From an12070 at anon.penet.fi Fri Oct 1 00:32:31 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Fri, 1 Oct 93 00:32:31 PDT Subject: FIDONet policies Message-ID: <9310010728.AA15983@anon.penet.fi> >If a user sends a "private message", the user has no control over the number >of intermediate systems through which that message is routed. A sysop who >sends a message to another sysop can control this aspect by sending the >message direct to the recipient's system, thus guaranteeing that only the >recipient or another individual to whom that sysop has given authorization >can read the message. Thus, a sysop may have different expectations than a >casual user. translated: we have a hierarchy of rights. sysop-gods have a right and expectation to private mail. the user-peons have neither. >Disclosing or in any way using information contained in private netmail >traffic not addressed to you or written by you is considered annoying >behavior, unless the traffic has been released by the author or the recipient >as a part of a formal policy complaint. "annoying behavior" -- what a cute PC euphemism. who's the idiot academic who came up with that? try "moral & ethical bankruptcy" instead. >As far as I can tell, the ability (perhaps the right) to fuss around in >other folks' business and other folks' mail is one of the factors (along >with the ability to create and enforce any number of rules and regulations) >which makes people think it's fun to run a BBS. the "paternal paranoia instinct". ask wells or kleinpaste for a lecture on it. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From remail at tamsun.tamu.edu Fri Oct 1 02:58:05 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Fri, 1 Oct 93 02:58:05 PDT Subject: POISON PILL Message-ID: <9310010931.AA24784@tamsun.tamu.edu> Just because you lose physical possesion of your data, does not have to mean you lose all control over it. How about modifying the electronics in a pager to sit on a disk drive card? Call up the pager number to disable the card or trigger the encryption or erasure of the disk. The caller might also give a password as a pager message. Also, can we make an EMP emitter that hides inside a fake 3 1/4" "floppy"? This would sit inside a box of floppies and could also be triggered by pager. Flash media. Remote control has the following advantages: * Doesn't bother normal operations (eg having virus strings precluces normal checking for viruses, requiring a password or floppy key every time you log on is a pain, etc.) * Can be triggered after the raid has already taken place, if you didn't get advanced warning. Has anybody done a marketing study for secure-computer items like these ideas, CryptoStacker, etc? From hiscdcj at lux.latrobe.edu.au Fri Oct 1 07:53:12 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Fri, 1 Oct 93 07:53:12 PDT Subject: spread spectrum: request for a summary (so I can catch up) Message-ID: <9310011449.AA26422@lux.latrobe.edu.au> Hiyas, I think I missed the discussion on spread spectrum. Can someone email me a summary? Dwayne. hiscdcj at lux.latrobe.edu.au (Dwayne Jones-Evans IRC: ddraig ) ( SCA: Cynon Yscolan ap Myrddin, Stormhold, Lochac, West) PGP public key available. finger me. be gentle. internet---> hiscdcj at lux.latrobe.edu.au From hiscdcj at lux.latrobe.edu.au Fri Oct 1 07:53:18 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Fri, 1 Oct 93 07:53:18 PDT Subject: laying our own wires? Message-ID: <9310011448.AA26371@lux.latrobe.edu.au> >> We could lay our own wires/fibers. >Well, we'd like crypto for the masses and I don't think that the masses are >yet ready to put out the bucks for spread spectrum boards and infrared laser >communications gear... It'd be really nice to have such a decentralized >network, though. Sure, the masses wouldn't do it, but how many are needed? How many users are thereb on the net, compared to how many sites? All it would take is a dozen or so people in each city, and itt could be done. Don't know about intercity stuff, though. A friend of mine is putting together some ideas regarding what he calls 'punknet', using a bundle of small, solar-powered relays, maybe microwave links, or infra-red, or short-distance packet radio, whcih could be manufactured in bulk and stuck all over a city, disguised as bits of construction, ettc, so tthey would be hard to see, acting as switching devices so that we could have a completely open and untraceable network within a city. >> We could set up a mesh network of infrared lasers through the air. Last >> time I looked, there were no laws against shining lights out your window as >> long as they didn't bother anyone. An infrared laser could hardly bother >> anyone. >> >... >> very low range radio, .... Each card would connect to three or more >> neighbors and become part of the global mesh. Adaptive routing with no >> global map would suffice for the card and would keep the whole system >> peer-to-peer with no need for central control and no chance for central >> tapping. Serves me right for not reading through the message first. Yes, this is what my friend was thinking of. >This would be the perfect network in which to deploy DC nets.... (dining >cryptographers). dining? Dwayne. (Dwayne Jones-Evans IRC: ddraig ) ( SCA: Cynon Yscolan ap Myrddin, Stormhold, Lochac, West) PGP public key available. finger me. be gentle. internet---> hiscdcj at lux.latrobe.edu.au From hiscdcj at lux.latrobe.edu.au Fri Oct 1 08:57:52 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Fri, 1 Oct 93 08:57:52 PDT Subject: spread spectrum Message-ID: <9310011554.AA27275@lux.latrobe.edu.au> Hiyas, I think I missed the discussion on spread spectrum. Can someone email me a summary? Dwayne. hiscdcj at lux.latrobe.edu.au From doug at netcom.com Fri Oct 1 08:58:18 1993 From: doug at netcom.com (Doug Merritt) Date: Fri, 1 Oct 93 08:58:18 PDT Subject: POISON PILL Message-ID: <9310011555.AA27460@netcom2.netcom.com> nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) said: >Well, as far as I know, it's hard to recover much of anything >if the bomb is a Thermite one.... they seem to do lots-o-damage >to metallic objects... and, OK, FBI agents. Yeah, I guess thermite would be better than a shock wave bomb in some ways. I could believe that, with sufficiently careful attention to detail, it might be able to heat 100% of the magnetic material beyond the medium's Curie point and therefore beyond all recovery. If on the other hand the thermite were simply tucked next to the drive...well, it's amazing what forensic investigators sometimes recover from things intended to be destroyed by thermite. A lot can go wrong in real world situations. >possibly a strong EMP? Conceivably. I'm unclear about the effects of EMP on magnetic media. Also, really good EMP requires fairly powerful shaped charges. Perhaps a simple degaussing coil would do the trick. Not sure. Seems like it should. Do any modern hard drives attempt magnetic shielding in their cases? Now that prices on recordable CD ROM drives are down to $4K, personal CDROM archiving will become more and more common; thermite would be handy there, too, again assuming very careful design & placement. This little discussion is all just for the fun of it from my point of view; I agree with other comments here that leaving your data encrypted is more to the point, not to mention far more reliable than just about any other trick. Doug From cpsr at access.digex.net Fri Oct 1 09:23:20 1993 From: cpsr at access.digex.net (Dave Banisar) Date: Fri, 1 Oct 93 09:23:20 PDT Subject: CPSR Comments to NIST Message-ID: <199310011619.AA02082@access.digex.net> >Path: digex.net!lynx.unm.edu!pacs.sunbelt.net!udel!wupost!howland.reston.ans.net!agate!ames!sgi!cdp!dsobel >Newsgroups: alt.privacy.clipper >Subject: CPSR Key Escrow Comments (long) >Message-ID: <1838400007 at igc.apc.org> >From: David L. Sobel >Date: 27 Sep 93 10:58 PDT >Sender: Notesfile to Usenet Gateway >Lines: 200 September 27, 1993 Director, Computer Systems Laboratory ATTN: Proposed FIPS for Escrowed Encryption Standard Technology Building, Room B-154 National Institute of Standards and Technology Gaithersburg, MD 20899 Re: Request for Comments; Docket No. 930659-3159 This letter constitutes the formal comments of Computer Professionals for Social Responsibility (CPSR) on the proposed Federal Information Processing Standard for an Escrowed Encryption Standard (EES), as described in the Federal Register on July 30, 1993 (58 FR 40791). CPSR, a national organization of professionals in the computing field, has a long-standing interest in government policies concerning cryptography and computer security. During the past several years we have pursued an extensive study of cryptography policy in the United States. We have organized several public conferences, conducted litigation under the Freedom of Information Act, and appeared on a number of panels to discuss the importance of cryptography for privacy protection and the need to scrutinize carefully government proposals designed to limit the use of this technology. While we do not represent any particular computer company or trade association, we do speak for a great many people in the computer profession who value privacy and are concerned about the government's key escrow initiative. To properly evaluate the key escrow proposal, it is necessary to consider the Computer Security Act of 1987, which made clear Congress' intent that in the area of unclassified computing systems NIST -- and not the National Security Agency (NSA) -- would be responsible for the development of technical standards. The Act emphasizes public accountability and stresses open decision-making. In the spirit of the Act, NIST set out in 1989 to develop a public key cryptography standard. According to documents obtained by CPSR through the Freedom of Information Act (FOIA), NIST recommendFrom owner-cypherpunks Fri Oct 1 10:30:15 1993 Received: by toad.com id AA09012; Fri, 1 Oct 93 10:28:09 PDT Received: by toad.com id AA09009; Fri, 1 Oct 93 10:27:43 PDT Return-Path: Received: from netcom.netcom.com ([192.100.81.100]) by toad.com id AA09005; Fri, 1 Oct 93 10:27:41 PDT Received: from netcom2.netcom.com by netcom.netcom.com (5.65/SMI-4.1/Netcom) id AA01395; Fri, 1 Oct 93 10:27:53 -0700 Date: Fri, 1 Oct 93 10:27:53 -0700 Message-Id: <9310011727.AA01395 at netcom.netcom.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: mgream at acacia.itd.uts.edu.au (Matthew Gream), cypherpunks at toad.com From: msattler at netcom.com (Michael Sattler) Subject: Re: POISON PILL :-) At 10:35 10/1/93 -0500, Matthew Gream wrote: > >I have Australian Defence Security Clearance stickers on my computer, >they are so cool, these little yellow and red stickers that authorise >the computer for secure use (and something else I can't remember). Any chance of getting a few sent to me in San Francisco? ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) "Don't Panic!" -- Douglas Adams "Don't Panic. Stay Cool." -- PRZ From eb15 at postoffice.mail.cornell.edu Fri Oct 1 10:33:37 1993 From: eb15 at postoffice.mail.cornell.edu (Edward Bade) Date: Fri, 1 Oct 93 10:33:37 PDT Subject: POISON PILL Message-ID: <199310011729.AA24994@postoffice.mail.cornell.edu> >You know, if people are going to discuss breaking blowing up computers >and killing people, they could at least have the taste to discuss it >elsewhere. Myself, I'm not a believer in violence, and I don't think >this list is devoted to explosives. Newgroup alt.terrorism.techniques >if you insist. > >Perry > I agree. Besides, there are much more tasteful and aesthetic ways to get the job done. A degaussing coil is a good idea, or why not sell a 'simple' add on (requiring making a hole in the hard-drive's casing), which, at the appropriate moment would quickly inject a fast drying epoxy laced with powdered aluminum, to which was applied a (well-grounded) high voltage/low amperage electric charge from a capacitor built into the case? There are cheap epoxies on the market that could harden in 3-4 minutes at that volume (rule w/ epoxies: spread out they take longer, in a glob as inside the casing of a hardrive, the reaction would run much faster). It will take them a while to chip the media out, and the electric field should do the rest.... ----------------------------------------------------------------- Ned Bade | And you all you sanctified moneybags City and Reg. Planning | Bandits anointed and crowned Cornell University | Your counterfeit towers of justice eb15 at cornell.edu | and ethics will crash to the ground. | -Dick Gaughan. ----------------------------------------------------------------- From jet at netcom.com Fri Oct 1 10:43:38 1993 From: jet at netcom.com (J. Eric Townsend) Date: Fri, 1 Oct 93 10:43:38 PDT Subject: POISON PILL In-Reply-To: <9310010154.AA25936@netcom5.netcom.com> Message-ID: <9310011741.AA01857@netcom6.netcom.com> Doug Merritt writes: > Actually, you'd be surprised what is recoverable in the aftermath of > an explosion. Bombs truly are no guarantee of unrecoverability of data, > at least not simple things like dynamite and pipe bombs. The US Gov policy for the disposal of any media that has been used to store classified data is: wipe -- demagnatize with a *massive* demag unit grind -- toss in a thing that'd make ground chuck out of godzilla incenerate -- at some amazingly high temperature. The media is treated as if it had classified data until after step #3. -eric From jet at netcom.com Fri Oct 1 10:48:10 1993 From: jet at netcom.com (J. Eric Townsend) Date: Fri, 1 Oct 93 10:48:10 PDT Subject: FIDONet Mail filtering - a course of action In-Reply-To: <199310010434.AA16852@eff.org> Message-ID: <9310011746.AA02062@netcom6.netcom.com> Mike Godwin writes: > Outside of the issue of passing encrypted information, it seems common > among Fido sysops to screen for other kinds of content. That can be > way uncool, legally. So how do I prevent what happened to SJG, killer, etc from happening to me? How do I prevent the LE types from showing up one day and saying 'hey, did you know there's a meg of kiddie porn on your machine and we're taking it all away'? Do I have pull my machine off the net and go back to pre-bangnet times? From pierre at shell.portal.com Fri Oct 1 10:58:10 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Fri, 1 Oct 93 10:58:10 PDT Subject: POISON PILL Message-ID: <9310010831.AA03417@jobe.shell.portal.com.shell.portal.com> > From: Panzer Boy > [...] > Blowing things up is nice and all but also lacks style (unless you nuke). ROTFL ... I'd also second whoever mentioned not destroying evidence (and your own data remember? if there is actually a chance you get it back) > Basically a permently encrypted harddrive would be fine. Every boot up > you need to enter a password. If the screen saver kicks in, you have to > enter a password, or it reboots. Stuff like this. Yes, that's probably the best way as otherwise moving disks to an other machine would bypass the protection. Still booting if no or wrong password is good too. But let's add something else: It may be possible (easy?) to hide a partition on the disk: buy two hard drives from a family with different capacity and same packages. Move the labels of the small one to the big one. Discard the small one :-) Use partitions corresponding to the capacity of the small one to store boring un-encrypted material, software, etc... Fix the scsi controller on the drive (re-program) to self-identify with the smaller format, but to obey access commands to the hidden area. You now have a computer and disk drive that boots as a boring system, with a medium size drive, but if you know about it, you can access an other partition of encrypted stuff. The (even not so) casual inspection of the stolen or confiscated system reveals only stuff that is not worth spending time on. Only a very detailed inspection, or a leak, reveals the encrypted stuff, still encrypted... Very frustrating. Of course, if your backups were not encrypted or if you wrote down the keys... This solution is even compatible with using a BIOS ROM glued to the motherboard that prevents unauthorized use of the computer. The hard drive and the motherboard are protected by two different mechanisms. Pierre. pierre at shell.portal.com From marc at GZA.COM Fri Oct 1 11:08:10 1993 From: marc at GZA.COM (Marc Horowitz) Date: Fri, 1 Oct 93 11:08:10 PDT Subject: POISON PILL In-Reply-To: <9310011741.AA01857@netcom6.netcom.com> Message-ID: <9310011806.AA02726@dun-dun-noodles.aktis.com> This thread stopped having anything to do with cryptography a long time ago. Please take it somewhere else. Marc From HAHN at lds.loral.com Fri Oct 1 11:13:39 1993 From: HAHN at lds.loral.com (Reply to: hahn@lds.loral.com) Date: Fri, 1 Oct 93 11:13:39 PDT Subject: Unsubscribe (temporary) Message-ID: <931001141015.2164f@lds.loral.com> Unsubscribe I will be away for a week and my sys admin will not like all c.p. stuff accumulating and taking up disk space. I'll re-up on 11-Oct-93. Thanks. From nate at VIS.ColoState.EDU Fri Oct 1 11:18:10 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Fri, 1 Oct 93 11:18:10 PDT Subject: POISON PILL In-Reply-To: <9310011555.AA27460@netcom2.netcom.com> Message-ID: <9310011816.AA27240@vangogh.VIS.ColoState.EDU> Doug Merritt coersed the electrons into symbolizing: > >This little discussion is all just for the fun of it from my point of view; I >agree with other comments here that leaving your data encrypted is more to >the point, not to mention far more reliable than just about any other >trick. > Doug > I agree, but the fake bombs sound like fun... modeling clay is quite cheap, you know ;-) -nate -- +-------------------------------------------------------------------- | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Always remember "Brazil" +----------------------+ From pmetzger at lehman.com Fri Oct 1 11:18:38 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 1 Oct 93 11:18:38 PDT Subject: POISON PILL In-Reply-To: <9310011641.AA23975@triton.unm.edu> Message-ID: <9310011818.AA11211@snark.lehman.com> > 2) Refuse, and spend the rest of your life in jail for contempt of court. You can't be placed in jail for life for contempt. Eventually, they release you even if you haven't given them the information. Perry From dmandl at lehman.com Fri Oct 1 11:23:38 1993 From: dmandl at lehman.com (David Mandl) Date: Fri, 1 Oct 93 11:23:38 PDT Subject: POISON PILL Message-ID: <9310011819.AA18178@disvnm2.lehman.com> > From: jet at netcom.com (J. Eric Townsend) > > The US Gov policy for the disposal of any media that has been used to > store classified data is: > > wipe -- demagnatize with a *massive* demag unit > grind -- toss in a thing that'd make ground chuck out of godzilla > incenerate -- at some amazingly high temperature. > > -eric At last! I've always wondered that the mysterious "certain government conventions for wiping files" in the Norton Utilities Wipe Disk program referred to. Glad I never selected that option. --Dave. From msattler at netcom.com Fri Oct 1 11:33:38 1993 From: msattler at netcom.com (Michael Sattler) Date: Fri, 1 Oct 93 11:33:38 PDT Subject: POISON PILL Message-ID: <9310011831.AA10015@netcom.netcom.com> At 19:29 9/30/93 -0600, J. Michael Diehl wrote: >How about we take a copy of the public domain bios source, or disassemble one >ourselves. We hack the code a bit... Then we burn a new prom to install into >our machines. AND WE EPOXY THE MOTHER TO THE DAMNED BOARD! We build a card to >stick in our machine which receives a radio signal which contains a decription >key to be supplied to the bios hacks mentioned above. So we use a protable >radio transmitter to send the password to our machine. Our bios waits for this >password for use in decripting the filesystem. If the bios doesn't get this >password, it trashes the cmos and does whatever other mean things it wants to. What interests me the most about this (and similar proposals) is who will be signing up to test this baby on their own computers. Oh well, I guess that's what employer's hardware is for :-) ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) "Don't Panic!" -- Douglas Adams "Don't Panic. Stay Cool." -- PRZ From baldwin at LAT.COM Fri Oct 1 12:03:38 1993 From: baldwin at LAT.COM (Bob Baldwin) Date: Fri, 1 Oct 93 12:03:38 PDT Subject: Media declassification Message-ID: <9310011853.AA10783@LAT.COM> Eric Townsend writes: > The US Gov policy for the disposal of any media that has been used to > store classified data is: > wipe -- demagnatize with a *massive* demag unit > grind -- toss in a thing that'd make ground chuck out of godzilla > incenerate -- at some amazingly high temperature. > The media is treated as if it had classified data until after step #3. In addition to degaussing, crushing, and incenerating classified disks, the US Government has approved a number of software systems that overwrite the media with ones and zeros. Different agencies have different rules and defense contractors have to obey the rules of the agency that they are servicing. The NSA and DOE require four passes over the data with the patterns 0x00, 0x55, 0xAA, and 0x41 (these are hex byte values). The last value is the Ascii letter 'A', which is then verified by spot checking. This pattern flips each bit at least once after setting all bits to zero. With a scanning electron microscope it is possible to pick up fringe regions of the magnetic domains and reconstruct the last dozen or so values for a particular domain. This result means that if a disk has really sensitive information, and it is leaving the secure facility (i.e., not just being re-used for another project, or being transfered to another secure location), then the four-pass overwrite program must be run at least three times. There are also low-level considerations. The main one is that the disk head must be wiggled back and forth as it moves along the disk to vary the alignment between the head and the track to maximize the erasure of outlying magetic domains. If the head is simply stepped from track to track, all tracks will miss the same outlying domains because the head stepping error rate (e.g., 2% off true alignment in the inbound direction) tends to remain constant as the head moves inward. Another low-level consideration is to be sure to erase all the data surfaces including sector headers, bad blocks, alternate cylinders, disk label regions, and sectors reserved for holding redundant copies of the disk geometry information or the disk controller microcode. All this requires going below the operating system to directly issue SCSI or IDE disk commands. LAT sells the only overwrite program that has been approved for Unix platforms. --Bob ---------------------------------------------------------------------- Director of Development Our mission is to provide Los Altos Technologies, Inc. the best solutions to our Voice: 415/988-4848 customers' key computer Fax: 415/988-4860 security problems while email: baldwin at lat.com increasing their productivity. ---------------------------------------------------------------------- From newsham at wiliki.eng.hawaii.edu Fri Oct 1 12:18:10 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Fri, 1 Oct 93 12:18:10 PDT Subject: D.C Nets Message-ID: <9310011917.AA10860@toad.com> some people mentioned that they want to set up local (neighborhood) networks and that they are "ideal" for making D.C. Nets with. I have a question about DC Nets. Is there anyway to use a DC Net to create sessions? The DC Net protocol is bit based right? So if you set up a session how do you tell which bits came from one person and belong to one session, and which came from another and belong to another session? Especially since the whole point of a DC Net is to make it undetectable where the bit originated from. Also once you solved that, what is to stop someone else from injecting bits into your session? ... From eb15 at postoffice.mail.cornell.edu Fri Oct 1 12:38:10 1993 From: eb15 at postoffice.mail.cornell.edu (Edward Bade) Date: Fri, 1 Oct 93 12:38:10 PDT Subject: Media declassification Message-ID: <199310011935.AA29595@postoffice.mail.cornell.edu> Can you suggest the best overwrite programs for other platforms and where to get them? Ned > LAT sells the only overwrite program that has been approved >for Unix platforms. > > --Bob From 72114.1712 at CompuServe.COM Fri Oct 1 12:53:38 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Fri, 1 Oct 93 12:53:38 PDT Subject: TRAVELLER'S ADVISORY Message-ID: <931001194816_72114.1712_FHF24-4@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Here's a scary (but so far imaginary) news item: MILLIONAIRE HIPPIE HACKER ARRESTED FOR SMUGGLING WAR MATERIEL (San Francisco) Silicon Valley entrepreneur and self-styled "cypherpunk," John Gilmore, was arrested today at San Francisco International Airport. A Secret Service spokesperson said Gilmore was attempting to smuggle restricted software to England where he was to have been a speaker at a hackers' conference. The spokesperson added that the Secret Service has reason to believe that Gilmore intended to meet with members of a radical Islamic terrorist group, but declined to elaborate on this charge. Apparently, airport security personnel received an anonymous tip that Gilmore had hidden the software in his laptop computer. The computer and several computer disks were seize as evidence. Think it couldn't happen? I'm not so sure. It would be child's play to plant PGP in someone's seized laptop or to put a PGP disk in their luggage. While they were at it, a little marijuana or crack cocaine could be put in there too. Think of the photo op as John is lead away in handcuffs. What a PR coup for the Feds. I think this is a real danger for outspoken Cypherpunks or other high-profile individuals such as Phil Zimmermann. Unfortunately, I don't have any bullet-proof solutions. Suggestions? S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From Hastings at courier8.aero.org Fri Oct 1 13:08:10 1993 From: Hastings at courier8.aero.org (Hastings at courier8.aero.org) Date: Fri, 1 Oct 93 13:08:10 PDT Subject: Single Value Pseudonyms Message-ID: <00083D17.MAI*Hastings@courier8.aero.org> Someone posted a way to resist altered bank notes if the consumer's random blinding factor signed by the bank wasn't really so random, by something called (if I remember right) a "cut-and-choose" protocol. To make things very simple for a bank, I suggest having fixed value digital pseudonyms for each value of bank note. For example, the Bank of Hastings on Kent would use "AU 500 mg from HoK Bank" as the user name for all signed 500 milligram gold certificates. When a merchant or ultimately the bank verifies the note, it will see "AU 500 mg" as the message, or will not accept it. No worry about spoofing. Kent - From mimir at u.washington.edu Fri Oct 1 13:13:39 1993 From: mimir at u.washington.edu (Al Billings) Date: Fri, 1 Oct 93 13:13:39 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: <199309301507.AA09112@eff.org> Message-ID: On Thu, 30 Sep 1993, Mike Godwin wrote: > Bill writes: > > > Heh. OK. Well, if one behaves "ethically", then I guess *that* closes > > the issue. It's his machine and he gets to make the rules. (this is > > my personally-adhered-to point of view) > > My question is this: how does he know that the mail is encrypted if he's > not examining the mail that passes through his system? If he *is* > examining the mail that passes through his system, it seems likely that he > is violating the Electronic Communications Privacy Act. Only if he has stated that he allows private mail. Most sysops have specifically worded policy statements for their systems that say that the sysop can read any and all messages on the system and may do so at any time. Bulletin boards do not normally offer truely private mail because of some of the legal implications. From mnemonic at eff.org Fri Oct 1 13:13:44 1993 From: mnemonic at eff.org (Mike Godwin) Date: Fri, 1 Oct 93 13:13:44 PDT Subject: FIDONet Mail filtering - a course of action In-Reply-To: <9310011746.AA02062@netcom6.netcom.com> Message-ID: <199310012011.AA22848@eff.org> J. Eric writes: > So how do I prevent what happened to SJG, killer, etc from happening > to me? What gives you the impression that there is *anything* you can do to prevent it? The BBS seized in the SJG case did not have illegal material on it. > How do I prevent the LE types from showing up one day and > saying 'hey, did you know there's a meg of kiddie porn on your machine > and we're taking it all away'? You can't prevent it. You can minimize the risk of it by destroying any kiddie porn you find uploaded to your system. Unless the kiddie porn has been included as part of an electronic communication, it's just a file, and not covered by ECPA. Nothing in ECPA prevents you from looking at any GIFs uploaded to your system, but ECPA does prevent your interception or disclosure of electronic messages that pass through your system if you're not the intended recipient. > Do I have pull my machine off the net and go back to pre-bangnet > times? Pulling your system off the net does not eliminate the possibility that it will be seized. Nothing does. --Mike From anonymous at extropia.wimsey.com Fri Oct 1 13:33:38 1993 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Fri, 1 Oct 93 13:33:38 PDT Subject: No Subject Message-ID: <199310012013.AA24686@xtropia> * Reply to msg originally in CYPHERPUNKS > From: mdiehl at triton.unm.edu (J. Michael Diehl) > I had heard a rumor that fidonet forbade encrypted e-mail, but I > had to find out for myself. Well, they do. No, they do not. This is a myth, and you have drawn a mistaken conclusion from your experiment. This thread has already run off into left field by the time I got to it, but to try to drag a little reality back in, I submit the following: FIDOnet has within it SECURENET, which is a netmail-handling network specifically for encrypted netmail. Mail points not wishing to handle PGPed or other encrypted netmail are provided with software to automatically remove PGP netmail and re-route it into the FIDO SECURENET network. FIDOnet has at least two conferences specifically for PGP and other public-key encryption system discussions and key exchange, PUBLIC_KEYS and KEY_DROP (if I remember correctly). Now, the point most internet people forget is that FIDOnet hosts are hobbyists with 100% privately-owned machines and generally pay for the entire participation of their userbase out of their own pockets, excepting a few who get some dollars here and there from their generous callers. As a completely justified consequence, they can decide if they allow encrypted traffic _on their individual BBSs_. In that there is considerable fear of the consequences of illegal activity being conducted on their BBSs via encrypted mail, many sysops (such as the one you mention, leaving aside, for now, that he apparently confused a PGP key with an encrypted message) do not wish to take the risk and forbid encrypted traffic. They also monitor e-mail, if only incidentally during the course of routine system maintenance, and notices to this effect are generally contained in log-on screens and new-user info files. In that these sysops are extremely, _personally_ vulnerable, they are generally more cautious than those internet folks who can hide behind institutions and businesses. In spite of this, there are a very large number of FIDOnet sysops who participate in SECURENET and encourage the spread of encryption technology to the general public. From mnemonic at eff.org Fri Oct 1 13:43:40 1993 From: mnemonic at eff.org (Mike Godwin) Date: Fri, 1 Oct 93 13:43:40 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: Message-ID: <199310012040.AA23053@eff.org> Al Billings writes: > On Thu, 30 Sep 1993, Mike Godwin wrote: > > > > My question is this: how does he know that the mail is encrypted if he's > > not examining the mail that passes through his system? If he *is* > > examining the mail that passes through his system, it seems likely that he > > is violating the Electronic Communications Privacy Act. > > Only if he has stated that he allows private mail. Most sysops have > specifically worded policy statements for their systems that say that the > sysop can read any and all messages on the system and may do so at any > time. That's all very nice, but it doesn't enable a FIDO sysop to intercept messages from people who are not users of his or her particular system. Those people did not waive their rights to privacy under the ECPA. > Bulletin boards do not normally offer truely private mail because of > some of the legal implications. This is a common myth. First of all, there are many BBSs that do offer truly private mail, or whose sysops, as a matter of policy, do not read others' private mail. Secondly, there's no legal liability associated with allowing e-mail privacy. Third, federal law (the ECPA) bars sysops from examining mail except under some very precisely defined circumstances. I suggest that you inform sysops who tell you otherwise that they can contact me at the Legal Services Department of EFF. You've got my e-mail address already--my phone number is 202-347-5400. --Mike From m5 at vail.tivoli.com Fri Oct 1 13:58:12 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Fri, 1 Oct 93 13:58:12 PDT Subject: FIDOnet encrypted mail issues In-Reply-To: <199310012013.AA24686@xtropia> Message-ID: <9310012049.AA22935@vail.tivoli.com> anonymous at extropia.wimsey.com writes: > Now, the point most internet people forget is that FIDOnet hosts are > hobbyists with 100% privately-owned machines and generally pay for the > entire participation of their userbase out of their own pockets, > excepting a few who get some dollars here and there from their generous > callers. While I agree that this is laudable (in fact, I hereby laud such sysops), I don't think this is much different than small, medium, and large businesses and some private individuals which route Internet and USENET mail without question and without charge on a constant basis. > As a completely justified consequence, they can decide if they > allow encrypted traffic _on their individual BBSs_. Encrypted "traffic"? Encrypted traffic to/from the BBS itself, maybe. However, it seems to me that it's an open question in this discussion as to whether it's legal for the BBS operator to enforce such a restriction on traffic flowing through the machine as part of a multi-hop route. > In that there is > considerable fear of the consequences of illegal activity being > conducted on their BBSs via encrypted mail, many sysops (such as the one > you mention, leaving aside, for now, that he apparently confused a PGP > key with an encrypted message) do not wish to take the risk and forbid > encrypted traffic. This is the issue: are such sysops, in the quest to prevent illegal activity, engaging in an illegal activity? > They also monitor e-mail, if only incidentally > during the course of routine system maintenance, and notices to this > effect are generally contained in log-on screens and new-user info > files. Well, it seems to me that to actually prevent encrypted traffic from flowing through the site, pretty much *all* mail would have to be screened. > In that these sysops are extremely, _personally_ vulnerable, they are > generally more cautious than those internet folks who can hide behind > institutions and businesses. But the sad truth may be that they're damned if they do and damned if they don't. Being the owner of the machine and providing a free service don't seem to be relevant facts when examining the practice of e-mail filtering by examination in light of the ECPA. -- Mike McNally From peb at PROCASE.COM Fri Oct 1 14:23:39 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Fri, 1 Oct 93 14:23:39 PDT Subject: POISON PILL Message-ID: <9310012123.AA00940@banff.procase.com> All this talk of booby-traps reminds me of this booby-trap expert who had written books and had his house set up completely. He was found dead one day when one of the traps got him... [This anecdote is vaguely remembered from a short note in Whole Earth Review. I remember seeing a review in the '70s on the book itself when it was originally reviewed.] Paul E. Baclace peb at procase.com From mnemonic at eff.org Fri Oct 1 14:23:45 1993 From: mnemonic at eff.org (Mike Godwin) Date: Fri, 1 Oct 93 14:23:45 PDT Subject: FIDOnet encrypted mail issues In-Reply-To: <9310012049.AA22935@vail.tivoli.com> Message-ID: <199310012116.AA23333@eff.org> anonymous at extropia.wimsey.com writes: > Now, the point most internet people forget is that FIDOnet hosts are > hobbyists with 100% privately-owned machines and generally pay for the > entire participation of their userbase out of their own pockets, > excepting a few who get some dollars here and there from their generous > callers. I have never forgotten this. But their commitment and efforts do not amount to an amendment to federal law. > As a completely justified consequence, they can decide if they > allow encrypted traffic _on their individual BBSs_. Under what legal theory do they get an ECPA exemption as a "completely justified consequence"? > In that there is > considerable fear of the consequences of illegal activity being > conducted on their BBSs via encrypted mail, many sysops (such as the one > you mention, leaving aside, for now, that he apparently confused a PGP > key with an encrypted message) do not wish to take the risk and forbid > encrypted traffic. What they don't realize is that, rather than reducing the risk of legal liability, they are increasing it. > They also monitor e-mail, if only incidentally > during the course of routine system maintenance, and notices to this > effect are generally contained in log-on screens and new-user info > files. Any monitoring that results *directly* as a function of system maintenance is okay--it's sanctioned by ECPA. > In that these sysops are extremely, _personally_ vulnerable, they are > generally more cautious than those internet folks who can hide behind > institutions and businesses. If they were really cautious, they'd talk to a lawyer before setting policy based on some guess as to what their legal liabilities may be. --Mike From mimir at u.washington.edu Fri Oct 1 14:28:11 1993 From: mimir at u.washington.edu (Al Billings) Date: Fri, 1 Oct 93 14:28:11 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: <199310012040.AA23053@eff.org> Message-ID: On Fri, 1 Oct 1993, Mike Godwin wrote: > Al Billings writes: > > > Only if he has stated that he allows private mail. Most sysops have > > specifically worded policy statements for their systems that say that the > > sysop can read any and all messages on the system and may do so at any > > time. > > That's all very nice, but it doesn't enable a FIDO sysop to intercept > messages from people who are not users of his or her particular system. > Those people did not waive their rights to privacy under the ECPA. As has already been shown from Fidonet policy, Fidonet does not guarantee private mail in any from and, in fact, advises that mail will be going through many sites and can be read along the way. > > Bulletin boards do not normally offer truely private mail because of > > some of the legal implications. > > This is a common myth. First of all, there are many BBSs that do > offer truly private mail, or whose sysops, as a matter of policy, do not > read others' private mail. Secondly, there's no legal liability associated > with allowing e-mail privacy. Third, federal law (the ECPA) bars > sysops from examining mail except under some very precisely defined > circumstances. The third point does not apply if the sysops offer no private mail in the first place. > I suggest that you inform sysops who tell you otherwise that they can > contact me at the Legal Services Department of EFF. You've got my e-mail > address already--my phone number is 202-347-5400. I don't need sysops to tell me otherwise. I've been running my own BBS for over three years. My system has a very clear policy statement that refers to the ECPA and states VERY clearly who can read the messages posted on my system in different areas. As I'm not a Fido hub (and barely participate in that network at all), I don't have to worry about passing other mail through my system. Wassail, Al Billings, Sysop of The Sacred Grove 1:343/56 From tcmay at netcom.com Fri Oct 1 14:33:39 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 1 Oct 93 14:33:39 PDT Subject: BlackNet Investigations--the Truth (fwd) Message-ID: <9310012129.AA15204@netcom5.netcom.com> Cypherians, Here's a posting I sent to the "Extropians" list, which many of you are already on..sorry about getting this twice. Hit "delete" now if you are not interested in the "crypto-anarchy" side of what we are doing. I say this because when I post on these topics, which are apparently of interest to some, I often get notes or postings saying "Not all of us are anarchists, so keep this stuff off the list!" Now we are a diverse bunch. Some of us are fairly radical libertarians and see strong crypto as the technological tool to demolish governments (including the U.S. government). Others of us are anti-big business and see crypto as a means of reducing the power of large corporations over individuals. Others are socialists, acid freaks, even military cadets. Whatever. Some want to talk about using thermite bombs to melt hard disks (a current hot topic, as it were). Others are deeply into Perl scripts, MIME, and so on. For others, patent law and the ins and outs of the ECPA are the big excitement. The point is, there are a lot of loosely related items in the Cypherpunks agenda. What follows is related to _my_ main interest, the colonization of cyberspace and the institutions and methods which will arise. Don't read it if it doesn't interest you. And if you're scared that talking about using technology to bypass laws and ultimately overthrow national governments as we know them today will get you into trouble with the authorities or with your company, well, then this list is probably not for you. Me, I say what I think. Others can say what they think, too. -Tim May Forwarded message: To: Extropians at extropy.org Date: Fri, 1 Oct 93 14:06:16 -0700 From: tcmay at netcom.com (Timothy C. May) Subject: BlackNet Investigations--the Truth BlackNet Investigations Announces New Dossier Services FLASH: BlackNet Investigations is pleased to announce the immediate availability of dossiers from the former East Germany (DDR) and the former Soviet Union. We have obtained tens of millions of dossiers on activists, dissidents, extropians, and ordinary people and have meticulously scanned and digitized the essence of these files (many of these files were already in magnetic format, albeit primitive). Now you can learn what the KGB had on your business associates! Now you can discover if that little German pastry is as innocent as she seems. And you can even find out what the GRU had on you from your visit to Vienna in 1984. Contact us for details. Competitive rates, as always. And coming soon: the previously secret files of the KriminalStaatsPolizei. Plus, the now-privatized dossiers of the South American police states! Sources close to the FBI may soon make their files available as well! We are also negotiating with personnel at hospitals and insurance companies to obtain black market copies of insurance records, describing in gory detail all medical and psychiatric conditions for tens of millions of Americans. Onward and Upward! -BlackNet Investigations, a Cyberspace Entity ......... By now many of you know that BlackNet Investigations is not quite real...yet. More than just a Klaus!-style put-on, it's a basically plausible implication of current trends. Some of you requested your dossiers, others even wrote threatening notes. And a few of you even played along, saying how "shocked, simply shocked" you were to see the dossiers compiled on you. (Thanks! You know who you are.) As Dave Krieger noted in his piece on BlackNet Investigations, folks need to keep the inevitability of such dossier-based systems in mind. Others may not "advertise" the way BlackNet does, but they're just as surely keeping dossiers. I don't think it's overly paranoid to suggest that things you write on Usenet, or in mailing lists like Extropians and Cypherpunks, are being compiled by some into dossiers of sorts...call them "databases" if you like, but they're still dossiers. And in fact I do have a lot of Extropians and Cypherpunks postings tucked away in places that my Mac databases can access them easily, via keyword searches, tagged fields, etc. I'm quote sure a lot of people are doing this, quite likely some TLA agencies. All of the Extropians and Cypherpunks traffic for the past couple of years, and a lot more, fits on a single 128 MB magneto-optical cartridge...and I've got 10 or so of them. All Usenet postings are archived on CD-ROMs, available by subscription (Walnut Creek Software, or somesuch...and maybe multiple sources). Easy to obtain. Expect ftp sites to carry these back postings, if they aren't already available. In the next 10 years it'll be essentially a trivial exercise for any person--your child, your potential employer, credit agencies, etc.--to sift through the 20 or 30 gigabyes of Usenet traffic for a 10-year period and look for juicy items, for admissions of unusual sexual practices, for extreme political statements, etc. Data storage increases (CDs, DATs, MOs, new media) and processor speed increases will make searches easy and fast. Rather than having all this data on one's own machine, many people will compile it into files or dossiers, and then charge access fees. Customized searches, specialized grepping, and database "engines" optimized for search (like the Connection Machines, the Teradata hypercubes, neural net and fuzzy logic engines, etc.) will make this even easier. As jurisdictions attempt to pass laws restricting these accesses, as with the convoluted U.S. laws regarding credit, tenant (renter) credit, medical malpractice databases, etc. (the whole credit market, in other words), these databases will be moved offshore. Or the access may go offshore, and then back again! (You can set up the databases in your bedroom, then sell access through "cut-outs" that lie beyond the reach of U.S. laws.) Private investigation as we know it today will be radically changed. (Actually, much of current P.I. work is already accessing records and databases, so-called "skip-tracing" work, to see where vanished people have ended up...deadbeat dads, missing children, etc.) Entities like BlackNet will flourish in the crypto-anarchic world of cyberspace (or "cypherspace," as John Draper dubbed it). Positive reputations will be of utmost importance, as we've discussed so many times. Digital pseudonyms will of necessity become more widespread. Offshore data havens, credit agencies that aren't restricted to the "7 years" allowed by U.S. law, repositories of stolen software, all will be accessible by "BlackNet"-style "wormholes" (the public key access methods that allow entities to communicate anonymously and untraceably). Wake up and prepare for this future. Embrace it, or be left behind. Crypto-anarchy is inevitable, and changes everything. -Tim May -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From capek at watson.ibm.com Fri Oct 1 14:38:39 1993 From: capek at watson.ibm.com (Peter Capek (TL-863-6721)) Date: Fri, 1 Oct 93 14:38:39 PDT Subject: Medium destruction Message-ID: <9310012138.AA12841@toad.com> I have no firsthand knowledge, but a friend who was into this a few years ago told me that the following is used for NSA's "best stuff" on paper... First, it is shredded. Then, it is burned. Then, the ashes are soaked in acid Then the acid is allowed to evaporate and the resulting mass is formed into bricks. The bricks are dumped at sea at a classified location which is changed weekly. Maybe he was putting me on, but... A few years ago, the American embassy in (I think) Teheran was invaded by mobs of locals. They apparently managed to get hold of a lot of classified documents which had been shredded in the minutes before they managed to break in. But a few months later, there appeared in the New York Times reconstructions of a few pages of the original material, based on a lot of tedious labor. So, maybe the procedures above aren't excessive... From mnemonic at eff.org Fri Oct 1 14:43:39 1993 From: mnemonic at eff.org (Mike Godwin) Date: Fri, 1 Oct 93 14:43:39 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: Message-ID: <199310012140.AA23553@eff.org> Al Billings writes: > As has already been shown from Fidonet policy, Fidonet does not guarantee > private mail in any from and, in fact, advises that mail will be going > through many sites and can be read along the way. You could be extrapolating from Fidonet's refusal to *guarantee* e-mail privacy (after all, how could Fidonet *enforce* it?) that all users of every Fido BBS everywhere have waived their rights under ECPA. My understanding is that Fidonet policy was drafted not in order to comply with ECPA, but to acknowledge that, in this decentralized network, there was no authority a user a could appeal to if his e-mail was not kept private. But I'd be interested in seeing a direct quote of the policy provision you're alluding to here. And what about me? I don't post from a Fido BBS, so even if there's a Fidonet-wide waiver of ECPA rights, it's not a waiver *I* have agreed to. What if mail from me passes through a Fido node on its way to a non-Fido destination? > The third point does not apply if the sysops offer no private mail in the > first place. Certainly, if they offer no mail at all, they're not liable, since no mail passes through their systems. But the interesting case is this: let's assume that you're right that all Fido users everywhere have agreed to waive their ECPA rights. Then are the sysops who reserve their right to read e-mail reading *all* e-mail that passes through their systems? If not, this puts the lie to the claim that they're limiting their liability by reserving their right to read e-mail. After all, the criminally significant communications may be the ones they're skipping. In general, criminal liability depends on *knowledge*--you normally can't be held criminally liable for acts and communications you didn't know about. I know of no case in which a sysop has been held *civilly* liable for failing to read all e-mail on his system. So, in terms of classic risk analysis, what does that statistic tell you? > > I suggest that you inform sysops who tell you otherwise that they can > > contact me at the Legal Services Department of EFF. You've got my e-mail > > address already--my phone number is 202-347-5400. > > I don't need sysops to tell me otherwise. I wasn't referring you to any sysops. > I've been running my own BBS > for over three years. My system has a very clear policy statement that > refers to the ECPA and states VERY clearly who can read the messages > posted on my system in different areas. As I'm not a Fido hub (and barely > participate in that network at all), I don't have to worry about passing > other mail through my system. If all your users have agreed to waive their e-mail privacy rights, and you're not dealing with any mail that does not either originate or terminate on your system, then you're not in violation of ECPA. --Mike From klbarrus at owlnet.rice.edu Fri Oct 1 15:53:40 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Fri, 1 Oct 93 15:53:40 PDT Subject: FIDO, encryption Message-ID: <9310012250.AA19691@arcadien.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- Here is the companion script to the other one I posted. It takes the output of the previous script (which takes PGP encrypted ascii to a list of geopraphic name), and turns it back into a PGP file. Not really stegonography since it's really just a substitution cipher. But, with a more sophisticated output grammar, you could embed your encrypted file in a bizarre vacation itinerary :-) pgphide < file.asc | mail -s "not encryped at all" user at host and then pgpuhide < mail_file_from_sneaky_person > pgpfile.asc will allow your friend decrypt pgpfile.asc. - ---------- #!/usr/local/bin/perl #pgpunhide - converts a geographic file back to pgp #Karl L. Barrus %conversion = ( 'canada', '0', 'united states', '1', 'mexico', '2', 'pacific ocean', '3', 'atlantic ocean', '4', 'arctic ocean', '5', 'gulf of mexico', '6', 'north america', '7', 'allegheny mountains', '8', 'rocky mountains', '9', 'alabama', 'a', 'alaska', 'b', 'arizona', 'c', 'new mexico', 'd', 'arkansas', 'e', 'california', 'f', 'colorado', 'g', 'connecticut', 'h', 'rhode island','i', 'delaware', 'j', 'maryland', 'k', 'florida','l', 'georgia', 'm', 'hawaii', 'n', 'idaho','o', 'illinois', 'p', 'indiana', 'q', 'iowa','r', 'kansas', 's', 'kentucky', 't', 'louisiana','u', 'maine', 'v', 'massachusetts', 'w', 'michigan','x', 'minnesota', 'y', 'mississippi', 'z', 'missouri','A', 'montana', 'B', 'nebraska', 'C', 'nevada','D', 'utah', 'E', 'new hampshire', 'F', 'vermont','G', 'new jersey', 'H', 'new york', 'I', 'north carolina','J', 'north dakota', 'K', 'south dakota', 'L', 'ohio','M', 'oklahoma', 'N', 'oregon', 'O', 'pennsylvania', 'P', 'south carolina', 'Q', 'tennessee', 'R', 'texas','S', 'virginia', 'T', 'washington', 'U', 'west virginia','V', 'wisconsin', 'W', 'wyoming', 'X', 'washington d.c.','Y', 'bermuda', 'Z', 'guam', '+', 'puerto rico','/', 'virgin islands','=', ); print "-----BEGIN PGP MESSAGE-----\n"; print "Version: 2.3a\n\n"; while (<>) { $line = $_; chop $line; if ($line eq "") { print "\n"; } else { print $conversion{$line}; } } print "-----END PGP MESSAGE-----\n"; -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLKyz4YOA7OpLWtYzAQF3JAP9EjWnj7pix65fJLFf9mE+gLkw719nX0Xa jMgHFxmDIdeOxewi9ZnuzE99QqQHv4+TO3dO+CGg0zxGhCMO8/mu4vQtK6825kHl 9fESP/f2oSVLDPd2/Zv3c0/kMKe9UnMModNgl7tngzsMeBkFJVCnKjkQNGsJGCSz C5Z4uXaZccs= =M+N2 -----END PGP SIGNATURE----- From digex at access.digex.net Fri Oct 1 16:13:40 1993 From: digex at access.digex.net (Doug Humphrey) Date: Fri, 1 Oct 93 16:13:40 PDT Subject: [Question EFF yielding of crypto authority to NIST] Message-ID: <199310012306.AA11714@access.digex.net> [stuff deleted] >Actually, they have issued such legal guarantees. They're in the form of the >administration's vow to uphold the US Constitution. That document's 9th and >10th amendments preclude US Government denial or disparagement of the people's >right to use cryptography (and a whole lot of others). The fact that these >legal guarantees are being ignored simply illustrates that their tyranny is >unbridled. When I first scanned this, I saw "... illustrates that their tyranny is unbundled" And I thought, what a concept! Doug From exabyte!smtplink!mikej at uunet.UU.NET Fri Oct 1 16:43:40 1993 From: exabyte!smtplink!mikej at uunet.UU.NET (Mike Johnson) Date: Fri, 1 Oct 93 16:43:40 PDT Subject: MPJ Encryption Algorithm Message-ID: <9309017495.AA749522149@smtplink.exabyte.com> Bill Stewart writes: > Sounds interesting; do you have any comparisons between it and IDEA > about either encryption strength, speed, or design philosophy? The full design philosophy for MPJ is in my thesis. Since then, I learned about differential cryptanalysis and was relieved to see that MPJ is fairly resistant to that. Here is a short summary: Algorithm Key size Block size Rounds Strength* SW Speed HW Speed DES 56 bits 64 bits 16/2 22-55 slow fast 3DES 112 bits 64 bits (16*3)/2 24-58 slower fast IDEA 128 bits 128 bits 16 65-110 fast fast Skipjack 80 bits 128 bits 32 79 ? ? MPJ 128 bits 128 bits 10 70-120 medium very fast MPJ2 >=64 bits 128 bits >=10 50-128 <=medium <=very fast *Strength is a GUESS at log base 2 of the complexity of breaking it. Algorithm Legal status Back door? Origin DES Public Domain No IBM/NBS->NIST/NSA 3DES Public Domain No IBM IDEA Patented No Switzerland Skipjack Classified LEAF NSA MPJ Public Domain No USA - University of Colorado at Colorado Springs (UCCS) MPJ2 Not yet released No USA DES Design philosophy: (1) Fit in small chip (2) Use involution for reversibility (only half of block changes with each round) (3) Use polyalphabetic nonlinear s-boxes of limited size (requires great care to avoid differential cryptanalysis) (4) Some design criteria still classified. 3DES Design philosophy: (1) Cascade existing known algorithm (2) Avoid weak key situations (3) Try not to require too much more key than the strength of the algorithm justifies (i.e. just 2 instead of 3 keys are used). (4) Apply a bandaid. Making one compound block cipher would have been more secure, but not all the s-box design criteria are known. IDEA Design philosophy: (1) Use unrelated arithmetic operations on different fields. (2) Use only 32 bit arithmetic operations for speed on a computer. (3) Arrange the structure of the algorithm to do proper confusion/diffusion. (4) Very small code and memory space used in computer. Skipjack design philosophy (guessed): (1) Similar to DES, but with a block size of 128 bytes. (2) No attack known to the NSA will be more than a bit or two better than exhaustive key search. (3) Learn from the mistakes of DES (i.e. avoid weak keys and complementation symmetries DES suffers from). (4) Restrict knowledge of the algorithm as much as possible. MPJ Design philosopy: (1) Relax some of the size limits of DES & IDEA to gain security, but make sure it fits on a PC. (2) Avoid fragile fixed s-box & subkey design of DES, but copy its product cipher structure. (3) Change the whole block with each round instead of just half (i.e. 10 MPJ rounds is as effective as 20 DES-type rounds). (4) Make every output bit a strong function of every bit of the input and every bit of the key within 3 rounds. (5) Use such simple operations in a complex and nonlinear fashion that mathematical breakthroughs are not a threat (as with RSA). (6) Make the substitution steps reversible through a very clever construction of reversible substitution arrays directly from the key. (7) Make key scheduling slow (to discourage exhaustive search for keys), but make the algorithm very fast, especially in dedicated hardware. (8) Make creative use of nonlinearity, bit twiddling, and rounds to thwart an analytical attack using massive quantities of known or chosen plain text. MPJ2 Design philosophy: (1) Generalize the key scheduling to accommodate variable length keys. (2) Generalize to n rounds. (3) Attempt to do key scheduling on the fly in cases where the memory required for precomputed internal keys take up too much RAM. Common elements: All of these block cipher algorithms use repeating rounds of "confusion and diffusion" or "substitution and permutation" weaker ciphers to form a stronger product cipher. All of them are secure, even if the cipher becomes known. Skipjack is classified more to prevent knowledge of design criteria and cryptanalysis secrets, and to allow the forced insertion of a back door (LEAF) than for the security of the algorithm (just ask Dr. Denning). DES and 3DES can raise the price of unauthorized disclosure of secrets above the average individual's means. The others have the potential of raising the price of eavesdropping by breaking crypto algorithms to above the budgets of organized crime, hostile governments, and terrorists. None of them prevent other technological solutions to spying, such as placing bugs closer to the target individual, office, or computer system. General rules of the game in CRYPTOGRAPHY and CRYPTANALYSIS: 1. There is always a way to crack any practical cryptosystem. 2. Your opponent will not tell you if she has broken your cryptosystem and is reading your mail. 3. The longer any one cryptosystem is in use, and the more widely it is used, the more likely it is that someone has broken it, or at least discovered a weakness in it and not told anyone about it. 4. The more widely used a cryptosystem is, the more profitable it is to try to break it (for either noble or ignoble purposes). 5. Exclusive control of the ability to communicate securely is a powerful force that can easily be corrupted. 6. Putting all your eggs in one basket is unwise. Use more than one cryptosystem, and change keys regularly -- even if you don't suspect compromise. 7. Insecure cryptosystems often appear on the surface to be secure. They are often sold for good money. DISCLAIMERS: DISCUSSIONS ABOVE ARE FROM MEMORY AND MAY NOT BE ACCURATE. ALL DATA CLAIMING TO BE GUESSWORK IS. PROVING ANY CRYPTOSYSTEM SECURE IS USUALLY IMPOSSIBLE. INVENTERS OF CRYPTO ALGORITHMS ARE NOT QUALIFIED TO JUDGE THEM. Mike Johson mpj at csn.org This message contains writings protected under the First Amendment of the Constitution of the United States of America. Censorship is forbidden. From an36440 at anon.penet.fi Fri Oct 1 17:33:42 1993 From: an36440 at anon.penet.fi (an36440 at anon.penet.fi) Date: Fri, 1 Oct 93 17:33:42 PDT Subject: TRAVELLER'S ADVISORY Message-ID: <9310020031.AA05043@anon.penet.fi> >Unfortunately, >I don't have any bullet-proof solutions. Suggestions? Yes. Seek professional help. And try Xanax. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From doug at netcom.com Fri Oct 1 17:38:14 1993 From: doug at netcom.com (Doug Merritt) Date: Fri, 1 Oct 93 17:38:14 PDT Subject: secretive API Message-ID: <9310020037.AA06794@netcom6.netcom.com> I don't know if this is old hat, but I was amused to see a moment ago on another mailing list the following quote from the Windows NT API: ERROR_TOO_MANY_SECRETS -The maximum number of secrets has been exceeded. -Win32 (NT) API. Doug From doug at netcom.com Fri Oct 1 18:08:13 1993 From: doug at netcom.com (Doug Merritt) Date: Fri, 1 Oct 93 18:08:13 PDT Subject: TRAVELLER'S ADVISORY Message-ID: <9310020108.AA11545@netcom6.netcom.com> an36440 at anon.penet.fi said: >> [ Sandy said: ] >>Unfortunately, >>I don't have any bullet-proof solutions. Suggestions? > >Yes. Seek professional help. And try Xanax. Now, now. Sandy's got a point, John could in fact get zapped by overly zealous authorities. It may be mildly paranoid to think that they'd plant evidence on him...the suits only do that if they're *REALLY* pissed at someone, and even then only sometimes...they're risking their jobs every time they do that, after all. Actual conspiracies are comparatively rare, if only because they take a lot of high level carefully planning and support to execute well. It's not like John is a key figure in South American politics or something. :-) But nonetheless, there's still the chance that they'd get a fixation on the notion that he was carrying something illicit out of the country and interfere with his travel in a very unpleasant way. It wouldn't be the first time such a thing happened purely out of misplaced zealousness. As for solutions, the age-old approach is to be a high profile philanthropic and campaign contributor and elbow-rubber, so that one has a lot of community support if one gets leaned on. This would be a private matter for John, though, and not up to us to discuss. I mention it simply because it *is* a well known partial solution. I actually don't exactly recommend it, for complicated reasons. Considering certain recent posts (and considering the Internet at large, for that matter), I'll still give you points for showing signs that you paid attention to everything Sandy said and responded to what he actually said. I wish everyone would do that. ;-) Doug From mgream at acacia.itd.uts.edu.au Fri Oct 1 20:33:54 1993 From: mgream at acacia.itd.uts.edu.au (Matthew Gream) Date: Fri, 1 Oct 93 20:33:54 PDT Subject: POISON PILL In-Reply-To: <9310010831.AA03417@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310020332.AA21867@acacia.itd.uts.EDU.AU> In reply to (Pierre Uszynski): | But let's add something else: | | It may be possible (easy?) to hide a partition on the disk: buy two hard [..] | The (even not so) casual inspection of the stolen or confiscated system | reveals only stuff that is not worth spending time on. Only a very | detailed inspection, or a leak, reveals the encrypted stuff, still | encrypted... Very frustrating. I think this approach is the safest of all mentioned. An earlier poster commented on the fact that attempting to play 'smart-ass' to your investigators is only going to result in more problems for you. Its a non-ideal world, and they definitely have the ability to cause you substantial problems. Essentially, you need an encryption system that is non-obvious and looks like totally unrelated data. Of course, it would be pointless to have your system looking _totally_ clean, because the fact they have seized it implies they know/suspect something is on there (essentially, the magnitude of what is on there is what they don't know, and in some cases they are entirely off track and find nothing). Encrypting your hard-drive entirely is only going to make them press you for its key, and become aggrivated at your non co-operation. I am no expert on investigation techniques, but having been involved in all 3 aspects ( investigator, investigatee and 3rd party viewer), I feel it is essential to show them everything that they think is there, and convince them (as they will not be as competent in cryptographic analysis as yourself [at least you hope]) that there is nothing hidden. This topic has been dealt with before on sci.crypt. An example I can think of at the moment is something like say you have some software which does known plaintext attacks using sets of word dictionaries. These word dictionaries could infact be encrypted information using some appropriate algorithm that maps words from /usr/dict/words into a new sequence. Of course the only problem with this approach is that your input information rate div output data rate is going to be quite small. Something else you can do is use a cipher which takes two input streams and merges them into the one file, with one key extracting the 'harmless' information and another extracting the 'harmfull' information. Matthew. -- Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state." From ld231782 at longs.lance.colostate.edu Fri Oct 1 20:48:26 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Fri, 1 Oct 93 20:48:26 PDT Subject: Apple's PowerTalk: *breakthrough* in crypto export? Message-ID: <9310020345.AA01020@longs.lance.colostate.edu> >From the TidBITS Mac newsletter: (I'd be more specific but don't have it from my source -- perhaps someone can post the info on how to retrieve the whole article.) >PowerTalk Arrives >----------------- > by Wolfgang Naegeli -- wnn at ornl.gov Powertalk is Apple's new `Collaborative Environment' client software, supposedly to be released next week. Its a sort of groupware-email package with some significant security & cryptography mechanisms. Sounds like its very intuitive and a very highly refined user interface. I suspect this whole platform could have a *major* effect in bringing seamless, invisible, secure cryptography to the masses -- at least, reading all the promotional hype, the *potential* is there. > Apple claims that PowerTalk is more secure than most other off- > the-shelf software solutions since those use less secure > algorithms to avoid export restrictions. Apple is the first > company to receive an export license for a DES-based product. 1st? *WOW* Cypherpunks we need more intelligence on this ASAP! Does this represent a fundamental *breakthrough* in export policy? Why are they the first? Is it real live DES and not some strange crippled bit length version? What does this *mean*?! red warning flag: >RSA always is at the > root of the issuing process and signatures expire after two years. Not sure if this means what it seems to say -- that RSA is *generating* the private keys and passing them on? We just had that big discussion about this issue with some other software from Apple, didn't we? Here's some more from the article of interest to cypherpunks. ===cut=here=== Digital signatures, based on RSA Public Key Encryption, provide a secure way of ensuring data has not been altered and was signed by a particular person. The mechanism is similar to Kerberos [a security system developed at MIT -Adam], which was not mature enough at the critical point in PowerTalk development. Apple anticipates supporting Kerberos in a future PowerTalk release. To sign a document, simply drops it on a Signer icon. A prompt for the personal signer code then appears on the screen. If the content of the signed document later changes in any way, the signature becomes invalid. While being signed, a file automatically is locked to avoid inadvertent invalidation. The Get Info window of a signed file is used to uncheck the file lock, and it contains a Verify button with which the recipient can assert the integrity of the file and authenticity of its signature. Large companies can become trusted signature issuing agents for their employees by obtaining a titanium blackbox with key interlocks from RSA. The box contains a certain number oFrom owner-cypherpunks Sat Oct 2 03:18:43 1993 Received: by toad.com id AA25713; Sat, 2 Oct 93 03:14:17 PDT Received: by toad.com id AA25695; Sat, 2 Oct 93 03:13:54 PDT Return-Path: Received: from soda.berkeley.edu ([128.32.149.19]) by toad.com id AA25690; Sat, 2 Oct 93 03:13:51 PDT Received: by soda.berkeley.edu (5.65/KAOS-1) id AA09739; Sat, 2 Oct 93 03:13:44 -0700 Date: Sat, 2 Oct 93 03:13:44 -0700 Message-Id: <9310021013.AA09739 at soda.berkeley.edu> To: cypherpunks at toad.com From: nobody at soda.berkeley.edu Subject: Sternlight's Key Remailed-By: Sameer Parekh As an official Key Escrow Agent of the United States Gubberment, I have decided that David Sternlight, being a controversial public figure, needs cryptographic protection for his private communications. Accordingly, a key has been created for him. He has been provided with his public and secret keys via e-mail. A copy of the secret key will be held in escrow. In the event that Mr. Sternlight is ever served with a subpoena, the key will be released to appropriate authorities. Since Mr. Sternlight has been a vocal advocate of key escrow, I'm sure he will have no problems with his key being created by an unknown person. In the absence of a subpoena, Mr. Sternlight, your key is safe. Trust me. I'm from the gubberment and I'm here to help you. pub 1024/5C4E59 1993/10/02 David Sternlight Available from a keyserver near you. From gg at well.sf.ca.us Sat Oct 2 04:04:18 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sat, 2 Oct 93 04:04:18 PDT Subject: POISON PILL Message-ID: <93Oct2.035952pdt.14623-1@well.sf.ca.us> Remote control via pagers is subject to false-positives, i.e. you'd need a passcode to activate it or otherwise the first wrong number which dialed your pager would wipe you out... and also, you're not in any position to dial your pager if some hypothetical robber was holding you hostage while trying to get at your data. From hiscdcj at lux.latrobe.edu.au Sat Oct 2 04:54:19 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Sat, 2 Oct 93 04:54:19 PDT Subject: POISON PILL :-) In-Reply-To: <9310011727.AA01395@netcom.netcom.com> Message-ID: <9310021150.AA03263@lux.latrobe.edu.au> In <9310011727.AA01395 at netcom.netcom.com> msattler at netcom.com (Michael Sattler) writes: >> >>I have Australian Defence Security Clearance stickers on my computer, >>they are so cool, these little yellow and red stickers that authorise >>the computer for secure use (and something else I can't remember). >Any chance of getting a few sent to me in San Francisco? And perhaps me in Melbourne? :-) Dwayne From dbuckley at esl-hub.demon.co.uk Sat Oct 2 09:14:21 1993 From: dbuckley at esl-hub.demon.co.uk (David Buckley) Date: Sat, 2 Oct 93 09:14:21 PDT Subject: FIDONet policies In-Reply-To: <9310010728.AA15983@anon.penet.fi> Message-ID: <749585059snx@esl-hub.demon.co.uk> In article <9310010728.AA15983 at anon.penet.fi> you write: > >If a user sends a "private message", the user has no control over the number > >of intermediate systems through which that message is routed. A sysop who > >sends a message to another sysop can control this aspect by sending the > >message direct to the recipient's system, thus guaranteeing that only the > >recipient or another individual to whom that sysop has given authorization > >can read the message. Thus, a sysop may have different expectations than a > >casual user. > > translated: we have a hierarchy of rights. sysop-gods have a right and > expectation to private mail. the user-peons have neither. Translated back to the real world: The sysop can always choose to pay for a direct connect to deliver mail items directly from his machine to the target machine, rather than route mail through intermediate systems. That priveledge, (and this is the important bit, so I'll shout) AND THE COST of providing such a facility may or may not be extended to customers of the system. FIDONet is, in general, payed for out of the pockets of ordinary folks. A typical BBS system is owned by an ordinary folk (bad singular), who owns the system. It's their system, they make the rules (what internet folks call "Acceptable Use Policy") that customers of the service have to abide by. If the Sysop wants his stand alone BBS to join an network (ANY NETWORK), then their system has to abide by the Acceptable Use Policy of that network. If a customer of a service doesn't like a service (any service), he can: (a) put up and shut up (b) go to somewhere that does provide satisfaction (c) start his own service on the basis there is a market opportunity The bottom line of communications is: someone has to pay for it. You're sitting out there, shouting from an anonymous remailer, access to which somebody else probably paid for anyway, about things of which you have little comprehension. If you feel FIDONet policy is wrong, and you want to do something about it, get involved. Otherwise, don't use FIDOnet, and don't just winge. (Never thought I'd have to get into this kind of discussion in a high quality mailing list like this one. Please note none of the above is intended as a statement of support for FIDOnet politics, which are as as internet politics...) ----------------------------------------+------------------------------------ David Buckley of Electric Solutions Ltd | Email: dbuckley at cix.compulink.co.uk Services to the Computing,Electronics | dbuckley at esl-hub.demon.co.uk and Entertainment industries. | 2:254/90 at fidonet ----------------------------------------------------------------------------- From hughes at ah.com Sat Oct 2 09:38:47 1993 From: hughes at ah.com (Eric Hughes) Date: Sat, 2 Oct 93 09:38:47 PDT Subject: No Subject In-Reply-To: <199310020422.AA01659@xtropia> Message-ID: <9310021623.AA09378@ah.com> >I have personally reconstructed many shredded >documents done with commercial-grade shredders. It's extremely easy and >I wonder why the "security conscious" even bother with the waste of >time. Cost. It's much more expensive to read a shredded document than an integral one. As always, though, if the expense to reconstruct is smaller than the value of the documents, one should use a better method. Eric From hughes at ah.com Sat Oct 2 09:58:47 1993 From: hughes at ah.com (Eric Hughes) Date: Sat, 2 Oct 93 09:58:47 PDT Subject: Single Value Pseudonyms In-Reply-To: <00083D17.MAI*Hastings@courier8.aero.org> Message-ID: <9310021641.AA09412@ah.com> >Someone posted a way to resist altered bank notes [...] by something >called (if I remember right) a "cut-and-choose" protocol. Karl Barrus posted this, and I've been meaning to respond to it. Basically, Karl's scheme doesn't work. With any cut-and-choose protocol, there must be some assurance that the two things offered are the same thing, and, in a series of them, that all the things offered are the same thing. With a blind signature, the signature itself is that which has value, not the thing signed. >To make things very simple for a bank, I suggest having fixed value digital >pseudonyms for each value of bank note. For example, the Bank of Hastings on >Kent would use "AU 500 mg from HoK Bank" as the user name for all signed 500 >milligram gold certificates. Basically yes. More accurately, the bank has one key for each denomination for each particular time range. The key is the significant entity here, not the user name. The blind signer could make a regular signature attaching a name to that key, of course. Eric From remail at tamsun.tamu.edu Sat Oct 2 10:14:21 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Sat, 2 Oct 93 10:14:21 PDT Subject: RSA in new Apple productRSA in new Apple product Message-ID: <9310021713.AA29525@tamsun.tamu.edu> >From a discussion of Powertalk in TidBITS#195/27-Sep-93, an online zine published by "Adam C. Engst" : ------------------- forward --------------------------------------- Key Chain The Key Chain is the third new Desktop icon and perhaps the most important PowerTalk feature. It provides quick, transparent access to any number of password-protected servers or services through a single system-wide logon password. All applications and services are integrated with a single security model. For every service, the user creates a key. Each key has account information, communications settings (such as. modem settings, addresses, and system identifiers), and an encrypted password. After this one- time setup, the user attaches the key to the Key Chain and can forget the password. From now on, the system will automatically and transparently connect to the protected service when needed. Apple feels that this mechanism is especially secure since a user will find it easier to remember a single, frequently-used password and will be less likely to write down a list of passwords. At any time, you can lock the Key Chain by issuing a command or through an inactivity time-out. When the Key Chain locks, all windows containing information from protected services are hidden. Apple claims that PowerTalk is more secure than most other off- the-shelf software solutions since those use less secure algorithms to avoid export restrictions. Apple is the first company to receive an export license for a DES-based product. A new "I am at..." menu item (e.g. Home, Office, Car, Hotel) lets the system know which services are accessible and automatically resets communications settings for Ethernet, modem connection, packet radio, etc. so the system can continue to transparently establish connections over available media. A PowerTalk server can act as a trusted party in establishing authenticated communications across the net. Network traffic is encrypted with the RC4 algorithm of RSA and delivered via ASDSP (Apple Secure Datastream Protocol). ASDSP adds only about ten percent to the communication overhead. At least in the initial release, peer-to-peer traffic cannot be encrypted. [Sorry for all the acronyms! RSA is a company. -Tonya] Digital signatures, based on RSA Public Key Encryption, provide a secure way of ensuring data has not been altered and was signed by a particular person. The mechanism is similar to Kerberos [a security system developed at MIT -Adam], which was not mature enough at the critical point in PowerTalk development. Apple anticipates supporting Kerberos in a future PowerTalk release. To sign a document, simply drops it on a Signer icon. A prompt for the personal signer code then appears on the screen. If the content of the signed document later changes in any way, the signature becomes invalid. While being signed, a file automatically is locked to avoid inadvertent invalidation. The Get Info window of a signed file is used to uncheck the file lock, and it contains a Verify button with which the recipient can assert the integrity of the file and authenticity of its signature. Large companies can become trusted signature issuing agents for their employees by obtaining a titanium blackbox with key interlocks from RSA. The box contains a certain number of key combinations and can be connected to a Macintosh which runs an RSA-signed signature issuing application. Individuals can acquire a personal signature code through a notary. RSA always is at the root of the issuing process and signatures expire after two years. The issuing cost of a digital signature runs about $25. One limitation of the signature mechanism, at least in the initial implementation, is that only one signature can be attached to a document. This may be worked around by designing forms such that each signatory vouches for the authenticity of the previous sender's signature. For an APS price list, send email to: For information on TidBITS: how to subscribe to our mailing list, where to find back issues, how to search issues on the Internet's WAIS, and other useful stuff, send email to: Otherwise, contact us at: ace at tidbits.com * CIS: 72511,306 AppleLink & BIX: TidBITS * AOL: Adam Engst * Delphi: Adam_Engst TidBITS * 1106 North 31st Street * Renton, WA 98056 USA ---------------------------------------------------------------- From cdodhner at indirect.com Sat Oct 2 11:08:48 1993 From: cdodhner at indirect.com (Christian D. Odhner) Date: Sat, 2 Oct 93 11:08:48 PDT Subject: POISON PILL In-Reply-To: <9310020332.AA21867@acacia.itd.uts.EDU.AU> Message-ID: <199310021802.AA18099@indirect.com> > Something else you can do is use a cipher which takes two input streams > and merges them into the one file, with one key extracting the 'harmless' > information and another extracting the 'harmfull' information. > > Matthew. > -- > Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of > Consent Technologies, 02-821-2043. protection against an Orwellian state." Has anybody writen one? Can we try for this as a feature in the next pgp? Should I write it myself? Of course I should... silly question... Ok does anybody have any suggestions or wishlists? Lemme know. Happy Hunting, -Chris ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" "If guns are outlawed, only the government will have guns." -E. Abbey My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 ------------------------------------------------------------------------------ From tcmay at netcom.com Sat Oct 2 11:28:48 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 2 Oct 93 11:28:48 PDT Subject: (fwd) ITAR registration package Message-ID: <9310021826.AA13664@netcom5.netcom.com> Cypherpunks, This is slightly long, but I think it's important for you all to see. Grady Ward requested the information packet needed to become a "Munitions Dealer." It seems that nearly all of us are supposed to be paying a $250 yearly fee and filling out many forms before we post files to ftp sites (including the "soda" machine), publish chunks of code on Usenet or on this list, and so on. The Crypto Crackdown could be messy. -Tim May Newsgroups: talk.politics.crypto,comp.org.eff.talk,misc.legal From: grady at netcom.com (Grady Ward) Subject: ITAR registration package Date: Sat, 2 Oct 1993 15:54:14 GMT (edit followups as appropriate) I asked the State Department for a "Munitions Manufacturer" registration package and they promptly sent me three documents in a 8 1/2 x 11 envelope. The first booklet was a copy of the Federal Register of 22 CFR Part 120, et al. ("ITAR") that is available via anonymous ftp. This gives the official 'munitions list' ("USML") and information on registration, licensing, governing authority and so on. The second enclosed document was a twenty page booklet titled 'REGISTRATION: the first step in the defense trade' which gives sample registration forms, fee schedules and so on. The paperwork for registration is one page to fill out where you identify the people manufacturing munitions and pay the yearly $250 fee. The third item was a copy of the "Defense Trade News" a folksy bulletin produced monthly by the Department of State to ostensibly clarify points of munitions manufacturing or export. Reading the January & April 1993 (combined issue) V4,1 & 2 the State Department makes it clear that it considers all software, including algorithms in any form and source code to be a munitions items as per 121.8(f) of ITAR. For example, Software, Using DES for Data Encryption USML XIII(b)(1) Software, Using DES for Password Encryption In Object Code (Dept of Commerce) In Source Code USML XIII(b)(1) Algorithm, for Data Encryption, not Incorporated into a Finished Software Product USML XIII(b)(1) This language makes it clear that at least the State Department does consider any kind of privacy software description to be a munition, including pseudocode, block diagrams, etc. They explicitly deny that software can ever be a 'public domain' item as per 120.11 ITAR (as D.J. Bernstein has been telling us all along). Under 122.1(b) of ITAR, people are exempt from registration if they "engage only in the fabrication of articles for experimental or scientific purposes, including research and development." This means presumably that while posting code to an ftp site is still considered 'manufacturing a munition' such a manufacturer does not have to register as per 122.1(b)(4). But a business such as Compuserve that has excellent NewDE source code available for downloading by anyone, the Austin Code Works, or Dr. Dobb's who is planning a December article on the IDEA algorithm, including source listing, for example, would definitely have to register, unless they could argue they are exempt under 122.1(b) as well. >From my lay perspective, it seems the most fruitful way to attack the ITAR restriction on dissemination of strong crypto is right in section 120.3 of ITAR 'Policy on designating and determining defense articles and services' because it claims that a member of the USML: '(a) Is specifically designed, adapted, or modified for a military application, and (i) Does not have predominant civil application, and (ii) Does not have performance equivalent (defined by form, fit, and function) to those of an article or service used for civil applications.' PGP *does*, of course, predominantly has a civil application (privacy) and certainly was *not* specifically designed for any military application. My conclusion: Crypto software suitable for mass market PCs ought to be removed from the US Munitions List. Appendix. Portions of ITAR. The USML includes: 121.8 -- End-items, components, accessories, attachments parts, firmware, software and systems. (a) An end-item is an assembled article ready for its intended use. Only ammunition, fuel or another energy source is required to place it in an operating state. (b) A component is an item which is useful only when used in conjunction with an end-item. A major component includes any assembled element which forms a portion of an end-item without which the end-item is inoperable. (Example: Airframes, tail sections, transmissions, tank treads, hulls, etc.) A minor component includes any assembled element of a major component. (c) Accessories and attachments are associated equipment for any component, end-item or system, and which are not necessary for their operation, but which enhance their usefulness or effectiveness. (Examples: Military riflescopes, special paints, etc.) (d) A part is any single unassembled element of a major or a minor component, accessory, or attachment which is not normally subject to disassembly without the destruction or the impairment of design use. (Examples: Rivets, wire, bolts, etc.) (e) Firmware and any related unique support tools (such as computers, linkers, editors, test case generators, diagnostic checkers, library of functions and ystem test diagnostics) specifically designed for equipment or systems covered under any category of the U.S. Munitions List are considered as part of the end-item or component. Firmware includes but is not limited to circuits into which software has been programmed. (f) Software includes but is not limited to the system functional design, logic flow, algorithms, application programs, operating systems and support software for design, implementation, test, operation, diagnosis and repair. A person who intends to export software only should, unless it is specifically enumerated in 121.1 (e.g., XIII(b)), apply for a technical data license pursuant to part 125 of this subchapter. (g) A system is a combination of end-items, components, parts, accessories, attachments, firmware or software, specifically designed, modified or adapted to operate together to perform a specialized military function. USML XIII: Category XIII-Auxiliary Military Equipment (a) Cameras [including space cameras] and specialized processing equipment therefor, photointerpretation, stereoscopic plotting, and photogrammetry equipment which are specifically designed or modified for military purposes, and components specifically designed or modified therefor; (b) Information Security Systems and equipment, cryptographic devices, software, and components specifically designed or modified therefor, including: (1) Cryptographic (including key management) systems, equipment, assemblies, modules, integrated circuits, components or software with the capability of maintaining secrecy or confidentiality of information or information systems, except cryptographic equipment and software as follows: (i) Restricted to decryption functions specifically designed to allow the execution of copy protected software, provided the decryption functions are not user- accessible. (ii) Specially designed, developed or modified for use in machines for banking or money transactions, and restricted to use only in such transactions. Machines for banking or money transactions include automatic teller machines, self-service statement printers, point of sale terminals or equipment for the encryption of interbanking transactions. (iii) Employing only analog techniques to provide the cryptographic processing that ensures information security in the following applications: (A) Fixed (defined below) band scrambling not exceeding 8 bands and in which the transpositions change not more frequently than once every second; (B) Fixed (defined below) band scrambling exceeding 8 bands and in which the transpositions change not more frequently than once every ten seconds; (C) Fixed (defined below) frequency inversion and in which the transpositions change not more frequently than once every second; (D) Facsimile equipment; (E) Restricted audience broadcast equipment; (F) Civil television equipment. Note: Special Definition. For purposes of this subparagraph, fixed means that the coding or compression algorithm cannot accept externally supplied parameters (e.g., cryptographic or key variables) and cannot be modified by the user. (iv) Personalized smart cards using cryptography restricted for use only in equipment or systems exempted from the controls of the USML. (v) Limited to access control, such as automatic teller machines, self-service statement printers or point of sale terminals, which protects password or personal identification numbers (PIN) or similar data to prevent unauthorized access to facilities but does not allow for encryption of files or text, except as directly related to the password of PIN protection. (vi) Limited to data authentication which calculates a Message Authentication Code (MAC) or similar result to ensure no alteration of text has taken place, or to authenticate users, but does not allow for encryption of data, text or other media other than that needed for the authentication. (vii) Restricted to fixed data compression or coding techniques. (viii) Limited to receiving for radio broadcast, pay television or similar restricted audience television of the consumer type, without digital encryption and where digital decryption is limited to the video, audio or management functions. (ix) Software designed or modified to protect against malicious computer damage, (e.g., viruses). Registration and exemptions: 122.1 -- Registration requirements. (a) Any person who engages in the United States in the business of either manufacturing or exporting defense articles or furnishing defense services is required to register with the Office of Defense Trade Controls. Manufacturers who do not engage in exporting must nevertheless register. (b) Exemptions. Registration is not required for: (1) Officers and employees of the United States Government acting in an official capacity. (2) Persons whose pertinent business activity is confined to the production of unclassified technical data only. (3) Persons all of whose manufacturing and export activities are licensed under the Atomic Energy Act of 1954, as amended. (4) Persons who engage only in the fabrication of articles for experimental or scientific purpose, including research and development. (c) Purpose. Registration is primarily a means to provide the U.S. Government with necessary information on who is involved in certain manufacturing and exporting activities. Registration does not confer any export rights or privileges. It is generally a precondition to the issuance of any license or other approval under this subchapter. ------------------------------- (Note: order copies of the ITAR for $4.50 a copy from the GPO at +1 202 783 3238, or FAX +1 202 512 2250. Order stock number 069-001-000-58-1. Or get your 'Munitions Manufacturer' registration package free from the State Dept by calling (703) 875-6650 or writing Dept. State, PM/DTC Rm. 200 SA-6, Washington, D.C. 20522-0602) -- Grady Ward grady at netcom.com 3449 Martha Ct. compiler of Moby lexicons Arcata, CA 95521-4884 e-mail or finger grady at netcom.com (707) 826-7715 (voice/24hr FAX) for more information -- From anonymous at extropia.wimsey.com Sat Oct 2 12:28:48 1993 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Sat, 2 Oct 93 12:28:48 PDT Subject: PGP in FIDO Message-ID: <199310021906.AA13098@xtropia> * Reply to msg originally in CYPHERPUNKS > My question is this: how does he know that the mail is encrypted if he's > not examining the mail that passes through his system? If he *is* > examining the mail that passes through his system, it seems likely that he > is violating the Electronic Communications Privacy Act. In that FIDOnet mail points (or individual BBSs) are not required to pass or accept encrypted FIDO traffic under FIDOnet rules, some run a specific program that scans for the "PGP MESSAGE" string and bumps it to a SECURENET mail hub (or, in some cases, _kills_ it). It is not done by individual, personal inspection - at least not at mail hub level. Anyway, the ECPA is basically irrelevant in the BBS world, as 1] almost every BBS states at log-on that there is no such thing as truly "private" e-mail on the system as the sysop can, will and does see messages in all areas, and 2] he is personally _liable_ for any illegal activity on his BBS, so he can reasonably be expected to keep an eye on e-mail for anything that will put his ass in a sling. There has been a very heated war in FIDOland over PGP and other encryption. Considering the risk that sysops take on by permitting secure (?) communication on their BBSs, I must say I admire their courage when they allow it and participate on SECURENET. Personally, _I_ would never stick my neck out like that, though I convinced many FIDOnet BBSs to do so for my own political and purely selfish reasons. BTW, this message comes via FIDOnet and was originally PGP encrypted for the remailer, and the cypherpunks at toad.com mailing is converted to a conference on a FIDO BBS where I read the message to which I am responding. From marc at MIT.EDU Sat Oct 2 13:04:23 1993 From: marc at MIT.EDU (Marc Horowitz) Date: Sat, 2 Oct 93 13:04:23 PDT Subject: PGP in FIDO In-Reply-To: <199310021906.AA13098@xtropia> Message-ID: <9310022001.AA11355@snorkelwacker.MIT.EDU> >> Anyway, the ECPA is basically irrelevant in the BBS world, as .... I'm truly amazed. Mike Godwin, who is a lawyer who *specializes* in this sort of thing, has rebuffed this statement several times, and given his phone number for interested BBS sysops to call him. And yet, people continue to spew disbelief. Of course, without real case law, Mike's opinion is still just that, but when some BBS sysop gets nailed by the ECPA, I'm gonna laugh. Marc From pmetzger at lehman.com Sat Oct 2 13:14:24 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 2 Oct 93 13:14:24 PDT Subject: PGP in FIDO In-Reply-To: <199310021906.AA13098@xtropia> Message-ID: <9310022011.AA19354@snark.lehman.com> anonymous at extropia.wimsey.com says: > Anyway, the ECPA is basically irrelevant in the BBS world, as 1] almost > every BBS states at log-on that there is no such thing as truly > "private" e-mail on the system as the sysop can, will and does see > messages in all areas, and 2] he is personally _liable_ for any illegal > activity on his BBS, so he can reasonably be expected to keep an eye on > e-mail for anything that will put his ass in a sling. You haven't been listening at all to Mr. Godwin, have you? 1) The ECPA *DOES* apply to the BBSes whether they want it to or not. All the hoping in the world doesn't make a statute go away. Merely declaring that the ECPA doesn't apply to you doesn't work -- try declaring the tax laws don't apply to you some time and see if that works. 