first packet can be trivially used for traffic analysis. The eavesdropper may not be able to determine who is cooresponding, but they can tell if it is the same people as in a previous conversation. >From >In order to minimize the preparation overhead, the recovery information >is prepared in two phases: one phase is independent of the particular >session/archive key being prepared; the second phase is dependent on the >particular key and session parameters. The first phase, which uses >public-key encryption, can be shared across multiple invocations of key >recovery preparation, thus reducing overhead. The public-key encryptions >can be stored for repeated use. > As you can see, IBM suggests cacheing the contents of the first packet, so that you don't have to recalculate it each time. Imagine how easy traffic analysis would be if the identification packets were identical instead of just related. -- Marshall Marshall Clow Aladdin Systems Warning: Objects in calendar are closer than they appear. From osborne at gateway.grumman.com Tue Feb 4 10:07:14 1997 From: osborne at gateway.grumman.com (Rick Osborne) Date: Tue, 4 Feb 1997 10:07:14 -0800 (PST) Subject: AltaVista Tunnel Message-ID: <199702041807.KAA02790@toad.com> The Digital / Microsoft "Driving Force" tour is in our parking lot today and I got the opportunity to have a look around. One of the 'stations' inside the truck is on intranets. They were showing off a product called "AltaVista Tunnel" which I assume is their PPTP product. I say "I assume" because the guy showing it off had absolutely no clue what he was talking about. He triumphantly exclaimed that the encryption was 128-bit, but when I said "128-bit what?" he cowered and muttered that he didn't know and went on with his little speech. The rest of my crypto-specific questions met with equal dark stares. And these are the people setting industry standards... _________ o s b o r n e @ g a t e w a y . g r u m m a n . c o m _________ Real programmers programs never work right the first time. But if you throw them on the machine they can be patched into working in only a few 30-hours debugging sessions. From Scottauge at aol.com Tue Feb 4 10:12:29 1997 From: Scottauge at aol.com (Scottauge at aol.com) Date: Tue, 4 Feb 1997 10:12:29 -0800 (PST) Subject: Embarrass a Marylander, go to jail Message-ID: <199702041812.KAA02898@toad.com> Think they are trying to expand the harrassment laws to directly effect the E world, but I would think the laws on harrassment would apply anyhow (provided your in their domain, but then again thats true for all governments...) --- How has the government interfered in your life today? From shamrock at netcom.com Tue Feb 4 10:20:22 1997 From: shamrock at netcom.com (Lucky Green) Date: Tue, 4 Feb 1997 10:20:22 -0800 (PST) Subject: Dissolving Choke Points Message-ID: <3.0.32.19970204102007.007019f8@192.100.81.136> At 11:36 PM 2/3/97 -0800, Peter Hendrickson wrote: >What I have seen is a pretty complete elimination of the signal that >was there. Some might argue that this is "just" because Tim stopped >posting. But so what? The result of moderation was the elimination >of signal. Nonsense. The signal had left long before the moderation began. The steepest drop in signal (not S/N ratio) was between shortly before Perry left and Vulis had completed his takeover. Signal is cause by signal generators. Most top signal generators, other than Tim, had left because of pollution caused by the likes of Vulis, aga, and his homophonic boyfriends. Moderation has nothing to do with the loss of signal other than that signal from Tim was lost. And while I appreciated Tim's essays, they were never the sole source of signal on the list. Tim did not even provide the majority of signal. "Best individual contributor", sure. -- Lucky Green PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi From jeffb at issl.atl.hp.com Tue Feb 4 10:38:06 1997 From: jeffb at issl.atl.hp.com (Jeff Barber) Date: Tue, 4 Feb 1997 10:38:06 -0800 (PST) Subject: Moderation, Tim, Sandy, me, etc. * Strong crypto == DES?! In-Reply-To: <199702041421.GAA27742@toad.com> Message-ID: <199702041838.NAA30479@jafar.issl.atl.hp.com> I'm another long time list member. I've posted before on a number of occasions but not often. And I was one of those who subscribed immediately to the unedited list. Anyway, herein my 2 cents. John Gilmore writes: > Tim May said: > > I don't want Sandy Sandfort sitting in judgment on my > > posts, deciding what the Cypherpunks--a group I co-founded for God's > > sake!!!!