2) The BBS operators are NOT liable UNLESS they censor the mail. If they censor the mail, they are liable for anything they fail to censor. If they do not censor, they are common carriers, and have no liability. In other words, jackasses pretending they understand the law have both broken the law and made themselves more, not less, liable for anthing left on their machines. > There has been a very heated war in FIDOland over PGP and other > encryption. Considering the risk that sysops take on by permitting > secure (?) communication on their BBSs, They take NO risk. They are common carriers if they stop censoring their mail. People don't seem to understand that the law on this is very clear. By the idiotic logic the FIDO operators are using, the phone company could be siezed if two people have a conversation about a crime over the phone. The notion is, of course, absurd, and so is the stupid half-assed amateur lawyering the people who wrote the FIDO policies used. > Personally, _I_ would never stick my neck out like that, though I > convinced many FIDOnet BBSs to do so for my own political and purely > selfish reasons. Actually, as I've just noted, you have not protected yourself. You have opened yourself up for massive legal liability where you had none before. The depths of human folly never cease to amaze me. This case is as if a group of bankers, deciding that they were scared that they might be held liable if one of their clients were a drug dealer (which they aren't) decides to embezzle all the client accounts instead to "keep themselves safe". Perry From pmetzger at lehman.com Sat Oct 2 13:24:23 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 2 Oct 93 13:24:23 PDT Subject: PGP in FIDO In-Reply-To: <9310022001.AA11355@snorkelwacker.MIT.EDU> Message-ID: <9310022023.AA19386@snark.lehman.com> Marc Horowitz says: > >> Anyway, the ECPA is basically irrelevant in the BBS world, as .... > > I'm truly amazed. Mike Godwin, who is a lawyer who *specializes* in > this sort of thing, has rebuffed this statement several times, and > given his phone number for interested BBS sysops to call him. And > yet, people continue to spew disbelief. > > Of course, without real case law, Mike's opinion is still just that, > but when some BBS sysop gets nailed by the ECPA, I'm gonna laugh. I have half a mind to get a FIDO account, try to send a message the sysop doesn't understand so he'll stop it, and then call the U.S. Attorney's office. Actually, I wouldn't ever do that -- my libertarian ethics stop me, since there is no real contract to get private mail between me and the operator, never mind how stupid what is is doing is. However, the law is the law. Disagreeing with it or consciously deciding to violate it is one thing, but smug amateur lawyering in which you pretend that it isn't supposed to apply to you is another. Perry From alk at et.msc.edu Sat Oct 2 14:04:25 1993 From: alk at et.msc.edu (Anthony L. Kimball) Date: Sat, 2 Oct 93 14:04:25 PDT Subject: PGP in FIDO In-Reply-To: <9310022023.AA19386@snark.lehman.com> Message-ID: <9310022059.AA18202@et.msc.edu> However, the law is the law. And as such is an ass, yes. Disagreeing with it or consciously deciding to violate it is one thing, but smug amateur lawyering in which you pretend that it isn't supposed to apply to you is another. I don't see the good in this sort of thing. The FIDOnet operators in question are probably operating in good faith, whether mistakenly or no, their smugness or lack thereof is not in evidence, and if there is anyone you should be annoyed with, it is the federal agencies which have created such a chilling atmosphere that their belief resulted. Put another way, they're terrified of the feds. Terrified people make stupid mistakes. The root of the problem is the cause of the terror, not the mistakes that result. I think it would be more constructive, instead of trying to imprison the BBS operator for offending your aethetic judgement (I realize you were not serious, of course -- please accept my rhetorical license as no less broad than your own), to document to them the reasoned legal opinion of the appropriately credentialled M. Godwin, so that they may protect themselves from legal assault. From pmetzger at lehman.com Sat Oct 2 14:14:25 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 2 Oct 93 14:14:25 PDT Subject: PGP in FIDO In-Reply-To: <9310022109.AA16172@vswr.sps.mot.com> Message-ID: <9310022113.AA19467@snark.lehman.com> Bob Izenberg says: > Perry E. Metzger wrote: > > # They take NO risk. They are common carriers if they stop censoring > # their mail. > > Not long after I moved here, I had a discussion with a local lawyer > on common carrier status. Take my recollections for what they're > worth after three years rattling around in the head of a > non-attorney. One doesn't become a common carrier by virtue of > personal policy. It's a label that must be applied for with the > local communications regulatory authority (public utilities > commission or what have you.) Mike Godwin will have to confirm this, but to my knowledge Common Carrier is NOT a status you have to apply for. UUNET operates as a common carrier and has never registered with anyone. Perry From bobi at vswr.sps.mot.com Sat Oct 2 14:14:33 1993 From: bobi at vswr.sps.mot.com (Bob Izenberg) Date: Sat, 2 Oct 93 14:14:33 PDT Subject: PGP in FIDO In-Reply-To: <9310022011.AA19354@snark.lehman.com> Message-ID: <9310022109.AA16172@vswr.sps.mot.com> Perry E. Metzger wrote: # They take NO risk. They are common carriers if they stop censoring # their mail. Not long after I moved here, I had a discussion with a local lawyer on common carrier status. Take my recollections for what they're worth after three years rattling around in the head of a non-attorney. One doesn't become a common carrier by virtue of personal policy. It's a label that must be applied for with the local communications regulatory authority (public utilities commission or what have you.) You must publish a tariff of your rate structure and other operating information. There's probably a lot more to do, but what it comes down to is paperwork, paperwork, paperwork, and (depending upon the lawyer) no small amount of legal time and expense. What I also heard that day was that this particular lawyer, who was obviously familiar with the process of consideration for common carrier status, would be unable to submit an application because of a conflict of interest his company would have. They represent the local telephone company, which had then, and still has now (in an unimpressive way,) an interest in getting into information services. I didn't make an exhaustive search for legal representation then, but I could imagine it taking a real expedition to find somebody that wasn't soaking up *some* of the money/influence that SWBT throws around in town (this being the state capitol.) [ Insert what Mike Godwin says next here. :-) ] Bob -- ============================================================================== Bob Izenberg voice phone: 512-891-8680 Motorola RISC Software bobi at vswr.sps.mot.com ============================================================================== From bobi at vswr.sps.mot.com Sat Oct 2 14:58:50 1993 From: bobi at vswr.sps.mot.com (Bob Izenberg) Date: Sat, 2 Oct 93 14:58:50 PDT Subject: PGP in FIDO In-Reply-To: <9310022113.AA19467@snark.lehman.com> Message-ID: <9310022150.AA12197@vswr.sps.mot.com> Perry E. Metzger wrote: # Mike Godwin will have to confirm this, but to my knowledge Common # Carrier is NOT a status you have to apply for. UUNET operates as a # common carrier and has never registered with anyone. Well, we won't really know until the legal beagles deliver their opinions (and perhaps not even then, if they disagree.) What I wonder is, what does the phrase "operates as a common carrier" mean? Who has to grant you that status before it has any meaning as a legal protection? Bob -- ============================================================================== Bob Izenberg voice phone: 512-891-8680 Motorola RISC Software bobi at vswr.sps.mot.com ============================================================================== From pmetzger at lehman.com Sat Oct 2 15:08:49 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 2 Oct 93 15:08:49 PDT Subject: PGP in FIDO In-Reply-To: <9310022150.AA12197@vswr.sps.mot.com> Message-ID: <9310022205.AA19553@snark.lehman.com> Bob Izenberg says: > Perry E. Metzger wrote: > > # Mike Godwin will have to confirm this, but to my knowledge Common > # Carrier is NOT a status you have to apply for. UUNET operates as a > # common carrier and has never registered with anyone. > > Well, we won't really know until the legal beagles deliver their opinions > (and perhaps not even then, if they disagree.) What I wonder is, what does > the phrase "operates as a common carrier" mean? Who has to grant you that > status before it has any meaning as a legal protection? Many sorts of status do not require that anyone GRANT you anything. Lets say, for example, that you live in state that permits common law marriage. In such a state, it is sufficient to think of yourself and your S.O. as married, and behave in that manner -- at that point you legally are married. (Note that common law marriages are now only possible in a few state -- 9 I believe.) As for what "common carrier" means, it means that the law recognizes that you are a carrier of things, not a creator of them, and that you are not responsible for what you carry. That means that the phone company can transmit as many criminal phone conversations as it likes without having its switches siezed. In order to be a common carrier, you have to transmit all the messages you receive without differentiating between them, paying attention to what they are, or censoring them. Perry From mnemonic at eff.org Sat Oct 2 16:18:50 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sat, 2 Oct 93 16:18:50 PDT Subject: PGP in FIDO In-Reply-To: <199310021906.AA13098@xtropia> Message-ID: <199310022314.AA02590@eff.org> anonymous writes: > In that FIDOnet mail points (or individual BBSs) are not required to > pass or accept encrypted FIDO traffic under FIDOnet rules, some run a > specific program that scans for the "PGP MESSAGE" string and bumps it to > a SECURENET mail hub (or, in some cases, _kills_ it). It is not done by > individual, personal inspection - at least not at mail hub level. Absent waiver by users, this may still be an ECPA violation. > Anyway, the ECPA is basically irrelevant in the BBS world, as 1] almost > every BBS states at log-on that there is no such thing as truly > "private" e-mail on the system as the sysop can, will and does see > messages in all areas, and 2] he is personally _liable_ for any illegal > activity on his BBS, so he can reasonably be expected to keep an eye on > e-mail for anything that will put his ass in a sling. Item (1) is the relevant item--if users agree to waive their ECPA rights, there's no legal problem, although there may be ethical ones. As for (2), well, there's no legal theory that says that a sysop is liable for for any illegal activity on his BBS. The criminal law, in general, does not make people liable for the conduct of others in the absence of knowledge of that conduct. Please, please don't make assertions about criminal liability based on FIDO mythology. > There has been a very heated war in FIDOland over PGP and other > encryption. Considering the risk that sysops take on by permitting > secure (?) communication on their BBSs, I must say I admire their > courage when they allow it and participate on SECURENET. When you refer to the risk they're taking, could you be precise? What statistics do you have that support the statement that FIDO sysops are at risk if they allow encrypted communications? To my knowledge as a lawyer who works in this area, no sysop has been held liable for allowing encrypted communications on his or system. --Mike From mnemonic at eff.org Sat Oct 2 16:24:26 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sat, 2 Oct 93 16:24:26 PDT Subject: PGP in FIDO In-Reply-To: <9310022011.AA19354@snark.lehman.com> Message-ID: <199310022322.AA02641@eff.org> Perry writes: > 1) The ECPA *DOES* apply to the BBSes whether they want it to or not. > All the hoping in the world doesn't make a statute go away. Merely > declaring that the ECPA doesn't apply to you doesn't work -- try > declaring the tax laws don't apply to you some time and see if that > works. That said, it should be noted that sysops can contract with users for users to waive their privacy rights under ECPA. But I think sysops should do this *explicitly*, and should not justify doing so because of vague perceptions of vaguely understood legal liability. I also have to take exception to the statement by some people here that sysops never allow private e-mail. I knew sysops who routinely did so when I lived in Austin. But maybe Austin is more enlightened than the rest of the country. > 2) The BBS operators are NOT liable UNLESS they censor the mail. If > they censor the mail, they are liable for anything they fail to > censor. If they do not censor, they are common carriers, and have > no liability. I wouldn't say this quite so strongly, but Perry has the gist of it right. If you take on the duty of monitoring e-mail, you risk creating liability for yourself if something problematic doesn't get censored. And the sysops here generally admit that they don't real *all* e-mail. --Mike From mnemonic at eff.org Sat Oct 2 16:28:51 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sat, 2 Oct 93 16:28:51 PDT Subject: PGP in FIDO In-Reply-To: <9310022001.AA11355@snorkelwacker.MIT.EDU> Message-ID: <199310022317.AA02609@eff.org> Marc writes: > I'm truly amazed. Mike Godwin, who is a lawyer who *specializes* in > this sort of thing, has rebuffed this statement several times, and > given his phone number for interested BBS sysops to call him. And > yet, people continue to spew disbelief. One reason I gave out my number is to allow people to ask me specific questions that refer to how they run their *specific* systems--it may be that they're not risking ECPA liability, given the particular conditions they're working under. But one think I think sysops need to realize is that ECPA is the *default* setting. > Of course, without real case law, Mike's opinion is still just that, > but when some BBS sysop gets nailed by the ECPA, I'm gonna laugh. On some of my interpretations of ECPA, reasonable lawyers may disagree, but at this point most FIDO sysops who assert that ECPA doesn't apply haven't read the statute. --Mike From mnemonic at eff.org Sat Oct 2 16:38:50 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sat, 2 Oct 93 16:38:50 PDT Subject: PGP in FIDO In-Reply-To: <9310022150.AA12197@vswr.sps.mot.com> Message-ID: <199310022336.AA02791@eff.org> In my opinion, few if any BBSs qualify as common carriers. Common carriers hold themselves out as accepting all goods or passengers (or, in the case of communications, all messages) indifferently. I know of no sysop who operates under such a policy, or who would want to. uunet, in contrast, probably does qualify as a common carrier. My discussions of legal liability are not grounded in common-carrier law (in which I'm not yet an expert) but in criminal law and tort law. --Mike From khijol!erc Sat Oct 2 16:39:26 1993 From: khijol!erc (Ed Carp) Date: Sat, 2 Oct 93 16:39:26 PDT Subject: PGP in FIDO In-Reply-To: <9310022011.AA19354@snark.lehman.com> Message-ID: > By the idiotic logic the FIDO operators are using, the phone company > could be siezed if two people have a conversation about a crime over > the phone. The notion is, of course, absurd, and so is the stupid > half-assed amateur lawyering the people who wrote the FIDO policies > used. You know, I wouldn't put it past some district attorneys to try... :( :( If you use the phone to make a drug deal, well, bye-bye Pac Bell!!! Hehehe... -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From khijol!erc Sat Oct 2 16:39:33 1993 From: khijol!erc (Ed Carp) Date: Sat, 2 Oct 93 16:39:33 PDT Subject: PGP in FIDO In-Reply-To: <9310022001.AA11355@snorkelwacker.MIT.EDU> Message-ID: > I'm truly amazed. Mike Godwin, who is a lawyer who *specializes* in > this sort of thing, has rebuffed this statement several times, and > given his phone number for interested BBS sysops to call him. And > yet, people continue to spew disbelief. > > Of course, without real case law, Mike's opinion is still just that, > but when some BBS sysop gets nailed by the ECPA, I'm gonna laugh. Could someone post the relevent parts of this? I'd like to upload this to several BBS's out here... -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From khijol!erc Sat Oct 2 16:39:35 1993 From: khijol!erc (Ed Carp) Date: Sat, 2 Oct 93 16:39:35 PDT Subject: PGP in FIDO In-Reply-To: <9310022205.AA19553@snark.lehman.com> Message-ID: > Many sorts of status do not require that anyone GRANT you anything. > Lets say, for example, that you live in state that permits common law > marriage. In such a state, it is sufficient to think of yourself and > your S.O. as married, and behave in that manner -- at that point you > legally are married. (Note that common law marriages are now only > possible in a few state -- 9 I believe.) FYI, to be married in this way, you have to declare yourself in public as married - introducing yourself as someone's husband or wife, for example, is enough. But being "common law" married, it's only "legally" - that is, if one or both parties want to dissolve the marriage and don't want to exercise their rights, they can just walk away from the marriage. Texas is such a state. -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From pmetzger at lehman.com Sat Oct 2 16:48:50 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 2 Oct 93 16:48:50 PDT Subject: PGP in FIDO In-Reply-To: Message-ID: <9310022344.AA19737@snark.lehman.com> Ed Carp says: > FYI, to be married in this way, you have to declare yourself in public as > married - introducing yourself as someone's husband or wife, for example, is > enough. But being "common law" married, it's only "legally" - that is, if > one or both parties want to dissolve the marriage and don't want to exercise > their rights, they can just walk away from the marriage. Untrue. Common law marriage is a real marriage in every single sense. There is no legal difference in states that recognize it. You need a real honest to god divorce in order to end one. Look it up if you don't believe me. Perry From an12070 at anon.penet.fi Sat Oct 2 17:34:26 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Sat, 2 Oct 93 17:34:26 PDT Subject: FIDOnet troglodyte MIND RAPISTS _unrepentant_! Message-ID: <9310030030.AA20202@anon.penet.fi> Perry Metzger writes: >The depths of human folly never cease to amaze me. This case is as if >a group of bankers, deciding that they were scared that they might be >held liable if one of their clients were a drug dealer (which they >aren't) decides to embezzle all the client accounts instead to "keep >themselves safe". nah. I propose we call 'em TROGLODYTE MIND RAPISTS. please cut out the following message and send it to every FIDONET operator in existence. also, try comp.org.fidonet. moderation complicates the posting. === Subject: STOP THE TROGLODYTE FIDONET MIND-RAPISTS *NOW*! does routine FIDOnet email INVASION by operators VIOLATE the U.S. Electronic Communications Privacy Act? EFF's lawyer M. Godwin speaks with FIDOnet operator Al Billings on the cypherpunks mailing list. Resident list crank Perry Metzger offers his own whitehot flame. this forward brought to you by cypherpunks Cyberspatial Reality Advancement Movement (CRAM) Information Liberation Front (ILF) Blacknet === From: Mike Godwin Subject: Re: FIDOnet encryption (or lack thereof) To: cypherpunks at toad.com Date: Fri, 1 Oct 1993 16:40:09 -0400 (EDT) Al Billings writes: > On Thu, 30 Sep 1993, Mike Godwin wrote: > > > > My question is this: how does he know that the mail is encrypted if he's > > not examining the mail that passes through his system? If he *is* > > examining the mail that passes through his system, it seems likely that he > > is violating the Electronic Communications Privacy Act. > > Only if he has stated that he allows private mail. Most sysops have > specifically worded policy statements for their systems that say that the > sysop can read any and all messages on the system and may do so at any > time. That's all very nice, but it doesn't enable a FIDO sysop to intercept messages from people who are not users of his or her particular system. Those people did not waive their rights to privacy under the ECPA. > Bulletin boards do not normally offer truely private mail because of > some of the legal implications. This is a common myth. First of all, there are many BBSs that do offer truly private mail, or whose sysops, as a matter of policy, do not read others' private mail. Secondly, there's no legal liability associated with allowing e-mail privacy. Third, federal law (the ECPA) bars sysops from examining mail except under some very precisely defined circumstances. I suggest that you inform sysops who tell you otherwise that they can contact me at the Legal Services Department of EFF. You've got my e-mail address already--my phone number is 202-347-5400. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From mgream at acacia.itd.uts.edu.au Sat Oct 2 17:38:50 1993 From: mgream at acacia.itd.uts.edu.au (Matthew Gream) Date: Sat, 2 Oct 93 17:38:50 PDT Subject: POISON PILL :-) In-Reply-To: <9310021152.AA03375@lux.latrobe.edu.au> Message-ID: <9310030037.AA04847@acacia.itd.uts.EDU.AU> Earlier, Dwayne wrote: > In <9310011727.AA01395 at netcom.netcom.com> msattler at netcom.com (Michael Sattler) writes: > >> > >>I have Australian Defence Security Clearance stickers on my computer, > >>they are so cool, these little yellow and red stickers that authorise > >>the computer for secure use (and something else I can't remember). > > >Any chance of getting a few sent to me in San Francisco? > > And perhaps me in Melbourne? :-) As I replied directly to the previous poster, they were one off things that came via a friend who was contracted to do work for the Defence Dept. The few I did manage to obtain all went into use. The computer they are stuck on is in the hands of a 'higher' entity, so I don't even remember the exact details of them . Matthew. -- Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state." From an12070 at anon.penet.fi Sat Oct 2 17:44:26 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Sat, 2 Oct 93 17:44:26 PDT Subject: Zimmermann's PGP: "A Cure for the Common Code" Message-ID: <9310030043.AA22045@anon.penet.fi> Denver Westword, Vol. 17 Number 5, Sept. 29 1993 Cover Story: Secrets Agent The Government wants to break him, but Boulder's prince of privacy remains cryptic. Contents: A Cure for the Common Code, p.12 Worried about your privacy? Your secret is safe with this guy. This post brought to you by Information Liberation Front (ILF) Cyberspatial Reality Advancement Movement (CRAM) BlackNet cypherpunks === Late last month, much to the satisfaction of sheriff's deputies in Sacramento County, California, William Steen began serving 68 months in prison for trafficking in child pornography over computers and then attempting to hire a man to kill one of the teenagers who had testified against him. Detectives who worked on the case say the sentence represents an almost entirely gratifying end to the two-year-old effort to track down and convict Steen. The prosecution was not quite perfect, though. Police were unable to nail any of Steen's network of child porn associates, which officials suspect was extensive. Neither were Sacramento County law enforcement officers-- nor outside computer experts, for that matter-- able to read Steen's computer diary, which police think may contain the names of his other teenage victims. The reason is that Steen, of Santa Clara, California, had installed a powerful code on his computer to electronically scramble what he had written. Although experts were quickly able to determine the name of the encoding program-- called Pretty Good Privacy, or PGP-- efforts to break it failed miserably. "The task was given to us to decrypt this stuff," recalls William Sternow, a California computer-crime expert called in on the case. "And to this day we have not been able to do it." Sternow and the other experts-- including the Los Angeles Police Department, which tired to dismantle PGP as well-- probably shouldn't hold their breaths waiting for a breakthrough. It is unlikely that they will crack Steen's diaries anytime soon, probably not in their lifetimes. Forget your cereal-box decoder rings. Pretty Good Privacy, a computer program designed by a short, slightly round Boulder programmer named Philip Zimmermann, is, as far as the current technology is concerned, about as accessible as Fort Knox. While PGP has frustrated the California cops, it has done wonders for its inventor's reputation among a thriving underground network of electronic cowboys. In the two years since he published Pretty Good Privacy, the program has propelled Zimmermann from a struggling Colorado software author missing mortgage payments to something of a folk hero among hackers, both in the U.S. and across the world, where the program has been translated into nearly a dozen languages. "I can go anywhere in Europe," boasts Zimmermann, "and not have to buy lunch." Not everyone wants to feed Phil Zimmermann. Count among his enemies the U.S. Customs Service, which is investigating him for violating export laws. Add RSA DAta Security, a Redwood City, California, company that says it is considering taking him to court for swiping its encoding technology. And of course, top off the list with any number of frustrated law enforcement agencies, from the supersecret National Security Agency (NSA) all the way down to the Sacramento sheriff's department. "Phil Zimmermann? He's a dirtbag," spits out Brian Kennedy, the detective who headed up the Steen investigation. "He's an irresponsible person who takes credit for his invention without taking responsibility for its effect. He's protected people who are preying on children. I hope that someday he'll get what he deserves." === What Phil Zimmermann deserves more than anything this gray morning is a few more hours of sleep. "I was up until four this morning working on the computer," he grumbles with not-very-well-disguised irritation. "Give me 45 minutes to become human." One hour later, this is what Phil Zimmermann looks like, human: a short guy, a little paunchy. He wears large aviator glasses, a heavy beard and an easy elfin grin. Today he is also wearing beige pants, a green shirt, and blue Etonic sneakers. Although separately none of the parts looks askew, for some reason the package still looks rumpled. His living room feels small and is crammed with books, a respectable percentage of which are bona fide, Noam Chomsky-certified leftist tracts. The back room of the north Boulder house serves as Zimmermann's computer lab. Three machines are on-line. Outside light is denied entrance by shaded windows. Books and magazines-- _The_ _Journal_ _of_ _Cryptology_-- carpet the floor in no discernible order. In the southwest corner of the room lies a small mattress, where for the past several days a Toronto college student has slept. The student, whose name is Colin Plumb, learned about the Boulder programmer about a year ago after plucking PGP off a computer network. He composed a letter to Zimmermann expressing admiration for the encrypting software, one of the thousands of pieces of fan mail that have poured into Zimmermann's mailbox and computer since June 1991, when PGP was first published. Now Plumb is here for two weeks as a volunteer assistant, helping Zimmermann update Pretty Good Privacy. He is not the first admirer to make the hajj to Boulder. "I get people here all the time," says Zimmermann. "A month ago I got a visit from a guy from Brazil. He used PGP back in Rio de Janeiro, and he was touring the country and he wanted to meet the guy who invented it." Zimmermann continues: "I get mail from people in the Eastern Bloc saying how much they appreciate PGP-- you know, 'Thanks for doing it.' When I'm talking to Americans about this, a lot of them don't understand why I'd be so paranoid about the government. But people in police states, you don't have to explain it to them. They already get it. And they don't understand why we don't." What we don't understand, at least according to an explanation of Pretty Good Privacy that accompanies the software, is this: "You may be planning a political campaign, discussing your taxes, or having an illicit affair. Or you may be doing something that you feel shouldn't be illegal, but is. Whatever it is, you don't want your private electronic mail or confidential documents read by anyone else. There's nothing wrong with asserting your privacy. Privacy is as apple-pie as the Constitution." Simple stuff, But Zimmermann and PGP have done more than provide an electronic cloak for the steamy computer messages of a few straying husbands. In fact, the publication of Pretty Good Privacy has probably done more than any other single event to shove the arcane-- and, until recently, almost exclusively government-controlled-- science and art of cryptology into the public consciousness. Much of that is inevitable. The explosion of electronic mail and other computer messaging systems begs a megabyte of privacy questions. While a 1986 federal law prevents people from snooping into computer mail without legal authorization, the fact remains that electronic eavesdropping is relatively simple to do. To an experienced hacker, unprotected computer communications are like so many postcards, free for the reading. Encryption systems simply put those postcards inside secure electronic envelopes. This may sound innocuous. But it is highly distressing to those branches of the government that say they occasionally need to listen in to what citizens are saying. In recent public debates in Congress and in private meetings, representatives of the FBI and the NSA have argued vigorously that they need high-tech tools to provide for the public and national security. They contend that this includes the capability to read any and all encoded messages that whip across the ether. To these computocops, widely available encryption in general-- and specifically, PGP-- is dangers. "PGP," warns Dorothy Denning, a Georgetown University professor who has worked closely with the National Security Agency, "could potentially become a widespread problem." To those who increasingly rely on the swelling network of computer superhighways to send, receive, and store everything from business memos to medical records to political mailing lists, however, the idea of a CIA spook or sheriff's department flunky listening in to their conversations and peeking at their mail is chilling. They fear that without basic privacy protection, the promise of the Information Age also carries with it the unprecedented threat of an electronic Big Brother more powerful than anything ever imagined by George Orwell. === When Phil Zimmermann moved to Boulder from Florida in 1978, he had every intention of earning a master's degree in computer science. Instead he went to work for a local software company. And he began fighting the good fight against big bombs. "In the early 1980s it looked like things were going to go badly," he recalls. "There was talk of the Evil Empire. Reagan was going berserk with the military budget. Things looked pretty hopeless. So my wife and I began preparing to move to New Zealand. By 1982 we had our passports and traveling papers. That year, though, the national nuclear freeze campaign had their conference in Denver. We attended, and by the time the conference was over we'd decided to stay and fight." He attended meetings. He gave speeches. He marched on nuclear test sites in Nevada. ("I've been in jail with Carl Sagan and Daniel Ellsberg," he says. "Daniel Ellsberg twice.") He taught a course out of the Boulder Teacher' Catalogue called "Get Smart on the Arms Race." ("The class is not anti-U.S.; it is anti-war," a course summary in the 1986 catalogue explains." In the snatches of free time between nuke battles, Zimmermann continued feeding a lifelong fascination with secret codes. "I've always been interested in cryptology, ever since I was a kid," he says. "I read _Codes_ _and_ _Secret_ _Writings_ by Herbert Zimm, which showed you how to make invisible ink out of lemon juice. It was pretty cool." "When I got to college I discovered that you could use computers to encode things. I started writing codes, and I thought they were so cool and impossible to break. I know they were trivial and extremely easy to break." For Zimmermann, who is 39 years old, writing and breaking codes had always been just a hobby, albeit an increasingly intensive one. Up until 1976, that is, when his hobby became an obsession that would absorb the next fifteen years of his life. That's because, like everyone else who had been dabbling in encryption at the time, Phil Zimmermann was swept away by the revolutionary concept of public-key cryptography and the RSA algorithms. === Secret codes have been used for thousands of years, but they have always operated on the same principle: The words or letters of the message to be encoded-- called the "plaintext"-- are replaced by other words, letters, numbers and symbols. These are then shuffled, rendering the communication incomprehensible. As spies and other secretive sorts began to use computers, the basic idea remained the same. But the substitution and shuffling became increasingly complex. (Just how complex is difficult to grasp. This summer a panel of experts met to evaluate the NSA's most recent encryption system. They concluded that it would take a Cray supercomputer 400 billion years of continuous operation to exhaust all the possible substitutions.) Yet even with the most scrambled substitutions, encryption always suffered from a glaring weakness: A code is only as secure as the channel over which it travels. What this has meant practically is that messages-- whether flown by pigeon or broadcast over a shortwave-- could always be intercepted by the enemy. This was particularly dangerous when it came time to share the code's "key." Traditionally, codes were always encrypted by a key that would garble, say, plain English into unreadable gobbledygook. The encoded message would then be sent to the recipient, who would use the same key to translate the message back into English. The problem with this, of course, is: How do you get the key from one place to another without danger of its being intercepted? After all, once a key is swiped by the bad guys, the entire code is rendered useless. Worse yet, what if you had no idea the key had been stolen, and your enemies continued to freely read messages you thought were protected? This is especially troublesome when you're trying to maintain a large network of secret sharers. Surprisingly, this ancient glitch was not cleared up until the spring of 1975. That's when a Stanford computer junkie named Whitfield Diffie created a crypto-revolution called public-key cryptology, a system simple in theory-- but complicated in practice-- that effectively solved the problem of key sharing. What Diffie did was imagine a system with two mathematically related keys, one public and one private. The public key could be as public as a published address. The private key would not be shared with anyone. The connection was that a message encoded with one key could be decoded by the other. To understand how this works, imagine the keys as public and private telephone numbers. The sender garbles a message with the receiver's public key, obtained from the computer equivalent of a phone book. Once sent, the only way the message can be decoded is with the receiver's mathematically related private key. Since each receiver has his own private key, no one has to share keys, and there is no danger of having the solution to the code intercepted. Equally important, each encoded message could bear the unique signature of its sender. (The sender encodes the message with his private key. The receiver affirms the message's authenticity by using the sender's mathematically related public key to unscramble the communication.) This eliminates the potential for some meddling third part to send a false message. Diffie's idea of two keys instead of one ignited a bomb among the burgeoning community of computer hackers and academic math types, who immediately began toying with public-key encryption. Not surprisingly, it didn't take long for the theory to be applied to real-life codemaking. In 1977 three MIT scientists named Ronald Rivest, Adi Shamir and Leonard Adelman constructed a series of algorithms, or mathematical instructions, that put Diffie's idea into practice. The three men named their public-key encryption system RSA, after their initials. They patented the algorithms and formed a company, RSA Data Security. Today the company practically enjoys a monopoly on public-key encryption. It puts out an eye-catching advertising pamphlet ("RSA. BEcause some things are better left unread." and sells millions of dollars' worth of encoding packages (one example: BSAFE 2.0). RSA's president is D. James Bidzos. He is not lining up to buy lunch for Phil Zimmermann. In fact, he claims that Zimmermann is little more than a poseur whose only real contribution to cryptology was to swipe RSA's technology. "Phil seems very eager to let people believe what he wants them to believe," complains Bidzos. "He like to perpetuate the idea of his being a folk hero." === Phil Zimmermann says that while he became fascinated with public-key encryption in the mid-1970s, he didn't begin seriously contemplating designing a useful application until 1984, when he was researching an article about the subject for a technical magazine. In 1986 he began fiddling with the RSA algorithms-- what he describes as "RSA in a petri dish." He says he enjoyed some mathematical successes, but that his work was still a far cry from any program that could be used to encode information." After dabbling in crypto-math and computers for four years, Zimmermann decided at the end of 1990 to construct a workable encoding package. In December, he says, he began working twelve-hour days exclusively on what was to become pretty Good Privacy. The work took its toll-- he neglected his software consulting business and missed five payments on his house-- but by the middle of 1991, the program was ready to go. In June Pretty Good Privacy was released over the Internet as software free for the taking. It was faster and simpler to use than other public- key encryption programs on the market, and the price was right. The feedback was almost instantaneous. Thousands of people quickly downloaded PGP and began using it to encrypt their own messages. Although PGP didn't contribute a lot to the theory of encryption, it did make cryptology usable and available to the average computer jock, says David Banisar, an analyst for the nonprofit Computer Professionals for Social REsponsibility in Washington, D.C. "Phil didn't invent the engine," he says, "but he did fit it inside the Ford." Indeed, the father of public-key cryptology himself says Zimmermann's proletarian privacy program is the closest thing yet to what he had in mind when he invented public-key encryption nearly two decades ago-- a nongovernment encoding system that would give the average computer user the means to communicate without fear. "PGP has done a good deal for the practice of cryptology," says Whitfield Diffie, who now works for Sun Microsystems near San Francisco. "It's close to my heart because it's close to my original objectives." In perhaps the greatest testimony to Zimmermann's program, even those who condemn the programmer for irresponsibly releasing PGP continue to use his software. "It's a great program," concedes Sacramento computer expert Sternow. "We recommend in our training to cops that they use it to encrypt their stuff." Sternow estimates that more than 500 law enforcement officers currently use PGP. PGP also spurred a loose-knit California-based group of computer users with a passion for cryptology to form a new organization to carry the torch. The group, whose members call themselves the Cypherpunks, espouses an unabashed libertarian philosophy when it comes to electronic privacy-- specifically, that privacy is far too crucial a civil right to be left to the governments of the world, and that the best way to head off government control of cryptology is to spread the capability to shroud messages to everyone. "Phil showed that an ordinary guy just reading the papers that already existed could put together an encryption system that the Nation Security Agency could break," says John Gilmore, one of three founders o the Silicon Valley-based Cypherpunks. "It took a certain amount of bravery to put this out, because at the time the government was talking about restrictions on cryptography." James Bidzos failed to see Zimmermann's courage, however. In fact, all he saw was theft. after concluding that Pretty Good Privacy was based on RSA's patented algorithms, he placed a call to Boulder. Basically," he recalls, "we said, 'What the fuck?' " Bidzos also contends that Zimmermann hardly wrote the program out of altruism, even through Pretty Good Privacy is technically free. "The documentation he distributes with PGP is misleading," he says. "It does give the impression that Zimmermann is a hero hell-bent on saving you from the evil government and an evil corporation. Gee, strike a blow for freedom." Yet, Bidzos continues, "he did this with every intention of making money. It was clearly to make money, no doubt about it. He told me just before he released it, 'Hey, I've been working on it for six years, I've put my whole life into it, I'm behind on my mortgage payments and I need to get something out of it." Bidzos says he approached Zimmermann again several months later after PGP was published and it was clear the free privacy program was not going to go away anytime soon. "We told him that if he stopped distributing PGP, we wouldn't sue, and he signed an agreement," Bidzos recalls. "He was very quick to sign it. But he's been violating the agreement ever since he signed it." Zimmermann replies that at one time he did entertain the idea of making some money off PGP. But he insists he gave that up before the software package was published. "I decided to give PGP away in the interests of changing society, which it is now doing," he says. "The whole reason I got involved was politics. I did not miss mortgage payments in the hopes of getting rich. Just look at my bookshelf. I'm a politically committed person with a history of political activism." Zimmermann adds he's uncertain whether he's violated any of RSA's patents, but he contends that if he did, the law doesn't make much sense to him. "I respect copyrights," he says. "But what we're talking about there is a patent on a math formula. It's like Isaac Newton patenting Force = Mass x Acceleration. You'd have to pay royalty every time you threw a baseball." He also acknowledges that he signed a nondistribution agreement with RSA Data Security for Pretty Good Privacy. But he insists that the has abided by it-- although admittedly only in the strictest legal sense. For example, while Zimmermann says he doesn't update or distribute PGP himself, he concedes that he freely gives direction to a worldwide "cadre of volunteers," who then implement the advice. The legal problems stemming from Zimmermann's invention don't end with James Bidzos and RSA. In February two agents from the U.S. Customs Service flew to Boulder to meet with Zimmermann and his lawyer, Phil Dubois, According to Dubois, the two agents said they were investigating how PGP had found its way overseas, a violation of U.S. law forbidding the export of encryption systems. Contacted at their San Jose office, the agents declined to comment on the investigation. Yet there is little doubt as to the agency's intent. On September 14, Leonard Mikus, the president of ViaCrypt, and Arizona company that recently signed a deal with Zimmermann to distribute a PGP- like encryption package, received a grand jury subpoena asking him to turn over the U.S. Attorney's office any documents related to PGP and Phil Zimmermann. Two days later the Austin, Texas, publisher of "Moby Crypto," a software encryption collection that includes PGP on it, received a similar subpoena. The subpoena demanded that the company, Austin Codeworks, turn overall documents related to the international distribution of "Moby Crypto," as well as "any other commercial product related to PGP." The San Jose-based assistant U.S. attorney who signed the subpoenas, William Keane, acknowledges only that since subpoenas have been issued, a federal grand jury investigation is in process. Beyond that, he says, "I can't comment on the investigation." Zimmermann acknowledges that with thousands of people copying and distributing PGP, it was inevitable the program would make its way to Europe and Asia. But he adds that he had nothing to do with exporting Pretty Good Privacy-- and says he couldn't have prevented it if he tried. "When thousands and thousands of people have access to it, how could it not be exported?" he asks. Adds Dubois: "The law just can't keep up with the technology. Somebody in Palo Alto learns something, and pretty soon somebody in Moscow is going to know about the same thing. There's nothing you can do about it." === No that the U.S. government hasn't made a very serious effort to do something about the spread of unofficial encryption systems. Indeed, until very recently, governments have enjoyed what amounted to an exclusive franchise for the science of codes and codebreaking. Advances have been made in fits and starts, with much activity occurring during times of national tension and war. In that past forty years, Washington's attraction to encryption has been kept humming by the spy- fest of the Cold War. Because the government has always controlled the medium of codes, it has controlled the message as well. In _The_ _Codebreakers_, a 1967 book widely considered the definitive history of cryptology, David Kahn wrote that the U.S. government hasn't been shy about exercising censorship and grand-scale privacy invasions in the name of breaking enemy codes, perceived or real. Fearful of encoded messages slipping to and from traitors, for instance, the U.S. government by the end of World War II had constructed a censorship office that employed nearly 15,000 people and occupied 90 building throughout the country. These censors open a million pieces of versus mail a day, listened in on telephone conversations and cast a suspicious eye on movies and magazine articles that flooded across their desks. The code watchdogs were not content simply with intercepting and examining communications, though. Officials also found reason to ban some communications even before they could be written. Incomplete crossword puzzles were pulled from letters in case their answers contained some secret code. Chess games by mail were stopped for fear they concealed directions to spies. Knitting instructions, who numbers might hide some security-threatening message, were intercepted. The government's interest in controlling secret codes did not evaporate with the end of World War II, or even with the thawing of the Cold War. RSA Data Security's Bidzos says the inventors of the RSA algorithms were approached by the NSA in the mid-1970s and discouraged from publishing their discovery. And Washington still classifies encoding systems as munitions, right alongside tanks and missiles. As a result, the export of any encryption system is against the law, considered a breach of the national security. As technology has surged forward, lawmakers have tried to maintain a grip on encryption through legislation. In 1991 a version of the U.S. Senate's Omnibus Crime Bill contained a provision that would have effectively mandated that any private encoding system contain a "back door" that law enforcement agencies could enter if they suspected any misdeeds by the sender or receiver of a message. The clause was pulled after an uproar from computer users, data security companies and civil liberty organizations. Despite the failure of the 1991 bill (as well as a 1992 FBI-sponsored version that would have outlawed the use of tap-proof cryptology over digital phone systems), the government has not given up on its attempt to control encryption. Rather, it has simply shifted strategy. Six months ago the Clinton administration announced plans to flood the market with the government's own public-key electronic voice-encoding system, called, alternative, "Clipper" or "Skipjack". The catch: An as- yet unnamed federal agency or agencies would hold the private keys in case any legally appropriate eavesdropping was necessary. The administration has stopped short of saying it will outlaw private encoding devices and mandate the use of the new Clipper system. "The standard would be voluntary," assures Jan Kosko, a spokeswoman for the National Institute of Standards and Technology in Maryland, which teamed up with the NSA to develop the system. That said, officials acknowledge that the federal government will smile on those companies that choose Clipper over other, private encryption systems. If, for example, a private company is seeking to do business with a federal government agency requiring encoding, that company would be well advised to use Clipper if it wants to win contracts. "A manufacture not using it," Kosko points out, "could not compete very well" for federal contracts. On the same day the administration revealed its intention to implement Clipper, AT&T announced it would use the system in its new secure- telephone product line, thereby becoming the first company to agree to spread the government's encryption throughout the country. And, while AT&T will continue to sell other, non-government-approved encoding devices for its phones, the new Clipper model will sell for less than half the price of AT&T's in-house encryption model, according to David Arneke, a spokesman for the company's Secure Communications System division in North Carolina. He says the first models-- which with a price tag of $1,200 will appeal mostly to law enforcement agencies and businesses hoping to keep their industrial secrets secret-- should hit the shelves by the end of the year. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an12070 at anon.penet.fi Sat Oct 2 18:34:26 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Sat, 2 Oct 93 18:34:26 PDT Subject: troglodyte MIND RAPIST flames, take II Message-ID: <9310030132.AA28944@anon.penet.fi> anon.penet.fi cut my message. now I know how Infocalypse feels. send this EVERYWHERE in cyberspace it might make a difference. === Subject: STOP THE TROGLODYTE FIDONET MIND-RAPISTS *NOW*! does routine FIDOnet email INVASION by operators VIOLATE the U.S. Electronic Communications Privacy Act? EFF's lawyer M. Godwin speaks with FIDOnet operator Al Billings on the cypherpunks mailing list. Resident list crank Perry Metzger offers his own whitehot flame. this forward brought to you by cypherpunks Cyberspatial Reality Advancement Movement (CRAM) Information Liberation Front (ILF) Blacknet === From: Mike Godwin Subject: Re: FIDOnet encryption (or lack thereof) To: cypherpunks at toad.com Date: Fri, 1 Oct 1993 16:40:09 -0400 (EDT) Al Billings writes: > On Thu, 30 Sep 1993, Mike Godwin wrote: > > > > My question is this: how does he know that the mail is encrypted if he's > > not examining the mail that passes through his system? If he *is* > > examining the mail that passes through his system, it seems likely that he > > is violating the Electronic Communications Privacy Act. > > Only if he has stated that he allows private mail. Most sysops have > specifically worded policy statements for their systems that say that the > sysop can read any and all messages on the system and may do so at any > time. That's all very nice, but it doesn't enable a FIDO sysop to intercept messages from people who are not users of his or her particular system. Those people did not waive their rights to privacy under the ECPA. > Bulletin boards do not normally offer truely private mail because of > some of the legal implications. This is a common myth. First of all, there are many BBSs that do offer truly private mail, or whose sysops, as a matter of policy, do not read others' private mail. Secondly, there's no legal liability associated with allowing e-mail privacy. Third, federal law (the ECPA) bars sysops from examining mail except under some very precisely defined circumstances. I suggest that you inform sysops who tell you otherwise that they can contact me at the Legal Services Department of EFF. You've got my e-mail address already--my phone number is 202-347-5400. -Mike From: Mike Godwin Subject: Re: FIDOnet encrypted mail issues Date: Fri, 1 Oct 1993 17:16:48 -0400 (EDT) To: cypherpunks at toad.com anonymous at extropia.wimsey.com writes: > Now, the point most internet people forget is that FIDOnet hosts are > hobbyists with 100% privately-owned machines and generally pay for the > entire participation of their userbase out of their own pockets, > excepting a few who get some dollars here and there from their generous > callers. I have never forgotten this. But their commitment and efforts do not amount to an amendment to federal law. > As a completely justified consequence, they can decide if they > allow encrypted traffic _on their individual BBSs_. Under what legal theory do they get an ECPA exemption as a "completely justified consequence"? > In that there is > considerable fear of the consequences of illegal activity being > conducted on their BBSs via encrypted mail, many sysops (such as the one > you mention, leaving aside, for now, that he apparently confused a PGP > key with an encrypted message) do not wish to take the risk and forbid > encrypted traffic. What they don't realize is that, rather than reducing the risk of legal liability, they are increasing it. > They also monitor e-mail, if only incidentally > during the course of routine system maintenance, and notices to this > effect are generally contained in log-on screens and new-user info > files. Any monitoring that results *directly* as a function of system maintenance is okay--it's sanctioned by ECPA. > In that these sysops are extremely, _personally_ vulnerable, they are > generally more cautious than those internet folks who can hide behind > institutions and businesses. If they were really cautious, they'd talk to a lawyer before setting policy based on some guess as to what their legal liabilities may be. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an12070 at anon.penet.fi Sat Oct 2 18:44:26 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Sat, 2 Oct 93 18:44:26 PDT Subject: troglodyte MIND RAPIST flames, take III Message-ID: <9310030143.AA00548@anon.penet.fi> really, it's not my fault. blame Mike Godwin === Subject: STOP THE TROGLODYTE FIDONET MIND-RAPISTS *NOW*! does routine FIDOnet email INVASION by operators VIOLATE the U.S. Electronic Communications Privacy Act? EFF's lawyer M. Godwin speaks with FIDOnet operator Al Billings on the cypherpunks mailing list. Resident list crank Perry Metzger offers his own whitehot flame. this forward brought to you by cypherpunks Cyberspatial Reality Advancement Movement (CRAM) Information Liberation Front (ILF) Blacknet === From: Mike Godwin Subject: Re: FIDOnet encryption (or lack thereof) To: cypherpunks at toad.com Date: Fri, 1 Oct 1993 16:40:09 -0400 (EDT) Al Billings writes: > On Thu, 30 Sep 1993, Mike Godwin wrote: > > > > My question is this: how does he know that the mail is encrypted if he's > > not examining the mail that passes through his system? If he *is* > > examining the mail that passes through his system, it seems likely that he > > is violating the Electronic Communications Privacy Act. > > Only if he has stated that he allows private mail. Most sysops have > specifically worded policy statements for their systems that say that the > sysop can read any and all messages on the system and may do so at any > time. That's all very nice, but it doesn't enable a FIDO sysop to intercept messages from people who are not users of his or her particular system. Those people did not waive their rights to privacy under the ECPA. > Bulletin boards do not normally offer truely private mail because of > some of the legal implications. This is a common myth. First of all, there are many BBSs that do offer truly private mail, or whose sysops, as a matter of policy, do not read others' private mail. Secondly, there's no legal liability associated with allowing e-mail privacy. Third, federal law (the ECPA) bars sysops from examining mail except under some very precisely defined circumstances. I suggest that you inform sysops who tell you otherwise that they can contact me at the Legal Services Department of EFF. You've got my e-mail address already--my phone number is 202-347-5400. -Mike From: Mike Godwin Subject: Re: FIDOnet encrypted mail issues Date: Fri, 1 Oct 1993 17:16:48 -0400 (EDT) To: cypherpunks at toad.com anonymous at extropia.wimsey.com writes: > Now, the point most internet people forget is that FIDOnet hosts are > hobbyists with 100% privately-owned machines and generally pay for the > entire participation of their userbase out of their own pockets, > excepting a few who get some dollars here and there from their generous > callers. I have never forgotten this. But their commitment and efforts do not amount to an amendment to federal law. > As a completely justified consequence, they can decide if they > allow encrypted traffic _on their individual BBSs_. Under what legal theory do they get an ECPA exemption as a "completely justified consequence"? > In that there is > considerable fear of the consequences of illegal activity being > conducted on their BBSs via encrypted mail, many sysops (such as the one > you mention, leaving aside, for now, that he apparently confused a PGP > key with an encrypted message) do not wish to take the risk and forbid > encrypted traffic. What they don't realize is that, rather than reducing the risk of legal liability, they are increasing it. > They also monitor e-mail, if only incidentally > during the course of routine system maintenance, and notices to this > effect are generally contained in log-on screens and new-user info > files. Any monitoring that results *directly* as a function of system maintenance is okay--it's sanctioned by ECPA. > In that these sysops are extremely, _personally_ vulnerable, they are > generally more cautious than those internet folks who can hide behind > institutions and businesses. If they were really cautious, they'd talk to a lawyer before setting policy based on some guess as to what their legal liabilities may be. -Mike To: cypherpunks at toad.com Subject: Re: PGP in FIDO Date: Sat, 02 Oct 1993 16:11:04 -0400 From: "Perry E. Metzger" anonymous at extropia.wimsey.com says: > Anyway, the ECPA is basically irrelevant in the BBS world, as 1] almost > every BBS states at log-on that there is no such thing as truly > "private" e-mail on the system as the sysop can, will and does see > messages in all areas, and 2] he is personally _liable_ for any illegal > activity on his BBS, so he can reasonably be expected to keep an eye on > e-mail for anything that will put his ass in a sling. You haven't been listening at all to Mr. Godwin, have you? 1) The ECPA *DOES* apply to the BBSes whether they want it to or not. All the hoping in the world doesn't make a statute go away. Merely declaring that the ECPA doesn't apply to you doesn't work -- try declaring the tax laws don't apply to you some time and see if that works. 2) The BBS operators are NOT liable UNLESS they censor the mail. If they censor the mail, they are liable for anything they fail to censor. If they do not censor, they are common carriers, and have no liability. In other words, jackasses pretending they understand the law have both broken the law and made themselves more, not less, liable for anthing left on their machines. > There has been a very heated war in FIDOland over PGP and other > encryption. Considering the risk that sysops take on by permitting > secure (?) communication on their BBSs, They take NO risk. They are common carriers if they stop censoring their mail. People don't seem to understand that the law on this is very clear. By the idiotic logic the FIDO operators are using, the phone company could be siezed if two people have a conversation about a crime over the phone. The notion is, of course, absurd, and so is the stupid half-assed amateur lawyering the people who wrote the FIDO policies used. > Personally, _I_ would never stick my neck out like that, though I > convinced many FIDOnet BBSs to do so for my own political and purely > selfish reasons. Actually, as I've just noted, you have not protected yourself. You have opened yourself up for massive legal liability where you had none before. The depths of human folly never cease to amaze me. This case is as if a group of bankers, deciding that they were scared that they might be held liable if one of their clients were a drug dealer (which they aren't) decides to embezzle all the client accounts instead to "keep themselves safe". Perry ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From khijol!erc Sat Oct 2 19:08:50 1993 From: khijol!erc (Ed Carp) Date: Sat, 2 Oct 93 19:08:50 PDT Subject: PGP in FIDO In-Reply-To: <9310022344.AA19737@snark.lehman.com> Message-ID: > Ed Carp says: > > FYI, to be married in this way, you have to declare yourself in public as > > married - introducing yourself as someone's husband or wife, for example, is > > enough. But being "common law" married, it's only "legally" - that is, if > > one or both parties want to dissolve the marriage and don't want to exercise > > their rights, they can just walk away from the marriage. > > Untrue. Common law marriage is a real marriage in every single sense. > There is no legal difference in states that recognize it. You need a > real honest to god divorce in order to end one. Look it up if you > don't believe me. Not at all. I *did* look it up. Technically, you are correct - but that marriage is recorded by no government agency, you won't find it in any public records - hell, if you still file 'single' on your tax return, who's going to know? You can just walk away - and if your spouse agrees with you, you *can*. I'm not talking about 'what would do in court' - I'm talking real life. How do I know? I'm an ex-cop. I worked on one of those 'common law' marriage cases. -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From bobi at vswr.sps.mot.com Sat Oct 2 19:18:50 1993 From: bobi at vswr.sps.mot.com (Bob Izenberg) Date: Sat, 2 Oct 93 19:18:50 PDT Subject: PGP in FIDO In-Reply-To: <9310022205.AA19553@snark.lehman.com> Message-ID: <9310030213.AA12552@vswr.sps.mot.com> Perry E. Metzger wrote: # As for what "common carrier" means, it means that the law recognizes # that you are a carrier of things, not a creator of them, and that you # are not responsible for what you carry. I've got that part, but what needs to be done / provided before the benefits of being a common carrier can be claimed? Bob -- ============================================================================== Bob Izenberg voice phone: 512-891-8680 Motorola RISC Software bobi at vswr.sps.mot.com ============================================================================== From doug at netcom.com Sat Oct 2 20:14:27 1993 From: doug at netcom.com (Doug Merritt) Date: Sat, 2 Oct 93 20:14:27 PDT Subject: PGP in FIDO Message-ID: <9310030314.AA20581@netcom5.netcom.com> khijol!erc at uunet.UU.NET (Ed Carp) said: >Not at all. I *did* look it up. Technically, you are correct - but that >marriage is recorded by no government agency, you won't find it in any >public records - hell, if you still file 'single' on your tax return, who's >going to know? You can just walk away - and if your spouse agrees with >you, you *can*. I'm not talking about 'what would do in court' - I'm >talking real life. > >How do I know? I'm an ex-cop. I worked on one of those 'common law' >marriage cases. Practical experience is a good thing. However, you are neglecting something: the case where your spouse doesn't agree. This is real life, and such things do happen. Your ex-common-law wife can retroactively file for alimony, or even for getting hold of your property during divorce proceedings, and use testimony from mutual acquaintances to establish that a common law marriage had been in effect. The details vary from state to state, but I would be surprised if it were as few as 9 states. There also tends to be a time interval involved... for instance, if you live together and apparently share a budget, pooling resources, and other such things, for N years, then if that can be established by witnesses, then you've got a common law marriage. The point that if no one knows, what difference does it make?... is a lot like the proverbial tree falling in the forest. The difference is that, in real life, people *will* know if you lived with an SO for many years in a relationship that resembled marriage, and they can and often will testify to that fact. Having a baby during that period certainly helps nail down the legal status, but is not required. Introductions as husband and wife helps, but is not required. "Technically correct" versus pragmatics is often just a matter of whether one's ex-SO is vindictive enough and knowledgeable enough to nail you. I am not a lawyer; the above is merely my lay understanding of laws, and hence may be completely incorrect. P.S. Let me guess, despite the length of time that this issue has been kicked around here, I'll get nailed for posting something that's not apropos to cypherpunks. So let me point out how it is apropos: privacy. If no one knew about your 10 year live-in lover, you wouldn't be able to get nailed on such an issue. I'll leave it as an exercise to the reader to figure out how to use cryptography to ensure the secret. :-) Cryptographic sex? Naw.... Doug From an12070 at anon.penet.fi Sat Oct 2 20:24:27 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Sat, 2 Oct 93 20:24:27 PDT Subject: Zimmermann's PGP: "A Cure for the Common Code" (fixed) Message-ID: <9310030322.AA13552@anon.penet.fi> Denver Westword, Vol. 17 Number 5, Sept. 29 1993 I've been thwarted by anon.penet.fi and the two characters '--' at least FIVE times today. better than losing anonymity though! The complete version *should* appear in alt.security.pgp,talk.politics.crypto,sci.crypt,alt.politics.org.nsa, comp.org.eff.talk the initial cypherpunk and talk.politics.crypto versions are missing the following closing paragraphs. also the cypherpunk version did not credit author ERIC DEXHEIMER. === Despite the notoriety and acclaim Pretty Good Privacy has brought him, Zimmermann admits he is not entirely comfortable with some of the popular reaction to his software. "PGP tends to attract fringe elements- - radicals, conspiracy theorists and so on-- and I'm a little embarrassed by it," he says. For instance, Zimmermann says he recently received a packet of fan mail from a group of people whose obsession is cryogenics-- the notion that newly dead people ought to be frozen until the technology that can revive them is developed. While the group seemed enthusiastic about PGP, Zimmermann says their recognition did little for his ego. "I don't want to be admired by people who are loonies," he says. He also concedes that, despite what law enforcement officers say about him being irresponsible for publishing PGP he is trouble by people who use the software for unsavory purposes. The William Steen case, for instance, unnerved him. "This is not a black-and-white issue to me," Zimmermann says. "The thought of a child molester out there using PGP does keep me up at nights. I think the benefits will outweigh the cost to society, though." Despite his misgivings about it, after nearly two years Pretty Good Privacy may be paying off for Zimmermann. Not only is his software consulting business hopping ("If you're a consultant , you get more work as a famous consultant"), but four weeks ago he finalized the deal with ViaCrypt to sell a version of PGP. The Arizona company has purchased a license from RSA Data Security to use its algorithms. So in theory, anyway, Zimmermann should be out of reach of RSA's patent-infringement claims. In the meantime, Zimmermann says he simply is pleased to have gotten a rise out of the government. "In the nuclear freeze movement, it was like I was a flea on the back of a dinosaur," he says. "Now I feel like I'm a hamster on the back of a dinosaur. Or maybe a poodle." ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From MIKEINGLE at delphi.com Sat Oct 2 21:04:28 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sat, 2 Oct 93 21:04:28 PDT Subject: ITAR: Business? Message-ID: <01H3NM64Z30Y91Y2B6@delphi.com> Registration and exemptions: 122.1 -- Registration requirements. (a) Any person who engages in the United States in the business of either manufacturing or exporting defense articles or furnishing defense services is required to register with the Office of Defense Trade Controls. Manufacturers who do not engage in exporting must nevertheless register. (4) Persons who engage only in the fabrication of articles for experimental or scientific purpose, including research and development. What definition of business do they use? Usually business refers to something involving money changing hands. This might be another way around ITAR, at least for domestic registration. Providing free copies of crypto software would not seem to be "engaging in a business". P.S. Heard on the news about how Syria is flooding us with near-perfect counterfeit $100's? Complete with magnetic ink and security strip. Treasury is scared green, and the CIA is helping to stop it. We need digicash now! From anonymous at extropia.wimsey.com Sat Oct 2 21:28:51 1993 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Sat, 2 Oct 93 21:28:51 PDT Subject: PGP in Fidonet Message-ID: <199310030409.AA15860@xtropia> * Reply to msg originally in CYPHERPUNKS > You haven't been listening at all to Mr. Godwin, have you? Frankly, no. I have however followed this same endless debate among lawyers in BBS_LAW, however, and (if I understand all parties correctly) their assessment for the most part disagrees with the one you cite here. > 1) The ECPA *DOES* apply to the BBSes whether they want it to or not. Perhaps we misunderstand each other; I do not mean, literally, that "hobby BBSs are exempt from ECPA," but that the situations addressed are generally avoided by sysop policies. Let me make sure I understand your point; are you saying that: 1] On a privately-owned computer... 2] Operating a noncommercial BBS without monetary compensation... 3] On which a repeating log-on notice informs users that all messages are subject to sysop viewing... 4] Sysop/sole owner viewing of non-public (as opposed to "private") messages during system maintenance or monitoring for unlawful activity... 5] Is prosecutable under ECPA? If so, has such a prosecution been successful? > 2) The BBS operators are NOT liable UNLESS they censor the mail. If > they censor the mail, they are liable for anything they fail to > censor. If they do not censor, they are common carriers, and have > no liability. It is my understanding that noncommercial FIDOnet participants are not in fact common carriers and that technical, legal common carrier status requires more than simply ignoring e-mail. I understand it also brings more potential liabilities than FIDO can handle. In any case, I am informed hobby sysops have been arrested and their systems seized for allegedly illegal traffic on their systems of which they claim to have had no knowledge. I believe this is the case in the CT case pending. Even if these cases are eventually dismissed, the legal expense and personal disruption to a private party (usually a young person of very limited means) is catastrophic and without practical recourse. -> There has been a very heated war in FIDOland over PGP and other -> encryption. Considering the risk that sysops take on by permitting -> secure (?) communication on their BBSs, > They take NO risk. They are common carriers if they stop censoring > their mail. People don't seem to understand that the law on this is > very clear. As I say, there seems to be a great deal more to legal "common carrier" status than simply ignoring e-mail. In FIDOdom common carrier status is regarded as a much larger can of worms, with more potential problems and liabilities for sysops than other options. > Actually, as I've just noted, you have not protected yourself. You > have opened yourself up for massive legal liability where you had none > before. I believe you are confusing me with someone else. I am not, nor would I _ever_ be, a BBS sysop. This thread gives a perfect example of why not. As far as I can tell, it's purely a fool's errand: Paying good money and personal time and trouble to no better end than incurring grief and liabilities with unpleasant, ungrateful and parasitic users, as well as potential hassles with cops, lawyers and bureaucrats. There's zero payback here; BBS sysops are crazy. Direct followup to FIDOnet BBS_LAW. From MIKEINGLE at delphi.com Sat Oct 2 21:38:51 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sat, 2 Oct 93 21:38:51 PDT Subject: Offline Digicash ? Message-ID: <01H3NNHIHQGI90ONDC@delphi.com> According to the Chaum-protocol description on chaos.bsu.edu, this is an online system - both parties must talk to the bank before a transaction is concluded. Are there any true offline systems? i.e. I can send you an email which is worth money, with no third parties involved, and there is no audit trail or means of tracing. The main problem is that there is no digital "coin" or object which can be passed around but not duplicated. Other than the bank method, I've read about an "observer" chip which keeps you honest, but the design of the chip would have to be secret, or at least the chip would have to know a secret (i.e. a key) which it would never tell you. If you could extract the key, you could write a "cheater". Shades of Clipper. Is there a system which allows anonymity and at the same time prevents people from double-spending their cash? How does it work? --- MikeIngle at delphi.com From doug at netcom.com Sat Oct 2 21:44:27 1993 From: doug at netcom.com (Doug Merritt) Date: Sat, 2 Oct 93 21:44:27 PDT Subject: Ultimate privacy/security In-Reply-To: Message-ID: <9310030441.AA03513@netcom5.netcom.com> Email conversations have made me realize that I didn't sufficiently explain an important aspect of this hypothetical algorithm. I understand that there are times that privacy, and authentication schemes that aim at establishing unique identity for the purpose of guaranteeing privacy, are an end in themselves. The speculative algorithm I mentioned, which would authenticate intentions and goals and such, was intended only to address situations where authentication of identity for privacy was a means to an end, not an end in itself. In situations where only privacy and authentication of individual identity of such will do, for arbitrary reasons as opposed to functional reasons, I've nothing to say (for the moment. ;-) But in situations where there is a *functional* reason to authenticate identity, then and only then do I propose to consider a hypothetical algorithm in which goals and/or motivations and/or philosophy and/or ethics and/or etc is called in to play. Thanks for all the responses and feedback to date. Doug From mbl at ml7694a.leonard.american.edu Sun Oct 3 00:28:51 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Sun, 3 Oct 93 00:28:51 PDT Subject: PGP in FIDO Message-ID: <9310030727.AA16994@toad.com> >"Technically correct" versus pragmatics is often just a matter of whether [...] >P.S. Let me guess, despite the length of time that this issue has been >kicked around here, I'll get nailed for posting something that's not >apropos to cypherpunks. So let me point out how it is apropos: privacy. I think it's entirely appropriate as a discussion re:pragmatics versus law. That's exactly what the PGP in FIDO thread has been about lately. But you're right. We can think of more appropriate examples. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From mnemonic at eff.org Sun Oct 3 00:38:51 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 00:38:51 PDT Subject: troglodyte MIND RAPIST flames, take III In-Reply-To: <9310030143.AA00548@anon.penet.fi> Message-ID: <199310030736.AA04039@eff.org> I'm beginning to feel like a virus. --Mike From mnemonic at eff.org Sun Oct 3 00:58:51 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 00:58:51 PDT Subject: PGP in Fidonet In-Reply-To: <199310030409.AA15860@xtropia> Message-ID: <199310030757.AA04131@eff.org> anonymous writes: > Frankly, no. I have however followed this same endless debate among > lawyers in BBS_LAW, however, and (if I understand all parties correctly) > their assessment for the most part disagrees with the one you cite here. I don't want to play duelling credentials, and, as I said earlier, there are some parts of ECPA over which reasonable lawyers can disagree. But many of the assumptions some sysops make about a) whether they're exempt from ECPA and b) whether they're at risk if they don't read e-mail, and c) whether it helps to have a sysop-can-read-e-mail policy when the sysop does not in fact read all e-mail, and d) whether encryption creates a special risk of liability for sysops strike me as pretty uninformed. Note: even if the courts were to decide that I'm wrong on point (a), it's irrelevant to points (b), (c), and (d) above. The notion that sysops have some *legal* reason to ban encrypted messages is profoundly silly, and unsupported by any caselaw anywhere. And you can quote me on that. > Perhaps we misunderstand each other; I do not mean, literally, that > "hobby BBSs are exempt from ECPA," but that the situations addressed are > generally avoided by sysop policies. Avoidable, yes, but not by policies per se--sysops can avoid ECPA liability by contracting with users or by limiting their viewing of private mail to the specific restrictions of ECPA. > 5] Is prosecutable under ECPA? If so, has such a prosecution been > successful? They're as frequent and successful as prosecutions of sysops for carrying encrypted mail. Which is to say, there are no cases on point regarding ECPA, but at least we know what the statute says. On the other hand, there's no statute that says sysops will be criminally liable if they don't ban encrypted communications. > It is my understanding that noncommercial FIDOnet participants are not > in fact common carriers and that technical, legal common carrier status > requires more than simply ignoring e-mail. I understand it also brings > more potential liabilities than FIDO can handle. The issue of common-carrier status isn't relevant to the points I've been making here. I'm assuming that no BBS qualifies as a common carrier. > In any case, I am informed hobby sysops have been arrested and their > systems seized for allegedly illegal traffic on their systems of which > they claim to have had no knowledge. Please do not make the common layman mistake of supposing that arrest or seizure equals criminal liability. If you want to talk about specific cases, please cite them. It should be noted, however, that the Steve Jackson Games seizure occurred even though there was no illegal material on his system. > I believe this is the case in the > CT case pending. You are mistaken. > Even if these cases are eventually dismissed, the > legal expense and personal disruption to a private party (usually a > young person of very limited means) is catastrophic and without > practical recourse. But you still don't get it--there's no correlation between these seizures and the use of truly private or encrypted e-mail. No connection at all. Period. The link is entirely in some sysops' minds. > As I say, there seems to be a great deal more to legal "common carrier" > status than simply ignoring e-mail. In FIDOdom common carrier status is > regarded as a much larger can of worms, with more potential problems and > liabilities for sysops than other options. As well it should be. But common-carrier status is not the only way to avoid legal liability. --Mike From mimir at u.washington.edu Sun Oct 3 01:04:29 1993 From: mimir at u.washington.edu (Al Billings) Date: Sun, 3 Oct 93 01:04:29 PDT Subject: PGP in FIDO In-Reply-To: <9310022001.AA11355@snorkelwacker.MIT.EDU> Message-ID: On Sat, 2 Oct 1993, Marc Horowitz wrote: > >> Anyway, the ECPA is basically irrelevant in the BBS world, as .... > > I'm truly amazed. Mike Godwin, who is a lawyer who *specializes* in > this sort of thing, has rebuffed this statement several times, and > given his phone number for interested BBS sysops to call him. And > yet, people continue to spew disbelief. > > Of course, without real case law, Mike's opinion is still just that, > but when some BBS sysop gets nailed by the ECPA, I'm gonna laugh. Hasn't happened yet and the ECPA was passed in what? 1986? I really doubt if a BBS sysop is going to get nailed over someone's view of e-mail on their system. From mimir at u.washington.edu Sun Oct 3 01:28:51 1993 From: mimir at u.washington.edu (Al Billings) Date: Sun, 3 Oct 93 01:28:51 PDT Subject: FIDOnet troglodyte MIND RAPISTS _unrepentant_! In-Reply-To: <9310030030.AA20202@anon.penet.fi> Message-ID: On Sun, 3 Oct 1993, S. Boxx wrote: > please cut out the following message and send it to every FIDONET operator > in existence. also, try comp.org.fidonet. moderation complicates the > posting. > > === > > > Subject: STOP THE TROGLODYTE FIDONET MIND-RAPISTS *NOW*! > > > does routine FIDOnet email INVASION by operators VIOLATE the U.S. > Electronic Communications Privacy Act? EFF's lawyer M. Godwin speaks > with FIDOnet operator Al Billings on the > cypherpunks mailing list. Resident list crank Perry Metzger offers > his own whitehot flame. Oh great. I can see my mailbox filling as soon as this makes Fidonews. Thanks, guys. From cvoid at netcom.com Sun Oct 3 01:38:51 1993 From: cvoid at netcom.com (Christian Void) Date: Sun, 3 Oct 93 01:38:51 PDT Subject: NPR? Message-ID: Has anyone considered forwarding and/or send NPR an information packet to help bring the encryption/clipper issues to the general public, or is that looked upon as a bad idea? Christian Void /T71 | "I don't like it, and I'm sorry I | VMResearch, Inc. cvoid at netcom.COM | ever had anything to do with it." | P.O. Box 170213 Tel. 1+415-807-5491 | -Erwin Schrodinger (1887-1961) | SF, CA 94117 * PGP v2.3a Public Key Available Via Finger * From an36440 at anon.penet.fi Sun Oct 3 07:54:32 1993 From: an36440 at anon.penet.fi (an36440 at anon.penet.fi) Date: Sun, 3 Oct 93 07:54:32 PDT Subject: ITAR: Business? Message-ID: <9310031451.AA05060@anon.penet.fi> >P.S. Heard on the news about how Syria is flooding us with near-perfect >counterfeit $100's? Complete with magnetic ink and security strip. Treasury >is scared green, and the CIA is helping to stop it. We need digicash now! Where did you hear of this? ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From doug at netcom.com Sun Oct 3 08:58:58 1993 From: doug at netcom.com (Doug Merritt) Date: Sun, 3 Oct 93 08:58:58 PDT Subject: troglodyte MIND RAPIST flames, take III In-Reply-To: Message-ID: <9310031557.AA05277@netcom.netcom.com> Mike Godwin said: >I'm beginning to feel like a virus. An interesting form of immortality. :-) Doug From pmetzger at lehman.com Sun Oct 3 08:59:32 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 3 Oct 93 08:59:32 PDT Subject: PGP in FIDO In-Reply-To: Message-ID: <9310031554.AA26661@snark.lehman.com> Ed Carp says: > > Untrue. Common law marriage is a real marriage in every single sense. > > There is no legal difference in states that recognize it. You need a > > real honest to god divorce in order to end one. Look it up if you > > don't believe me. > > Not at all. I *did* look it up. Technically, you are correct - but that > marriage is recorded by no government agency, you won't find it in any > public records - hell, if you still file 'single' on your tax return, who's > going to know? If you still file "single" on your tax returns, you haven't met the common law standard of acting in every way as if you were married. > You can just walk away - and if your spouse agrees with > you, you *can*. I'm not talking about 'what would do in court' - I'm > talking real life. This is true even of normal marriages. If you and your spouse simply agreed never to make an issue of it, you could walk away and no one would ever know. I fail to see what your point is, but in any case this is NOT the mailing list for discussing this topic. Perry From pmetzger at lehman.com Sun Oct 3 09:14:32 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 3 Oct 93 09:14:32 PDT Subject: PGP in FIDO In-Reply-To: <9310030213.AA12552@vswr.sps.mot.com> Message-ID: <9310031601.AA26677@snark.lehman.com> Bob Izenberg says: > Perry E. Metzger wrote: > > # As for what "common carrier" means, it means that the law recognizes > # that you are a carrier of things, not a creator of them, and that you > # are not responsible for what you carry. > > I've got that part, but what needs to be done / provided before the > benefits of being a common carrier can be claimed? I noted it in the rest of my message. You have to act like a utility -- you do not discriminate between your customers, you do not read, censor, or otherwise differentiate in the carriage of their mail. If you behave like a utility, you become a common carrier. The law in this regard is somewhat complicated, so I would consult an attorney if I wanted to be sure about it. I will point out, though, that even if you are not a common carrier you have no liability for things you don't know about and don't participate in. This is why, for instance, the maker of a knife can't be arrested because the knife is used to kill someone instead of cutting bread. The law is actually reasonable. However, if you partially censor the mail going through your system, not only are you liable for ECPA violations, but you become liable for the content of the mail. Why? Because you are now taking responsibility for stopping things from going through, and should you fail to stop something from going through that is now a conscious decision on your part for which you have liability. Perry From a2 at ah.com Sun Oct 3 09:28:58 1993 From: a2 at ah.com (Arthur Abraham) Date: Sun, 3 Oct 93 09:28:58 PDT Subject: a2 test Message-ID: <9310031615.AA10763@ah.com> This message is steganographically encrypted to look like a test. -a2 From doug at netcom.com Sun Oct 3 10:04:32 1993 From: doug at netcom.com (Doug Merritt) Date: Sun, 3 Oct 93 10:04:32 PDT Subject: PGP in FIDO In-Reply-To: Message-ID: <9310031703.AA08643@netcom.netcom.com> "Perry E. Metzger" said: > This is why, for instance, the maker of a knife can't >be arrested because the knife is used to kill someone instead of >cutting bread. The law is actually reasonable. Sometimes it is and sometimes it isn't. I recall some years ago when bartenders were getting convicted for their patron's drunk driving accidents. One can't always count on laws being reasonable, and if they are, you still can't always count on courts interpreting them reasonably. Doug From 72114.1712 at CompuServe.COM Sun Oct 3 10:08:58 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sun, 3 Oct 93 10:08:58 PDT Subject: TEST Message-ID: <931003170618_72114.1712_FHF41-1@CompuServe.COM> Please ignore From doug at netcom.com Sun Oct 3 10:09:32 1993 From: doug at netcom.com (Doug Merritt) Date: Sun, 3 Oct 93 10:09:32 PDT Subject: a2 test Message-ID: <9310031708.AA08924@netcom.netcom.com> a2 at ah.com (Arthur Abraham) said: >This message is steganographically encrypted to look like a test. With a bit of wrestling I was able to decrypt this. It's a compressed digitized image of Arthur; the background is out of focus, but it looks like Wendy's holding up an A-Squared logo. Looks like one of his test images from some years back. Amazing compression ratio. Doug From pmetzger at lehman.com Sun Oct 3 10:24:32 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 3 Oct 93 10:24:32 PDT Subject: PGP in Fidonet In-Reply-To: <199310030409.AA15860@xtropia> Message-ID: <9310031721.AA26808@snark.lehman.com> anonymous at extropia.wimsey.com says: > * Reply to msg originally in CYPHERPUNKS > > > You haven't been listening at all to Mr. Godwin, have you? > > Frankly, no. The rest of your posting is therefore 100% irrelevant. > Let me make sure I understand your > point; are you saying that: > > 1] On a privately-owned computer... > 2] Operating a noncommercial BBS without monetary compensation... > 3] On which a repeating log-on notice informs users that all messages > are subject to sysop viewing... > 4] Sysop/sole owner viewing of non-public (as opposed to "private") > messages during system maintenance or monitoring for unlawful > activity... > 5] Is prosecutable under ECPA? Gee, you are starting to catch on, aren't you? > > 2) The BBS operators are NOT liable UNLESS they censor the mail. If > > they censor the mail, they are liable for anything they fail to > > censor. If they do not censor, they are common carriers, and have > > no liability. > > It is my understanding that noncommercial FIDOnet participants are not > in fact common carriers Lets say that you operate a magazine, and decide what can and can't be placed in it. You are then liable for the contents. Lets say that instead you operate a courier service, and censor nothing. You are then not responsible for what your clients. Forget the common carrier question. If you actively decide what can and cannot go through, then any time you fail to stop something you are liable. If, on the other hand, you exercise no control, you have no legal liability. > In any case, I am informed hobby sysops have been arrested and their > systems seized for allegedly illegal traffic on their systems Mike Godwin, council to the EFF, has never heard of such a case. If you believe one has occured, why don't you tell us precisely where and when it occured? Perry From pmetzger at lehman.com Sun Oct 3 10:34:33 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 3 Oct 93 10:34:33 PDT Subject: PGP in FIDO In-Reply-To: <9310031703.AA08643@netcom.netcom.com> Message-ID: <9310031733.AA26853@snark.lehman.com> Doug Merritt says: > "Perry E. Metzger" said: > > This is why, for instance, the maker of a knife can't > >be arrested because the knife is used to kill someone instead of > >cutting bread. The law is actually reasonable. > > Sometimes it is and sometimes it isn't. I recall some years ago when > bartenders were getting convicted for their patron's drunk driving > accidents. Most states have laws that specifically assign liability to bartenders for serving intoxicated patrons. That is why they are liable in this instance. The rule does not generalize, however. A supermarket is not liable for the heart attack that an overweight patron gets from eating too much ice cream, for instance, since there is no law specifically altering the default legal rules to assign liability in such an instance. > One can't always count on laws being reasonable, Thats true, but in this instance they are not unreasonable. Perry From khijol!erc Sun Oct 3 11:18:58 1993 From: khijol!erc (Ed Carp) Date: Sun, 3 Oct 93 11:18:58 PDT Subject: PGP in Fidonet In-Reply-To: <9310031721.AA26808@snark.lehman.com> Message-ID: > > In any case, I am informed hobby sysops have been arrested and their > > systems seized for allegedly illegal traffic on their systems > > Mike Godwin, council to the EFF, has never heard of such a case. If > you believe one has occured, why don't you tell us precisely where and > when it occured? How about that case recently posted about here? Doesn't that count? -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From 72114.1712 at CompuServe.COM Sun Oct 3 11:48:57 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sun, 3 Oct 93 11:48:57 PDT Subject: POISON PILL WIMPS Message-ID: <931003184257_72114.1712_FHF56-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, I've just about had it with posts like Matthew Gream's: . . . attempting to play 'smart-ass' to your investigators is only going to result in more problems for you. Its a non-ideal world, and they definitely have the ability to cause you substantial problems. . . . I feel it is essential to show them everything that they think is there, and convince them (as they will not be as competent in cryptographic analysis as yourself [at least you hope]) that there is nothing hidden. Didn't any of you appeasers and apologists read and *understand* HACKER CRACKDOWN? Once you are the focus of an investigation, they are already causing you substantial problems. Cooperation only gives your tormentors more ammunition. You are not going to convince them of anything. You cannot talk your way out of anything. What you can--and will--do is dig yourself in deeper. After that, you will probably try to get off the hook by rolling over--like a bitch in heat--on your friends and associates. The ONLY thing that works is (a) stonewall, stonewall, stonewall until you get competent legal representation, then (b) do what your lawyer's says. Period. Consider this your wimp wakeup call. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From pmetzger at lehman.com Sun Oct 3 12:08:57 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 3 Oct 93 12:08:57 PDT Subject: PGP in Fidonet In-Reply-To: Message-ID: <9310031908.AA27027@snark.lehman.com> Ed Carp says: > > > In any case, I am informed hobby sysops have been arrested and their > > > systems seized for allegedly illegal traffic on their systems > > > > Mike Godwin, council to the EFF, has never heard of such a case. If > > you believe one has occured, why don't you tell us precisely where and > > when it occured? > > How about that case recently posted about here? Doesn't that count? Which one are you refering to? Be specific. .pm From mg5n+ at andrew.cmu.edu Sun Oct 3 12:38:58 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sun, 3 Oct 93 12:38:58 PDT Subject: Offline Digicash ? In-Reply-To: <01H3NNHIHQGI90ONDC@delphi.com> Message-ID: MikeIngle at delphi.com writes: > According to the Chaum-protocol description on chaos.bsu.edu, this is > an online system - both parties must talk to the bank before a > transaction is concluded. Are there any true offline systems? i.e. I > can send you an email which is worth money, with no third parties > involved, and there is no audit trail or means of tracing. > > The main problem is that there is no digital "coin" or object which > can be passed around but not duplicated. Other than the bank method, > I've read about an "observer" chip which keeps you honest, but the > design of the chip would have to be secret, or at least the chip > would have to know a secret (i.e. a key) which it would never tell > you. If you could extract the key, you could write a "cheater". > Shades of Clipper. > > Is there a system which allows anonymity and at the same time > prevents people from double-spending their cash? How does it work? Well, one thing that could be done is to write an "electronic check". Someone would deposit money in a bank, and then pay money to other people by writing checks, encrypting each check with with their private key for authentication, and then with the recipient's public key to protect against the possibility that the message might be intercepted. The recipient would then decode the first layer of encryption with his private key (leaving the sender's key-authentication), add his account number to the message and send it to the bank (preferrably, encoding it with the bank's public key). The bank would be able to verify the authenticity of the check by means of the sender's public key, and would then transfer the funds to the recipient's account. Basically, this works the same way paper checks work today, and might be a feasible system. This eliminates the need for both parties to talk to the bank before making the transaction; only the recipient would need to talk to the bank - to cash his check. This doesn't completely solve the traceability issue however. Although accounts could be numbered and the owner's identity kept "secret", it is still theoretically possible to trace the money from one account to another. However there is another way to do it. The bank could simply issue numbered "bills" in exchange for conventional cash, and this would be done completely anonymously. Each number would be worth a certian set value, such as a US dollar, a gram of gold, etc. The numbers could be of a form such that there would be one valid number in a billion or a trillion (or more possible) combinations, eliminating the possibility that someone might find a valid number by random guessing. (As a side comment: Creating different unique numbers is not too difficult. Suppose a bank was going to issue one million bills out of a trillion combinations. They could number the valid bills 0-999999, leaving numbers 1000000-999999999999 as invalid combinations. Each number would then be encrypted with a conventional private-key system, meaning that the valid combinations would end up randomly distrubited thruout the possible domain of numbers. The bank would easily be able to tell anyone who asked weather or not a number was valid, by using its cipher to decode the number, but nobody else would know how to find valid combinations because the bank would keep its cipher secret.) When someone wanted to spend some money, he would give the recipient the numbers of the bills he wanted to spend. To eliminate the possibility of double-spending the same numbers, the recipient would then call the bank, and give them the numbers, and the bank would flag those numbers in its database as being spent (so they couldn't be spent again), and issue new numbers. Since all calls to the bank would be anonymous, there would be effectively no way to trace the money, while security against double spending would be maintained. From MIKEINGLE at delphi.com Sun Oct 3 12:54:33 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sun, 3 Oct 93 12:54:33 PDT Subject: Excessive Crap & Flamage Message-ID: <01H3OJEA3NU68WYIKJ@delphi.com> This list is becoming completely unreadable! First the POISON PILL and now PGP IN FIDO just seem to go on and on. And how many before that? (Troglodyte mind-rapists, etc) I've got about a meg of utter crap in my email file, most of it unread or skimmed. If people want to fight, why not do it in private mail, back up your positions, and then post your conclusions if you manage to come up with any. Please don't CC all your flames to the list. And please don't echo a three-page post to add one line of comments to it. What happened to all the idealism? Total privacy, cryptophones, digital cash, zero-knowledge cooperation, bringing down governments and setting the world free? That's what the list is for, not mindless flaming. Aargggh! MikeIngle at delphi.com From nobody at alumni.cco.caltech.edu Sun Oct 3 13:29:00 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Sun, 3 Oct 93 13:29:00 PDT Subject: TRAVELLER'S ADVISORY Message-ID: <9310032022.AA24512@alumni.cco.caltech.edu> At 3:48 PM 10/1/93 -0400, Sandy wrote: > >I think this is a real danger for outspoken Cypherpunks or other >high-profile individuals such as Phil Zimmermann. Unfortunately, >I don't have any bullet-proof solutions. Suggestions? > > S a n d y Speak softly and carry a big magnet? From Jim.Cannell at f21.n216.z1.fidonet.org Sun Oct 3 14:09:00 1993 From: Jim.Cannell at f21.n216.z1.fidonet.org (Jim Cannell) Date: Sun, 3 Oct 93 14:09:00 PDT Subject: FIDOnet encryption (or lack thereof) Message-ID: <43862.2CAF3D72@ns.fidonet.org> -----BEGIN PGP SIGNED MESSAGE----- In a msg on , mnemonic at eff.org of 1:216/21 writes: m> From owner-cypherpunks at toad.com m> From: mnemonic at eff.org (Mike Godwin) m> To: mdiehl at triton.unm.edu (J. Michael Diehl) m> Date: Thu, 30 Sep 1993 11:45:09 -0400 (EDT) m> Cc: yerazunis at aidev.enet.dec.com, cypherpunks at toad.com m> Well, there's no doubt that users of his system can agree to m> allow the sysop to read their mail. But what about people m> whose mail passes *through* his system on the way to somewhere m> else? m> He has no agreement with them. FidoNet policy has a statement allowing monitoring of all intransit mail. I guess I'm going to have to dig my copy of Policy out of the archives to post the relevant paragraphs. This is a very shortsighted policy. Although financial restraints have curtailed my operations here making a lot of this moot, my own policy allows all users and passthru mail to be encrypted. I neither monitor nor censor. Jim PGP key 1024/72C6A7 fingerprint = F5 74 29 3D 9C F8 A7 32 C7 98 F1 FE C4 85 FA 70 Protect your right to privacy. Say no to Clipper/Skipjack and key escrow -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLK8tCZuaN9X1csanAQFh6QP/bcfC21gOOnBMAAKoGTVON7u7NEda9Nqr JtH1voGXQKArnRveoVffSTTlESjBC+yaBzi3t4Z1E37uELkd31r70M6OLIWDmw8o QLvZXtoQJgCTzyzHUlY+K94XW3QznHllMVx2oYVJ53tKPn/HmrjwIN5Ml0orBU70 vhek/pyCXnk= =f+Pj -----END PGP SIGNATURE----- -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= (Gated via FidoNet Node 1:1/31) Jim Cannell Internet: Jim.Cannell at f21.n216.z1.fidonet.org From Jim.Cannell at f21.n216.z1.fidonet.org Sun Oct 3 14:09:34 1993 From: Jim.Cannell at f21.n216.z1.fidonet.org (Jim Cannell) Date: Sun, 3 Oct 93 14:09:34 PDT Subject: fido encryption. Message-ID: <43861.2CAF3D72@ns.fidonet.org> -----BEGIN PGP SIGNED MESSAGE----- In a msg on , mdiehl at triton.unm.edu of 1:216/21 writes: m> Hi all! I just conducted an experiment whose results m> indicate how far we (Cypherpunks) have to go in educating the m> American Public WRT encryption technology: Agreed. There is a large education project ahead. m> I send an encrypted message via fidonet! (awk!) m> m> I had heard a rumor that fidonet forbade encrypted e-mail, m> but I had to find out for myself. Well, they do. Now I m> understand that these sysops are spending their own money and m> equipment to provide these services and have the right to m> regulate it in any way they see fit. That's not the point. This is _NOT_ true. There is no prohibition on encrypted messages within FidoNet. There is a large number of people within FidoNet that use wishful thinking to support such a ban. FidoNet policy states only that routing of encrypted traffic through a system that has not previously authorized such traffic is considered annoying behavior. Contrary to what many would have you believe, that is the _ONLY_ rule about encrypted traffic in FidoNet. m> The point(s) is/are: m> m> 1) They ACTIVELY enforce this policy. They don't simply say m> "no," they check (presumably) all of their user's email to m> enforce this policy. There is a great deal of paranoia within FidoNet about encryption. There are many who will not allow encrypted traffic on their systems. Of course, most of these have never heard of the term, steganography. I have a simple message that I like to send to these folks. Even though the hidden message is just reading down the first column, many people, especially those who claim they don't allow encrypted messages on their system, miss it. When PGP 2.0 first came out, I ran into these paranoids who said "There will never be any encryption on my system". I decided that an end run around these bozos was in order, so I created the SecureMail system. SecureMail is a group of FidoNet sysops who have agreed to route any and all mail through their systems without any form of censorshiop or monitoring. It now covers every part of the U.S., with some overseas links. I can post a list of those participating if you would like. Encrypted traffic now flows regularly through the SecureMail system. m> 2) They seem to be afraid to pass/store encrypted messages on m> their system. This indicates to me a lack of understanding of m> the concept of privacy. They seem to buy into the idea that m> "only BAD people encrypt email." I fully agree with this assesment. They do not understand that they cannot be responsible for a message that they cannot read. I continually run into the "What have I got to hide attitude". There are a number of us in FidoNet actively promoting privacy and the use of PGP. We are making slow and painful progress. m> We need to educate the electronic community before we can m> hope to educate the general public. The text of the messages m> follow with the names removed. BTW, the text of the plaintext m> message was "this is a test." Just thought you'd be m> interested. Comments? I can probably guess the names that you deleted. I get this type of message frequently. It's sad, but true that these people do need educating. Unfortunately, there are many with the closed minds so well demonstrated in the message that you posted. The primary internet/FidoNet gateway system (zeus.ieee.org) has agreed to pass encrypted traffic from FidoNet to the internet and vice versa. However, much of the internet/FidoNet traffic passes through other gateway systems which do not necessarily allow encrypted traffic. Even traffic that passes through zeus.ieee.org may be routed through FidoNet systems that don't allow encrypted traffic. The trick in passing encrypted traffic between the internet and FidoNet is in making sure that the routing sends it through a gateway system that allows encrypted traffic and provides a direct link into the SecureMail system. You can send mail to any FidoNet system by addressing the message to me at: Jim.Cannell at f21.n216.z1.fidonet.org Put a line at the beginning of the text identifying the ultimate addressee and his FidoNet address. Right now, I will have to manually process all such messages, but maybe if I get enough traffic, it will motivate me to write a remailer program. Then we can can have anonymous remailing within FidoNet as well. That really ought to set the paranoids off :-). There are others that will probably provide this service as well. I'll post their names as they give permission. By the time I received this message (I only get updates to this list three times a week), the discussion has been extensive. I have neither the time nor the desire to respond to everything on the thread. Rest assured that I have read it. Since it has stirred up so much controversy, I will introduce the topic in the approritate places in FidoNet. It needs exposure there. Since FidoNet systems are for the most part privately owned, it is there especially that privacy needs to be encouraged. Jim PGP key 1024/72C6A7 fingerprint = F5 74 29 3D 9C F8 A7 32 C7 98 F1 FE C4 85 FA 70 Protect your right to privacy. Say no to Clipper/Skipjack and key escrow -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLK8sq5uaN9X1csanAQFEHAP/U0L8SFiz7L1MgtmsTYP5utBp1/mXjq9k QT3th/KWZqKJ6wqrAt0q97/04EFdazYKGJqme63CTBzaTAonorOX4HJP6zT/56z9 +fGbK84uAL+ilgE5kxQ5OB0eY0MF6H/k0F7eBQk392nz9b9wecdhdmM70ozTTL1b FhvTXiIaBvg= =7tus -----END PGP SIGNATURE----- -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= (Gated via FidoNet Node 1:1/31) Jim Cannell Internet: Jim.Cannell at f21.n216.z1.fidonet.org From nowhere at bsu-cs.bsu.edu Sun Oct 3 14:09:42 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Sun, 3 Oct 93 14:09:42 PDT Subject: Internet SEcurity Scanner (ALERT) Message-ID: <9310032108.AA05992@bsu-cs.bsu.edu> =========================================================================== CA-93:14 CERT Advisory September 30, 1993 Internet Security Scanner (ISS) --------------------------------------------------------------------------- The CERT Coordination Center has received information concerning software that allows automated scanning of TCP/IP networked computers for security vulnerabilities. This software was posted to the comp.sources.misc Usenet newsgroup. The software package, known as ISS or Internet Security Scanner, will interrogate all computers within a specified IP address range, determining the security posture of each with respect to several common system vulnerabilities. The software was designed as a security tool for system and network administrators. ISS does not attempt to gain access to a system being tested. However, given its wide distribution and ability to scan remote networks, CERT feels that it is likely ISS will also be used to locate vulnerable hosts for malicious reasons. While none of the vulnerabilities ISS checks for are new, their aggregation into a widely available automated tool represents a higher level of threat to networked machines. CERT has analyzed the operation of the program and strongly recommends that administrators take this opportunity to re-examine systems for the vulnerabilities described below. Detailed below are available security tools that may assist in the detection and prevention of malicious use of ISS. Finally, common symptoms of an ISS attack are outlined to allow detection of malicious use. Vulnerabilities probed by ISS ----------------------------- The following vulnerabilities are currently tested for by the ISS tool. Administrators should verify the state of their systems and perform corrective actions as indicated. Default Accounts The accounts "guest" and "bbs", if they exist, should have non-trivial passwords. If login access to these accounts is not needed, they should be removed, or disabled by placing a "*" in the password field and the string "/bin/false" in the shell field in /etc/passwd. See the system manual entry for "passwd(1)" for more information on changing passwords and disabling accounts. For example, the /etc/passwd entry for a disabled guest account should resemble the following: guest:*:2311:50:Guest User:/home/guest:/bin/false lp Account The account "lp", if it exists, should not allow logins. It should be disabled by placing a "*" in the password field and the string "/bin/false" in the shell field in /etc/passwd. Decode Alias Mail aliases for decode and uudecode should be disabled on UNIX systems. If the file /etc/aliases contains entries for these programs, they should be removed, or disabled by placing a "#" at the beginning of the line and then executing the command "newaliases". Consult the manual page for "aliases(1)" for more information on UNIX mail aliases. A disabled decode alias should appear as follows: # decode: "|/usr/bin/uudecode" Sendmail The sendmail commands "wiz" and "debug" should be disabled. This may be verified by executing the following commands: % telnet 25 220 host Sendmail 5.65 ready at Wed, 29 Sep 93 20:28:46 EDT wiz You wascal wabbit! Wandering wizards won't win! (or 500 Command unrecognized) quit % telnet 25 220 host Sendmail 5.65 ready at Wed, 29 Sep 93 20:28:46 EDT debug 500 Command unrecognized quit If the "wiz" command returns "Please pass, oh mighty wizard", your system is vulnerable to attack. The command should be disabled by adding the following line to the sendmail.cf configuration file containing the string: OW* For this change to take effect, kill the sendmail process, refreeze the sendmail.cf file, and restart the sendmail process. If the "debug" command responds with the string "200 Debug set", you should immediately obtain a newer version of sendmail software from your vendor. Anonymous FTP Anonymous FTP allows users without accounts to have restricted access to certain directories on the system. The availability of anonymous FTP on a given system may be determined by executing the following commands: % ftp hostname Connected to hostname. 220 host FTP server ready. Name (localhost:jdoe): anonymous 530 User anonymous unknown. Login failed. The above results indicate that anonymous FTP is not enabled. If the system instead replies with the string "331 Guest login ok" and then prompts for a password, anonymous FTP access is enabled. The configuration of systems allowing anonymous FTP should be checked carefully, as improperly configured FTP servers are frequently attacked. Refer to CERT Advisory CA-93:10 for more information. NIS ISS attempts to guess the NIS domainname. The program will try to grab the password file from ypserv. See CERT Advisory CA-92:13 for more information regarding SunOS 4.x machines using NIS. See CERT Advisory CA-93:01 for more information regarding HP machines using NIS. NFS Filesystems exported under NFS should be mountable only by a restricted set of hosts. The UNIX "showmount" command will display the filesystems currently exported by a given host: % /usr/etc/showmount -e hostname export list for hostname: /usr hosta:hostb:hostc /usr/local (everyone) The above output indicates that this NFS server is exporting two partitions: /usr, which can be mounted by hosta, hostb, and hostc; and /usr/local which can be mounted by anyone. In this case, access to the /usr/local partition should be restricted. Consult the system manual entry for "exports(5)" or "NFS(4P)" for more information. rusers The UNIX rusers command displays information about accounts currently active on a remote system. This may provide an attacker with account names or other information useful in mounting an attack. To check for the availability of rusers information on a particular machine, execute the following command: % rusers -l hostname hostname: RPC: Program not registered If the above example had instead generated a list of user names and login information, a rusers server is running on the host. The server may be disabled by placing a "#" at the beginning of the appropriate line in the file /etc/inetd.conf and then sending the SIGHUP signal to the inetd process. For example, a disabled rusers entry might appear as follows: #rusersd/2 dgram rpc/udp wait root /usr/etc/rusersd rusersd rexd The UNIX remote execution server rexd provides only minimal authentication and is easily subverted. It should be disabled by placing a "#" at the beginning of the rexd line in the file /etc/inetd.conf and then sending the SIGHUP signal to the inetd process. The disabled entry should resemble the following: #rexd/1 stream rpc/tcp wait root /usr/etc/rexd rexd See CERT Advisory CA-92:05 for more information regarding IBM AIX machines using rexd. Available Tools --------------- There are several available security tools that may be used to prevent or detect malicious use of ISS. They include the following: COPS The COPS security tool will also detect the vulnerabilities described above. It is available via anonymous FTP from cert.org in the directory /pub/tools/cops/1.04. ISS Running ISS on your systems will provide you with the same information an attacker would obtain, allowing you to correct vulnerabilities before they can be exploited. Note that the current version of the software is known to function poorly on some operating systems. ISS may be obtained via anonymous FTP from ftp.uu.net in the directory /usenet/comp.sources.misc/volume39/iss. TCP Wrappers Access to most UNIX network services can be more closely controlled using software known as a TCP wrapper. The wrapper provides additional access control and flexible logging features that may assist in both the prevention and detection of network attacks. This software is available via anonymous FTP from cert.org in the directory pub/tools/tcp_wrappers. Detecting an ISS Attack ----------------------- Given the wide distribution of the ISS tool, CERT feels that remote attacks are likely to occur. Such attacks can cause system warnings to be generated that may prove useful in tracking down the source of the attack. The most probable indicator of an ISS attack is a mail message sent to "postmaster" on a scanned system similar to the following: From: Mailer-Daemon at hostname (Mail Delivery Subsystem) Subject: Returned mail: Unable to deliver mail Message-Id: <9309291633.AB04591@> To: Postmaster at hostname ----- Transcript of session follows ----- <<< VRFY guest 550 guest... User unknown <<< VRFY decode 550 decode... User unknown <<< VRFY bbs 550 bbs... User unknown <<< VRFY lp 550 lp... User unknown <<< VRFY uudecode 550 uudecode... User unknown <<< wiz 500 Command unrecognized <<< debug 500 Command unrecognized 421 Lost input channel to remote.machine ----- No message was collected ----- --------------------------------------------------------------------------- The CERT Coordination Center would like to thank Steve Weeber from the Department of Energy's CIAC Team for his contribution to this advisory. --------------------------------------------------------------------------- If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in FIRST (Forum of Incident Response and Security Teams). Internet E-mail: cert at cert.org Telephone: 412-268-7090 (24-hour hotline) CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Past advisories, information about FIRST representatives, and other information related to computer security are available for anonymous FTP from cert.org (192.88.209.5). From mccoy at binky.cc.utexas.edu Sun Oct 3 14:24:42 1993 From: mccoy at binky.cc.utexas.edu (mccoy at binky.cc.utexas.edu) Date: Sun, 3 Oct 93 14:24:42 PDT Subject: Austin Cypherpunks organizational meeting Message-ID: <199310032125.AA13722@binky.cc.utexas.edu> Digital Freedom: By any means necessary. Austin Cypherpunks Meeting October 9, 1993 1:00 pm Taylor Hall 2.006 -- UT Campus (24th and Speedway) The Austin Cypherpunks chapter will be holding its first local meeting on Saturday the 9th of October at 1:00 pm in room 2.006 of Taylor Hall (UT Campus). This will be an organizational meeting for the local chapter and will give you an opportunity to meet other cypherpunks from the Austin area. For the first time, information technology is giving people the opportunity for more privacy instead of less. For instance, we will have digital money soon; will it be used to track you every time you spend, or will it give you more security and convenience than a credit card with the anonymity of cash? Both are possible outcomes, but you will only keep your privacy if people get together and take action. Please join us, either in person or through our mailing lists, and help work towards a future where your privacy is guaranteed, not just legally, but by the best encryption and authentication tools available. Some of the items on the agenda for this first meeting include: -Education Hands-on demonstration of encryption tools and anonymous remailers; we will be distributing PGP (bring your disks!) and handing out information about the infamous "Clipper Chip". We should also have the latest information on the subpoenas served on various distributors of cryptographic software. -Political action Strong tools for privacy are perceived by most governments as a threat; cypherpunks have joined the fight against government attempts to restrict or ban encrypted communications, as well as the now-useless export ban on effective cryptographic software. -Public Key Exchange. Swap public keys with other members. We will have Macs and PCs on hand for you to sign and exchange public keys with other cypherpunks members. -Digital Credit Union Project Local cypherpunks are already working on forming a new credit union which will provide secure banking and commerce across the net using strong cryptography. [Location Instructions: Go to Taylor Hall on the UT campus. This building is at 24th and Speedway. The directions to room 2.006 are a little complicated for words, but a map will be posted on all of the doors to Taylor hall.] To subscribe to our full mailing list, send mail to: austin-cypherpunks-request at bongo.cc.utexas.edu To subscribe to our announcement-only mailing list, send mail to: austin-cypherpunks-announce-request at bongo.cc.utexas.edu Put the word 'subscribe' in the subject of your mail. Our file archives are available in /pub/cypherpunks via anonymous ftp at: ftp.cc.utexas.edu The Austin Cypherpunks chapter will continue to meet on the second saturday of each month in conjunction with local cypherpunk chapters across the country. The location of future meetings will be announced on local newsgroups and the local cypherpunks mailing list. Cypherpunks: There is safety in numbers... large primes. Local contacts for your questions...: Jim McCoy Doug Barnes From frc%bwnmr4 at harvard.harvard.edu Sun Oct 3 14:54:35 1993 From: frc%bwnmr4 at harvard.harvard.edu (Fred Cooper) Date: Sun, 3 Oct 93 14:54:35 PDT Subject: a2 test In-Reply-To: <9310031615.AA10763@ah.com> Message-ID: <9310032153.AA16008@bwnmr4.harvard.edu> > This message is steganographically encrypted to look like a test. > -a2 If this is an image, Would any of the gurus who have cracked it care to share how it was done? FRC From tcmay at netcom.com Sun Oct 3 15:28:59 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 3 Oct 93 15:28:59 PDT Subject: a2 test In-Reply-To: <9310032153.AA16008@bwnmr4.harvard.edu> Message-ID: <9310032228.AA20304@netcom5.netcom.com> > > This message is steganographically encrypted to look like a test. > > -a2 > > If this is an image, Would any of the gurus who have cracked it care to > share how it was done? > > FRC No, no, no! Arthur's one-line message actually was of course a 3-hour MPEG movie, which I've been watching since I decompressed, decrypted, and reformatted the file to run on my computer screen. -Tim May P.S. to Arthur: Who was that woman in the second reel? Some kind of steganographic stripper? -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From lex at mindvox.phantom.com Sun Oct 3 15:54:33 1993 From: lex at mindvox.phantom.com (Lex Luthor) Date: Sun, 3 Oct 93 15:54:33 PDT Subject: The right to remain silent Message-ID: Quoting a previous message: >Date: 03 Oct 93 14:42:57 EDT >From: Sandy <72114.1712 at CompuServe.COM> >To: >Subject: POISON PILL WIMPS > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT Reply to: ssandfort at attmail.com > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > >Punksters, > >I've just about had it with posts like Matthew Gream's: > > . . . attempting to play 'smart-ass' to your > investigators is only going to result in more problems > for you. Its a non-ideal world, and they definitely have > the ability to cause you substantial problems. > > . . . I feel it is essential to show them everything > that they think is there, and convince them (as they > will not be as competent in cryptographic analysis as > yourself [at least you hope]) that there is nothing > hidden. > >Didn't any of you appeasers and apologists read and *understand* >HACKER CRACKDOWN? Once you are the focus of an investigation, >they are already causing you substantial problems. Cooperation >only gives your tormentors more ammunition. You are not going >to convince them of anything. You cannot talk your way out of >anything. What you can--and will--do is dig yourself in deeper. >After that, you will probably try to get off the hook by rolling >over--like a bitch in heat--on your friends and associates. > >The ONLY thing that works is (a) stonewall, stonewall, stonewall >until you get competent legal representation, then (b) do what >your lawyer's says. Period. > >Consider this your wimp wakeup call. > > S a n d y >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ A wise mindvox user said recently on the round-table forum: "If you have nothing to hide and did nothing wrong then you have absolutely nothing to lose by keeping quiet" Having seen many a hacker (and non-hacker) get into trouble over the years, I'd have to say that Sandy's assesment is correct in the majority of cases. as for "rolling over--like a bitch in heat-- on your friends and associates" this too I have seen all too often and many times to little benefit to the rat who is talking. Dragging other people down with you serves little purpose IMHO and is a particularly dispicable and all too common trend among hackers of recent years. oh and sandy, I did read the Hacker Crackdown :-) Let me quote a second recent post: >Date: Sun, 03 Oct 1993 15:51:55 -0400 (EDT) >From: Mike Ingle >Subject: Excessive Crap & Flamage >To: cypherpunks at toad.com > >This list is becoming completely unreadable! First the POISON PILL and now >PGP IN FIDO just seem to go on and on. And how many before that? >(Troglodyte mind-rapists, etc) I've got about a meg of utter crap in my >email file, most of it unread or skimmed. If people want to fight, why not >do it in private mail, back up your positions, and then post your >conclusions if you manage to come up with any. Please don't CC all your >flames to the list. And please don't echo a three-page post to add one >line of comments to it. > >What happened to all the idealism? Total privacy, cryptophones, digital >cash, zero-knowledge cooperation, bringing down governments and setting the >world free? That's what the list is for, not mindless flaming. > >Aargggh! MikeIngle at delphi.com > although no one is asking me, I'll admit that perhaps this message itself is guilty of the above. And I am on the verge of unsubscribing after a couple of months being on the list because the daily time requirement to keep on top of the messages is exceeding an hour. Perhaps splintering the list into the following 2 main areas is an option: 1) A fairly lean-bandwidth list containing technical facts, news articles, bibliographic info, short source code, etc. 2) A more fluffy-content list containing general comments, opinions, flames, etc. Subscription to list 2 would probably necessitate subscription to list 1. But for those who want the meat without the potatoes, subscription to list 1 is all that would be required. I recall this coming up about a month and a half ago, more calls for keeping the messages "pertinent" to the cypherpunk agenda. The problem has only grown worse. Lex From cdodhner at indirect.com Sun Oct 3 16:08:59 1993 From: cdodhner at indirect.com (Christian D. Odhner) Date: Sun, 3 Oct 93 16:08:59 PDT Subject: The right to remain silent In-Reply-To: Message-ID: <199310032307.AA06568@indirect.com> > although no one is asking me, I'll admit that perhaps this message itself > is guilty of the above. And I am on the verge of unsubscribing after a > couple of months being on the list because the daily time requirement to > keep on top of the messages is exceeding an hour. Perhaps splintering the > list into the following 2 main areas is an option: > > 1) A fairly lean-bandwidth list containing technical facts, news articles, > bibliographic info, short source code, etc. > > 2) A more fluffy-content list containing general comments, opinions, flames, > etc. Yat Yat. (That means I agree.) Let's split the list. Cypherpunks-Announce Cypherpunks-Agenda Cypherpunks-Politics Cypherpunks-Code Cypherpunks-Clipper Something like that. We (whats this we shit white man?) might need different list software... Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" "If guns are outlawed, only the government will have guns." -E. Abbey My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 ------------------------------------------------------------------------------ From cmj at acsu.buffalo.edu Sun Oct 3 16:44:34 1993 From: cmj at acsu.buffalo.edu (christophe m johnson) Date: Sun, 3 Oct 93 16:44:34 PDT Subject: How do I subscribe to the cypherpunks list, or join the group? Message-ID: <199310032343.TAA19879@autarch.acsu.buffalo.edu> -----BEGIN PGP MESSAGE----- Version: 2.3a hDwCGdGCGGWZy6cBAX9US8GSMhlaG5XC2oJcVm6SEOe5xWw7Gb0rNfp7NJ/x245Y y2Jth6LrZRf+sVhzE3imAAACF69mSFFgfX1Ho2OAfdnFwIi3E7GJi+BPV5/BTNo9 +JPSsmZMObddH8VLqXMFvHcbdJJvNzDq9r4cgkmYHHUknvZIKKzJ7QTnAoGr0XW4 N34Zshejxs+KgogJxwq8pnBnspBZ3qYp9z5BtmcaexAjY8VZNVQ4CiZC3uAZf2TH pKj/Y4ufvS+TBVbTZM0jNyjzNpOC+owQcotkDFJdmiBC/9f83rPz323r2ksSyUwU vabHRqDRzryqNvhsKBkV8bW80ZMXmom16Eq8lgBtzbM/SR69+Pjbu+g0vczy07c0 Q8zNO7G60YcJuS8/D0TGBHH97H7SYs1fsL1gvR/OFmvtwhjTMNx2XjNgBThWoKyP 0rGYBAwnC3CxaK+quGOB9HDvfPZhtYHw7fP5uYGF8uFiia/fz0x28ngS6edzPILE HWhV/4bT8RWTBBNaP6enciY/bTIOFRfXvg4eVBvLfPTxfO8hY7lvD5xr207JYGsu YIKnr/Vcq+q7z/8govz+YgXF/Egx4xRzIYkwy6Igg4+aIUl+NC0nxwyhQZeg3ov6 WZqnM799GC3qddPIcAOUzEWuBTr0M67O7Op4ipeFzf5wypEpESdnEZHd+VfBfzvC rZn7K3aOnPJ8nwNgd4JHjiZzXM0R17+V6FPSx/pP1kyHtOfNA3G+18eTyAK2wMko VUOhy3/jNcQNePGreeYT/qBg/lNcx1tEsP0= =hYSg -----END PGP MESSAGE----- From fergp at sytex.com Sun Oct 3 16:48:59 1993 From: fergp at sytex.com (Paul Ferguson) Date: Sun, 3 Oct 93 16:48:59 PDT Subject: CuD forward Message-ID: <610uac1w165w@sytex.com> excerpted from: >Date: Sun, 3 Oct 1993 16:49:01 CDT >From: Cu-Digest >Subject: Cu Digest, #5.77 - --- Date: Fri, 1 Oct 93 06:55:38 -0700 From: grady at NETCOM.COM(Grady Ward) Subject: File 1--Grady Ward DOES NOT Encourage Illegality Jerry Leichter's comments about me in CuD, Volume 5, Issue 76 are flatly wrong. I do not and never have encouraged people to copy or use PGP illegally whatever their jurisdiction. In this country they ought not to "make, use, or sell" RSA without a license from PK Partners of Sunnyvale, CA. Similarly, the IDEA cipher ought not to be used commercially without a specific commercial license from Ascom-Tech AG of Switzerland. If they are non North American nationals then they need to obtain a copy of PGP from one of several foreign sites such as: black.ox.ac.uk (129.67.1.165) ghost.dsi.unimi.it (149.132.2.1) nic.funet.fi (128.214.6.100) Depending, of course, on their local laws. I have been assured by two attorneys that source is NOT an infringing "device" and can be copied or studied as long as its distribution is not simply a ploy to evade patent law. The whole constitutional idea of a patent centers on the wide dissemination of the underlying ideas that can be reduced to practice by a "person of ordinary skill" in the field. Disseminating the ideas underlying a patent is explicitly a patriotic act in the United States. In any event individuals become moral creatures by actively making their own personal choices and not having the ideas that could lead to an informed choice restricted by the State. I support the widespread use of strong crypto in the world for two reasons: It assists physically separate individuals to freely exchange ideas in greater safety from State interference. And it preferentially helps less powerful people since the more powerful dominating group can simply use the raw force of its state apparatus to advance its program. It is an equalizer in the quest for coalition and social justice. Strong crypto creates communities, not conspiracies. ------------------------------ Date: Thu, 30 Sep 93 17:49:12 -0600 From: "L. Detweiler" Subject: File 2--Response to Jerry Leichter in re Moby Crypto Editor: I strongly object to comments by Jerry Leichter on the PGP subpoenas in CuD, Volume 5 : Issue 76. Mr. Leichter appears to be making contradictory points: even though the ITAR may be casting FUD and chilling people's actions based on `poorly drafted regulations whose coverage no one can determine, by threats and insinuations from government spokesmen that some action is illegal', he on the other hand admonishes G. Ward for his actions to date in challenging the law. "Ward is deliberately flaunting it. Stupid, dangerous idea. Being a revolutionary, putting yourself in direct opposition to the power of the state, isn't fun and games. People get hurt that way." Mr. Leichter does not appear to realize that the most egregious laws created tend only to be overturned by the most dramatic challenges. Our own American Revolution is a dramatic instance of this fact. I have praised G. Ward in email previously as a compelling cyberspatial hero for his actions in publicizing over Usenet the NSA and State Department molestations he has been subject to over the past weeks. Very dramatic constitutional issues are at stake. Another major reality lapse in Mr. Leichter's somewhat desultory argument (that appears to have the fundamental message of minimizing the significance of the Zimmermann-Ward affair) is the following. Citizens in a society do not live by the laws -- they live by the *effect* of those laws on their everyday life. Some laws are widely ignored, such as speed limits. Some are revered with the utmost respect, such as the rulings of the Supreme Court and the directives of the President. Even if no case had ever been brought to court on the ITAR, the fundamental issue is that the law has an extraordinary dampening force on certain aspects of current cyberspatial development and enterprise -- in particular, cryptographic technology intrinsic to a wide variety of transforming technologies such as digital cash and signatures -- all critical to future progress. An analogy might be this: even though our judicial system has evolved an elaborate protocol for granting search warrants, that system is meaningless if people voluntarily allow police to search their homes. We do *not* live in a world described by government laws, we live in one that interacts with them in sometimes unpredictable ways. Now, let me abandon these vague platitudes immediately for some cutting specifics relevant to this case. What is the effect on the ITAR on *domestic* cryptographic development? The ITAR supposedly only deals with import and export and in fact that is all the authority granted by its enabling law, the Arms Export Control Act, to cover. But the use of the ITAR in practice by government bureaucrats is apparently to stifle free speech and free press rights of domestic U.S. citizens. This situation is transparently clear from Grady Ward's wretched predicament and other noxious affairs that have escaped the focused attention of many. In particular, I would like to draw attention to an outstanding effort by D. Bernstein to demonstrate the sheer oppressive force of the ITAR as interpreted by the relevant U.S. agencies. In the anonymous FTP file ripem.msu.edu:/pub/crypt/docs/shuffle-export-hassles. is an extraordinary compilation of letters sent between D. Bernstein and the Bureau of Politico-Military affairs regarding the ITAR rules. Mr. Bernstein sought permission to *post* a simple message to the Usenet group sci.crypt describing a cryptographic technique. The sheer obstruction he encountered is absolutely appalling. It approaches the grotesque torture of a totalitarian society in suppressing information. He required the intervention of his California state representative merely to get simple mail responses from the asphyxiating bureaucracy! Moreover, the exchange demonstrates very clearly that the government *applies* the ITAR not as a law regarding import and export of material (as the *law* constrains it) but *in practice* as an instrument to stifle otherwise lawful 1st Amendment scientific publication. From a letter of 14 July 1993 to A. A. Henderson: >Please note that the State Department is engaging in >unconstitutional censorship of material which I privately >developed and which I wish to publish. What you are >witnessing is a battle over the First Amendment. I believe >that the [Office of Defense Trade Controls, Bureau of >Politico-Military Affairs] is acting in violation of the >Bill of Rights. [They] failed to answer this question: >"Does ITAR exert prior restraint on otherwise lawful >publication"? In these paragraphs I seek to emphasize that the debate goes far deeper than the mere obnoxious classification of widespread, public-domain cryptgraphic algorithms and techniques as `munitions'. The debate surrounding the ITAR cuts to the core of many democratic issues. The ITAR is updated with alarming frequency and changed with disturbing ease. Its revision seems to occur in complete defiance of a regular and open legislative process. Even top *experts* on the law cannot keep up with all the modifications. As a frightening example of this, take the case of U.S. vs. Martinez, where Elizabeth Martinez and her fiance were convicted of violating the Arms Export Control Act by exporting `cryptographic hardware' -- a satellite TV video descrambling device, `Videocipher II'. Apparently, by some magic bureaucratic whim, it is now *legal* to export such equipment under the ITAR! I doubt Mrs. Martinez is consoled by this news, after being consumed and rebuffed even on appeal. I consider the ITAR one of the most totalitarian documents our government has ever produced. G. Ward and P. Zimmerman are modern cyberspatial heroes for their bold, direct challenges of it. In classifying `disclosure of information to foreign nationals' as *export* we find the same institutional paranoia and cyberspatial ignorance seen in the Cold-War era Soviet Union in e.g. restricting Xerox machines. The irony is that in both cases, the paranoia is entirely justified, even necessary, within the context of preserving the illegitimate status quo. This oppression forms the basic foundation of support for the two most totalitarian systems of the 20th century -- one defunct, the other with the initials N.S.A. ------------------------------ Paul Ferguson | privacy \'pri-va-see\ n, pl, -cies; Mindbank Consulting Group | 1: the quality or state of being apart Fairfax, Virginia USA | from others 2: secrecy fergp at sytex.com | ferguson at icp.net | Privacy -- Use it or lose it. From mnemonic at eff.org Sun Oct 3 16:49:34 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 16:49:34 PDT Subject: PGP in FIDO In-Reply-To: Message-ID: <199310032349.AA06425@eff.org> Al Billings writes: > Hasn't happened yet and the ECPA was passed in what? 1986? I really doubt > if a BBS sysop is going to get nailed over someone's view of e-mail on > their system. There's a new consciousness of ECPA thanks in part to the efforts of EFF and to Steve Jackson's successful ECPA case. But, Al, the issue is less whether a particular sysop is going to be prosecuted under ECPA than it is whether that sysop's conduct is *both* legal and ethical. Even if a sysop's policies fit within ECPA exceptions, it's dishonest to justify such policies in terms of risks that don't exist. There is no documented risk that a sysop will be at greater legal liability if he or she allows encrypted mail. --Mike From mnemonic at eff.org Sun Oct 3 17:18:58 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 17:18:58 PDT Subject: PGP in Fidonet In-Reply-To: Message-ID: <199310040018.AA06573@eff.org> Ed Carp writes: > How about that case recently posted about here? Doesn't that count? If you're talking about the Connecticut case, no, it doesn't count. That case doesn't involve mail. --Mike From mnemonic at eff.org Sun Oct 3 17:19:34 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 17:19:34 PDT Subject: PGP in Fidonet In-Reply-To: <9310031721.AA26808@snark.lehman.com> Message-ID: <199310040016.AA06558@eff.org> Perry Metzger writes: > > 1] On a privately-owned computer... > > 2] Operating a noncommercial BBS without monetary compensation... > > 3] On which a repeating log-on notice informs users that all messages > > are subject to sysop viewing... > > 4] Sysop/sole owner viewing of non-public (as opposed to "private") > > messages during system maintenance or monitoring for unlawful > > activity... > > 5] Is prosecutable under ECPA? > > Gee, you are starting to catch on, aren't you? Perry, he actually does touch on one exception under ECPA--viewing of non-public messages during normal system maintenance. Also, a sysop can't monitor for unlawful activity in general, but he or she can monitor activity that may relate to the protection of the system from, say, intruders. Think of this latter as the Cuckoo's Egg exception. > > In any case, I am informed hobby sysops have been arrested and their > > systems seized for allegedly illegal traffic on their systems > > Mike Godwin, council to the EFF, has never heard of such a case. If > you believe one has occured, why don't you tell us precisely where and > when it occured? Let me be precise. I do know of systems that have been seized, not for some crime of "illegal traffic," but because law enforcement believed that the system contained evidence of a crime. I know of no case in which a sysop has been "arrested" merely because of allowing so-called "illegal traffic" that he or she didn't know about. --Mike From mnemonic at eff.org Sun Oct 3 17:24:34 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 17:24:34 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: <43862.2CAF3D72@ns.fidonet.org> Message-ID: <199310040022.AA06627@eff.org> Jim writes: > FidoNet policy has a statement allowing monitoring of all intransit > mail. I guess I'm going to have to dig my copy of Policy out of the > archives to post the relevant paragraphs. > Jim Cannell Internet: Jim.Cannell at f21.n216.z1.fidonet.org If all users of FidoNet systems read this and agree with it prior to using mail, then there's probably not an ECPA problem. --Mike From DON_HENSON at delphi.com Sun Oct 3 17:28:58 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Sun, 3 Oct 93 17:28:58 PDT Subject: NPR? Message-ID: <01H3OT0XYV288ZF0E2@delphi.com> cvoid wirtes: --> Has anyone considered forwarding and/or send NPR an information packet to help bring the encryption/clipper issues to the general public, or is that looked upon as a bad idea? <-- I'm in favor of getting the word out on the Clipper/Skipjack problem but I don't think sending a note to NPR is going to do it. They have a long history of extremely biased (toward the government view) reporting. Don Henson PGP key on server or on request From doug at netcom.com Sun Oct 3 17:38:59 1993 From: doug at netcom.com (Doug Merritt) Date: Sun, 3 Oct 93 17:38:59 PDT Subject: PGP in Fidonet In-Reply-To: Message-ID: <9310040039.AA14817@netcom6.netcom.com> > I know of no case in which a >sysop has been "arrested" merely because of allowing so-called "illegal >traffic" that he or she didn't know about. Some time back (maybe quite a long time ago, I forget) I heard rumors that a BBS that someone had uploaded child porn or some such to, without the sysop's knowledge, resulted in the sysop's arrest. Was that merely a rumor? Or is that a different category than the mail traffic you're commenting on? Doug From doug at netcom.com Sun Oct 3 17:49:01 1993 From: doug at netcom.com (Doug Merritt) Date: Sun, 3 Oct 93 17:49:01 PDT Subject: NPR? Message-ID: <9310040048.AA15221@netcom6.netcom.com> DON_HENSON at delphi.com said: >I'm in favor of getting the word out on the Clipper/Skipjack problem but >I don't think sending a note to NPR is going to do it. They have a long >history of extremely biased (toward the government view) reporting. So phrase it in a slick way that gets past their bias. For instance, lie and say that "other government agencies are concerned that..." Anyone biased towards the govt will be willing to believe that some part of it is a benevolent avuncular sort. It's part of that mind set. Doug From klbarrus at owlnet.rice.edu Sun Oct 3 19:04:34 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sun, 3 Oct 93 19:04:34 PDT Subject: Single Value Pseudonyms Message-ID: <9310040200.AA12533@flammulated.owlnet.rice.edu> > Karl Barrus posted this, and I've been meaning to respond to it. > Basically Karl's scheme doesn't work. With any cut-and-choose > protocol, there must be some assurance that the two things offered What? It doesn't work? Care to elaborate? I mean, a person can satisfy to any degree desired that the last unblinded document is of a particular value. I agree that it becomes real expensive to do so, and for digital banking purposes, there are several alternatives: 1) all cash is of same denomination, 2) different exponents for different denominations, 3) different keys for different denominations. I think I mentioned the application towards digital cash is a bit forced because of the above. The real point is in avoiding signing a blinded document that is later unblinded to reveal something undesirable, in which case the signature and the document signed have value. The application of cut-and-choose I described applies best when for some reason (poor choices of the bank?) the document itself contains value, like the denomination it represents. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From mnemonic at eff.org Sun Oct 3 19:14:34 1993 From: mnemonic at eff.org (Mike Godwin) Date: Sun, 3 Oct 93 19:14:34 PDT Subject: PGP in Fidonet In-Reply-To: <9310040039.AA14817@netcom6.netcom.com> Message-ID: <199310040212.AA07208@eff.org> Doug writes: > Some time back (maybe quite a long time ago, I forget) I heard rumors > that a BBS that someone had uploaded child porn or some such to, > without the sysop's knowledge, resulted in the sysop's arrest. Was that > merely a rumor? > > Or is that a different category than the mail traffic you're commenting on? Uploading a GIF to a BBS is definitely a different issue from those raised by ECPA, which has to do with electronic mail. For one thing, presumably an uploaded GIF is not a private message, so there's no reason for the sysop or anyone else not to look at it. In a child-porn case, the sysop may be arrested, but his criminal liability will likely depend on whether he knows about the image and his knowledge can be proved to a jury beyond a reasonable doubt. Nothing I have written here should be construed as telling sysops they can't look at a) public files on their systems, and b) private files on their systems that aren't communications. --Mike From hfinney at shell.portal.com Sun Oct 3 19:19:03 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Sun, 3 Oct 93 19:19:03 PDT Subject: ECPA and Remailers? Message-ID: <9310040129.AA03083@jobe.shell.portal.com.shell.portal.com> Not being a lawyer (despite my recent spate of "legal" posts, which were based on several hours browsing through the library), I wonder whether any provisions of the ECPA would apply to anonymous remailers. Several operators keep logs of messages and read them, occasionally rebuking or perhaps even blocking users who send inappropriate messages. (As far as I know, no cypherpunks have done blocking, but other remailer operators have. Several cypherpunks have said they read messages.) My feeling is that it is better for me as a remailer operator to have as little to do with the content of the messages as possible. I just don't want to know. If someone complains I will have, to the best of my ability, NO POSSIBILITY of breaking the anonymity of the message they were upset about. Paradoxically, this very blindness to the content of messages will, I hope, protect me if and when abusive or illegal messages are sent. Frankly, I find it paradoxical for remailer operators to try to keep secret information which will allow them to break the very service they are providing, anonymity. I think it represents confusion about just what they are trying to accomplish. And I think it could even get them into trouble if illegal messages go through their systems. Like the Fido sysops, in trying to protect themselves they may be exposing themselves to even more liability. Hal Finney hfinney at shell.portal.com From ld231782 at longs.lance.colostate.edu Sun Oct 3 19:44:34 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 3 Oct 93 19:44:34 PDT Subject: BBS seizures Message-ID: <9310040243.AA28056@longs.lance.colostate.edu> some annoying anonymous FIDONet apologist writes: >In any case, I am informed hobby sysops have been arrested and their >systems seized for allegedly illegal traffic on their systems of which >they claim to have had no knowledge. I believe this is the case in the >CT case pending. First of all, the Connecticut case you seem to be referring to is that of Michael Elansky (Hartford). See Computer Underground Digest for full details. This was *not* email. He had file downloads and kept around (uh) "fireworks recipes". We've got to track down these supposed cases where boards were seized for content. I consider them minor *anomalies*, and I think a rational analysis of statistics will bear that out. Turning a board into a systematic exercise in privacy violation is *not* the proper response to paranoia about law enforcement seizures. This punishes users for the misdeeds of overzealous officers. Sort of like ``because Steve Jackson was raided we have to monitor all traffic'' or ``because there are 50K missing children a year, you can't go outside to play''. Read the *scalding* decision handed down by the judge in the S.J. case on T. Foley and decide what the law *really* says about BBS seizures and operator responsibility. Don't these Fidonet operators *understand* that by perpetuating the myth that they are responsible for all traffic on their machines, that they are actually *playing into* the hands of authorities? they are *strengthening* the paranoid atmosphere. And in fact I am quite repulsed by their policies, posted here, that seem to cutely rationalize systematic invasion of privacy. IMHO FIDOnet operators are perpetuating that sort of media-hysteria-frenzy associated with illegal activities on boards by their warped policies. The outcome of Steve Jackson case should foster glasnost, ease, and freedom among the operators, but instead it appears to have had the opposite effect on FidoNet operators, who have done a fine job of erecting a vast, oppressive network of systematic surveillance more appropriate to the NSA. >Even if these cases are eventually dismissed, the >legal expense and personal disruption to a private party (usually a >young person of very limited means) is catastrophic and without >practical recourse. But this is absurd. There may be legal expenses associated with any illegal seizure. One may be subject to seizure and involved in a judicial process no matter *what* the policies. Would you rather approach that process saying that `I have no knowledge of illegal activity, I don't monitor any email traffic' or `uh, as far as I've seen nothing illegal is going on, and I know *everything* that's going on' or worse, `gee, somehow that one slipped by'? At the *very minimum* there should be no restrictions on cryptography use. And if they want to join cyberspatial society, they are going to have to drop their silly paranoias and bizarre policies and routine privacy invasion. Fidonet operators wallowing in delusion and hysteria appear to have missed an article by Joe Abernathy in the Houston Chronicle ~Feb 1, 1993: > AUSTIN -- An electronic civil rights case against the Secret > Service closed Thursday with a clear statement by federal > District Judge Sam Sparks that the Service failed to conduct a > proper investigation in a notorious computer crime crackdown, > and went too far in retaining custody of seized equipment. > > Secret Service Special Agent Timothy Foley of Chicago, who was in > charge of three Austin computer search-and-seizures on March 1, > 1990, that led to the lawsuit, stoically endured Spark's rebuke > over the Service's poor investigation and abusive computer > seizure policies. While the Service has seized dozens of > computers since the crackdown began in 1990, this is the first > case to challenge the practice. > > Sparks grew visibly angry when it was established that the Austin > science fiction magazine and game book publisher was never > suspected of a crime, and that agents did not do even marginal > research to establish a criminal connection between the firm and > the suspected illegal activities of an employee, or to determine > that the company was a publisher. Indeed, agents testified that > they were not even trained in the Privacy Protection Act at the > special Secret Service school on computer crime. > > "How long would it have taken you, Mr. Foley, to find out what > Steve Jackson Games did, what it was?" asked Sparks. "An hour? > > "Was there any reason why, on March 2, you could not return to > Steve Jackson Games a copy, in floppy disk form, of everything > taken? > > "Did you read the article in Business Week magazine where it had > a picture of Steve Jackson -- a law-abiding, tax-paying citizen > -- saying he was a computer crime suspect? > > "Did it ever occur to you, Mr. Foley, that seizing this material > could harm Steve Jackson economically?" > > Foley replied, "No, sir," but the judge offered his own answer. > > "You actually did, you just had no idea anybody would actually go > out and hire a lawyer and sue you." > > More than $200,000 has been spent by the Electronic Frontier > Foundation in bringing the case to trial. The EFF was founded by > Mitchell Kapor amid a civil liberties movement sparked in large > part by the Secret Service computer crime crackdown. From ebrandt at jarthur.Claremont.EDU Sun Oct 3 19:54:34 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sun, 3 Oct 93 19:54:34 PDT Subject: ECPA and Remailers? In-Reply-To: <9310040129.AA03083@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310040253.AA03023@toad.com> > or perhaps even blocking users who send inappropriate messages. (As > far as I know, no cypherpunks have done blocking, but other remailer > operators have. Several cypherpunks have said they read messages.) Speaking of which... I thought I had been keeping a collection of remailer policies as posted here, but it seems to have evaporated. If anyone else has been logging these, could you mail me a copy, or perhaps send the gist to the list? (ack, sorry) Eli ebrandt at jarthur.claremont.edu From pmetzger at lehman.com Sun Oct 3 19:54:43 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 3 Oct 93 19:54:43 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: <199310040022.AA06627@eff.org> Message-ID: <9310040250.AA27817@snark.lehman.com> Mike Godwin says: > > Jim writes: > > > FidoNet policy has a statement allowing monitoring of all intransit > > mail. I guess I'm going to have to dig my copy of Policy out of the > > archives to post the relevant paragraphs. > > Jim Cannell Internet: Jim.Cannell at f21.n216.z1.fidonet.org > If all users of FidoNet systems read this and agree with it prior to using > mail, then there's probably not an ECPA problem. Mike; Wouldn't users outside of Fidonet sending mail to Fidonet users also have to agree to the terms, or is it sufficient for all Fidonet users to have agreed? Perry From mgream at acacia.itd.uts.edu.au Sun Oct 3 20:09:02 1993 From: mgream at acacia.itd.uts.edu.au (Matthew Gream) Date: Sun, 3 Oct 93 20:09:02 PDT Subject: POISON PILL WIMPS In-Reply-To: <931003184257_72114.1712_FHF56-1@CompuServe.COM> Message-ID: <9310040306.AA26350@acacia.itd.uts.EDU.AU> Earlier, Sandy wrote: > . . . attempting to play 'smart-ass' to your > investigators is only going to result in more problems > for you. Its a non-ideal world, and they definitely have > the ability to cause you substantial problems. [..] > Didn't any of you appeasers and apologists read and *understand* > HACKER CRACKDOWN? Once you are the focus of an investigation, > they are already causing you substantial problems. Cooperation > only gives your tormentors more ammunition. You are not going > to convince them of anything. You cannot talk your way out of > anything. What you can--and will--do is dig yourself in deeper. > After that, you will probably try to get off the hook by rolling > over--like a bitch in heat--on your friends and associates. > > The ONLY thing that works is (a) stonewall, stonewall, stonewall > until you get competent legal representation, then (b) do what > your lawyer's says. Period. What I said shouldn't have come out that way if you have interpreted it as such. I don't advocate becoming a subordinate to the wishes of what the 'authority' wants, and I don't mean for an individual to lay out everything and anything as a 'narc'. Co-operation doesn't have to mean giving your investigators ammunition. Firstly, methods that destroy your equipment after it has been seized are most probably illegal (I'm no expert on legal things) and are only going to cause you trouble. Part of the thread was about this, and I was disagreeing. Further to this, I was attempting to point out that if you have something you _don't_ want found, then simply encrypting it leaving it sitting on your system is probably not going to work. You may decide not to answer any questions about it, you may refuse and so on, but they are going to want the magic little key and keep pressing (maybe while you are under oath). To prevent any of this occuring, the best approach (in my mind) is to encrypt it into a form that will never be suspect as anything more than harmless, trivial, information. Say you do have something encrypted, and you are being pressed for its key, then (as you say), your legal representitive is the ONLY solution you should take, and you should be as co-operative as you can within the bounds of your legal rights. The last thing I want to be is an apologist for law enforcement in terms of the electronic medium. Those who know me would tell you that I am outspoken about the Australian Federal Police and their activities in the area of Computer Crime and Investigation. Matthew. -- Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state." From mimir at u.washington.edu Sun Oct 3 20:29:02 1993 From: mimir at u.washington.edu (Al Billings) Date: Sun, 3 Oct 93 20:29:02 PDT Subject: PGP in FIDO In-Reply-To: <199310032349.AA06425@eff.org> Message-ID: On Sun, 3 Oct 1993, Mike Godwin wrote: > But, Al, the issue is less whether a particular sysop is going to be > prosecuted under ECPA than it is whether that sysop's conduct is *both* > legal and ethical. > > Even if a sysop's policies fit within ECPA exceptions, it's dishonest to > justify such policies in terms of risks that don't exist. There is no > documented risk that a sysop will be at greater legal liability if he or > she allows encrypted mail. True and if I had netmail set up for my system, I would probably allow encrypted netmail. I already offer the latest version of PGP (source and executable) to my users. The sysop ultimately has the right to choose if he or she allows encrypted mail on his or her system. After all, the sysop owns the machine and pays the bills, especially since most Fidonet sites are hobby sites with no fees for access. Wassail, Al Billings From klbarrus at owlnet.rice.edu Sun Oct 3 20:54:34 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sun, 3 Oct 93 20:54:34 PDT Subject: ECPA and Remailers? In-Reply-To: <9310040253.AA03023@toad.com> Message-ID: <9310040352.AA24438@flammulated.owlnet.rice.edu> Eli Brandt wrote: > >Speaking of which... I thought I had been keeping a collection of >remailer policies as posted here, but it seems to have evaporated. >If anyone else has been logging these, could you mail me a copy, >or perhaps send the gist to the list? (ack, sorry) Sure, but there is also a copy of posted remailer policies at the gopher site, in a directory under "Anonymous Mail". Except for Christian Odhner's since I haven't extracted it out of the message it was in yet :-) -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From ld231782 at longs.lance.colostate.edu Sun Oct 3 20:54:43 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 3 Oct 93 20:54:43 PDT Subject: FBI on BBS operator liability (fwd) Message-ID: <9310040350.AA28995@longs.lance.colostate.edu> also from Computer underground Digest Sun Oct 3 1993 Volume 5 : Issue 77 ISSN 1004-042X ===cut=here=== Date: Thu, 30 Sep 1993 11:38:00 -0400 (EDT) From: "Daniel P. Lieber - (617) 642-7697." Subject: File 4--Summary of BBLISA meeting (CuD 5.75) Account of BBLISA Meeting (posted in CuD #5.75) On Wed., Sept. 29, the BBLISA (Back Bay [Boston] Large Installation Systems Administration Group) group had their monthly meeting where they hosted both an FBI agent and a federal prosecutor from the U.S. Attorney General's office. Both speakers were knowledgeable about the subject and tried to answer all of the questions that they could. (I am omitting names as I am not sure of the correct spelling or titles -- both were substitutes for the original speakers.) After a brief welcoming by the leader of the group, the prosecutor spoke extensively on the different types of intruders into systems. Her particular area of expertise in the field of "computer crime" is with kiddie porn. However, she was knowledgeable on the major topic at hand -- intrusions. The most common and least threatening type of break-in artists are the solo hackers and crackers (usually young males) who break into systems for the thrill and to brag about their accomplishment. Usually, they cause little or no damage and no crime is prosecutable (just utilizing resources is not prosecutable). By far, the most serious threat is internal. Disgruntled workers and recently dismissed employees cause the most damage and are usually motivated by revenge and want to inflict injury. The third type of intrusion, for-profit, is growing rapidly. This includes bank and ATM fraud, among other types of information theft. The FBI agent relayed stories about cases he has worked on and the scope of the FBI office in Boston. To be investigatable by the FBI, a monetary or equivalent loss must be $100,000 or the loss must be shared amongst many different parties. He also informed us that there are no agents that just cruise around BBSs looking for crime. The FBI is too busy to do that. From the information discussed at the meeting, there were some conclusions and suggestions that were brought out: * System banners informing all users that unauthorized access is prohibited and that privacy is limited are helpful. * E-mail is usually considered private unless specifically stated otherwise. * System administrators are not obligated to report illegal activities that they detect on their systems. * Law enforcement does not like to confiscate systems and will usually get the information out of the machine without taking it. * To be prosecuted for a crime utilizing a computer, the defendant must have prior knowledge of the criminal materials or intent. For more information on BBLISA, send a message to majordomo at cs.umb.edu with the subject line: subscribe bblisa. Next month's meeting will discuss large-site Internet services. --Daniel Lieber, Systems Manager- _The Vanguard_ at Bentley College From nate at VIS.ColoState.EDU Sun Oct 3 20:59:34 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Sun, 3 Oct 93 20:59:34 PDT Subject: Elm 2.4 patch Message-ID: <9310040359.AA11447@vangogh.VIS.ColoState.EDU> -----BEGIN PGP SIGNED MESSAGE----- I have written an Elm 2.4 patch for remailing, anon service, and signing/encrypting of mail. ftp://129.82.156.104/pub/elmhack/* - -nate - -- +-------------------------------------------------------------------- | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Always remember "Brazil" From remail at tamsun.tamu.edu Sun Oct 3 22:09:57 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Sun, 3 Oct 93 22:09:57 PDT Subject: Another application for stego (was POISON PILL) Message-ID: <9310040509.AA25224@tamsun.tamu.edu> Matthew Gream: > ....if you have something > you _don't_ want found, then simply encrypting it leaving it sitting on > your system is probably not going to work. You may decide not to answer > any questions about it, you may refuse and so on, but they are going to > want the magic little key and keep pressing (maybe while you are under > oath). To prevent any of this occuring, the best approach (in my mind) is > to encrypt it into a form that will never be suspect as anything more than > harmless, trivial, information. Interesting: an application of steganography that is quite useful even where crypto is legal. From cvoid at netcom.com Sun Oct 3 22:49:02 1993 From: cvoid at netcom.com (Christian Void) Date: Sun, 3 Oct 93 22:49:02 PDT Subject: NPR? In-Reply-To: <9310040301.AA28351@longs.lance.colostate.edu> Message-ID: On Sun, 3 Oct 1993, L. Detweiler wrote: > >Has anyone considered forwarding and/or send NPR an information packet to > >help bring the encryption/clipper issues to the general public, or is that > >looked upon as a bad idea? > > I think I may have called them once. didn't get a call back. ^^^^^^ They do have a mail address via AOL, and IMHO are not biased towards anything except the left wing. Getting them to discuss the Clipper/Crypto issue on the science program could help get it out in the open in a positive manner, rather than waiting for someone to have his equipment/life seized, or some other such thing making it's way into the mainstream, and thus causing the general public to be biased towards the government (which is what we don't want). Christian Void /T71 | "I don't like it, and I'm sorry I | VMResearch, Inc. cvoid at netcom.COM | ever had anything to do with it." | P.O. Box 170213 Tel. 1+415-807-5491 | -Erwin Schrodinger (1887-1961) | SF, CA 94117 * PGP v2.3a Public Key Available Via Finger * From ld231782 at longs.lance.colostate.edu Sun Oct 3 23:19:01 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 3 Oct 93 23:19:01 PDT Subject: WestWord article - YOW! Message-ID: <9310040618.AA01365@longs.lance.colostate.edu> I've been putting off responding to the WestWord Zimmermann article immediately to digest the spectacular prose -- This is a FANTASTIC article! It *almost* surpasses Markoff for sheer color and technical mastery! () This is INCREDIBLE propaganda for the cypherpunk cause. E. Dexheimer writes like he is a cypherpunk list subscriber! We have *everything*: *pricelessly* memorable quotes by Gilmore, Bidzos, Denning, Zimmermann, Diffie, Rotenberg. We have a mention of the Cypherpunks. We have the NSA. Dexheimer has a *dazzling* nose for the essential areas and most momentous, and cutting quotes. A few points to be made. First, it brings deals with the PGP-pedophile aspect head on and in an ultimately redeeming way. We have to face that concealing criminal behavior is very intrinsic to cryptographic techniques, but, as PRZ says, the bottom line is: >He also concedes that, despite what law enforcement officers say about >him being irresponsible for publishing PGP he is trouble by people who >use the software for unsavory purposes. The William Steen case, for >instance, unnerved him. "This is not a black-and-white issue to me," >Zimmermann says. "The thought of a child molester out there using PGP >does keep me up at nights. I think the benefits will outweigh the cost >to society, though." This is characteristic of the article's outstanding balance. Virtually every point of contention is mapped out in critical detail on both sides. Another example of this is how PRZ rebuts claims of the software being for personal profit as saying he `has a history of political activism'. Other amazingly ironic observations in the article stand out. Perhaps the most damaging quote is completely nullified by a later element of the story: "Phil Zimmermann? He's a dirtbag," spits out Brian Kennedy, the detective who headed up the Steen investigation. "He's an irresponsible person who takes credit for his invention without taking responsibility for its effect. He's protected people who are preying on children. I hope that someday he'll get what he deserves." Later the ``California computer-crime expert William Sternow called in on the case'' says: >In perhaps the greatest testimony to Zimmermann's program, even those >who condemn the programmer for irresponsibly releasing PGP continue to >use his software. "It's a great program," concedes Sacramento computer >expert Sternow. "We recommend in our training to cops that they use it >to encrypt their stuff." Sternow estimates that more than 500 law >enforcement officers currently use PGP. So we have the stark irony that the `authorities' simultaneously condemn and praise Zimmermann -- the former when it obstructs their job, the latter when it aids it. The other main point to be made is that the author has an *extraordinary* grasp of the public key and RSA technology (and virtually every other aspect of the entire complex story). In fact, his technical description for the layman is so masterful I simply find it hard to believe Dexheimer has not had previous exposure to the topic. The quotes are absolutely so sterling I *have* to cut them out. Cypherpunks, please stick 'em in your signatures. Finally, regarding the posting, does anybody know anything about all those groups that were listed by `S. Boxx'? I think I might have been the first to come up with `CRAM' (in a satirical post on the NY cybertax) but all those others I thought were disconnected. It looks like the person is just throwing in a lot of sinister-sounding labels to upset the police and NSA! a little electronic graffiti! One other thing -- why is a Colorado newspaper breaking that California Steen case wide open? Isn't there any press reports on it in California? Why haven't we seen any from you lazy CA cypherpunks, anyway? ===cut=here=== ``The task was given to us to decrypt this stuff. And to this day we have not been able to do it.'' --William Sternow, California computer-crime expert. (yeah, right -- a `computer crime expert' has a chance at discovering a polynomial-time factoring algorithm!) ``Phil Zimmermann? He's a dirtbag. He's an irresponsible person who takes credit for his invention without taking responsibility for its effect. He's protected people who are preying on children. I hope that someday he'll get what he deserves.'' --Brian Kennedy, Sacramento head detective. ``I get mail from people in the Eastern Bloc saying how much they appreciate PGP-- `Thanks for doing it.' When I'm talking to Americans about this, a lot of them don't understand why I'd be so paranoid about the government. But people in police states, you don't have to explain it to them. They already get it. And they don't understand why we don't.'' --PRZ ``PGP could potentially become a widespread problem.'' --Dorothy Denning, Georgetown University professor and National Security Agency consultant (good lord, what a FANTASTIC quote! there is a god!) ``Phil seems very eager to let people believe what he wants them to believe. He likes to perpetuate the idea of his being a folk hero.'' --D. James Bidzos, President, RSA Data Securities Inc. ``Phil didn't invent the engine, but he did fit it inside the Ford.'' --David Banisar, analyst, Computer Professionals for Social Responsibility in Washington, D.C. ``PGP has done a good deal for the practice of cryptology. It's close to my heart because it's close to my original objectives.'' --Whitfield Diffie, Sun Microsystems ``It's a great program. We recommend in our training to cops that they use it to encrypt their stuff.'' --Sacramento computer expert William Sternow ``Phil showed that an ordinary guy just reading the papers that already existed could put together an encryption system that the Nation Security Agency could break "It took a certain amount of bravery to put this out, because at the time the government was talking about restrictions on cryptography.'' --John Gilmore, Cypherpunk founder ``Basically, we said, `What the fuck?' '' --D. James Bidzos, President, RSA Data Securities Inc. ``I decided to give PGP away in the interests of changing society, which it is now doing. The whole reason I got involved was politics. I did not miss mortgage payments in the hopes of getting rich. Just look at my bookshelf. I'm a politically committed person with a history of political activism.'' --PRZ ``I respect copyrights. But what we're talking about there is a patent on a math formula. It's like Isaac Newton patenting Force = Mass x Acceleration. You'd have to pay royalty every time you threw a baseball.'' --PRZ ``I can't comment on the investigation.'' --William Keane, assistant U.S. attorney, San Hose ``The law just can't keep up with the technology. Somebody in Palo Alto learns something, and pretty soon somebody in Moscow is going to know about the same thing. There's nothing you can do about it.'' --PRZ lawyer Phil Dubois ``This is not a black-and-white issue to me. The thought of a child molester out there using PGP does keep me up at nights. I think the benefits will outweigh the cost to society, though.'' --PRZ ``In the nuclear freeze movement, it was like I was a flea on the back of a dinosaur," he says. "Now I feel like I'm a hamster on the back of a dinosaur. Or maybe a poodle.'' --PRZ From habs at panix.com Mon Oct 4 00:29:04 1993 From: habs at panix.com (Harry S. Hawk) Date: Mon, 4 Oct 93 00:29:04 PDT Subject: PGP in Fidonet Message-ID: <199310040726.AA03042@panix.com> At 10:12 PM 10/3/93 -0400, Mike Godwin wrote: >Uploading a GIF to a BBS is definitely a different issue from those raised >by ECPA, which has to do with electronic mail. > private files ontheir systems that aren't communications. Situtation: I assume this is a gray area. But let's say at a meeting of friends in one state (e.g., Boulder Creek, Ca), we create a Video message, digitize it, and sent it to that friend, by uploading into an account that I (habs) and the friend (rjc) has joint access to? Questions: Is that communications? Is it private? What if the message contains images that might be considered "adult"? Would it be different if that file was e-mailed or FTPed rather than uploaded. Or, let's say I put in some very public FTP site, but used RSA to legally encrypt it with my friend's public key? Would it be private communications or public? -- Harry S. Hawk ON Vacation From ld231782 at longs.lance.colostate.edu Mon Oct 4 00:44:35 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 4 Oct 93 00:44:35 PDT Subject: NPR? In-Reply-To: Message-ID: <9310040740.AA02625@longs.lance.colostate.edu> you have committed a major faux paux. please DO NOT QUOTE MY PRIVATE EMAIL TO CYPHERPUNKS WITH MY NAME. furthermore DO NOT APOLOGIZE TO THE LIST on this. although, I definitely deserve one privately. [NPR] >They do have a mail address via AOL what is it? From smb at research.att.com Mon Oct 4 03:54:38 1993 From: smb at research.att.com (smb at research.att.com) Date: Mon, 4 Oct 93 03:54:38 PDT Subject: FBI on BBS operator liability (fwd) Message-ID: <9310041054.AA10031@toad.com> (just utilizing resources is not prosecutable). It's worth mentioning that that's true of Federal law, but isn't necessarily true of state law. For example, California Penal Code section 502 provides for the conviction of anyone who ``knowingly and without permission accesses or causes to be accessed any computer, computer system, or computer network''. Some other states have similar provisions. --Steve Bellovin From greg at ideath.goldenbear.com Mon Oct 4 04:24:39 1993 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Mon, 4 Oct 93 04:24:39 PDT Subject: BBS seizures In-Reply-To: <9310040243.AA28056@longs.lance.colostate.edu> Message-ID: "L. Detweiler" writes: > We've got to track down these supposed cases where boards were seized > for content. I consider them minor *anomalies*, and I think a rational I think a man named Tom Tcimpidis was busted in the L.A. area in the early eighties because of content; if I remember the facts correctly, codes were posted to his board without his knowledge, and he was convicted for illegal possession of long distance access codes. I grepped through early copies of Phrack and poked around on the EFF archive, but can't find anything relevant; does anyone else remember this? Anyone have access to LEXIS/Westlaw? -- Greg Broiles greg at goldenbear.com Baked, not fried. From mnemonic at eff.org Mon Oct 4 04:34:39 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 4 Oct 93 04:34:39 PDT Subject: FIDOnet encryption (or lack thereof) In-Reply-To: <9310040250.AA27817@snark.lehman.com> Message-ID: <199310041132.AA08645@eff.org> Perry writes: > Wouldn't users outside of Fidonet sending mail to Fidonet users also > have to agree to the terms, or is it sufficient for all Fidonet users > to have agreed? If the recipients of mail originating outside of Fidonet agree to disclose their communications to sysops, there's no ECPA violation. --Mike From Martin.Greifer at f28.n125.z1.FIDONET.ORG Mon Oct 4 04:49:07 1993 From: Martin.Greifer at f28.n125.z1.FIDONET.ORG (Martin Greifer) Date: Mon, 4 Oct 93 04:49:07 PDT Subject: ... Message-ID: <3220.2CAFCCBB@shelter.FIDONET.ORG> @>1:125/1 at fidonet To: hal at alumni.caltech.edu :: Request-Remailing-To: remail at extropia.wimsey.com -----BEGIN PGP MESSAGE----- Version: 2.3a hIwC23BwJ6a1oy8BA/4rfsLaZv2W/uvUn9f2vMaj9p8kEU59DtyoQyZuYqNVl3T+ H2/kzpJDL4Pn5cB5QratY0gj13QFDm5hQ8m7AKXSaojHRYhbLdsJ+GoI/C2n9Rdw jrWnrGB/acsDISNLs6daWK+9pmuDAvrNi8NGku4tDZW0u8v/Tq45y2AqzrAMf6YA AA6jC1TJlJXxhdoZiwrjb9Inzdj3LFHXbBb52/DMXHloLviWS5rvzTAlEgvZ70o0 UdWTRaVmhij24oGYd7N3rfOuYkcQuc13QPiSJ16Q/ZfaDh4d737nEjqbCQ2pZiAI A4f+SlxZ3KvIrp9wBLEscUV8X/8pr/eAOWxRmwSmQ2hPkEdjLTbm1f/ZekrHBvu3 Q3vJC2bvI0ttC6JpqlkBfo9kK2CrcVdVzvY2dvRq4alkuxc1/b2B2+EqndxNEG+1 zOI8JEH2CREtXQflj2cNQc52x6kK9GtDdqflbODkrcYqr2RFoMl5HgNDcoVLG78k 33qMK6th1iuk7bYd18WkCI80Qa+G7gDTWgP6aYcDRlc3rDkpP9AglZeAW2HiqWLx d8rZm6FIXzFXwWN5KxYsK4qxuR9RWgG3Je00asKLh33Si99BOFncSSw8luby9QXk gjY6h/ipLTBa5gfUd+PCCHqCgK0TgANdoNwhSexO8L3VxxhI6EhfQ5X6enN10nCK B6toik3EGWy1F80gFO9kFoEL96mwYpbffYNf/nCMaCKBoZy59DMbvtQUGgoyPt/H KF0hwRbd/bZus2wvslQxR97LWlw+tbCtKod31Y9SePTSXmt6J4rVomVWwqHdm+R6 JhMKv3JflMX6eWmL0moybWNNx0GdQ0Fm6LB+fMuOo7KqRPdXbaeaKnQlzOPSYZ6m x91T1m0kOYqvHCy3Is6EC7EwIQIvibgvw92LfCjKbMJNnWVcganhfsMVSyOfEAOs HAZTgKKpGblILqYPl7ERHkdBD6LhbgJWBdkDxWSWSS3VWTAbAmvJelxv4LyoW2qm KH7tWsDNvOA0yN1gVY4zDRE8KBxscvA2chFeMnlVLWf8l5iatuM8M47sefLb8B1p 98ZcVBH+4V0pL8MV5zLdY9o5uxy5Z6EM5c88ZXEJtPU7v8uipmMxpRJsKLRcU185 eB40ZAUMmdR6rp+TW1kCOdpcLVepvsOeaBp1QN5WM2NCHbfFzeKGLTXB/UkLFY6T VNexnlQECnjp6Y7/QVPaPvthDHhqAvEtRpWJsS1f5z4bYtu9++MRKw5/v6xHhOCr 30PUAsLmsOw1Gq2D+Pe8HcgWNhX6VjoTgQ0/hzFdqOMvJHbXvw4wMlJblNvolxMw h0nN1EvZEpZea/DCBWLRcZiWnKDrAvD/xKpaZ20vQzz/rWtarXpUwwqyDCC3riD0 vvUo0j/C1TaHEhIntIafAVSWvu6RCfFAOtQXJOjj4WJFZN+1kdd+F8lggtBxm0FG 4fXPhUy6bT/8UC+n0+PyqeCfu7PJP3uVOp7qEqD8WgOsn+TN8FPh0YsK6WEtM28m 1qX/LOauJojajNm1iEXewQi18aKcOi6Vt3LkPJX1EGG2bbxu0N1j51+WvihYxuji LO5mnwrbEaurvtaU1secNNEMrRcjPjS5ZkE34Y72kFUplsy2dTkckX5SU3AUwCPp T0KhO1/1iiy5qtToqtnB/XUf1PbAWyol9gYcVfWc35zQabmjaDs/sx190rDe37XY K2Z7Ye+4piiU28WXq2bs+GmyCQw8ly38aBGxEgxANZdYVkqiP9thrXQvMQbZkZjq UBKny4x/W9AHbGgiFpyY5Q3yXfsfkF0xKWeLNofxP8BfyS3VgT1vS66i5XaDOkLI eb1MWp79vcr7cqxhBsj11QYD3IAkLR/s7HLHIP2wU6rR2kfaTj6ht2BfEqQWuC7C aZGVpiHSE3jpq0rjp4CQe4YS7azUoMa+45OHERT3Q0XNX7YfYO7QbL7gRoiCZGxg H50P1sSmmU4wbgRvleDFRyjJDYRA8E8FXKXRpBkMFH5hjMB0lUn/tjrEHlSDhy8s IfiqvsyMGmlH7a3IzSotWXiyzhikHoiJMzJivwgF7GFFUpa3l2W7HMz0dWDK/elj MDaHXLEceTWEQm0J+Ekqj+MH9HiU/2w3kF39mjT49bnTE3s+AuV0xlN1dTUjRScV am07nm08ZeGmX9kp9xgQFLFAI/hPxKZje/H67qEL5n7nomrqLYTkMSSFEfO80dGZ 1RHDNxyK+tIh+gSYUzGovRSCN4nG/Dn6j3s+mb/3qfN9E53avu92ItAfTpa/G06e ov3m8z76Hu8ozRp0DfRund7pgiss/MWyBB/yReJdGpgW/Mi8de5ZiWoFnm5whhwD snY1ubncllajYzGi2ivgrRhHe8lrfmSCGtVuXI7rKPta7Wsc3bQdWJ0OlGmPk1xs lXVcoemFPiCkJOJJqxqat11vKm9X8wflR3HISJyUBtkNwLdidW7eu461wSBniSik QwALin3sWsVWHbMTqAsthWFgl3WVqhBYgGOLlVxXh25LqARGtLsGQo0L6VT7iN0X zf6k4oOGZAlqqM9vNGsOqzW9RP9UUPEH4je5HpZVNJlshPRFI5srU3cbDSYV7YyS gXGQMDnyVwIu9iSqrz5fgepX6cofbqStB6VQD0mr+OT+hzasy+wEXe/lwSfre/Ca x7MPmDc0xe4Yfh+nbNqtW+s5+sjHlpuMLbNvQsJcXFoQgMXnhXRvFEFJSTPBmWGw u7SXKo+kpmCItyPVAJX4gF3UVsEgDWfedEwXFwRheFHByiMKHVeLYLSM7j/OOajQ MnGj6IKSZE2SZEZ4gLrDWs6UVg2zBPL4qkAZjWCrU60MbQEnNmOmhcsxQCl62V3w SM8AtiFKW8d6udtXSedebEWUqphiZ1Yq3dk57LoFOM/JM2l9S/OP6ngodKXimi5g jV++446pZtpjF/lq811QtIFWXLO4SmEkQs1P+YByXimUAg04GckpTrdA7PVTgkrY AW/eD1nLtVNqjZwTLErko1RPRFZtByBCsBER51DGcurQEs7BPbkQyJuaFRCPSlWE Rz4BpMHcHIXU6GRWMWyTXZPKcri5phEWKSg8vS1F+0wo2r5p1K8jiFPcxAkjihur 9cUlqFS76vxuqIJ1gcQCeKwvBDp9uM5ojPZ9+W1CKbjCWf/wnERU4StybIlCUH7x ZhqeOHrYl4fKzZzcXoDem8YmFy1Di1ovZwQ7c60fkzgRUDgL9V+jXkrNScNOct+M AbPOhZzRDFc2MIgl/vgjeqWnzA6tFrbdIXeF5IfooC+WzuUpoaf2kFRwMLaHcbCj TbCa+iiZS+8B/cCY6bbS2xfpf29JC9zaAUyuxIuPuT1g7SdVcAt6hp9ZrJB0LiHa 7O3unyp4+uqNPbl8OHP6snCqBtCHuFwNB/aGW54Jr7eWt9X7EUg42RwpPxBFIs7d kRkq5+YIb83vGHV/uOi5ckKIz/TCnCRLRqinYIPRpSNxUQNiLDw/TZdBhQI1KF15 tcybTc3cAZgb1Txqx99qO8c58vKMwmV4B7W0sXDWkxuExmxE5OvZKPnG5JXpi4Qa hTuM5Tf/WKlaVRTFaf4cR8wHK+FP5mINFtYdpq0PVgNqBOZcvpuAgish/vcYVQHS mmEnGkt3b+zLEof7MnSmu/LQj7rqmFHTNI5Uz4zIxG3PTzXuwRa2f5MuaBNFS9QB lcKnparl1IQcX9E1OHSISzBqz9ztNeRjiUTwWFfw5LxYprvRqVDIXP6NqquHPBMS D/T2UQNgCcV/LQIqdVPw0sNzwd5CMSXe20H26dsWsU7nbKA3BUljsZ3dnGmGsFwF popv+l1MS+smFv7B6832eMzpI5YjD4lD5ygyrf0YARyK4LJs3L5KCxHLJYvPXoWB 3fLfoGNArp8vnkTqi0b85VW0BIkoveRUTNWmu3wthZ4iTt7/XcwOW4joodFgSLGb gT4uicJJnUjKRZEV+31c+vYeaxNJCgMiApHLT7He2o/RSCrIp3+wGXNXyMhD5AF5 5qYjliA4WKc7/PRVEPvJZmAXuvDyno1EG260ffU5Ow+1DiGnHb7ZR9W3oKXhyQcT LGO+2M2A9kYV5RbqJSN0z8Kh4iVcyuHdwOnshjouyt4GhbSW0ViGJ1zzySxSDg4g 5bH5ZuK3W1f+nfk3d047xVAJQL2RBw24PKKSXGczECJrfpYzWQikPvXn8/wXvVd+ BuvkwlOe+RnjkxZyUcnbflUOTq9UAiYd6gO1g0m2IwgCIpxqcFyz0yqxRTBt/pZ+ vj9mZ+EqKPEvAhMbLMf7/o4qAyKOhxy5QDMhw4W7PdyMYEZ4AOlymVKAmJJWDFGI RBRLiEaVpuguo2gpFd+KJ/H+qiHDooJIDni3/qST0pDXETjbdPq5vUrbBsALrlDl b7+72cUyeBWphRmAR/tXIZO1BeEDoaOXIGD8lGITdSIgY6i7LC8ytE3a1NSh9R9N E7hUF8x5whQgJxSaMg1hQ45Y7AAG9cf2FCvRFDtCsTS1gWOOofPKhtoM3qvUmJ4S a9GXBlce/SahhK+UHN4Qapx0RRZZb2vA60qG20FcW81kRrrITFCtMRm5iYtbP/E7 7q6pAhPG1toisgIGjf4hlS6TJgsVKN7jYzAgdK2GyUOZGxg94KaTtvF4NYDt3AQ+ CpS1XqJx5aca3deRUaUd/uhRXp20/zmLYd/lLZFfH7UKDoaJZdxKf1jVj8w3Ii/0 vHQkBr1/kJoI4D77M8+dhPP+999z2KPxpega73hLSQYQ2EyjFI3y1CtSt7aLPgOM xCM37wF99FLRrZXHOPd/2s9J/6ypb4PZulOJzCw5Ku/3Nh/4Obe3zvy/62ODowe9 95688pEYALHhMc66WUSn0LyzydXiBi6yzQ21fmUmshfgNyuft0PUxwiGvLWeAfTx Tdn2Il077RfMOTtdKW5CpnlYDYMQfwWBQV48k3htQh1xMgc9xEYEz7epnMWI95ly 7ZEt/TtShUAntAvwubAdUi0S3Kut8WnLV3eivQg4xmmpg0JUvBarOAontQT1PDeF pJYuzIczkK8hxVL8IaQzyx3XF6FFWIJs12eH4xdPqRp7hAO9JhxDnhPl+P4m2iQ1 LuvaSWEwO/10kXVyUToWrEphRE2zx8V/Q0LLRHH/w9zYSf2kK1OhuNBND/nhD4y+ 03r/E6OS =chIA -----END PGP MESSAGE----- ___ Blue Wave/QWK v2.12 -- Martin Greifer - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!Martin.Greifer INTERNET: Martin.Greifer at f28.n125.z1.FIDONET.ORG From mnemonic at eff.org Mon Oct 4 04:55:03 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 4 Oct 93 04:55:03 PDT Subject: BBS seizures In-Reply-To: Message-ID: <199310041154.AA08736@eff.org> Greg writes: > I think a man named Tom Tcimpidis was busted in the L.A. area in the early > eighties because of content; if I remember the facts correctly, codes > were posted to his board without his knowledge, and he was convicted for > illegal possession of long distance access codes. So far as I know, this case did not involve electronic mail. --Mike From m5 at vail.tivoli.com Mon Oct 4 05:49:47 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Mon, 4 Oct 93 05:49:47 PDT Subject: PGP in FIDO In-Reply-To: <199310021906.AA13098@xtropia> Message-ID: <9310041243.AA29441@vail.tivoli.com> anonymous at extropia.wimsey.com writes: > Anyway, the ECPA is basically irrelevant in the BBS world, as 1] almost > every BBS states at log-on that there is no such thing as truly > "private" e-mail on the system as the sysop can, will and does see > messages in all areas, and 2] he is personally _liable_ for any illegal > activity on his BBS, so he can reasonably be expected to keep an eye on > e-mail for anything that will put his ass in a sling. Ok, this is really getting bizarre. Why is it so hard to accept that the ECPA---federal law of the land---applies to BBS operators in the United States? It may be a pain in the butt, and it may be an insult to the noble souls who operate FIDOnet nodes out of the goodness of their hearts, but that's Life In The Big City. Perhaps some of the confusion stems from ignorance on my (and, perhaps, other Internet weenies') part about the topology and operation of FIDOnet. As I understand it, ECPA applies if private third party communications are routed through some FIDOnet agent. Does this ever happen? -- Mike McNally From geoffw at nexsys.net Mon Oct 4 06:44:41 1993 From: geoffw at nexsys.net (Geoff White) Date: Mon, 4 Oct 93 06:44:41 PDT Subject: News: where to get them Message-ID: <9310041334.AA03053@nexsys.net> Topic 553News: where to get themRUSSIA at ARIZVM1.ccit.arizona.edubitl.russia 1:30 pm Oct 3, 1993 Reply-To: Russia & her neighbors From: Serge Viznyuk Subject: News: where to get them ---------------------- Information from the mail header ----------------------- Sender: Russia & her neighbors Poster: Serge Viznyuk Subject: News: where to get them ------------------------------------------------------------------------------- The latest news from Interfax and Postfactum in Russian (KOI-8) are available also on newcom.kiae.su NNTP server on relcom.politics newsgroup newcom.kiae.su network address is 144.206.136.5 From cme at ellisun.sw.stratus.com Mon Oct 4 08:24:41 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 4 Oct 93 08:24:41 PDT Subject: POISON PILL :-) Message-ID: <9310041520.AA15034@ellisun.sw.stratus.com> >Date: 30 Sep 93 16:43:41 EDT >From: Sandy <72114.1712 at CompuServe.COM> >Subject: POISON PILL :-) > !!WARNING!! > This Machine is Booby-Trapped > Use at Your Own Risk What about the stickers on car windows announcing that the radio, if stolen, will be unusable? ...seems to me the precedent has been set. - Carl From trebor at foretune.co.jp Mon Oct 4 09:44:41 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Mon, 4 Oct 93 09:44:41 PDT Subject: subscribe Message-ID: <9310041033.AA13535@dink.foretune.co.jp> Here's hoping I haven't made an ass out of myself. From peb at PROCASE.COM Mon Oct 4 10:49:05 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Mon, 4 Oct 93 10:49:05 PDT Subject: NPR? Message-ID: <9310041746.AA01307@banff.procase.com> totn at aol.com for Talk of the Nation, if I recall correctly. aol.com is an unknown host here, so I can't finger the account to verify. BTW, I think they changed from NPR to APR, unless both of these organizations exist independently. Paul E. Baclace peb at procase.com From pmetzger at lehman.com Mon Oct 4 11:04:42 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 4 Oct 93 11:04:42 PDT Subject: NPR? In-Reply-To: <9310041746.AA01307@banff.procase.com> Message-ID: <9310041803.AA03856@snark.lehman.com> Paul Baclace says: > BTW, I think they changed from NPR to APR, unless both of these organizations > exist independently. Yes, they both exist independently. .pm From mbl at ml7694a.leonard.american.edu Mon Oct 4 11:29:07 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Mon, 4 Oct 93 11:29:07 PDT Subject: NPR and bias Message-ID: <9310041825.AA16278@toad.com> I'd just like to add a comment on the question of NPR's biases. Yes, they do get most of their funding from the govt, which leads them to take a stance on some issues which agrees with the govt position. On the other hand, virtually the entire mainstream media would be considered biased in favor of the govt by this standard. In fact, NPR has a very good journalistic record, and many of its reporters have proven themselves willing to take on the government when they feel the government is wrong. Another factor in this equation is the fact that this list does not exactly reach a wide audience, politically or population-wise. We are (as TC May eloquently put it when responding to one of my posts) preaching to the choir here (and a relatively small choir at that). The rest of the world does not necessarily see things the way we do, and we aren't likely to get much sympathy from the owners of commercial media outlets. Basically, I think that NPR is the best we're going to get, as far as good exposure is concerned. Yes, they have their faults, but I challenge anyone to show me a single major national media outlet that doesn't. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From cme at ellisun.sw.stratus.com Mon Oct 4 11:39:08 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 4 Oct 93 11:39:08 PDT Subject: POISON PILL Message-ID: <9310041835.AA15292@ellisun.sw.stratus.com> >> Something else you can do is use a cipher which takes two input streams >> and merges them into the one file, with one key extracting the 'harmless' >> information and another extracting the 'harmfull' information. >> >> Matthew. >> -- >> Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of >> Consent Technologies, 02-821-2043. protection against an Orwellian state." > >Has anybody writen one? Can we try for this as a feature in the next pgp? >Should I write it myself? Of course I should... silly question... Ok does >anybody have any suggestions or wishlists? Lemme know. > AFAIK, the only way to do this is with a Vernam OTP. You have a key file (A) the same length as your real data (B) -- encrypt the data by XOR to get (C). Then you take an innocent text (D) and XOR with (C) to get an alleged key file (E). You hide (A) someplace, destroy (B) and (D). Leave (C) around and put up just enough resistence in letting folks have (E). Does anyone know a simpler way? I'm willing to bet that it can be proved that the key would have to be at least 1/8 the length of the message in order for this to work but I don't know of any schemes using less than the message length to do it. - Carl From karn at qualcomm.com Mon Oct 4 11:44:43 1993 From: karn at qualcomm.com (Phil Karn) Date: Mon, 4 Oct 93 11:44:43 PDT Subject: WestWord article - YOW! In-Reply-To: <9310040618.AA01365@longs.lance.colostate.edu> Message-ID: <9310041842.AA03990@servo> >``Phil showed that an ordinary guy just reading the papers that already >existed could put together an encryption system that the Nation >Security Agency could break "It took a certain amount of bravery to put ^^^^^ >this out, because at the time the government was talking about >restrictions on cryptography.'' >--John Gilmore, Cypherpunk founder I noticed this apparent typo in the original article. I assume it is indeed a typo (there were several others in the article as well). Phil From tcmay at netcom.com Mon Oct 4 11:59:07 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 4 Oct 93 11:59:07 PDT Subject: Who's Most Receptive to Our Message? In-Reply-To: <9310041825.AA16278@toad.com> Message-ID: <9310041859.AA16939@netcom5.netcom.com> Matthew Landry writes: > In fact, NPR has a very good journalistic record, and many of its > reporters have proven themselves willing to take on the government when they > feel the government is wrong. Though my sympathies are not "leftist" and though I often grimace when I hear the slant given by NPR, I suspect the NPR/left/ACLU side is more amenable to crypto and crypto privacy than the Right/American Heritage/Falwell side is. (As most of you know, whether you agree or not, the libertarian axis is generally orthogonal to the axis defined by Left and Right.) My point is that I think liberal left reporters are likely to be more sympathetic to our views--even when they involve such libertarian "extremes" as crypto-anarchy--than are right wing reporters. I'm not sure why this is (I have some guesses), but it seems to be the case. I can imagine a right winger saying "You mean your system will allow faggots to plan their crimes in private? You mean enemies of our country will be able to to use electronic black markets to trade military secrets untraceably?" So, while I don't place much faith in converting the masses--this despite the interviews I gave for "Wired," "Whole Earth Review," and "The Village Voice"--I suspect that NPR is in fact a more receptive place than, say, the Rush Limbaugh show would be. (If I don't favor converting the masses, what *do* I favor? Technology. It was technology and markets that created the revolutions in personal computers, fax machines, VCRs, whatever, not proselyting in the media. Strong crypto is like strong locks: if cheap enough and easy to use, it will be used automatically by many people.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From mike at NetAcsys.com Mon Oct 4 12:34:42 1993 From: mike at NetAcsys.com (mycal (voices through your head @ 88.1MHz)) Date: Mon, 4 Oct 93 12:34:42 PDT Subject: secure phone quest Message-ID: <2cb075b0.acsys@NetAcsys.com> Has anyone had any luck in getting a sound blaster card to work full duplex? This would seem to be the first step in getting a workable low cost secure phone line. Also How about a half duplex secure voice link for the internet? Heck you could call anyone up if they are logged in and were equipped, crypto optional. mycal From CBL at UIHEPA.HEP.UIUC.EDU Mon Oct 4 12:34:50 1993 From: CBL at UIHEPA.HEP.UIUC.EDU (C. Luchini (UIUC High energy physics Dept)) Date: Mon, 4 Oct 93 12:34:50 PDT Subject: damn fine compression.... Message-ID: <01H3PUSO34SI95MTA1@UIHEPA.HEP.UIUC.EDU> I'm trying to find out about the remailer, but of course the files in soda.berkeley.edu:pub/cyperhpunks/remailer are compressed or some such ie :hal's.instructions.gz. I don't have anything other than zip and uued/decode, so could some kind person send me a clear text of the remiler instructions? -c From marc at GZA.COM Mon Oct 4 12:49:07 1993 From: marc at GZA.COM (Marc Horowitz) Date: Mon, 4 Oct 93 12:49:07 PDT Subject: secure phone quest In-Reply-To: <2cb075b0.acsys@NetAcsys.com> Message-ID: <9310041948.AA03441@dun-dun-noodles.aktis.com> >> Also How about a half duplex secure voice link for the internet? Heck >> you could call anyone up if they are logged in and were equipped, crypto >> optional. If you have a Sparc or a DEC, there's a program called "vat" whcih does this, full-duplex over IP. Unfortunately, I don't remember where to get it (lbl?), and archie isn't responding. Marc From ssteele at eff.org Mon Oct 4 12:54:43 1993 From: ssteele at eff.org (Shari Steele) Date: Mon, 4 Oct 93 12:54:43 PDT Subject: Who's Most Receptive to Our Message? Message-ID: <199310041952.AA12564@eff.org> I've been interviewed on NPR twice. The first reporter was Margot Adler, 212/878-1435. She was doing a story about cops hanging out on BBSs. She seemed to have a very basic understanding of the technology, but she was clearly interested in the social implications of the story. I've been banging my head trying to recall the name of the second reporter, who called last month after the DoJ held its press conference announcing indictments in Operation Longarm, the big bust on child pornography. Her name was something like Fee Lay. Does that sound familiar to anyone? Also, I'm sending a note to Mitch. He was interviewed by NPR a few months ago about the National Information Infrastructure. I'll see if he can suggest a reporter. Shari From bryan at fegmania.wustl.edu Mon Oct 4 13:19:08 1993 From: bryan at fegmania.wustl.edu (bryan o'connor) Date: Mon, 4 Oct 93 13:19:08 PDT Subject: secure phone quest In-Reply-To: <2cb075b0.acsys@NetAcsys.com> Message-ID: <9310042017.AA26812@fegmania.wustl.edu> Marc Horowitz writes: | >> Also How about a half duplex secure voice link for the internet? Heck | >> you could call anyone up if they are logged in and were equipped, crypto | >> optional. | | If you have a Sparc or a DEC, there's a program called "vat" whcih | does this, full-duplex over IP. Unfortunately, I don't remember where | to get it (lbl?), and archie isn't responding. vat is available from ftp.ee.lbl.gov. There's no source at the moment but there are binaries for different architectures. (And the dynamically linked SunOS 4.1.x versions do work for Solaris 2.x) vat is intended for use as a IP multicast multi-user chat program, but I believe that it is useable for point-to-point communication also. Using it for IP Multicast may require kernel patches (depending on your OS). [I have no connection with vat other than I use it for MBONE stuff here at Washington University] -- Bryan D. O'Connor Internet: bryan at fegmania.wustl.edu Software Engineer, wuarchive development UUCP: ...!uunet!wuarchive!bryan Office of the Network Coordinator BITNET: bryan at wunet.bitnet Washington University in Saint Louis Phone: +1 314 935 7048 From Hastings at courier8.aero.org Mon Oct 4 13:19:43 1993 From: Hastings at courier8.aero.org (Hastings at courier8.aero.org) Date: Mon, 4 Oct 93 13:19:43 PDT Subject: Oops Message-ID: <000848B2.MAI*Hastings@courier8.aero.org> > you have committed a major faux paux. please DO NOT QUOTE MY PRIVATE > EMAIL TO CYPHERPUNKS *\WITH MY NAME\. furthermore **\DO NOT APOLOGIZE\ > TO THE LIST on this. although, I definitely deserve one privately. * Notice - no name disclosed \emphasis added\ Call me Mr. Literal ** There may be a non-disclosure contract in effect, but I'll apologize, or say anything else, if \I\ determine that it is appropriate. I'm not aware of any non-apology clause on cypherpunks. I had 115 messages waiting for me from the weekend when I got into work today. The only mail reflector list I belong to is cypherpunks. When we had QUICKMAIL, the headers were included with the messages. I used to save headers plus messages into one file, then run a program to strip out headers for reading. Headers took up half of a daily "mailbag" file. If I just HAD to find out who sent a message, I could browse the unstripped file and find the origin. But now with MS-MAIL, the X400 internet messages are all saved as attachments. The Windoze macro I use appends each attachment to an ASCII text file, then deletes the message, because of network limits. It works for me, and most users put address trailers on their messages. No headers are saved from cypherpunks anymore on my system. So the point is, WHO sent this? Was it directed at ME? It is true that I forward calls for participation in projects, meeting announcements, and technical information. I try to credit the source. I consider that a feature, not a bug of my ethical program. You should welcome whatever publicity I give you. WHAT prompted your (whoever you are) objections? If it is some personal detail, unrelated to digital privacy and untraceable cash, I sincerely apologize. Especially if I disclosed something from a private e-mail exchange (it's possible). Otherwise, I'll fake being sorry to stay on the list. If I get kicked off, I'll appear as a new subscriber under a pseudonym. Go ahead, make my day. This, by the way is a problem with anonymity. At least Chaum discusses this unauthorized duplicate problem with "is-a-person" bureaus. Perhaps you mean something else. "Do not quote my private e-mail to cypherpunks with my name." Private e-mail to cypherpunks. Maybe you think messages posted to an international mail reflector are private? Sometimes I circulate info from cypherpunks printed on paper at libertarian meetings to get some action on an issue. Like forwarded messages from the EFF. All messages I post here are global broadcasts, are public domain, and you're fooling yourself if you think the NSA, Treasury, the CIA, the press, or anyone else isn't getting everything posted here directly. But I'll humor you if you're that naive. Kent - is defunct for now. Why I'm in such a good mood :^( From cvoid at netcom.com Mon Oct 4 13:34:44 1993 From: cvoid at netcom.com (Christian Void) Date: Mon, 4 Oct 93 13:34:44 PDT Subject: NPR? In-Reply-To: <9310041746.AA01307@banff.procase.com> Message-ID: > totn at aol.com for Talk of the Nation, if I recall correctly. aol.com > is an unknown host here, so I can't finger the account to verify. Also, I beleive, for the science program. I am not 100% sure on the address, so if I'm wrong, please correct me. Christian Void /T71 | "I don't like it, and I'm sorry I | VMResearch, Inc. cvoid at netcom.COM | ever had anything to do with it." | P.O. Box 170213 Tel. 1+415-807-5491 | -Erwin Schrodinger (1887-1961) | SF, CA 94117 * PGP v2.3a Public Key Available Via Finger * From cme at ellisun.sw.stratus.com Mon Oct 4 13:34:50 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 4 Oct 93 13:34:50 PDT Subject: Sternlight's Key Message-ID: <9310042029.AA15529@ellisun.sw.stratus.com> >Date: Sat, 2 Oct 93 03:13:44 -0700 >Message-Id: <9310021013.AA09739 at soda.berkeley.edu> >To: cypherpunks at toad.com >From: nobody at soda.berkeley.edu >Subject: Sternlight's Key >As an official Key Escrow Agent of the United States Gubberment, I have >decided that David Sternlight, being a controversial public figure, needs >cryptographic protection for his private communications. You're missing the point. You need to make sure there's some way to guarantee that all his postings and mail are encrypted to himself while you lose the private key. From strat at uunet.uu.net Mon Oct 4 13:35:08 1993 From: strat at uunet.uu.net (Bob Stratton) Date: Mon, 4 Oct 93 13:35:08 PDT Subject: PGP in FIDO In-Reply-To: <9310022109.AA16172@vswr.sps.mot.com> Message-ID: <9310042033.AA09765@cfmartin.UU.NET> Perry> Mike Godwin will have to confirm this, but to my knowledge Common Perry> Carrier is NOT a status you have to apply for. UUNET operates as a Perry> common carrier and has never registered with anyone. Interesting assertion. I suspect that you could say the same of any other regional IP provider. A lot of service providers leap to claim the appelation "common carrier", in the hope that it will absolve them of responsibility for their users' actions. In the real world, most providers, including UUNET and PSI, make their customers sign agreements that said customers won't use the networks for nefarious ends. Note that the phone company doesn't do this. It'll be a while (and a few court cases) before I have any confidence that the U.S. Gov't recognizes IP service providers as common carriers in any real sense. --strat NOTE: I don't speak for anyone but little old me, besides it's only my 2nd week here. :-) Bob Stratton strat at uunet.uu.net UUNET Technologies, Inc. uunet!strat 3110 Fairview Park Dr., Suite 570 Voice) +1 703 204 8000 Falls Church, Va 22042 Fax) +1 703 204 8001 From khijol!erc Mon Oct 4 13:39:07 1993 From: khijol!erc (Ed Carp) Date: Mon, 4 Oct 93 13:39:07 PDT Subject: secure phone quest In-Reply-To: <9310041948.AA03441@dun-dun-noodles.aktis.com> Message-ID: > >> Also How about a half duplex secure voice link for the internet? Heck > >> you could call anyone up if they are logged in and were equipped, crypto > >> optional. > > If you have a Sparc or a DEC, there's a program called "vat" whcih > does this, full-duplex over IP. Unfortunately, I don't remember where > to get it (lbl?), and archie isn't responding. How about 'netphone'? -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From Lyle_Seaman at transarc.com Mon Oct 4 13:39:44 1993 From: Lyle_Seaman at transarc.com (Lyle_Seaman at transarc.com) Date: Mon, 4 Oct 93 13:39:44 PDT Subject: Triple DES products hitting market In-Reply-To: <9309291308.AA19748@bsu-cs.bsu.edu> Message-ID: Anonymous writes: > Cylink Triples Encryption > by Sharon Fisher ... > Cylink's Cipher/Decipher-HSi offers triple-DES, which encrypts DES > data three times, and gives the 56-bit key the effect of a 112-bit key, > according to the company, based here. The triple-DES approach makes > the Cylink product more secure than the government's proposed Clipper > system, which uses an 80-bit key, the company said. Umm. How does this make a system much more resistant to an attack like Weiner's? If there's only a single 56-bit key, the brute-force known-plaintext + ciphertext attack still only needs to do < 2^56 trial encrypt/decrypt operations. Lyle Transarc 707 Grant Street 412 338 4474 The Gulf Tower Pittsburgh 15219 From ssteele at eff.org Mon Oct 4 13:40:08 1993 From: ssteele at eff.org (Shari Steele) Date: Mon, 4 Oct 93 13:40:08 PDT Subject: NPR reporter Message-ID: <199310042039.AA13370@eff.org> Mitch suggests Dan Charles out of NPR's office in DC. Shari From mnemonic at eff.org Mon Oct 4 13:44:44 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 4 Oct 93 13:44:44 PDT Subject: ASCII version of ECPA (interception, stored comm, pen registers) (fwd) Message-ID: <199310042040.AA13376@eff.org> In response to a number of requests from different sources, I've compiled and edited an ASCII version of the Electronic Communications Privacy Act, including all amendments to the original Wiretap Act (18 USC 2510 et seq.), the complete chapter on stored communications (18 USC 2701 et seq.), and the amendments to pen-register and trap-and-trace procedures (18 USC 3121 et seq.) Please let me know if you catch any errors or typos. --Mike Godwin Online Counsel Electronic Frontier Foundation mnemonic at eff.org ----------- TITLE 18. CRIMES AND CRIMINAL PROCEDURE PART I. CRIMES CHAPTER 119. WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND INTERCEPTION OF ORAL COMMUNICATIONS Sec. 2510. Definitions As used in this chapter -- (1) "wire communication" means any aural transfer made in whole or in part through the use of facilities for the transmission of communications by the aid of wire, cable, or other like connection between the point of origin and the point of reception (including the use of such connection in a switching station) furnished or operated by any person engaged in providing or operating such facilities for the transmission of interstate or foreign communications or communications affecting interstate or foreign commerce and such term includes any electronic storage of such communication, but such term does not include the radio portion of a cordless telephone communication that is transmitted between the cordless telephone handset and the base unit; (2) "oral communication" means any oral communication uttered by a person exhibiting an expectation that such communication is not subject to interception under circumstances justifying such expectation, but such term does not include any electronic communication; (3) "State" means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, and any territory or possession of the United States; (4) "intercept" means the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device. (5) "electronic, mechanical, or other device" means any device or apparatus which can be used to intercept a wire, oral, or electronic communication other than-- (a) any telephone or telegraph instrument, equipment or facility, or any component thereof, (i) furnished to the subscriber or user by a provider of wire or electronic communication service in the ordinary course of its business and being used by the subscriber or user in the ordinary course of its business or furnished by such subscriber or user for connection to the facilities of such service and used in the ordinary course of its business; or (ii) being used by a provider of wire or electronic communication service in the ordinary course of its business, or by an investigative or law enforcement officer in the ordinary course of his duties; (b) a hearing aid or similar device being used to correct subnormal hearing to not better than normal; (6) "person" means any employee, or agent of the United States or any State or political subdivision thereof, and any individual, partnership, association, joint stock company, trust, or corporation; (7) "Investigative or law enforcement officer" means any officer of the United States or of a State or political subdivision thereof, who is empowered by law to conduct investigations of or to make arrests for offenses enumerated in this chapter, and any attorney authorized by law to prosecute or participate in the prosecution of such offenses; (8) "contents," when used with respect to any wire, oral, or electronic communication, includes any information concerning the substance, purport, or meaning of that communication; (9) "Judge of competent jurisdiction" means-- (a) a judge of a United States district court or a United States court of appeals; and (b) a judge of any court of general criminal jurisdiction of a State who is authorized by a statute of that State to enter orders authorizing interceptions of wire, oral, or electronic communications; (10) "communication common carrier" shall have the same meaning which is given the term "common carrier" by section 153(h) of title 47 of the United States Code; (11) "aggrieved person" means a person who was a party to any intercepted wire, oral, or electronic communication or a person against whom the interception was directed; (12) "electronic communication" means any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce, but does not include-- (A) the radio portion of a cordless telephone communication that is transmitted between the cordless telephone handset and the base unit; (B) any wire or oral communication; (C) any communication made through a tone-only paging device; or (D) any communication from a tracking device (as defined in section 3117 of this title); (13) "user" means any person or entity who-- (A) uses an electronic communication service; and (B) is duly authorized by the provider of such service to engage in such use; (14) "electronic communications system" means any wire, radio, electromagnetic, photooptical or photoelectronic facilities for the transmission of electronic communications, and any computer facilities or related electronic equipment for the electronic storage of such communications; (15) "electronic communication service" means any service which provides to users thereof the ability to send or receive wire or electronic communications; (16) "readily accessible to the general public" means, with respect to a radio communication, that such communication is not-- (A) scrambled or encrypted; (B) transmitted using modulation techniques whose essential parameters have been withheld from the public with the intention of preserving the privacy of such communication; (C) carried on a subcarrier or other signal subsidiary to a radio transmission; (D) transmitted over a communication system provided by a common carrier, unless the communication is a tone only paging system communication; or (E) transmitted on frequencies allocated under part 25, subpart D, E, or F of part 74, or part 94 of the Rules of the Federal Communications Commission, unless, in the case of a communication transmitted on a frequency allocated under part 74 that is not exclusively allocated to broadcast auxiliary services, the communication is a two-way voice communication by radio; (17) "electronic storage" means-- (A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication; and (18) "aural transfer" means a transfer containing the human voice at any point between and including the point of origin and the point of reception. Sec. 2511. Interception and disclosure of wire, oral, or electronic communications prohibited (1) Except as otherwise specifically provided in this chapter any person who-- (a) intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication; (b) intentionally uses, endeavors to use, or procures any other person to use or endeavor to use any electronic, mechanical, or other device to intercept any oral communication when-- (i) such device is affixed to, or otherwise transmits a signal through, a wire, cable, or other like connection used in wire communication; or (ii) such device transmits communications by radio, or interferes with the transmission of such communication; or (iii) such person knows, or has reason to know, that such device or any component thereof has been sent through the mail or transported in interstate or foreign commerce; or (iv) such use or endeavor to use (A) takes place on the premises of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or (B) obtains or is for the purpose of obtaining information relating to the operations of any business or other commercial establishment the operations of which affect interstate or foreign commerce; or (v) such person acts in the District of Columbia, the Commonwealth of Puerto Rico, or any territory or possession of the United States; (c) intentionally discloses, or endeavors to disclose, to any other person the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection; or (d) intentionally uses, or endeavors to use, the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection; shall be punished as provided in subsection (4) or shall be subject to suit as provided in subsection (5). (2)(a)(i) It shall not be unlawful under this chapter for an operator of a switchboard, or an officer, employee, or agent of a provider of wire or electronic communication service, whose facilities are used in the transmission of a wire