--are to be allowed to read and what they may not. > > Tim, the Cypherpunks have chosen to follow Sandy's lead for this > month. I'll admit I made it easy for them, but the results are > conclusive. There are 1311 addresses in the cypherpunks list today; > 42 in the unedited list; and 19 in the flames list. "Conclusively" this has shown only that most folks are willing to go along with an experiment -- especially if it requires them to do exactly nothing. The results of the moderation experiment itself can't possibly be conclusive until the moderation has gone on for much longer--a few months at least, possibly years. Then, we'll see how many people are willing to put up with the high volume over the long term, even possibly in the absence of thoughtful essays from long-time list members (like Tim) who have been driven away from the list. Even if it "survives" by that criteria, it may not survive in *my* book. There are only a handful of people whose posts make the cypherpunks list worthwhile (IMO of course). There're quite a few others who contribute to the discussion but aren't themselves worth the trouble (no offense intended to anyone; I would certainly count myself in this group as well). I don't deny that putting up with the noise on the list takes some effort. In fact, after years of surviving with only my 'd' key, I'd finally been driven to install a procmail filter shortly before moderation was announced. Interestingly, since that point, it *has* become more difficult to filter--but IMO that's because it's also gotten less interesting (how do you know if you're filtering is successful?). In fact, lately I've begun to "filter" *all* of cypherpunks into an alternate mailbox file, and find that I'm perfectly content to look at it only every couple of days, and just pick and choose among the posts based on author and subject. I don't claim to be representative of the average cypherpunk, but in my view, this is a bad sign--it indicates a lack of compelling "content". It might as well be a Usenet group--I don't feel like a "member of the Cypherpunks list" anymore. As the list stands now, I would hardly even notice (or care) if I were no longer subscribed. > I'm definitely bugged by the community's attitude toward my > "censorship". Rather than being glad that someone, anyone, was doing > something about the major problem on the list, 99% of the reaction was > to create even more ill-considered, emotional flamage. *I* didn't > make the signal/noise get worse at that point -- *you-all* did. Well, I did do something. When the volume got too high for me to take unassisted, I installed procmail to tailor the list to my own likings. Many have been advocating it on the list for years. I was just too lazy to do so until the pain of not having it finally got too high. As for the signal to noise ratio, John hasn't made it worse, but he hasn't made it much better either. No offense is intended--John's posts were always at the top of my reputation list--but he posts so infrequently that he falls into that "not worth subscribing for" group. What was the problem with the list that finally required that somebody "do something"? Sure, the list was high volume. And there were a lot of flames and silly useless garbage. But this is no different than it has been for years. And the Vulisgrams were no more (or less) vicious or annoying than Detweiler's Medusa and S.Boxx rants from the old days. (The reason I personally could stand it [without procmail] back then was that I wasn't on so many *other* mailing lists at the same time.) > The experiment will be over in a few weeks. Who's going to take over > deciding how to run the list, and running it? Can't we just forget any of this ever came up? Drop the moderation, resubscribe the Vulis 'bot and go on as before. > PS: Can we talk about crypto too? ... Sorry, that would be off-topic; this list is only for discussions of the cypherpunks moderation policy. Maybe you could post something on Perry's "cryptography" list though. (:-) -- Jeff From shamrock at netcom.com Tue Feb 4 10:55:31 1997 From: shamrock at netcom.com (Lucky Green) Date: Tue, 4 Feb 1997 10:55:31 -0800 (PST) Subject: New X-Ray Imager Message-ID: <3.0.32.19970204105556.00704204@192.100.81.136> At 10:38 AM 2/4/97 -0500, Adam Shostack wrote: > >| A poll last week by the Los Angeles Times found that a majority