communication, to intercept, disclose, or use that communication in the normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service, except that a provider of wire communication service to the public shall not utilize service observing or random monitoring except for mechanical or service quality control checks. (ii) Notwithstanding any other law, providers of wire or electronic communication service, their officers, employees, and agents, landlords, custodians, or other persons, are authorized to provide information, facilities, or technical assistance to persons authorized by law to intercept wire, oral, or electronic communications or to conduct electronic surveillance, as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978 if such provider, its officers, employees, or agents, landlord, custodian, or other specified person, has been provided with-- (A) a court order directing such assistance signed by the authorizing judge, or (B) a certification in writing by a person specified in section 2518(7) of this title or the Attorney General of the United States that no warrant or court order is required by law, that all statutory requirements have been met, and that the specified assistance is required, setting forth the period of time during which the provision of the information, facilities, or technical assistance is authorized and specifying the information, facilities, or technical assistance required. No provider of wire or electronic communication service, officer, employee, or agent thereof, or landlord, custodian, or other specified person shall disclose the existence of any interception or surveillance or the device used to accomplish the interception or surveillance with respect to which the person has been furnished an order or certification under this subparagraph, except as may otherwise be required by legal process and then only after prior notification to the Attorney General or to the principal prosecuting attorney of a State or any political subdivision of a State, as may be appropriate. Any such disclosure, shall render such person liable for the civil damages provided for in section 2520. No cause of action shall lie in any court against any provider of wire or electronic communication service, its officers, employees, or agents, landlord, custodian, or other specified person for providing information, facilities, or assistance in accordance with the terms of a court order or certification under this chapter. (b) It shall not be unlawful under this chapter for an officer, employee, or agent of the Federal Communications Commission, in the normal course of his employment and in discharge of the monitoring responsibilities exercised by the Commission in the enforcement of chapter 5 of title 47 of the United States Code, to intercept a wire or electronic communication, or oral communication transmitted by radio, or to disclose or use the information thereby obtained. (c) It shall not be unlawful under this chapter for a person acting under color of law to intercept a wire, oral, or electronic communication, where such person is a party to the communication or one of the parties to the communication has given prior consent to such interception. (d) It shall not be unlawful under this chapter for a person not acting under color of law to intercept a wire or oral communication where such person is a party to the communication or where one of the parties to the communication has given prior consent to such interception unless such communication is intercepted for the purpose of committing any criminal or tortious act in violation of the Constitution or laws of the United States or of any State. (e) Notwithstanding any other provision of this title or section 705 or 706 of the Communications Act of 1934 , it shall not be unlawful for an officer, employee, or agent of the United States in the normal course of his official duty to conduct electronic surveillance, as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978, as authorized by that Act. (f) Nothing contained in this chapter or chapter 121, or section 705 of the Communications Act of 1934, shall be deemed to affect the acquisition by the United States Government of foreign intelligence information from international or foreign communications, or foreign intelligence activities conducted in accordance with otherwise applicable Federal law involving a foreign electronic communications system, utilizing a means other than electronic surveillance as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978, and procedures in this chapter and the Foreign Intelligence Surveillance Act of 1978 shall be the exclusive means by which electronic surveillance, as defined in section 101 of such Act, and the interception of domestic wire, oral, or electronic communications may be conducted. (g) It shall not be unlawful under this chapter or chapter 121 of this title for any person-- (i) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public; (ii) to intercept any radio communication which is transmitted-- (I) by any station for the use of the general public, or that relates to ships, aircraft, vehicles, or persons in distress; (II) by any governmental, law enforcement, civil defense, private land mobile, or public safety communications system, including police and fire, readily accessible to the general public; (III) by a station operating on an authorized frequency within the bands allocated to the amateur, citizens band, or general mobile radio services; or (IV) by any marine or aeronautical communications system; (iii) to engage in any conduct which-- (I) is prohibited by section 633 of the Communications Act of 1934; or (II) is excepted from the application of section 705(a) of the Communications Act of 1934 by section 705(b) of that Act; (iv) to intercept any wire or electronic communication the transmission of which is causing harmful interference to any lawfully operating station or consumer electronic equipment, to the extent necessary to identify the source of such interference; or (v) for other users of the same frequency to intercept any radio communication made through a system that utilizes frequencies monitored by individuals engaged in the provision or the use of such system, if such communication is not scrambled or encrypted. (h) It shall not be unlawful under this chapter-- (i) to use a pen register or a trap and trace device (as those terms are defined for the purposes of chapter 206 (relating to pen registers and trap and trace devices) of this title); or (ii) for a provider of electronic communication service to record the fact that a wire or electronic communication was initiated or completed in order to protect such provider, another provider furnishing service toward the completion of the wire or electronic communication, or a user of that service, from fraudulent, unlawful or abusive use of such service. (3)(a) Except as provided in paragraph (b) of this subsection, a person or entity providing an electronic communication service to the public shall not intentionally divulge the contents of any communication (other than one to such person or entity, or an agent thereof) while in transmission on that service to any person or entity other than an addressee or intended recipient of such communication or an agent of such addressee or intended recipient. (b) A person or entity providing electronic communication service to the public may divulge the contents of any such communication-- (i) as otherwise authorized in section 2511(2)(a) or 2517 of this title; (ii) with the lawful consent of the originator or any addressee or intended recipient of such communication; (iii) to a person employed or authorized, or whose facilities are used, to forward such communication to its destination; or (iv) which were inadvertently obtained by the service provider and which appear to pertain to the commission of a crime, if such divulgence is made to a law enforcement agency. (4)(a) Except as provided in paragraph (b) of this subsection or in subsection (5), whoever violates subsection (1) of this section shall be fined under this title or imprisoned not more than five years, or both. (b) If the offense is a first offense under paragraph (a) of this subsection and is not for a tortious or illegal purpose or for purposes of direct or indirect commercial advantage or private commercial gain, and the wire or electronic communication with respect to which the offense under paragraph (a) is a radio communication that is not scrambled or encrypted, then-- (i) if the communication is not the radio portion of a cellular telephone communication, a public land mobile radio service communication or a paging service communication, and the conduct is not that described in subsection (5), the offender shall be fined under this title or imprisoned not more than one year, or both; and (ii) if the communication is the radio portion of a cellular telephone communication, a public land mobile radio service communication or a paging service communication, the offender shall be fined not more than $ 500. (c) Conduct otherwise an offense under this subsection that consists of or relates to the interception of a satellite transmission that is not encrypted or scrambled and that is transmitted-- (i) to a broadcasting station for purposes of retransmission to the general public; or (ii) as an audio subcarrier intended for redistribution to facilities open to the public, but not including data transmissions or telephone calls, is not an offense under this subsection unless the conduct is for the purposes of direct or indirect commercial advantage or private financial gain. (5)(a)(i) If the communication is-- (A) a private satellite video communication that is not scrambled or encrypted and the conduct in violation of this chapter is the private viewing of that communication and is not for a tortious or illegal purpose or for purposes of direct or indirect commercial advantage or private commercial gain; or (B) a radio communication that is transmitted on frequencies allocated under subpart D of part 74 of the rules of the Federal Communications Commission that is not scrambled or encrypted and the conduct in violation of this chapter is not for a tortious or illegal purpose or for purposes of direct or indirect commercial advantage or private commercial gain, then the person who engages in such conduct shall be subject to suit by the Federal Government in a court of competent jurisdiction. (ii) In an action under this subsection-- (A) if the violation of this chapter is a first offense for the person under paragraph (a) of subsection (4) and such person has not been found liable in a civil action under section 2520 of this title, the Federal Government shall be entitled to appropriate injunctive relief; and (B) if the violation of this chapter is a second or subsequent offense under paragraph (a) of subsection (4) or such person has been found liable in any prior civil action under section 2520, the person shall be subject to a mandatory $ 500 civil fine. (b) The court may use any means within its authority to enforce an injunction issued under paragraph (ii)(A), and shall impose a civil fine of not less than $ 500 for each violation of such an injunction. Sec. 2512. Manufacture, distribution, possession, and advertising of wire, oral, or electronic communication intercepting devices prohibited (1) Except as otherwise specifically provided in this chapter, any person who intentionally-- (a) sends through the mail, or sends or carries in interstate or foreign commerce, any electronic, mechanical, or other device, knowing or having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications; (b) manufactures, assembles, possesses, or sells any electronic, mechanical, or other device, knowing or having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications, and that such device or any component thereof has been or will be sent through the mail or transported in interstate or foreign commerce; or (c) places in any newspaper, magazine, handbill, or other publication any advertisement of-- (i) any electronic, mechanical, or other device knowing or having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications; or (ii) any other electronic, mechanical, or other device, where such advertisement promotes the use of such device for the purpose of the surreptitious interception of wire, oral, or electronic communications, knowing or having reason to know that such advertisement will be sent through the mail or transported in interstate or foreign commerce, shall be fined not more than $ 10,000 or imprisoned not more than five years, or both. (2) It shall not be unlawful under this section for-- (a) a provider of wire or electronic communication service or an officer, agent, or employee of, or a person under contract with, such a provider, in the normal course of the business of providing that wire or electronic communication service, or (b) an officer, agent, or employee of, or a person under contract with, the United States, a State, or a political subdivision thereof, in the normal course of the activities of the United States, a State, or a political subdivision thereof, to send through the mail, send or carry in interstate or foreign commerce, or manufacture, assemble, possess, or sell any electronic, mechanical, or other device knowing or having reason to know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications. Sec. 2513. Confiscation of wire, oral, or electronic communication intercepting devices Any electronic, mechanical, or other device used, sent, carried, manufactured, assembled, possessed, sold, or advertised in violation of section 2511 or section 2512 of this chapter may be seized and forfeited to the United States. All provisions of law relating to (1) the seizure, summary and judicial forfeiture, and condemnation of vessels, vehicles, merchandise, and baggage for violations of the customs laws contained in title 19 of the United States Code, (2) the disposition of such vessels, vehicles, merchandise, and baggage or the proceeds from the sale thereof, (3) the remission or mitigation of such forfeiture, (4) the compromise of claims, and (5) the award of compensation to informers in respect of such forfeitures, shall apply to seizures and forfeitures incurred, or alleged to have been incurred, under the provisions of this section, insofar as applicable and not inconsistent with the provisions of this section; except that such duties as are imposed upon the collector of customs or any other person with respect to the seizure and forfeiture of vessels, vehicles, merchandise, and baggage under the provisions of the customs laws contained in title 19 of the United States Code shall be performed with respect to seizure and forfeiture of electronic, mechanical, or other intercepting devices under this section by such officers, agents, or other persons as may be authorized or designated for that purpose by the Attorney General. Sec. 2515. Prohibition of use as evidence of intercepted wire or oral communications Whenever any wire or oral communication has been intercepted, no part of the contents of such communication and no evidence derived therefrom may be received in evidence in any trial, hearing, or other proceeding in or before any court, grand jury, department, officer, agency, regulatory body, legislative committee, or other authority of the United States, a State, or a political subdivision thereof if the disclosure of that information would be in violation of this chapter. Sec. 2516. Authorization for interception of wire, oral, or electronic communications (1) The Attorney General, Deputy Attorney General, Associate Attorney General, or any Assistant Attorney General, any acting Assistant Attorney General, or any Deputy Assistant Attorney General in the Criminal Division specially designated by the Attorney General, may authorize an application to a Federal judge of competent jurisdiction for, and such judge may grant in conformity with section 2518 of this chapter an order authorizing or approving the interception of wire or oral communications by the Federal Bureau of Investigation, or a Federal agency having responsibility for the investigation of the offense as to which the application is made, when such interception may provide or has provided evidence of-- (a) any offense punishable by death or by imprisonment for more than one year under sections 2274 through 2277 of title 42 of the United States Code (relating to the enforcement of the Atomic Energy Act of 1954), section 2284 of title 42 of the United States Code (relating to sabotage of nuclear facilities or fuel), or under the following chapters of this title: chapter 37 (relating to espionage), chapter 105 (relating to sabotage), chapter 115 (relating to treason), chapter 102 (relating to riots), chapter 65 (relating to malicious mischief), chapter 111 (relating to destruction of vessels), or chapter 81 (relating to piracy); (b) a violation of section 186 or section 501(c) of title 29, United States Code (dealing with restrictions on payments and loans to labor organizations), or any offense which involves murder, kidnapping, robbery, or extortion, and which is punishable under this title; (c) any offense which is punishable under the following sections of this title: section 201 (bribery of public officials and witnesses), section 215 (relating to bribery of bank officials), section 224 (bribery in sporting contests), subsection (d), (e), (f), (g), (h), or (i) of section 844 (unlawful use of explosives), section 1032 (relating to concealment of assets), section 1084 (transmission of wagering information), section 751 (relating to escape), section 1014 (relating to loans and credit applications generally; renewals and discounts), sections 1503, 1512, and 1513 (influencing or injuring an officer, juror, or witness generally), section 1510 (obstruction of criminal investigations), section 1511 (obstruction of State or local law enforcement), section 1751 (Presidential and Presidential staff assassination, kidnaping, and assault), section 1951 (interference with commerce by threats or violence), section 1952 (interstate and foreign travel or transportation in aid of racketeering enterprises), section 1958 (relating to use of interstate commerce facilities in the commission of murder for hire), section 1959 (relating to violent crimes in aid of racketeering activity), section 1954 (offer, acceptance, or solicitation to influence operations of employee benefit plan), section 1955 (prohibition of business enterprises of gambling), section 1956 (laundering of monetary instruments), section 1957 (relating to engaging in monetary transactions in property derived from specified unlawful activity), section 659 (theft from interstate shipment), section 664 (embezzlement from pension and welfare funds), section 1343 (fraud by wire, radio, or television), section 1344 (relating to bank fraud), sections 2251 and 2252 (sexual exploitation of children), sections 2312, 2313, 2314, and 2315 (interstate transportation of stolen property), section 2321 (relating to trafficking in certain motor vehicles or motor vehicle parts), section 1203 (relating to hostage taking), section 1029 (relating to fraud and related activity in connection with access devices), section 3146 (relating to penalty for failure to appear), section 3521(b)(3) (relating to witness relocation and assistance), section 32 (relating to destruction of aircraft or aircraft facilities), section 1963 (violations with respect to racketeer influenced and corrupt organizations), section 115 (relating to threatening or retaliating against a Federal official), and section 1341 (relating to mail fraud), or section 351 (violations with respect to congressional, Cabinet, or Supreme Court assassinations, kidnaping, and assault), section 831 (relating to prohibited transactions involving nuclear materials), section 33 (relating to destruction of motor vehicles or motor vehicle facilities), section 175 (relating to biological weapons), or section 1992 (relating to wrecking trains); (d) any offense involving counterfeiting punishable under section 471, 472, or 473 of this title; (e) any offense involving fraud connected with a case under title 11 or the manufacture, importation, receiving, concealment, buying, selling, or otherwise dealing in narcotic drugs, marihuana, or other dangerous drugs, punishable under any law of the United States; (f) any offense including extortionate credit transactions under sections 892, 893, or 894 of this title; (g) a violation of section 5322 of title 31, United States Code (dealing with the reporting of currency transactions); (h) any felony violation of sections 2511 and 2512 (relating to interception and disclosure of certain communications and to certain intercepting devices) of this title; (i) any felony violation of chapter 71 (relating to obscenity) of this title; (j) any violation of section 11(c)(2) of the Natural Gas Pipeline Safety Act of 1968 (relating to destruction of a natural gas pipeline) or subsection (i) or (n) of section 902 of the Federal Aviation Act of 1958 (relating to aircraft piracy); (k) any criminal violation of section 2778 of title 22 (relating to the Arms Export Control Act); (l) the location of any fugitive from justice from an offense described in this section; (m) any felony violation of sections 922 and 924 of title 18, United States Code (relating to firearms); (n) any violation of section 5861 of the Internal Revenue Code of 1986 (relating to firearms); and (o) any conspiracy to commit any offense described in any subparagraph of this paragraph. (2) The principal prosecuting attorney of any State, or the principal prosecuting attorney of any political subdivision thereof, if such attorney is authorized by a statute of that State to make application to a State court judge of competent jurisdiction for an order authorizing or approving the interception of wire or oral communications, may apply to such judge for, and such judge may grant in conformity with section 2518 of this chapter and with the applicable State statute an order authorizing, or approving the interception of wire or oral communications by investigative or law enforcement officers having responsibility for the investigation of the offense as to which the application is made, when such interception may provide or has provided evidence of the commission of the offense of murder, kidnapping, gambling, robbery, bribery, extortion, or dealing in narcotic drugs, marihuana or other dangerous drugs, or other crime dangerous to life, limb, or property, and punishable by imprisonment for more than one year, designated in any applicable State statute authorizing such interception, or any conspiracy to commit any of the foregoing offenses. (3) Any attorney for the Government (as such term is defined for the purposes of the Federal Rules of Criminal Procedure) may authorize an application to a Federal judge of competent jurisdiction for, and such judge may grant, in conformity with section 2518 of this title, an order authorizing or approving the interception of electronic communications by an investigative or law enforcement officer having responsibility for the investigation of the offense as to which the application is made, when such interception may provide or has provided evidence of any Federal felony. Sec. 2517. Authorization for disclosure and use of intercepted wire, oral, or electronic communications (1) Any investigative or law enforcement officer who, by any means authorized by this chapter, has obtained knowledge of the contents of any wire, oral, or electronic communication, or evidence derived therefrom, may disclose such contents to another investigative or law enforcement officer to the extent that such disclosure is appropriate to the proper performance of the official duties of the officer making or receiving the disclosure. (2) Any investigative or law enforcement officer who, by any means authorized by this chapter, has obtained knowledge of the contents of any wire, oral, or electronic communication or evidence derived therefrom may use such contents to the extent such use is appropriate to the proper performance of his official duties. (3) Any person who has received, by any means authorized by this chapter, any information concerning a wire, oral, or electronic communication, or evidence derived therefrom intercepted in accordance with the provisions of this chapter may disclose the contents of that communication or such derivative evidence while giving testimony under oath or affirmation in any proceeding held under the authority of the United States or of any State or political subdivision thereof. (4) No otherwise privileged wire, oral, or electronic communication intercepted in accordance with, or in violation of, the provisions of this chapter shall lose its privileged character. (5) When an investigative or law enforcement officer, while engaged in intercepting wire, oral, or electronic communications in the manner authorized herein, intercepts wire, oral, or electronic communications relating to offenses other than those specified in the order of authorization or approval, the contents thereof, and evidence derived therefrom, may be disclosed or used as provided in subsections (1) and (2) of this section. Such contents and any evidence derived therefrom may be used under subsection (3) of this section when authorized or approved by a judge of competent jurisdiction where such judge finds on subsequent application that the contents were otherwise intercepted in accordance with the provisions of this chapter. Such application shall be made as soon as practicable. Sec. 2518. Procedure for interception of wire, oral, or electronic communications (1) Each application for an order authorizing or approving the interception of a wire, oral, or electronic communication under this chapter shall be made in writing upon oath or affirmation to a judge of competent jurisdiction and shall state the applicant's authority to make such application. Each application shall include the following information: (a) the identity of the investigative or law enforcement officer making the application, and the officer authorizing the application; (b) a full and complete statement of the facts and circumstances relied upon by the applicant, to justify his belief that an order should be issued, including (i) details as to the particular offense that has been, is being, or is about to be committed, (ii) except as provided in subsection (11), a particular description of the nature and location of the facilities from which or the place where the communication is to be intercepted, (iii) a particular description of the type of communications sought to be intercepted, (iv) the identity of the person, if known, committing the offense and whose communications are to be intercepted; (c) a full and complete statement as to whether or not other investigative procedures have been tried and failed or why they reasonably appear to be unlikely to succeed if tried or to be too dangerous; (d) a statement of the period of time for which the interception is required to be maintained. If the nature of the investigation is such that the authorization for interception should not automatically terminate when the described type of communication has been first obtained, a particular description of facts establishing probable cause to believe that additional communications of the same type will occur thereafter; (e) a full and complete statement of the facts concerning all previous applications known to the individual authorizing and making the application, made to any judge for authorization to intercept, or for approval of interceptions of, wire, oral, or electronic communications involving any of the same persons, facilities or places specified in the application, and the action taken by the judge on each such application; and (f) where the application is for the extension of an order, a statement setting forth the results thus far obtained from the interception, or a reasonable explanation of the failure to obtain such results. (2) The judge may require the applicant to furnish additional testimony or documentary evidence in support of the application. (3) Upon such application the judge may enter an ex parte order, as requested or as modified, authorizing or approving interception of wire, oral, or electronic communications within the territorial jurisdiction of the court in which the judge is sitting (and outside that jurisdiction but within the United States in the case of a mobile interception device authorized by a Federal court within such jurisdiction), if the judge determines on the basis of the facts submitted by the applicant that-- (a) there is probable cause for belief that an individual is committing, has committed, or is about to commit a particular offense enumerated in section 2516 of this chapter; (b) there is probable cause for belief that particular communications concerning that offense will be obtained through such interception; (c) normal investigative procedures have been tried and have failed or reasonably appear to be unlikely to succeed if tried or to be too dangerous; (d) except as provided in subsection (11), there is probable cause for belief that the facilities from which, or the place where, the wire, oral, or electronic communications are to be intercepted are being used, or are about to be used, in connection with the commission of such offense, or are leased to, listed in the name of, or commonly used by such person. (4) Each order authorizing or approving the interception of any wire, oral, or electronic communication under this chapter shall specify-- (a) the identity of the person, if known, whose communications are to be intercepted; (b) the nature and location of the communications facilities as to which, or the place where, authority to intercept is granted; (c) a particular description of the type of communication sought to be intercepted, and a statement of the particular offense to which it relates; (d) the identity of the agency authorized to intercept the communications, and of the person authorizing the application; and (e) the period of time during which such interception is authorized, including a statement as to whether or not the interception shall automatically terminate when the described communication has been first obtained. An order authorizing the interception of a wire, oral, or electronic communication under this chapter shall, upon request of the applicant, direct that a provider of wire or electronic communication service, landlord, custodian or other person shall furnish the applicant forthwith all information, facilities, and technical assistance necessary to accomplish the interception unobtrusively and with a minimum of interference with the services that such service provider, landlord, custodian, or person is according the person whose communications are to be intercepted. Any provider of wire or electronic communication service, landlord, custodian or other person furnishing such facilities or technical assistance shall be compensated therefor by the applicant for reasonable expenses incurred in providing such facilities or assistance. (5) No order entered under this section may authorize or approve the interception of any wire, oral, or electronic communication for any period longer than is necessary to achieve the objective of the authorization, nor in any event longer than thirty days. Such thirty-day period begins on the earlier of the day on which the investigative or law enforcement officer first begins to conduct an interception under the order or ten days after the order is entered. Extensions of an order may be granted, but only upon application for an extension made in accordance with subsection (1) of this section and the court making the findings required by subsection (3) of this section. The period of extension shall be no longer than the authorizing judge deems necessary to achieve the purposes for which it was granted and in no event for longer than thirty days. Every order and extension thereof shall contain a provision that the authorization to intercept shall be executed as soon as practicable, shall be conducted in such a way as to minimize the interception of communications not otherwise subject to interception under this chapter, and must terminate upon attainment of the authorized objective, or in any event in thirty days. In the event the intercepted communication is in a code or foreign language, and an expert in that foreign language or code is not reasonably available during the interception period, minimization may be accomplished as soon as practicable after such interception. An interception under this chapter may be conducted in whole or in part by Government personnel, or by an individual operating under a contract with the Government, acting under the supervision of an investigative or law enforcement officer authorized to conduct the interception. (6) Whenever an order authorizing interception is entered pursuant to this chapter, the order may require reports to be made to the judge who issued the order showing what progress has been made toward achievement of the authorized objective and the need for continued interception. Such reports shall be made at such intervals as the judge may require. (7) Notwithstanding any other provision of this chapter, any investigative or law enforcement officer, specially designated by the Attorney General, the Deputy Attorney General, the Associate Attorney General, or by the principal prosecuting attorney of any State or subdivision thereof acting pursuant to a statute of that State, who reasonably determines that-- (a) an emergency situation exists that involves-- (i) immediate danger of death or serious physical injury to any person, (ii) conspiratorial activities threatening the national security interest, or (iii) conspiratorial activities characteristic of organized crime, that requires a wire, oral, or electronic communication to be intercepted before an order authorizing such interception can, with due diligence, be obtained, and (b) there are grounds upon which an order could be entered under this chapter to authorize such interception, may intercept such wire, oral, or electronic communication if an application for an order approving the interception is made in accordance with this section within forty-eight hours after the interception has occurred, or begins to occur. In the absence of an order, such interception shall immediately terminate when the communication sought is obtained or when the application for the order is denied, whichever is earlier. In the event such application for approval is denied, or in any other case where the interception is terminated without an order having been issued, the contents of any wire, oral, or electronic communication intercepted shall be treated as having been obtained in violation of this chapter, and an inventory shall be served as provided for in subsection (d) of this section on the person named in the application. (8)(a) The contents of any wire, oral, or electronic communication intercepted by any means authorized by this chapter shall, if possible, be recorded on tape or wire or other comparable device. The recording of the contents of any wire, oral, or electronic communication under this subsection shall be done in such way as will protect the recording from editing or other alterations. Immediately upon the expiration of the period of the order, or extensions thereof, such recordings shall be made available to the judge issuing such order and sealed under his directions. Custody of the recordings shall be wherever the judge orders. They shall not be destroyed except upon an order of the issuing or denying judge and in any event shall be kept for ten years. Duplicate recordings may be made for use or disclosure pursuant to the provisions of subsections (1) and (2) of section 2517 of this chapter for investigations. The presence of the seal provided for by this subsection, or a satisfactory explanation for the absence thereof, shall be a prerequisite for the use or disclosure of the contents of any wire, oral, or electronic communication or evidence derived therefrom under subsection (3) of section 2517. (b) Applications made and orders granted under this chapter shall be sealed by the judge. Custody of the applications and orders shall be wherever the judge directs. Such applications and orders shall be disclosed only upon a showing of good cause before a judge of competent jurisdiction and shall not be destroyed except on order of the issuing or denying judge, and in any event shall be kept for ten years. (c) Any violation of the provisions of this subsection may be punished as contempt of the issuing or denying judge. (d) Within a reasonable time but not later than ninety days after the filing of an application for an order of approval under section 2518(7)(b) which is denied or the termination of the period of an order or extensions thereof, the issuing or denying judge shall cause to be served, on the persons named in the order or the application, and such other parties to intercepted communications as the judge may determine in his discretion that is in the interest of justice, an inventory which shall include notice of-- (1) the fact of the entry of the order or the application; (2) the date of the entry and the period of authorized, approved or disapproved interception, or the denial of the application; and (3) the fact that during the period wire, oral, or electronic communications were or were not intercepted. The judge, upon the filing of a motion, may in his discretion make available to such person or his counsel for inspection such portions of the intercepted communications, applications and orders as the judge determines to be in the interest of justice. On an ex parte showing of good cause to a judge of competent jurisdiction the serving of the inventory required by this subsection may be postponed. (9) The contents of any wire, oral, or electronic communication intercepted pursuant to this chapter or evidence derived therefrom shall not be received in evidence or otherwise disclosed in any trial, hearing, or other proceeding in a Federal or State court unless each party, not less than ten days before the trial, hearing, or proceeding, has been furnished with a copy of the court order, and accompanying application, under which the interception was authorized or approved. This ten-day period may be waived by the judge if he finds that it was not possible to furnish the party with the above information ten days before the trial, hearing, or proceeding and that the party will not be prejudiced by the delay in receiving such information. (10)(a) Any aggrieved person in any trial, hearing, or proceeding in or before any court, department, officer, agency, regulatory body, or other authority of the United States, a State, or a political subdivision thereof, may move to suppress the contents of any wire or oral communication intercepted pursuant to this chapter, or evidence derived therefrom, on the grounds that-- (i) the communication was unlawfully intercepted; (ii) the order of authorization or approval under which it was intercepted is insufficient on its face; or (iii) the interception was not made in conformity with the order of authorization or approval. Such motion shall be made before the trial, hearing, or proceeding unless there was no opportunity to make such motion or the person was not aware of the grounds of the motion. If the motion is granted, the contents of the intercepted wire or oral communication, or evidence derived therefrom, shall be treated as having been obtained in violation of this chapter. The judge, upon the filing of such motion by the aggrieved person, may in his discretion make available to the aggrieved person or his counsel for inspection such portions of the intercepted communication or evidence derived therefrom as the judge determines to be in the interests of justice. (b) In addition to any other right to appeal, the United States shall have the right to appeal from an order granting a motion to suppress made under paragraph (a) of this subsection, or the denial of an application for an order of approval, if the United States attorney shall certify to the judge or other official granting such motion or denying such application that the appeal is not taken for purposes of delay. Such appeal shall be taken within thirty days after the date the order was entered and shall be diligently prosecuted. (c) The remedies and sanctions described in this chapter with respect to the interception of electronic communications are the only judicial remedies and sanctions for nonconstitutional violations of this chapter involving such communications. (11) The requirements of subsections (1)(b)(ii) and (3)(d) of this section relating to the specification of the facilities from which, or the place where, the communication is to be intercepted do not apply if-- (a) in the case of an application with respect to the interception of an oral communication-- (i) the application is by a Federal investigative or law enforcement officer and is approved by the Attorney General, the Deputy Attorney General, the Associate Attorney General, an Assistant Attorney General, or an acting Assistant Attorney General; (ii) the application contains a full and complete statement as to why such specification is not practical and identifies the person committing the offense and whose communications are to be intercepted; and (iii) the judge finds that such specification is not practical; and (b) in the case of an application with respect to a wire or electronic communication-- (i) the application is by a Federal investigative or law enforcement officer and is approved by the Attorney General, the Deputy Attorney General, the Associate Attorney General, an Assistant Attorney General, or an acting Assistant Attorney General; (ii) the application identifies the person believed to be committing the offense and whose communications are to be intercepted and the applicant makes a showing of a purpose, on the part of that person, to thwart interception by changing facilities; and (iii) the judge finds that such purpose has been adequately shown. (12) An interception of a communication under an order with respect to which the requirements of subsections (1)(b)(ii) and (3)(d) of this section do not apply by reason of subsection (11) shall not begin until the facilities from which, or the place where, the communication is to be intercepted is ascertained by the person implementing the interception order. A provider of wire or electronic communications service that has received an order as provided for in subsection (11)(b) may move the court to modify or quash the order on the ground that its assistance with respect to the interception cannot be performed in a timely or reasonable fashion. The court, upon notice to the government, shall decide such a motion expeditiously. Sec. 2519. Reports concerning intercepted wire, oral, or electronic communications (1) Within thirty days after the expiration of an order (or each extension thereof) entered under section 2518, or the denial of an order approving an interception, the issuing or denying judge shall report to the Administrative Office of the United States Courts-- (a) the fact that an order or extension was applied for; (b) the kind of order or extension applied for (including whether or not the order was an order with respect to which the requirements of sections 2518(1)(b)(ii) and 2518(3)(d) of this title did not apply by reason of section 2518(11) of this title); (c) the fact that the order or extension was granted as applied for, was modified, or was denied; (d) the period of interceptions authorized by the order, and the number and duration of any extensions of the order; (e) the offense specified in the order or application, or extension of an order; (f) the identity of the applying investigative or law enforcement officer and agency making the application and the person authorizing the application; and (g) the nature of the facilities from which or the place where communications were to be intercepted. (2) In January of each year the Attorney General, an Assistant Attorney General specially designated by the Attorney General, or the principal prosecuting attorney of a State, or the principal prosecuting attorney for any political subdivision of a State, shall report to the Administrative Office of the United States Courts-- (a) the information required by paragraphs (a) through (g) of subsection (1) of this section with respect to each application for an order or extension made during the preceding calendar year; (b) a general description of the interceptions made under such order or extension, including (i) the approximate nature and frequency of incriminating communications intercepted, (ii) the approximate nature and frequency of other communications intercepted, (iii) the approximate number of persons whose communications were intercepted, and (iv) the approximate nature, amount, and cost of the manpower and other resources used in the interceptions; (c) the number of arrests resulting from interceptions made under such order or extension, and the offenses for which arrests were made; (d) the number of trials resulting from such interceptions; (e) the number of motions to suppress made with respect to such interceptions, and the number granted or denied; (f) the number of convictions resulting from such interceptions and the offenses for which the convictions were obtained and a general assessment of the importance of the interceptions; and (g) the information required by paragraphs (b) through (f) of this subsection with respect to orders or extensions obtained in a preceding calendar year. (3) In April of each year the Director of the Administrative Office of the United States Courts shall transmit to the Congress a full and complete report concerning the number of applications for orders authorizing or approving the interception of wire, oral, or electronic communications pursuant to this chapter and the number of orders and extensions granted or denied pursuant to this chapter during the preceding calendar year. Such report shall include a summary and analysis of the data required to be filed with the Administrative Office by subsections (1) and (2) of this section. The Director of the Administrative Office of the United States Courts is authorized to issue binding regulations dealing with the content and form of the reports required to be filed by subsections (1) and (2) of this section. Sec. 2520. Recovery of civil damages authorized (a) In general. Except as provided in section 2511(2)(a)(ii), any person whose wire, oral, or electronic communication is intercepted, disclosed, or intentionally used in violation of this chapter may in a civil action recover from the person or entity which engaged in that violation such relief as may be appropriate. (b) Relief. In an action under this section, appropriate relief includes-- (1) such preliminary and other equitable or declaratory relief as may be appropriate; (2) damages under subsection (c) and punitive damages in appropriate cases; and (3) a reasonable attorney's fee and other litigation costs reasonably incurred. (c) Computation of damages. (1) In an action under this section, if the conduct in violation of this chapter, is the private viewing of a private satellite video communication that is not scrambled or encrypted or if the communication is a radio communication that is transmitted on frequencies allocated under subpart D of part 74 of the rules of the Federal Communications Commission that is not scrambled or encrypted and the conduct is not for a tortious or illegal purpose or for purposes of direct or indirect commercial advantage or private commercial gain, then the court shall assess damages as follows: (A) If the person who engaged in that conduct has not previously been enjoined under section 2511(5) and has not been found liable in a prior civil action under this section, the court shall assess the greater of the sum of actual damages suffered by the plaintiff, or statutory damages of not less than $ 50 and not more than $ 500. (B) If, on one prior occasion, the person who engaged in that conduct has been enjoined under section 2511(5) or has been found liable in a civil action under this section, the court shall assess the greater of the sum of actual damages suffered by the plaintiff, or statutory damages of not less than $ 100 and not more than $ 1000. (2) In any other action under this section, the court may assess as damages whichever is the greater of-- (A) the sum of the actual damages suffered by the plaintiff and any profits made by the violator as a result of the violation; or (B) statutory damages of whichever is the greater of $ 100 a day for each day of violation or $ 10,000. (d) Defense. A good faith reliance on-- (1) a court warrant or order, a grand jury subpoena, a legislative authorization, or a statutory authorization; (2) a request of an investigative or law enforcement officer under section 2518(7) of this title; or (3) a good faith determination that section 2511(3) of this title permitted the conduct complained of; is a complete defense against any civil or criminal action brought under this chapter or any other law. (e) Limitation. A civil action under this section may not be commenced later than two years after the date upon which the claimant first has a reasonable opportunity to discover the violation. Sec. 2521. Injunction against illegal interception Whenever it shall appear that any person is engaged or is about to engage in any act which constitutes or will constitute a felony violation of this chapter, the Attorney General may initiate a civil action in a district court of the United States to enjoin such violation. The court shall proceed as soon as practicable to the hearing and determination of such an action, and may, at any time before final determination, enter such a restraining order or prohibition, or take such other action, as is warranted to prevent a continuing and substantial injury to the United States or to any person or class of persons for whose protection the action is brought. A proceeding under this section is governed by the Federal Rules of Civil Procedure, except that, if an indictment has been returned against the respondent, discovery is governed by the Federal Rules of Criminal Procedure. CHAPTER 121. STORED WIRE AND ELECTRONIC COMMUNICATIONS AND TRANSACTIONAL RECORDS ACCESS Sec. 2701. Unlawful access to stored communications (a) Offense. Except as provided in subsection (c) of this section whoever-- (1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility; and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system shall be punished as provided in subsection (b) of this section. (b) Punishment. The punishment for an offense under subsection (a) of this section is-- (1) if the offense is committed for purposes of commercial advantage, malicious destruction or damage, or private commercial gain-- (A) a fine of not more than $ 250,000 or imprisonment for not more than one year, or both, in the case of a first offense under this subparagraph; and (B) a fine under this title or imprisonment for not more than two years, or both, for any subsequent offense under this subparagraph; and (2) a fine of not more than $ 5,000 or imprisonment for not more than six months, or both, in any other case. (c) Exceptions. Subsection (a) of this section does not apply with respect to conduct authorized-- (1) by the person or entity providing a wire or electronic communications service; (2) by a user of that service with respect to a communication of or intended for that user; or (3) in section 2703, 2704 or 2518 of this title. Sec. 2702. Disclosure of contents (a) Prohibitions. Except as provided in subsection (b)-- (1) a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service; and (2) a person or entity providing remote computing service to the public shall not knowingly divulge to any person or entity the contents of any communication which is carried or maintained on that service-- (A) on behalf of, and received by means of electronic transmission from (or created by means of computer processing of communications received by means of electronic transmission from), a subscriber or customer of such service; and (B) solely for the purpose of providing storage or computer processing services to such subscriber or customer, if the provider is not authorized to access the contents of any such communications for purposes of providing any services other than storage or computer processing. (b) Exceptions. A person or entity may divulge the contents of a communication-- (1) to an addressee or intended recipient of such communication or an agent of such addressee or intended recipient; (2) as otherwise authorized in section 2517, 2511(2)(a), or 2703 of this title; (3) with the lawful consent of the originator or an addressee or intended recipient of such communication, or the subscriber in the case of remote computing service; (4) to a person employed or authorized or whose facilities are used to forward such communication to its destination; (5) as may be necessarily incident to the rendition of the service or to the protection of the rights or property of the provider of that service; or (6) to a law enforcement agency, if such contents-- (A) were inadvertently obtained by the service provider; and (B) appear to pertain to the commission of a crime. Sec. 2704. Backup preservation (a) Backup preservation. (1) A governmental entity acting under section 2703(b)(2) may include in its subpoena or court order a requirement that the service provider to whom the request is directed create a backup copy of the contents of the electronic communications sought in order to preserve those communications. Without notifying the subscriber or customer of such subpoena or court order, such service provider shall create such backup copy as soon as practicable consistent with its regular business practices and shall confirm to the governmental entity that such backup copy has been made. Such backup copy shall be created within two business days after receipt by the service provider of the subpoena or court order. (2) Notice to the subscriber or customer shall be made by the governmental entity within three days after receipt of such confirmation, unless such notice is delayed pursuant to section 2705(a). (3) The service provider shall not destroy such backup copy until the later of-- (A) the delivery of the information; or (B) the resolution of any proceedings (including appeals of any proceeding) concerning the government's subpoena or court order. (4) The service provider shall release such backup copy to the requesting governmental entity no sooner than fourteen days after the governmental entity's notice to the subscriber or customer if such service provider-- (A) has not received notice from the subscriber or customer that the subscriber or customer has challenged the governmental entity's request; and (B) has not initiated proceedings to challenge the request of the governmental entity. (5) A governmental entity may seek to require the creation of a backup copy under subsection (a)(1) of this section if in its sole discretion such entity determines that there is reason to believe that notification under section 2703 of this title of the existence of the subpoena or court order may result in destruction of or tampering with evidence. This determination is not subject to challenge by the subscriber or customer or service provider. (b) Customer challenges. (1) Within fourteen days after notice by the governmental entity to the subscriber or customer under subsection (a)(2) of this section, such subscriber or customer may file a motion to quash such subpoena or vacate such court order, with copies served upon the governmental entity and with written notice of such challenge to the service provider. A motion to vacate a court order shall be filed in the court which issued such order. A motion to quash a subpoena shall be filed in the appropriate United States district court or State court. Such motion or application shall contain an affidavit or sworn statement-- (A) stating that the applicant is a customer or subscriber to the service from which the contents of electronic communications maintained for him have been sought; and (B) stating the applicant's reasons for believing that the records sought are not relevant to a legitimate law enforcement inquiry or that there has not been substantial compliance with the provisions of this chapter in some other respect. (2) Service shall be made under this section upon a governmental entity by delivering or mailing by registered or certified mail a copy of the papers to the person, office, or department specified in the notice which the customer has received pursuant to this chapter. For the purposes of this section, the term "delivery" has the meaning given that term in the Federal Rules of Civil Procedure. (3) If the court finds that the customer has complied with paragraphs (1) and (2) of this subsection, the court shall order the governmental entity to file a sworn response, which may be filed in camera if the governmental entity includes in its response the reasons which make in camera review appropriate. If the court is unable to determine the motion or application on the basis of the parties' initial allegations and response, the court may conduct such additional proceedings as it deems appropriate. All such proceedings shall be completed and the motion or application decided as soon as practicable after the filing of the governmental entity's response. (4) If the court finds that the applicant is not the subscriber or customer for whom the communications sought by the governmental entity are maintained, or that there is a reason to believe that the law enforcement inquiry is legitimate and that the communications sought are relevant to that inquiry, it shall deny the motion or application and order such process enforced. If the court finds that the applicant is the subscriber or customer for whom the communications sought by the governmental entity are maintained, and that there is not a reason to believe that the communications sought are relevant to a legitimate law enforcement inquiry, or that there has not been substantial compliance with the provisions of this chapter, it shall order the process quashed. (5) A court order denying a motion or application under this section shall not be deemed a final order and no interlocutory appeal may be taken therefrom by the customer. Sec. 2705. Delayed notice (a) Delay of notification. (1) A governmental entity acting under section 2703(b) of this title may-- (A) where a court order is sought, include in the application a request, which the court shall grant, for an order delaying the notification required under section 2703(b) of this title for a period not to exceed ninety days, if the court determines that there is reason to believe that notification of the existence of the court order may have an adverse result described in paragraph (2) of this subsection; or (B) where an administrative subpoena authorized by a Federal or State statute or a Federal or State grand jury subpoena is obtained, delay the notification required under section 2703(b) of this title for a period not to exceed ninety days upon the execution of a written certification of a supervisory official that there is reason to believe that notification of the existence of the subpoena may have an adverse result described in paragraph (2) of this subsection. (2) An adverse result for the purposes of paragraph (1) of this subsection is-- (A) endangering the life or physical safety of an individual; (B) flight from prosecution; (C) destruction of or tampering with evidence; (D) intimidation of potential witnesses; or (E) otherwise seriously jeopardizing an investigation or unduly delaying a trial. (3) The governmental entity shall maintain a true copy of certification under paragraph (1)(B). (4) Extensions of the delay of notification provided in section 2703 of up to ninety days each may be granted by the court upon application, or by certification by a governmental entity, but only in accordance with subsection (b) of this section. (5) Upon expiration of the period of delay of notification under paragraph (1) or (4) of this subsection, the governmental entity shall serve upon, or deliver by registered or first-class mail to, the customer or subscriber a copy of the process or request together with notice that-- (A) states with reasonable specificity the nature of the law enforcement inquiry; and (B) informs such customer or subscriber-- (i) that information maintained for such customer or subscriber by the service provider named in such process or request was supplied to or requested by that governmental authority and the date on which the supplying or request took place; (ii) that notification of such customer or subscriber was delayed; (iii) what governmental entity or court made the certification or determination pursuant to which that delay was made; and (iv) which provision of this chapter allowed such delay. (6) As used in this subsection, the term "supervisory official" means the investigative agent in charge or assistant investigative agent in charge or an equivalent of an investigating agency's headquarters or regional office, or the chief prosecuting attorney or the first assistant prosecuting attorney or an equivalent of a prosecuting attorney's headquarters or regional office. (b) Preclusion of notice to subject of governmental access. A governmental entity acting under section 2703, when it is not required to notify the subscriber or customer under section 2703(b)(1), or to the extent that it may delay such notice pursuant to subsection (a) of this section, may apply to a court for an order commanding a provider of electronic communications service or remote computing service to whom a warrant, subpoena, or court order is directed, for such period as the court deems appropriate, not to notify any other person of the existence of the warrant, subpoena, or court order. The court shall enter such an order if it determines that there is reason to believe that notification of the existence of the warrant, subpoena, or court order will result in-- (1) endangering the life or physical safety of an individual; (2) flight from prosecution; (3) destruction of or tampering with evidence; (4) intimidation of potential witnesses; or (5) otherwise seriously jeopardizing an investigation or unduly delaying a trial. Sec. 2706. Cost reimbursement (a) Payment. Except as otherwise provided in subsection (c), a governmental entity obtaining the contents of communications, records, or other information under section 2702, 2703, or 2704 of this title shall pay to the person or entity assembling or providing such information a fee for reimbursement for such costs as are reasonably necessary and which have been directly incurred in searching for, assembling, reproducing, or otherwise providing such information. Such reimbursable costs shall include any costs due to necessary disruption of normal operations of any electronic communication service or remote computing service in which such information may be stored. (b) Amount. The amount of the fee provided by subsection (a) shall be as mutually agreed by the governmental entity and the person or entity providing the information, or, in the absence of agreement, shall be as determined by the court which issued the order for production of such information (or the court before which a criminal prosecution relating to such information would be brought, if no court order was issued for production of the information). (c) Exception. The requirement of subsection (a) of this section does not apply with respect to records or other information maintained by a communications common carrier that relate to telephone toll records and telephone listings obtained under section 2703 of this title. The court may, however, order a payment as described in subsection (a) if the court determines the information required is unusually voluminous in nature or otherwise caused an undue burden on the provider. Sec. 2707. Civil action (a) Cause of action. Except as provided in section 2703(e), any provider of electronic communication service, subscriber, or customer aggrieved by any violation of this chapter in which the conduct constituting the violation is engaged in with a knowing or intentional state of mind may, in a civil action, recover from the person or entity which engaged in that violation such relief as may be appropriate. (b) Relief. In a civil action under this section, appropriate relief includes-- (1) such preliminary and other equitable or declaratory relief as may be appropriate; (2) damages under subsection (c); and (3) a reasonable attorney's fee and other litigation costs reasonably incurred. (c) Damages. The court may assess as damages in a civil action under this section the sum of the actual damages suffered by the plaintiff and any profits made by the violator as a result of the violation, but in no case shall a person entitled to recover receive less than the sum of $ 1,000. (d) Defense. A good faith reliance on-- (1) a court warrant or order, a grand jury subpoena, a legislative authorization, or a statutory authorization; (2) a request of an investigative or law enforcement officer under section 2518(7) of this title; or (3) a good faith determination that section 2511(3) of this title permitted the conduct complained of; is a complete defense to any civil or criminal action brought under this chapter or any other law. (e) Limitation. A civil action under this section may not be commenced later than two years after the date upon which the claimant first discovered or had a reasonable opportunity to discover the violation. Sec. 2708. Exclusivity of remedies The remedies and sanctions described in this chapter are the only judicial remedies and sanctions for nonconstitutional violations of this chapter. Sec. 2709. Counterintelligence access to telephone toll and transactional records (a) Duty to provide. A wire or electronic communication service provider shall comply with a request for subscriber information and toll billing records information, or electronic communication transactional records in its custody or possession made by the Director of the Federal Bureau of Investigation under subsection (b) of this section. (b) Required certification. The Director of the Federal Bureau of Investigation (or an individual within the Federal Bureau of Investigation designated for this purpose by the Director) may request any such information and records if the Director (or the Director's designee) certifies in writing to the wire or electronic communication service provider to which the request is made that-- (1) the information sought is relevant to an authorized foreign counterintelligence investigation; and (2) there are specific and articulable facts giving reason to believe that the person or entity to whom the information sought pertains is a foreign power or an agent of a foreign power as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801). (c) Prohibition of certain disclosure. No wire or electronic communication service provider, or officer, employee, or agent thereof, shall disclose to any person that the Federal Bureau of Investigation has sought or obtained access to information or records under this section. (d) Dissemination by bureau. The Federal Bureau of Investigation may disseminate information and records obtained under this section only as provided in guidelines approved by the Attorney General for foreign intelligence collection and foreign counterintelligence investigations conducted by the Federal Bureau of Investigation, and, with respect to dissemination to an agency of the United States, only if such information is clearly relevant to the authorized responsibilities of such agency. (e) Requirement that certain Congressional bodies be informed. On a semiannual basis the Director of the Federal Bureau of Investigation shall fully inform the Permanent Select Committee on Intelligence of the House of Representatives and the Select Committee on Intelligence of the Senate concerning all requests made under subsection (b) of this section. Sec. 2710. Wrongful disclosure of video tape rental or sale records (a) Definitions. For purposes of this section-- (1) the term "consumer" means any renter, purchaser, or subscriber of goods or services from a video tape service provider; (2) the term "ordinary course of business" means only debt collection activities, order fulfillment, request processing, and the transfer of ownership; (3) the term "personally identifiable information" includes information which identifies a person as having requested or obtained specific video materials or services from a video tape service provider; and (4) the term "video tape service provider" means any person, engaged in the business, in or affecting interstate or foreign commerce, of rental, sale, or delivery of prerecorded video cassette tapes or similar audio visual materials, or any person or other entity to whom a disclosure is made under subparagraph (D) or (E) of subsection (b)(2), but only with respect to the information contained in the disclosure. (b) Video tape rental and sale records. (1) A video tape service provider who knowingly discloses, to any person, personally identifiable information concerning any consumer of such provider shall be liable to the aggrieved person for the relief provided in subsection (d). (2) A video tape service provider may disclose personally identifiable information concerning any consumer-- (A) to the consumer; (B) to any person with the informed, written consent of the consumer given at the time the disclosure is sought; (C) to a law enforcement agency pursuant to a warrant issued under the Federal Rules of Criminal Procedure, an equivalent State warrant, a grand jury subpoena, or a court order; (D) to any person if the disclosure is solely of the names and addresses of consumers and if-- (i) the video tape service provider has provided the consumer with the opportunity, in a clear and conspicuous manner, to prohibit such disclosure; and (ii) the disclosure does not identify the title, description, or subject matter of any video tapes or other audio visual material; however, the subject matter of such materials may be disclosed if the disclosure is for the exclusive use of marketing goods and services directly to the consumer; (E) to any person if the disclosure is incident to the ordinary course of business of the video tape service provider; or (F) pursuant to a court order, in a civil proceeding upon a showing of compelling need for the information that cannot be accommodated by any other means, if-- (i) the consumer is given reasonable notice, by the person seeking the disclosure, of the court proceeding relevant to the issuance of the court order; and (ii) the consumer is afforded the opportunity to appear and contest the claim of the person seeking the disclosure. If an order is granted pursuant to subparagraph (C) or (F), the court shall impose appropriate safeguards against unauthorized disclosure. (3) Court orders authorizing disclosure under subparagraph (C) shall issue only with prior notice to the consumer and only if the law enforcement agency shows that there is probable cause to believe that the records or other information sought are relevant to a legitimate law enforcement inquiry. In the case of a State government authority, such a court order shall not issue if prohibited by the law of such State. A court issuing an order pursuant to this section, on a motion made promptly by the video tape service provider, may quash or modify such order if the information or records requested are unreasonably voluminous in nature or if compliance with such order otherwise would cause an unreasonable burden on such provider. (c) Civil action. (1) Any person aggrieved by any act of a person in violation of this section may bring a civil action in a United States district court. (2) The court may award-- (A) actual damages but not less than liquidated damages in an amount of $ 2,500; (B) punitive damages; (C) reasonable attorneys' fees and other litigation costs reasonably incurred; and (D) such other preliminary and equitable relief as the court determines to be appropriate. (3) No action may be brought under this subsection unless such action is begun within 2 years from the date of the act complained of or the date of discovery. (4) No liability shall result from lawful disclosure permitted by this section. (d) Personally identifiable information. Personally identifiable information obtained in any manner other than as provided in this section shall not be received in evidence in any trial, hearing, arbitration, or other proceeding in or before any court, grand jury, department, officer, agency, regulatory body, legislative committee, or other authority of the United States, a State, or a political subdivision of a State. (e) Destruction of old records. A person subject to this section shall destroy personally identifiable information as soon as practicable, but no later than one year from the date the information is no longer necessary for the purpose for which it was collected and there are no pending requests or orders for access to such information under subsection (b)(2) or (c)(2) or pursuant to a court order. (f) Preemption. The provisions of this section preempt only the provisions of State or local law that require disclosure prohibited by this section. Sec. 2711. Definitions for chapter As used in this chapter-- (1) the terms defined in section 2510 of this title have, respectively, the definitions given such terms in that section; and (2) the term "remote computing service" means the provision to the public of computer storage or processing services by means of an electronic communications system. TITLE 18. CRIMES AND CRIMINAL PROCEDURE PART II. CRIMINAL PROCEDURE CHAPTER 206. PEN REGISTERS AND TRAP AND TRACE DEVICES Sec. 3121. General prohibition on pen register and trap and trace device use; exception (a) In general. Except as provided in this section, no person may install or use a pen register or a trap and trace device without first obtaining a court order under section 3123 of this title or under the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.). (b) Exception. The prohibition of subsection (a) does not apply with respect to the use of a pen register or a trap and trace device by a provider of electronic or wire communication service-- (1) relating to the operation, maintenance, and testing of a wire or electronic communication service or to the protection of the rights or property of such provider, or to the protection of users of that service from abuse of service or unlawful use of service; or (2) to record the fact that a wire or electronic communication was initiated or completed in order to protect such provider, another provider furnishing service toward the completion of the wire communication, or a user of that service, from fraudulent, unlawful or abusive use of service; or (3) where the consent of the user of that service has been obtained. (c) Penalty. Whoever knowingly violates subsection (a) shall be fined under this title or imprisoned not more than one year, or both. Sec. 3122. Application for an order for a pen register or a trap and trace device (a) Application. (1) An attorney for the Government may make application for an order or an extension of an order under section 3123 of this title authorizing or approving the installation and use of a pen register or a trap and trace device under this chapter, in writing under oath or equivalent affirmation, to a court of competent jurisdiction. (2) Unless prohibited by State law, a State investigative or law enforcement officer may make application for an order or an extension of an order under section 3123 of this title authorizing or approving the installation and use of a pen register or a trap and trace device under this chapter, in writing under oath or equivalent affirmation, to a court of competent jurisdiction of such State. (b) Contents of application. An application under subsection (a) of this section shall include-- (1) the identity of the attorney for the Government or the State law enforcement or investigative officer making the application and the identity of the law enforcement agency conducting the investigation; and (2) a certification by the applicant that the information likely to be obtained is relevant to an ongoing criminal investigation being conducted by that agency. Sec. 3123. Issuance of an order for a pen register or a trap and trace device (a) In general. Upon an application made under section 3122 of this title, the court shall enter an ex parte order authorizing the installation and use of a pen register or a trap and trace device within the jurisdiction of the court if the court finds that the attorney for the Government or the State law enforcement or investigative officer has certified to the court that the information likely to be obtained by such installation and use is relevant to an ongoing criminal investigation. (b) Contents of order. An order issued under this section-- (1) shall specify-- (A) the identity, if known, of the person to whom is leased or in whose name is listed the telephone line to which the pen register or trap and trace device is to be attached; (B) the identity, if known, of the person who is the subject of the criminal investigation; (C) the number and, if known, physical location of the telephone line to which the pen register or trap and trace device is to be attached and, in the case of a trap and trace device, the geographic limits of the trap and trace order; and (D) a statement of the offense to which the information likely to be obtained by the pen register or trap and trace device relates; and (2) shall direct, upon the request of the applicant, the furnishing of information, facilities, and technical assistance necessary to accomplish the installation of the pen register or trap and trace device under section 3124 of this title. (c) Time period and extensions. (1) An order issued under this section shall authorize the installation and use of a pen register or a trap and trace device for a period not to exceed sixty days. (2) Extensions of such an order may be granted, but only upon an application for an order under section 3122 of this title and upon the judicial finding required by subsection (a) of this section. The period of extension shall be for a period not to exceed sixty days. (d) Nondisclosure of existence of pen register or a trap and trace device. An order authorizing or approving the installation and use of a pen register or a trap and trace device shall direct that-- (1) the order be sealed until otherwise ordered by the court; and (2) the person owning or leasing the line to which the pen register or a trap and trace device is attached, or who has been ordered by the court to provide assistance to the applicant, not disclose the existence of the pen register or trap and trace device or the existence of the investigation to the listed subscriber, or to any other person, unless or until otherwise ordered by the court. Sec. 3124. Assistance in installation and use of a pen register or a trap and trace device (a) Pen registers. Upon the request of an attorney for the government or an officer of a law enforcement agency authorized to install and use a pen register under this chapter, a provider of wire or electronic communication service, landlord, custodian, or other person shall furnish such investigative or law enforcement officer forthwith all information, facilities, and technical assistance necessary to accomplish the installation of the pen register unobtrusively and with a minimum of interference with the services that the person so ordered by the court accords the party with respect to whom the installation and use is to take place, if such assistance is directed by a court order as provided in section 3123(b)(2) of this title. (b) Trap and trace device. Upon the request of an attorney for the Government or an officer of a law enforcement agency authorized to receive the results of a trap and trace device under this chapter, a provider of a wire or electronic communication service, landlord, custodian, or other person shall install such device forthwith on the appropriate line and shall furnish such investigative or law enforcement officer all additional information, facilities and technical assistance including installation and operation of the device unobtrusively and with a minimum of interference with the services that the person so ordered by the court accords the party with respect to whom the installation and use is to take place, if such installation and assistance is directed by a court order as provided in section 3123(b)(2) of this title. Unless otherwise ordered by the court, the results of the trap and trace device shall be furnished, pursuant to section 3123(b) or section 3125 of this title, to the officer of a law enforcement agency, designated in the court order, at reasonable intervals during regular business hours for the duration of the order. (c) Compensation. A provider of a wire or electronic communication service, landlord, custodian, or other person who furnishes facilities or technical assistance pursuant to this section shall be reasonably compensated for such reasonable expenses incurred in providing such facilities and assistance. (d) No cause of action against a provider disclosing information under this chapter. No cause of action shall lie in any court against any provider of a wire or electronic communication service, its officers, employees, agents, or other specified persons for providing information, facilities, or assistance in accordance with the terms of a court order under this chapter or request pursuant to section 3125 of this title. (e) Defense. A good faith reliance on a court order under this chapter, a request pursuant to section 3125 of this title, a legislative authorization, or a statutory authorization is a complete defense against any civil or criminal action brought under this chapter or any other law. Sec. 3125. Emergency pen register and trap and trace device installation (a) Notwithstanding any other provision of this chapter, any investigative or law enforcement officer, specially designated by the Attorney General, the Deputy Attorney General, the Associate Attorney General, any Assistant Attorney General, any acting Assistant Attorney General, or any Deputy Assistant Attorney General, or by the principal prosecuting attorney of any State or subdivision thereof acting pursuant to a statute of that State, who reasonably determines that-- (1) an emergency situation exists that involves-- (A) immediate danger of death or serious bodily injury to any person; or (B) conspiratorial activities characteristic of organized crime, that requires the installation and use of a pen register or a trap and trace device before an order authorizing such installation and use can, with due diligence, be obtained, and (2) there are grounds upon which an order could be entered under this chapter to authorize such installation and use "may have installed and use a pen register or trap and trace device if, within forty-eight hours after the installation has occurred, or begins to occur, an order approving the installation or use is issued in accordance with section 3123 of this title." (b) In the absence of an authorizing order, such use shall immediately terminate when the information sought is obtained, when the application for the order is denied or when forty-eight hours have lapsed since the installation of the pen register or trap and trace device, whichever is earlier. (c) The knowing installation or use by any investigative or law enforcement officer of a pen register or trap and trace device pursuant to subsection (a) without application for the authorizing order within forty-eight hours of the installation shall constitute a violation of this chapter. (d) A provider for a wire or electronic service, landlord, custodian, or other person who furnished facilities or technical assistance pursuant to this section shall be reasonably compensated for such reasonable expenses incurred in providing such facilities and assistance. Sec. 3126. Reports concerning pen registers and trap and trace devices The Attorney General shall annually report to Congress on the number of pen register orders and orders for trap and trace devices applied for by law enforcement agencies of the Department of Justice. Sec. 3127. Definitions for chapter As used in this chapter-- (1) the terms "wire communication", "electronic communication", and "electronic communication service" have the meanings set forth for such terms in section 2510 of this title; (2) the term "court of competent jurisdiction" means-- (A) a district court of the United States (including a magistrate of such a court) or a United States Court of Appeals; or (B) a court of general criminal jurisdiction of a State authorized by the law of that State to enter orders authorizing the use of a pen register or a trap and trace device; (3) the term "pen register" means a device which records or decodes electronic or other impulses which identify the numbers dialed or otherwise transmitted on the telephone line to which such device is attached, but such term does not include any device used by a provider or customer of a wire or electronic communication service for billing, or recording as an incident to billing, for communications services provided by such provider or any device used by a provider or customer of a wire communication service for cost accounting or other like purposes in the ordinary course of its business; (4) the term "trap and trace device" means a device which captures the incoming electronic or other impulses which identify the originating number of an instrument or device from which a wire or electronic communication was transmitted; (5) the term "attorney for the Government" has the meaning given such term for the purposes of the Federal Rules of Criminal Procedure; and (6) the term "State" means a State, the District of Columbia, Puerto Rico, and any other possession or territory of the United States. From Hastings at courier8.aero.org Mon Oct 4 13:49:08 1993 From: Hastings at courier8.aero.org (Hastings at courier8.aero.org) Date: Mon, 4 Oct 93 13:49:08 PDT Subject: L.A. Times Sunday Column One Message-ID: <000848FB.MAI*Hastings@courier8.aero.org> Sunday, October 3, 1993 Los Angeles Times Front Page Column One: Headline: DEMANDING THE ABILITY TO SNOOP Afraid new technology may foil eavesdropping efforts, U.S. officials want phone and computer users to adopt the same privacy code. The government would hold the only key. by Robert Lee Hotz Times Science Writer The article covers PGP, Skipjack in graphic detail (picture of Mykotronix chip), the growth in dossiers and information requests from the Federal Crime Info Center, and all our pet issues. This and a related article take up more than a full page. Eric Hughes is quoted. My mail inbox was crammed full, so I may have missed it before. If not, whoop, there it is. Kent - From exabyte!smtplink!mikej at uunet.UU.NET Mon Oct 4 14:14:46 1993 From: exabyte!smtplink!mikej at uunet.UU.NET (Mike Johnson) Date: Mon, 4 Oct 93 14:14:46 PDT Subject: POISON PILL Message-ID: <9309047497.AA749770184@smtplink.exabyte.com> >> Something else you can do is use a cipher which takes two input streams >> and merges them into the one file, with one key extracting the 'harmless' >> information and another extracting the 'harmfull' information. >AFAIK, the only way to do this is with a Vernam OTP. You have a key file (A) >the same length as your real data (B) -- encrypt the data by XOR to get (C). >Then you take an innocent text (D) and XOR with (C) to get an alleged key >file (E). You hide (A) someplace, destroy (B) and (D). Leave (C) around and >put up just enough resistence in letting folks have (E). >Does anyone know a simpler way? I'm willing to bet that it can be proved >that the key would have to be at least 1/8 the length of the message in order >for this to work but I don't know of any schemes using less than the message >length to do it. Yes. Make "noise addition" (really multiplexing) part of the cipher. You could throw away every other bit based on the parity of the key. The ciphertext would be twice as big, but if you compressed both plain text streams first, this effect might not be very obvious. Of course, if your encryption program were disassembled, you might be found out... From cme at ellisun.sw.stratus.com Mon Oct 4 14:19:07 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 4 Oct 93 14:19:07 PDT Subject: Triple DES products hitting market Message-ID: <9310042115.AA15693@ellisun.sw.stratus.com> poor writing. It uses 112 bits of key E(k1, D(k2, E(k1, x ) ) ) and they use CFB(1) mode around an ECB triple-DES, using their own silicon which runs triple-DES at least 2M encryptions/sec. (I called earlier today to get the info.) - Carl From karn at qualcomm.com Mon Oct 4 14:19:44 1993 From: karn at qualcomm.com (Phil Karn) Date: Mon, 4 Oct 93 14:19:44 PDT Subject: 2-part LA Times story Message-ID: <9310042117.AA06240@servo> I'm surprised no one has yet mentioned the *large* 2-part story that appeared starting yesterday (Sunday October 3) in the LA Times. It appeared in the top of column 1 on page 1 with the title "Demanding the Ability to Snoop". It deals primarily with Clipper, with sidebars on the FBI Digital Telephony stuff. Monday's article also appears in column 1 of page 1, but at the bottom. It is titled "Computer Code's Security Worries Privacy Watchdogs" and it begins with a quote from Mykotronix's president commenting on how he felt about the Internet message carrying stuff found in his garbage. The article is primarily about Mykotronix's involvement with Clipper. Inside is a sidebar on Dorothy Denning, complete with photograph suitable for a dartboard. It is *really* becoming a challenge to keep up with all the media coverage lately! Phil From pcw at access.digex.net Mon Oct 4 14:24:45 1993 From: pcw at access.digex.net (Peter Wayner) Date: Mon, 4 Oct 93 14:24:45 PDT Subject: Who's Most Receptive to Our Message? Message-ID: <199310042122.AA00109@access.digex.net> I'm pretty sure that there was a NPR reporter at the CSSPAB meetings. He brought a tapedeck and taped interviews with people like Steve Walker. -Peter Wayner From cme at ellisun.sw.stratus.com Mon Oct 4 14:24:51 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 4 Oct 93 14:24:51 PDT Subject: multiple-file encryption Message-ID: <9310042122.AA15704@ellisun.sw.stratus.com> >Date: Mon, 04 Oct 93 14:29:44 MDT >From: "Mike Johnson" >Message-Id: <9309047497.AA749770184 at smtplink.exabyte.com> >Subject: Re[2]: POISON PILL >Yes. Make "noise addition" (really multiplexing) part of the cipher. You >could throw away every other bit based on the parity of the key. The >ciphertext would be twice as big, but if you compressed both plain text >streams first, this effect might not be very obvious. Of course, if your >encryption program were disassembled, you might be found out... Yup -- I was assuming no padding. If you allow padding, I already have a secret-key cipher which uses random padding in order to frustrate known-plaintext attacks. My favorite method uses a key to initialize a PRNG whose output gives the number of bytes of each stream to put in the output stream -- then encipher the PRNG key followed by the multiplexed stream. One of the streams being multiplexed (and there can be a huge number, if you're encrypting an archive, for example) can and should be random -- so that if you make a small change and re-encrypt, you don't end up with cribs. For this purpose, you'd need to have several files hanging around your machine of random numbers yet to be used for padding. Meanwhile, I have several files of random numbers which I keep around for running simulations. My favorite random number generator is compress - please unsubscribe jhall at lambda.msfc.nasa.gov From hughes at ah.com Mon Oct 4 15:44:46 1993 From: hughes at ah.com (Eric Hughes) Date: Mon, 4 Oct 93 15:44:46 PDT Subject: damn fine compression.... In-Reply-To: <01H3PUSO34SI95MTA1@UIHEPA.HEP.UIUC.EDU> Message-ID: <9310042230.AA12592@ah.com> Read README.DOWNLOAD in the pub/cypherpunks directory. Eric From ld231782 at longs.lance.colostate.edu Mon Oct 4 16:59:08 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 4 Oct 93 16:59:08 PDT Subject: German writer seeks simple RSA numerical example (fwd) Message-ID: <9310042357.AA01088@longs.lance.colostate.edu> actually, something like this should be in a FAQ. but please help him out. ===cut=here=== Date: Mon, 4 Oct 93 02:10:36 CET From: simons at peti.GUN.de (Peter Simons) Subject: RSA exmaples required I'm authoring an article for a german computer magazine about PGP and the RSA public key scheme and I'd like to include an exmaple for my mathematical explaination. The problem is, that both factors have to be quite large to get nice examples. p = 5 q = 7 xy = 4*6+1 = 25 x=5 y=5 You see, with smaller factors, x and y are equal or 1 and xy. But a larger set of factors would require a serious amount of calculations. :-)) So, does somebody have a nice example for the RSA algorithm ready?? bye, Peter - ----- Peter Simons, Germany Bye's First Law of Model Railroading: Anytime you wish to demonstrate something, the number of faults is proportional to the number of viewers. From warlord at MIT.EDU Mon Oct 4 17:19:08 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Mon, 4 Oct 93 17:19:08 PDT Subject: German writer seeks simple RSA numerical example (fwd) In-Reply-To: <9310042357.AA01088@longs.lance.colostate.edu> Message-ID: <9310050015.AA20691@oliver.MIT.EDU> I've already sent him an example.... -derek From Martin.Greifer at f28.n125.z1.FIDONET.ORG Mon Oct 4 18:19:07 1993 From: Martin.Greifer at f28.n125.z1.FIDONET.ORG (Martin Greifer) Date: Mon, 4 Oct 93 18:19:07 PDT Subject: ... Message-ID: <3245.2CB0A6D8@shelter.FIDONET.ORG> Uu> -----BEGIN PGP MESSAGE----- Uu> Version: 2.3a Sorry. Mistaken netmail packet upload. My fault. MG ___ Blue Wave/QWK v2.12 -- Martin Greifer - via FidoNet node 1:125/1 UUCP: ...!uunet!kumr!shelter!28!Martin.Greifer INTERNET: Martin.Greifer at f28.n125.z1.FIDONET.ORG From an12070 at anon.penet.fi Mon Oct 4 18:34:47 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Mon, 4 Oct 93 18:34:47 PDT Subject: Mycotronix Garbage Message-ID: <9310050132.AA07357@anon.penet.fi> karn at qualcomm.com (Phil Karn) on LA Times article: >Monday's article also appears in column 1 of page 1, but at the >bottom. It is titled "Computer Code's Security Worries Privacy >Watchdogs" and it begins with a quote from Mykotronix's president >commenting on how he felt about the Internet message carrying stuff >found in his garbage. HALLELUJAH! they FINALLY NOTICED! ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From ld231782 at longs.lance.colostate.edu Mon Oct 4 18:54:47 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 4 Oct 93 18:54:47 PDT Subject: EFF GIF file recall notice: is EFF the new CERT? Message-ID: <9310050151.AA05050@longs.lance.colostate.edu> Enclosed, a `GIF file recall' warning from EFF & S. Steele. Ug. Blech. What the heck is EFF doing something like this? This strikes me as promoting hysteria and paranoia over image content and BBS operator liability. I hope Mr. T.C. May will have something eloquent to say about how silly, useless, and damaging this is. Didn't anyone talk to M. Godwin about this?! Is EFF the new CERT? Are we going to have new periodic EFF Pornographic GIF warnings? S. Steele, I think we deserve better. This gets a definite Cypherpunk Razzberry award. (And that will probably be the *least* of the criticism.) Whose idea was this? This reminds me. There is a whole new class of urban legends that are starting. Technology does not mean the eradication of urban legends, it only seems to mean they are propagated faster. Did anyone hear the rumor (now totally debunked) that California police were warning motorists not to blink their lights, because it was a signal to gangs to shoot in an `initation ceremony'? This flashed across the nation in a few days due to well-meaning, but totally indiscriminating, public who transmitted it via email and fax machines. Didn't anyone stop to just say `uh, waitaminit!' They think *we* (cypherpunks) are paranoid, and easily subscribe to conspiracy theories. Hah! The public at large is frighteningly gullible, even *without* the media. In fact, as bad as the media is, it actually has a dampening force to this kind of sheer hysteria. `extraordinary public delusions and the madnesses of crowds'. The trick is to try to get networks to allow urban myths to meet the dampening force faster. Imagine if early in the spread someone authoritative comes on and says `there is no substance to this, and we should know'. ------- Forwarded Message Date: Sun, 3 Oct 1993 12:02:02 -0400 From: farber at central.cis.upenn.edu (David Farber) Subject: Warning re some gif files (from EFF News) ************************************************************ ***VERY IMPORTANT*** Critical Files to Remove from Your BBS ************************************************************ EFF has learned that the following graphic image files have been the subject of a recent federal indictment alleging receipt and possession of child pornography and transportation of obscene materials through interstate commerce. ***EFF STRONGLY ADVISES ALL SYSOPS TO REMOVE THESE FILES FROM THEIR ELECTRONIC BULLETIN BOARD SYSTEMS IMMEDIATELY IN ORDER TO AVOID LEGAL REPERCUSSIONS.*** Please distribute this message widely and quickly. Alleged child pornography files: PPO4 at .GIF FAMO3.GIF CHERRYA.GIF CHERRYB.GIF CHERRYC.GIF WC221501.GIF LITSIS.GIF MBON006.JPG MBON007.JPG DS-X-219.GIF INOCNT.JPG KID013.GIF Alleged adult obscenity files: ORGY6.ZIP (A DL FILE) WC1C2332.GIF BAMS-039.JPG ________________________________________ Shari Steele Director of Legal Services Electronic Frontier Foundation 1001 G Street, NW Suite 950 East Washington, DC 20001 202/347-5400 (voice), 202/393-5509 (fax) ssteele at eff.org ------- End of Forwarded Message From ld231782 at longs.lance.colostate.edu Mon Oct 4 19:04:47 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 4 Oct 93 19:04:47 PDT Subject: PGP mailer integration mailing list announcement Message-ID: <9310050203.AA05340@longs.lance.colostate.edu> ===cut=here=== Subject: PGP Mail Integration Project From: simons at peti.GUN.de (Peter Simons) Date: Son Oct 03, 1993 17:12:04 - -----BEGIN PGP SIGNED MESSAGE----- Anybody interested in the integration of PGP in the "normal" e-mail enviroment (seems to be a lot of people here :->), should subscribe to out PGPMIP mailing list and contribute their ideas there. - - ------8<------------------------------------------------------------------- Pretty Good Privacy -- Mail Integration Project =============================================== An Introduction by Peter Simons Edition 1 Bonn, 14-Sep-93 What is it? - - ----------- Pretty Good(tm) Privacy (PGP), from Phil's Pretty Good Software, is a high security cryptographic software application for MSDOS, Unix, AmigaOS, and other computers. PGP allows people to exchange files or messages with privacy and authentication. Privacy means that only those intended to receive a message can read it. Authentication means that messages that appear to be from a particular person can only have originated from that person. Additionally, no secure channels are needed to exchange keys between users! This is because PGP is based on a powerful new technology called "public key" cryptography. All in all, PGP is a very useful and important program. However it is a little bit...uh... overkill for the average Joe Dow to install this rather complex package, just to encrypt his few e-mail, which are not so private anyway. PGP comes with dozens of options, switches and configuration possibilities, far too many to 'just install and run'. This has prevented many potential users from using PGP for their private mail. Also it is significantly more complicated to encrypt every single outgoing mail and, of course, to decrypt each incoming mail individually. This is what the PGP Mail Integration Project wants to improve. In our opinion man-kind should stay superior and leave the 'dirty-work' to the machines. :-)) Our idea was to integrate PGP, as far as possible, into common UUCP packages so the user needn't be concerned with how PGP itself works. Outgoing or incoming mail should be en-/decrypted automatically and the software should do all the basics of controlling PGP. The mailing list: - - ----------------- What looked like a quite trivial task, that could be managed by a few simple scripts, grew into a full project. Too many cases have to be covered, too many setups have to be recognized, etc, etc... We realized that we'd need quite a number of beta testers and of course a supporting cast of users, contributing ideas and requests, to make PGPMIP fit their needs. If you want to participate in the development of this project or just want to get further information about the project, feel free to contact either myself or any other member of the development team. Additionally, there's a mailing list available which provides the latest information and allows for an on going discussion about the future of the project. Send a message like this TO the list itself to be re-sent to all concerned; To: pgpmip at edex.edu.au Subject: Whatever... Hi pgpmip people, ... A message to the below can be used to sign on and off a list; To: pgpmip-request at edex.edu.au Subject: Whatever... join FirstName LastName pgpmip or leave FirstName LastName pgpmip Note: ADD/SUB/JOIN = join UNSUB/LEAVE = leave Any errors will be, and any problems should be, reported to; To: pgpmip-owner at edex.edu.au Our project concentrates on the Amiga platform, but programmers and users of other operating systems are welcome to contribute, maybe we can expand the project to UNIX, MS-DOS and other platforms. You can find the current version of PGP on aminet in util/crypt/. - - ------8<------------------------------------------------------------------- bye, Peter --------------------------------------------------------------------------- Peter Simons | Usenet: simons at peti.GUN.de | PGP v2.x public key Europaring 20 | CBMNet: simons at peti.adsp.sub.org | available on request 53123 Bonn | Phone: +49 228 746061 | or via GET from almost Germany | CBM: ETG207 | any keyserver. Use it! --------------------------------------------------------------------------- - -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLK8HLA9HL1s0103BAQHXNgQAldTmlNXiPOrGvr6+L9AAMR7VMyfradD6 85iuQCEgS7hzhJoShZn08hFW1ofX7rcjshwfsT+PlCJvmoei8opBmVtUqJPYRqC3 XIDAy9pWhfAc32anT0GncwkYDK4zIuiFGdzOWmWC3yoGaE1z4NNSUkFcjM3vyMf2 q3ddaA/he/E= =fFNy - -----END PGP SIGNATURE----- ------- End of Forwarded Message From charliemerritt at BIX.com Mon Oct 4 19:09:07 1993 From: charliemerritt at BIX.com (charliemerritt at BIX.com) Date: Mon, 4 Oct 93 19:09:07 PDT Subject: Mycotronix garbage Message-ID: <9310042204.memo.37357@BIX.com> I was thinking of sending a *registered* letter to the NSA tech contact. His home address. Was going to ask him if he thought such a company was qualified to handle all of our secrets. Would the escrow agents be the only ones to know, or maybe the trash guys too. QUESTION: is there a legal problem with this? Is there a legal problem with a CC:My congresscritter? I think these jerks *have* violated the most basic security. If the NSA continues to deal with these *fools* then a congressional investigation of NSA is called for. Hey - NSA - got your ears on? You gonna letum get away with it? Still consider these security *idiots* the ones to deal with? From tcmay at netcom.com Mon Oct 4 19:19:07 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 4 Oct 93 19:19:07 PDT Subject: EFF GIF file recall notice: is EFF the new CERT? In-Reply-To: <9310050151.AA05050@longs.lance.colostate.edu> Message-ID: <9310050217.AA10971@netcom5.netcom.com> L. Dettweiler writes: > Ug. Blech. What the heck is EFF doing something like this? This strikes > me as promoting hysteria and paranoia over image content and BBS > operator liability. I hope Mr. T.C. May will have something eloquent to > say about how silly, useless, and damaging this is. Didn't anyone talk > to M. Godwin about this?! Is EFF the new CERT? Are we going to have new > periodic EFF Pornographic GIF warnings? No, I won't say it was silly, useless, or damaging. EFF is just sending out some free legal advice, neither demanding removal of these files nor threating SYSOPS in any way. The EFF didn't make decided the files were obscene (actually, I'm not sure anybody has...and of course my view, which may be L.D. was thinking of, is that no files, no images can be called obscene). I don't have to support the obscenity laws to realize that EFF is doing SYSOPS a favor by notifying them that certain files are very likey to be treated as obscene (and subjecting their boards to seizure, a la several recent cases, including one near me). Do I hear any volunteers to become a test case? -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From trestrab at GVSU.EDU Mon Oct 4 19:29:07 1993 From: trestrab at GVSU.EDU (BETH TRESTRAIL) Date: Mon, 4 Oct 93 19:29:07 PDT Subject: "Reason" mag.article on PK Crypto Message-ID: <9309047497.AA749798732@GVSU.EDU> The Nov 93 "Reason" magazine has a five page article on Public Key Crypto written by Lee Dembart, who "is a longtime journalist, science writer, and editorial writer at The New York Times and the LA Times who has written extensively about computers, mathematics, and public policy. He recently graduated from Stanford Law School." I don't have time to type the whole article in and don't have a scanner, so I'll quote a few paragraphs to give you a taste of his presentation, which I found very good. Given the multiplicitity of current and potentail uses for cryptography, it's not surprising that the Clinton administration provoked a storm of protest last spring when it proposed a standard set of computer codes for telephone calls and computer data. The plan envisions two chips, one called Clipper, for encoding digital telephone signals, and another called Capstone, for digital information from computers. The government would hold the keys to all electronic encryption, and it would split them between tow agencies chosen by the attorney general. Law-enforcement officials would need a search warrant to get access to the codes. Eric Hughes, a computer security expert in Berkeley, CA, observes: "The government is saying, ' If you want to lock something up, you have to [give us] the key.'" An editorial in "Communications Week" observed: "This isn't the first time that the government has proposed an authoritarian scheme that goes after a few people's crimes while stomping on the majority's civil liberties." It is technically illegal to take out of the US versions of some very popular computer programs - including the Norton Utilities, for example. But these efforts have proved largely ineffectual. You can buy a disk containing a good public-key cryptosystem in software stores in Moscow. Here again, the problem is that it is all but impossible to restrict the flow of knowledge. In the era of the Internet, barring people from physically taking information out of the country is no bar at all. Digitized data moves freely by satellite. And when it doesn't, it is virtually impossible to prevent anyone from walking into a software store in the US, buying encrypted software on a floppy disk, and then putting it into a suitcase. Rumors abound that the NSA has built a trap door into the Clipper chip that would enable it to read any messages, with or without a court order. It's hard to say whether this is a legitimate concern. But it's a second example of the government saying, "Trust us." Many people would rather use public-key cryptography, which does not require them to trust anybody or to decide whether the government is trustworthy. Ultimately, it's unlikely the government can prevent the spread of information and knowledge, regardless of what it decides to do. Washington can force government contractors to sue the CLipper chip and not use any other encryption scheme. But as a practical matter, it cannot prevent individuals from using whatever encryption scheme they want. For those who want the strongest encryption possible, RSA public-key cryptography is the system of choice. For better or worse, the genie is out of the bottle. Please excuse the typos, I was in a hurry. Jeff From charliemerritt at BIX.com Mon Oct 4 19:59:07 1993 From: charliemerritt at BIX.com (charliemerritt at BIX.com) Date: Mon, 4 Oct 93 19:59:07 PDT Subject: RSA EXAMPLE Message-ID: <9310042253.memo.37458@BIX.com> cc:simons at peti.GUN.de (peter simons) Dear Peter Simons, In your example P=5 Q=7 you are indeed using small numbers. Dont forget that D*E should equal 1 mod ( (p-1)*(q-1)/G). G=gcd(p-1,q-1) so in your example D*E=1 mod 12. D*E can not have common factors with 12 (2,3,4,6) etc. If E=5 then D=5, a nonsense situation. E=7 D=7 E=11 D=11 your key will not work * * * * * * * Try this: P=5 Q=11 N=55 G=2 (gcd(4,10)=2) (p-1)*(q-1)=40 /G = 20 E=3 D=7 (D*E=21) 21 mod 20 = 1 Good key! Message = 31 31^3=29791 mod 55=36 so cyphertext=36 36^7=78364164096 mod 55 = 31 so recovered message is indeed 31. I hope this helps. Charlie Merritt [charliemerritt at bix.com] From rcooke at conicit.ve Mon Oct 4 20:04:47 1993 From: rcooke at conicit.ve (Robert E. Cooke CCXBBS) Date: Mon, 4 Oct 93 20:04:47 PDT Subject: quit Message-ID: <9310050253.AA25284@dino.conicit.ve> delete unsubscribe From rcooke at conicit.ve Mon Oct 4 20:30:16 1993 From: rcooke at conicit.ve (Robert E. Cooke CCXBBS) Date: Mon, 4 Oct 93 20:30:16 PDT Subject: quit Message-ID: <9310050323.AA03364@dino.conicit.ve> quit delete unsubscribe please From nobody at alumni.cco.caltech.edu Mon Oct 4 20:54:48 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Mon, 4 Oct 93 20:54:48 PDT Subject: Crypto Idea; Multi-Part Sigs Message-ID: <9310050349.AA04200@alumni.cco.caltech.edu> I've been thinking of an idea I've heard kicking around the list somewhat; that of digital pseudonyms and groups of people going by one name; likewise single people going by names that sound like groups. Let's say that three people decide to create a digital identity for themselves, maybe they plan on dealing with Blacknet as a group. So one of the first things they might do after getting together might be to create a pgp keypair with the name of the group on it. But who gets to hold the secret key? Remember they wish to be thought of and treated like a single entity. However they all need to be able to decrypt documents addressed to them, and none of them should be able to sign a document without the consent of the others. Is it possible to produce a set of keys (for example, 3 private 1 public) such that -all three private keys are needed to sign a message from that I.D. and -any of the private keys can decrypt anything encrypted with the single pubkey. The way I see it, three (or more) people could have a joint keyID, and if they wanted to post a message from that ID, the first person would write the message and sign it with his/her segment of the key. She/he would then encrypt with the second member's pubkey and annonymously remail it to #2, who would sign with the second key segment, re-encrypt with #3's pubkey, and send it on to #3, who would sign with the final key segment and anonymously post to the 'Pool'. If a response were posted, all three could read it without depending on the others. Is this possible? In whole or in part? I don't know the math well enough to figure it out myself, sorry if this is an obvious one. Happy Hunting, -Chris ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" "If guns are outlawed, only the government will have guns." -E. Abbey My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 ------------------------------------------------------------------------------ From anonymous at extropia.wimsey.com Mon Oct 4 21:29:47 1993 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Mon, 4 Oct 93 21:29:47 PDT Subject: More Anonymous "Annoyance" Message-ID: <199310050409.AA02605@xtropia> > First of all, the Connecticut case you seem to be referring to is that > of Michael Elansky (Hartford). See Computer Underground Digest for > full details. This was *not* email. He had file downloads and kept > around (uh) "fireworks recipes". I did not say it was e-mail; I said it was _traffic_. The uploading and downloading of files constitutes traffic. > We've got to track down these supposed cases where boards were seized > for content. Elansky was busted for a very juvenile anti-cop rant, according to one news release I read regarding the case. As I remember, this was written by a caller rather than by Elansky. >I consider them minor *anomalies*, and I think a rational > analysis of statistics will bear that out. They are anomalies until they happen to you, at which point they become _major disasters_. For every bust there must be many more cases of harassment. > Turning a board into a > systematic exercise in privacy violation is *not* the proper response > to paranoia about law enforcement seizures. This punishes users for > the misdeeds of overzealous officers. Here's a hot message from the real world. Feel free to print it out and attach it to the bathroom window so that you may save the personal expense of buying a clue: Ultimately: The Law is irrelevant. Right and Wrong are irrelevant. Your "rights" are irrelevant. Ethical niceties are irrelevant. Mishnaic wrangling over gored oxes is irrelevant. Offended high principle is irrelevant. All that is relevant is what _happens_ to you. When the cops show up, you've _already_ lost. I have been watching Law, Office and Power abuse the innocent without remedy my entire life. The future promises more rather than less of this, in not the least of theatres than that of digital information transfer. The Elansky case appears to be nonsense from this remove, something no reasonable Constitutionalist would entertain for five minutes. Despite this, Elansky was held on one half million dollars bail. It is extremely unlikely that he will find remedy, or that his young life will return to normal any time soon. At best, the charges against him will be dropped, after traumatizing his family and exhausting their finances. He cannot win and "law enforcement" cannot lose, however absurd the charges against him actually are. I wonder how many BBSs were shut down, or began rigorously "self-censoring," as a result of the Elansky publicity. Unlike Internet's government and business sites that can hide behind their size, or institutions of Higher Ignorance that can shield themselves behind "academic freedom," the hobbyist BBS is a sitting duck for any ambitious crank with a badge and an axe to grind. A small California network, "NirvanaNet," that features encryption, radical political discussion and "dangerous" text files had their home node visited by the FBI earlier this year and in short order were libeled in the local press in an inflammatory hatchet-piece as (and I quote) "a clearinghouse for crime," despite the fact that no charges were filed nor any criminal activity detected on the part of any individual caller. This harassment is probably more common than we guess. There are a couple of other cases I know of personally. The chilling effect it has is incalculable. At least one NirvanaNet node went off line almost immediately, another moved and there was an apparent inventory made of the filebase with some judicious culling. The effect - ultimately - is that it is safer for a BBS operator to risk violating a caller's rights than to face trouble from the authorities on some fishing expedition. Check it out: Earlier this year, the sysop of a BBS affiliated with an NPR FM station discovered that two users had been using PGP for private messages for some months. Despite the fact that the BBS had never had a policy on encryption, nor had any request been made by the sysop to cease PGP traffic, both callers discovered their accounts deleted without notice, their access denied and all public and private messages ever made to or from either caller erased from the system. After some time, the sysop announced that he felt that PGP was a threat to his BBS (and the radio station) and that he had expelled those users without notice. The traffic, as it turned out, consisted of the development and testing of an e-mail PGP adaptation for QEdit, a popular text editor used in offline reader programs. Much of the work resident in the BBS was destroyed. In the uproar that followed, the panicked sysop secretly distributed forged messages alleged to be from one of the parties, apparently to justify his expulsion. The fascinating thing was that when all of this came to light and the offended parties talked of seeking legal remedy, other sysops with critical knowledge of the affair refused to co-operate, believing that even though the offending sysop was absolutely in the wrong, bringing legal action against him _threatened the BBS community at large_. The message was clear, "Don't make a big _schande_ out of this..." "I don't care if he did lift your wallet, don't call the cops and break up the party." This is the ultimate effect that meritless law enforcement harassment has had on the BBS community. > Don't these Fidonet operators *understand* that by perpetuating the > myth that they are responsible for all traffic on their machines, that > they are actually *playing into* the hands of authorities? they are > *strengthening* the paranoid atmosphere. And in fact I am quite > repulsed by their policies, posted here, that seem to cutely > rationalize systematic invasion of privacy. Yes, they know it, but they also know that, in the minds of most lowbrow law-enforcement personnel, encryption is synonymous with criminal activity. They don't want heat. _When the cops come, you've already lost_. The only question is how badly. These sysops are usually scrimping and saving for a new modem; they can't afford lawyers. _To law enforcement, snooping around the messagebase looking for criminal activity is infinitely more civic-minded and responsible than permitting secure encryption._ Policing your callers shows more good faith (to Constable Bubba) than permitting them terrorist PGP. If it comes down to either having a caller pissed off or having the cops pissed off, the bigger threat is obvious to even a seventeen-year-old Trekkie with zits and a BBS running on his dad's old XT. There may be a theoretical application of the ECPA that suggests a right of some non-paying parasite to use PGP on your personally-owned BBS, but it doesn't seem to account for much compared to a visit from knuckle- dragging local cops responding to a busibody mom's hysterical complaint that her kid is being sucked into a secret ring of computer terrorists who use "spy codes." Everyone from the NSA to the Sacramento County Sheriff's Department has it out for PGP, and the SCSD's public pronouncements and name-calling at Zimmermann no doubt have been filtering down through law enforcement channels to Constable Bubba with the message that PGP is "some computer thing" associated with California child pornography rings. Great. Just what you want on your kid's hobby BBS in small-town Alabama. From magdalen at well.sf.ca.us Mon Oct 4 22:49:47 1993 From: magdalen at well.sf.ca.us (Tiffany Lee Brown) Date: Mon, 4 Oct 93 22:49:47 PDT Subject: unsubscribe Message-ID: <93Oct4.224902pdt.14645-4@well.sf.ca.us> please drop me from the list ... magdalen at well.sf.ca.us .... there's just not enough flaming on the list! (heh). From mnemonic at eff.org Tue Oct 5 05:00:19 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 5 Oct 93 05:00:19 PDT Subject: More Anonymous "Annoyance" In-Reply-To: <199310050409.AA02605@xtropia> Message-ID: <199310051159.AA20241@eff.org> anonymous writes, among other things: > A small California network, "NirvanaNet," that features encryption, > radical political discussion and "dangerous" text files had their home > node visited by the FBI earlier this year and in short order were > libeled in the local press in an inflammatory hatchet-piece as (and I > quote) "a clearinghouse for crime," despite the fact that no charges > were filed nor any criminal activity detected on the part of any > individual caller. > The effect - ultimately - is that it is safer for a BBS operator to risk > violating a caller's rights than to face trouble from the authorities > on some fishing expedition. This posting illustrates the common logic problem behind rationales for e-mail snooping. Note that, according to anonymous, there was no criminal activity detected on this NirvanaNet node. Yet it was still searched. What triggered the search of NirvanaNet seems to have been the unencrypted discussions and text files, not the encrypted or private mail. The notion that e-mail snooping has some kind of magic power to prevent police searches still has no evidence to support it. --Mike From nobody at rosebud.ee.uh.edu Tue Oct 5 05:44:51 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Tue, 5 Oct 93 05:44:51 PDT Subject: criminal gif upload Message-ID: <9310051243.AA02245@toad.com> > ************************************************************ > ***VERY IMPORTANT*** Critical Files to Remove from Your BBS > ************************************************************ fuck that, just point me at them gifs. henh henh hmm hmm hmm. From cdmorgan at mosaic.uncc.edu Tue Oct 5 06:09:11 1993 From: cdmorgan at mosaic.uncc.edu (Charles D Morgan) Date: Tue, 5 Oct 93 06:09:11 PDT Subject: Criminal gif's Message-ID: <9310051305.AA11782@mosaic.uncc.edu> Look around there everywhere In fcat those are not so bad L8r Charles From ssteele at eff.org Tue Oct 5 07:49:09 1993 From: ssteele at eff.org (Shari Steele) Date: Tue, 5 Oct 93 07:49:09 PDT Subject: digital cash Message-ID: <199310051447.AA22472@eff.org> Hey 'punks. Anyone know of an elementary primer on digital cash? I'm trying to get up to speed on this. You can send me private e-mail at ssteele at eff.org. Thanks! Shari From dobrowol at husc.harvard.edu Tue Oct 5 08:09:09 1993 From: dobrowol at husc.harvard.edu (dobrowol at husc.harvard.edu) Date: Tue, 5 Oct 93 08:09:09 PDT Subject: unsub Message-ID: <9310051509.AA23496@husc8.harvard.edu> Please take me off the list. Txanx a lot. From cypher01 at eternity.demon.co.uk Tue Oct 5 08:14:53 1993 From: cypher01 at eternity.demon.co.uk (Russell Earl Whitaker) Date: Tue, 5 Oct 93 08:14:53 PDT Subject: REFERENCE: Data Communications Int'l - August Message-ID: <17858@eternity.demon.co.uk> McGraw Hill's *Data Communications* magazine (int'l edition) of August '93 has a long and informative article on the Clipper issue. Reference: "Clinton's Clipper: Can It Keep a Secret? - The administration's new encryption chip should have been code-named 'Controversy'" by Salvatore Salamone *Data Communications*, August 1993 pp 53-54, 56, 58 Vol. 22, No. 11 ISSN 0363-6399 No mention is made of PGP. However, general DES and RSA are covered in some detail, with some mention made of DSS. Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) Co-organizer, 1st European Conference on Computers, Freedom and Privacy, London, 20 November 1993 From jon at computer-science.paisley.ac.uk Tue Oct 5 08:34:53 1993 From: jon at computer-science.paisley.ac.uk (John Gibb - Computer Centre) Date: Tue, 5 Oct 93 08:34:53 PDT Subject: subscribe please Message-ID: <2102.9310051610@chaos.cs.paisley.ac.uk> subscribe jon at cs.paisley.ac.uk quit (That's if this is NOT an invite only mail list) From ssteele at eff.org Tue Oct 5 08:49:09 1993 From: ssteele at eff.org (Shari Steele) Date: Tue, 5 Oct 93 08:49:09 PDT Subject: EFF GIF file recall notice: is EFF the new CERT? Message-ID: <199310051547.AA23289@eff.org> I included the GIF warning in EFFector Online for unsuspecting BBS operators. Child pornography is not protected speech, and challenging child pornography laws is not currently on EFF's agenda -- but protecting BBS sysops from having their systems seized is. I figured those who sought to challenge the child pornography laws would poo poo the message. I guess I figured right. BTW, before I ran the article, Mike Godwin and I had a discussion about whether the *cops* would be angry, thinking we were obstructing justice. I guess I just can't win! I'd like to request that this discussion be taken off the cypherpunks list, since it is not on point to the list. O.k. by you? Shari From dmandl at lehman.com Tue Oct 5 08:49:53 1993 From: dmandl at lehman.com (David Mandl) Date: Tue, 5 Oct 93 08:49:53 PDT Subject: On Unsubscribing Message-ID: <9310051549.AA26135@disvnm2.lehman.com> I'm certainly not encouraging anyone to unsubscribe, but I'm continually surprised at how many people don't know how to do it. Folks, if you want to send a message to the administrator of any list (this includes subscribes, unsubscribes, address changes, etc.), please don't send it to everyone on the list. The administrator of xxx at yyy.zzz can almost always be found at xxx-request at yyy.zzz. If you don't get an answer right away, please be patient-- don't scream about it to everyone on the list. Most list administrators do it out of the goodness of their hearts, not for pay, and they may not be able to get to it right away. It's funny seeing people who are complaining about the high volume on a list increase that volume with messages that don't belong there. --Dave. From af391 at freenet.carleton.ca Tue Oct 5 11:19:57 1993 From: af391 at freenet.carleton.ca (Peter Hum) Date: Tue, 5 Oct 93 11:19:57 PDT Subject: digital cash Message-ID: <9310051812.AA18298@freenet.carleton.ca> > >Hey 'punks. >Anyone know of an elementary primer on digital cash? I'm trying to get up >to speed on this. You can send me private e-mail at ssteele at eff.org. >Thanks! >Shari > I'm also very slow on this topic, and hope to get faster so as to write about it in a Canadian newspaper. Suggestions? Cheers, -- Peter Hum af391 at Freenet.carleton.ca (613) 596-3761 (voice) (613) 726-1198 (fax) From jpinson at fcdarwin.org.ec Tue Oct 5 11:25:23 1993 From: jpinson at fcdarwin.org.ec (jpinson at fcdarwin.org.ec) Date: Tue, 5 Oct 93 11:25:23 PDT Subject: Need Suggestions for Random Numbers Message-ID: <9310051201.aa27619@pay.pay.ecua.net.ec> Greetings from the Galapagos islands! I am working on a PC implementation of a one-time pad cipher, and am trying to develop a way to produce an "acceptable" random file to be xor'd with the plaintext. I have seen here and elsewhere descriptions of hardware random number generators (Geiger counters measuring random nuclear decay, microphones picking up background hiss etc.), but I need something that can be implemented entirely in software. I recognize that there is probably no "perfect" software solution, but some techniques are better that others. (i.e.: I want to avoid making a REALLY stupid mistake here!) Listed below are a few ideas I have come up with, but I need some feedback from more knowledgeable sources. Any suggestions or comments would be greatly appreciated. If you reply to me directly, I will summarize for the list. Please don't suggest book/journal references that are not accessible via the internet. It would take me about 6 months to order books from here. (Everything I know about the outside world arrives via my Pegasus/KA9Q mailer :-) Also, can anyone recommend a statistical test for randomness, or for detecting repeating patterns in a "random" file? (I remember some years back someone demonstrated the Apple II random number generator was flawed by converting the random numbers to screen coordinates and "painting" the screen. No matter how long you ran the program, certain areas of the screen were never filled in. In other words, certain numbers were never generated.) Thanks in advance for any assistance. Jim Pinson Galapagos Islands, Ecuador. jpinson at fcdarwin.org.ec PGP public key available by finger ----------Possible methods------------ (note: using the Borland C++ compiler) - Generate a random file using Borland's random number generator, then run the output through an encryptor (PGP, DES etc.). Possible variation: running through several different encryptors or multiple passes through a single encryptor. - Generate two random files using different random number generators, then xor'ing the two files together to produce the final file. - Generate a "bunch" of small random number files, reseeding the generator before each run. The resulting files would then be concatenated to produce the final file. (my thought here is to keep the random files small enough to avoid the eventual repeat of sequences that I understand occur in random number generators). - Combinations of the above? - Other: Suggestions welcome. -------------end------------- On the subject of using audio input for generating random numbers: has any one tried using an audio file created by the Windows sound recorder program? What would be a good source of random meaningless sound? (an quiet room, ocean surf, repeats of Gilligan's Island, old presidential speeches (pick your favorite president). :-) From hfinney at shell.portal.com Tue Oct 5 11:34:57 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Tue, 5 Oct 93 11:34:57 PDT Subject: Crypto Idea; Multi-Part Sigs Message-ID: <9310051612.AA03681@jobe.shell.portal.com.shell.portal.com> Some parts of what Christian asks about can be done; some can't. You can't have it that each of three individuals can decrypt messages sent to a key, while they all have to cooperate to sign messages. Generally speaking, decryption and signing are identical in the RSA cryptosystem. Having enough information to do one implies teh a the ability to do the other. However, you can divide a key so that people must cooperate to sign OR decrypt. Normally, in RSA, you choose a public exponent e, and find d, the secret exponent, such that e*d = 1 mod (p-1)(q-1), where p and q are the primes. Instead, you can choose d1..d3 such that e*d1*d2*d3 = 1. Choose d1 and d2 at random, choose e, and find d3 as in regular RSA. Give d1, d2, and d3 to each of the three people. Now they must apply their exponents to the RSA block in order to sign or decrypt. Hal Finney hfinney at shell.portal.com From mnemonic at eff.org Tue Oct 5 11:39:09 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 5 Oct 93 11:39:09 PDT Subject: PGP in Fidonet In-Reply-To: <199310040726.AA03042@panix.com> Message-ID: <199310051838.AA25590@eff.org> habs writes: > Situtation: > > I assume this is a gray area. But let's say at a meeting of friends > in one state (e.g., Boulder Creek, Ca), we create a Video message, > digitize it, and sent it to that friend, by uploading into an > account that I (habs) and the friend (rjc) has joint access to? > > Questions: > > Is that communications? Is it private? What if the message contains > images that might be considered "adult"? > > Would it be different if that file was e-mailed or FTPed rather > than uploaded. > > > Or, let's say I put in some very public FTP site, but used RSA to > legally encrypt it with my friend's public key? Would it be > private communications or public? These questions are sufficiently absorbing that I think I'll defer dealing with them until they actually come up. --Mike From mech at eff.org Tue Oct 5 11:49:09 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 5 Oct 93 11:49:09 PDT Subject: Standard Headers for Anonymous Remailers In-Reply-To: <9309210352.AA18893@indial1.io.com> Message-ID: <199310051845.AA25784@eff.org> says Loyd Blankenship: > We've been kicking around the pros and cons of anonymous remailers > here at io.com. One of the big problems is anonymous bombardment of a > helpless newsgroup. This (and the problem of auto-screening anonymous [...] > Words such as "anon" and "anonymous" might occur naturally in > the headers. I'd propose something like "ANONYPOST" or "ANONPOST" that > isn't likely to occur in nature. > Voluntary adoption of this type of standard by remailers would > take away some of the ammo that the anti-anon frothers are shooting, > and would go a long way toward improving the image of remailers in > general. > > Comments? Sorry to respond to such an old post, but I can't let this one slip by. Why not encourage people to be responsible for their OWN mail/news? Relying on moderators to wipe noses and spank boodies is not going to help anyone in the long run. FidoNet has had a great deal of difficulty with moderators, and there is no need to spread this problem to UseNet. The responsibility for you reading or not reading anon posts lies on YOUR head. If you do not like them, then learn to use the filtering capabilities of your software. If you don't have a news reader that will do elaborate filters, try strn. At any rate, it is my firm opinion that moderation belongs in academic and hard-science conferences, and those that require a very firmly focussed range of topics to be of use. The encouragement of more moderation, and more moderator "jobs" like filtering out anonymous postings is a very bad idea, and in particular, the inclusion of special headers for this purpose will simply suggest to moderators that they filter all such mail by default, and not even bother to try to determine relative merits. It's counterproductive to the entire idea of anonymous posting. -- DISCLAIMER: This message represents only my OWN opinion, not that of EFF. Stanton McCandlish Electronic Frontier Foundation Online Activist mech at eff.org NitV-DataCenter BBS SysOp Fido: IndraNet: 369:111/1 From cme at ellisun.sw.stratus.com Tue Oct 5 12:15:24 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Tue, 5 Oct 93 12:15:24 PDT Subject: Crypto Idea; Multi-Part Sigs Message-ID: <9310051915.AA17416@ellisun.sw.stratus.com> Yes, it's possible to have a variant of RSA in which multiple people are needed to sign anything. I don't know a way to use the same key for privacy and allow any of the people to decrypt, using RSA, since for RSA signatures and decryption are the same operation. - Carl From exabyte!smtplink!mikej at uunet.UU.NET Tue Oct 5 13:15:00 1993 From: exabyte!smtplink!mikej at uunet.UU.NET (Mike Johnson) Date: Tue, 5 Oct 93 13:15:00 PDT Subject: Need Suggestions for Random Numbers Message-ID: <9309057498.AA749854878@smtplink.exabyte.com> >I have seen here and elsewhere descriptions of hardware random >number generators (Geiger counters measuring random nuclear >decay, microphones picking up background hiss etc.), but I need >something that can be implemented entirely in software. There is no such thing as real random numbers implemented purely in software. The best you can do in pure software is a cryptographically strong pseudorandom number sequence, started at a random point -- like continually feeding the output of DES back to its input. >Also, can anyone recommend a statistical test for randomness, or >for detecting repeating patterns in a "random" file? Try compressing the file with PKZIP & see if it gets smaller. If it does, it flunks. If it doesn't, it may still have some patterns to it. >What would be a good source of random meaningless sound? (an >quiet room, ocean surf, repeats of Gilligan's Island, old >presidential speeches (pick your favorite president). :-) Not bad, but be sure to compress the output to remove the regular patterns of the surf, etc, then use the compressed output -- after stripping off any headers applied by the encryption program. From hughes at ah.com Tue Oct 5 13:19:09 1993 From: hughes at ah.com (Eric Hughes) Date: Tue, 5 Oct 93 13:19:09 PDT Subject: Crypto Idea; Multi-Part Sigs In-Reply-To: <9310051612.AA03681@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310052004.AA13975@ah.com> >You can't have it that each of three individuals can decrypt messages >sent to a key, while they all have to cooperate to sign messages. You can, but the key can't be a regular RSA key. >Generally speaking, decryption and signing are identical in the RSA >cryptosystem. That's right, don't use RSA as such. Choose two RSA keys. Make one as Hal describes for signing. Use the other one for receiving. The public key in this system is a pair of public RSA keys. You break symmetry, and lose automatic PGP support, but it seems to have the characteristics required. Eric From honey at citi.umich.edu Tue Oct 5 13:39:09 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 5 Oct 93 13:39:09 PDT Subject: Chaum on the wrong foot? Message-ID: <9310052038.AA09338@toad.com> yes, i am replying to a message that is six weeks old. hal, chaum may be barking up the wrong tree, but that doesn't mean that his students are. i read a couple of digital cash papers last night and was struck by this statement in one of them: Techniques have been developed that ... allow the construction of off-line electronic cash systems that are secure for the bank, yet at the same time honest users of the system are guaranteed to remain completely anonymous. This holds in a very strong sense: the security of banks is not compromised even if all users and shops collaborate in such an attempt, and the privacy of honest users cannot be violated in any cryptanalytic way even under adversarial behavior of the bank in coalition with all the shops. Stefan Brands, CWI this is very encouraging: digital cash technology is very far advanced, and offers almost everything you might want. (i think the jury is still out on the question of k-spendability.) but then there is the bad news: the mathematics and the protocols underlying the technology are still too complex to be practical. but there is also good news: much of the current work intends to simplify the protocols and to lessen the computational requirements of digital cash systems. peter From freeman at MasPar.COM Tue Oct 5 13:55:02 1993 From: freeman at MasPar.COM (Jay R. Freeman) Date: Tue, 5 Oct 93 13:55:02 PDT Subject: Need Suggestions for Random Numbers Message-ID: <9310052053.AA29645@cleo.MasPar.Com> > Also, can anyone recommend a statistical test for randomness, or > for detecting repeating patterns in a "random" file? Try using consecutive calls to your random-number generator to generate two-dimensional coordinate pairs, and plot them. That is, you do something like: for( i = 0; i < LOTS; ++i ) { x[i] = rand(); y[i] = rand(); } for( i = 0; i < LOTS; ++i ) { plot_point( x[i], y[i] ); } It's surprising how fast this will demolish many psuedorandom generators (and how good the eye is at pulling patterns out of plots). And as far as nominal sources of "white" noise, be careful to avoid contamination from 60-cycle power-line noise and its harmonics. Do a Fourier transform and look for peaks, for sure. I'm sure that the pros know lots of tricks like this. -- Jay "not a pro" Freeman From mg5n+ at andrew.cmu.edu Tue Oct 5 14:15:03 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 5 Oct 93 14:15:03 PDT Subject: criminal gif upload In-Reply-To: <9310051243.AA02245@toad.com> Message-ID: nobody at rosebud.ee.uh.edu writes in "criminal gif upload": > > ************************************************************ > > ***VERY IMPORTANT*** Critical Files to Remove from Your BBS > > ************************************************************ > > fuck that, just point me at them gifs. henh henh hmm hmm hmm. > ha ha. Seriously tho, just posting a list of MS-DOS filenames is rather useless as filenames do get changed. It is highly likely that a sysop or user might have changed the filenames to something else, especially if their operating system supported filenames longer than 8 characters. From mnemonic at eff.org Tue Oct 5 15:00:07 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 5 Oct 93 15:00:07 PDT Subject: criminal gif upload In-Reply-To: Message-ID: <199310052159.AA28270@eff.org> > ha ha. Seriously tho, just posting a list of MS-DOS filenames is rather > useless as filenames do get changed. It is highly likely that a sysop ^^^^^^^^^^^^^ > or user might have changed the filenames to something else, especially > if their operating system supported filenames longer than 8 characters. I'm interested in the source of that probability calculation. In my experience, sysops dealing with a large volume of files normally don't bother to change the names of a few of them, unless they see a compelling reason to do so. --Mike From kent_hastings at qmail2.aero.org Tue Oct 5 15:25:05 1993 From: kent_hastings at qmail2.aero.org (Kent Hastings) Date: Tue, 5 Oct 93 15:25:05 PDT Subject: Waa waa waa waa waah. Message-ID: <199310052223.AA08645@aerospace.aero.org> Waa waa waa waa waah. I want to go to Krustyland! Anyway, if this escapes, be advised that hastings at courier8.aero.org is dead. Like you gave a rat's ankle in the first place. The Martians have shut down my X400 access. They probably couldn't take any more of this foolishness. As the most Homeric of philosophers would say: "Dhoh!" Looks like I'm forced to get Netcom now, but until then - "UNSUBSCRIBE." Thanks. I'll be back. Kent - for who knows how long. From mg5n+ at andrew.cmu.edu Tue Oct 5 15:25:10 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 5 Oct 93 15:25:10 PDT Subject: Need Suggestions for Random Numbers In-Reply-To: <9310051201.aa27619@pay.pay.ecua.net.ec> Message-ID: jpinson at fcdarwin.org.ec writes: > I am working on a PC implementation of a one-time pad cipher, and > am trying to develop a way to produce an "acceptable" random file > to be xor'd with the plaintext. My favorite is the fibbonachi (sp?) series. You've probably seen this before: The series begins with the first two numbers being ones, and each number after if being the sum of the two preceeding numbers. Therefore, we have: 1,1,2,3,5,8,13,21,34,55,89,144,233... Taking modulo 10, we get: 1,1,2,3,5,8,3,1,4,5,9,4,3,7,0,7,7,4,1,5,6,1,7,8,5,3,8,1,9,0,9,9,8... Which gives a fairly random distribution of numbers from 0 to 9. You can take a different mod value to adjust the range of numbers produced. This will eventually repeat (in the mod 10 example example I believe it will repeat after around 60 numbers - you'll never be able to get all possible combinations, for example 0,0 is not possible) but the distribution is fairly random. Increasing the randomness, (and the legnth before it will repeat) is easy. For example if you make the series the sum of the first two of the last five numbers you get (modulo 10 for simplicity): 1,1,1,1,1,2,2,2,2,3,4,4,4,5,7,8,8,9,2,5,6,7,1,7,1,3,8... Although this starts off slowly, the randomness picks up, and this will generate a series which will go for thousands of digits without repeating. By the way, I don't reccomend adding more than two numbers together to get the next number in the series. If you try adding three, four, or more numbers together, it causes the series to increase faster, which causes it to reach the point where it repeats sooner, plus it complicates your software and slows down the computation. Anyway, if after extending the series, it's still not random enough, try this: Change your program so that after it adds the first two numbers, it looks at the third number. If this third number is greater, less than, or equal to some arbritrary value, add the fourth number to the first two and then uses that as the next digit in the series. This will greatly increase the random effect. This makes an excellent cipher, as you can generate different series based on what substitutions you make in the series. Of course, your ideas about randomizing further by combining random noise files is good, just be careful when using xor, because you could end up cancelling out the beginnings of your serieses, (since all these series begin with 1,1, xoring them would give you zeros.) Of course also try changing the initial conditions of the fibbonachi series, just be sure you don't use something that will lock the series (such as 5,5 which will produce 5,5,0,5,5,0,5,5,0...) Re-encrypting the noise file is also a good idea, multiplying each byte by three and then doing a mod 256 works well for these purposes. > (I remember some years back someone demonstrated the Apple II > random number generator was flawed by converting the random > numbers to screen coordinates and "painting" the screen. No > matter how long you ran the program, certain areas of the screen > were never filled in. In other words, certain numbers were never > generated.) Well, I've programmed on Apple II computers for years, and there were two very common systems used for random number generation. Applesoft Basic simply read bytes in the ROM and used them as random numbers. 6502 code looks pretty random when you're just looking at the numeric opcodes and data. The other popular thing to do was to read the video count. This works best when your program is interacting with a human, because people don't always respond to prompts in exactly the same amount of time every time, so the position the video circuitry was scanning would be different almost every time the program was run. This method works best for providing a seed for a series generator like the ones described above. If your computer has a clock, just read the time, and that will have the same random effect. From mg5n+ at andrew.cmu.edu Tue Oct 5 15:49:09 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 5 Oct 93 15:49:09 PDT Subject: criminal gif upload In-Reply-To: <199310052159.AA28270@eff.org> Message-ID: > > ha ha. Seriously tho, just posting a list of MS-DOS filenames is rather > > useless as filenames do get changed. It is highly likely that a sysop > ^^^^^^^^^^^^^ > > or user might have changed the filenames to something else, especially > > if their operating system supported filenames longer than 8 characters. > > I'm interested in the source of that probability calculation. In > my experience, sysops dealing with a large volume of files normally > don't bother to change the names of a few of them, unless they see > a compelling reason to do so. I suppose my choice of words was bad, but it does happen. You're right, most sysops don't change the filenames. Usually the filenames get changed when someone is moving the image to a different computer platform, such as an Amiga user uploading a GIF to a IBM-compatible BBS where the OS differences would necessitate a filename change. And of course there are some punks who just change the filename to get more upload credits on ratio systems. I didn't mean to put down the EFF's efforts to protect sysops, I was just pointing out the possibility for potential problems. From plmoses at unix.cc.emory.edu Tue Oct 5 16:25:07 1993 From: plmoses at unix.cc.emory.edu (Paul L. Moses) Date: Tue, 5 Oct 93 16:25:07 PDT Subject: Waa waa waa waa waah. Message-ID: <9310052322.AA03358@emoryu1.cc.emory.edu> UNSUBSCRIBE ME from this list. I know this is the "wrong" place to send it, but I have just spent the past 2 days sorting out 700+ cypherpunks messages that piled up while i was out of email range. _ I HAD some sympathy for the ideals of this project when I signed up, but now I am finding all the bickering and phoney legalese to be too much. The extensive post from EFF was the last straw. For God's sake, what purpose could it serve? Why not just type in all House debates on Clipper. Better yet, get an optical character reader and scan them in. Believe me, I have no interest in being told "how" I may communicate by the government. Thanks for the info and best of luck. Goodbye. - Paul From honey at citi.umich.edu Tue Oct 5 16:35:06 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 5 Oct 93 16:35:06 PDT Subject: Chaum on the wrong foot? Message-ID: <9310052333.AA11994@toad.com> > Can you post the references for these papers? sure. i got them from ftp.cwi.nl in directory /pub/CWIreports/AA/. CS-R9318.ps.Z is N. Ferguson "Single Term Off-Line Coins." it is 13 pp. CS-R9323.ps.Z is Stefan Brands "An Efficient Off-line Electronic Cash System Based On The Representation Problem." it is 77 pp. does anyone else have any digital cash papers on-line? peter From cman at IO.COM Tue Oct 5 16:39:09 1993 From: cman at IO.COM (Douglas Barnes) Date: Tue, 5 Oct 93 16:39:09 PDT Subject: Standard Headers for Anonymous Remailers In-Reply-To: <199310051845.AA25784@eff.org> Message-ID: <9310052336.AA04757@illuminati.IO.COM> Stanton: Actually, I think you're missing Loyd's point here. Basically, we really wanted to set up an anonymous remailer here at Illuminati Online. We encountered opposition from a certain individual on the grounds that "anonymous posts can destroy civil conversation" and individuals, groups and lists "should have the right to easily filter out posts from anonymous remailers." Although this is highly debatable (and I myself am opposed to it), it has nothing to do with inflicting moderation where none exists now, and is rather a call for a voluntary standard for tagging of posts that have been anonymized so that they can be filtered out wholesale. (Rather than the retail filtering that I'm sure goes on already in some quarters.) The advantage of this is that if a group or list or individual decides they want nothing to do with anonymous postings in general, they need not see them. The chief disadvantage in my mind is that it poisons the infrastructure against the strong pseudonymous entities that I think will be key to an underground digital economy. Other defects will be left as an exercise to the reader. :-) Doug > > says Loyd Blankenship: > > > We've been kicking around the pros and cons of anonymous remailers > > here at io.com. One of the big problems is anonymous bombardment of a > > helpless newsgroup. This (and the problem of auto-screening anonymous > [...] > > Words such as "anon" and "anonymous" might occur naturally in > > the headers. I'd propose something like "ANONYPOST" or "ANONPOST" that > > isn't likely to occur in nature. > > Voluntary adoption of this type of standard by remailers would > > take away some of the ammo that the anti-anon frothers are shooting, > > and would go a long way toward improving the image of remailers in > > general. > > > > Comments? > > Sorry to respond to such an old post, but I can't let this one slip by. > Why not encourage people to be responsible for their OWN mail/news? > Relying on moderators to wipe noses and spank boodies is not going to > help anyone in the long run. FidoNet has had a great deal of difficulty > with moderators, and there is no need to spread this problem to UseNet. > > The responsibility for you reading or not reading anon posts lies on YOUR > head. If you do not like them, then learn to use the filtering > capabilities of your software. If you don't have a news reader that will > do elaborate filters, try strn. > > At any rate, it is my firm opinion that moderation belongs in academic and > hard-science conferences, and those that require a very firmly focussed > range of topics to be of use. The encouragement of more moderation, and > more moderator "jobs" like filtering out anonymous postings is a very bad > idea, and in particular, the inclusion of special headers for this purpose > will simply suggest to moderators that they filter all such mail by > default, and not even bother to try to determine relative merits. It's > counterproductive to the entire idea of anonymous posting. > > -- > DISCLAIMER: This message represents only my OWN opinion, not that of EFF. > Stanton McCandlish Electronic Frontier Foundation Online Activist > mech at eff.org NitV-DataCenter BBS SysOp > Fido: IndraNet: 369:111/1 > -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From abajian at esca.com Tue Oct 5 16:55:06 1993 From: abajian at esca.com (paradigm shift happens) Date: Tue, 5 Oct 93 16:55:06 PDT Subject: I'm outta here Message-ID: <9310052353.AA20611@flash.esca.com> Ditto Paul's post. I thought this would be interesting. Instead, it's eating disk with pointless noise. How about using my cypherpunks mailings as a random number generator? No, too many repeating patterns. I'll hang out on the notice list just in case the sky falls. Yeesh. From ebrandt at jarthur.Claremont.EDU Tue Oct 5 18:15:07 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Tue, 5 Oct 93 18:15:07 PDT Subject: Need Suggestions for Random Numbers In-Reply-To: Message-ID: <9310060114.AA13172@toad.com> > From: Matthew J Ghio > 1,1,2,3,5,8,13,21,34,55,89,144,233... > > Taking modulo 10, we get: > > 1,1,2,3,5,8,3,1,4,5,9,4,3,7,0,7,7,4,1,5,6,1,7,8,5,3,8,1,9,0,9,9,8... > > Which gives a fairly random distribution of numbers from 0 to 9. This is a very simple linear congruential generator: a_n = a_n-1 + a_n-2 mod 10 It is decidedly *not* suitable for "producing an `acceptable' random file to be xor'd with the plaintext." It's not a cryptographically strong PRNG (it's not even a particularly good PRNG). To break such a system, try Boyar's paper, "Inferring Sequences Produced by PRNGs", in JACM 36(1): 129-141. I believe it takes time logarithmic in the modulus, which is not a recipe for security. Eli ebrandt at jarthur.claremont.edu From mg5n+ at andrew.cmu.edu Tue Oct 5 19:20:07 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 5 Oct 93 19:20:07 PDT Subject: Need Suggestions for Random Numbers In-Reply-To: <9310060114.AA13172@toad.com> Message-ID: Eli Brandt writes: > This is a very simple linear congruential generator: > a_n = a_n-1 + a_n-2 mod 10 > It is decidedly *not* suitable for "producing an `acceptable' random > file to be xor'd with the plaintext." It's not a cryptographically > strong PRNG (it's not even a particularly good PRNG). The pseudo-random number generator: a_n = a_n-1 + a_n-2 mod 10 is easy to break. One could guess the pattern from only a few numbers of the series. My point is that that series can be used as a basis for better PRNGs. I suggested using something like: if a_n-2 < 195 then a_n = a_n-4 + a_n-3 mod 256 if a_n-2 > 194 then a_n = a_n-4 + a_n-3 + a_n-1 mod 256 This is considerably less easy to break. Even if one could surmise that the (n-1) term was being added in sometimes and not others, you'd still have to examine a large section of the series to figure out exactly what method was being used to determine when the extra term was being inserted (you'd have to see an example where a_n-2=194 and note that the term was not included, and you'd have to see the situation a_n-2=195 and note that it was included. Plus, double-encryption could be used to increase the security. What PRNGs would you suggest using? From SZARAC at guvax.acc.georgetown.edu Tue Oct 5 19:29:11 1993 From: SZARAC at guvax.acc.georgetown.edu (SZARAC at guvax.acc.georgetown.edu) Date: Tue, 5 Oct 93 19:29:11 PDT Subject: In need of help for a paper Message-ID: <01H3RBQBOE829BVYJ7@guvax.acc.georgetown.edu> I am in need of source material, both technical and analytical in nature, for a paper I am writing. My topic is a discussion of the current data encryption debate within the administration. I am a student at Georgetown University (home of the infamous Dorothy Denning) in its National Security Studies Program. This paper is for a class on Intelligence and National Security. My goal is to try to inform my fellow students about the right to privacy crisis going on in the data encryption area. Basically I am looking for any references to good articles and books about this topic. They can be discussions or very technical, I don't care. So if you know of anything that could help, please let me know. Thanks, Chris From rjc at gnu.ai.mit.edu Tue Oct 5 19:55:07 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Tue, 5 Oct 93 19:55:07 PDT Subject: Chaum on the wrong foot? In-Reply-To: <9310052038.AA09338@toad.com> Message-ID: <9310060253.AA19384@kropotkin.gnu.ai.mit.edu> peter honeyman writes: >i am replying to a message that is six weeks old. > > hal, chaum may be barking up the wrong tree, but that doesn't mean > that his students are. i read a couple of digital cash papers last > night and was struck by this statement in one of them: > > Techniques have been developed that ... allow the construction of > off-line electronic cash systems that are secure for the bank, yet > at the same time honest users of the system are guaranteed to > remain completely anonymous. This holds in a very strong sense: > the security of banks is not compromised even if all users and > shops collaborate in such an attempt, and the privacy of honest > users cannot be violated in any cryptanalytic way even under > adversarial behavior of the bank in coalition with all the shops. > > Stefan Brands, CWI This could refer to observer based protocols. I don't see anything in the above paragraph to indicate that they have invented a digital coin. I don't see how offline non-observer based cash could possibly work. (e.g. I send a copy of my cash to someone in Europe and we "spend" them simultaneously) -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From ebrandt at jarthur.Claremont.EDU Tue Oct 5 20:00:29 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Tue, 5 Oct 93 20:00:29 PDT Subject: Need Suggestions for Random Numbers In-Reply-To: Message-ID: <9310060300.AA14566@toad.com> > From: Matthew J Ghio > if a_n-2 < 195 then a_n = a_n-4 + a_n-3 mod 256 > if a_n-2 > 194 then a_n = a_n-4 + a_n-3 + a_n-1 mod 256 > > This is considerably less easy to break. True. However, there are some fairly general attacks on congruential PRNGs, and I wouldn't be willing to place much of a prize on the unbreakability of schemes such as the above. There are simple techniques whose security is better tested. > What PRNGs would you suggest using? I'm hardly the person to ask, but here's a simple one: Given a cryptohash function hash(), and a key K, generate your series S as S_i = hash(K+i). There are plenty of other games you can play with a secure hash function. They have a practical advantage over PRNGs built on top of ciphers: there's no problem exporting them. There are also "pure" cryptographically-strong RNGs, but I don't know anything about them. (The name "Blum-Blum-Shub" springs to mind, but how could it not?) Eli ebrandt at jarthur.claremont.edu From klbarrus at owlnet.rice.edu Tue Oct 5 20:39:11 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Tue, 5 Oct 93 20:39:11 PDT Subject: Crypto Idea; Multi-Part Sigs In-Reply-To: <9310050349.AA04200@alumni.cco.caltech.edu> Message-ID: <9310060336.AA11903@flammulated.owlnet.rice.edu> nobody at alumni.cco.caltech.edu wrote: >Is it possible to produce a set of keys (for example, 3 private 1 public) >such that -all three private keys are needed to sign a message from that > I.D. and > -any of the private keys can decrypt anything encrypted with > the single pubkey. > An excellent paper (author and title have slipped my mind - the paper describes key-and, key-or, and other operations) describes how to do something related to part 2 of the above. In that scheme, you would have the three key pairs for the individuals, Pa, Sa, Pb, Sb, Pc, Sc, and the "joint" keypair Pj, Sj. A message encrypted with Pj can only be unlocked with Sj, which in turn is encrypted with Pa, Pb, Pc. Thus, the final message looks like E(M, Pj); E(Sj, Pa); E(Sj, Pb); E(Sj, Pc) where the four parts are passed around as one, and E(a,b) means a encrypted with b. Thus, each of the individuals, knowing their own private keys, can extract Sj, and then the message M. Offhand, I'm not sure if the paper describes joint signings in this manner. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From nobody at rosebud.ee.uh.edu Tue Oct 5 21:15:08 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Tue, 5 Oct 93 21:15:08 PDT Subject: No Subject Message-ID: <9310060411.AA15718@toad.com> At 1:04 PM 10/4/93 -0700, Hastings at courier8.aero.org wrote: >Maybe you >think messages posted to an international mail reflector are private? Time to start up those digital pseudonyms! Eternal!Optimist at anon.penet.fi From honey at citi.umich.edu Tue Oct 5 21:25:07 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 5 Oct 93 21:25:07 PDT Subject: Chaum on the good foot? Message-ID: <9310060424.AA15907@toad.com> > This could refer to observer based protocols. I don't see anything in the > above paragraph to indicate that they have invented a digital coin. I don't > see how offline non-observer based cash could possibly work. (e.g. > I send a copy of my cash to someone in Europe and we "spend" them > simultaneously) well, actually, it's very neat how this works. here, i'll quote from n. ferguson's paper "single term off-line coins." The most difficult fraud to counter in electronic cash systems is the double-spending. A user can always spend the same coin in two different shops. This fraud cannot be detected at the time of spending as the payments are off-line. The solution that all electronic cash systems use is to detect the double-spending after the fact. At each payment the user is required to release some information in response to a challenge from the shop. One such release of information provides no clue to the user's identity, but two such releases are sufficient to identify the user uniquely. this is based on shamir's "how to share a secret" cacm v22n11 1979. in the stefan brands quote ("the privacy of honest users cannot be violated in any cryptanalytic way") the emphasis is on honest users. dishonest users are traceable. after reading these two papers, i really think off-line cash works -- it offers divisibility, multi-party security, privacy, and untraceability. the major impediments seem to be the complexity of the protocols and the large computational price to be paid. peter From pfarrell at gmu.edu Tue Oct 5 21:29:11 1993 From: pfarrell at gmu.edu (Pat Farrell) Date: Tue, 5 Oct 93 21:29:11 PDT Subject: Identifying GIFs, was Re: criminal gif upload Message-ID: <1743.pfarrell@gmu.edu> In message Tue, 5 Oct 1993 17:11:17 -0400 (EDT), Matthew J Ghio writes: > Seriously tho, just posting a list of MS-DOS filenames is rather > useless as filenames do get changed. It is highly likely that a sysop > or user might have changed the filenames to something else, especially > if their operating system supported filenames longer than 8 characters. Doesn't this bring up a fundamental question: when is a file equivalent? we can easily use MD5 or brik to identify identical files. But GIFs, and other image files (MPEG, JPEG, TIFF, etc.) are subject to both lossey compression and stegnagraphic [sic, sorry] coding techniques. If you change one pixel of the background, the checksums are different, but it will still show *porm or whatever to a judge who "knows it when he sees it." We can prove statistical insignificance of duplication using strong hashing functions. Can we find a way to statistically prove "looks like" on a numerical basis? Pat Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From honey at citi.umich.edu Tue Oct 5 21:45:18 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 5 Oct 93 21:45:18 PDT Subject: Need Suggestions for Random Numbers Message-ID: <9310060445.AA16280@toad.com> > What PRNGs would you suggest using? i don't know, but my friend don mitchell knows about these things, and the last time i asked him about prngs he recommended that i check out marsaglia's paper in annals of applied probability v1n3 1991. peter From ld231782 at longs.lance.colostate.edu Tue Oct 5 21:55:09 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Tue, 5 Oct 93 21:55:09 PDT Subject: EFF pornography file warning Message-ID: <9310060453.AA10453@longs.lance.colostate.edu> Boy, I sure have gotten flamed by the best on this one. And its rather deafeningly silent on the list. I'm bleeding from shrapnel wounds and hung out to die. Let me justify a few things. Enclosed: - why I posted the announcement - why I flamed EFF - things that have upset me about this affair - a classic cypherpunk rant on child pornography worthy of T.C. May * * * I posted the announcement to the cypherpunks because 1) there has been a long past history of interest in BBS type investigations 2) there was a huge flame war over CERT sending a notice to E.Hughes for his FTP site, saying `please look into this'-- this EFF announcement struck me as amazingly similar. (BTW, I had virtually nothing to do with that flame war, which was incredibly prolonged) 3) EFF of course is very close to the cypherpunk cause with S.Steele, M.Godwin, and J.Gilmore regular readers and contributors. 4) consider that comp.org.eff.talk would be another forum, but I rejected it, because this forum is more private and still watched by EFF. * * * Now, why did I flame EFF for this action? In one word: quagmire. I said it was `silly, useless, and damaging' 1) this opens them up to having to do this *regularly*. Is this what they want to be doing? 2) since when does EFF help federal BBS investigations? 3) M. Godwin just got done informing us the beauty of *non* liability with a hands-off BBS operator policy. 4) its silly to post a notice about given filenames. They simply are as amorphous as cyberspace itself. 5) a recall of any type is a notorious way to generate paranoia, perhaps a cure worse than the affliction. this kind of message spreads like wildfire. `What? EFF says file [x] is child pornography?' There are tens of thousands of BBS operators in the U.S. -- is this a service or a disservice to them? hence my urban myth ramblings. 6) Releasing this kind of notice only draws more attention to those files. Suddenly, they become collectors items. People start hunting them down. People create empty files with the same name as a joke. All because `EFF says file [x] is child pornography' 7) many other reasons that will become obvious and important in retrospect, but look like hypersensitivity at this point. * * * I'm very upset that 1) everybody on the list is hiding, and refuses to criticize EFF despite the strong parallels to CERT. at best this is cowardice and at worst hypocrisy. this tiptoeing and silence is very reprehensible, IMHO. 2) it does not appear to me that EFF has thought this through. this announcement reflects on EFF. why couldn't they have phrased it differently? e.g. Agents [x] of government agency [x] have requested that operators remove these files. As it stands, EFF associates its own reputation with this investigation and the file recall. 3) there have been requests from EFF representatives to `let it drop'. well, yes, that is one way of dealing with the issue, but IMHO more appropriate to a species of animal called `ostriches'. 4) in general, I object to this philosophy found elsewhere on the list of `if its in our backyard then don't criticize it'. the Fidonet operators are like this. EFF is like this. The former, in their cryptophobia and surveillance, are implicitly supportive of the philosophy of Clipper and the NSA. The latter, EFF, has a critical role in promoting coolness, not hysteria, among BBS operators. 5) In a rather low blow, S. Steele writes ``I figured those who sought to challenge the child pornography laws would poo poo the message. I guess I figured right.'' For the record, I do not seek to challenge child pornography laws or federal investigations. My message made rather clear that I was objecting to the role of *EFF* in the affair. * * * Lastly, I guess I'm a little confused. tcmay at netcom.com (Timothy C. May) >No, I won't say it was silly, useless, or damaging. >[...] >Do I hear any volunteers to become a test case? I tweaked T.C. May in the hope of seeing a message analyzing child pornography in digitized images over cyberspace, because I thought I recall him writing a rather amazing essay on the subject some months ago on the list. Apparently, based on my recent private email exchange, he wasn't associated with that. I guess I just misremembered because it seemed like such a classic cypherpunkesque rant in the spirit of his best. Anyway, as I recall, *someone* about 3 or 4 months ago posted to the list a remarkable analysis of a brouhaha surrounding the creation of the group `alt.pictures.erotica.children'. The person talked about posting a PGP file to the group, as I recall with an anonymous remailer, and then talked about the fierce reaction (melee?) involved. The person stated that the group appeared to have been created as a joke, and the file itself as PGP code was actually not legal syntax for `plausible deniability' of the author, but nevertheless raised important questions. The essay talked about the fruitlessness of trying to track down actual `child pornography' over cyberspace. One of the main points was that child pornography is not illegal everywhere, as I recall the person mentioned Denmark as a place where it particularly flourishes. Is a GIF illegal if it was taken in a country that prohibits it? that's easy. But what about if it was taken in a country where it was legal and imported? well, in the U.S. this is illegal too. But the poster raised a lot of other very fascinating questions that were highly relevant to pornography in cyberspace. Digital composition tools allow artist to cut and paste pictures with astonishing realism. What about a situation where adult models (as young as possible) are used and child's faces are plastered on top? Or how about the situation where *entirely imaginary pictures* are created? These are very real possibilities. Are they illegal too? How is it that just a particular configuration of pixels constitutes illegal pornography, and another does not? I think the poster made various humorous remarks about baby pictures too -- the type of children on bearskin rugs. Shall we imprison all parents that have taken these? (ug, I can't wait for all silly flames on the `I know it when I see it' definition of pornography.) This was my point with the EFF warning: the whole area is a quagmire, and the only consistent and enforceable philosophy seems to be a `hands off' approach. It is very likely to evolve in the long-term future because of all the quandaries. And in particular I was hoping the essay would pop up again on the list so they could see that perspective. Anyway, the poster then made some characteristic comments about the changes that cyberspace will introduce to these kind of pornography laws. The whole essay was such a brilliant exercise, IMHO, and involved actual `research' and `analysis', that I guess I just sort of misremembered T.C. May writing it, but apparently this is not the case. Anyway, I apologize for the misattribution. Just `attribute the misattribution' to my degenerating memory for specifics after 35 hundred cypherpunk postings (But I would be fascinated to see that essay again, if anyone has a clue of what I'm talking about. Hopefully the writer is still on the list, has it in archives, and can post it. It's highly germane to the EFF warning, and was a really brilliant cypherpunk document, IMHO. If I'm just hallucinating over the whole thing, well, maybe its time for me to unsubscribe ) From vznquest at netcom.com Tue Oct 5 21:59:10 1993 From: vznquest at netcom.com (Alan Mason) Date: Tue, 5 Oct 93 21:59:10 PDT Subject: Cyphertrivia In-Reply-To: <9310060452.AA03396@netcom5.netcom.com> Message-ID: > > OK, so if you were really paranoid, you wouldn't even let 'THEM' know you > were using pgp. > > But... if you were only mildly paranoid, you would: > > 1. Break your message into several short blocks > > 2.. Encrypt them with your friends public pgp key in ascii format > > 3. Change the parts of the messages that say "BEGIN (END) PGP MESSAGE" to > read "BEGIN (END) PGP PUBLIC KEY BLOCK" > > 4. Post them in an innocuous place and let the recipient know that they > are there. When he/she decypts them, he/she doesn't even need to change > "PGP PUBLIC KEY BLOCK" back to "PGP MESSAGE". Thanks, Phil :). > > In this way, you can console your paranoia by telling it that while the > cryptocops may know you HAVE pgp, they don't know you are using it > to send messages. > > Trivial, I know, but hey - it was one of those trivial days........ > > > ----------------------------------------------------------------------------- > A Paranoid 2 | Any time you find a simple answer to a question, > aka vznquest at netcom.com | The odds are you asked the wrong question. > ******************* | > ---------------------------------------------------------------------------- From cme at ellisun.sw.stratus.com Tue Oct 5 22:05:09 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Tue, 5 Oct 93 22:05:09 PDT Subject: Strong PRNGs Message-ID: <9310060502.AA20205@ellisun.sw.stratus.com> I can think of two: 1. a long-period PRNG (like subtract-with-carry) feeding a cryptographically strong hash function (perhaps triple-DES in ECB mode with both key nad input taken from the PRNG and output becoming the new PRNG output; 2. Russell Imagliazzo's (sp?) PRNG as strong as subset-sum. Reference: R. Imagliazzo, M. Naor, ``Efficient Cryptographic Schemes Provably as Secure as Subset Sum.'' FOCS89. For example: (if I remember correctly) Algorithm: Take an array of 512 numbers, each 521 bits long. Fill those with true random bits (coin flips, etc.). fill a 512 bit register with random bits. associate each bit of the register with one entry in the array. loop: for each bit in the 512-bit register, if the bit is a 1, add the corresponding array entry into a 521-bit accumulator (init'd to 0 at the start of this pass), modulo a 521-bit prime. at the end of the pass over all 512 bits, take the low order 8 bits of the accumulator as your output byte (a pseudo random value) and the next 512 bits as the new register for the next round. Toss the top bit. goto loop From klbarrus at owlnet.rice.edu Tue Oct 5 22:05:18 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Tue, 5 Oct 93 22:05:18 PDT Subject: Chaum on the wrong foot? In-Reply-To: <9310060253.AA19384@kropotkin.gnu.ai.mit.edu> Message-ID: <9310060504.AA20656@flammulated.owlnet.rice.edu> rjc at gnu.ai.mit.edu wrote: > > This could refer to observer based protocols. I don't see anything in the >above paragraph to indicate that they have invented a digital coin. I don't >see how offline non-observer based cash could possibly work. (e.g. The other paper at CWI "Single Term Off-Line Coins" (which I have read but haven't really studied in depth) isn't an observer based protocol. Ferguson represents cash as 3 numbers. When Alice wants to spend, she gets two RSA-signatures from the bank (which are derived from the hash functions and the 3 numbers). Alice pays by sending the 3 numbers to the store, which replies with a challenge, which she responds to using information derived from both signatures. She can spend several coins by using the same challenge and sending the product of her responses to the store. At the end of the day, the bank sends the 3 numbers, the challenge and response to the bank, which then verifies the credit. If Alice spends a coin twice, she allows the bank to determine her identity. (The bank must make sure the penalty is severe enough to discourage this behavior). One nice feature is that it is very difficult (infeasible) for the bank to frame Alice and claim she double spended. It seems from this paper, and I think one other I read, that offline protocols presented cannot prevent double spending but rather reveal the identity of such a person. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From cme at ellisun.sw.stratus.com Tue Oct 5 22:10:09 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Tue, 5 Oct 93 22:10:09 PDT Subject: Need Suggestions for Random Numbers Message-ID: <9310060509.AA20233@ellisun.sw.stratus.com> >Message-Id: <9310060445.AA16280 at toad.com> >From: peter honeyman >Date: Wed, 06 Oct 1993 00:44:29 -0400 >Subject: Re: Need Suggestions for Random Numbers > >... recommended that i check >out marsaglia's paper in annals of applied probability v1n3 1991. I have this algorithm coded in C -- and will send it to anyone who wants it. It's not strong -- just long period. It's also part of the new "tran", as posted on sci.crypt and available for FTP on ripem.msu.edu - Carl From klbarrus at owlnet.rice.edu Tue Oct 5 22:20:09 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Tue, 5 Oct 93 22:20:09 PDT Subject: Crypto Idea, Multi-Party Sigs Message-ID: <9310060519.AA21999@flammulated.owlnet.rice.edu> Forcing all three people for signing the document can be done as by merely splitting the secret key into three parts. Then, all three must be used to reassemble secret key in order to sign the document. If both methods co-exist, then each individual can sign the document from information they know from being able to decrypt. Unless you go to a modified RSA system like Eric described. (it's much easier to force all three to sign and all three to decrypt :-) -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From klbarrus at owlnet.rice.edu Tue Oct 5 22:50:08 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Tue, 5 Oct 93 22:50:08 PDT Subject: Standard Headers for Anonymous Remailers In-Reply-To: <9310052336.AA04757@illuminati.IO.COM> Message-ID: <9310060549.AA24434@flammulated.owlnet.rice.edu> Douglas Barnes wrote: >Actually, I think you're missing Loyd's point here. Basically, we >really wanted to set up an anonymous remailer here at Illuminati >Online. We encountered opposition from a certain individual on the >grounds that "anonymous posts can destroy civil conversation" and >individuals, groups and lists "should have the right to easily >filter out posts from anonymous remailers." Hey Doug, Well, as I mentioned in an earlier post, I'm one who doesn't favor labelling anonymous mail - I'd rather work on positive reputation schemes, cash accepting remailers, etc. An anonymous remailer that charges will discourage people from using it for frivolous purposes; digital signature combined with positive filters will let people filter out posters they consider stupid. After all, you are more interested in who sent the mail than where it originated from. (I've been working on a script that checks elm mail folders for pgp signed messages and reports the signature instead of From: address; and a cash accepting remailer). The attitude expressed by the individual on io.com shows a problem we will have in educating others - "anonymous posts CAN destroy a civil conversation". Yes, maybe so, but in my experience on mailing lists, bbses, etc. I've noticed that "flame wars" and "anonymous posts" have NO correlation, and are quite independent of one another. Since I've seen "flame wars" on systems with absolutely no anonymous posting facilities (or none that were used), I conclude that civil conversation is destroyed by strongly held differences in opinions (or some other factor I can't pin down). However, I would be interested in hearing if filtering anonymous mail/posts does significantly cut down on or eliminate the destruction of civil conversation. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From MIKEINGLE at delphi.com Tue Oct 5 23:45:09 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Tue, 5 Oct 93 23:45:09 PDT Subject: Crypto Toolkit Suggestions Message-ID: <01H3RYOHPK4I8ZE0SY@delphi.com> I'm writing a toolkit to allow crypto programs to be written using pipes and shell/perl scripts. There will be several small programs, most of which will act as filters, to give direct access to rsa, idea, md5, keyrings, etc. This should allow quick and easy coding of digicash, zero-knowledge servers, and other interesting things. So far I've got the MD5 and IDEA functions. MD5 is just a filter - it takes whatever you feed it and outputs the MD5 hash in hex. IDEA takes e or d for encrypt or decrypt, a key, and (if encrypting) an initialization block. Then it acts as a filter. The output is ten bytes longer than the input - init block and two key check bytes - just like the idea_file function in PGP's crypto.c file. MD5 links with md5.c and md5.h, and IDEA links with idea.c and idea.h from pgp23a. For example, you could do: key=`md5` passphrase^D init=(16 random hex digits - another MD5 is okay, it will ignore excess) export key init idea e key init < infile > outfile idea d key < outfile > decrypted Questions: what is the best way to pass a key? The command line is definitely out, because ps shows it. Right now, IDEA takes the name of an exported environment variable containing the hex key. Can you securely wipe an environment variable? Is there a better way? (A temporary file could be dangerous; a key could be left lying around.) What else should I write? Ideas: direct access to rsa with hex numbers, direct access to modmult, etc, for dh and stuff, a filter for armor/dearmor and zip/unzip. A program to pull key material out of a keyring in hex, so you could use PGP keys with the rsa routines. What would really be nice is a filter that could generate pgp-compatible packets, so you could make up any "pgp object" using a pipe. You could also use the hex output directly. --- MikeIngle at delphi.com The enemy is not just the federal government. The enemy is centralized power, wherever it may exist. From greg at ideath.goldenbear.com Wed Oct 6 04:20:22 1993 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Wed, 6 Oct 93 04:20:22 PDT Subject: BBS seizures In-Reply-To: Message-ID: uunet!ideath.goldenbear.com!greg (Greg Broiles) writes: > I think a man named Tom Tcimpidis was busted in the L.A. area in the early > eighties because of content; if I remember the facts correctly, codes > were posted to his board without his knowledge, and he was convicted for > illegal possession of long distance access codes. I grepped through early I did more checking. Tcimpidis was arrested in May 1984 when an access code was posted to his BBS while he was on vacation. Charges were dropped in 1985 because there was insufficient evidence to establish that he knew that the code was there. One person mentioned in E-mail that Tcimpidis' equipment was returned to him, albeit in a damaged condition. Publication of a telephone credit card number is a misdemeanor in California if it is done "with the intent that it be used or with knowledge or reason to believe it will be used" for toll fraud. CA Penal Code Section 502.7(1)(c). Publication means (for these purposes) communicating the number to at least one other person either orally or in writing of any kind. I'll leave this subject alone now; just wanted to correct earlier mistake about Tcimpidis. -- Greg Broiles greg at goldenbear.com Baked, not fried. From mnemonic at eff.org Wed Oct 6 05:09:14 1993 From: mnemonic at eff.org (Mike Godwin) Date: Wed, 6 Oct 93 05:09:14 PDT Subject: EFF pornography file warning In-Reply-To: <9310060453.AA10453@longs.lance.colostate.edu> Message-ID: <199310061207.AA02851@eff.org> Lance writes: > 1) this opens them up to having to do this *regularly*. Is this what > they want to be doing? I doubt that EFF is regularly going to have a list of graphics files that the feds are using as the basis of a child-porn investigation. > 2) since when does EFF help federal BBS investigations? I don't see how letting people know what the feds are looking for is "helping" the feds. > 3) M. Godwin just got done informing us the beauty of *non* liability > with a hands-off BBS operator policy. In particular, I've been talking about noninterference with electronic mail. But look at our choices, Lance. The alternative, when we knew what files were being looked for, was *not to let anyone know*. It strikes me as difficult, ethically, to justify *not* letting people know what particular files are being looked for. The issue of letting people know about these files is logically separate from the issue of whether a sysop will be held legally liable for files he or she doesn't know about. > 4) its silly to post a notice about given filenames. They simply are as > amorphous as cyberspace itself. Not quite. In real life, those who traffic in GIFs normally deal in such a volume of files that they rarely trouble to change their names. > 5) a recall of any type is a notorious way to generate paranoia, > perhaps a cure worse than the affliction. this kind of message spreads > like wildfire. `What? EFF says file [x] is child pornography?' There > are tens of thousands of BBS operators in the U.S. -- is this a service > or a disservice to them? hence my urban myth ramblings. Sometimes telling the truth *does* generate paranoia. Look, it is difficult for me to justify *not* giving sysops information that a *lot* of sysops (although perhaps not you, Lance) would very much like to have. What's more, a sysop can determine whether he's had files with these names uploaded to his system *without snooping through someone's e-mail*. Tell you what, Lance: if you can find a number of sysops who would *rather not know* the kind of information that Shari disclosed in her message, we will weigh their reluctance to know carefully if this situation should ever come up again. > 6) Releasing this kind of notice only draws more attention to those > files. Suddenly, they become collectors items. People start hunting > them down. People create empty files with the same name as a joke. All > because `EFF says file [x] is child pornography' I think I'll wait until I see this actually happen before I regard it as a serious possibility. > 2) it does not appear to me that EFF has thought this through. this > announcement reflects on EFF. why couldn't they have phrased it > differently? e.g. Agents [x] of government agency [x] have requested > that operators remove these files. As it stands, EFF associates its own > reputation with this investigation and the file recall. If what you are doing here is criticizing the *wording* of the announcement, that undercuts your other comments here. You seem to be saying it would be *okay* to release the list of graphics files if we had written the announcement differently. If that is the substance of your criticism, fine. Send us a redrafted announcement--the way you think it should be written. > 4) in general, I object to this philosophy found elsewhere on the list > of `if its in our backyard then don't criticize it'. Personally, I don't mind your taking the trouble to criticize EFF over this. But I hope you understand us well enough to realize that reasonable people can disagree over this issue. Again, it strikes me as hard to justify *not* giving sysops the info that at least *some* of them would want. > 5) In a rather low blow, S. Steele writes ``I figured those who sought > to challenge the child pornography laws would poo poo the message. I > guess I figured right.'' For the record, I do not seek to challenge > child pornography laws or federal investigations. My message made > rather clear that I was objecting to the role of *EFF* in the affair. Lance, I personally don't think your criticisms here imply any opposition to the child-porn laws. For all that you may be write that "the whole area is a quagmire," it seems important to stress that EFF wasn't dealing with "the whole area"--only with the particular issue of whether to let people know what we had discovered about a particular federal investigation. We were trying to be helpful. If it's your position that publishing that list of files was *wholly unhelpful*, that it will turn out to have been a mistake, well, perhaps you're right. But I don't think our action here is so obviously wrong in the black-and-white way you seem to be implying here. --Mike From wcs at anchor.ho.att.com Wed Oct 6 05:49:14 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Wed, 6 Oct 93 05:49:14 PDT Subject: POISON PILL Message-ID: <9310061246.AA04754@anchor.ho.att.com> > Furthermore, pipe bombs throw shrapnel, and as such are anti-personnel > devices. The goal was to destroy data, not FBI agents. Booby traps that > take lives are considered in court as 1st degree murder. > There are more elegant approaches. Thermite, for instance :-) Actually, that could get you nicked for arson of Federal property, which carries substantial jail terms (a couple of anarchists who burned a government-owned flag a few years ago got 10+ years for it.) Releasing viruses can also get heavy penalties; keeping the malfunction (excuse me, "different data storage parameters") within your own machine is more likely to be safe, though destroying data on "Federal interest computers" (which manages to include banks and a few other things as well as government-owned systems) is also illegal, and your machine becomes a Federal interest machine if they steal it. You could do something really hostile, like have it boot OS/2 if someone gives the wrong password :-) Bill From pmetzger at lehman.com Wed Oct 6 06:19:15 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 6 Oct 93 06:19:15 PDT Subject: Need Suggestions for Random Numbers In-Reply-To: Message-ID: <9310061317.AA16857@snark.lehman.com> Matthew J Ghio says: > What PRNGs would you suggest using? Don't use PRNGs for one time pads. To quote Don Knuth, anyone using software methods to generate random numbers "is living in a state of sin." One time pads require REAL random numbers. If you are willing to, say, use DES to generate your random numbers, you might as well encrypt with DES instead of pretending that you have random numbers. If you want a one time pad, do the logical thing -- go out and buy or build a hardware random number generator. Don't pretend that if you only make things "complicated enough" your numbers will be effectively random, because they won't. See Knuth's huge section on random numbers in "The Art of Computer Programming" for a demonstration of how a really obscenely complex algorithm can yield bad numbers. Perry From m5 at vail.tivoli.com Wed Oct 6 06:39:14 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 6 Oct 93 06:39:14 PDT Subject: EFF pornography file warning In-Reply-To: <9310060453.AA10453@longs.lance.colostate.edu> Message-ID: <9310061332.AA07867@vail.tivoli.com> As a quickie preface, I state that I feel no guilt posting this to cypherpunks, even in light of the many recent complaints about bandwidth. This issue seems quite germaine to me, though it's only tangentially related to cryptography. "L. Detweiler" writes: > I posted the announcement to the cypherpunks because > > 2) there was a huge flame war over CERT sending a notice to E.Hughes > for his FTP site, saying `please look into this'-- this EFF > announcement struck me as amazingly similar. It doesn't strike me as similar at all. One was a specifically targeted notice, and the other was a broadcast for general consumption. > Now, why did I flame EFF for this action? In one word: quagmire. You flamed because "quagmire"? What does that mean? (I know what "quagmire" means; I can't parse the sentence "I flamed the EFF because quagmire.") > I said it was `silly, useless, and damaging' Silly? Seemed pretty serious to me. Useless? Well, it was dissemination of pertinent information; given the signal to noise ratio of the electronic infonet world, that's saying a lot. Damaging? Well, that's the debatable point. > 1) this opens them up to having to do this *regularly*. Is this what > they want to be doing? I don't agree with this, though it may be true that such expectations will be established. (After this uproar, I doubt it.) > 2) since when does EFF help federal BBS investigations? Help?!? Was the EFF passing along names of suspect BBSes? Indeed, I'd say they were *hindering* the investigation, if anything; they're suggesting that "evidence" be destroyed. > 3) M. Godwin just got done informing us the beauty of *non* liability > with a hands-off BBS operator policy. There's a BIG difference between non-liability and immunity from seizure. > 4) its silly to post a notice about given filenames. They simply are as > amorphous as cyberspace itself. Is it really silly? Though I'll of course agree that the names *could* be changed, are they? How common is that? Isn't it probably true that if those files exist somewhere it's highly likely that they have those names? If so, is it still "silly" to publish the names? (Is it "silly" for "Wanted" posters to contain photos and descriptions of hair length, facial hair, body weight, and so on, given that such things can easily be changed?) > 5) a recall of any type is a notorious way to generate paranoia... I don't think that EFF would claim to have the power of "recall". > `What? EFF says file [x] is child pornography?' No, EFF says file X is a hot topic in some particular investigation of child pronography being conducted by some law enforcement organization. It's a statement of fact. > 6) Releasing this kind of notice only draws more attention to those > files. Suddenly, they become collectors items. People start hunting > them down. People create empty files with the same name as a joke. All > because `EFF says file [x] is child pornography' I don't see why this should be an argument against posting the warning. Hurricane warnings generally bring many people who want to surf or just look aat and experience the hurricane; would it be better to just keep a lid on the whole tropical depression thing? > 7) many other reasons that will become obvious and important in > retrospect, but look like hypersensitivity at this point. My breath is held. > I'm very upset that > > 1) everybody on the list is hiding, and refuses to criticize EFF > despite the strong parallels to CERT. at best this is cowardice and at > worst hypocrisy. this tiptoeing and silence is very reprehensible, IMHO. Whoa, podner. Speak for yourself. You're giving us (a) cowardice or (b) hypocrisy; why not (c) a difference of opinion with L Detweiler? > 2) it does not appear to me that EFF has thought this through. this > announcement reflects on EFF. why couldn't they have phrased it > differently? e.g. Agents [x] of government agency [x] have requested > that operators remove these files. As it stands, EFF associates its own > reputation with this investigation and the file recall. I can't argue with this; the fact of this conversation proves your point. > 3) there have been requests from EFF representatives to `let it drop'. > well, yes, that is one way of dealing with the issue, but IMHO more > appropriate to a species of animal called `ostriches'. I also agree with this: the subject bears discussion. I think it's relevant to cypherpunks because the topic could someday be "files foo.X and bar.X are suspected of being encrypted Top Secret Stuff, and are being sought in an investigation of pirate cryptography". -- Mike McNally From marc at GZA.COM Wed Oct 6 07:00:34 1993 From: marc at GZA.COM (Marc Horowitz) Date: Wed, 6 Oct 93 07:00:34 PDT Subject: Crypto Toolkit Suggestions In-Reply-To: <01H3RYOHPK4I8ZE0SY@delphi.com> Message-ID: <9310061359.AA04461@dun-dun-noodles.aktis.com> I'd rather see this done as a tcl (not tk, tcl) toolkit, rather than as a bunch of separate shell programs. This will allow users to do real programming, not just play around. This solves the key problem by keeping it in core in one process, or at worst, in a pipe. And you could always use it as a standalone program by putting the command you wanted to use on the command line. Marc From libert at citi.umich.edu Wed Oct 6 07:05:15 1993 From: libert at citi.umich.edu (Tom Libert) Date: Wed, 6 Oct 93 07:05:15 PDT Subject: Living in a state of sin Message-ID: <9310061403.AA24120@toad.com> Don't use PRNGs for one time pads. To quote Don Knuth, anyone using software methods to generate random numbers "is living in a state of sin." Knuth quoted John von Neumann: "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin." (1951) From pmetzger at lehman.com Wed Oct 6 07:35:15 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 6 Oct 93 07:35:15 PDT Subject: Strong PRNGs In-Reply-To: <9310060502.AA20205@ellisun.sw.stratus.com> Message-ID: <9310061432.AA16969@snark.lehman.com> Carl Ellison says: > I can think of two: > > 1. a long-period PRNG (like subtract-with-carry) feeding a > cryptographically strong hash function (perhaps triple-DES > in ECB mode with both key nad input taken from the PRNG > and output becoming the new PRNG output; What would the point of using this for a one time pad be, though? Why not just use triple-DES and be done with the bulk and complexity? Perry From nobody at pmantis.berkeley.edu Wed Oct 6 07:35:22 1993 From: nobody at pmantis.berkeley.edu (nobody at pmantis.berkeley.edu) Date: Wed, 6 Oct 93 07:35:22 PDT Subject: Enough already! Message-ID: <9310061433.AA12074@pmantis.berkeley.edu> Has everyone on this list lost their minds? Can't someone give a well-intentioned piece of advice without getting bogged down in a ten-day flame war? I don't think anyone here questions the integrity of the EFF. They were trying to help by giving the names of those outlaw GIFs. What's the big deal? If there's someone smoking a cigarette on the subway platform and I see a cop coming, I'll tip the person off. Common courtesy. (I'm not saying this is the exact same thing that the EFF is doing, just making an analogy.) Why blow this all out of proportion? Please do your part to save bandwidth and keep S/N as high as possible. If you're going to harangue people, do it via private email. Probably 40% of cypherpunk posts in the last few weeks have been stupid bickering that never should have started and probably persuaded quite a few people to unsubscribe besides. There's no need to let everyone on the list know about every tiny disagreement you have with someone's opinion. Especially when that person clearly has the best of intentions. Maybe we SHOULD make people pay to post the list. -Mr. Funn From cme at ellisun.sw.stratus.com Wed Oct 6 08:15:15 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Wed, 6 Oct 93 08:15:15 PDT Subject: Strong PRNGs Message-ID: <9310061511.AA21028@ellisun.sw.stratus.com> >Message-Id: <9310061432.AA16969 at snark.lehman.com> >Subject: Re: Strong PRNGs >Date: Wed, 06 Oct 1993 10:32:26 -0400 >From: "Perry E. Metzger" >Carl Ellison says: >> I can think of two: >> >> 1. a long-period PRNG (like subtract-with-carry) feeding a >> cryptographically strong hash function (perhaps triple-DES >> in ECB mode with both key nad input taken from the PRNG >> and output becoming the new PRNG output); > >What would the point of using this for a one time pad be, though? Why >not just use triple-DES and be done with the bulk and complexity? I'm not advocating it as a replacement for triple-DES. I was answering a question. I have many uses for random numbers and none of them is XOR encryption. However, I can even see a point for using this for XOR encryption [I prefer not to call anything using a PRNG One-Time-Pad]. I can see two points, even: 1. You might have traffic which operates in very high speed bursts (faster than your triple-DES can go) but for which the average throughput is well within the speed of your triple-DES. So, you keep your PRNG/DES grinding and building a buffer of bytes to be used, then you use them at high speed during the burst. 2. Knuth's Algorithm M (from someone else) mixes two PRNG streams and the result is stronger than either of the two sources. I haven't read the paper he references, so I don't know how much stronger, but if there's any strength to be gained, someone might want to use it. - Carl From trebor at foretune.co.jp Wed Oct 6 08:40:14 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Wed, 6 Oct 93 08:40:14 PDT Subject: Enough already! In-Reply-To: <9310061433.AA12074@pmantis.berkeley.edu> Message-ID: <9310061539.AA09997@dink.foretune.co.jp> nobody at pmantis.berkeley.edu writes: >Maybe we SHOULD make people pay to post the list. This is an excellent idea. A modest suggestion: build a email-based digital cash system; allot each reader a certain amount of cash per month; charge a fee for posting. We'd have to figure out a way to give extra income to posters that other posters agree with, or vice-versa, in a non-onerous way... On a totally different topic, has anyone investigated using the LSbit of CD sound tracks as the source of a 1-time pad? From cme at ellisun.sw.stratus.com Wed Oct 6 09:05:15 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Wed, 6 Oct 93 09:05:15 PDT Subject: OTP random number sources Message-ID: <9310061600.AA21132@ellisun.sw.stratus.com> >Message-Id: <9310061539.AA09997 at dink.foretune.co.jp> >Subject: Re: Enough already! >Date: Thu, 07 Oct 93 00:39:42 JST >From: "Robert J. Woodhead" >On a totally different topic, has anyone investigated using the >LSbit of CD sound tracks as the source of a 1-time pad? This was discussed, some, in the internet draft on random numbers. The one which just expired was draft-ietf-security-randomness-00.txt. A new one has been submitted to replace it. I'd recommend it to those interested in the topic. From bobi at vswr.sps.mot.com Wed Oct 6 09:59:13 1993 From: bobi at vswr.sps.mot.com (Bob Izenberg) Date: Wed, 6 Oct 93 09:59:13 PDT Subject: Enough already! In-Reply-To: <9310061539.AA09997@dink.foretune.co.jp> Message-ID: <9310061655.AA18086@vswr.sps.mot.com> Robert J. Woodhead wrote: # This is an excellent idea. A modest suggestion: build a email-based # digital cash system; allot each reader a certain amount of cash # per month I obviously need to read up on the digital cash idea. The messages that I've read make the concept sound like play money... I mean, does the coin of the realm in my pocket become the ethereal coin in a digital bank? What protections are there from digital embezzlers? Whither the FDIC? (Why is the sky blue? :-) et cetera.) If the whole subject is just a classroom exercise in economics and authentication theory, then I'll be a little disappointed. Bob -- ============================================================================== Bob Izenberg voice phone: 512-891-8680 Motorola RISC Software bobi at vswr.sps.mot.com ============================================================================== From mech at eff.org Wed Oct 6 10:20:15 1993 From: mech at eff.org (Stanton McCandlish) Date: Wed, 6 Oct 93 10:20:15 PDT Subject: Standard Headers for Anonymous Remailers In-Reply-To: <199310052035.AA27555@eff.org> Message-ID: <199310061719.AA07224@eff.org> > It seems to me that his suggestion would work to make it easier for > readers to do that. There are people who don't want to read anonymous posts. It > seems only fair to give them a reasonable opportunity to kill them as a group > _from their own newsreaders_. This job is very difficult in the present, and it > requires that the person know the email addresses of every anonymous remailer > in the world, so he/she can killfile all of them. On the other hand, a single > word added to a special header would enable them to identify anonymous posts as > a group, saving everyone a lot of hassle. Which will result in newgroups banning anon mail wholesale. There are other filtration methods besides using the full address of the remailer. Simply filtering out all mail from userIDs "anonymous" and "nobody" will kill most anon mail as it is. > This isn't necessarily related to the banning of anonymous posts from a > whole newsgroup. This is about an individual choice by individual readers. But of course it is related to banning anon postings in whole groups. > What it suggests is a matter of opinion, and I'm sure that you will > give yours (as will I) to anyone who tries to ban anoymous posting in "normal" > groups. On the other hand, the academic and hard-science conferences you > addressed would be served by this feature. They can already filter out this stuff without that much of a hassle as can anyone. Really, the idea of standardizing the anon remailers is not that big a deal, I just see it as a step in the wrong direction, at least until anon mail is more accepted. It will just make it slightly more easy to filter out anon mail, and at a time when lots of admins and moderators are frowning up anon mail, is this such a good idea? > It is a bad idea to try to stop a technical development just because > some people might misuse it. Yes, the anon-marker heeader may be misused. PGP > has been and will continue to be misused, as will the remailers. That doesn't > mean we should get rid of them. It only means that we should behave > intelligently and make our own choices about who to believe and what to > support. Hahahah, I'm not trying to stop a [useful] technological development, just slowdown a potentially worse-than-useless one until anon mail is more accepted, at which point standardizing would be a good idea. Your last sentence above...when do I ever advocate otherwise? :) > Usenet is hardly an autocratic medium. If a normal Usenet group > suddenly banned anon traffic entirely, there would be ample opportunities for > you and I and all the other cypherpunks (both in membership and in spirit) to > raise objections. And it's not only cypherpunks who would object. The traffic > in the normally conservative news.admin.policy showed the disapproval of > oppressive top-down regulations during the ARMM/UDP incidents. > I just think that the creation of a special anon header is not a real > problem, since it would do no real damage, and might improve the image of > remailers considerably. This argument I really don't follow. I don't see how standardizing this mailing software to produce a specific header line will change anyone's opinion or remailers or anonymity on the net. Well over a year ago, some Fido-tech software authors came up with a similar idea for marking encrypted mail (specifically they created the ^enc PID kluge line, which is pretty much analogous to a type of mail header). The result was that no one's opinion of crypto in FidoNet appears to have changed, and the debate rages on just as before. > >Fido: IndraNet: 369:111/1 > Oh, a Fido member? What's your opinion on the recent squabble over > encryption/mail censorship there? Well I'm temp. out of Fido, for a week or so, due to the move, but if you mean the CP argument, I'm still sorting through it (again, due to moving, I have a major backlog, like 600+ emails). If you mean the general idea of le crypto en Phydeaux, well that's been raging for a year or 2 or 4. Quite a few of us decided 'heck with it', and started a secondary hub backbone system called the SecureMail system, which WILL carry encrypted mail. Just search the nodelist for the UNSMH and URSMH flags (that's Net SecureMail Hub, and Region SM Hub.) The EFF-BBS that's coming soon will likely been one such hub. -- DISCLAIMER: This message represents only my OWN opinion, not that of EFF. Stanton McCandlish Electronic Frontier Foundation Online Activist mech at eff.org NitV-DataCenter BBS SysOp Fido: IndraNet: 369:111/1 From cme at ellisun.sw.stratus.com Wed Oct 6 10:55:16 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Wed, 6 Oct 93 10:55:16 PDT Subject: Strong PRNGs Message-ID: <9310061753.AA21992@ellisun.sw.stratus.com> Someone wrote: > for each bit in the 512-bit register, if the bit is a 1, add the > corresponding array entry into a 521-bit accumulator (init'd to 0 > at the start of this pass), modulo a 521-bit prime. > ^^^ > is this correct? > Yup. 512 + 8 + 1 = 521 512: for the seed for next time 8: for the output byte 1: slop, since numbers mod a 521 bit prime won't give a uniform distribution of the top bit - Carl From pcw at access.digex.net Wed Oct 6 10:59:14 1993 From: pcw at access.digex.net (Peter Wayner) Date: Wed, 6 Oct 93 10:59:14 PDT Subject: Enough already! Message-ID: <199310061755.AA11647@access.digex.net> Given that the cypherpunks are limited to text lately, it might be interesting to convert our mailing list into a version of Ted Nelson's Xanadu Hypertext system. He had some plan where people would pay the author several coins for the priviledge to reading their text. This could have several advantages. 1) People would quit posting random stuff because they knew that it would dillute their "brand name" and cause people not to buy their next posting. 2) People would have an incentive to contribute to the group because they would start running out of cash if they didn't say something valuable. Of course there are downsides to this. Posters like Sternlight might find themselves unread. Or neo-Sternlights might be rewarded for the controversy they generate by attracting high readership. The need to post or run out of money would discourage low-volume neophiles and those without hours of idle time to burn. -Peter From nowhere at bsu-cs.bsu.edu Wed Oct 6 11:25:17 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Wed, 6 Oct 93 11:25:17 PDT Subject: No Subject Message-ID: <9310061825.AA00943@bsu-cs.bsu.edu> > and cause people not to buy their next posting. 2) People would > have an incentive to contribute to the group because they would > start running out of cash if they didn't say something valuable. Yes, but it would also discourage lurkers like me who are here to learn - and don't have much to contribute so far. If you have to pay to read, and to get more money you have to post something useful that people want to read, the "startup cost" associated with the list would grow as time goes on. From msattler at netcom.com Wed Oct 6 11:39:13 1993 From: msattler at netcom.com (Michael Sattler) Date: Wed, 6 Oct 93 11:39:13 PDT Subject: PGP in Fidonet Message-ID: <9310061836.AA14135@netcom.netcom.com> The real question is, what attorney jokes do *you* know? Do you tell programmer jokes? ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) Evil will certainly triumph if good people do nothing at all. From pcw at access.digex.net Wed Oct 6 11:45:16 1993 From: pcw at access.digex.net (Peter Wayner) Date: Wed, 6 Oct 93 11:45:16 PDT Subject: Start up costs and paying for speech... Message-ID: <199310061842.AA17128@access.digex.net> Of course there would need to be some mechanism associated with letting new people into the system. In the real world, the parents and to some extent the government bear the responsiblity to bring up the young and provide for them. Perhaps some form of welfare could be instituted without offending the strict libertarians? Each month, the smartest and wittiest would be taxed and their success redistributed to the new and the epistolarily challenged. Ack... I don't know if digital money is such a great idea. A worl d without it seems so free. -Peter From mnemonic at eff.org Wed Oct 6 11:49:13 1993 From: mnemonic at eff.org (Mike Godwin) Date: Wed, 6 Oct 93 11:49:13 PDT Subject: PGP in Fidonet In-Reply-To: <9310061836.AA14135@netcom.netcom.com> Message-ID: <199310061846.AA08848@eff.org> Michael Sattler writes: > The real question is, what attorney jokes do *you* know? Do you tell > programmer jokes? I know every attorney joke you've ever heard, plus some I made up. As for programmer jokes, did you hear about the programmer who could never get out of the shower? --Mike From an5877 at anon.penet.fi Wed Oct 6 11:55:16 1993 From: an5877 at anon.penet.fi (deadbeat) Date: Wed, 6 Oct 93 11:55:16 PDT Subject: How to Share a Secret Message-ID: <9310061850.AA05936@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- How to Share a Secret Adi Shamir Massachusetts Institute of Technology In this paper we show how to divide data D into n pieces in such a way that D is easily reconstructable from any k pieces, but even complete knowledge of k - 1 pieces reveals absolutely no information about D. This technique enables the construction of robust key management schemes or cryptographic schemes that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces. Key Words and phrases: cryptography, key management, interpolation. CR Categories: 5:39, 5.6 1. Introduction In [4], Liu considers the following problem: Eleven scientists are working on a secret project. They wish to lock up the documents in a cabinet so that the cabinet can be opened if and only if six or more of the scientists are present. What is the smallest number of locks needed? What is the smallest number of keys to the locks each scientist must carry? It is not hard to show that the minimal solution uses 462 locks and 252 keys per scientist. These numbers are clearly impractical, and they become exponentially worse when the number of scientists increases. In this paper we generalize the problem to one in which the secret is some data D (e.g., the safe combination) and in which nonmechanical solutions (which manipulate this data) are also allowed. Our goal is to divide D into n pieces D1, ..., Dn in such a way that: (1) knowledge of any k or more Di pieces makes D easily computable; (2) knowledge of any k - 1 or fewer Di pieces leaves D completely undetermined (in the sense that all its possible values are equally likely). Such a scheme is called a (k, n) threshold scheme. Efficient threshold schemes can be very helpful in the management of cryptographic keys. In order to protect data we can encrypt it, but in order to protect the encryption key we need a different method (further encryptions change the problem rather than solve it). The most secure key management scheme keeps the key in a single, well-guarded location (a computer, a human brain, or a safe). This scheme is highly unreliable since a single misfortune (a computer breakdown, sudden death, or sabotage) can make the information inaccessible. An obvious solution is to store multiple copies of the key at different locations, but this increases the danger of security breaches (computer penetration, betrayal, or human errors). By using a (k, n) threshold scheme with n = 2k - 1 we get a very robust key management scheme: We can recover the original key even when floor(n/2) = k - 1 of the n pieces are destroyed, but our opponents cannot reconstruct the key even when security breaches expose floor(n/2) = k - 1 of the remaining k pieces. In other applications the tradeoff is not between secrecy and reliability, but between safety and convenience of use. Consider, for example, a company that digitally signs all its checks (see RSA [5]). If each executive is given a copy of the company's secret signature key, the system is convenient but easy to misuse. If the cooperation of all the company's executives is necessary in order to sign each check, the system is safe but inconvenient. The standard solution requires at least three signatures per check, and it is easy to implement with a (3, n) threshold scheme. Each executive is given a small magnetic card with one Di piece, and the company's signature generating device accepts any three of them in order to generate (and later destroy) a temporary copy of the actual signature key D. The device does not contain any secret information and thus it need not be protected against inspection. An unfaithful executive must have at least two accomplices in order to forge the company's signature in this scheme. Threshold schemes are ideally suited to applications in which a group of mutually suspicious individuals with conflicting interests must cooperate. Ideally we would like the cooperation to be based on mutual consent, but the veto power this mechanism gives to each member can paralyze the activities of the group. By properly choosing the k and n parameters we can give any sufficiently large majority the authority to take some action while giving any sufficiently large minority the power to block it. 2. A Simple (k, n) Threshold Scheme Our scheme is based on polynomial (*) interpolation: given k points in the 2-dimensional plane (x1, y1), ... (xk, yk) with distinct xi's, there is one and only one polynomial q(x) of degree k - i such that q(xi) = yi for all i. -------- (*) The polynomials can be replaced by any other collection of functions which are easy to evaluate and to interpolate. -------- Without loss of generality, we can assume that the data D is (or can be made) a number. To divide it into pieces Di, we pick a random k - 1 degree polynomial q(x) = a[0] + a[1] * x + ... a[k-1] * x^(k-1) in which a[0] = D, and evaluate: D1 = q(1), ..., Di = q(i), ..., Dn = q(n). Given any subset of k of these Di values (together with their identifying indices), we can find the coefficients of q(x) by interpolation, and then evaluate D = q(O). Knowledge of just k - 1 of these values, on the other hand, does not suffice in order to calculate D. To make this claim more precise, we use modular arithmetic instead of real arithmetic. The set of integers modulo a prime number p forms a field in which interpolation is possible. Given an integer valued data D, we pick a prime p which is bigger than both D and n. The coefficients a[1], ..., a[k-1], in q(x) are randomly chosen from a uniform distribution over the integers in [0, p), and the values D1, ..., Dn are computed modulo p. Let us now assume that k - 1 of these n pieces are revealed to an opponent. For each candidate value D' in [O, p) he can construct one and only one polynomial q'(x) of degree k - 1 such that q'(0) = D' and q'(i) = Di for the k - 1 given arguments. By construction, these p possible polynomials are equally likely, and thus there is absolutely nothing the opponent can deduce about the real value of D. Efficient O(n log^2 n) algorithms for polynomial evaluation and interpolation are discussed in [11 and [3], but even the straightforward quadratic algorithms are fast enough for practical key management schemes. If the number D is long, it is advisable to break it into shorter blocks of bits (which are handled separately) in order to avoid multiprecision arithmetic operations. The blocks cannot be arbitrarily short, since the smallest usable value of p is n + 1 (there must be at least n + 1 distinct arguments in [0, p) to evaluate q(x) at). However, this is not a severe limitation since sixteen bit modulus (which can be handled by a cheap sixteen bit arithmetic unit) suffices for applications with up to 64,000 Di pieces. Some of the useful properties of this (k, n) threshold scheme (when compared to the mechanical locks and keys solutions) are: (1) The size of each piece does not exceed the size of the original data. (2) When k is kept fixed, Di pieces can be dynamically added or deleted (e.g., when executives join or leave the company) without affecting the other D, pieces. (A piece is deleted only when a leaving executive makes it completely inaccessible, even to himself.) (3) It is easy to change the Di pieces without changing the original data D -- all we need is a new polynomial q(x) with the same free term. A frequent change of this type can greatly enhance security since the pieces exposed by security breaches cannot be accumulated unless all of them are values of the same edition of the q(x) polynomial. (4) By using tuples of polynomial values as Di pieces, we can get a hierarchical scheme in which the number of pieces needed to determine D depends on their importance. For example, if we give the company's president three values of q(x), each vice-president two values of q(x), and each executive one value of q(x), then a (3, n) threshold scheme enables checks to be signed either by any three executives, or by any two executives one of whom is a vice-president, or by the president alone. A different (and somewhat less efficient) threshold scheme was recently developed by G.R. Blakley [2]. References 1. Aho, A., Hopcroft, J., and Ullman, J. The Design and Analysis of Computer Algorithms. Addison-Wesley, Reading, Mass., 1974. 2. Blakley, G.R. Safeguarding cryptographic keys. Proc. AFIPS 1979 NCC, Vol. 48, Arlington, Va., June 1979, pp. 313-317. 3. Knuth, D. The Art of Computer Programming, Vol. 2: Seminumerical Algorithms. Addison-Wesley, Reading, Mass., 1969. 4. Liu, C.L. Introduction to Combinatorial Mathematics. McGraw-Hill, New York, 1968. 5. Rivest, R., Shamir. A., and Adleman, L. A method for obtaining digital signatures and public key cryptosystems. Comm. ACM 21, 2 (Feb. 1978), 120-126. Communications of the ACM November 1979 Volume 22 Number 11 Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwise, or to republish, requires a fee and/or specific permission. Author's present address: A. Shamir, Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA 02139. This research was supported by the Office of Naval Research under contract no N00014-76-C-0366. Received April 1979; revised September 1979. (c) 1979 ACM 0001-0782/79/1100-0612 $00.75. Brought to you by the Information Liberation Front, and DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBFAgUBLLMNTPFZTpBW/B35AQF87AGAqZA0rZKDNuBLbFUcA+bEy5T93aOEIZi3 oaV5nje6JIS+QIW+lfuFWs0hobrgQz6V =u17f -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From jthomas at pawpaw.mitre.org Wed Oct 6 12:09:13 1993 From: jthomas at pawpaw.mitre.org (Joe Thomas) Date: Wed, 6 Oct 93 12:09:13 PDT Subject: Start up costs and paying for speech... Message-ID: <9310061906.AA28917@pawpaw.mitre.org> On cypherpunks, Peter Wayner writes: > Each month, the > smartest and wittiest would be taxed and their > success redistributed to the new and the > epistolarily challenged. > > Ack... I don't know if digital money is such a > great idea. A worl d without it seems so free. I wouldn't worry about either. I don't see how enforcement of copyright will be possible under crypto-anarchy any more than taxation will be. If one person pays for a posting, what's to keep him from sharing it anonymously with whomever he wants? Is there any way that crypto-anarcy won't bring the death of "intellectual property"? Joe From cme at ellisun.sw.stratus.com Wed Oct 6 12:10:16 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Wed, 6 Oct 93 12:10:16 PDT Subject: From the LA Times story Message-ID: <9310061909.AA22134@ellisun.sw.stratus.com> Robert Lee Hotz did a good job with this one -- except he tripped over my favorite soapbox, as do most people. Is he on the list? Does anyone know how to reach him? He wrote: "Not so many years ago, powerful encryption techniques were the monopoly of military and intelligence agencies." If this was true, it was for a short span of years -- perhaps 1932 to about 1975 -- but even then, Vernam's one-time-tape was published in 1920 and you can't get any stronger than that. What *was* true is that the gov't agencies and the press made it sound like real encryption was the property of the governments while we peons played around with simple substitution preserving word separation. I wish more people would read the history chapters of Kahn...especially the one about the dominance of the amateurs (in the early polyalphabetic days). Ah, well..... - Carl From ssteele at eff.org Wed Oct 6 12:25:16 1993 From: ssteele at eff.org (Shari Steele) Date: Wed, 6 Oct 93 12:25:16 PDT Subject: Possible Change In Crypto Export Controls Message-ID: <199310061921.AA09591@eff.org> I haven't had time to confirm this yet, but I thought everyone here would want to see it ASAP. I'll get back to the list with confirmation. Shari >Date: Wed, 6 Oct 1993 15:06:09 -0400 >From: Christopher Davis >To: editors at eff.org >Subject: [alt.security.pgp] Possible Change In Crypto Export Controls >X-Attribution: ckd > >------- Start of forwarded message ------- >Newsgroups: talk.politics.crypto,alt.security.pgp,comp.org.eff >From: dave at blackjoke.bsd.uchicago.edu (Dave Griffith) >Subject: Possible Change In Crypto Export Controls >Organization: University of Chicago -- Academic & Public Computing >Date: Thu, 30 Sep 1993 20:26:43 GMT > > >What I know: > Yesterday, Secretary of Commerce Ron Brown presented to Congress a report on > >export policy, including proposals for legislation. Included in this was a >proposal for updating the Export Control Act to allow export of many items >currently restricted for out-dated security purposes. The Commerce Department > >estimates that $40 billion per year in sales are lost to such restrictions. > Attempting to get a copy of this report lead me into a bureaucratic maze, >eating up an unknown amount of telephone charges and producing no results. > >What I want to know: > Is crypto on the suggested list of changes? If not, whose office should we >call to get it on such a list? > >In any case, it seemed like something the EFF would want to know about, hence >the crossposting. > >- -- >Dave Griffith, Information Resources, University of Chicago, >Biological Sciences Division dave at delphi.bsd.uchicago.edu >Will build secret weapon for food. > >------- End of forwarded message ------- > > From ssteele at eff.org Wed Oct 6 12:29:12 1993 From: ssteele at eff.org (Shari Steele) Date: Wed, 6 Oct 93 12:29:12 PDT Subject: oops! Message-ID: <199310061928.AA09710@eff.org> Sorry about that last post -- just noticed the date. Now I realize what they were talking about. Please disregard. Shari From tcmay at netcom.com Wed Oct 6 12:30:39 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 6 Oct 93 12:30:39 PDT Subject: Options for Speech on Cypherpunks In-Reply-To: <199310061842.AA17128@access.digex.net> Message-ID: <9310061931.AA16528@netcom5.netcom.com> I'll be brief, to same tempers and bandwidth. Lots of options for dealing with too much volume, too much flamage, too little content, too many diverse interests, whatever. Not all options are feasible for the Sysadmin (Eric Hughes), of course, and software is not always available. The Extropians list dealt with this problem in the past year (too many messages for everyone's liking, too much rancor at times). The Cypehrpunks list may want to adopt the software they use, and I know discussions along these lines continue. (Indeed, Ray Cromwell has talked about his software here, I believe.) * the Extropians software allows nice filters: - users can be filtered by the "::exclude user paranoid at clueless.rant" command. None of his posts will be seen by the excluder. Threads can also be excluded. And so on. Makes for a more civil experience. Not perfect, though. (This consumes some CPU time. Issues to be discussed.) (Why filter at the source and not the destination? First, there are several dozen mailers people are using--often multiple mailers per person. Second, the Extropians have an idea of eventually using "reputations" derived from and related to the popularity (or lack thereof) of various posters.) Anyway, I need to be brief. * Dividing the List into two or more pieces has been debated several times. There are some advantages that go linearly with the number of sublists, but also some disadvantages that scale unpredictably (cross-posts ot several sublists, missed posts, etc.). Also, maintaining several sublists and the adds/drops to each multiplies the management effort. (Unless "majordomo" is used....) * "Paying to post" has many downsides.... * "Paying _not_ to post" is even stranger. * All of these schemes to control volume via pricing of posts are hindered by several things: - lack of a currency, as personal checks and credit card numbers won't be used - lack of any real concept of "value"--if I have the time to post, for example, should I be "penalized" by paying? By what logic? And if I try to "sell" my posts, how do I enforce redistribution limitations? (As an anarcho-capitalist, free market supporter, I am not against schemes to charge or collect for things. But I just don't see an environment that is conducive to the such schemes. The proposals for "rationing" of one sort or another fail miserably. To wit, do we really want to tell Mike Godwin or Hal Finney that they've exceeded their limits, while J. Random Lurker never posts?) Just as the Extropians are now showing new interest in digital cash, reputation markets, crypto-anarchy, and so on, I suggest we on this list get more interested in what they are doing with their list software, with their "HEx" reputation market, etc. By the way, I think a real business could be made out of selling "list server machine" access. Put the Cypherpunks and Extropians mailing lists on a machine with good connectivity and then sell subscriptions, just like magazines. The rates could be negotiated to be flat, as in $20/year per user, or based on volume, processing time, etc. Imagine locating these machines physically in offshore locations, safe from seizure, but still on the Net. Needless to say, these ideas are swirling around in many minds. "Abraham-Hughes" described their ideas along these lines at a Cypherpunks meeting, the Extropians are debating releasing or selling their list filtering software, and services like "Netcom" are spreading rapidly across the country. Lots of opportunities. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From dewayne at netcom.com Wed Oct 6 09:41:00 1993 From: dewayne at netcom.com (Dewayne Hendricks) Date: Wed, 6 Oct 1993 12:41:00 -0400 Subject: TAL Press Releases Message-ID: <9310061641.AA25684@netcom5.netcom.com> Peter: I thought that you would be interested in our rollout press releases from Monday. We are now ready for prime time. Best, -- Dewayne TETHERLESS ACCESS LTD. ANNOUNCES STRATEGIC ALLIANCES FOR WIRELESS MAN DEPLOYMENT October 4, 1993, Fremont, California-Tetherless Access, Ltd. (TAL), a leader in the development of user-provided wireless metropolitan area networks (MAN), today announced the formation of three separate strategic business and technology alliances. The alliances envision the provision of wireless access, applications development, packet radio hardware development and new services for wireless connectivity to the worldwide Internet. TAL has developed a "plug-and-play" interface for the Macintosh platform for the unlicensed operation of packet radio systems. The systems enable peer-to-peer wireless connectivity over AppleTalk networks within a MAN environment. The system software also provides transparent connectivity to TCP/IP networks and to services available on the worldwide Internet. User-provided wireless networking allows anyone within range of another system to automatically make a network connection. This "ad hoc" network means that each node not only generates its own traffic, but also relays the transmissions of nearby nodes. Each system owner becomes a "de facto" member of the network. The system provides a low-cost connectivity solution for community networks, libraries, schools, businesses, telecommuters, and an easily deployed communications infrastructure for developing countries. "In association with our strategic alliances we will deploy wireless MANs on a worldwide basis with a focus on providing access to the Internet" said Dewayne Hendricks, President of TAL. Pandora Systems of San Francisco, CA, a software development and network operations company, will design Internet-based wireless networking products and services. Pandora's principals have been involved in the establishment of PeaceNet, GreenNet, The WELL and have developed numerous Internet applications including Veronica, one of the most popular and useful navigation tools available on the Internet today. "The Internet and wireless communications are both experiencing dramatic growth. The combination of these environments offer unparalleled applications development opportunities" said Mark Graham, President of Pandora Systems. InterNex Information Services, Inc. of Menlo Park, CA, a provider of high bandwidth connectivity to the Internet, will provide wireline access points to the Internet for wireless MANs in major metropolitan areas throughout the U.S. InterNex and TAL will jointly market network services to businesses, educational institutions, communities and individuals. Cylink of Sunnyvale, CA, the leading worldwide supplier of commercial communications security products and spread spectrum wireless modems and systems, is cooperating in the supplying of spread spectrum radios for deployment in TAL's MAN packet radio systems on a worldwide basis. Cylink's founders are leading authorities in encryption and spread spectrum technologies, and the company currently services customers in over 40 countries. Tetherless Access, Ltd., based in Fremont, California, is a leader in the development and deployment of "plug-and-play" wireless metropolitan area networks. The company's products allow customers to achieve efficient, low-cost, flexible, high-quality wireless data communications in metropolitan network environments and to the worldwide Internet. TETHERLESS ACCESS, LTD. ANNOUNCES NET/MAC PRO WITH SUPPORT FOR POWERTALK October 4, 1993, Fremont, California-Tetherless Access, Ltd. (TAL), a leader in the development of user-provided wireless metropolitan area networks (MAN), today announced NET/Mac Pro, a new version of its NET/Mac Internet Protocol application for packet radio environments. NET/Mac Pro adds support for a personal gateway that allows PowerTalk� users to exchange mail with SMTP servers over a TCP/IP network. PowerTalk is Apple's new mail and messaging technology, built in to System 7� Pro. This combination provides convenient Internet access for Apple� Macintosh� users through wireless Metropolitan Area Networks. TAL's standard products have led the way for wireless TCP/IP network access on the Macintosh. Now, with System 7 Pro, this access is simplified even more by not having to use a separate SMTP client program to transfer mail. "The PowerTalk universal mailbox and drag send capability integrated with our NET/Mac Pro product allows our users to deploy wireless MANs on a worldwide basis with a focus on providing easy access to the Internet mail services" said Dewayne Hendricks, President of TAL. TAL has formed strategic alliances with InterNex Information Services, Inc. of Menlo Park, CA, Cylink of Sunnyvale, CA and Pandora Systems of San Francisco, CA. Together the four companies will provide hardware, software and services which can be used to provide low-cost MAN connectivity solutions for community networks, libraries, schools, businesses, telecommuters, and an easily deployed communications infrastructure for developing countries. "In association with our strategic alliances we will deploy wireless MANs on a worldwide basis with a focus on providing access to the Internet" said Dewayne Hendricks, President of TAL. Tetherless Access, Ltd., based in Fremont, California, is a leader in the development and deployment of "plug-and-play" wireless metropolitan area networks. The company's products allow customers to achieve efficient, low-cost, flexible, high-quality wireless data communications in metropolitan network environments and to the worldwide Internet. Apple and Macintosh are registered trademarks and PowerTalk and System 7 are trademarks of Apple Computer, Inc. ----------- Dewayne Hendricks, WA8DZP ! CIS: 75210,10 AppleLink: D6547 Tetherless Access Ltd. ! Packet Radio: WA8DZP @ K3MC.#NOCAL.CA.USA.NA 43730 Vista Del Mar ! AOL: HENDRICKS Fremont, CA 94539-6250 ! Internet: dewayne at netcom.com Phone: (510) 659-0809 ! Fax: (510) 770-9854 ----------- From mandk at aol.com Wed Oct 6 12:55:20 1993 From: mandk at aol.com (mandk at aol.com) Date: Wed, 6 Oct 93 12:55:20 PDT Subject: Unsubscribe Message-ID: <9310061548.tn09759@aol.com> Please Unsubscribe me. M AND K at aol.com From mg5n+ at andrew.cmu.edu Wed Oct 6 13:35:20 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Wed, 6 Oct 93 13:35:20 PDT Subject: Quantifying similar graphic images (was Re: criminal gif upload) In-Reply-To: <1743.pfarrell@gmu.edu> Message-ID: "Pat Farrell" writes: > We can prove statistical insignificance of duplication using strong > hashing functions. Can we find a way to statistically prove "looks like" > on a numerical basis? Yes. If you were to take an image and divide it into let's say about 20 sections horizontally, and 20 sections vertically, and then average the intensities of all pixels in each of the 400 rectangles formed, you would create a fuzzy low-resolution version of the original picture which could be used to compare other pictures to it to determine weather they look like the orginal by using the same averaging method, and then comparing the block-pixel averages. If the pictures differed by less than +/- 5% or so for each block, the original pictures probably look very much alike. This method works well even if one of the images had been converted to a different resolution, or if it's color pallete had been changed slightly to fit a different graphic format, or if one was converted to black & white. Such a system would probably be very helpful to sysops to get rid of duplicate pictures on their systems, but unfortunanently it would also give the cops an automated system for busting people. :( From habs at panix.com Wed Oct 6 13:45:20 1993 From: habs at panix.com (Harry S. Hawk) Date: Wed, 6 Oct 93 13:45:20 PDT Subject: Start up costs and paying for speech... Message-ID: <199310062042.AA06185@panix.com> We are planing on adding pay for use features to the Extropian Mailing List software. However it is a bit on the back burner. However, If there is serious interest on using a digi-cash system for pay-as-you post mailing list we should "TALK." Hal do you have any free time? /hawk -- Harry S. Hawk ON Vacation From cme at ellisun.sw.stratus.com Wed Oct 6 14:10:20 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Wed, 6 Oct 93 14:10:20 PDT Subject: Quantifying similar graphic images (was Re: criminal gif upload) Message-ID: <9310062109.AA22515@ellisun.sw.stratus.com> >Message-Id: >Date: Wed, 6 Oct 1993 16:32:52 -0400 (EDT) >From: Matthew J Ghio >Subject: Quantifying similar graphic images (was Re: criminal gif upload) >"Pat Farrell" writes: > >> We can prove statistical insignificance of duplication using strong >> hashing functions. Can we find a way to statistically prove "looks like" >> on a numerical basis? > >Yes. If you were to take an image and divide it into let's say about 20 >sections horizontally, and 20 sections vertically, and then average the >intensities of all pixels in each of the 400 rectangles formed, you >would create a fuzzy low-resolution version of the original picture >which could be used to compare other pictures You would have a better chance if you took just the low frequency components of a 2D Fourier transform of the pictures in question -- perhaps at only certain frequencies -- to get a vector describing features of the picture. You'd have to choose your 2D frequencies and build a set of such indicators and then look to see what distance between two vectors suggests that the pictures are the same. You'd want to use only the magnitude of the transform, to remove translation effects. You could use a sum around a circle of frequencies to remove rotation effects. The low res picture by averaging is easily confused by any translation or rotation of the image. - Carl From ebrandt at jarthur.Claremont.EDU Wed Oct 6 14:15:21 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Wed, 6 Oct 93 14:15:21 PDT Subject: Strong PRNGs In-Reply-To: <9310061511.AA21028@ellisun.sw.stratus.com> Message-ID: <9310062111.AA00649@toad.com> >Carl Ellison says: > However, I can even see a point for using this for XOR encryption [I prefer > not to call anything using a PRNG One-Time-Pad]. I can see two points, > even: Another point: it raises the possibility of an interesting loophole in the ITAR. Cryptographic hash functions are exportable, as "systems for authentication", or something to that effect. A random-number generator based on a hash function should be exportable. After all, as you say, > I have many uses for random numbers and none of them is XOR encryption. But such an RNG *could* be used for encryption. If you package and market it as such, you're asking for trouble. But packaged as a library routine in a simulation library? It's not a fast PRNG, but it should be pretty good statistically. Eli ebrandt at jarthur.claremont.edu From chaos at aql.gatech.edu Wed Oct 6 14:39:13 1993 From: chaos at aql.gatech.edu (Paul Goggin) Date: Wed, 6 Oct 93 14:39:13 PDT Subject: FOIA requests reworded Message-ID: <9310062135.AA00959@toad.com> Thought this might be of interest to us cypherpunks and the EFF, in case you have not heard. Excerpted from the most recent issue of ALAWON. *************************************************************************** JUSTICE DEPARTMENT ISSUES NEW FOIA POLICY On October 4, President Clinton and Attorney General Reno rescinded a 1981 rule which encouraged federal agencies to withhold information requested under the Freedom of Information Act (FOIA) whenever there was "a substantial legal basis" for doing so. In its place, agencies are directed to apply a "presumption of disclosure." A memorandum from President Clinton urged agencies to take a fresh look at their administration of the FOIA, to reduce backlogs of requests, and to enhance public access to information. (See below for the full text of the memorandum.) In a memorandum sent to heads of departments and agencies, Attorney General Reno stated that ...we must ensure that the principle of openness in government is applied in each and every disclosure and nondisclosure decision that is required under the Act....It shall be the policy of the Department of Justice to defend the assertion of a FOIA exemption only in those cases where the agency reasonably foresees that disclosure would be harmful to an interest protected by that exemption. Where an item of information might technically or arguably fall within an exemption, it ought not to be withheld from a FOIA requester unless it need be. At a Department of Justice briefing, Associate Attorney General Webster Hubbell acknowledged that there was a huge backlog of FOIA requests, and said the Department of Justice wanted to hear of the problems requestors were having. He said that the Department would review all pending FOIA lawsuits, but would not provide additional funding to fill FOIA requests. When asked about FOIA access to electronic records, John Podesta, White House Staff Secretary, replied that agencies would work with users to get information to them in a usable way. He added that OMB, the White House, and the Department of Justice were all committed to making information available. One person at the briefing asked about privacy issues, and noted that the FBI would not search for records on an individual because of concerns about privacy. Hubbell replied that the FBI should ask the individual first, but that the new FOIA regulations presumed disclosure. He added that the Department of Justice would discuss the matter with the FBI director. *************************************************************************** TEXT OF FOIA MEMO ISSUED BY THE WHITE HOUSE The White House Washington October 4, 1993 MEMORANDUM FOR HEADS OF DEPARTMENTS AND AGENCIES SUBJECT: The Freedom of Information Act I am writing to call your attention to a subject that is of great importance to the American public and to all Federal departments and agencies -- the administration of the Freedom of Information Act, as amended (the "Act"). The Act is a vital part of the participatory system of government. I am committed to enhancing its effectiveness in my Administration. For more than a quarter century now, the Freedom of Information Act has played a unique role in strengthening our democratic form of government. The statute was enacted based upon the fundamental principle that an informed citizenry is essential to the democratic process and that the more the American people know about their government the better they will be governed. Openness in government is essential to accountability and the Act has become an integral part of that process. The Freedom of Information Act, moreover, has been one of the primary means by which members of the public inform themselves about their government. As Vice President Gore made clear in the National Performance Review, the American people are the Federal Government's customers. Federal departments and agencies should handle requests for information in a customer-friendly manner. The use of the Act by ordinary citizens is not complicated, nor should it be. The existence of unnecessary bureaucratic hurdles has no place in its implementation. I therefore call upon all Federal departments and agencies to renew their commitment to the Freedom of Information Act, to its underlying principles of government openness, and to its sound administration. This is an appropriate time for all agencies to take a fresh look at their administration of the Act, to reduce backlogs of Freedom of Information Act requests, and to conform agency practice to the new litigation guidance issued by the Attorney General, which is attached. Further, I remind agencies that our commitment to openness requires more than merely responding to requests from the public. Each agency has a responsibility to distribute information on its own initiative, and to enhance public access through the use of electronic information systems. Taking these steps will ensure compliance with both the letter and the spirit of the Act. (signed) William J. Clinton *************************************************************************** ALAWON (ISSN 1069-7799) is an irregular publication of the American Library Association Washington Office, 110 Maryland Avenue, N.E., Washington, DC 20002-5675. Internet: alawash at alawash.org; Phone: 202-547-4440; Fax: 202-547-7363. Editor and List Owner: Fred King (fdk at alawash.org). All or part of ALAWON may be redistributed, with appropriate credits. -- R O All Comments Copyright by | Technofetisht A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos at aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available For anonymous communication:---> anon32940 at anon.penet.fi ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From wcs at anchor.ho.att.com Wed Oct 6 15:05:22 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Wed, 6 Oct 93 15:05:22 PDT Subject: digicash Message-ID: <9310062202.AA15494@anchor.ho.att.com> Yes, as Bob said, digicash *does* sound like play money, as any fiat currency is. Gold and silver are, in many cultures, useful real money, partly because they're useful or decorative, durable, and hard to make more of, occasional gold rushes excepted :-) It's also hard to debase, though some coin-makers have short-weighted their coinage, or even talked people into accepting cheaper metals. Leaves are also pretty and conveniently grow on trees, but aren't good money. Ultimately, it's worth whatever goods and services people are willing to give you in exchange for it. Paper money with numbers on it is easy to print more of; some governments realize that and abuse people's trust of them, leading to mild-to-medium inflation rates in many countries, and hyper-inflation in countries that think they can print it faster than people can switch to less volatile currencies (Israel went through a period where their pound was inflating so fast that most people switched over to dollar-based price indexing until the government started behaving again; governments like the U.S. realize they can steal a lot more money if they do it slowly.) I once saw a board game that used real Nicaraguan 50,000 cordoba notes as money - they were cheaper than printing good-looking play money from scratch :-) Bits are also easy to make more of, though it may be more work if you want them to be prime numbers or whatever. In order to make them useful and not inflated, they either have to be directly pegged to a good or service that people want, and offered by someone reasonably trustworthy, or otherwise tied to something of stable value. Metro or BART tickets are magnetic cards with bits on them, which people are willing to pay money for because they know they'll get subway rides in return for them, and aren't likely to be defaulted on. Telephone cards are easy for the phone to make, but people accept them for the same reason. For digicash tokens that _aren't_ tied to a single service provider, you typically need some other reason to trust the issuers not to make lots of them - people accept EFT, money orders, travellers' checks, and personal checks from a variety of issuers because they know they can get regular cash in return for them, and because business and legal relationships are there to such an extent that people don't usually default on them, though merchants often charge service charges to make up for the costs of redemption and the risk of defaults, especially for foreign transactions. Digicash could work the same way, only instead of Western Union accepting cash at one office and telegraphing a request to pay cash at another office, we're hauling the email around ourselves. Authentication theory is fun, and a good subject for university research, and the economics are important as well, since you'd need to make a profit to bother running all the computation that the system costs, but ultimately, it won't happen until some entrepreneur or group of fanatics :-) decides to get down and do it. Most of the current similar systems either don't give you anonymity, or do so by using pre-paid tokens; anything fancier is cutting into relatively untapped markets. Bill From 0005542837 at mcimail.com Wed Oct 6 15:15:22 1993 From: 0005542837 at mcimail.com (David Colston) Date: Wed, 6 Oct 93 15:15:22 PDT Subject: Cancel Message-ID: <85931006220258/0005542837NA4EM@mcimail.com> This message traffic is out of hand. Please take me off the list. /s From wcs at anchor.ho.att.com Wed Oct 6 15:15:30 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Wed, 6 Oct 93 15:15:30 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310062211.AA15617@anchor.ho.att.com> X-Anonymousity: none Putting anonymity indications in message headers is a useful courtesy; it's not foolproof, since somebody can always go run their own remailer, but standardization would make it easier for most people to use them consistently from their mail/news readers. There are times when people really need to get rid of lots of anonymous messages, such as harassment or mailbombs or freaked-out gateways, basically for self-defense, and this will make it more convenient. From bhayes at CS.Stanford.EDU Wed Oct 6 12:24:17 1993 From: bhayes at CS.Stanford.EDU (bhayes at CS.Stanford.EDU) Date: Wed, 6 Oct 1993 15:24:17 -0400 Subject: [Glenn Trewitt: Sorry I'm late to work, I stopped to watch the war...] Message-ID: <9310061924.AA06740@Xenon.Stanford.EDU> FYI .. ------- Forwarded Message Forwarded: Wed, 06 Oct 93 12:15:48 PDT Forwarded: "Simon.Read at umist.ac.uk " Forwarded: Wed, 06 Oct 93 12:14:34 PDT Forwarded: "cak at parc.xerox.com " Forwarded: Wed, 06 Oct 93 12:12:45 PDT Forwarded: "glassner at parc.xerox.com " Return-Path: @Sunburn.Stanford.EDU:trewitt at pa.dec.com Return-Path: <@Sunburn.Stanford.EDU:trewitt at pa.dec.com> Received: from Sunburn.Stanford.EDU by Xenon.Stanford.EDU with SMTP (5.61+IDA/25-CS-eef) id AA24117; Wed, 6 Oct 93 11:09:02 -0700 Received: from inet-gw-2.pa.dec.com by Sunburn.Stanford.EDU with SMTP (5.61+IDA/25-SUNBURN-eef) id AA18716; Wed, 6 Oct 93 11:08:58 -0700 Received: by inet-gw-2.pa.dec.com; id AA24021; Wed, 6 Oct 93 11:07:56 -0700 Received: by miasma.pa.dec.com; id AA17136; Wed, 6 Oct 93 11:07:51 -0700 Message-Id: <9310061807.AA17136 at miasma.pa.dec.com> To: Barry Hayes , Kim Rachmeler , Julie King , Warren Cory , Joe Hughes , Lia Adams , Lucy Berlin Subject: Sorry I'm late to work, I stopped to watch the war... Organization: DEC Network Systems Laboratory (Palo Alto, CA / WRL-1) Phones: H:408-773-9239, W:415-688-1324, DTN:543-1324, Fax:415-324-2797 Date: Wed, 06 Oct 93 11:07:50 -0700 From: Glenn Trewitt X-Mts: smtp In case you didn't know, SUN has a branch office in Moscow. - Glenn - ------- Forwarded Message From: John (Most modern computers would break if you stood on them) Mackin Date: Thu, 7 Oct 1993 03:44:54 +1000 To: hackers at vix.com Subject: Feeling bored? Why not work for Sun's Moscow office! Message-Id: <199310070344.852.hackers.balus at civil.su.oz.au> X-Face: 39seV7n\`#asqOFdx#oj/Uz*lseO_1n9n7rQS;~ve\e`&Z},nU1+>0X^>mg&M.^X$[ez>{F k5[Ah<7xBWF- at -ru?& @4K4-b`ydd^`(n%Z{ [Forwards deleted] From: mpiech at angkorwat.Russia.Sun.COM Subject: Another Day in Moscow Date: Tue, 05 Oct 93 11:42:31 +0300 Another Day in Moscow Last night (Sunday) around 6:00pm Yevgeny, one of our Russian SE's, called and said I shouldn't leave my apartment because there was a civil war going on in the streets of Moscow. During the day I had walked from my apartment, just east of the Kremlin, through the center over to the Irish House to do some shopping, and everything seemed pretty normal (for Moscow). Anyway, Yevgeny said that a crowd was heading for the Ostankina TV building. So I layed around for a while on my couch, watching some very slow movie about peasant romance, and then Winnie the Pooh (in Russian), and then this really outstanding animation done with Legos (what an obvious and killer idea! maybe old hat for animation buffs, but it was the first time I had seen it) when the screen cuts out and this editor-kinda guy comes on with "cevodnya...bil ochen...tizholi dyen. ...Tyzholi, potomu shto...--trudna guvarit--" "today...was a very...difficult day. ...Difficult, because...--it is hard to speak--" and then the screen went blank. So I switched to the only channel of the eight that was working (no cable, no CNN at my place), and a news report came on and said the TV building had been stormed. Then this station (broadcast from somewhere else in Moscow) played that stupid airplane hijacking Love-Boat movie with Mike Brady as the captain (I never did catch the name, but that it was in Russian didn't seem to reduce the content I could get from it) interrupted every so often with little news blurbs, including a pitch from Yuri Gaidar. I could understand maybe half of all this Russian news and speeches, but the few clips of fighting in the TV building were pretty clear. I finally bailed on the whole scene around 11, after hearing what the BBC had to say about it on the shortwave. I woke up around 6:30 with that strange feeling like the first time as a kid when you find a beehive in your back yard: at first you were really afraid to go near it, but you went a few steps closer, nothing happened, and now you just want to walk up and see what the hell's in the damn thing. I left my apartment around 7:30, and when I got to the street it seemed like just another day in Moscow. Business as usual. I got to the corner and thought, I can just go the the metro and go to work, or--if I just walk down to the Kremlin and see what's going on at Red Square, it'll only add twenty minutes to my commute. Hell, I had taken my backpack instead of the briefcase, and had two cameras in it, might as well have a look. About halfway there I heard a few explosive noises, but they could very well have been a dump truck going over metal plates in the street... I got to Red Square and it was basically quiet. At the north end were some bogus token barricades I'd heard about on the news. As I walked toward them I heard the unmistakable sound of machine-gun fire. Damn, must be just around the corner. The only other time in my life I'd ever heard machine-gun fire was at ROTC boot camp. I got to the other side of the history museum, but again, basically nothing was going on. I could hear all this bloody racket--there *was* a war going on somewhere--but couldn't see anything. I thought about getting on the metro and going to work, but then I thought I'd have a peek at Tverskaya St. (the main street in downtown). It was blocked off, and as I started to walk toward the Pushkin monument I could see the four huge barriers made of old crates, park benches, playground monkey-bar sets, etc. Lots of people were standing around little bonfires, drinking and smoking--kind of like a vigil at Berkeley except for the vodka. There was an armored personnel carrier (APC) in front of Pizza Hut (I hope the picture turns out...). I got up past the City Council building where there was a large crowd of Yeltsin supporters waving tri-colors, but basically nothing was going on (relatively). Still lots of war noises. At this point I figured the war must all be around the White House. I wasn't sure what to do, but somehow I slid into this flow heading toward the noise and wandered through unfamiliar streets of Moscow to the soundtrack from Apocalypse Now. When I got to the American Embassy, I joined a crowd of a few hundred people and watched occaisonal sniper flashes from the back corner of the White House, which I could see in the distance. Riot police occasionally pushed us back. After about twenty minutes, I figured I'd seen as much as I'd be able to, and started to head toward the metro to go to work. I got to Noviy Arbat, and there was a huge line of APCs waiting patiently for action. And then the tanks came. About a dozen T-80s, from where I'd just walked. Ok, I'll get to work a little late. After I'd shot a half a roll of film--tanks in a line, tanks turning the corner, tank boys playing with the guns (what a spooky scene, tanks in the street!)--I started to walk south again on the Garden Ring to go to the metro. But then at the next cross street, which leads to the next bridge down from the White House, I decided I just had to go down to the river and see what everything looked like from there. I got down there and could see the front of the White House, and at this point the sounds of gunfire were rolling down the river and echoing off buildings in a violent cacophony of death-noise. Mesmerised, I slid again into the flow of people heading through the parked cars toward the cauldron, assuming we'd soon reach the police barricade. I felt like I was going to an AC-DC concert. A few minutes later there was a huge explosion, which I later learned was the sound of a T-80 firing its 148mm shell, and several hundred car alarms went off simultaneously. The police barricade wasn't there. Before I knew it, I'd passed the burning hulks of two bombed out busses and was standing in a huge crowd at the base of the bridge in front of the White House, watching thousands of bullets fly between the building and the half-dozen or so APCs in front of it. I couldn't believe I was there: how could people be aloud this close to a bloody war? I kept going. I pushed through the crowd, and worked my way up *onto the bridge*, several hundred yards in front of the now famous but no longer white House. Yes, war as a spectator sport. Why the hell was I here? Why did I *want* to be here? Who let us here? The range of a Kalashnikov automatic rifle is 2km, and I'm standing on a bridge 500m in front a building filled with hardline terrorists armed with these things. It didn't seem to bother the hundreds of other people standing around me, so I pulled out a Canon EOS and started my own shooting. There were already two very large chunks of stone knocked out of the House, and next to the smoking remnant of the Meria building and with the burning busses on the embankment road, the whole picture was kind of grisly. The gunfire stopped for short periods, but mostly just kept going. About fifteen minutes later several bullets ricocheted somewhere within a few tens of yards of us; we all ducked down behind some concrete and then ran towards the middle of the bridge. It felt a *little* safer, anyway, behind one of the metal stanchions of the bridge railing. I ended up this time standing next to couple of British guys, and exchanged a few war-watching pleasantries ("I wonder if the pub's open" "Where's the hot-dog stand?" "You'd think if they're going to have a war, they could at least put out some porta-potties" etc.) There were four T-80s on the bridge, and six directly accross the river from the White House (to the left of our priviledged position; the House was on the right). Through all the noise, I'd assumed the tanks were firing too; it was difficult to tell what was doing what with the sound bouncing everywhere. But then, there was an explosive noise like I've never experienced in my life: the bridge shook, my heart skipped a few beats. All the nonsense murmuring in the crowd died in a nanosecond. Under a huge cloud of smoke, *all* of the remaining glass on the upper part of the House started falling, as if in slow motion. One of the T-80s had fired. I was scared. "Man, these boys aren't playing," one of the Brits mumbled as we crouched meekly behind our railing. After about five minutes my hands stopped shaking just enough to get my camera aimed at the House to get ready for the second T-80 blast. Somehow this was a little different from taking photos of canons firing blanks at Civil War reenactments I went to as a kid. I stayed around for another half hour or hour (time is kind of irrelevant in this situation...) for a third T-80 blast, an ammo truck hit (the thing blew off like a brick of fire crackers for 15 minutes straight), another gunfight in the distance (which I later read was at the Itar-TASS building), and another spray of shots into the crowd where I was standing. This one was more serious--louder and more shots, and the crowd went a little crazier and started running off the bridge. They eventually regained confidence and retook their former positions (I ended up a little farther from the House again). Finally I figured I'd taken enough pictures, wouldn't get much more out of the last few tank shots, and probably wouldn't be able to see much of the surrender when it finally happened; so I walked off the bridge a bit, jumped in a taxi, and went to work. Business as usual. - - --Mike Piech - ------- End of Forwarded Message ------- End of Forwarded Message From wcs at anchor.ho.att.com Wed Oct 6 15:25:23 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Wed, 6 Oct 93 15:25:23 PDT Subject: Crypto Idea; Multi-Part Sigs Message-ID: <9310062222.AA15672@anchor.ho.att.com> Carl's comment that, for RSA, decryption and signing are really identical, gets to the heart of the matter. Hal posted a method for letting N people together do the operations. For N people separately, a trusted mailer run by one of the people can solve the decryption problem (RSA-decrypts the session key using its private key, RSA-encrypts it with the public keys for all the recipients, retransmits), and it's ok to trust it since the list-runner is allowed to see the messages anyway. This nethod tends to require the sign-N-times method of encryption or signature, whish is boring but adequate for many needs, unless you want the users to be anonymous. The N of M signature method from Shamir doesn't work will if you want to preserve anonymity of members of the group, and giving everybody in the group their own copy of the key also may have drawbacks. From mbl at ml7694a.leonard.american.edu Wed Oct 6 15:25:43 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Wed, 6 Oct 93 15:25:43 PDT Subject: Strong PRNGs Message-ID: <9310062225.AA01850@toad.com> >Another point: it raises the possibility of an interesting loophole >in the ITAR. Cryptographic hash functions are exportable, as "systems >for authentication", or something to that effect. A random-number >generator based on a hash function should be exportable. After all, >as you say, >> I have many uses for random numbers and none of them is XOR encryption. > >But such an RNG *could* be used for encryption. If you package and >market it as such, you're asking for trouble. But packaged as a >library routine in a simulation library? It's not a fast PRNG, but >it should be pretty good statistically. Does it strike you as ironic that in this atmosphere where "exporting" basically secure products like PGP is illegal, that exporting the tools to generate one of the best possible (in the security sense) encryption systems known to current technology (better than anything that can be implemented in software, anyway) would be _legal_, because it also has ample uses that are unrelated to cryptography? If only One Time Pad style systems weren't so kludgey, this would present the _perfect_ solution to our problems with ITAR and the like. Unfortunately, there are some things they can't do. Oh well... Please don't bother to tell me that we'd need to physically build hardware to generate seeds for the hash functions, because I already know that. I didn't say it was entirely practical, just that it was an interesting bit of irony. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From KENUNGER at delphi.com Wed Oct 6 15:39:15 1993 From: KENUNGER at delphi.com (KENUNGER at delphi.com) Date: Wed, 6 Oct 93 15:39:15 PDT Subject: PGP removal Message-ID: <01H3SVRL8EHU8WWDZL@delphi.com> I first got pgp2.2 from compuserve ibmsys forum downloads. A few day ago the file finder on cis listed PGP2.3. When I actually looked neither program was there. Sysop says the were removed on advice of his lawyer(not compuserve management ) because of government crakdown. and questios of legality. The not so subtle hand of intimidation by rumor seems to be at work here. Just thought this would be of interest. p.s. I FTPed it from the INTERNET anyway.=======Ken PPUBLIC KEY AVAILABLE ON PGP KEY SERVERS . From pgf at srl.cacs.usl.edu Wed Oct 6 17:35:32 1993 From: pgf at srl.cacs.usl.edu (Phil G. Fraering) Date: Wed, 6 Oct 93 17:35:32 PDT Subject: Crypto Toolkit Suggestions Message-ID: <199310070031.AA09974@srl03.cacs.usl.edu> Re: Hiding processes and data via subordinate processes, variables, et cetera... it will probably be a _lot_ better and easier to simply assume that a multi-user unix system isn't secure to begin with, and work out alternatives from there. Phil From DON_HENSON at delphi.com Wed Oct 6 18:49:16 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Wed, 6 Oct 93 18:49:16 PDT Subject: Network Etiquette Question Message-ID: <01H3T288M2YW90N39U@delphi.com> Just a quick question on network etiquette. Shouldn't it be considered bad form to post a PGP-encrypted message (readable by only one person) to a list like Cypherpunks? Don Henson PGP key on server or on request From DON_HENSON at delphi.com Wed Oct 6 18:50:24 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Wed, 6 Oct 93 18:50:24 PDT Subject: Digital Cash Primer Message-ID: <01H3T29C12CW90N39U@delphi.com> Shari Steele writes: -> Hey 'punks. Anyone know of an elementary primer on digital cash? I'm trying to get up to speed on this. <-- I would like an elementary primer also. How about posting the info to the list vice just to Shari. Thanks, Don Henson PGP key avail on server or on request From DON_HENSON at delphi.com Wed Oct 6 18:50:32 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Wed, 6 Oct 93 18:50:32 PDT Subject: Posting Long Documents Message-ID: <01H3T28G745A90N39U@delphi.com> In the interest of saving money (for those of us who have to pay for our internet access), please DO NOT post long reference documents, such as the 'ASCII version of ECPA' directly to the list. A much better way to get this information out would be to post an anonymous FTP site where the document can be obtained. Would appreciate muchly. Don Henson PGP key avail on server or on request From msattler at netcom.com Wed Oct 6 19:05:24 1993 From: msattler at netcom.com (Michael Sattler) Date: Wed, 6 Oct 93 19:05:24 PDT Subject: Macintosh System 7 Pro, e-mail, encryption Message-ID: <9310070203.AA18842@netcom.netcom.com> I installed Macintosh System 7 Pro (7.1.1) onto my PowerBook today. I'd heard that e-mail was part of the new package, but I was amazed to see how integral it is. When you start up for the first time you are asked for a userid and a password to protect your "PowerTalk Keychain". A mailbox and a "catalog" appear on your desktop; the latter is a list of entries in different domains (like AppleTalk, EtherTalk, etc.) so that you can authenticate yourself on all the places you exist with one login. E-mail comes free with the system and works automagically when multiple users install the new system. I haven't used a lot of this system since it's so new, but I sent this message because it heralds a new era of turnkey mail/network-identity. I'm investigating how this works with AppleEvents to see how PGP can be seamlessly integrated. A friend of mine went to the product launch at Apple and got a free "signed" RSA user identification voucher. I'd be very interested in hearing from others who have a clue about this stuff. ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) Evil will certainly triumph if good people do nothing at all. From pierre at shell.portal.com Wed Oct 6 19:45:24 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Wed, 6 Oct 93 19:45:24 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310060822.AA17640@jobe.shell.portal.com.shell.portal.com> > From: Karl Lui Barrus > > The attitude expressed by the individual on io.com shows a problem we > will have in educating others - "anonymous posts CAN destroy a civil > conversation". Yes, maybe so, but in my experience on mailing lists, > bbses, etc. I've noticed that "flame wars" and "anonymous posts" have > NO correlation, and are quite independent of one another. > > Since I've seen "flame wars" on systems with absolutely no anonymous > posting facilities (or none that were used), I conclude that civil > conversation is destroyed by strongly held differences in opinions (or > some other factor I can't pin down). I'll second that. The main menaces against "civil conversations" have been, on Netnews, flame wars and wars between two individuals. After the first few messages, the flamers and the opponents are clearly identified. They are usually proudly posting under their usual Name (as they are all fighting for their Reputation, and for establishing their opponent's Incompetence) (... do we recognize anybody yet :-? ) I actually can't remember such a war involving an anonymous poster (as in "using penet or similar"). What destroys discussions (and forces people to leave them...) is the tendency of threads to start genuine, and to end as flame wars. Certainly, for-money systems would tend to shorten flame wars.. On the other hand in the few discussions against anonymous posting, some people were arguing for "accountability" who were clearly forgetting the proportion of people who use handles or pseudonyms as their default setup. These are not anonymous per se, but in the current fickle netnews, what's the difference? (BlackNet would make a difference :-) Only in the most outrageous fraud cases (votes, forgery...) are pseudonyms tracked back to their account holder. Solution (1/2 kidding): Build an anonymous remailer that gives a choice of "obviously anonymous output", or "random pseudonym output". You could even take the pseudonym from the phone book, or from the names of the people who used the newsgroup in the past :-) Pierre. pierre at shell.portal.com From tcmay at netcom.com Wed Oct 6 19:55:24 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 6 Oct 93 19:55:24 PDT Subject: Digital Cash Primer In-Reply-To: <01H3T29C12CW90N39U@delphi.com> Message-ID: <9310070254.AA20578@netcom5.netcom.com> > Shari Steele writes: -> > > Hey 'punks. > Anyone know of an elementary primer on digital cash? I'm trying to get up > to speed on this. > > <-- > > I would like an elementary primer also. How about posting the info to > the list vice just to Shari. > > Thanks, > Don Henson What is it people want, exactly? The Chaum paper in "Scientific American," July or August of 1992, has been mentioned many times here. It also cites in its references the "Communications of the ACM" paper, "Transaction Systems to Make Big Brother Obsolete," November 1985. And several times the Brands paper on off-line digital coinns, available by ftp, has been cited. Likewise, the Simmons books on "Contemporary Crytology" has good stuff on digital money (and lots of other stuff you'll need to cross-reference to understand digital money). Ditto for the "Crypto" Proceedings papers. There may someday be easier stuff to read, but these items--especially Chaum's papers cited above--are very basic and must be assumed to have been read by anyone interested in digital money. If you want something more basic, a truly primerly "primer," I'm afraid you're out of luck. (I know of some plans to author such very basic intros, popular books on "modern" crypto, but they are off in the future.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From honey at citi.umich.edu Wed Oct 6 20:19:16 1993 From: honey at citi.umich.edu (peter honeyman) Date: Wed, 6 Oct 93 20:19:16 PDT Subject: brin on privacy Message-ID: <9310070319.AA05744@toad.com> david brin spoke in ann arbor recently at a library science school alumni meeting. his talk was titled "Information and the 21st Century: Privacy, Wealth and the Newest Threat to Freedom." here are my recollections; hopefully they're not too dim or biased. getting right to the punch line, tNTtF is this: privacy laws will be used as a weapon by the Rich and Powerful to restrict the free flow of information. brin feels that privacy laws will be ineffective against the RaP, will be sold to the rest of us through effective propaganda, and that they will be used by the RaP as a means to cement their power base. he argues that complete and open access to information provides the greatest social benefit and best serves The American Dream. asked about clipper, he suggested that key escrow was exactly the sort of tool that the RaP would use, and that we would all benefit by banning cryptography. asked whether private citizens should be barred from insuring personal electronic privacy, he replied that he felt that such measures would be ineffective agianst the RaP. (i concluded from these answers that cryptography is not brin's strong point.) brin's message was basically a populist one. he is concerned that the moguls of data will have the opportunity to control what we see and hear. what i found most fascinating about his talk was that while i generally agree with the social objectives he backs, i am in 180 degree disagreement on how to accomplish these ends. peter ps: anybody else get the willies (as it were) reading paul goggin's note about foia, where the asst atty genl was asked about fbi foias against individuals, and replied that the new foia regs presumed disclosure? hey brin, there oughtta be a law! From larry at owrlakh.wl.aecl.ca Wed Oct 6 21:09:16 1993 From: larry at owrlakh.wl.aecl.ca (Larry Gadallah) Date: Wed, 6 Oct 93 21:09:16 PDT Subject: What happened to FEE Message-ID: <9310070406.AA01977@owrlakh.wl.aecl.ca> I wonder what happened to the fast elliptical encryption (FEE) encryption software that NeXT was working on about two years ago? I heard that the US authorities took a very dim view of it and I assume that this was because it was either very fast or very strong or both. Pardon my ignorance if this is an old thread, but I haven't seen it mentioned anywhere for quite some time and certainly not in the last month since I was on the cypherpunks mailing list. Thanks, --- --------------------------------------------------------------------- Larry Gadallah Amateur Radio VE4TCP Lac Du Bonnet, Manitoba, Canada IP: [44.135.114.9] SMTP: larry at owrlakh.wl.aecl.ca AX25: VE4TCP at VE4PIN.#PIN.MB.CAN.NA --------------------------------------------------------------------- From fergp at sytex.com Wed Oct 6 21:19:16 1993 From: fergp at sytex.com (Paul Ferguson) Date: Wed, 6 Oct 93 21:19:16 PDT Subject: A new twist on the electronic horizon... Message-ID: excerpted from: RISKS-FORUM Digest Tuesday 5 October 1993 Volume 15 : Issue 06 - -- Date: Fri, 1 Oct 1993 11:43:00 -0600 From: tmplee at tis.com (Theodore M.P. Lee) Subject: RISKs of trusting e-mail Until such time as either the general population learns what to expect or digital authentication (such as PEM) becomes widespread, I suspect we will hear more of this kind of incident. This academic year the University of Wisconsin started providing e-mail accounts to all students at its Madison campus. (6,000?, maybe) The students, both technical and non-technical, are being encouraged to use e-mail as a way of interacting with their instructors. They access the accounts either through University-supplied machines scattered throughout the campus or through dial-up Serial Link Protocol (SLIP) connections. A mix of Macintosh's, PC's and other assorted workstations are involved. Last week (note how early in the school year) a group of five students, several from the Honors floor of one of the freshman dorms, were caught having forged several pieces of e-mail. Most potentially damaging was a note saying it was from the Director of Housing, to the Chancellor of the University, David Ward; note that the previous Chancellor is now Pres. Clinton's Secretary of HHS, so the present Chancellor is new to the job. The forged message was a submission of resignation. Ward's secretary had just returned from vacation and apparently assumed the proferred resignation was legitimate. The secretary accepted it and started to act upon it -- it was only during the course of that that it was discovered to be a fake. The students also sent messages purporting to be from the Chancellor to other students asking them to pay their tuition. They also forged a message from the Chancellor (my information doesn't say who it went to) saying he was going to "come out of the closet" and announce it Sept. 25. The students were only caught through a combination of circumstances. First, since they used one of the dial-in connections there were logs of who dialed in when. Secondly, during the course of their experiments they botched some addresses which caused enough traffic to go to the dead-letter office that the investigation could narrow what was happening. (It should be pointed out that the forgery was fairly easy to accomplish using the Eudora mail client on a Macintosh: the user has complete choice over the "from:" field of a message.) The FBI is investigating whether any federal crime was involved and, needless-to-say, the students are likely to be expelled at the least. Ted Lee, Trusted Information Systems, Inc., PO Box 1718, Minnetonka, MN 55345 612-934-5424 tmplee at tis.com Paul Ferguson | privacy \'pri-va-see\ n, pl, -cies; Mindbank Consulting Group | 1: the quality or state of being apart Fairfax, Virginia USA | from others 2: secrecy fergp at sytex.com | ferguson at icp.net | Privacy -- Use it or lose it. From warlord at MIT.EDU Wed Oct 6 21:25:25 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Wed, 6 Oct 93 21:25:25 PDT Subject: RSA examples required Message-ID: <9310070420.AA25310@marinara> Here is the response I sent to Peter Simons: Well, your example that you sent isn't even correct! Your example said: p = 5 q = 7 xy = 4*6+1 = 25 x=5 y=5 Well, you just chose some bad primes. Here is a better example: p = 5 q = 11 N = pq = 55 m = (p-1)(q-1) = 4*10 = 40 Now, we need to choose our public and private decryptors, E and d, such that Ed = 1 mod (m): E = 3 d = 27 So, the Public Key (N, E) is (55, 3) and the Private (Secret) Key (p, q, m, d) is (5, 11, 40, 27). Now, to encrypt a message, S, you take C = S^E mod N, and to decrypt you get S = C^d mod N. So, say the message you want to send is, oh, "8" (for lack of a better example off the top of my head). So, you try to encrypt this message, and you get: C = 8^3 mod 55 = 512 mod 55 = 17 You then send this message to the recipient, who then calculates the message back: S = 17^27 mod 55 = 1667711322168688287513535727415473 mod 55 = 8 And you get the original message back. -derek From honey at citi.umich.edu Wed Oct 6 21:25:34 1993 From: honey at citi.umich.edu (peter honeyman) Date: Wed, 6 Oct 93 21:25:34 PDT Subject: Start up costs and paying for speech... Message-ID: <9310070421.AA06096@toad.com> > I wouldn't worry about either. I don't see how enforcement of > copyright will be possible under crypto-anarchy any more than > taxation will be. If one person pays for a posting, what's to keep > him from sharing it anonymously with whomever he wants? Is there any > way that crypto-anarcy won't bring the death of "intellectual > property"? well, i wouldn't equate reading with spending (if i may simplify). i think the thing that mystifies me about off-line digicash is the cryptographic protocol that constitutes spending. other people are asking about it, too. it seems to be on everyone's mind. so here, for the very first time on cpunx ;-) well maybe not but who's counting is the protocol from chaum's crypto '88 paper "untraceable electronic cash": to pay bob one dollar, alice and bob proceed as follows: 1. alice sends C to bob 2. bob chooses a random binary string z sub 1, z sub 2, ... , z sub {k over 2} 3. alice responds as follows forall 1 <= i <= {k over 2} a. if s sub i = 1, then alice sends bob a sub i, c sub i, and y sub i. b. if z sub i = 0, then alice sends bob x sub i, d sub i, and a sub i xor ( u || (v + i)). 4. bob verifies that C is of the proper form and that alice's responses fit C. 5. bob later sends C and alice's responses to the bank, which verifies their correctness and credits his account. not very illuminating so far ... let's go on. the bank must store C, the binary string z sub 1, z sub 2, ... , z sub k and the values a sub i (for z sub i = 1) and a sub i xor (u || v) (for z sub i = 0). gee, what is that "||" operator, anyway? ah, concatenation. ok. going on ... if alice uses the same coin C twice, then she has a high probablility of being traced: with high probability, two different shopkeeprs will send complementary binary values for at least one bit z sub i for which B sub i was of the proper form. the bank can easily search its records to ensure that C has not been used before. If alice uses C twice, then, with high probability, the bank has both a sub i and a sub i xor (u || (v +i)) with high probability. thus the bank can isolate u and trace the payment to alice's account. hmmm. hmmm. well, this is very complicated. with high probability, i mean. i'm going to have to study this paper. peter ps: what are the B sub i you ask? don't ask. oh golly, they are blinded candidates, formed by alice and sent to the bank. hmmm. hmmmmmm sup k mod 1/p. From strick at versant.com Wed Oct 6 22:40:46 1993 From: strick at versant.com (strick -- henry strickland) Date: Wed, 6 Oct 93 22:40:46 PDT Subject: need deadbeat pubkey In-Reply-To: <9310070037.AA15662@anon.penet.fi> Message-ID: <9310070543.AA13364@versant.com> # # Here is my public key. Would you sign it? # # DEADBEAT # heh heh ... i won't, but my friend will. it doesn't take much of this to polute the pgpspace, does it? -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQBNAivfNEsAAAECALxgaciRLaLJDPE1VxeOggXf600OrQksi3pN6DGaYFOIS0TU yFmklmcG2dwTQnwxL3cSYoTrYj1sCrcgyAwlQ2UABRGwAQC0KHN0cmlja3BlcnNv biAjMSA8c3RyaWNrQG9zYy52ZXJzYW50LmNvbT6wAQCJAJUCBRAr+HB7P4P8NX9Y 9rMBAd79BADUf4llIbsBvZ8on9AFNn6prbYmQxH/vRi7IIhIF/g3QInpJZBhw8jF ZPBfn1KdimGUj8J0q5cP3oHA/SUYfzY4b/W0uoqQ+YReXW2y8bBpodFY2aq2mndP 3NXt4BbZbBmlaFyVXyHmGKbaS0nDhhX9e/UUWm4cPWVh61JXoHth8bABAIkARAIF ECv4a8fSnR8fnm9wlQEB0fcBd0a+FOwGASUhJD7943gOGaPpFsbzplZHEy5648jl x6liXrdHT8pjGV/j4O6UzGrlsAFAiQBVAgUQK/h5bkozmKNUUeyZAQEoYQH6A93U C1SdZKEMxzUNwcrbW5eMaeI6vcRRuE7oSQ/ESIOMltPb4/qnFHd8T16muM6xCDb4 nBPEBxhkzDClLu1hU7ABAIkAVQIFECvfZWgKtyDIDCVDZQEBUkECAJHjGr9vRG6H /cURrvJk65/GyRQ8tRZ+mXsByBIGZvlBO7Joee9yXh6Uz0JHeohq30MoJr2wPn/9 gukJ83NF426wAUCZAD0CK0u0jAAAAQGAuiPN8WeiSbPqMic9gc2eRG1EWK4c2hVZ tfKDtO3ubfAR5cIvUmDoj/FZTpBW/B35AAURsAEAtB9ERUFEQkVBVCA8bmE1ODc3 QGFub24ucGVuZXQuZmk+sAEAiQBEAgUQLLOx3NKdHx+eb3CVAQG7PgF2NoQ/MUc7 SmZz8hz3dn71zOurlOik1XtBR1gsh/EkKKiPhXg7RYXTAglGhgZIabqwAUC0H2Rl YWRiZWF0IDxhbjU4NzdAYW5vbi5wZW5ldC5maT6wAQCZAD4CK99mfAAAAQF3Y8xT 4Ml6MtaBmKqcpl78nO8mNdb3/tNgQqtyiXcNoL6c1jOIlPUw0p0fH55vcJUAEQEA AbABALQSYm9ndXMgYmlsbCBibG93am9isAEAiQBVAgUQK/h2awq3IMgMJUNlAQEH eQH/R12f2Q8xU/SiUSWrTLGcbKWt8RxQhFPEppPUcClrjWFrfcYVXaOBUEiADBWx zHIomhejqkEMlnTuJomVJvUV6bABQIkARAIFECv4dj/SnR8fnm9wlQEBfiUBdRmv 5eSfhbyqVNGXDgw7qM7xeg/sQZ9bBFKwdOQdEBiUo5HkFZPUGggwd2UF7mWSsAFA =smHT -----END PGP PUBLIC KEY BLOCK----- From ld231782 at longs.lance.colostate.edu Wed Oct 6 23:35:26 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Wed, 6 Oct 93 23:35:26 PDT Subject: academician seeks critique of cryptographic paper Message-ID: <9310070630.AA17189@longs.lance.colostate.edu> Maybe a cypherpunk will be interested in this. BTW - Look at the disclaimer this guy has in his signature. The effect of this ITAR nonsense is absolutely chilling. He says he has talked to `the NSA & State Dept.' before he `publishes' to the INTERNET! I have some other examples of how the Zimmermann-Ward affair is chilling e.g. current book publishers. Sorry, header lost in transit. ===cut=here=== To anyone with a technical interest in cryptography: I am finishing the draft of a paper detailing a new mathematical approach to cryptography and am looking for a few technical peer reviewers who would be willing to critique the paper prior its to publication via the Internet. A quick summary: - the revised paper will be published via the Internet and the mathematical basis, theory and concepts will be _freely_ available to everyone and may be freely redistributed for non- commercial use (ie, non-resale). (The paper is copyrighted and all rights are reserved) [see footnote regarding ITAR/export issues] - this approach to cryptography is strongly based on physical laws, particularly the laws of thermodynamics, to achieve its security (instead of the normal approach of relying on "hard" number-theoretic problems). [I am a physicist be training, not a pure mathematician, hence the bias]. The technology to be presented is believed to provide a level of cryptographic security that is totally immune to cryptanalysis. - Summary of content : mathematical and physical principles involved : encryption methodology (general approaches) : substitution ciphers, transposition ciphers and superencipherment : application to key management : application to secure Identification and Authorization : application to data, fax, video and voice encryption - Sample software implementations, detailed algorithms and detailed technical information will be made freely available to U.S. and Canadian citizens as provided for by ITAR and U.S. State Department regulations [see ITAR/export footnote] - the technology and sample implementations have been reviewed and evaluated by the National Security Agency, which found them to be cryptographically "robust". - reviewers' comments and criticisms will be greatly appreciated and used to clarify and improve the presentation of the concepts and methodology. Anyone who is interested to peer reviewing this paper should contact me via e-mail at richardr at netcom.com . In addition, if you know someone who you feel would be an appropriate reviewer, please either forward this message to them or, alternatively, send me their e-mail address and I will contact them to see if they are interested. If you are interested also reviewing the detailed algorithms, technical data and sample programs, please include the following information in your e-mail message to me: 1. Your citizenship (must be USA or Canadian) 2. Your willingness to comply with relevant export laws. 3. Your willingness to comply with relevant usage terms (ie, no commercial, resale use). 4. Your Internet e-mail address and the country in which your e-mail host resides. Sorry for the inconvenience but this is necessary to avoid legal hassles that I have neither the resources nor the inclination to get involved with at this time. This information is required _only_ if you want a copy of the detailed technical information. The paper on the mathematical basis and principles is available to anyone. Richard Robertson richardr at netcom.com - ------------------------------------------------------------------ ***** ITAR/Export footnote -- Editorial Disclaimer ****** To avoid (or at least limit) the inevitable political discussion about public domain / technical data / XIII(b) controls and whether this should or should not be export controlled, please be advised that I have spoken to the relevant entities in the State Department Office of Defense Technology Control and the National Security Agency and I am freely complying with their interpretation of what can be published and how it can be published. I have _no_ intent to circumvent the established process and law by publishing this paper and have received oral assurances from both sources that I am complying with U.S. laws. I am publishing only general scientific and engineering principles and am acting in my role as a private research scientist. While I admire and support the efforts of Phil Zimmermann, Ward Grady, Viacrypt, EFF and others, I do not encourage anyone to violate any laws and will not assist anyone to violate the law. However, I cannot assume any responsibility for the actions of anyone over whom I have no direct authority or control. Anyone who disagrees with the official government interpretation of any law must assume the consequences of his or her actions and be prepared to defend them to the extent necessary. **** End of footnote / Editorial disclaimer ***** From ld231782 at longs.lance.colostate.edu Wed Oct 6 23:55:27 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Wed, 6 Oct 93 23:55:27 PDT Subject: Epistle Whit Speaks in Maryland Message-ID: <9310070653.AA17668@longs.lance.colostate.edu> What a guy. ``PGP has done a good deal for the practice of cryptology. It's close to my heart because it's close to my original objectives.'' --Whitfield Diffie, Sun Microsystems Conference in Maryland? Maybe some of those NSA spooks will learn something :) ------- Forwarded Message Date: Tue, 5 Oct 1993 21:20:10 -0400 From: farber at central.cis.upenn.edu (David Farber) Subject: UMBC talk 10/20: Diffie on "Key Escrow, Privacy, and Good Business" Precedence: list Distinguished Lecture Series sponsored by The Department of Computer Science The Department of Information Systems The Maryland Center for Telecommunications Research University of Maryland Baltimore County KEY ESCROW, PRIVACY, AND GOOD BUSINESS WHITFIELD DIFFIE SUN MICROSYSTEMS The U.S. Federal Government is pushing a plan to adopt a federal standard cryptographic system whose workings are secret and which enables the government to read messages whenever it considers this necessary. We will examine the implications not only for personal privacy, but for the future of the American computer and communications industries in a global economy in which no country is any longer big enough to dictate the rules. -- o -- Whitfield Diffie, who holds the position of Distinguished Engineer at Sun Microsystems, is best known for his 1975 discovery of the concept of public key cryptography, for which he was recently awarded a Doctorate in Technical Sciences (Honoris Causa) by the Swiss Federal Institute of Technology. For a dozen years prior to assuming his present position in 1991, Diffie was Manager of Secure Systems Research for Northern Telecom, functioning as the center of expertise in advanced security technologies throughout the corporation. Among his achievements in this position was the design of the key management architecture for NT's recently released PDSO security system for X.25 packet networks. Diffie received a Bachelor of Science degree in mathematics from the Massachusetts Institute of Technology in 1965. Prior to becoming interested in cryptography, he worked on the development of the Mathlab symbolic manipulation system --- sponsored jointly at Mitre and the MIT Artificial Intelligence Laboratory --- and later on proof of correctness of computer programs at Stanford University. He is the recipient of the IEEE Information Theory Society Best Paper Award for 1979 and the IEEE Donald E. Fink award for 1981. 1:00pm Wednesday, October 20, 1993 Lecture Hall 5 Engineering and Computer Science Building University of Maryland Baltimore County Baltimore Maryland coffee and discussion 2:00pm-3:00pm in ECS 210I For additional information, contact Angie Silanskis, 410-455-3000. ------- End of Forwarded Message From ebrandt at jarthur.Claremont.EDU Thu Oct 7 00:39:16 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Thu, 7 Oct 93 00:39:16 PDT Subject: Epistle Whit Speaks in Maryland In-Reply-To: <9310070653.AA17668@longs.lance.colostate.edu> Message-ID: <9310070737.AA07408@toad.com> A speaking epistle? Is that like some kind of singing telegram or something? Eli From ld231782 at longs.lance.colostate.edu Thu Oct 7 00:45:27 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Thu, 7 Oct 93 00:45:27 PDT Subject: on the cypherpunks mailing list & me Message-ID: <9310070742.AA18491@longs.lance.colostate.edu> Note: please do not forward this. This is for cypherpunk readers only. - list inundation & splitting - an introspective note - anonymous feedback * * * List moderator E.Hughes has repeatedly stated on the list that he is not going to split it, although the exact reason is unclear (and I don't think has ever been stated). A few weeks ago I posted a suggestion of a possible list split in desperation of the piles of incoming messages, hoping popular opinion would change his mind or evince a proactive solution. I too was very saddened and frustrated by the apparent attrition of list subscribers not because of lack of interest but because of traffic. I am under the impression that there is an extraordinary recent interest in the `cause' from recent press reports, and that a 3x increase in subscribers, say, would mean a 3x increase in traffic, to which a split is a natural solution (like with newsgroups). But apparently E.H. thinks that increasing flames are the fundamental problem. I guess I'm a bit perplexed by this, because there have been knee-deep flames ever since I started subscribing over a half year ago, and I think they are a bit unavoidable, especially given the inherently ornery and raucous nature of the crowd and the `cause'. Apparently he didn't get any significant support for a split from my posting. Anyway, the bottom line is that E.H. is vehemently opposed to personally implementing any list split whatsoever, but is supportive of anyone starting another. I'd like to send out a CALL to anyone who has the capability and commitment to create some new lists. Also, an alt.cypherpunk group would be very easy to create, and certainly does not preclude anyone from staying here. The newsgroup might be more appropriate to much of the traffic on the list and might help relieve it of all the postings E.H. considers extraneous. There are disadvantages (`the Sternlight factor') but on the other hand we're all drowing in email. It really is a pity all the fresh neophytes and enthusiastic souls that are hemorraging or scared away from the `cypherpunks' because of too much traffic that could be channelled better -- keeping everyone that's interested `wired'. We have reached `critical mass' as far as press coverage IMHO, and now is the time to act. Finally, E.H. was a bit annoyed by my message calling for list split suggestions, which gave his private mail box instead of the service address cypherpunks-request at toad.com. My reasoning in posting his other address was that I thought he didn't want the subscribe/unsubscribe hotline cluttered with a lot of list split suggestions. I guess my only consolation is that there weren't too many. So, my apology Mr. Hughes for indirectly cluttering your mailbox with annoying stuff. * * * ahem, well, I tend to post a lot to the cypherpunk list out of sheer enthusiasm, and tend to get a lot of flames publicly and in my mailbox for dancing around especially controversial topics. But my mail tends to be very contradictory in reaction to posts. In particular, its been simultaneously encouraging and very excruciating lately, and specifically I have gotten extraordinarily hostile mail from some prominent cypherpunks I desperately wish to respect. They suggest that my postings have gotten alarmingly out of hand, maybe even to the point that it would be better if I stopped altogether, or even was *barred* from posting. So, I'm rather teetering on a precipice right now in very serious ways you can't imagine, and in the interest of better serving the group and the cypherpunk cause, if you have strong feelings on the appropriateness of various subjects that I post frequently on, please send me some email. I'm enclosing various anonymous comments below to help spur your own. I guess of all the things I do regularly here, to me the most upsetting reaction below is that my `L.D. cypherpunk awards', which I intend in the best spirit to help recognize fellow cypherpunks for their especially commendable efforts and contributions to the list, in what I thought was a completely frivolous, harmless, and facetious way, are considered poor or bad taste. I get quite a kick out of `handing them out', and have gone to some trouble in at least one case to ask the recipient beforehand, and thought that everyone thought they were good clean fun, but apparently not. If I have offended anyone in the past for them, let me apologize right now. One thing I have gone through a lot of trouble for a long time is to forward relevant material. I think this is one of the best ways I have served the group, and it takes a lot of time, attention, and poring through other mailing lists. And in fact I think a major part of future cyberspace will reward this kind of effort in directing raw information more readily. Right now, its not only a thankless job, but one to get flamed over. I've hinted about it before and got strong reaction that even important Usenet postings are appreciated, esp. for some people that don't have news access and also like it as a way of filtering the noise. And I'm very hurt by strong comments below that complain about this. I think it strange when some people complain they have seen something I've posted before. Am I a mindreader? Seeing something more than once in cyberspace is something *everyone* has to deal with. Why am I the scapegoat? The things I foward, mostly from obscure mailing lists, I think are generally *not* found on various newsgroups prior to my posting it. And I am always greatly both amused and annoyed when someone reposts something that I was the first to post to the list. OTOH, though, in light of all these comments, I have decreased my forwarding activity to a large degree lately to some extent because of this critical mail. Another fairly common complaint in the comments is `acting bossy'. I guess this ties in with the cypherpunk awards. I want to make it clear that all my posts urging action are mere suggestions. I guess I volunteer them in the spirit of sitting around a table, saying `what can we do?' and throwing in my own shot. This is also a way of spurring other people's comments. Also, I often make `calls to cypherpunks'--but these are partly satirical. I'm nothing but another string of ASCII characters. Whenever I get out of hand, though, please call me on it -- but quote the text. I guess some people might have gotten especially annoyed when I went from `[x] gets my vote as cypherpunk of the week' to `[x] gets an L.D. cypherpunk award.' I thought it was an innocuous and natural progression but apparently not. One respondent below really focused on my excitement as `causing flames' or `inviting flames'. It seems to me the only thing that truly `invites flames' is a direct personal insult, and I've stayed away from that from my whole experience. If my postings are controversial, I can't really be responsible for hostile reactions. The whole essence of cypherpunk ideology is controversial. Part of the point of a mailing list is to be provocative and get a discussion going, explore all the points. And yes, it leads to a high profile. I don't feel apologetic for any of this. Not coincidentally, some of the hottest flame wars I've been involved in have been over the most basic cypherpunk causes. Some time ago someone, I forget who, suggested we abandon PGP for RSADSI software because of the patent problem. You can imagine the flames that caused. Another person suggested we change the name `cypherpunk' to something less `subversive' like the Privacy Group or something equally bland. I flamed searingly against both and stand by my positions proudly today. (Curiously, these anomalous sentiments have not reappeared after the blaring NYT article touting the *cypherpunks* or even after the recent PGP subpoenas.) I'm also proud to have flamed people like Denning and Bidzos long before it was fashionable. (Seriously, though, there was a time when saying that she had anything to do with the NSA would be branded a `conspiracy theory'. Actually, that's what I flamed her for.) Many posters object to my verbosity. Yes, I tend to be verbose, especially when in an especially excited or analytical mood. But both the English language use and average attention span has decayed steadily over time, perhaps due to `television stupor' and `educational passivity'. If anyone has seen old newspapers or classic writing, `big sentences' are no big deal. I don't feel like apologizing for exercising a large vocabulary or writing complex sentences. Another bone of contention was my analytical postings, wherein I pick apart an article. I don't think people realize how tricky this is. Criticism is a very subtle and delicate art. In many ways it is more difficult than simple writing itself. And I object to anyone asking for less analysis on the list. This is where we get valuable `intellgence' that *demands* analysis. IMHO, if anything, we need more of it -- we already have plenty of Usenet-style one-liner replies. I think its a pity not more people do this in a systematic way. I have not actually always attached much significance to analysis since being on the list. I got the idea that systematic critiques were really fascinating for list readersfrom one I read by someone, I forget who, regarding the initial Newsweek article on Clipper. It pointed out what a favorable article it was for the cypherpunk cause. After that, I realized how energizing a cogent analysis can be and have been making a habit of it ever since. I must admit the technique is dear to my heart. Anyway, I've gotten both positive and negative feedback on my analyses. Some people complain of my volume of postings. I generally give little credence to comments along the lines ``you post too much.'' In a simple way these sometimes amount to ``I'm drowning in email, and I've seen a lot of your posts lately.'' (Well, I bang my head on my disk quota everyday too.) Worse, though, some strike me as petty and meanspirited -- seeming to me to amount to only slightly less rude euphemisms for ``sit down and shut up'' or ``get lost, jerk''. Unless you can point to particular postings that you think were not relevant, please don't complain to me. I simply don't have any idea how to adjust unless you are specific. Interestingly, some of these comments also seem to amount to the strangely paradoxical sentiment `your posts take too long to read'. I think I have gone to great trouble to index and organize my comments to the list for convenient reading. No one is forcing anybody to read them and it takes about one second to hit the delete button. I think this is a no-win situation for me too -- someone tells me to break up all my multi-subject letters into separate posts, but, leaning in that direction, I get flamed for posting too much. For me the most disheartening and alienating comment of all below was that there is `no cypherpunk cause' and that my delusions in thinking so are the root of not only all the list problems but personal ones! Perhaps I've seriously misjudged the intended purpose of the list. For me, though, the beauty of the cypherpunks mailing list (which I thought was highly representative of `the' cause, or a least `a' cause) is that anyone anywhere, not necessarily at just the physical meetings in California, can feel like they are plugged in to a sort of club of associates -- a sort of `virtual community' -- and make positive contributions, meet people, yack, and keep in touch with the premier issues of our day. But maybe I've just made a grave, embarrassing mistake in taking it all too seriously. * * * all this has been rather difficult for me to bang out on the keyboard. (I've noticed that the most emotional and draining prose has a high occurence of the words `I' and `you'.) I hope no one will flame me for this post. I think every 1000 or so I'm entitled to a little public introspection (), to reflect back and try to figure out what was the most helpful to everyone out there. In particular, if you wish to make comments to me or anyone else posting to the list, I urge you to quote sections of the text that you think are inappropriate or offensive or whatever. Unfortunately virtually all the critical comments I have ever gotten never do this, and its exceedingly difficult to make adjustments when the feedback is vague. I generally ignore comments along the lines of `there is a reason people are flaming you,' chalking it up to my e-personality, without quoting relevant material. I simply won't apologize for excitement or enthusiasm for the cypherpunk cause, and am rather hurt by people who tell me I should. One thing for sure: I don't think anyone is getting very much positive feedback for their posts here. I have always sent out a lot of private email in this vein when I see things I like, but nobody is receiving any significant amount of it, from what I can figure out. I am lucky to receive one email response every ten messages. In fact, this is one reason I was fiddling with the `cypherpunk awards' -- to fill a vacuum of positive reinforcement. Please, don't just email to flame. Email when you have read something you really appreciated or would like to see more of. *especially* say something when you forward material elsewhere, this is the sincerest form of flattery. This the absolute best method, IMHO, to improve signal-to-noise and even E.H. agrees. Consider that positive feedback is in many ways the only `payment' for sometimes much time invested. Sort of like T.C. May's signature: ``I put time and money into my posts, I hope you appreciate them.'' Anyway, here's some feedback I've received. I think this is a comprehensive and representative selection. Hopefully this exercise will let you help me and anyone posting to the list in determining what is acceptable and interesting. I'm quoting it all anonymously of course, in classic cypherpunk spirit . There are 5 people represented here, 2 of them supportive, both rather terse, and 3 of them hostile, all rather verbose and redundant. (At times I wonder if 2 of the 3 are members of a secret L.D. Hate Society, but that's just my characteristic paranoia . Actually, I have other excellent reasons to be paranoid.) Truthfully, I have been propelled in cypherpunk list posting in the hope that people's sentiments at large are not represented accurately by my mail, which can be quite ego-shattering at times, and I'm writing this message with quite a bit of edgy desperation and anxiety. If in response to all this I get a lot of complaints along the same `3' lines I guess I'll have to seriously consider unsubscribing in the best interests of the group. ===cut=here=== A: >Let me be blunt. I consider that there are three specific people >which are responsible for any deteriorating quality of the list. You >are number one on that list, more than the other two combined. > >Many list processing packages allow the maintainer to block certain >individuals from posting, or at least pre-approve all of their posts. > >Do you get the hint? > >I would suggest you go find out what censorship is. If you are denied >access to this mailing list, that is not censorship. B: >I won't respond to any more of your paranoid rants, your >florid hyperbole, your announcements of "Detweiler Awards," or your >"you really disappoint me" nonsense. > >You take this stuff entirely too personally and are much too quick to >judge the motivations of others. > >Too tiresome for me. C: >I believe that you personally are responsible, >directly and in responses, for much of the noise on this list. > >There is no cypherpunks cause. Neither is there a cypherpunks >movement. Get these delusions out of your head. There is, however, >cypherpunks software. > >I repeat, the cause and movement are in your own head. D: >BTW: despite any flammage you may receive from the Metzgerly, I'd like >to express some degree of thanks for the effort you've put into your >analyses of the various issues at hand. Not to say I agree with them >all, but for the most part they seem sound, and in any case it's nice to >see someone giving the matters a lot of hard thought. E: >It is my opinion that the list would be a better if you put less time >and energy into it. >I would rather have you learn self-restraint and quality thought and >writing than to prevent you from posting. F: >I guess -- coming back to your postings -- that I'd be more comfortable if >you were to quietly compose and send a letter to your congresscritters >proposing a correction to ITAR rather than post your theories and anger and >fears to the safe cypherpunks audience. G: >1. No awards. If you wish to congratulate someone, do so privately. >If you wish to denigrate someone, do so privately. > >2. No news analysis. Your detailed examinations are uninformed >(witness the Orange Book) and condescending. A text speaks for >itself. If something puzzles you, ask, don't tell. > >3. No ranting. Your ranting creates other ranting. I cannot offer a >specific criterion to determine ranting, but I can tell you that about >three-fourths of your stuff is rant. > >4. Check your facts. Use a library. If you don't know what >something is, do not invent an identity for it. If you don't >understand something, it is wiser to ask a question than to create a >paranoid explanation. > >5. One topic per post. There are a number of people who read the >list traffic with newsreaders; it is mere civility to have one thread >per Subject: line. > >6. Do not reply to Perry Metzger in public. This should be a >redundant instruction, but unfortunately I feel the need to emphasize >this particular interaction. > >7. Listen to other people's opinion of you. A single interpersonal >conflict is indeterminable, but when several people have the same >complaints, it is time to start listening. > >8. Remain technical. cypherpunks is a technical list informed by >politics, not a political list informed by technicalities. Learn the >difference. Technology is primary, politics is secondary. H: >From my reading of your posts, you sound: > >1. really worked up >2. somewhat bossy (telling cypherpunks what they should do) >3. quite verbose > >Meanwhile, I observe the reactions you're getting -- and it's clearly a >flame war starting. > >My assumption is that people are reacting to your non-verbal message (the 3 >points above) more than to your verbal one. > >As for being bossy -- read your own posts. They are sometimes arrogant. >You sometimes sound like you have analyzed the situation and know what is >to be done and you're sharing your wisdom with the list. > >As I said, it comes across as if you're excited. I appreciate that. I'm >excited too. Now that we've conveyed that information, there's no other >use for what you're writing in such high volume. I grant its theraputic >effect *for you*, perhaps, but it does nothing for me. I: >I am writing to suggest that there is valid reason for people to complain >about your posts and to hope that you step back and consider that >possibility. I don't like seeing you invite such attacks. J: >It's the [...] journalist e-mailing you. Thanks for posting your >response to the Westworld story. I'm much too busy ( [...] ) >to concentrate on encryption and digital cash >features, but one day I will get around to it. And when I do, I'll be >calling you and other cypherpunks for help. K: >I don't want to write you off...so instead, I >sent you a message. I don't think you're flame-baiting the way he was >but rather by adding volume without new content (without information, in the >communications theory sense) and by showing your agitation without doing >anything about it, you have clearly invited flames. L: >I'm concerned, too. However, a "go out and do this" message to cypherpunks >comes across as: > >1. preaching to the choir (therefore a waste of bandwidth) >2. officious (acting as if you were in charge when you're not) > >Both of these are cause for offense -- not "unnerving", just offensive and >therefore an invitation for flaming. M: >Those sentences sound like they're coming from a wounded person who is >trying to get back at an attacker rather than from a calm adult who is >cooperating in the stated goals of cypherpunks. In other words, it sounds >like you're hooked into a flame war -- and that, alone, sounds paranoid. >It has nothing to do with the NSA. N: >I know the situation. So does everyone else on the list. We don't need >reposts from newsgroups. We don't need lectures. We're as worried ad you >and some people on the list are actually doing things to fight this battle. >Your posts don't appear to contribute to this effort. They might make you >feel better -- make it feel like you're doing something -- but it's the >wrong audience and the wrong words. The result is personal flames. O: >I value your work in sci.crypt and hate to see you maligned. I especially >hate to see you invite it. Lately in cypherpunks, it looks like you're >inviting it. P: >I read everything you send -- or >start to read it -- but when I find a re-post of something I've read on a >newsgroup, I get pissed. My mailbox is gaining about 200 messages a day, >not counting real work messages. My time is too valuable to waste in >re-reading something (often for the 5th time). Q: >I'm favorably disposed >toward you but I am telling you that your flood of information -- both >reposts and rehashes of your opinion at great length but offering nothing >I haven't already thought of -- have led me to delete your messages with >my own frustration -- over wasted reading time, discovering that I've >seen this before and nothign of value has been added. That takes time. From ld231782 at longs.lance.colostate.edu Thu Oct 7 01:15:27 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Thu, 7 Oct 93 01:15:27 PDT Subject: writing & copyrights in cyberspace In-Reply-To: <9310061906.AA28917@pawpaw.mitre.org> Message-ID: <9310070812.AA19016@longs.lance.colostate.edu> Joe Thomas >I don't see how enforcement of >copyright will be possible under crypto-anarchy any more than >taxation will be. If one person pays for a posting, what's to keep >him from sharing it anonymously with whomever he wants? Is there any >way that crypto-anarcy won't bring the death of "intellectual >property"? This subject has interested me for a long time and I've posted on it to the list a long time ago. There was a recent article by someone in CUD (I forget who) that closely reflects my own thinking. Since this is kind of a borderline relevant list topic, I won't include it here, I'll just give the reference: >Computer underground Digest Wed Sep 29 1993 Volume 5 : Issue 76 > ISSN 1004-042X > >File 2--the Cyberspatial Copyright The author talks about using digital cash and a sort of shareware system, and also makes reference to the idea of hypertext links that charge tolls when traversed, all based on the idea of digital cash. There are numerous CUD FTP sites, but see e.g. ftp.eff.org:/pub/cud/cud/cud5.76.z note: if you retrieve the file without the .z suffix the system will automatically decompress on the fly. Also, this is not the first time I've seen a reference to the Xanadu system. It must be pretty influential but I haven't gotten around to reading about it yet. Anyway, precise reference: AUTHOR(s): Nelson, Theodor Holm. TITLE(s): Literary machines : the report on, and of, Project Xanadu concerning word processing, electronic publishing, hypertext, thinkertoys, tomorrow's intellectual revolution, and certain other topics including knowledge, education and freedom / Theodor Holm Nelson. Ed. 87.1. Swarthmore, Pa. : Theodor H. Nelson, 1987. 1 v. (various pagings) : ill. ; 22 cm. Includes bibliographical references. OTHER ENTRIES: Word processing (Office practice) Microcomputers Programming. Electronic publishing. Self-publishing Data processing. Project Xanadu. Finally, I have a lot of collections of postings from mailing lists on the subject, e.g. related to an article in Wired by M. Chrichton ``The Death of the Media'', but will not dig them out without a sufficient incentive From leide871 at uidaho.edu Thu Oct 7 01:19:18 1993 From: leide871 at uidaho.edu (Huba J. Leidenfrost) Date: Thu, 7 Oct 93 01:19:18 PDT Subject: Help people help themselves Message-ID: Yikes! So how does one unsubscribe to this list? Not that I want to unsubscribe, but from the number of people that post their subscribe and unsubscribe messages directly to the listserver, I take it this is a problem? Or are they simply illiterate? Could somone please email me or post the proper method to unsubscribe and resubscribe? Thanks. -- --- O | HUBA LEIDENFROST -- <^- | leide871 at snake.cs.uidaho.edu -- -\/\ | `No it's not an original--I stole it off the net!' --- \ | ADVICE AVAILABLE From tcmay at netcom.com Thu Oct 7 02:15:28 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 7 Oct 93 02:15:28 PDT Subject: HACKERS: Crypto Session Being Planned Message-ID: <9310070915.AA07202@netcom5.netcom.com> The Hackers Conference is coming up in early November at Lake Tahoe. Many of you will be attending. I've agreed to put together a session on "Crypto" for Saturday afternoon, for a 90 minute period, in the main room. Pretty much like last year. Every year the crypto theme grows stronger, and the events of the past year should make crypto a really hot topic at this year's conference. There are lots of things we could focus on: the Clipper/Skipjack controversy, PGP (Zimmermann may be there...I'm not sure), the general Cypherpunks agenda, and so on. I'd like to hear any ideas you folks may have, whether or not you'll be attending. And also any volunteers to talk (briefly!) or be on a panel discussion, depending on what structure we follow. Since there are so many folks on this list who'll be at Hackers, it'd be nice to get some fresh faces and hear about some new and exciting work. However, the audience will probably want to hear about the PGP-Zimmermann case (best in its own session, or a "BOF" session, IMHO), the Clipper and key escrow situation, and new legal issues. Perhaps we can split the session into two parts. First, several short (4-6 minute) speeches/talks on subjects, then a panel discussion and questions from the audience. Alternatively, make the whole thing a panel discussion with about 6-8 panelists and really try to hit a wide range of topics, with lots of audience participation. I think it best that we not let politics dominate, as most Hackers attendees share much the same disdain we have for certain government actions, and a political focus usually turns into a gripe session, besides not being very "hackerish." Also, political and legal issues surrounding crypto and cyberspace will likely surface in other sessions, as they did last year when Mike Godwin gave a Friday talk on EFF sorts of legal issues, and then key registration and hacker crackdowns got discussed in the usual marathon Sunday gripe session. (This does not mean we should concentrate on PERL scripts and MIME agents, as I'm sure few in the audience would be interested. A delicate balance is needed, to keep the discussion interesting and informative.) I will *not* speak myself, but will instead *ruthlessly* moderate and control the time schedule....it is far too easy for discussion of remailer software or key escrow issues, for example, to soak up all available time. I'll also try to head off the questions about "the basics," the things that clearly can't be covered in the time available. Last year's speakers can certainly speak again this year, but it may be better to pump in some fresh blood if possible. (If one of the talks is a recap of the first year of Cypherpunks, which I think would make a nice segment, then Eric Hughes would be the natural speaker, even though he spoke last year. We can work out something.) If you know someone who is going to Hackers, who is not on Cypherpunks, but who is doing something interesting in crypto, pass this message on. (And if you are reading this message because someone forwarded it to you for this reason, please get in touch with me if you're interested in participating.) Send in your suggestions, either to me personally or (gulp) to the overall list, but only if you think others would benefit. I have some ideas myself about the themes and topics, but it's best that I say no more for now. Thanks for your help! -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From jrk at sys.uea.ac.uk Thu Oct 7 02:49:19 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Thu, 7 Oct 93 02:49:19 PDT Subject: MacPGP 2.3 sources Message-ID: <14687.9310070951@s5.sys.uea.ac.uk> According to the ftp log, 10 people have so far obtained copies of the MacPGP 2.3 source that I offered. Unfortunately, a local problem unconnected with ftp brought all processes on my machine to a halt at the weekend, and no further sessions were possible until I cleared the fault this morning. Connected with the fault, if anyone knows of the domain name or whereabouts of the machine with IP number 179.135.226.153, I would be most interested in contacting its manager. I'm back from my travels a day earlier than I expected, but I'll leave the PGP stuff available until I said I would, i.e. 8:00 GMT Friday 8. -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From catalyst at netcom.com Thu Oct 7 03:49:19 1993 From: catalyst at netcom.com (Scott Collins) Date: Thu, 7 Oct 93 03:49:19 PDT Subject: on the cypherpunks mailing list & me Message-ID: <9310071045.AA29465@newton.apple.com> Though I am loathe to add social commentary, I am responding on the list to "L. Detweiler's" missive, rather than in private mail, because I don't think any one person is the problem (in fact, I think every one person is the problem). -- the caveat of individualism -- The battle for privacy is an inherently _personal_ one. Individuals seek it. Communities seek to withhold it. On one side is a cooperating organism with psychological machinery sharpened by a millenia of evolution: machinery that keeps the organism together -- and forces it to attack those qualities of individuals not conducive to its own survival. On the other side is a loose collection of individuals whose 'unifying' quality is that, for one reason or another, they desire to keep their privacy. Individuals will always find it difficult to 'hang together', particularly for the purpose of 'hanging apart'. We have graduated from citizenship to adulthood. Instinct no longer suffices for cooperation; it now requires volition. We who seek the reigns, it turns out, must also wear the yoke. -- to "L. Detweiler" -- Don't leave the list. Without doubt, you are a voluminous poster. It heartens me to see such effort, even while it pains me to wade through it. You provide insight, perspective, and data. However, you could make your input incalculably more valuable by honing some of your posts. There are ideas that _need_ many words to express, others only _want_ many words. Compression takes energy. Succinct writing is difficult; but worthwile. In my humble opinion, the only person on this list who has _never_ used more words than required is Eric Hughes. (In fact, the very post you are reading embarasses me with its length, considering its moral). -- my perfect world -- Long ago I read a story about a utopian society. So long ago, in fact, that all the details have faded save this -- central to their society was their law, comprising but two directives: 1. Don't annoy other people too much. 2. Don't be too easily annoyed. It may sound obsequious, but (when I remember) I try to live by these rules. -- summary -- Because, energy is lost in transmission, it is practical to treat others with _more_ consideration than you would be willing to accept from them. A mailing list is not a conversation. Posters owe readers the respect of polished expression. Readers owe posters respect for effort expended, but note that it is harder to post something cogent and succint than it is to type in a page of thoughts and press 'send'. You could sift a ton of coal dust by hand and not find the diamond that it could have become, were it squeezed down to its essence. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com From honey at citi.umich.edu Thu Oct 7 06:15:29 1993 From: honey at citi.umich.edu (peter honeyman) Date: Thu, 7 Oct 93 06:15:29 PDT Subject: Start up costs and paying for speech... Message-ID: <9310071315.AA11604@toad.com> > a. if s sub i = 1, then alice sends bob a sub i, c sub i, > and y sub i. i put that typo in to see if you were paying attention. it's z sub i, not s sub i. there, it's all clear, now, right? peter From still at kailua.colorado.edu Thu Oct 7 07:30:40 1993 From: still at kailua.colorado.edu (James Still) Date: Thu, 7 Oct 93 07:30:40 PDT Subject: PGP removal Message-ID: <2CB43647@kailua.colorado.edu> >I first got pgp2.2 from compuserve ibmsys forum downloads. >A few day ago the file finder on cis listed PGP2.3. When I actually looked >neither program was there. Sysop says the were removed on advice of his >lawyer(not compuserve management ) because of government crakdown. >and questios of legality. The not so subtle hand of intimidation by >rumor seems to be at work here. Just thought this would be of interest. Several months ago I uploaded a program I wrote called PGPShell (which is a DOS front-end for PGP) to Compu$erve's IBMSYS forum. For most people in Russia who do not have FTP access or reliable links to the West, CS is their only way of obtaining PGP or related utilities. Even though it performs no encryption on its own, PGPShell was soon deleted from the IBMSYS forum. I assumed it a mistake, and uploaded it a second time. Same thing. It has been three times now, and I'm certain that it has been deleted again; my only hope is that during those brief periods when it was there, my new-found friends in Russia had a chance to snatch it. Ironically, while Yeltsin dissolves free speech and authoritarianism returns to Russia, Compu$erve has been further trivializing its already "top-40"-esque, politically-correct venture. +------------------------------------------------------------------+ The novelist Philip Roth says that there are only 60,000 serious | readers in the U.S., and every 20 years that number is halved... | | ------------------ still at kailua.colorado.edu --+ From msattler at netcom.com Thu Oct 7 07:45:30 1993 From: msattler at netcom.com (Michael Sattler) Date: Thu, 7 Oct 93 07:45:30 PDT Subject: PGP in Fidonet Message-ID: <9310071441.AA03954@netcom.netcom.com> At 2:46 PM 93/10/06 -0400, Mike Godwin wrote: >As for programmer jokes, did you hear about the programmer who could never >get out of the shower? No, I hate to admit. How does it go? ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) Evil will certainly triumph if good people do nothing at all. From msattler at netcom.com Thu Oct 7 07:45:40 1993 From: msattler at netcom.com (Michael Sattler) Date: Thu, 7 Oct 93 07:45:40 PDT Subject: Mea Culpa - Don't "devalue" my postings :-( Message-ID: <9310071442.AA03981@netcom.netcom.com> >> The real question is, what attorney jokes do *you* know? Do you tell >> programmer jokes? > > Why did you post this to the list? Argh! I'm using a new mailer that copies *everyone* to the reply field, which I've noticed only after investigating (prompted by someone's gentle query). I'm sending this apology to the list because I'm sensitive to preserving a high signal-to-noise ration, and I understand that my exchange of attorney and programmer's jokes with Mike @ EFF should be private mail. I'll me more mindful in the future. Sorry. Now let me try and make this message add something. I love the idea of implementing a digicash system monitored by the list server even though we haven't finished discussing whether it's play money, or how to charge exactly. Getting it up and running and generating usage statistics so we can see the flow of digicash. Again, I aplogize for having my private email replies leak onto the list. ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) Evil will certainly triumph if good people do nothing at all. From dean at ucc.su.OZ.AU Thu Oct 7 09:29:20 1993 From: dean at ucc.su.OZ.AU (Dean Van Dyke) Date: Thu, 7 Oct 93 09:29:20 PDT Subject: please unsubscribe me !!! Message-ID: please unsubscribe me from the cypherpunks mailing list. thanks for the interesting reading but I have to move on now. From crunch at netcom.com Thu Oct 7 09:49:20 1993 From: crunch at netcom.com (John Draper) Date: Thu, 7 Oct 93 09:49:20 PDT Subject: Hackers Conf discussions Message-ID: <9310071647.AA14631@netcom3.netcom.com> Re: Hackers Conf, Tim says.. >I'd like to hear any ideas you folks may have, whether or not you'll >be attending. And also any volunteers to talk (briefly!) or be on a >panel discussion, depending on what structure we follow. Yes!! I would like to participate in this discussion, as I am now in position where I have ability to communicate with thousands of young ravers and PGP wannabes and soon I'm going to want to communicate with these folks on several issues: ** Getting LOTS of people to use PGP ** Voter registration and political actions such as letter writing to local representitives, etc. ** Other actions where large masses of people can make SOME influence on our officials. From warlord at MIT.EDU Thu Oct 7 09:55:32 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Thu, 7 Oct 93 09:55:32 PDT Subject: Help people help themselves In-Reply-To: Message-ID: <9310071652.AA05661@toxicwaste.MEDIA.MIT.EDU> Here is a form letter I send to people who send sub/unsub messages to mailing lists. This explains how to do it properly. -derek --------- Included Message Follows --------- Hi. Please do not send subscribe or unsubscribe messages to the list. That is what the -request list is for, so you can inform the maintainers of the list. When you send to large mailing lists with sub and unsub requests, you just increase the bandwidth used, and annoy a lot of people, since almost everyone on the list has absolutely no power with maintaining the list. Please remember that the Internet is not made up of listservs, and the Internet Approved method of sending requests is to send to listname-request. I suggest you read RFC's 1325 and 1396, as well as FYI 17 about mailing lists... Thank you for your time. -derek From hughes at ah.com Thu Oct 7 09:55:42 1993 From: hughes at ah.com (Eric Hughes) Date: Thu, 7 Oct 93 09:55:42 PDT Subject: ADMIN: required knowledge--how to get removed from the list In-Reply-To: Message-ID: <9310071652.AA01271@ah.com> I have a form letter, included below, which I send to people who ask the list at large to be removed. Unfortunately, I suspect that many of the people who wish to be removed have already stopped reading the list, so that messages which explain how to get removed are not read. Eric ----------------------------------------------------------------------------- The cypherpunks list is for discussions on implementing cryptography. To mail to the whole list, send mail to cypherpunks at toad.com Every mail message sent to this address will be forwarded to everyone on the list. Make sure that the message you wish to send is appropriate for such a broad delivery. If you want to be added or removed from the cypherpunks list, or have any other questions which pertain to list management, send mail to cypherpunks-request at toad.com I don't manage the list from my regular account, so such mail which ends up in my ah.com account will just get you another copy of this file. Eric Hughes maintainer of the lists cypherpunks at toad.com and cypherpunks-announce at toad.com From hughes at ah.com Thu Oct 7 10:35:32 1993 From: hughes at ah.com (Eric Hughes) Date: Thu, 7 Oct 93 10:35:32 PDT Subject: Monthly Bay Area cypherpunks meeting Message-ID: <9310071728.AA01313@ah.com> ANNOUNCEMENT ============ What: October monthly cypherpunks meeting When: Saturday, October 10, 1993 12:00 noon - 6:00 p.m. Where: Cygnus Support offices, Mountain View, California (directions below) The Bay Area cypherpunks meeting is the second Saturday of the month, every month, at the Cygnus Support offices. All are welcome and encouraged to attend. Agenda ------ Here's what I know about for Saturday's meeting: -- Norm Hardy on Harvest -- Arthur Abraham on the DES cracking machine -- a presentation either on electronic voting or copyright (TBA) -- a report on the Austin-EFF cryptography conference -- the usual reports from the attendees Directions ---------- [Directions to Cygnus provided by John Gilmore. -- EH] Cygnus Support 1937 Landings Drive Mt. View, CA 94043 +1 415 903 1400 switchboard +1 415 903 1418 John Gilmore Take US 101 toward Mt. View. From San Francisco, it's about a 40-minute drive. Get off at the Rengstorff Ave/Amphitheatre Parkway exit. If you were heading south on 101, you curve around to the right, cross over the freeway, and get to a stoplight. If you were heading north on 101, you just come right off the exit to the stoplight. The light is the intersection of Amphitheatre and Charleston Rd. Take a right on Charleston; there's a right-turn-only lane. Follow Charleston for a short distance. You'll pass the Metaphor/Kaleida buildings on the right. At a clump of palm trees and a "Landmark Deli" sign, take a right into Landings Drive. At the end of the road, turn left into the complex with the big concrete "Landmark" sign. Follow the road past the deli til you are in front of the clock tower that rises out of one of the buildings, facing you. Enter through the doors immediately under the clock tower. They'll be open between noon and 1PM at least. (See below if you're late.) Once inside, take the stairs up, immediately to your right. At the top of the stairs, turn right past the treetops, and we'll be in 1937 on your left. The door is marked "Cygnus". If you are late and the door under the clock tower is locked, you can walk to the deli (which will be around the building on your left, as you face the door). Go through the gate in the fence to the right of the deli, and into the back lawns between the complex and the farm behind it. Walk forward and right around the buildings until you see a satellite dish in the lawn. Go up the stairs next to the dish, which are the back stairs into the Cygnus office space. We'll prop the door (or you can bang on it if we forget). Or, you can find the guard who's wandering around the complex, who knows there's a meeting happening and will let you in. They can be beeped at 965 5250, though you'll have trouble finding a phone. Don't forget to eat first, or bring food at noon! I recommend hitting the burrito place on Rengstorff (La Costen~a) at about 11:45. To get there, when you get off 101, take Rengstorff (toward the hills) rather than Amphitheatre (toward the bay). Follow it about ten blocks until the major intersection at Middlefield Road. La Costen~a is the store on your left at the corner. You can turn left into the narrow lane behind the store, which leads to a parking lot, and enter by the front door, which faces the intersection. To get to the meeting from there, just retrace your route on Rengstorff, go straight over the freeway, and turn right at the stoplight onto Charleston; see above. See you there! John Gilmore From an5877 at anon.penet.fi Thu Oct 7 10:35:51 1993 From: an5877 at anon.penet.fi (deadbeat) Date: Thu, 7 Oct 93 10:35:51 PDT Subject: MacPGP 2.3 sources Message-ID: <9310071735.AA05805@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- > Connected with the fault, if anyone knows of the domain name or whereabouts > of the machine with IP number 179.135.226.153, I would be most interested > in contacting its manager. You have been hacked. IP addresses above 168.xxx.xxx.xxx have not yet been allocated. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBFAgUBLLQZrPFZTpBW/B35AQEcPgGArD2mpFu4Sd7oj+s95XRgJtfW9lo/I/Ln y14lstlkI1wS0XsHDPZnC/6FOZrokyOK =57Jo -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From charliemerritt at BIX.com Thu Oct 7 10:49:20 1993 From: charliemerritt at BIX.com (charliemerritt at BIX.com) Date: Thu, 7 Oct 93 10:49:20 PDT Subject: WEAK RSA KEYS Message-ID: <9310071345.memo.43629@BIX.com> On cypherpunks warlord at MIT.EDU (Derek Atkins) posted an example of a (small) RSA key. He is perpetuating a dangerous myth about RSA. He probably believes, along with most people, that for each encryption exponent there is ONLY ONE decription exponent. In fact there are AT LEAST TWO. Yes, you have a "spare key". Maybe many. In fact I can generate RSA keys with "good" primes that are hard to factor, yet the keys are WEAK - easy to break. This is part of Derek Atkins' example: > Here is a better example: > > p = 5 q = 11 N = pq = 55 > m = (p-1)(q-1) = 4*10 = 40 > >Now, we need to choose our public and private decryptors, E and d, >such that Ed = 1 mod (m): > E = 3 d = 27 In his example the decrypt exponent is 27. The "spare" is 7. The "spare" runs faster, too. Go ahead, try it. The myth is that "ED = 1 mod (m)". The truth is as follows: G = gcd( p-1 , q-1) in this example G=2 F = m/G in this example F=20 ED = 1 mod (F) I showed this to Phillip Zimmermann and PGP keys are generated this way. At first PRZ checked to be sure G=2. Then he found that with random large primes G was almost always small, say < 17 or so. So now he doesn't check. HERE IS WHY IT IS IMPORTANT TO KNOW THIS: Let's say my name is Denning. Lets say there is a new government chip they want certified. They describe the (RSA) algorithm to me, in secret. I look at it from every angle I *can think of*. Yes the skipj--- RSA algorithm is good. I say so in public. No, I can't reveal how it works, but trust me, my name is Denning and I know what I speak of. Now the government starts producing KEYS for this new algorithm. They key escrow them to two agencies. They also make sure that G IS LARGE. The algorithm can be brute force attacked (search for spares). They don't give a da*m about warrants and escrow, the TLA can brute force any keys they need. Think about it, Dorothy. We aint in Kansas any more. Here is an example (using small numbers) of a weak key. P=607 q=1213 n=736291 phi=(p-1)*(q-1)=734472 G=606 F = phi/g = 1212 E=5 D=485 (D*E)=1 mod F M=40 (message) M^E mod n = 55551 cyphertext=55551 55551^D mod n = 40 A spare key can be found every 1212 numbers, just add 1212 to D: 1697, 2909, 4121, 5333.....etc They are all spares. Charlie Merritt's rule of cryptography: "Don't trust even RSA if you don't generate the keys; Know your source (code)." From tcmay at netcom.com Thu Oct 7 10:50:32 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 7 Oct 93 10:50:32 PDT Subject: HACKERS: Crypto Session Being Planned In-Reply-To: Message-ID: <9310071749.AA11356@netcom5.netcom.com> Whoops! I've already gotten half a dozen messages similar to this one: > > The Hackers Conference is coming up in early November at Lake Tahoe. > > Many of you will be attending. > > Can you send more info about this? First time I've heard of it...thanks! Let me clarify something: the Hackers Conference is an invitational event, for better or for worse. The best way to get an invitation is to do something "hackerish" that gets you noticed. I don't necessarily mean hackerish in the breaking-and-entering vein, either. The Hackers Conference began in 1984, sponsored initially by Steward Brand and others, and presumably based partly on the Steven Levy book "Hackers: Heroes of the Computer Revolution." (Levy has attended in some years, and you may also recall he wrote the excellent "Wired" article on crypto and "Crypto Rebels"--us.) For the first several years it was in a rustic jewish boy's camp in the Santa Cruz Mountains, above Saratoga, where we slept (if we slept...) 10 to a room in either unheated or overheated cabins. In 1990 it moved to luxurious digs at the Granlibakken Lodge at Lake Tahoe, where we get ski lodge-type rooms (it's before skiing season starts, though, but this also holds the cost down somewhat). The Conference lasts for about 48 hours, from Friday afternoon to Sunday afternoon, and many people stay up the entire time. Lots of interesting people, guest speakers, all-night hacking sessions, machine room demos, "work in progress," etc. At the 1987 Conference, John Walker of Autodesk met Ted Nelson, Roger Gregory, and others and the funding of Xanadu and AMIX commenced. Many interesting business contacts have been made at Hackers, especially in areas of VR and multimedia. "Prose hackers" also show up. Vernor Vinge has attended, as has Marc Stiegler. Jerry Pournelle is a regular. Too many people to mention. (BTW, Vernor was very interested in the public key crypto implications when he attended in 1989...I wonder if the P-K references in his Hugo-winning novel "A Fire Upon the Deep" were affected by our discussions?) My first Hackers was in 1988, shortly after the "Crypto '88" conference, where I described my "crypto anarchy" ideas to some folks....probably this is partly why I got invited that year. I gave a talk on public key crypto, along with John Gilmore, at the 1990 session. The next year Eric Hughes (whom I had just met a few months earlier) talked about digital money and the Chaum stuff. And last year I was asked to lead a main session on crypto (I was slightly infamous at the time for having written the "A Trial Balloon to Ban Encryption?" piece in sci.crypt, which alerted many readers to the "key escrow" ideas of Dorothy Denning, which presaged the "Clipper" proposal six months later). At that session we had several speakers, including Stu Haber on digital time-stamping, Eric Hughes on digital money, John Gilmore on EFF and FOIA-type activites, and so on. The EFF activities are always a big deal at Hackers, what with Mitch Kapor often attending and so forth. Mike Godwin is our "legal hacker," so to speak (aren't all lawyers hacks?), and he'll be at this year's Hackers. Well, that's enough of a summary. The best way to get invited is to do something that brings you to the attention of the attendees, as every year they ask us to make nominations. Yes, there are many of you out there who are better hackers than many of us who (somehow) got on the invite list. That's life, I guess. Don't take it too seriously. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From owen at autodesk.com Thu Oct 7 11:39:20 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Thu, 7 Oct 93 11:39:20 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310071839.AA11794@lux.YP.acad> > From: pierre at shell.portal.com (Pierre Uszynski) > > From: Karl Lui Barrus > > The attitude expressed by the individual on io.com shows a problem we > > will have in educating others - "anonymous posts CAN destroy a civil > > conversation". Yes, maybe so, but in my experience on mailing lists, > > bbses, etc. I've noticed that "flame wars" and "anonymous posts" have > > NO correlation, and are quite independent of one another. > > Since I've seen "flame wars" on systems with absolutely no anonymous > > posting facilities (or none that were used), I conclude that civil > > conversation is destroyed by strongly held differences in opinions (or > > some other factor I can't pin down). > I'll second that. The main menaces against "civil conversations" have been, > on Netnews, flame wars and wars between two individuals. There is another level of *menace* which I suppose many of you are unaware. The queer newsgroups of usenet, have been experiencing waves of net-terrorism for the last couple of years. I don't mean the usual mean-spirited or dogma-driven type of uninformed posting that echoes the stereotypical stuff we are used to dealing with in daily life. Nor do I mean the occasional *ALL FAGS SHOULD DIE POSTED IN ALL CAPS FROM SOMEONES ACCT THAT THEY LEFT LOGGED IN ON A PUBLIC TERMINAL AT AN INSTITUTION OF -ahem- HIGHER LEARNING* I mean people who exploit insecure sites and networking skill to forge mail and articles as part of a concerted and ongoing campaign of harrasement. Stuff that has resulted in very serious consequences. Theres no need to go into detail here about the array of tactics and the widening scope of the phenomenon, but I think it needs to be looked at as an example of how and why systems are abused. If anti-social immaturity can easily find shelter for puerile behavior, then any socipathic agenda or ruthless competitor can do likewise. > the flamers and the opponents are clearly > identified. They are usually proudly posting under their usual Name (as > they are all fighting for their Reputation, and for establishing their > opponent's Incompetence) (... do we recognize anybody yet :-? ) I actually > can't remember such a war involving an anonymous poster (as in "using > penet or similar"). soc.motss and other newsgroups have seen a long list of pseudo-persons posting from non existent sites, and yes.. penet has been used to this effect. > What destroys discussions (and forces people to leave them...) is the > tendency of threads to start genuine, and to end as flame wars. > Certainly, for-money systems would tend to shorten flame wars.. I think that there is no shortage of contributing factors to the shortcomings of network distributed ascii based communication. Bottom line is that when we have our full range of auditory clues, and visual context, we use all of that and more in order to convey meaning, and in network distributed ascii communication the clues and context are missing unless we *spell it out*. Most of us aren't that diligent or patient. I think it is interesting to also note that people will engage in levels of flaming that tehy would never do to another person face to face. That is also a form of non-acountability by being unreachable when your content might otherwise earn you a fist in your face. Personally, I believe that some levels and forms of anonymity are highly desireable. Reality is that some levels and forms of anonymity are too easily subverted by sociopaths who don't care about the consequences of their acts, or the restrictions that may come about due to their abuse. Not to get too far past the scope of mailers and netnews, but these issues have importance to the growth of Networked commerce in general. I think that the design of privacy systems needs to take these dark-side issues seriously and do their best to minimise the potential for abuse. If for no other reason, where there is money, there is abuse and criminally sociopathic predators who will do anything in their power to gain advantage over their competition. Perhaps a *zoning* concept is needed, in such that transactions would have qualifying conditions - or in such that *zones* exist as data-space with authentication qualifications for *entry* or transaction. LUX ./. owen From warlord at MIT.EDU Thu Oct 7 11:55:32 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Thu, 7 Oct 93 11:55:32 PDT Subject: WEAK RSA KEYS In-Reply-To: <9310071345.memo.43629@BIX.com> Message-ID: <9310071851.AA06231@toxicwaste.MEDIA.MIT.EDU> No, I never said anything about Weak keys, nor did I ever say that what I chose was a strong key. I just showed, as I stated, "An Example" of an RSA key. Please do not put words in my mouth. I agree that the myth of only one decryption exponent is a bad thing to keep going. I, however, was only trying to give an example of how RSA works, with numbers, rather than prove that certain sets of RSA numbers give weak keys. And I'm also sure that you can much more easily find a set of weak keys than you can find strong keys, but let's not get into that argument, please! Thank you for pointing this out to people. -derek From hughes at ah.com Thu Oct 7 12:05:32 1993 From: hughes at ah.com (Eric Hughes) Date: Thu, 7 Oct 93 12:05:32 PDT Subject: Correction in Bay Area meeting announcement Message-ID: <9310071858.AA01476@ah.com> CORRECTION ========== The meeting is Saturday the 9th, not Sunday the 10th. Sorry for the typo. The Bay Area meetings are always on Saturdays. Eric From klbarrus at owlnet.rice.edu Thu Oct 7 12:05:42 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 7 Oct 93 12:05:42 PDT Subject: Weak RSA keys? Message-ID: <9310071903.AA25719@flammulated.owlnet.rice.edu> I don't mean to flame you, but before you rush off and publish your results somewhere you may want to step back and check over your premise and the steps it involves a few times. > The "spare" is 7. The "spare" runs faster, too. Go ahead, try it. > The myth is that "ED = 1 mod (m)". > The truth is as follows: > G = gcd( p-1 , q-1) in this example G=2 > F = m/G in this example F=20 > ED = 1 mod (F) Now how exactly do you calculate this "F"? Does it involve, say, knowing phi(n), information ONLY available to you if you happen to know the factorization of n? In which case the whole thing collapses anyway? How can you use this information to decrypt a message? If I were to give you the 200 digit product of two primes, could you find the "spare" key? If I get some time I'd like to look over your method to see if it's really there or an artifact of the numbers you chose. There is a "weakness" easily shown in RSA in that for some keys, up to 9 messages encrypt to themselves! That is, M^e = M mod n. Now, if you pick large primes, these 9 messages will get lost in the 100 trillion numbers every atom in the universe can have allocated, so it really isn't a problem. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From djw at eff.org Thu Oct 7 12:25:32 1993 From: djw at eff.org (Daniel J. Weitzner) Date: Thu, 7 Oct 93 12:25:32 PDT Subject: Fiberpunks? (Was - Really Cheap Crypto) Message-ID: <199310071924.AA21393@eff.org> >>>From today's New York Times: >> >>"- - - General Aidid was brazenly speaking out on his own clandestine radio >>station this week, assailing United Nations colonialism. Today, Pentagon >>officials said they believed the Somali clan-leader had foiled their >>efforts to locate him in part by communicating with his forces on simple >>walkie-talkies difficult to monitor with high-technology American >>listening gear". >> >>Now, is the time for Dorothy D. to suggest, as she did with Clipper, that >>all dissident Somalis be required by law to use high-tech comm gear. Let's >>hope that the criminal element against which the escrowed key crap is >>oriented doesn't hear about the Somali answer to communications intercept. >>In the off chance that they might, I'm going to buy stock in oatmeal boxes >>and wax string. String is, indeed, an critical privacy-protecting technology, but alas, a threat to national security as well. Perhaps someone will have to start a fiberpunks movement. ................................................................... Daniel J. Weitzner, Senior Staff Counsel Electronic Frontier Foundation 1001 G St, NW Suite 950 East Washington, DC 20001 202-347-5400 (v) 202-393-5509 (f) From klbarrus at owlnet.rice.edu Thu Oct 7 12:59:20 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 7 Oct 93 12:59:20 PDT Subject: Weak RSA keys? Message-ID: <9310071956.AA02596@flammulated.owlnet.rice.edu> >He probably believes, along with most people, that for each >encryption exponent there is ONLY ONE decription exponent. >In fact there are AT LEAST TWO. Yes, you have a "spare key". Yes, it does look like there are two possible decryption exponents, but one is derived from the other and information only known to the person who can factor n, so it isn't clear to me how this is a big weakness. If you pick good factors of n and the primes are large, the problem is just as infeasible as it was before, and you get ONLY two decryption exponents. In fact, if you look on page 92 of "Cryptography; An Introduction to Data Security" by Seberry and Pieprzyk, you will see that they make it more explicit than some other texts: they give this as the formula relating then encryption and decryption exponents: e d = 1 mod gamma(n) where gamma(n) = lcm (p-1, q-1) So they use the least common multiple of p-1 and q-1. With good choices of p and q, there will be 2 decryption exponents: d and (d + phi(n)/gamma(n)). If you have more than 2 decryption exponents, you have made poor choices of primes. Again, to calculate the "spare" key you nee need to know how n factors, which makes the whole thing moot. Example with better choices for p and q: p = 107; q = 167; n = 17869 phi(n) = 106 * 166 = 17596 e = 43 d = 43^-1 mod 17596 = 7775 71^43 mod 17869 = 10073 (the encrypted message) to decrypt: 10073^7775 mod 17869 = 71. If you use e d = 1 mod gamma(n) you get d = 43^-1 mod 8798 = 7775, which is the same d you got above. Thus, the spare key is 7775 + 8798 = 16573, which does work as a decryption exponent. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From klbarrus at owlnet.rice.edu Thu Oct 7 13:25:32 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 7 Oct 93 13:25:32 PDT Subject: Weak RSA keys, 2nd post Message-ID: <9310072023.AA06352@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- (sorry for posting this twice, but as I sent the previous message, line noise or something overtook me) It does appear that there can be multiple decryption keys, but with good choices of p and q, there will be only two. Whether or not "ed = 1 mod phi(n)" is a myth or not... depends. Look at "Cryptography: an Intoduction to Computer Security" by Seberry and Pieprzyk. On page 92, equation 3.9 gives the relation between encryption and decryption keys as "ed = 1 mod gamma(n)" where gamma(n) = lcm(p-1,q-1). Which is what the "F" function described before is. With proper choices of p and q, the d calulcated by the first forumla and the d calculated by the second will be the same. Of course, since you must know how to factor n to calculate the "spare" key, it isn't clear to me how it will help you decrypt a message. With large enough properly chosen primes, it won't matter. Solution: pick good primes. An example with better choices for p and q: p = 107; q = 167; n = pq = 17869 phi(n) = (p-1)(q-1) = 17596 e = 43 Method 1: d = 43^-1 mod 17596 = 7775 Method 2: lcm(p-1, q-1) = 8798 d = 43^-1 mod 8798 = 7775 Either method: message M = 71 encrypted M' = 71^43 mod 17869 = 10073 decrypt = 10073^7775 mod 17869 = 71 The "spare" key is 7775 + 8798 = 16573, which does indeed work. But again, I don't see how an attacker can use info about the existence of a second key. Karl L. Barrus -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLLR5CYOA7OpLWtYzAQH/FQP/a+/uxGaKIYKuWCNcP5e0aBGMjhVPnwlU cJxrDMSBQYcPHzMPafqXIdfIlNE/g7aB/0Fnnh2cB4MtwvsGiCOe/XGNUgrR+R+e X2LWBlQmQ4YBPRnGgXAejX8LkWTScexIrfcXLsps6REyJHVoJB/5gpLNflBnjW5C h8xTNoqknf4= =8y9+ -----END PGP SIGNATURE----- From klbarrus at owlnet.rice.edu Thu Oct 7 13:35:32 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 7 Oct 93 13:35:32 PDT Subject: Standard Headers for Anonymous Remailers In-Reply-To: <9310071839.AA11794@lux.YP.acad> Message-ID: <9310072034.AA08000@flammulated.owlnet.rice.edu> D. Owen Rowley wrote: >I think that the design of privacy systems needs to take these >dark-side issues seriously and do their best to minimise the potential >for abuse. Yes, but it's more than just the privacy systems that need good designs; applications like mailers could benefit from (say) digitally signing every message and reporting the signature on a document rather than where it came from. At the risk of sounding like a broken record, I will quote some private email I sent to another indiviual concerned with these things (hopefully eveybody else who is going to post in about needing to minimize abuses and stuff will read this and find out such things are being worked on!) >I hope this is because people really feel like schmucks taking >anonymous pot-shots :-) I mean, I wouldn't like to see anonymous >remailers abused either. >As I mentioned, a more "satisfying" solution to me is to be using a >positive reputation system along with a pay-per-remail anonymous >remailer. The problem is infrastructure - there exist anonymous >remailers, but right now positive reputations and pay-remailers aren't >at the same level. >A good positive reputation system would require people to habitually >sign their messages and posts, even if the key they used can't be >traced (say, the username is a pseudonym). Plus, you'd need software >(built in to the mail software you use would be best) that reports >signatures instead of email address. This would allow you to see who >sent the message (who signed it) rather than where it originated from. >A good pay-remailer would charge enough per letter so as to make >everyone think before firing off a letter in haste. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From pierre at shell.portal.com Thu Oct 7 13:39:20 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Thu, 7 Oct 93 13:39:20 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310072018.AA14402@jobe.shell.portal.com.shell.portal.com> > From: owen at autodesk.com (D. Owen Rowley) > > There is another level of *menace* which I suppose many of you are unaware. [...] > I mean people who exploit insecure sites and networking skill to forge > mail and articles as part of a concerted and ongoing campaign of ????????????????????? > harrasement. > Stuff that has resulted in very serious consequences. ????????????????????????? > > Theres no need to go into detail here about the array of tactics and > the widening scope of the phenomenon, but I think it needs to be looked > at as an example of how and why systems are abused. On the contrary, let's hear the details. If what we are considering here is how to fight abuse while encouraging (what we think is) positive use of anonymous systems, then we need to know the details. If you are not comfortable posting that here, I'd welcome a private email (as well as the people at io.com would, I expect). Still, I don't think cypherpunks is anywhere close to the stage where we should withold that kind of detail (except for OS bugs that go to CERT first)... > soc.motss and other newsgroups have seen a long list of pseudo-persons > posting from non existent sites, and yes.. penet has been used to this > effect. ok, and anonymous remailers don't change that possibility one way or the other. I'll go hang out there for a while anyway... > I think that the design of privacy systems needs to take these > dark-side issues seriously and do their best to minimise the potential > for abuse. Sure, but consider that extremist systems will exist nonetheless. > Perhaps a *zoning* concept is needed, in such that transactions would > have qualifying conditions - or in such that *zones* exist as data-space > with authentication qualifications for *entry* or transaction. Who qualifies whom, based on what info, and to eliminate whom? Pierre pierre at shell.portal.com From doug at netcom.com Thu Oct 7 13:45:34 1993 From: doug at netcom.com (Doug Merritt) Date: Thu, 7 Oct 93 13:45:34 PDT Subject: Good editorial in the Merc Message-ID: <9310072044.AA22854@netcom.netcom.com> The Thursday Oct 7 San Jose Mercury News lead editorial contains a note acknowledging a sane point of view about cryptographic exports. (It's titled "Unshackled Tech -- Looser export rules will boost Silicon Valley Sales", and it discusses Clinton's decision last week to boost the speed limit for exportable computers.) The *good* part, though, is: " * Congress should update the Export Administration Act. A 1990 version would have lifted export controls on telecommunications and software with encryption codes, which give the software users a better way to keep data secret. President Bush vetoed it. His administration wanted to deprive the Chinese and Russians of the latest, hard-to-bug telecommunications equipment, and the latest encrypted software. Well, the Chinese already know how to make the new telecommunications equipment. The encryption software is in the hands of anyone who can find a pirated copy." Awareness is beginning to grow out there. Doug From hughes at ah.com Thu Oct 7 14:35:56 1993 From: hughes at ah.com (Eric Hughes) Date: Thu, 7 Oct 93 14:35:56 PDT Subject: Weak RSA keys? In-Reply-To: <9310071956.AA02596@flammulated.owlnet.rice.edu> Message-ID: <9310072135.AA01702@ah.com> Re: finding weak keys The point with weak RSA keys is not that one can find other decryption exponents deterministically given public information, but rather probabilistically. If gcd( p-1, q-1 ) is large with respect to pq, then one can simply do a random search for these other exponents. Greatest common divisors are quick to calculate, so there's no practical problem with making sure that one does not generate weak keys. The rest of this message is a mathematical explanation of _why_ there are at least two decryption exponents. Warning: technical algebra follows. Short answer: (Z/pqZ)^* is not a cyclic group, and therefore does not contain elements of maximum order, i.e. of order (p-1)(q-1). (Notation: the group above is the multiplicative group of numbers modulo pq.) The largest order of any element is lcm(p-1,q-1). Longer answer: (Z/pqZ)^* is isomorphic to (Z/pZ)^* x (Z/qZ)^*. The isomorphism map is I: x mod pq |--> ( x mod p, x mod q ). Let f = gcd(p-1,q-1) and F = lcm(p-1,q-1). Define f_p = (q-1)/f and f_q = (p-1)/f; both are integers. Note that since Ff = (p-1)(q-1), F = (p-1)f_p = (q-1)f_q. I( x^F mod pq ) = ( x^F mod p, x^F mod q ) = ( x^((p-1)f_p) mod p, x^((q-1)f_q) mod q ) = ( (x^(f_p))^(p-1) mod p, (x^(f_q))^(q-1) mod q ) = ( 1 mod p, 1 mod q ) The last step follows by Fermat's Little Theorem. Since the isomorphic image of x^F is (1,1), we conclude that x^F == 1 (mod pq), for all x. (To see this, use the Chinese Remainder Theorem.) Since p and q are both odd, p-1 and q-1 are both even. Thus their gcd must be at least two. Out of curiosity, does anybody here know how to calculate any expectations for gcd(p-1,q-1) for, say, 2^n < p < q < 2^(n+1) ? I don't know enough number theory myself. Eric From peb at PROCASE.COM Thu Oct 7 14:39:21 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Thu, 7 Oct 93 14:39:21 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310072136.AA02054@banff.procase.com> >From: pierre at shell.portal.com >Who qualifies whom, based on what info, and to eliminate whom? As the Internet becomes more diverse and less the domain of programmers and scientists, it is natural that other means of selection are needed for membership in a group. The traditional academic atmosphere of mailing lists will evolve away from total openenss. Here are some possibilities: 1. By invitation only--members sponsor new members. 2. By trial period--new members are lurkers on the main list and a subset of the members can see their postings or they must first be moderated. 3. Qualifications--could range widely. 4. Tests. 5. All of the above. >From: owen at autodesk.com >with authentication qualifications for *entry* or transaction The Extropians list already does this--not totally secure, to be sure, but you must let the list administrators know all your posting nodes. Paul E. Baclace peb at procase.com From cman at IO.COM Thu Oct 7 15:25:35 1993 From: cman at IO.COM (Douglas Barnes) Date: Thu, 7 Oct 93 15:25:35 PDT Subject: Standard Headers for Anonymous Remailers In-Reply-To: <9310072018.AA14402@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310072218.AA01673@illuminati.IO.COM> Owen wrote: > > Perhaps a *zoning* concept is needed, in such that transactions would > > have qualifying conditions - or in such that *zones* exist as data-space > > with authentication qualifications for *entry* or transaction. > Pierre wrote: > Who qualifies whom, based on what info, and to eliminate whom? > I don't think that Owen (and certainly not any party to the argument at io.com) is suggesting a high-handed Big Brother approach to qualifying transactions. At least I hope not... However, I think that as the means of defining data spaces (whether in Usenet space, mailing list space, or IRC space) become more sophisticated and also more accessible, that the people who establish these spaces will want to also establish authentication qualifications. And whether this will be a Good Thing or a Bad Thing depends on whether it's based on reputation or on knee-jerk anti-anonymity bigotry. Individuals or groups that wish to create a data space, or who currently conduct transactions in a data space, *should* have the right to establish rules for entry and transaction ranging from "anything goes" to "established members of the foo-ology research community using digital signatures." I think that the best remedy for the tyranny and stagnation that can arise from this is to keep a very low barrier to entry for the creation of new data spaces. Despite this, I think that discrimination solely on the basis on anonymity is *dead wrong* and is on equivalent moral ground with discrimination on the basis of skin color, religion or unnatural fondness for aquatic mammals. I think it is much more useful to put the new anonymous entity on the same ground as, say, a first semester college freshman, and allow that entity meaningful channels for acquiring reputation, up to and including becoming an "established member of the foo-ology research community." Doug Barnes Founder of foo-ology and the 'foo' mailing list To subscribe, send e-mail to: foo-request at indial1.io.com -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From charliemerritt at BIX.com Thu Oct 7 15:29:21 1993 From: charliemerritt at BIX.com (charliemerritt at BIX.com) Date: Thu, 7 Oct 93 15:29:21 PDT Subject: Weak Keys? explained Message-ID: <9310071823.memo.44198@BIX.com> No, I did not mean I can find the spares of a well constructed key. And yes, the best key has at least one spare. What I meant was, if I were the NSA and wrote the keygen for a crypto system I could guarantee that each key would have a huge number of spares. Enough, that if I were the NSA I could find them. How to generate a weak RSA key: Start with a prime R S=R*2 L1 If S+1 is prime then P=S+1 If S+1 Not prime S=S* next_odd_number (3,5,7,9,11...) Loop to L1 else L2 If S+1 is prime then Q=S+1 If S+1 Not prime S=S* next_odd_number Loop to L2 else N=P*Q #spare keys => 2*R In the example I gave R was 101 p=1+(101*2*3) q=1+(101*2*2*3) spare keys=606 There are many BETTER ways to make a keygen that will produce keys the author can break. RSA has no government trap door, but I, and certainly the NSA can write a keygen that makes trap-doored keys. Ones YOU can't break, but I can, knowing my secret. My example was a put-down of Denning's assurance that skipjack is good. RSA is good, skipjack MAY be good. Look out for booby trapped keys. From owen at autodesk.com Thu Oct 7 16:49:20 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Thu, 7 Oct 93 16:49:20 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310072339.AA12738@lux.YP.acad> > From: pierre at shell.portal.com (Pierre Uszynski) > From: owen at autodesk.com (D. Owen Rowley) > There is another level of *menace* which I suppose many of you are unaware > > I mean people who exploit insecure sites and networking skill to forge > > mail and articles as part of a concerted and ongoing campaign of > ????????????????????? > > harrasement. > > Stuff that has resulted in very serious consequences. > ????????????????????????? > > Theres no need to go into detail here about the array of tactics and > > the widening scope of the phenomenon, but I think it needs to be looked > > at as an example of how and why systems are abused. > > On the contrary, let's hear the details. There are three personas in particular, who stand out in the crowd, they are: The Dark Knight Obvious psuedonym, claims that he was disciplined or fired because the nasty queers on soc.motss complained to his management about his honestly stated opinions. during two periods of his unwanted attentions and homophobic ranting there were several serious sendsys bombing incidents. I know of one in which an SGI employee was mail bombed with enough garbage to clog their whole mail system for quite a while. Interuption of net connectivity to a whole company in order to amuse some creep who fancys himself as a fag-bashing super hero, fits my definition of sociopath, and I suspect that if it happened to any of us, filling up our disk real estate, delaying our business as usual, we would consider it a serious situation. I'm not sure how many there were, but during the worst phases, there could be two or three such incidents per day, involving gigabytes of data. RALF, or RLF bizarre and aggresively homophobic, tends to rant about how homos victimised him in some way or another. Claimed to be Church of RALF, has a numerological hangup over his birthdate , pretty much your basic testosterone poisoned megalomaniac. also present and gloating during or around periods of mail bombing. like dark Knight, the home site of the acct changes, or is forged. Dr Artimus Page Phoney acct claiming to have succesfull therapies to turn disgusting homos into natural men like him. Posts long and surreal accounts, projecting his anal fantasys onto the nasty homos and promising to cure them.. uh huh! Claimed that phoney name and acct were to protect him from the roving gangs of hetero-bashers who are out to get him. In another incident from that same period an individual was targetted who did not have a very understanding employer, he was fired as a result. A very serious matter for the guy, who's life got turned upside down because he was the target of these acts. Sendsys messages would be forged, ton_o_byte mail bombings would be forged in the name of other soc.motss regulars, usually those who posted uppity responses to these *honestly stated opinions*. Punitive repostings of months of back traffic Oh.. yes.. there were denials.. but the common factors between all three of these guys and the harrasement showed more than a casual relationship between the appearance of this character and patterns of e-harrasement. There were occasional other minor players who would come around, usually obvious forgerys from accts claiming to have been succesfully cured by the sagely Dr Page, and trying to date the Lesbians in order to help them too. Rarely would more than one be present at a time, they seemed to run in a patterned sequence that has consistently covered the last two years. A good deal of it starts as nuisance stuff, forged addresses, forged cancelations. And you can look at sendsys and mail_bombing as the functional equivelant of ordering pizzas or other deliveries to a third party, but I see it as a pattern borrowed from terrorists, purposeful and repeated , intent to wear down the spirit, and keep their prey on the defensive so recovery doesn't happen. I have no illusion that it takes a rocket scientist to pull off these stunts, nor that given the state of our net, anything can really be done to stop it now. However the real world effect was that the real people of soc.motss were subjected to severe psychological harrasement, of the type that wouldn't be tolerated for a minute in real-space. That we currently have no choice but to tolerate it in cyberspace is not an acceptable prospect. Having experienced the personal cost of this sort of thing on my own psyche, I can tell you that it is maddening while it is going on, and sobering afterwards when you realise how vulnerable you are. There are others of course, actually quite a few who are more than willing to display there ignorance from their real accts. Why I bet some of 'em probably are on this list. lets see.. heres just a partial list of proud defenders of heterosexuality who find it amusing to taunt the queers on soc.motss. Daniel J Karnes, Walter Smith, Gary Lang, Ted Kaldis, Clayton Cramer, and more.. many many more. > > soc.motss and other newsgroups have seen a long list of pseudo-persons > > posting from non existent sites, and yes.. penet has been used to this > > effect. > ok, and anonymous remailers don't change that possibility one way or the > other. I'll go hang out there for a while anyway... I understand that, and for that matter I feel strongly enough about wanting my own freedom that I'll join you. > > I think that the design of privacy systems needs to take these > > dark-side issues seriously and do their best to minimise the potential > > for abuse. > Sure, but consider that extremist systems will exist nonetheless. oh .. of course, I'm only arguing for diligence and design criterea that will buy us optimum freedom, and minimise opportunity for abuse. > > Perhaps a *zoning* concept is needed, in such that transactions would > > have qualifying conditions - or in such that *zones* exist as data-space > > with authentication qualifications for *entry* or transaction. > Who qualifies whom, based on what info, and to eliminate whom? Well.. I suppose that in the case of commerce, the vendor will, and that market forces will ultimately detrmine the succesful strategys. Think of it in terms of reliability, and trustiness. Accountability optimises both, anonymity diminishes both - in fact can potentially dispense with accountability. when your transaction involves value don't you want reliability and accountability? I do. If providing my identity as collateral for reliability is required in some transactions, I think thats reasonable to offer as an option. I tend to think of cyberspace in terms of the UnReal Estate business. If I have some data space, then I think I should be able to determine who gets in and what they do there. regarding common data-space and whether there should be rules and accountability, would you move yourself or your family to a neighborhood where you couldn't determine who gets into your place or hold them accountable for what they do there? Perhaps you have a higher opinion regarding the negative aspects of human nature than I. LUX ./. owen From chrome at jhunix.hcf.jhu.edu Thu Oct 7 17:25:35 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Thu, 7 Oct 93 17:25:35 PDT Subject: Digital Cash Primer (fwd) Message-ID: ---------- Forwarded message ---------- Date: Wed, 6 Oct 1993 21:34:37 -0400 From: DON_HENSON at delphi.com To: cypherpunks at toad.com Subject: Digital Cash Primer Shari Steele writes: -> Hey 'punks. Anyone know of an elementary primer on digital cash? I'm trying to get up to speed on this. <-- I would like an elementary primer also. How about posting the info to the list vice just to Shari. Thanks, Don Henson PGP key avail on server or on request <-- could i also get some beginning info on this subject as well? thanks in advance, alex reynolds From trebor at foretune.co.jp Thu Oct 7 17:59:20 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Thu, 7 Oct 93 17:59:20 PDT Subject: The death of the list as we know it (tm) Message-ID: <9310080056.AA27566@dink.foretune.co.jp> I've only been monitoring the list for a couple of days, but already it is clear to me that the traffic is _way_ too high to manage as a mailing list. Apart from the volume, the very structure of Email tends to dis-associate message from reply, and make it difficult to do any filtering before reading (one of the great joys of using _nn_ IMHO). A humble suggestion: someone undertake to create alt.cyperpunks and shadow the newsgroup and the mailing list (so that posts to one also go to the other). In my case this would cut my reading time in half and increase my "harvest" by a factor of two. The mailing list would still be available for those who cannot get the group. In addition, as the number of people getting the mailing list would decrease, it would probably delay the death of the net by bandwidth overload for a few hours (currently, it is scheduled for sometime in June 1997, last time I checked). Also, even an unmoderated alt group can be made moderated (and thus, filter out most of the forgery, etc) by appropriate use of technology described in this mailing list. +---------------------------------------------------------------------------+ | Robert J. Woodhead, Biar Games / AnimEigo, Incs. trebor at forEtune.co.jp | | AnimEigo US Office Email (for general questions): 72447.37 at compuserve.com | From jamie at netcom.com Thu Oct 7 18:19:21 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Thu, 7 Oct 93 18:19:21 PDT Subject: Newbie reading: Bamberg Message-ID: <9310080117.AA03461@netcom.netcom.com> Newbie cypheroids and cypherettes, Tim May has pointed to _The Puzzle Palace_ by Bamberg several times here and on the Extropians list. If like me you're a newbie, it's a quick, excellent read. Don't miss it. It'll give context for the quote, "gentlemen don't read each other's mail." -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From tcmay at netcom.com Thu Oct 7 18:59:19 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 7 Oct 93 18:59:19 PDT Subject: Bamford's "The Puzzle Palace" In-Reply-To: <9310080117.AA03461@netcom.netcom.com> Message-ID: <9310080159.AA21187@netcom5.netcom.com> > Newbie cypheroids and cypherettes, > > Tim May has pointed to _The Puzzle Palace_ by Bamberg several times here ^^^^^^^ > and on the Extropians list. If like me you're a newbie, it's a quick, > excellent read. Don't miss it. It'll give context for the quote, "gentlemen > don't read each other's mail." "My name is Bamford, _James_ Bamford." Bamford's "The Puzzle Palace" is a bit dry in places, but is very well-researched. I first read it in hardback in 1982 and the stuff about intercepts of commercial intelligence (stock trades, corporate secrets, etc.) got me to thinking about how the NSA may be _using_ the fruits of its corporate intercepts. This motivated the plot of the novel I've been working on, and my interest in the "BlackNet" aspects of crypto, so I can honestly say Bamford's book changed my life. He also describes in previously-nonpublicized detail the "Harvest" and "Lodestone" systems installed at NSA headquarters at Fort Meade around 1963. Our own Norm Hardy was involved in this and will be describing his "Harvest" experiences at this Saturday's Cypherpunks meeting. See (some of) you there! --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From mccoy at ccwf.cc.utexas.edu Thu Oct 7 19:25:35 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Thu, 7 Oct 93 19:25:35 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310080056.AA27566@dink.foretune.co.jp> Message-ID: <199310080225.AA19451@minnie.cc.utexas.edu> trebor at foretune.co.jp (Robert J Woodhead) writes: > I've only been monitoring the list for a couple of days, but already it > is clear to me that the traffic is _way_ too high to manage as a mailing > list. It has been worse, it will get better. This list goes through phases where the discussion ranges from the good technical to the annoying op-ed that it has been recently. If it is way too high for you might I suggest you try getting better software on your side to manage the traffic. > A humble suggestion: someone undertake to create alt.cyperpunks and > shadow the newsgroup and the mailing list (so that posts to one also go > to the other). Has been proposed and shot down quite frequently. The signal to noise ratio of a newsgroup is much higher than a list. A mailing list has a self-regulating feature in that when the traffic becomes high and the signal low everyone gets annoyed and _people learn to shut up!_ A newsgroup does not have this feature and flamefests and other bullshit has a tendency to feed upon itself until it drowns out everything else. Just take a look at sci.crypt at the moment if you want a quick example. There is a group dedicated to political crypto issues. People still insist on posting info to what should be a technical group even though there is already a talk group for this stuff, and no amount of chastising or reminders will dissuade them. If someone were to do this to the cypherpunks group I would not be surprised if someone just started a new mailing list and limited it to invitation only for those who are interested in the real mission of this group (cypherpunks write code, remember? whining about bbs legal bullshit and other topics just doesn't seem to fit the purpose.) > In my case this would cut my reading time in half and increase my "harvest" > by a factor of two. You can set up an easy filter and gateway so that at your site the list does go to a local newsgroup (some people already do this), but please do not presume to make such a decision for the rest of us. If you want to make it easy for yourself please feel free to do so. There is apparently a lot of software out there for handling this kind of traffic volume that you are just not aware of. > The mailing list would still be available for those who > cannot get the group. Only the traffic would triple with even more bullshit as Sternlight and the like takes notice of our little world. More people would drop from the list as you open the floodgates. > Also, even an unmoderated alt group can be made moderated (and thus, > filter out most of the forgery, etc) by appropriate use of technology > described in this mailing list. It takes someone about 5 seconds to figure out how to get around all of that. One advantage a mailing list gives us is the ability to maintain at least on central point of administration so that if we did select a scheme such as that on the extropians list we still have that option. Once something becomes a newsgroup we lose _all_ control we might have on the list. Do not split the list, do not dip it in the mediocrity of the usenet, get better software and let the system regulate itself; have some patience. jim From ferguson at icm1.icp.net Thu Oct 7 19:39:20 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Thu, 7 Oct 93 19:39:20 PDT Subject: The ungalvanized understanding In-Reply-To: <9310080159.AA21187@netcom5.netcom.com> Message-ID: <9310080339.AA07722@icm1.icp.net> > He also describes in previously-nonpublicized detail the "Harvest" and > "Lodestone" systems installed at NSA headquarters at Fort Meade around > 1963. Our own Norm Hardy was involved in this and will be describing > his "Harvest" experiences at this Saturday's Cypherpunks meeting. > > See (some of) you there! Maybe. ,-) I've wanted to "cut loose" and post a gut-load before this moment, but perhaps it just wasn't appropriate at the time. Now that I've seen all the puking about excessive posts etc., I've got to reiterate why it is that list is important. It is certainly not a community bulletin board for folks to just happen-in and check out what's going on -- the traffic has always been too high for that! I've been here and will remain here through the mail-bombs (remember our friend George?) and implicit/oblivious core dumps that result in 5 mb mail sorties. ,-) I live in an agenda called technology. Tim understands the implications on the development of governments, cultures and history. I can only hope that theose of you that tag along understand the extreme importance that goes hand in hand, mano a mano. Peter Honeyman, John Draper, John Gilmore, Eric Hughes, and the list of luminaries (no pun intended) that DO hang on should clue you folks on the situation. We're here. We're shifting -- forever, to secure our foundation in cypherspace. Where we were two or six or twelve months ago is no longer sufficient. We move into positions which galvanize our foothold and grip on the platforms which propel us. >From pauper to pawn. From knight to provocatuer. The keepers of the keep. ,-) From ferguson at icm1.icp.net Thu Oct 7 19:49:22 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Thu, 7 Oct 93 19:49:22 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <199310080225.AA19451@minnie.cc.utexas.edu> Message-ID: <9310080349.AA07778@icm1.icp.net> > Do not split the list, do not dip it in the mediocrity of the usenet, get > better software and let the system regulate itself; have some patience. > I strongly agree with Jim -- if you don't like the surf, get the fuck out of the water. Sorry. From jamie at netcom.com Thu Oct 7 19:50:36 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Thu, 7 Oct 93 19:50:36 PDT Subject: Bamford's "The Puzzle Palace" Message-ID: <9310080248.AA13480@netcom.netcom.com> >> Newbie cypheroids and cypherettes, >> >> Tim May has pointed to _The Puzzle Palace_ by Bamberg several times here > ^^^^^^^ >> and on the Extropians list. If like me you're a newbie, it's a quick, >> excellent read. Don't miss it. It'll give context for the quote, "gentlemen >> don't read each other's mail." > >"My name is Bamford, _James_ Bamford." > ooops, Tim's right. I was listening to David Bromberg (urg?) while writing that post and it slipped out. Thanks, Tim. -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From pmetzger at lehman.com Thu Oct 7 21:05:37 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 7 Oct 93 21:05:37 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310080056.AA27566@dink.foretune.co.jp> Message-ID: <9310080359.AA25676@snark.lehman.com> Robert J Woodhead says: > > I've only been monitoring the list for a couple of days, but already > it is clear to me that the traffic is _way_ too high to manage as a > mailing list. All the excess traffic is metatraffic about how bad the traffic is. Quit talking about the excess traffic and the problem will end. Perry Who gets 300-500 email messages a day and still gets his work done, and who doesn't complain lightly about volume. From frissell at panix.com Thu Oct 7 21:20:37 1993 From: frissell at panix.com (Duncan Frissell) Date: Thu, 7 Oct 93 21:20:37 PDT Subject: FIDONet Mail filterin Message-ID: <199310080419.AA02439@panix.com> J >So how do I prevent what happened to SJG, killer, etc from happening J >to me? How do I prevent the LE types from showing up one day and J >saying 'hey, did you know there's a meg of kiddie porn on your J >machine and we're taking it all away'? As soon as you get the 10mbps line into the home (next year for you Continental cable customers), mirror your machine with another located overseas (or just run the machine overseas). Duncan Frissell --- WinQwk 2.0b#0 From mech at eff.org Thu Oct 7 21:45:38 1993 From: mech at eff.org (Stanton McCandlish) Date: Thu, 7 Oct 93 21:45:38 PDT Subject: on the cypherpunks mailing list & me In-Reply-To: <9310070742.AA18491@longs.lance.colostate.edu> Message-ID: <199310080441.AA26373@eff.org> Hmmm well to make a short reply to a long post: 1) your reposts are useful 2) splitting the list likely won't work, but yes something must be done. alt.cypherpunk is probably the answer. Most of the "junk posters" would much rather get this stuff on a flee-able newsgroup, than have it inescapably dumped in their mbox. 3) your analyses are useful, either negatively or positively, depending upon the reader's position, but they are not out of place, though some times a wee bit long. Just an opinion. That's about all I have to say on it, though I'm disappointed that you sorely misinterp'ed the "kiddieporn" list posting. EFF just want's to keep people out of jail. We aren't lackeys for the Justice Dept., nor are we in favour of the sexual abuse of children. Either interpretation, by anyone, is simply not warranted. The posting of the list is simply to serve as a means to keep a few more people out of trouble for the time being, and so far the response is overwhelmingly positive. -- DISCLAIMER: This message represents only my OWN opinion, not that of EFF. Stanton McCandlish Electronic Frontier Foundation Online Activist mech at eff.org NitV-DataCenter BBS SysOp Fido: IndraNet: 369:111/1 From mech at eff.org Thu Oct 7 22:45:37 1993 From: mech at eff.org (Stanton McCandlish) Date: Thu, 7 Oct 93 22:45:37 PDT Subject: that internet security scanner Message-ID: <199310080541.AA26696@eff.org> anyone actually seen that thing? (to refresh: CERT posted some warning about a security scanner for Internet systems that might be the evil work of themthere hackers so you just better delete it, etc etc.) -- DISCLAIMER: This message represents only my OWN opinion, not that of EFF. Stanton McCandlish Electronic Frontier Foundation Online Activist mech at eff.org NitV-DataCenter BBS SysOp Fido: IndraNet: 369:111/1 From mech at eff.org Thu Oct 7 22:55:48 1993 From: mech at eff.org (Stanton McCandlish) Date: Thu, 7 Oct 93 22:55:48 PDT Subject: on the cypherpunks mailing list & me In-Reply-To: <199310080441.AA26373@eff.org> Message-ID: <199310080555.AA26780@eff.org> > 2) splitting the list likely won't work, but yes something must be done. > alt.cypherpunk is probably the answer. Most of the "junk posters" would > much rather get this stuff on a flee-able newsgroup, than have it > inescapably dumped in their mbox. I'd better clarify that. I think a CP newsgroup that is NOT gated to the list would be beneficial. Making this list into a NG would of course be a nasty nasty mess. -- DISCLAIMER: This message represents only my OWN opinion, not that of EFF. Stanton McCandlish Electronic Frontier Foundation Online Activist mech at eff.org NitV-DataCenter BBS SysOp Fido: IndraNet: 369:111/1 From doug at netcom.com Thu Oct 7 23:09:22 1993 From: doug at netcom.com (Doug Merritt) Date: Thu, 7 Oct 93 23:09:22 PDT Subject: that internet security scanner In-Reply-To: Message-ID: <9310080607.AA26069@netcom5.netcom.com> Stanton McCandlish said: >anyone actually seen that thing? (to refresh: CERT posted some warning >about a security scanner for Internet systems that might be the evil work >of themthere hackers so you just better delete it, etc etc.) (A) The "evil" in question was posted to comp.sources.misc (or some other similarly obvious group). (B) The advisory was about as neutral as such a thing can be. Further comment fails me. Doug From khijol!erc Fri Oct 8 01:49:21 1993 From: khijol!erc (Ed Carp) Date: Fri, 8 Oct 93 01:49:21 PDT Subject: that internet security scanner In-Reply-To: <9310080607.AA26069@netcom5.netcom.com> Message-ID: > Stanton McCandlish said: > >anyone actually seen that thing? (to refresh: CERT posted some warning > >about a security scanner for Internet systems that might be the evil work > >of themthere hackers so you just better delete it, etc etc.) > > (A) The "evil" in question was posted to comp.sources.misc (or some other > similarly obvious group). (B) The advisory was about as neutral as such > a thing can be. It was, indeed. If anyone wants a copy, they can email me. It's 19K, gzipped and uuencoded. -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From russell at eternity.demon.co.uk Fri Oct 8 02:25:40 1993 From: russell at eternity.demon.co.uk (Russell Earl Whitaker) Date: Fri, 8 Oct 93 02:25:40 PDT Subject: MEETING: UK Cryptoprivacy Association Message-ID: <18411@eternity.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- UK Cryptoprivacy Association meeting Date: Sunday, 31 October 1993 Time: 1430 At the offices of: FOREST 4th floor 2 Grosvenor Gardens London SW1W 0DH [ FOREST is located at the corner of Grosvenor Gardens and Hobart Place, a couple of blocks west of Victoria Station. There is a taxi shelter across the street from the office. Those who have trouble finding this location can page Russell Whitaker on 081-812-2661, and stand by the payphone or cellphone for a callback. ] The UK Cryptoprivacy Association has its roots in the U.S. cypherpunk advocacy of strong personal cryptography. The next UKCA meeting, to be held at the offices of FOREST (see the above), will feature roundtable discussion on such issues as: - The recent well-publicised discovery of a larger number of U.S. National Security Agency (NSA) electronic listening posts than had been previously suspected; - Further news on the spread of freely-available public key cryptography software in Eastern Europe, Russia, and the Transcaucasian states; - The status of the various UK and Moscow PGP public key servers and software archive sites, with input from a couple of maintainers of these services in the UK; - The implications of the legal controversy surrounding the development and distribution of PGP encryption software in the U.S., with further discussion on the possibility of volunteer contributions to Phil Zimmermann's legal defence fund; - Introduction to public key cryptography for novices Attendees are encouraged to bring and exchange diskettes with their PGP public keys. A few of us will bring along our MS-DOS laptops, to sign public keys on site. In the interest of speeding things along, it is recommended that all keys signed at the meeting be submitted later, with their newly appended signatures, to the PGP Key Server at Demon Internet Services. Send a message with the subject line "help" to pgp-public-keys at demon.co.uk, for more information. PGP (Phil Zimmermann's "Pretty Good Privacy") public key encryption software can be obtained by ftp from, among other places, ftp.demon.co.uk in the directory /pub/pgp. Versions include, but are not limited to, Unix, MS-DOS, Archimedes, and MacOS. Full source code is available. This meeting will also feature discussion on the upcoming First European Conference on Computers, Freedom and Privacy (ECFP '93) to be held on 20 November 1993, which will feature speakers including John Gilmore, David Chaum, and Duncan Frissell, as well as a representative of the UK's Data Protection Registry. Russell Earl Whitaker ECFP Ventures Ltd -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLLTAC4Tj7/vxxWtPAQGxdQP9G7uFHCcLJeSTTOBKYFBck2PpVk/jvWyM bxRg0stdjuWpHkIIZHAq4koh9BfUo46N3WOIG95SlfuRLVxzm3WmvKV7PJKhyfdh pFoYIwB2UcAknLPJva5eFBpi1VdDAMqv9G7qQfkoJQGXNAOlmh9GKhZkeLIeqVwv qfb7Q2SjLaI= =4OyJ -----END PGP SIGNATURE----- Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) Co-organizer, 1st European Conference on Computers, Freedom and Privacy, London, 20 November 1993 From remail at tamsun.tamu.edu Fri Oct 8 02:45:40 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Fri, 8 Oct 93 02:45:40 PDT Subject: Internet Security Scanner, description Message-ID: <9310080944.AA07038@tamsun.tamu.edu> Just in case you think your machine on the Internet is secure enough for remailers, storing private files, etc. here's the author's description from the source code shell archive as posted to comp.sources.misc. It would be a big confidence booster if remailer sites demonstrate that they have passed ISS and other Internet security tests. ---------------------- Internet Security Scanner (ISS) is one of the first multi-level security scanners available to the public. It was designed to be flexible and easily portable to many unix platforms and do its job in a reasonable amount of time. It provides information to the administrator that will fix obvious security misconfigurations. ISS does a multi-level scan of security, not just searching for one weakness in the system. To provide this to the public or at least to the security conscious crowd may cause people to think that it is too dangerous for the public, but many of the (cr/h)ackers are already aware of these security holes and know how to exploit them. These security holes are not deep in some OS routines, but standard misconfigurations that many domains on Internet tend to show. Many of these holes are warned about in CERT and CIAC advisories. This is the first release of ISS and there is still much room for improvement. ISS is a project that I started as I became interested in security. As I heard about (cr/h)ackers breaking into NASA and universities around the world, I wanted to find out the deep secrets of security and how these people were able to gain access to expensive machines that I would think were secure. I searched Internet for relative information, such as Phrack and CERT advisories. Most information was vague and did not explain how intruders were able to gain access to most systems. At most the information told administrators to make password security tighter and to apply the vendor's security patches. They lacked real information on how an intruder would look at a site to try to gain access. Having talked with security experts and reading CERT advisories, I started trying to look for various security holes within my domain. To my surprise, I noticed that many of machines were adequately secured, but within a domain there remained enough machines with obvious holes that anyone wanted into any machine could attack the weak 'trusted' machine and from there could gain access to the rest of the domain. From this project, I have not learned any new deep secret to cracking systems, but with the right tools that most domains on Internet are insecure. These holes will not be a surprise to any advanced intruder, but with this tool administrators will be able to quickly search for obvious holes and prepare to fix them. From blaster at rd.relcom.msk.su Fri Oct 8 03:29:22 1993 From: blaster at rd.relcom.msk.su (Victor A. Borisov) Date: Fri, 8 Oct 93 03:29:22 PDT Subject: Can I conect to cypherpunks list? Message-ID: Hello! I want to conect to cypherpunks mailing list. What I must made for conect to this list? Do you welcame people from Russia? Thank you in advance. PS. Sorry for my poor English. --- Victor A. Borisov aka blaster; Relcom R&D; Email: blaster at rd.relcom.msk.su; Phone: +7(095)-943-4735; +7(095)-198-9510; === Don`t panic! === From frissell at panix.com Fri Oct 8 03:49:23 1993 From: frissell at panix.com (Duncan Frissell) Date: Fri, 8 Oct 93 03:49:23 PDT Subject: FIDONet Mail filterin Message-ID: <199310081047.AA24879@panix.com> J >So how do I prevent what happened to SJG, killer, etc from happening J >to me? How do I prevent the LE types from showing up one day and J >saying 'hey, did you know there's a meg of kiddie porn on your J >machine and we're taking it all away'? As soon as you get the 10mbps line into the home (next year for you Continental cable customers), mirror your machine with another located overseas (or just run the machine overseas). Duncan Frissell --- WinQwk 2.0b#0 From smb at research.att.com Fri Oct 8 04:59:24 1993 From: smb at research.att.com (smb at research.att.com) Date: Fri, 8 Oct 93 04:59:24 PDT Subject: that internet security scanner Message-ID: <9310081157.AA25996@toad.com> anyone actually seen that thing? (to refresh: CERT posted some warning about a security scanner for Internet systems that might be the evil work of themthere hackers so you just better delete it, etc etc.) CERT isn't that stupid. What they said was that ISS has been posted, and that it was likely that some folks would try to use it to break into various systems. Do you disagree with that statement? They also said that you should consider running it yourself, so that you can close the holes first. They even gave the pointer to the directory on UUNET where it's stored. What good would it possibly do to delete it on your own machine, when many thousands of other machines around the world have copies? Again -- CERT isn't stupid. --Steve Bellovin From mech at eff.org Fri Oct 8 06:29:23 1993 From: mech at eff.org (Stanton McCandlish) Date: Fri, 8 Oct 93 06:29:23 PDT Subject: that internet security scanner In-Reply-To: <9310081256.AA07636@illuminati.IO.COM> Message-ID: <199310081328.AA29733@eff.org> Well, seems some folks took exception to my remarks about the CERT post. I was simply kidding, and have no problem with CERT warning SysAdmins about possible hazards. I thought it might be humourous to sound mock-alarmist, in response to some shouting and nay-saying over EFF warning SysOps about possible hazards. -- DISCLAIMER: This message represents only my OWN opinion, not that of EFF. Stanton McCandlish Electronic Frontier Foundation Online Activist mech at eff.org NitV-DataCenter BBS SysOp Fido: IndraNet: 369:111/1 From pmetzger at lehman.com Fri Oct 8 07:25:42 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 8 Oct 93 07:25:42 PDT Subject: FIDONet Mail filterin In-Reply-To: <199310080419.AA02439@panix.com> Message-ID: <9310081425.AA01087@snark.lehman.com> Duncan Frissell says: > J >So how do I prevent what happened to SJG, killer, etc from happening > J >to me? How do I prevent the LE types from showing up one day and > J >saying 'hey, did you know there's a meg of kiddie porn on your > J >machine and we're taking it all away'? > > As soon as you get the 10mbps line into the home (next year for you > Continental cable customers), mirror your machine with another located > overseas (or just run the machine overseas). I think this is a bit extreme. In any case, from what I can tell, none of the incidents the original poster mentions involved any illegal activity, and none of them involved email on a system. Everyone was aquitted or no charges were brought. So, obviously there was nothing they could have done to prevent them. Any time you do anything in an only semi-free country like the U.S. you risk having the storm troopers break down your door, regardless of what sort of anything that might be. You might be arrested tomorrow because you share the same name as a drug dealer. You might be killed like the heir to the Scott fortune was because the state wishes to sieze your property. Who knows what could happen to you. The point is, however, that there is very little you can do, other than following the law, to stop unlawful arrests, so why not just relax and quit worrying about things you have no control over? Censoring your users mail will not lower your risk, so why do it? Perry From rmccoy at rock.concert.net Fri Oct 8 07:45:42 1993 From: rmccoy at rock.concert.net (Ron McCoy - Yale Security) Date: Fri, 8 Oct 93 07:45:42 PDT Subject: Phone Privacy Message-ID: <9310081444.AA00136@rock.concert.net> There was mention on this list, some time ago, of a 1-900 number which could be used to ensure non-tracibility. Does anyone have this number? Thanks, Rmccoy at rock.concert.net From honey at citi.umich.edu Fri Oct 8 07:55:42 1993 From: honey at citi.umich.edu (peter honeyman) Date: Fri, 8 Oct 93 07:55:42 PDT Subject: second order homophonic substitution Message-ID: <9310081453.AA27788@toad.com> a faq on this list (and other places) is whether it is possible to encipher a message in such a way that the resulting ciphertext can be deciphered into a different (harmless?) message. i mentioned on sci.crypt that a second-order homphonic substitution does just this, but it seems to have been missed by the cpunx readership. so, just to prove that i can read denning and still type, here is a brief explanation. (not brief enuf, sorry.) a homophonic substitution maps letters from the plaintext alphabet into sets of letters from the ciphertext alphabet. to encipher, you pick an arbitrary letter from the image of each plaintext letter. usually the intent is to disguise single letter frequency statistics. it's still not very strong, since it doesn't disguise digram or trigram statistics. (also, it seems to me that it would be vulnerable to the same sort of attack used on running key ciphers.) need an example? see denning, p. 70. to build a second order homophonic substitution cipher, you construct an n by n table, where n is the size of the plaintext alphabet. (say n = 26). initialize each entry in the table by a unique element from the ciphertext alphabet. (say, the integers from 0 to 26 * 26, permuted arbitrarily.) this table constitutes the key. to encipher a message, select a "dummy" message (say the itar regs). to encipher the i-th plaintext letter, say p sub i, grab the i-th dummy letter, say d sub i, and output table[d sub i, p sub i]. to decipher, find the ciphertext letter (or number, in this case) in the table at row i and column j. to recover the actual message, output the j-th plaintext alphabet letter. to recover the dummy message, output the i-th plaintext alphabet letter. i.e., the rows give the dummy message, while the columns give the actual message. simple stuff. here's an example. table: D E G I N O S T U D 01 02 03 04 05 06 07 08 09 E 10 11 12 13 14 15 16 17 18 G 19 20 21 22 23 24 25 26 27 I 28 29 30 31 32 33 34 35 36 N 37 38 39 40 41 42 43 44 45 O 46 47 48 49 50 51 52 53 54 S 55 56 57 58 58 60 61 62 63 T 64 65 66 67 68 69 70 71 72 U 73 74 75 76 77 78 79 80 81 here is some ciphertext: 64 11 05 32 49 77 57. it's clear how to extend this to n-th order. peter From pcw at access.digex.net Fri Oct 8 08:41:07 1993 From: pcw at access.digex.net (Peter Wayner) Date: Fri, 8 Oct 93 08:41:07 PDT Subject: second order homophonic substitution Message-ID: <199310081540.AA22858@access.digex.net> Another way of thinking about this is: Compress with one Huffman compression scheme based on the message text then Decompress with the Huffman scheme based on the desired statistics. From khijol!erc Fri Oct 8 10:09:23 1993 From: khijol!erc (Ed Carp) Date: Fri, 8 Oct 93 10:09:23 PDT Subject: that internet security scanner In-Reply-To: <199310081328.AA29733@eff.org> Message-ID: > Well, seems some folks took exception to my remarks about the CERT post. > I was simply kidding, and have no problem with CERT warning SysAdmins > about possible hazards. I thought it might be humourous to sound > mock-alarmist, in response to some shouting and nay-saying over EFF warning > SysOps about possible hazards. Well, it's certainly generated *me* enough email, asking for ISS! :) Hehehe... -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From poc at usb.ve Fri Oct 8 10:11:10 1993 From: poc at usb.ve (Patrick O'Callaghan) Date: Fri, 8 Oct 93 10:11:10 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310080056.AA27566@dink.foretune.co.jp> Message-ID: <9310081719.AA25273@shaddam.usb.ve> In message <9310080056.AA27566 at dink.foretune.co.jp>, Robert J Woodhead writes: > A humble suggestion: someone undertake to create alt.cyperpunks and shadow th > e > newsgroup and the mailing list (so that posts to one also go to the other). > In my case this would cut my reading time in half and increase my "harvest" > by a factor of two. The mailing list would still be available for those who > cannot get the group. I strongly support this idea, so I'll mention a further advantage: kill files! No more wading through boring message about anonymous remailers, digital cash an so on (or RSA weaknesses, or crypto-legality or whatever your personal bug happens to be). Patrick O'Callaghan Internet: poc at usb.ve Departamento de Computacion NICNAME: PO22 Universidad Simon Bolivar Tel: +058 (2) 906 3242, 906 3254 Sartenejas, Baruta, Edo. Miranda FAX: +058 (2) 93 71 28 Caracas, Venezuela "Just messing about in quotes" From hiscdcj at lux.latrobe.edu.au Fri Oct 8 10:19:23 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Fri, 8 Oct 93 10:19:23 PDT Subject: distributed autonomous networks Message-ID: <9310081716.AA13288@lux.latrobe.edu.au> Hi guys, well, after reading through the backlog of spread spectrum stuff, I was surprised to read about the radio-network-on-a-board (Julieboard) article that someone posted. A couple of us here in Australia have been kicking around the idea of a cheap network, running via repeaters in _very_ small boxes tossed all around a city, which would be indestructible through sheer numbers (a la the arpanet). So: anyone got any ideas, schematics, information? The main idea is a huge number of small, low-power and CHEAP nodes which would handle through traffic which anyone with a radio modem could tap into, with the nodes disguised and placed in extremely hard to get to places (tops of telephone poles, buildings, on bridges and overpasses, etc). This would mean that it would cost an awful lot of money to remove each of these things, IF they could be found. Possible power sources: batteries (but they need to be changed) solar power (Australia leads the world in solar power technology, and I know people who know people). Near Field Interaction and EMF pickups (stick 'em near high-frequency power transmission lines). Something that convert heat to electrical energy or combinations of all of the above. The idea being that we would have an untraceable, unbreakable network. Sure, you may have an address (perhaps we could set it up as a FQDN domain?), but that address would not correspond to any actual physical location. And, it would be free, aside from the cost of the equipment. No more phone calls to pay for! I have no idea how this could be done across interstate or international distances, but I'm sure people might have ideas. Bounce signals off satellites (are those big shiny things from the 50's still about?); send stuff encrypted via the internet, etc etc. This could well mean that we would have a truly private network, with strong encryption and no centralised source of transmission (I mean, most of the internet traffic into and from Australia goes via a single link, so far as I know). Comments? Dwayne From honey at citi.umich.edu Fri Oct 8 10:35:44 1993 From: honey at citi.umich.edu (peter honeyman) Date: Fri, 8 Oct 93 10:35:44 PDT Subject: Digital Cash Primer Message-ID: <9310081731.AA29536@toad.com> > Likewise, the Simmons books on "Contemporary Crytology" has good stuff > on digital money no it doesn't. (or am i blind?) peter From jrk at sys.uea.ac.uk Fri Oct 8 10:45:44 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Fri, 8 Oct 93 10:45:44 PDT Subject: MacPGP 2.3 source Message-ID: <7468.9310081744@s5.sys.uea.ac.uk> Apparently there's a basic incompatibility between ftp and the auto-backup program which runs every now and then on my Mac, which brings everything to a halt if anyone connects to ftp while the backup is being done, so I'll have to remove the MacPGP source from the ftp area on my Mac. But I'd only promised to keep it there until this morning anyway. However, the sysadmins happen to have just set up a properly supported anon ftp area, so I've put the stuff there instead, where it can probably remain indefinitely. The site to ftp to is ftp.sys.uea.ac.uk, and the files are in the directory ftp/Macintosh. (Ignore the .finderinfo and .resource subdirectories -- it's an AppleShare thing, your computer wouldn't understand, at least not over the Internet.) -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From tcmay at netcom.com Fri Oct 8 10:45:53 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 8 Oct 93 10:45:53 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310081719.AA25273@shaddam.usb.ve> Message-ID: <9310081743.AA28221@netcom5.netcom.com> Patrick O'Callaghan writes: > I strongly support this idea, so I'll mention a further advantage: > kill files! No more wading through boring message about anonymous > remailers, digital cash an so on (or RSA weaknesses, or > crypto-legality or whatever your personal bug happens to be). Well, my mailer program (Eudora) has better "kill file" capabilities than my newsreader program (tin), so converting the mailing list into a newsgroup would be a lose for me. Not that what's convenient for me is what we have to use, just that _your_ particular situation is not universal. My point is this: there are many sound reasons to keep a group such as ours a mailing list and not open it to every freshman in college who can grep for "punk" and stumble across us, or for every Sternlight-type bozo who delights in creating noise and rancor in groups. As others have mentioned, tools exist to locally feed mailing list traffic into pseuodo-newsgroups, which can then be treated as the newsgroup format some folks desire. We debate this issue every couple of months. Give it up. Or start your own newsgroup. Or use one of the existing newsgroups. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From wcs at anchor.ho.att.com Fri Oct 8 10:55:45 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Fri, 8 Oct 93 10:55:45 PDT Subject: FIDONet Mail filterin Message-ID: <9310081753.AA07684@anchor.ho.att.com> > > J >So how do I prevent what happened to SJG, killer, etc from happening > > J >to me? How do I prevent the LE types from showing up one day and > > J >saying 'hey, did you know there's a meg of kiddie porn on your > > J >machine and we're taking it all away'? Well, keeping things encrypted helps, especially backup disks - one site was being generally harassed and may be convicted because of possible child pornography that the sysop had deleted but was still on backup floppies in his re-use bin. (Police got a 15-year-old kid to log in for them and find some adult material, but dropped that attempt probably because it would have been thrown out as entrapment; the child-porn gave them a much nastier charge to use to steal the computer.) Perry> Censoring your users mail will not lower your risk, so why do it? On the other hand, making sure your users *have* email on the system, especially mail in transit to other systems, is good protection, since the ECPA limits what they can do with it. From mbl at ml7694a.leonard.american.edu Fri Oct 8 11:09:23 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Fri, 8 Oct 93 11:09:23 PDT Subject: The death of the list as we know it (tm) Message-ID: <9310081807.AA00251@toad.com> >I strongly support this idea, so I'll mention a further advantage: >kill files! No more wading through boring message about anonymous >remailers, digital cash an so on (or RSA weaknesses, or >crypto-legality or whatever your personal bug happens to be). I really think that the powers that be should consider the newsgroup idea. The reasoning above is really the best justification, even though I'd personally kill the code and concentrate on the politics, that's just me. Newsreaders really have much better tools for handling this sort of traffic. (Back when my account was on msen.com, the absolute _only_ way I could possibly read this list was through the gateway to list.cypherpunks. My mailbox couldn't handle a subscription, and I was able to concentrate my time on the _good_ stuff instead of the noise.) To the people who say that Usenet has a worse s/n ratio than mail, I have two points. First, not all of Usenet has a bad s/n ratio (and this particular list _does_ have a _very_ bad s/n ratio). Second, the traditionally lower s/n ratio on Usenet has led to the development of better tools to deal with it than are available in mail. (I'd dearly love to see an ignore feature on this list, as I understand that the Extropians have, but I realize that's unrealistic. Even that wouldn't be as effective as a well-designed killfile.) I really think this idea deserves at least serious consideration. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From cme at ellisun.sw.stratus.com Fri Oct 8 11:16:09 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 8 Oct 93 11:16:09 PDT Subject: academician seeks critique of cryptographic paper Message-ID: <9310081815.AA26257@ellisun.sw.stratus.com> >Message-Id: <9310070630.AA17189 at longs.lance.colostate.edu> >Subject: academician seeks critique of cryptographic paper >Date: Thu, 07 Oct 93 00:30:51 -0600 Richard, This reminds me of what I had to go through to get approved to get married in the Roman Catholic Church. I ended up having to say, for the record, "I have no intention of using mechanical methods of birth control" (pre-safe-sex days) when what they wanted was for me to say I would avoid all birth control. I'm now ashamed I stooped to that non-confrontive statement (especially since the marriage didn't last :-). I should have said, "No, I don't accept your view of birth control and have every intention of using it." At least I did say that my fiancee was on the pill and we intended to continue using it. I would be happy to review your paper and to suggest others who might be good reviewers. Furthermore, I have no intention of violating the export laws (even though I disagree with them and work very hard to change them). However, I do not grant the NSA the power to control the publication of theoretical information. I have published papers on cryptology in the international press, without offering the NSA the chance to review what I write ahead of time, and I intend to continue doing so. They have their internal publications, no doubt, and we have our public ones. I don't tell them what to publish internally and I will not allow them to tell me what I can publish out here in the public. That is my policy, for my own writing. If you send me your paper to review, I will not disseminate it. That's a matter of respecting your wishes -- not the NSA's. My acceptance of your paper will not constitute any agreement on my part to give the NSA control over publications of ideas. - Carl - <> - Carl Ellison cme at sw.stratus.com - Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783 - 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488 -----BEGIN RIPEM PUBLIC KEY----- User: cme at ellisun.sw.stratus.com PublicKeyInfo: MIGbMAoGBFUIAQECAgP+A4GMADCBiAKBgCl79/jl0DEVl1GQzOHlzjDmChDDxnWO Acd7jShj2x1vclFh6vbHx9IJqkQdwNhNAWf8XnTrqBDN+VSBc1qdT6nSEAbNPxHD XcvY2DudhuRaRBVLgUQ4scTK657m90Q+bTL5yIh2MaFipUw9BgbIXPTDlksSskWP 9oHjo+pCJC+lAgMBAAE= MD5OfPublicKey: 39D9860686A9F075A9A83D49589C677A -----END RIPEM PUBLIC KEY----- From lear at cp10.es.xerox.com Fri Oct 8 11:25:45 1993 From: lear at cp10.es.xerox.com (Russell Lear) Date: Fri, 8 Oct 93 11:25:45 PDT Subject: Newbie question on PGP Message-ID: <9310081821.AA08878@kingtut.cp10.es.xerox.com> I had heard about PGP and have been meaning to get and use it Real Soon Now for a few weeks. When I heard it was an endangered species, I started looking around seriously. Haven't found it yet, but I did find cypherpunks (I'm not sure if this is a blessing or a curse, but it is entertaining). Anyway, can someone point me to an ftp site that still stocks PGP? I'm running SunOS4.1.1 if that matters. Thanks, Russell. From accom!erc%accom at uunet.UU.NET Fri Oct 8 11:39:23 1993 From: accom!erc%accom at uunet.UU.NET (Ed Carp) Date: Fri, 8 Oct 93 11:39:23 PDT Subject: iss source Message-ID: <9310081831.AA08119@accom.accom.com> I've been rather swamped by folks asking for the ISS source code, so would anyone mind if I posted it here? It's only 19K tarred, gziped, and uuencoded... -- Ed From julf at penet.fi Fri Oct 8 11:45:45 1993 From: julf at penet.fi (Johan Helsingius) Date: Fri, 8 Oct 93 11:45:45 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310081807.AA00251@toad.com> Message-ID: <199310081838.AA07011@mail.eunet.fi> > To the people who say that Usenet has a worse s/n ratio than mail, I > have two points. First, not all of Usenet has a bad s/n ratio (and this > particular list _does_ have a _very_ bad s/n ratio). Second, the traditionally > lower s/n ratio on Usenet has led to the development of better tools to deal > with it than are available in mail. (I'd dearly love to see an ignore feature > on this list, as I understand that the Extropians have, but I realize that's > unrealistic. Even that wouldn't be as effective as a well-designed killfile.) My mh gives me all the same capabilities as any newsreader. If you want to use a newsreader, do the gatewaying at your own site. If cyperpunks becomes a newsgroup, count on me dropping off. Julf From mccoy at ccwf.cc.utexas.edu Fri Oct 8 12:19:23 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 8 Oct 93 12:19:23 PDT Subject: iss source In-Reply-To: <9310081831.AA08119@accom.accom.com> Message-ID: <199310081916.AA16214@foghorn.cc.utexas.edu> > > I've been rather swamped by folks asking for the ISS source code, so would > anyone mind if I posted it here? It's only 19K tarred, gziped, and > uuencoded... Why don't you just tell all of these people to get it via anonymosu ftp from ftp.uu.net in the /usenet/comp.sources.misc/volume39/iss directory. If they only have access to mail they should find a nice ftp-to-mail gateway to do the job for them. jim From Asbahr at UH.EDU Fri Oct 8 12:20:45 1993 From: Asbahr at UH.EDU (Jason Asbahr) Date: Fri, 8 Oct 93 12:20:45 PDT Subject: distributed autonomous networks In-Reply-To: <9310081716.AA13288@lux.latrobe.edu.au> Message-ID: <199310081918.AA06860@Menudo.UH.EDU> Greets... > well, after reading through the backlog of spread spectrum stuff, I was > surprised to read about the radio-network-on-a-board (Julieboard) article > that someone posted. A couple of us here in Australia have been kicking > around the idea of a cheap network, running via repeaters in _very_ > small boxes tossed all around a city, which would be indestructible through > sheer numbers (a la the arpanet). > So: anyone got any ideas, schematics, information? Haha! That's exactly how I got hyped about the Julieboard -- rummaging in the backlog of the voluminous-but-valuable cpunk posts... My question: Exactly how cheap can we make these things? Mass produced boards, a bag of appropriate components, and a few dozen cpunks working in parallel could work wonders. What about surface mount components? Harder to assemble, and fewer people have the skills, but the resulting box would be very small and more easily concealed. > The main idea is a huge number of small, low-power and CHEAP nodes which > would handle through traffic which anyone with a radio modem could tap into, > with the nodes disguised and placed in extremely hard to get to places (tops > of telephone poles, buildings, on bridges and overpasses, etc). > Possible power sources: batteries (but they need to be changed) > solar power (Australia leads the world in solar power > technology, and I know people who know > people). > Near Field Interaction and EMF pickups (stick 'em > near high-frequency power transmission lines). > Something that convert heat to electrical energy If you are hiding boxes on telco poles, an obvious source of power presents itself. :-) I like the EMF idea! Ideologically and technically interesting... Is it practical? Heat to electricity? hmm... > I have no idea how this could be done across interstate or international > distances, but I'm sure people might have ideas. Bounce signals off > satellites (are those big shiny things from the 50's still about?); send > stuff encrypted via the internet, etc etc. Someone suggested general use of IR laser links, but someone else mentioned that it would be a bitch to operate a decentralized network of IR links. Well, lasers and microwave are probably best suited for mid-range connections betweens clusters of boxes. (Ham radio tinkers with microwave and laser communication experience should probably comment here... ) Since the FCC frowns on encrypted amateur radio, I doubt we could openly use the ham nets or satellites...but how about bit fiddling with slow-scan TV? :-) The list has generated many good ideas on tunneling naughty data in otherwise innocent exchanges... How many people are interested in this idea? Is it time for a radiopunk task force? Does one already exist? :-) Jason Asbahr 116 E. Edgebrook #603 asbahr at uh.edu Houston, Texas 77034 asbahr at tree.egr.uh.edu (NeXTmail) (713) 941-8294 voice asbahr at gothamcity.jsc.nasa.gov UH NeXT Consultant From accom!erc%accom at uunet.UU.NET Fri Oct 8 12:25:45 1993 From: accom!erc%accom at uunet.UU.NET (Ed Carp) Date: Fri, 8 Oct 93 12:25:45 PDT Subject: iss source Message-ID: <9310081923.AA08514@accom.accom.com> > > I've been rather swamped by folks asking for the ISS source code, so would > > anyone mind if I posted it here? It's only 19K tarred, gziped, and > > uuencoded... > > Why don't you just tell all of these people to get it via anonymosu ftp > from ftp.uu.net in the /usenet/comp.sources.misc/volume39/iss directory. > If they only have access to mail they should find a nice ftp-to-mail > gateway to do the job for them. Because someone reported to me that the copy on uunet was corrupted or something... :( -- Ed From owen at autodesk.com Fri Oct 8 12:45:46 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Fri, 8 Oct 93 12:45:46 PDT Subject: This just in.. Message-ID: <9310081912.AA15641@lux.YP.acad> What an incredible coincidence, this is excerpted from the RISKS digest. LUX ./. owen ------------------------------ Date: Thu, 7 Oct 93 08:40:21 -0700 >>From: Tom Hanrahan Subject: Epitope suit uses computer bulletin board >>From The Oregonian (Portland, Oregon), October 7, 1993, by Vince Kohler Epitope Inc. used information subpoenaed from the computer bulletin- board service Prodigy to prepare a $5 million federal lawsuit against a Kidder, Peabody vice president in Kansas City, Mo. Lois Rosenbaum, a lawyer for Epitope, said the company used information from Prodigy Services Co. to track down A. Karl Kipke, who works for Kidder, Peabody in Kansas City, Mo. The lawsuit claims that Kipke used a false name, William Smith, to log onto a Prodigy electronic bulletin board on three occasions in August. Each time, the lawsuit contends, Kipke wrote lengthy commentaries he knew were false and defamatory about Epitope, the company's management practices and its attempts to gain federal approval of an oral device used to detect the AIDS virus. [...] "We certainly believe the price of the stock is lower than it would've been but for these false allegations, Rosenbaum said. "And I think it's clear that the articles were written for the purpose of negatively influencing the price of the stock." [...] Epitope's lawsuit says Kipke and his clients were holders of short positions in Epitope stock. [...] Epitope's lawsuit seeks $5 million in punitive damages from Kipke and alleges defamation, manipulation of security prices, securities fraud and intentional interference with business relations. Rosenbaum acknowledged that the lawsuit's electronic dimension is "a very unusual situation." Submitter note: The omitted sections of text basically say that Kipke was unavailable for comment and explain what holding a "short position" means. -- Tom Hanrahan, hanrahan at sequent.com ------------------------------ From pcw at access.digex.net Fri Oct 8 12:49:23 1993 From: pcw at access.digex.net (Peter Wayner) Date: Fri, 8 Oct 93 12:49:23 PDT Subject: Radio, Radio... Message-ID: <199310081947.AA03532@access.digex.net> I thought it was interesting that people on this net are getting interested in placing a discrete network of spread-spectrum boxes around the area. It turns out that a company, Tetherless Access Limited, is just beginning plans to do this right now. Here is a press release I just got: -Peter From pcw at access.digex.net Fri Oct 8 12:55:45 1993 From: pcw at access.digex.net (Peter Wayner) Date: Fri, 8 Oct 93 12:55:45 PDT Subject: Sorry about that last message Message-ID: <199310081952.AA04342@access.digex.net> I didn't mean to append that note about Moscow at the end of the press release. It happened by mistake. You can enjoy it but please delete it afterwards. I've gotten about three copies in the mail through different forwarding paths. -Peter From mbl at ml7694a.leonard.american.edu Fri Oct 8 12:55:55 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Fri, 8 Oct 93 12:55:55 PDT Subject: The death of the list as we know it (tm) Message-ID: <9310081954.AA01533@toad.com> >We debate this issue every couple of months. Give it up. Or start your >own newsgroup. I'm strongly thinking of doing that. However, I think it would be a shame if we had to operate the newsgroup and the list in paralell, without connections. And frankly, I don't think it would be entirely a disadvantage to have wider exposure. Sure, we would get some more noise (but we're used to noise by now), but we would also get a much larger readership. We would still be preaching to the choir, but we would have a "choir" large enough that it would no longer be a disadvantage. As a compromise solution, perhaps we could have a one-way gateway to a general distribution newsgroup, where posts to the list would automatically go to the newsgroup as well, but posts to the group would only go to the group (unless the person also mailed to the list). The list.cypherpunks group at Msen (where my account was before) was set configured like a moderated group, so all posts got sent to the list, but there's no reason it _has_ to be that way. Really, I think there are ways to solve this so that everyone will get what he needs. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From cman at IO.COM Fri Oct 8 12:56:09 1993 From: cman at IO.COM (Douglas Barnes) Date: Fri, 8 Oct 93 12:56:09 PDT Subject: Diffie-Helman example in g++ Message-ID: <9310081951.AA12236@illuminati.IO.COM> Here is a little demo using the big Integer routines from libg++ illustrating how Diffie-Hellman key exchange works. Basically, I wanted to prove to myself that it works, and thought others might appreciate it. Doug =============================================================== // Demo of mathematics for Diffie-Hellman type key exchange // // Useful to convince oneself that it really does work and that // a patent on it is pretty silly. // // Douglas Barnes (cman at io.com) // // Based on algorithm from Cryptography and Data Security, by Dorothy E. // Denning, 1983, Addison-Wesley. // // Note: you will need to have GNU libg++, or hack it to use big integer // math you do have. #include #include #include #include "Integer.h" Integer& RandBigInt(int bits); Integer& FastExp(Integer& A, Integer& B, Integer& p); #define keysize 644 main() { Integer p; Integer a; Integer XA, XB, K1, KA, KB, YA, YB, T; char state[256]; pow(2, keysize, p); p = p - 1; // Does anyone have a clue what good values of 'a' are in this // algorithm? a = 127; // Set up random stuff initstate(time(0), state, 256); cout << "A and B pick random numbers in the Galois field [0, p - 1]\n"; cout << "where p is (2^" << keysize << ") - 1:\n" << p << "\n"; XA = RandBigInt(keysize); cout << "\nA picks a random secret XA: \n" << XA << "\n"; XB = RandBigInt(keysize); cout << "\nB picks a random secret XB: \n" << XB << "\n"; YA = FastExp(a, XA, p); YB = FastExp(a, XB, p); cout << "\nA gives B a message YA (a^XA mod p): \n" << YA << "\n"; cout << "\nB gives A a message YB (a^XB mod p): \n" << YB << "\n"; KA = FastExp(YB, XA, p); cout << "\nA now knows the key is (YB^XA mod p): \n" << KA << "\n"; KB = FastExp(YA, XB, p); cout << "\nB now knows the key is (YA^XB mod p): \n" << KB << "\n"; cout << "\nComputing the key (which is a^XA^XB mod p) from (a^XA mod p) and\n"; cout << "(a^XB mod p) is equivalent to performing two discrete log calculations;\n"; cout << "the number of steps to perform discrete logs grows exponentially\n"; cout << "in proportion to the # of bits in the field. For a 'p' of 644 bits,\n"; cout << "Denning estimates 1.2 x 10^23 steps.\n"; } // Calculate a^z mod n // // Based on the fact that (a^3 mod n) is the same thing // as: (((a * a) mod n) * a) mod n // // Gets its speed from the fact that, for example, n^18 is the // same as (n^2)^9 Integer& FastExp(Integer& a, Integer& z, Integer& n) { Integer a1, z1, two; static Integer x; a1 = a; z1 = z; x = 1; two = 2; while(z1 != 0) { while((z1 % 2) == 0) { div(z1, two, z1); a1 = (a1 * a1) % n; } z1 = z1 - 1; x = (x * a1) % n; } return x; } // Yes, I know the random stuff is lame. This is a demo. Integer& RandBigInt(int bits) { int i; int randval; static Integer retval; retval = 0; for(i = 0; i Message-ID: <9310082057.AA14946@icm1.icp.net> > If cyperpunks becomes a newsgroup, count on me dropping off. Ditto. _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From frissell at panix.com Fri Oct 8 13:15:45 1993 From: frissell at panix.com (Duncan Frissell) Date: Fri, 8 Oct 93 13:15:45 PDT Subject: FIDONet Mail filterin Message-ID: <199310082012.AA23966@panix.com> J >So how do I prevent what happened to SJG, killer, etc from happening J >to me? How do I prevent the LE types from showing up one day and J >saying 'hey, did you know there's a meg of kiddie porn on your J >machine and we're taking it all away'? As soon as you get the 10mbps line into the home (next year for you Continental cable customers), mirror your machine with another located overseas (or just run the machine overseas). Duncan Frissell --- WinQwk 2.0b#0 From accom!erc%accom at uunet.UU.NET Fri Oct 8 13:25:45 1993 From: accom!erc%accom at uunet.UU.NET (Ed Carp) Date: Fri, 8 Oct 93 13:25:45 PDT Subject: wireless LANs Message-ID: <9310082021.AA08733@accom.accom.com> Well, I've got a wireless LAN up and running at home between my 486/25 and a 386 laptop - it provides uucp/cu connectivity, and I'll be adding SLIP soon. If anyone wants to see it working, let me know - I might be able to lug stuff to the next Cypherpunks meeting. I've had it running for several months now, and it was put together using all off-the-shelf compoments. The controllers cost $110 apiece, the radios are just amateur radio 2m rigs. It runs at 1200 baud, but it's enough to show that the system works, and is reliable. The controllers provide end-to-end reliable transport, so uucico doesn't have to do so much work. cu displays are a bit jerky, but *much* cleaner than on a standard voice-grade (yuck!) PacBell line here. -- Ed From wcs at anchor.ho.att.com Fri Oct 8 13:39:22 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Fri, 8 Oct 93 13:39:22 PDT Subject: The death of the list as we know it (tm) Message-ID: <9310082037.AA10090@anchor.ho.att.com> Another crypto newsgroup would be superfluous - we can talk technical on sci.crypt, politics on talk.politics.crypto, and get away with talking about implementation on sci.crypt, especially if sci.crypt.research gets created to provide a more pure crypto newsgroup. Yes, cypherpunks is already too high volume, but it does serve a purpose, and most of us could hack a forwarder into digesters or local newsgroups to feed our favorite newsreaders if we really wanted to.... Bill From gtoal at an-teallach.com Fri Oct 8 13:59:23 1993 From: gtoal at an-teallach.com (Graham Toal) Date: Fri, 8 Oct 93 13:59:23 PDT Subject: secure phone quest Message-ID: <2308@an-teallach.com> In article <9310042017.AA26812 at fegmania.wustl.edu> you write: >vat is available from ftp.ee.lbl.gov. There's no source at the moment >but there are binaries for different architectures. (And the dynamically >linked SunOS 4.1.x versions do work for Solaris 2.x) > >vat is intended for use as a IP multicast multi-user chat program, but I >believe that it is useable for point-to-point communication also. Using >it for IP Multicast may require kernel patches (depending on your OS). There's also nevot, last seen in gaia.cs.umass.edu:~ftp/pub G -- Personal mail to gtoal at gtoal.com (I read it in the evenings) Business mail to gtoal at an-teallach.com (Be careful with the spelling!) Faxes to An Teallach Limited: +44 31 662 4678 Voice: +44 31 668 1550 x212 From hfinney at shell.portal.com Fri Oct 8 14:05:47 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Fri, 8 Oct 93 14:05:47 PDT Subject: second order homophonic substitution Message-ID: <9310081626.AA17600@jobe.shell.portal.com.shell.portal.com> This homophonic cypher sounds interesting. If the authorities demand your keys, you could scramble each row of the matrix (scrambling each row separately), so that only the dummy message can be recovered. Real ascii messages have a character set of about 2^6, so the actual size of the key matrix will be 2^12, and that means that each entry will be about 12 bits. For full generality in handling binary data the character set would be 2^8, meaning a matrix of size 2^16 entries with each entry being 16 bits. This is a 128K byte key, which is pretty cumbersome. Also, the cyphertext is twice as big as the plaintext, which will stand out too. Plus, once the authorities see your decryption algorithm it may be pretty obvious that it was designed for this specific purpose, and whatever pressures they applied to make you reveal the key may now be redoubled until you reveal the "real" key. A one-time-pad has the advantage that the key is the same size as the file, and there is no size expansion in encryption, plus it's a plausible approach to use for high-security encryption. It will take less space and still allows for multiple decryption. Hal hfinney at shell.portal.com From pierre at shell.portal.com Fri Oct 8 14:05:56 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Fri, 8 Oct 93 14:05:56 PDT Subject: Standard Headers for Anonymous Remailers Message-ID: <9310081955.AA00974@jobe.shell.portal.com.shell.portal.com> > I wrote: > Who qualifies whom, based on what info, and to eliminate whom? > Paul mentions organizational qualification methods > Douglas defends the rights of private groups, and anonymity Yes, I meant that as a pointer to further problems. I did not mean that it is very difficult to find organizational or technical solutions (although in practice, it may very well be), nor was I lashing back at an Orwellian suggestion. (I still get caught in the way email gets read, not that I have much more luck in person :-) Even though there may be technical solutions to "limited access" groups, it is not clear how compatible each of these is with anonymity. And at the same time it will become harder and harder to figure out whether somebody is using hir Real Name or some Assumed Name. The book publishing market surprises people because an author's pseudonym is not obviously a pseudonym. Any "limited access" policy has to address the problem of pseudonyms, and of individuals offering their pseudonym for un-accredited public access. But the problem at hand is not even that... In the case of io.com, and current remailers, the problem is netnews newsgroups that don't like anonymous abuse without really understanding how hard it could be to eliminate it... Netnews, until now, is here to provide open discussion and "publishing" space. The idea of qualification can be implemented via automatic moderation for example, but it has to contend with: 1) votes by the general public, and acceptance by sysadmins who will carry the traffic (although they don't have much of a say about mailing list traffic...) 2) superset groups and cross-posting. If a "qualify"-only newsgroup is created, then a super-set newsgroup could be created that copies everyhting from the "qualified" groups, and adds open traffic. That superset still carries interesting traffic from people who shun administrative overhead. Qualified people who want to pursue the thread they started now read the superset newsgroup. 3) If you publish, and expect email responses, you need to publish your email address. That makes you vulnerable to mail bombing. It does not matter if the newsgroups carries only filtered traffic. And thanks to Owen for posting the description of some of these net.wars. It will take me a while to go through that. pierre. pierre at shell.portal.com From gtoal at an-teallach.com Fri Oct 8 14:29:23 1993 From: gtoal at an-teallach.com (Graham Toal) Date: Fri, 8 Oct 93 14:29:23 PDT Subject: WE'RE UNDER ATTACK Message-ID: <2320@an-teallach.com> In article <9309180534.AA27719 at longs.lance.colostate.edu> you write: >We must try to determine whose rules we are playing by. Is this a >customs investigation? Treasury Dept.? The situation with NSA is that >they don't really ever act directly, they always go through some other >henchmen to do the dirty work. This smells like them. But the case of >the NSA convening a grand jury does not appear to have a historical >precedent. What's going on here? Here's my guess: the NSA isn't actually behind this - it was just unfortunate that Grady was getting up their nose at the time. Let's imagine someone who is an arse-licking toady and wants to keep in well with the government. Let's suppose he's the sort of person who, to paint the personality type, would go around hassling ftp site managers getting them to remove pgp. Then imagine that the cheeky bastards promoting pgp taunt him by offering it loudly from sites outside the US and there's nothing he can do about it. What does this person do now? Has a quiet word with his friends in the US Customs (you never know, he might have some connection with the government and exporting, for all we can imagine...) and points out as a loyal concerned citizen that a cryptographic munition has been illegally exported. He maybe even forwards them some postings by Grady saying that he was planning to publish these programs (and Grady is well known to publish his Moby Words through the Austin Code Works - anyone who gets Byte can tell you that...) If such a drittsekk came to the US Customs with such a story, I think they'd be duty bound to investigate it; *especially* when all they'll have heard until now is this persons highly one-sided view of the matter. Now, *I* can't imagine for a minute that any of our cypherpunks or sci.crypt readers would do such a thing, but then I always do tend to overestimate the common sense of the net.educated public... G From habs at panix.com Fri Oct 8 14:45:47 1993 From: habs at panix.com (Harry S. Hawk) Date: Fri, 8 Oct 93 14:45:47 PDT Subject: Future of the list Message-ID: <199310082141.AA09211@panix.com> We (ExI) have offered the software now being used to operate the Extropians list to the operators of the cypherpunks list. Our software is not quite ready for prime-time, but it is a solid and interesting program. It allows for kill files by user, and subject (reg. exp.), and allows for retrival of messages by subject (reg. exp.) and full body text (agrep). It is very modular with one part of the program databasing all incoming messages and other modules actings as agents for various list members. Each agent can support one or more users (subscribers). In addition to kill files, all messages can be excluded and then specfic messages can be Included. I feel it or similar software will solve the programs that some members of this list are complaining about. (Mailing List vs. News Group). I strongly urge that a newsgroup NOT be formed. /hawk -- Harry S. Hawk ON Vacation From chaos at aql.gatech.edu Fri Oct 8 14:59:24 1993 From: chaos at aql.gatech.edu (Paul Goggin) Date: Fri, 8 Oct 93 14:59:24 PDT Subject: iss source In-Reply-To: <9310081923.AA08514@accom.accom.com> Message-ID: <9310082156.AA02979@toad.com> Ed thus said: >> > I've been rather swamped by folks asking for the ISS source code, so would >> > anyone mind if I posted it here? It's only 19K tarred, gziped, and >> > uuencoded... I guess I should have spoken up sooner, but I did not realize the need was so great. It is for ftp at aql.gatech.edu under /pub/security/iss. Updates will be posted there as they appear. Paul -- R O All Comments Copyright by | Technofetishist A N Paul S. Goggin (1993) | Cypher, Cyber, Chaos V Information Broker | Ergoflux, Interzone E chaos at aql.gatech.edu | Carpe Diem: Stop the Clipper wiretap chip Finger account for latest _Phrack_ | Public Key: PGP and RIPEM available For anonymous communication:---> anon32940 at anon.penet.fi ------------------------------------------------------------------------------ Title 18 USC 2511 and 18 USC 2703 Protected -- Monitoring Absolutely Forbidden From mg5n+ at andrew.cmu.edu Fri Oct 8 15:25:47 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 8 Oct 93 15:25:47 PDT Subject: distributed autonomous networks In-Reply-To: <199310081918.AA06860@Menudo.UH.EDU> Message-ID: > > Possible power sources: batteries (but they need to be changed) > > solar power (Australia leads the world in solar power > > technology, and I know people who know > > people). > > Near Field Interaction and EMF pickups (stick 'em > > near high-frequency power transmission lines). > > Something that convert heat to electrical energy > > If you are hiding boxes on telco poles, an obvious source of power > presents itself. :-) > > I like the EMF idea! Ideologically and technically interesting... > Is it practical? Heat to electricity? hmm... haha... Well, telephone lines are not a good source of power, because if you draw too much current, you will get caught very easily when the customer starts having problems and complains. I like the EMF idea tho! It would probably work fairly well, and would be undetectable unless they actually went up to check it out. In most areas, power is carried by high voltage lines (several thousand volts) and then they have a transformer every block or so to convert it down to 120v (or 240v or whatever). But those high voltage lines do produce a large magnetic field. If you strung wires parallel to them, you could get a pretty sizeable amount of power out of it (enough to run a transmitter at least). Heat to electricity: possible but not practical. Thermocouples can be expensive and don't produce too much power. You'd need to place it by something constantly warm, especially at night. Solar panels with rechargeable batteries would probably work best. That way, the box could be located in a tall tree or somewhere away from other obvious power sources, or in other less conspicuous locations. > > I have no idea how this could be done across interstate or international > > distances, but I'm sure people might have ideas. Bounce signals off > > satellites (are those big shiny things from the 50's still about?); send > > stuff encrypted via the internet, etc etc. > > Someone suggested general use of IR laser links, but someone else > mentioned that it would be a bitch to operate a decentralized network > of IR links. Well, lasers and microwave are probably best suited for > mid-range connections betweens clusters of boxes. > > (Ham radio tinkers with microwave and laser communication experience > should probably comment here... ) > > Since the FCC frowns on encrypted amateur radio, I doubt we could > openly use the ham nets or satellites...but how about bit fiddling > with slow-scan TV? :-) The list has generated many good ideas > on tunneling naughty data in otherwise innocent exchanges... Well, for international, we might be able to pirate a few unused frequencies on satellites, altho this might piss off some big name guys just enuff to get the cops after us. There's the possibility of reflecting radio waves off the moon, but of course this would not work all the time. Infrared: IR works well for short distances, and can not be intercepted easily, but can scattered by rain and fog. (Polarized light might help filter noise somewhat tho.) Furthermore, it has to be direct line of sight, and can't be situated where something might move in the path of the beam. Perhaps someone living on a hill could put up a big aluminum reflector, and people could focus beams of light onto it. As for hiding messages in other signals, there's always the possibility of using ultrasound on a voice frequency...(if the frequency is high enuff to make it feasible) > How many people are interested in this idea? Is it time for > a radiopunk task force? Does one already exist? :-) Yep, I think so... I like the idea. From vznquest at netcom.com Fri Oct 8 15:30:48 1993 From: vznquest at netcom.com (Alan Mason) Date: Fri, 8 Oct 93 15:30:48 PDT Subject: your mail In-Reply-To: <9310061825.AA00943@bsu-cs.bsu.edu> Message-ID: DITTO!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ----------------------------------------------------------------------------- Alan Mason | Any time you find a simple answer to a question, vznquest at netcom.com | The odds are you asked the wrong question. ******************* | ---------------------------------------------------------------------------- On Wed, 6 Oct 1993, Anonymous wrote: > > and cause people not to buy their next posting. 2) People would > > have an incentive to contribute to the group because they would > > start running out of cash if they didn't say something valuable. > > Yes, but it would also discourage lurkers like me who are here to learn > - and don't have much to contribute so far. If you have to pay to read, > and to get more money you have to post something useful that people want > to read, the "startup cost" associated with the list would grow as time > goes on. From tigger at indirect.com Fri Oct 8 16:15:47 1993 From: tigger at indirect.com (Jiva De Voe) Date: Fri, 8 Oct 93 16:15:47 PDT Subject: Boy! Message-ID: <199310082313.AA16930@indirect.com> Things got quite atround here *real* quick eh? From mg5n+ at andrew.cmu.edu Fri Oct 8 16:15:59 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 8 Oct 93 16:15:59 PDT Subject: distributed autonomous networks In-Reply-To: <9310081716.AA13288@lux.latrobe.edu.au> Message-ID: > A couple of us here in Australia have been kicking > around the idea of a cheap network, running via repeaters > in _very_ small boxes tossed all around a city, which would be > indestructible through sheer numbers (a la the arpanet). > So: anyone got any ideas, schematics, information? > > The main idea is a huge number of small, low-power and CHEAP nodes which > would handle through traffic which anyone with a radio modem could tap into, > with the nodes disguised and placed in extremely hard to get to places (tops > of telephone poles, buildings, on bridges and overpasses, etc). Well, building the transmitter wouldn't be too hard, and you could probably transmit much larger amounts of data than over a modem if you used high frequencies. The most difficult thing as I see it is that you'd have to build a small computer for each box, and program it to route data packets, error-check them, and so on. > The idea being that we would have an untraceable, unbreakable network. Sure, > you may have an address (perhaps we could set it up as a FQDN domain?), but > that address would not correspond to any actual physical location. And, it > would be free, aside from the cost of the equipment. No more phone calls > to pay for! A Fully-Qualified-Domain-Name type of network would create complications. Since the network will be constantly expanding and changing, you'd probably need relative domain names. (you'd have to specify: send packet thru site #10 thru site #34 and deliver to site #19) To have fully qualified domain names, you'd need to have something on the net cataloging them. From catalyst at netcom.com Fri Oct 8 16:19:22 1993 From: catalyst at netcom.com (Scott Collins) Date: Fri, 8 Oct 93 16:19:22 PDT Subject: distributed autonomous networks Message-ID: <9310082312.AA02297@newton.apple.com> >[stuff about possible power sources and transmission media] A television report on 'Beyond 2000' described meteor-bounce radio. The technique extends the idea of bouncing radio waves off the ionosphere (for distance), to bouncing off the atmospheric trails of micro meteors. Reported applications are economical (at least run-time economical, start-up cost was not discussed) weather telemetry stations in remote areas. A solar panel provides the power, a small computer is needed to direct transmission. I don't know how reliable 'Beyond 2000' is, but they did show both the alleged transmitters and telemetry stations using them. This technique may not be feasible in the context you are describing, but the telemetry application was parallel in that it also comprises many independent, self-contained transmitters. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com From lear at cp10.es.xerox.com Fri Oct 8 16:49:23 1993 From: lear at cp10.es.xerox.com (Russell Lear) Date: Fri, 8 Oct 93 16:49:23 PDT Subject: Newbie question on PGP Message-ID: <9310082347.AA12225@kingtut.cp10.es.xerox.com> Thanks all for the pointers (I came back from a meeting to find > 20 messages telling me where to go! Now that's response). Thanks all who responded. Russell. From janzen at idacom.hp.com Fri Oct 8 16:56:13 1993 From: janzen at idacom.hp.com (Martin Janzen) Date: Fri, 8 Oct 93 16:56:13 PDT Subject: TAL Press Releases Message-ID: <9310082355.AA18364@loki.idacom.hp.com> I had to reformat the TAL press releases to make them readable, so I thought I'd save others the trouble... TETHERLESS ACCESS LTD. ANNOUNCES STRATEGIC ALLIANCES FOR WIRELESS MAN DEPLOYMENT October 4, 1993, Fremont, California Tetherless Access, Ltd. (TAL), a leader in the development of user-provided wireless metropolitan area networks (MAN), today announced the formation of three separate strategic business and technology alliances. The alliances envision the provision of wireless access, applications development, packet radio hardware development and new services for wireless connectivity to the worldwide Internet. TAL has developed a "plug-and-play" interface for the Macintosh platform for the unlicensed operation of packet radio systems. The systems enable peer-to-peer wireless connectivity over AppleTalk networks within a MAN environment. The system software also provides transparent connectivity to TCP/IP networks and to services available on the worldwide Internet. User-provided wireless networking allows anyone within range of another system to automatically make a network connection. This "ad hoc" network means that each node not only generates its own traffic, but also relays the transmissions of nearby nodes. Each system owner becomes a "de facto" member of the network. The system provides a low-cost connectivity solution for community networks, libraries, schools, businesses, telecommuters, and an easily deployed communications infrastructure for developing countries. "In association with our strategic alliances we will deploy wireless MANs on a worldwide basis with a focus on providing access to the Internet" said Dewayne Hendricks, President of TAL. Pandora Systems of San Francisco, CA, a software development and network operations company, will design Internet-based wireless networking products and services. Pandora's principals have been involved in the establishment of PeaceNet, GreenNet, The WELL and have developed numerous Internet applications including Veronica, one of the most popular and useful navigation tools available on the Internet today. "The Internet and wireless communications are both experiencing dramatic growth. The combination of these environments offer unparalleled applications development opportunities" said Mark Graham, President of Pandora Systems. InterNex Information Services, Inc. of Menlo Park, CA, a provider of high bandwidth connectivity to the Internet, will provide wireline access points to the Internet for wireless MANs in major metropolitan areas throughout the U.S. InterNex and TAL will jointly market network services to businesses, educational institutions, communities and individuals. Cylink of Sunnyvale, CA, the leading worldwide supplier of commercial communications security products and spread spectrum wireless modems and systems, is cooperating in the supplying of spread spectrum radios for deployment in TAL's MAN packet radio systems on a worldwide basis. Cylink's founders are leading authorities in encryption and spread spectrum technologies, and the company currently services customers in over 40 countries. Tetherless Access, Ltd., based in Fremont, California, is a leader in the development and deployment of "plug-and-play" wireless metropolitan area networks. The company's products allow customers to achieve efficient, low-cost, flexible, high-quality wireless data communications in metropolitan network environments and to the worldwide Internet. TETHERLESS ACCESS, LTD. ANNOUNCES NET/MAC PRO WITH SUPPORT FOR POWERTALK October 4, 1993, Fremont, California Tetherless Access, Ltd. (TAL), a leader in the development of user-provided wireless metropolitan area networks (MAN), today announced NET/Mac Pro, a new version of its NET/Mac Internet Protocol application for packet radio environments. NET/Mac Pro adds support for a personal gateway that allows PowerTalk81 users to exchange mail with SMTP servers over a TCP/IP network. PowerTalk is Apple's new mail and messaging technology, built in to System 781 Pro. This combination provides convenient Internet access for Apple Macintosh users through wireless Metropolitan Area Networks. TAL's standard products have led the way for wireless TCP/IP network access on the Macintosh. Now, with System 7 Pro, this access is simplified even more by not having to use a separate SMTP client program to transfer mail. "The PowerTalk universal mailbox and drag send capability integrated with our NET/Mac Pro product allows our users to deploy wireless MANs on a worldwide basis with a focus on providing easy access to the Internet mail services" said Dewayne Hendricks, President of TAL. TAL has formed strategic alliances with InterNex Information Services, Inc. of Menlo Park, CA, Cylink of Sunnyvale, CA and Pandora Systems of San Francisco, CA. Together the four companies will provide hardware, software and services which can be used to provide low-cost MAN connectivity solutions for community networks, libraries, schools, businesses, telecommuters, and an easily deployed communications infrastructure for developing countries. "In association with our strategic alliances we will deploy wireless MANs on a worldwide basis with a focus on providing access to the Internet" said Dewayne Hendricks, President of TAL. Tetherless Access, Ltd., based in Fremont, California, is a leader in the development and deployment of "plug-and-play" wireless metropolitan area networks. The company's products allow customers to achieve efficient, low-cost, flexible, high-quality wireless data communications in metropolitan network environments and to the worldwide Internet. Apple and Macintosh are registered trademarks and PowerTalk and System 7 are trademarks of Apple Computer, Inc. From wcs at anchor.ho.att.com Fri Oct 8 17:05:48 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Fri, 8 Oct 93 17:05:48 PDT Subject: distributed autonomous networks Message-ID: <9310090005.AA11624@anchor.ho.att.com> Obviously, if we do a radio solution, the equipment ought to be attached to cans marked W.A.S.T.E :-) At least in the US, you don't have to pirate radio frequencies; there are a few bands that are available for uncensored low-power use, though some of them may require spread-spectrum. Meteor Burst is real stuff, though the last time I knew a little about it the bandwidth was pretty low; e.g. you got 300 baud average throughput doing bursts of 4800 baud with really heavy-duty forward error correction, since it's a pretty sporadic medium. Power usage is really low, and typical applications are things like telemetry from snow-depth recorders out in the mountains, where line-of-sight is essentially unavailable. I don't know how much bandwidth or area you get out of it, or how traceable it is - our meteor expert retired years ago, and was looking at problems like how to build radio data networks that weren't bothered by nuclear explosions. If there's a spare satellite slot available, ALOHANET technology is a reasonably efficient way to use it. From pfarrell at netcom.com Fri Oct 8 17:15:48 1993 From: pfarrell at netcom.com (Pat Farrell) Date: Fri, 8 Oct 93 17:15:48 PDT Subject: The death of the list as we know it (tm) Message-ID: <72951.pfarrell@netcom.com> In message Fri, 8 Oct 93 14:08:50 EST, Matthew B. Landry writes: > I really think that the powers that be should consider the > newsgroup idea. I have to comment. Many on this list believe strongly in privacy. This implies that no one admits to being a PTB (power that be). Others are anarchists and don't believe in PTB. And occasional person wants to be in charge of the anarchy movement. Options include: 1. get a rational mail reader (nupop, eudora, etc.) and a rational vendor (netcom, digex, world, well, etc.) and read at your leisure. 2. convert it locally to a local newgroup. then use rn, tin, etc. with kill files. 3. unsubscribe. 4. alternate plan X. I have no problem with the volume. The S/N ratio could be better, but so could my bank account. Pat Pat Farrell Grad Student pfarrell at netcom.com Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From gtoal at pizzabox.demon.co.uk Fri Oct 8 17:29:27 1993 From: gtoal at pizzabox.demon.co.uk (gtoal@gtoal.com) Date: Fri, 8 Oct 93 17:29:27 PDT Subject: POISON PILL Message-ID: <9310072311.AA22607@pizzabox.demon.co.uk> In article <9310011625.AA10686 at snark.lehman.com> you write: >You know, if people are going to discuss breaking blowing up computers >and killing people, they could at least have the taste to discuss it >elsewhere. Myself, I'm not a believer in violence, and I don't think >this list is devoted to explosives. Newgroup alt.terrorism.techniques >if you insist. Much as it pains me to agree with Perry when he's in his traditional 'wet blanket' mode, I feel I ought to point out that the kid who's currently in jail under half a million bail is there because files on his system apparently suggested direct violent action against law enforcement officers. While I understand that the comments made here are in fun, I'd be willing to bet there are some tight-assed LE types reading this who don't see the joke, and that the people who suggested various forms of bombs as data protection devices are now in the list of people to bust first when the revolution doesn't come. By the way, all schemes that rely on your computer detecting some change are useless. Any half-intelligent cop raiding your machine is just going to take the drive out and put it on one of his own machines. The only thing you can do is encrypt the drive. And we'll find out soon enough how the land lies on divulging of encryption keys when prz ends up in court. If anyone seriously implemented a dead-man's-handle to destroy his data, I can promise you that all that will happen is that you'll accidentally destroy your own data. G From wcs at anchor.ho.att.com Fri Oct 8 17:39:28 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Fri, 8 Oct 93 17:39:28 PDT Subject: second order homophonic substitution Message-ID: <9310090038.AA11774@anchor.ho.att.com> You don't need to do a full table of 2^16 bytes to handle real data - you could use 4-bit nibbles if you wanted, so each byte of steganotext has 4 bits of real data (which is cyphertext) and 4 bits of fake data. The steganotext is still twice the size of the plaintext, though. However, your key doesn't need to contain the whole table - you can use a much shorter key to describe a tour through the table or other method of filling it, where the key is the seed to a PRNG, which doesn't even need to be cryptographically strong, just decently random. This approach lets you use either 4x4 tables for compactness or 8x8 tables for efficiency. One way to make the decryption algorithm not reveal its purpose is to have one of the key parameters be a bitmask showing which 4 or 8 bits to keep out of the 8 or 16 output bits from the table. The (fake) encryption algorithm should have some feature to generate random bits using a hard-to-reproduce PRNG (e.g. the middle 4 or 8 bits of a 64-bit-wide PRNG), or something else obfuscatory, allowing the real cyphertext to be patched in through a less visible program, or through an obvious-functionality program like a one-time-pad xor. (Perhaps the PRNG could have parameters that, given all-zero input, produces all-zero output, or something similar that lets you use the same program for real and fake.) Now, the Bad Guys, if they're any good, will notice the 2:1 compression, and may suspect something's up, since they're archiving this posting :-). You can also do ratios other than 2:1, if you're willing to waste space. However, the algorithm does look like something an amateur would come up with to be the latest "nobody can crack my new complicated cypher", and it's tough to prove otherwise, since the real cyphertext is just raw bits unless you have the keys... Its effectiveness depends on whether they know that I know that they know that... and on whether they ask you in court, under penalties of perjury, whether this is the only key to the cypher, and whether you're really obligated to tell the whole truth in addition to telling them the truth and nothing but the truth. But truth is pretty complicated stuff, and once you start explaining the mathematical details of the PRNGs you use and how you know they're good stuff, and how quantum mechanics relates to the ability to send keys without eavesdropping, and the effects of quantum on epistemology, and what Knuth was talking about on page N of volume 2, they'll probably give up and decide it's irrelevant technicalities... said Bill, increasingly verbosely From charliemerritt at BIX.com Fri Oct 8 17:55:49 1993 From: charliemerritt at BIX.com (charliemerritt at BIX.com) Date: Fri, 8 Oct 93 17:55:49 PDT Subject: PHONE PRIVACY Message-ID: <9310082052.memo.46724@BIX.com> > A 1-900 number to ensure non-tracibility. Does anyone have this number? I would not trust this for hiding from law enforcement. You can get the 900 service's fone records with a warrant. If not law enforcement, then who do you need this to hide from? You can use a pay fone to fool caller-id boxes. Well, I guess they dont hide the city. From trebor at foretune.co.jp Fri Oct 8 17:59:29 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Fri, 8 Oct 93 17:59:29 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310081743.AA28221@netcom5.netcom.com> Message-ID: <9310090057.AA08696@dink.foretune.co.jp> Timothy May writes: >My point is this: there are many sound reasons to keep a group such as >ours a mailing list and not open it to every freshman in college who >can grep for "punk" and stumble across us, or for every >Sternlight-type bozo who delights in creating noise and rancor in >groups. This is called "security through obscurity." I'm shocked to see it advocated in this list! ;^> Opening up the list into a newsgroup has risks, but they can be mitigated and doing so would make it easier to use, and reduce the load on toad. One way to mitigate the effect on the list itself is (1) make the connection 1 way (list->group), with postings to the group sent through and anon remailer and (2) postings to the group from the list could be signed to authenticate them. Bottom line, isn't one of the goals of punkery in general (whatever flavor) to _spread_ knowledge. Shouldn't this stuff be shouted from the digital treetops? From eb at srlr14.sr.hp.com Fri Oct 8 18:25:48 1993 From: eb at srlr14.sr.hp.com (Eric Blossom) Date: Fri, 8 Oct 93 18:25:48 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310090057.AA08696@dink.foretune.co.jp> Message-ID: <9310090122.AA02316@srlr14.sr.hp.com> Please table the mailing list vs news discussion. - Eric Blossom From trebor at foretune.co.jp Fri Oct 8 18:35:49 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Fri, 8 Oct 93 18:35:49 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310090132.AA08927@dink.foretune.co.jp> You can put up such a network, but given that your boxes have to receive the signal, it will be detectable (but not understandable) to 3rd parties. Anyone who wants to take you down will only need (1) a detector that can point out your boxes and (2) a small caliber rifle. Since the cost to find and destroy is much less than the cost to make and deploy, a covert network of this sort wouldn't last long. An _overt_ network, perhaps a commercial entity that networks an entire city, would be an interesting prospect. The techniques for maintaining location information on actual machines connected to the net, and for updating them as they move, are actually quite simple and well understood (cellular telephones are a simple, dumb version of the technology). The trick is to find out a way that the network can know where you are but not give that information out (even to the owners of the network), without unacceptable overheads. From mgream at acacia.itd.uts.edu.au Fri Oct 8 19:15:48 1993 From: mgream at acacia.itd.uts.edu.au (Matthew Gream) Date: Fri, 8 Oct 93 19:15:48 PDT Subject: Diffie-Helman example in g++ In-Reply-To: <9310081951.AA12236@illuminati.IO.COM> Message-ID: <9310090216.AA20577@acacia.itd.uts.EDU.AU> Earlier, Douglas Barnes wrote: > // Demo of mathematics for Diffie-Hellman type key exchange [..] > // Does anyone have a clue what good values of 'a' are in this > // algorithm? > > a = 127; The only restriction placed on /a/ is that it be a primitive root of /p/. To do this, you choose /a/ at random until you find the condition (/a/, /p/-1) == 1 is satisfied. Since there are lots of primitive roots, this shouldn't take long. I wonder though, are there any strengths in choosing higher values of /a/? Feel free to correct me if I'm wrong, my engineering background means my number theory isn't as strong as it could be (but I'm working on it :-). Matthew. -- Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state." From tcmay at netcom.com Fri Oct 8 19:19:30 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 8 Oct 93 19:19:30 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310090057.AA08696@dink.foretune.co.jp> Message-ID: <9310090216.AA17737@netcom5.netcom.com> Robert Woodhead writes: > This is called "security through obscurity." I'm shocked to see it > advocated in this list! ;^> And I'm shocked--:-}-- that people keep beating a dead horse, expecting that if they repeat their arguments enough times, something will miraculously change. This rarely works, and mainly just dilutes the content of the list further. > Opening up the list into a newsgroup has risks, but they can be mitigated > and doing so would make it easier to use, and reduce the load on toad. I won't repeat my own arguments for the 7th or 8th time. In any case, Eric Hughes has the final say and he has said it will not happen in no uncertain terms. If you vote otherwise, send your votes to dev/null. They'll count more that way. (There is no pretense that the list is a democracy.) > Bottom line, isn't one of the goals of punkery in general (whatever > flavor) to _spread_ knowledge. Shouldn't this stuff be shouted from > the digital treetops? Not one of the major goals, from my perspective. We don't advertise, we don't lobby, we aren't even _set up_ to do such a thing. And when we're interviewed (and anybody _can_ be), nobody spouts off the "Cypherpunks agenda." Books and magazines spread knowledge. Notice that we don't even have a FAQ? We're hardly in the education business. We're a loose collection of folks, bound by the mailing list and the various physical meetings (and those of you out in the hinterlands should simply organize your own gatherings). The interest in remailers, digital money, code, etc., is the main glue. Political action is a detour. The Clipper debate was one such detour, occuoying too much time for several months, though I suspect some good came out of it. Anyway, it's not for me to say what the Cypherpunks are, but all those folks shouting that "we" are a lobbying group, or whatever, are misguided, I think. One of the advantages of a mailing list is the implied sense of community and of a shared history. It is expected that most on the list have seen the traffic go by, even if they skipped many of the messages. Newsgroups, on the other hand, encourage people to dip in for a few days, ignore for several weeks, dip in again, and so on. Thus, a huge number of repeat topics as people dip in and out and miss the context of comments, the history, and so on. Progress stalls, even more so than progress may've stalled in some areas on this List. And while I agree that TLAs may be reading this list, one way or another, making it a newsgroup would open it up for archiving around the world, for appearance on those CD-ROMS filled with Usenet traffic, and for easy grepping by future employers and future government snoops. In other words, a public forum. That's great if the goal is to educate people about crypto, not so great if the goal is frank discussion of tough problems. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From ferguson at icm1.icp.net Fri Oct 8 19:35:48 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Fri, 8 Oct 93 19:35:48 PDT Subject: The death of the list as we know it (tm) In-Reply-To: <9310090057.AA08696@dink.foretune.co.jp> Message-ID: <9310090337.AA16899@icm1.icp.net> > Bottom line, isn't one of the goals of punkery in general (whatever > flavor) to _spread_ knowledge. Shouldn't this stuff be shouted from > the digital treetops? No, not necessarily. I think that you're missing the mechanics behind the list. In any case, I think you can pretty much forget about shifting this list anywhere from where it is now -- it (we) are doing _exactly_ what the recipe calls for.... Cheers! _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From mbl at ml7694a.leonard.american.edu Fri Oct 8 19:45:49 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Fri, 8 Oct 93 19:45:49 PDT Subject: Newsgroup? Message-ID: <9310090244.AA05818@toad.com> I still think that people are looking at this idea wrong. If we made the list->news gateway work one-way, so that news traffic wouldn't end up on the list, all of the stated problems could be solved. Except, that is, for TC May's theory about archived postings being grepped by spooks. Personally, I think that this is a rather far-fetched idea. If the spooks thought we posed a real threat to them (they might; I don't know), they would have very little trouble grabbing every single character sent to the list now and archiving it all with the best dossier-style cross-indeces in the business. I just think that a newsgroup wouldn't affect that one way or another. On the other hand, if the Extropians software is as good as it sounds (and if we actually start using it here), we might not need to have newsreaders to get the same functionality. Sending an "ignore" message to the list software to be processed at the source is a kludge, but it seems to be a Politically Correct kludge, so we might as well use it. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From wcs at anchor.ho.att.com Fri Oct 8 19:46:00 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Fri, 8 Oct 93 19:46:00 PDT Subject: brin on privacy Message-ID: <9310090242.AA12484@anchor.ho.att.com> peter writes > david brin spoke in ann arbor recently [...] > > privacy laws will be used as a weapon by the Rich and Powerful to > restrict the free flow of information. > > brin feels that privacy laws will be ineffective against the RaP, will > be sold to the rest of us through effective propaganda, and that they > will be used by the RaP as a means to cement their power base. He's probably right. (Of course, *most* laws made by the Rich and Powerful will be used to cement their power base, so this is just a special case....) Some examples that have been discussed on the net include the British data privacy laws that limit the personal-information databases that you can keep without formal notification to the people contained in them (and to the government.) The fact that you've got a computer and are using it in ways that indicate you have *some* database capability but haven't registered has been used as an excuse to search people's computers. Of course, if you *have* registered, then they can search to be sure you don't have any data you've forgotten to mention.... > brin's message was basically a populist one. he is concerned that the > moguls of data will have the opportunity to control what we see and > hear. what i found most fascinating about his talk was that while i > generally agree with the social objectives he backs, i am in 180 degree > disagreement on how to accomplish these ends. It's not an uncommon thing to find among people who believe in things but don't think about the implications of implementing those beliefs, as well as with people who are messing with really complicated technology. Bill From DON_HENSON at delphi.com Fri Oct 8 19:49:29 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Fri, 8 Oct 93 19:49:29 PDT Subject: Cypherpunk Cause Message-ID: <01H3VXEBY9AG9353JT@delphi.com> The following was posted by L. Detweiler as an example of a typical response to his cypherpunk postings: --> >There is no cypherpunks cause. Neither is there a cypherpunks >movement. Get these delusions out of your head. There is, however, >cypherpunks software. > >I repeat, the cause and movement are in your own head. <-- If there is no cypherpunks cause or movement, please let me know. Being able to interact with people who believe in the cypherpunks cause is the only reason I subscribe to this list and if there is no cause, I would like to unsubscribe and spend my time elsewhere. Can we have a simple survey of the list? If you believe there is a cypherpunks cause and you believe in it, please post a short note to that effect to the list. Anyone who is interested can keep count. I suppose to be fair, you should also post a note if you believe there is no cause. Don Henson PGP key on serve or on request From arthurc at crl.com Fri Oct 8 19:59:30 1993 From: arthurc at crl.com (Arthur Chandler) Date: Fri, 8 Oct 93 19:59:30 PDT Subject: Virtual City (tm) Network FAQ 1.0 (fwd) Message-ID: Greetings. I hope that I'm not spamming the list with this monster forwarded FAQ. But since the author(s) are proposing, as one of the stated goals of Virtual City(tm): The Virtual City(tm) Network will also be a proving ground for privacy technologies such as public key cryptography, PGP, and Digital Cash(tm). I thought that folks here might be interested. Has anyone heard of this outfit? Is it for real or a huge slice of lemon meringue in the sky? ---------- Forwarded message ---------- Date: Fri, 8 Oct 1993 02:36:43 PDT From: Strata Rose To: strata at virtual.net Subject: Virtual City (tm) Network FAQ 1.0 VIRTUAL CITY (TM) NETWORK FAQ, REV 1.0 SO WHAT EXACTLY IS THE VIRTUAL CITY (tm) NETWORK? The Virtual City(tm) Network is an ambitious Networked Virtual Reality Infrastructure which will link current Internet information technology with the emerging capabilities of on-line virtual reality environments. Using existing software which implements shared, interactive virtual spaces we will extend the paradigm of the FreeNet community into virtual reality by creating online cities and communities in which people may share text, graphics, and multimedia in a cooperative real-time environment. These online communities will be able to make use of cutting edge tools such as network conferencing, collaboration & visualization tools, multimedia electronic mail, online access to government data, networked library catalogs & facilities, electronic books online and Internet-accessible public data repositories. The Virtual City(tm) Network will also be a proving ground for privacy technologies such as public key cryptography, PGP, and Digital Cash(tm). DIDN'T YOU RUN AN AD IN _WIRED_ RECENTLY? NO. And again, No. The Virtual City (tm) Network is the brainchild of one M. Strata Rose, longtime net.lurker and sometime visionary, who has been developing the concept since roughly June 1992. I started serious feasibility exploration in December of '92 and have been on track on a timeline which formally started in May '93. The folks who put an ad in _WIRED_ are Objective Communications of Illinois. Virtual City (tm) is a trademark of M. Strata Rose and VirtualNet (currently undergoing formal incorporation). We are registered with the NIC as VIRTUAL.NET and VIRTUAL-CITY.COM. OH, COME ON-- TRADEMARKING THE PHRASE "VIRTUAL CITY"? The concept of creating virtual communities in a Mush/MUD/MOO environment has been kicking around for many years, and quite a bit of work has been done by a great many people. However, there is a particular on-line public access service concept which I call the Virtual City (tm) Network. As it says in the terrifying amount of paperwork required to file a trademark, "this application in no way attempts to restrict the usage of the terms 'virtual' or 'city', merely their usage in conjunction where applicable to services in this class". Or something highly similar but in stricter legalese, as per professional advice. WELL, HOW IS YOUR "VIRTUAL CITY (tm) NETWORK" DIFFERENT FROM THEIR "VIRTUAL CITY"? Obviously there is a limit to the extent to which I can comment, as both of our offerings seem to be in a pre-release state. However, a brief telephone conversation with an individual at Objective Communications indicated some important differences: 1) The Virtual City (tm) Network will be free for individuals to access; charges will only be levied on entities attempting to conduct profitable business activities. My understanding is that Objective plans to charge fees at all levels of participation in their service. 2) The Virtual City (tm) Network has been designed for multimedia and information service access from the ground up. My understanding is that Objective's service is text-only and the gentleman on the phone indicated that they had no current plans to expand it to multimedia. 3) VirtualNet incorporates both a for-profit corporation and a not-for-profit research arm. One of our primary goals for the Virtual City(tm) Network is to take the Cleveland FreeNet model into virtual space. The Virtual City (tm) Metropolitan Transit Authority, VCMTA, is being designed concurrently as an object transport model between instantiations of various Virtual City (tm) Sites. We will be offering templates for instantiations of our city model to be used by communities and organizations, with a true distributed model allowing users and information to flow freely throughout the Virtual City (tm) Network. We are attempting to build an expandable, scalable piece of Internet infrastructure that will support a rich model of growth and self-determination as well as support research on virtual communities and cyberspaces in general. Look for abstracts, research papers, RFC's and API's from us in the coming year. NO KIDDING. TELL ME MORE. One of my design goals in building the Virtual City(tm) Network is to challenge people's assumptions about "the real world" versus "the virtual world"; many if not most of people's interactions today take place in a virtual world which has been largely co-opted by the real world. Newspapers, television, and radio are all prime examples-- most of these rely on mental constructions based on primarily verbal input or on finely crafted presentations which have little to do with "reality", yet few people consider to what degree these omnipresent factors constitute much of their information flow. A wonderful example is the Android Sisters' "Money" (radioplay "Ruby", ZBS Productions). The Sisters hold up two items, described as two pieces of paper, to a "viewer" and ask for her description. Her reply, "well, one is a piece of paper, but the other is money" elicits the ruefully exasperated reply "two pieces of paper!". The well-made point is that people's cognitive mappings have become so rigidly codified that they view their world through highly constrained filters to the point of shutting out other options. In the Virtual City(tm) Network, the line between the real and the virtual has the inherent ability to be deliberately blurred. Information from "the real world" can be presented as often as possible in a matter of fact way. I hope to feature several space station designs from the cutting edge of the aerospace industry, and the reported weather in the outdoor sections of the city will come from weather data live from local feeds, updated to the San Mateo Bridge area, the putative location of the site. Our virtual coffeehouses will tie into Internet game servers of various sorts and we are investigating links to real-world coffeehouses via terminals in the field. Imagine chatting on a virtual terminal via the Internet to folks on real terminals in coffeehouses. Now who's real and who's virtual? OKAY, WHAT'S YOUR TECHNOLOGY BASE? We are currently using LambdaMOO, an object-oriented virtual environment designed at Xerox PARC. Instantiations of LambdaMOO are already being used to provide virtual spaces in which researchers, educators, and interested folks can meet and interact online, such as MIT Media Lab's "MediaMOO", "JaysHouseMOO". the original "LambdaMOO" and a growing plethora of others. Various university and individual projects are adding the capability to access certain Internet information resources such as the "archie" FTP search engine and University of Minnesota's Internet Gopher browser [JaysHouse MOO]. Xerox PARC is working on a project called "AstroVR" in which extensions to the text-based MOO software allow astrophysicists to share graphical images and data. The PARC team is also working on MBONE extensions to LambdaMOO; these extensions will allow LambdaMOO users to use the Multicast Backbone to do real-time audio and video conferencing using tools which are being developed concurrently by the greater networking community. We are working on extensions which will combine the functionality of NCSA's Mosaic information browser with the virtual environment capabilities of LambdaMOO. Mosaic is a hypertext browser through which individuals may access various Internet services such as World Wide Web, Gopher, WAIS, and archie. The World Wide Web in particular uses a format called HTML (HyperText Markup Language) to create documents which can access other documents with a single mouse click from the browser. We are adding the ability for SGML or HTML documents to be valid MOO objects; this single extension opens up a significant range of possibilities which represent needed interconnectivity between the MOO environment and the wider world of Internet information. Virtual spaces in the MOO can then lead directly to an information cache, and information browsers on the Internet can interact with MOO spaces as well. This is just the beginning. In particular, the Virtual City (tm) Network is being designed to allow encapsulation of other information formats and explicit handoff to both public and proprietary information servers. Our model is very similar to the one which NCSA developed with Mosaic. You interact with our virtual spaces using custom clients or browsers which can invoke various service handlers or interaction programs on your host machine. Just as Mosaic will bring up a GIF viewer when you reference a GIF file, the Virtual City (tm) browser could invoke Virtus Walkthrough (tm Virtus) or the BRL-CAD environment on a virtual space. You might enter a virtual space with encapsulated or referenced data available in several formats that your client or browser could handle. WHY IS THIS IMPORTANT? Ah, this is one of the really great parts-- if we can hand you off to some other viewer or program or even another server, then the Virtual City (tm) Network is truly expandable and extensible. We will be able to offer services that no one has even thought of yet as long as they run over the Internet infrastructure (ie, TCP/IP or something that can encapsulate itself in it). The Virtual City (tm) Network will grow along with virtual reality and internet information technology, since new services can be accessed in a plug-and-play fashion. What we're trying to do here is essentially spawn a meta-infrastructure context in which to tie together highly varied services. This is also where VCMTA comes in. WHAT'S VCMTA? VCMTA, the Virtual City(tm) Metropolitan Transit Authority, will be developed concurrently. This facility will provide authentication services for moving database objects between servers on different hosts, as well as implementing state-of-the-art privacy enhancements for secure communication & transactions. VCMTA will allow us to network instances of the Virtual City (tm) Template together and allow people to "move" between them in one ever-growing virtual space. We realize that there are hard problems to solve in building any sort of object transport facility; however, our philosophy is that we can't work miracles but can make something that works, is customizable and configurable, and will make most people happy. Obviously you can't "move" objects, however you can build objects which rely on a core object library, are "registered" with VCMTA, and follow certain rules as to their behavior on other servers and in other conditions. The nature of our distributed architecture already means that resources you access are not necessarily on the VC server, this is the logical next step. WELL THIS IS ALL VERY NICE, BUT I DON'T PROGRAM AT ALL SO I PROBABLY WON'T BE ABLE TO USE IT MUCH. Current implementations of MOOs and MUDS require that users be able to program at a fairly sophisticated level in order to enjoy the full power of MOO/MUD environments, especially in constructing new objects. We feel that this encourages "second-class citizen" status for those virtual citizens who cannot or will not learn to program proficiently. Accordingly, the Virtual City(tm) Network is being designed with virtual storehouses of objects which can be drawn from and user friendly front-ends with which to customize those objects to create personalized and useful virtual spaces. The full power of the MOO internal programming language will still be available to those who care to use it, but those who have neither the time nor desire to do so will be able to interact as fully as the programming hoi-polloi. As part of this effort, we are designing interactive front-ends to interface with the storehouses of objects and handle simple customization. Certain "city services" such as phones, chat lines, radios, gopher slates, etc will be available as well as common objects (and unusual ones!) from various individuals. By the way, if you register an object for public use and it passes the Virtual City (tm) Architectural Board (no Trojan horses or duds, please!), it no longer counts against your quota. Keen, eh? THIS IS STARTING TO SOUND PRETTY COOL. ARE YOU SURE IT'S FREE? There will be no charge for private individuals to access the Network and to engage in building and programming activities (up to a generous initial quota, as in most other MOOs or MUDs). Non- profit and government organizations will be allocated space at no charge in the Virtual City(tm) Marketplace, Business District, and other public areas. Cultural attractions such as art galleries, museums, and music halls are placed throughout the Virtual City(tm) Network; space in these attractions will be donated to artists and community projects to publicize their work. The several museums will feature examples of the growing number of online exhibits such as the Library of Congress' current Vatican Project. Corporations and other for-profit entities may be charged membership fees on a monthly basis, as well as rent for virtual spaces in which to transact business. Our basic paradigm is that if you're in the Virtual City (tm) Network to generate professional profitable activity then you should pay a fee to do so. Ie., the customary net.forsale or net.jobs type of stuff is just fine, whereas setting up a virtual office in which to run a real-time on-line consulting business would require paying rent. Arrangements can be made on a rental or percentage basis, or both. We are very interested in supporting subscription-based services where subscribers are allowed access to custom objects or facilities. This can be a very economical way to do rich text or multimedia electronic publishing in a small-press model, or provide specialized databases or services at a modest cost to subscribers. WHAT SORT OF FACILITIES ARE YOU PLANNING? In addition to those mentioned above, we will have all the standard amenities-- Alexandria, the Virtual Library, a business district, arcade and game areas, residential streets, a campus area where several interesting projects are being designed, transit facilities, and so on. We're choosing to leave MBONE facilities out on this pass due to bandwidth considerations; however, we plan on supporting such diverse applications and protocols as Netjam MIDI, CUSeeMe network video conferencing, various whiteboard tools, IRC with local client enhancements, connections to other MOOs/MUDS, NCSA & BRL-CAD visualization environments, group collaboration tools, interactive game servers, Internet Talk Radio, etc. We're exploring support for proprietary and vendor environments as well, such as Autodesk, Virtus, SGI, and other virtual reality software interfaces. We also have several original-design projects up our virtual sleeves such as the Virtual Coffeehouses, the Twilight Lands where storytellers roam the campfires, the UpAbove and DownBelow space and marine research station simulators, a Virtual Physics Lab, and so on. Not to mention the Virtual City (tm) Marketplace, Information Center, and On-Line Technical Support Center where you can sell your products or services with minimal overhead and rely on our expertise to deliver your information to the Internet community. WOW, I'M CONVINCED. HOW DO I LOG ON? We're terribly sorry, but you can't log in quite yet. We will be opening the database to key implementors once we finish the C modifications to the LambdaMOO server and to the LambdaCore. We had planned a general announcement in mid to late November, but circumstances required otherwise. We are taking lists of pre- registrants, though. Send email to "vcreg at virtual.net" with pertinent info: your name, your requested character name, and a short blurb which will become your initial description. Oh yes, and your Public Key. Don't have one? Tsk, tsk, they're a good thing to have in general; go out and connect to a public key server and get yourself a key-- we'll send out your initial password encrypted to you, and you can decipher it with our public key. Fun, eh? If you're a sufficiently enthusiastic cyberspace denizen to pre-reg, you probably already have a public key... We are planning a Virtual New Year's Party at the very least, even if all net services are not on-line yet. The HTML/SGML capability is really the critical factor-- we will open as soon as that is reliably running and add other services as our range of interfaces expands. Even if our (free) custom browser is not finished by then you will still be able to use standard MUD/MOO clients in conjunction with Mosaic or similar HTML browsers to enjoy the multimedia capabilities. WELL, DO YOU NEED ANY HELP? HOW DO I GET INVOLVED? I'm glad you asked that question. :-) Since a critical aspect of our project is free public access, we need volunteers! Our schedule has been accelerated fairly rapidly at this point and we could use a hand fairly soon. Send email to "vcbuild at virtual.net" with some brief notes about what you're interested in implementing and your level of familiarity with MOO coding. If you have experience with server and core-level mods, there may be funding in it as well, though we are primarily looking for volunteers at this time. ISN'T THIS GETTING PRETTY LONG FOR A "FAQ" FOR SOMETHING NEW THAT NOT MANY FOLKS OUTSIDE OF THE BAY AREA HAVE EVEN HEARD OF? Totally correct. Send questions, suggestions, pointers, flames, and so on to "vc at virtual.net". If you'd like to be on a mailing list for discussion of virtual communities, network services, and other Virtual City (tm) Network related themes, send mail to "virtual-citizens at virtual.net". There's plenty more where this came from, look for technology updates, facility updates, and GIF & Postscript (tm Adobe) maps. See you in cyberspace! Virtual City (tm) Network FAQ 1.0 copyright 1993 M. Strata Rose & VirtualNet; permission to distribute in its entirety, including this notice, freely granted. From ferguson at icm1.icp.net Fri Oct 8 20:09:30 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Fri, 8 Oct 93 20:09:30 PDT Subject: The core definitive In-Reply-To: <9310090242.AA12484@anchor.ho.att.com> Message-ID: <9310090410.AA17091@icm1.icp.net> > It's not an uncommon thing to find among people who believe in things > but don't think about the implications of implementing those beliefs, > as well as with people who are messing with really complicated technology. Bill's right as rain -- how else would you explain engineers from (normally) competitive companies coming together on this list? Of course, I work for peanuts, so who cares? ,-) I think you _should_ see the point by now... Cheers! ____________________________________________________________________________ Paul Ferguson | Sprint Managed Router Network Group | tel: 703.904.2437 Herndon, Virginia USA | e-mail: ferguson at icp.net From ferguson at icm1.icp.net Fri Oct 8 20:19:29 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Fri, 8 Oct 93 20:19:29 PDT Subject: Cypherpunk Cause In-Reply-To: <01H3VXEBY9AG9353JT@delphi.com> Message-ID: <9310090415.AA17106@icm1.icp.net> > >There is no cypherpunks cause. Neither is there a cypherpunks > >movement. Get these delusions out of your head. There is, however, > >cypherpunks software. > > > >I repeat, the cause and movement are in your own head. > > <-- > > If there is no cypherpunks cause or movement, please let me know What the hell are you talking about? >From owner-cypherpunks Fri Oct 8 23:37:20 1993 From cman at IO.COM Fri Oct 8 20:45:50 1993 From: cman at IO.COM (Douglas Barnes) Date: Fri, 8 Oct 93 20:45:50 PDT Subject: Diffie-Helman example in g++ In-Reply-To: <9310090216.AA20577@acacia.itd.uts.EDU.AU> Message-ID: <9310090340.AA16954@illuminati.IO.COM> > The only restriction placed on /a/ is that it be a primitive root of > /p/. To do this, you choose /a/ at random until you find the condition > (/a/, /p/-1) == 1 is satisfied. Since there are lots of primitive roots, > this shouldn't take long. I wonder though, are there any strengths in > choosing higher values of /a/? > > Feel free to correct me if I'm wrong, my engineering background means > my number theory isn't as strong as it could be (but I'm working on it > :-). > a is a constant, known to all (especially to both A and B). Doug -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From visgraph!forrie Fri Oct 8 20:46:04 1993 From: visgraph!forrie (Forrest Aldrich) Date: Fri, 8 Oct 93 20:46:04 PDT Subject: PHONE PRIVACY Message-ID: <199310090152.AA01311@visgraph.uucp> Through e-mail, charliemerritt at BIX.com writes: | | > A 1-900 number to ensure non-tracibility. Does anyone have this number? | | I would not trust this for hiding from law enforcement. [ ... ] I wouldn't either. Anybody with a bit of sense shouldn't trust something like that. If anything, it's likely a setup to attract certain types of callers anyways. | If not law enforcement, then who do you need this to hide from? | You can use a pay fone to fool caller-id boxes. Well, I guess | they dont hide the city. [ ... ] Well, let's not assume someone wants to hide, but what about assuring the privacy of the phone call? Afterall, this is what we use PGP for: for email privacy... though there has been speculation about just how secure this is. I correspond with people all over the world. If the government is keeping a tab on people that correspond and is watching their email, then they must know me pretty well. They can't be too concerned that I'm using PGP to correspond with someone in Moscow. It's been over a year, and noone's came knocking on my door. ;) Back to the subject: What about phone privacy? In this day and age, how can we absolutely guarantee a private phone call? Even if we are using voice-encryption tech, the call can still be traced. I think even more quickly than we are lead to believe. For example, I never bought the notion that they had to keep the call on for a certain amount of time before an actual trace could be performed. Maybe in the stone-age of Ma Bell, but not today. I suppose if one were able to use a setup like a remailer only on a phone network, whereby you got your call forwarded through different places to prevent a trace (doubt that's reasonably accomplished), it might make the trace a bit more difficult. There doesn't appear to be anything even cryptographically that we can do other than encrypting the voice and selectively using pay fones. It would be neat if there were some way to interfere with Ma Bell's computer, in a non-destructive way, to alter what information they get when we dial out. For instance, From mgream at acacia.itd.uts.edu.au Fri Oct 8 21:15:50 1993 From: mgream at acacia.itd.uts.edu.au (Matthew Gream) Date: Fri, 8 Oct 93 21:15:50 PDT Subject: Diffie-Helman example in g++ In-Reply-To: <9310090340.AA16954@illuminati.IO.COM> Message-ID: <9310090414.AA22491@acacia.itd.uts.EDU.AU> Earlier, Douglas Barnes wrote: > a is a constant, known to all (especially to both A and B). Yes, that is true, but it still must be a primitive root w.r.t p. Unfortunately I am not well versed enough to explain the mathematical reasoning behind this, but in the texts I have read, they all stated this fact. In an implementation of D-H I did for a project once, I ensured that these conditions were met. Some probablistic analysis showed that approx 37-38% of numbers < p are primitive roots (done by sampling primes and testing all n < p to see if n was primitive root), so finding a primitive root was trivial. Matthew. -- Matthew Gream, M.Gream at uts.edu.au. "... encryption is the ultimate means of Consent Technologies, 02-821-2043. protection against an Orwellian state." From mercury at well.sf.ca.us Fri Oct 8 22:25:51 1993 From: mercury at well.sf.ca.us (Michael Edward Marotta) Date: Fri, 8 Oct 93 22:25:51 PDT Subject: Future of Digital Cash Message-ID: <93Oct8.222520pdt.14270-4@well.sf.ca.us> Digital Cash: A Probable Future by Michael E. Marotta mercury at well.sf.ca.us Kinkos Copy Centers have instituted a debit-card. You put your federal reserve notes in a machine and increment the electronic card. Then you use the card in their public copiers. The card is anonymous. I have two because Kinko's doesn't warranty the cards: I don't carry more than $5 on a card. I have yet to trade the card anywhere else for goods or services. This is the sine qua non of money: money is any medium of indirect exchange. So far, you can only use the Kards to buy Kopies. Digital cash will not replace other forms. Federal Reserve paper passes on the street, perhaps, but gold and silver coins are still being made anew by the USA, PRC, other governments, and several private mints. Plastic, checks, and fiat banknotes have not removed the need for gold nd silver. If anything, government money reinforces the need for real cash: "Aurem non olet" means "Gold doesn't smell" i.e., cash leaves no traces. Digital cash could come from banks via ATMs. You increment your DigiKash card from your demand account or from FRNs in your wallet. You goto a store, pick what you want. You pass through the Exit. You wand or scan your goods. This clears their security. You insert your DigiKash card. It is debited. You package your goods (or put them in your cloth shopping bag) and you leave the store. There was a time when the Grocery Store had clerks. You gave one your shopping list or told them what you wanted and they got it for you. Then came the "supermarket." Self-serve. What a concept. This paradigm shift occured about 1945. We will see another. The retail clerk is on the way out. MacDonald's already ordered 75 robots. Debit cards remove the cost of employees. You'll use your DigiKard for fastfood. You'll use it at the gas pump. (They already take credit cards.) The assumption today is that you will use your BANK debit card for all of this. I'm not sure. I think that the first bank that offers anonymous debit cards will make a fortune. How? Well, for one thing, here in Michigan, Kinko's takes 4% off top for sales tax. Also, I'm walking around with unspent money on my card while Kinko's has my money earning a return. ATMs already cost me 75 cents per transaction. Make it an even buck and it will work for debit cards. Debit cards would be sure winners at Computer Rental stores. The MSU library has a bank of gopher terminals and Gov. Engler just separated property taxes from public education. Gophers seem like a fungible to me. The library already sells pens and copying is a cash business for them now. Public transit is another obvious choice -- the famous Orange card of Japan. Commuter trains in Chicago that toddlin' town had them in place in 1977. But debit cards don't _promise_ universality. You can't use your Kinkos Kard on the train -- yet. ------------------------------------------------------------------------------ ( ) "Money rests on the axiom that every man is the owner of his mind. O Money is made possible by the men who produce it. The words 'to + make money' hold the essence of human morality. " | Francisco d'Anconia, 1957 ------------------------------------------------------------------------------ From TSJWR at acad2.alaska.edu Fri Oct 8 22:35:51 1993 From: TSJWR at acad2.alaska.edu (John W. Redelfs) Date: Fri, 8 Oct 93 22:35:51 PDT Subject: Cypherpunks Cause Message-ID: <01H3VV9GBC788X13HP@mr.alaska.edu> You bet there is a cypherpunks cause, and if there isn't there should be. The cypherpunks cause: to promote encryption and other privacy software usage on the Internet until it is beyond the control of totalitarian governments. In other words, to protect the privacy rights of all by making privacy universal. Any questions? John W. Redelfs, tsjwr at acad1.alaska.edu From TSJWR at acad2.alaska.edu Fri Oct 8 23:25:51 1993 From: TSJWR at acad2.alaska.edu (John W. Redelfs) Date: Fri, 8 Oct 93 23:25:51 PDT Subject: Atari and VAX Message-ID: <01H3VWZ6ZIO08X1J5D@mr.alaska.edu> If I owned a PC clone or a Mac, I'd be sitting pretty. If my host machine was Unix, I'd be fine. But I'm using an Atari emulating vt100 off a VAX 6510. Is there any help for me? How can I be a cypherpunk? I want to be using PGP, but I haven't found it for either machine I'm on. Any suggestions? John W. Redelfs, tsjwr at acad1.alaska.edu From nkaplins at reed.edu Fri Oct 8 23:35:51 1993 From: nkaplins at reed.edu (nick kaplinsky) Date: Fri, 8 Oct 93 23:35:51 PDT Subject: This just in.. Message-ID: Sweet, thats rad. You know al wbalderson worked for epitope for a long time. Hey , I 'm writing this on my Toshiba 1950 from home..... pretty cool. I'll see you later N From hfinney at shell.portal.com Fri Oct 8 23:49:30 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Fri, 8 Oct 93 23:49:30 PDT Subject: Virtual City (tm) Network FAQ 1.0 (fwd) Message-ID: <9310090525.AA29378@jobe.shell.portal.com.shell.portal.com> This Virtual City project does have an interesting conceptual link to cypherpunk philosophy. Many of us have been influenced by the fiction of Vernor Vinge, particularly his "True Names". In this story we find many elements of our cypherpunks mythology introduced: digital pseudonyms, anonymous mail, untraceable identities. The heroes of the story are hackers, powerful on the net, but with their real identies unknown. Having your true name discovered was the worst disaster that could occur, as it made you vulnerable to many kinds of attacks, both from other hackers and from the government. In Vinge's story, people online interact in virtual environments. This Virtual City and the other projects like it are trying to move towards an online virtual environment similar to that described in Vinge's story (and cyberpunk fiction). It would be nice if they had crypto anonymity and digital pseudonyms built in from the beginning. Unfortunately, although they talk it up, the author of the FAQ doesn't seem to really understand PK crypto: > Send email to "vcreg at virtual.net" with pertinent > info: your name, your requested character name, and a short blurb > which will become your initial description. Oh yes, and your Public > Key. > > Don't have one? Tsk, tsk, they're a good thing to have in general; go > out and connect to a public key server and get yourself a key-- we'll > send out your initial password encrypted to you, and you can decipher > it with our public key. Fun, eh? If you're a sufficiently > enthusiastic cyberspace denizen to pre-reg, you probably already have > a public key... This is not how keys work: you don't need to connect to a public key server to get yourself a key; and if they send something encrypted "to you" then you wouldn't decipher it with their public key, but rather with your private key. Also, they should say whether they are using PGP, RIPEM, PEM, or some new system for the public keys. My guess is that they haven't gotten that far yet. Still, it might make sense for someone from this list to give them some help on the crypto aspects. This could be a safe and fun environment in which people could be introduced to crypto, and it could even expand eventually to include cryptographically protected business relationships. Tim May has suggested that strong crypto could be initially deployed as part of a game, and this could be a beginning. Hal hfinney at shell.portal.com From owen at autodesk.com Fri Oct 8 23:50:54 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Fri, 8 Oct 93 23:50:54 PDT Subject: who you callin a homo, and a few other random thoughts Message-ID: <9310090329.AA17021@lux.YP.acad> > From: hfinney at shell.portal.com (Hal Finney) > This homophonic cypher sounds interesting. If the authorities demand > your keys, you could scramble each row of the matrix (scrambling each > row separately), so that only the dummy message can be recovered. hmm.. how about rendering the document as a bitmap (or other picture format), uuencode it ( or something similar with encryption of its own ) and then interleaving the ascii dummy message with the ascii of the uuencoded picture before applying this scheme. > Real ascii messages have a character set of about 2^6, so the actual > size of the key matrix will be 2^12, and that means that each entry will > be about 12 bits. For full generality in handling binary data the > character set would be 2^8, meaning a matrix of size 2^16 entries with > each entry being 16 bits. This is a 128K byte key, which is pretty > cumbersome. Also, the cyphertext is twice as big as the plaintext, > which will stand out too. right, so some kind of squeezing it down one more time maybe ? :-) > Plus, once the authorities see your decryption algorithm it may be > pretty obvious that it was designed for this specific purpose, and > whatever pressures they applied to make you reveal the key may now > be redoubled until you reveal the "real" key. In all seriousness, we are rapidly approaching enough multimedia saturation that we will also have sound file formats, picture file formats, animation and video formats which can all be used as vehicles for homowhatever schemes. Have a text to speach application record your words into a sound file format, and apply some of your crypto wizardry to make it into weird music, use rhythym tracks mixed in as convincing cover and maybe some harmonic riffs as a red herring to keep snoops from realising that the file might not be what it seems to be. how about encoding real time video signals used in desktop vid-conferencing. and slip encoded documents into the picture as colorful border graphics. Govt snoops tend to act out their information gathering rituals like squirels that have eating disorder, they can't find enough empty holes to fill with nuts (ie: important data ) that they might need to analyse later. so instead of trying to be elegant, be pigs. Bloat your content with obfuscated bric a brac, and banal tracts on technical issues that put hard core nerds to sleep. Our net-universe has vast resources to tap for source material to be used this way. Solid Engineering technique and clever hacks applied to your method, will probably leave trails and artifacts that another crypto engineer can smell! Apply art, and be eratic in order to facilitate keeping your adversary off the track he expects to find. ----- ------ ----- In a previous incarnation, I lived in a house on the same piece of land as an individual who was suspected of engaging in illicit horticultural activities. It soon became evident that my phone was also being monitered. Silly bastards couldn't get anything straight! I actually got a call inquiring about a person with his first name and my last name. :-) and then a day or so later my phone rang and when I picked up the receiver before I said anything I heard the sounds of a dispatch center, and then a womans voice chirped. "operations- may I help you" I replied... *uh... you called me*. she hung up abruptly. It would almost be humorous if they weren't so clueless as they waste our tax dollars in their characteristicly inept fashion! anyway, I gathered that their recorders operated automaticaly, so I took up the habit of dialing into my VAX at work, and playing rogue for hours and hours. Bet somebody made overtime while they assaulted their eardrums with the modulated hiss representing my little ascii hero getting lost in the maze of twisty little passages that all look the same. > A one-time-pad has the advantage that the key is the same size as the > file, and there is no size expansion in encryption, plus it's a plausible > approach to use for high-security encryption. It will take less space > and still allows for multiple decryption. so .. the dummy file you pad with, you'd just have one? or do you mean you'd make a new one each time? it would get pretty obvious if the same file kept popping up . I guess you could claim to have obsessive compulsive disorder and that this file is your obsession? If you really want to buffalo them you would need an intelligent agent application to compose dummy text for padding that would be reasonably unique each time. I would think that if you could write such an agent it wouldn't be much more work to have it encode whole words with other whole words and apply some linguistic formula, leaving the encrypted file looking like an ordinary, and uninteresting file. It might even be fairly simple to apply a word exchange scheme similar to the classic mentalists routines before encrypting the file, thus obscuring the meaning while still allowing the gestapo to feel that you've complied satisfactorally with giving them access. I find that left brain analytical types tend to only apply left brain methodology and thinking in their designs. Throwing right brain methodology into the equation could add just enough incongruence to the process that it might serve to confuse the shit out of the cryptographer trying to make sense of it through left brain analysis. In fact it might serve to heighten the incongruence factor when the crypt-breaker is a two-left-brain type.. present company who relate to that chosen lifestyle, please take no offense BTW ! :-) So, anyway, my humble apologys to those who may think my flights of fancy are malicious fluff, or an annoyingly gross abuse of S/N here. My mind actually does work this way, I don't know what I can't do. LUX ./. owen By the way, Monday - Oct 11th is National Coming Out of the Closet Day. write an encryption scheme that encodes man pages as homo-erotic sonnets, and send the output to your congress-critter(TM), sign them with Sam Nunns name for bonus points. From bill at twwells.com Sat Oct 9 01:09:29 1993 From: bill at twwells.com (T. William Wells) Date: Sat, 9 Oct 93 01:09:29 PDT Subject: distributed autonomous networks In-Reply-To: Message-ID: I recall an SF novel that used small solar-powered planes as repeaters. Add batteries for night time, make 'em cheap enough, fly 'em high enough, give them smarts to avoid destructive weather, and keep them light enought to avoid giving airplanes indigestion should they hit, and I think you could solve a lot of problems. From mbl at ml7694a.leonard.american.edu Sat Oct 9 01:19:29 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Sat, 9 Oct 93 01:19:29 PDT Subject: Safe and fun environment? Message-ID: <9310090817.AA10656@toad.com> >Still, it might make sense for someone from this list to give them some >help on the crypto aspects. This could be a safe and fun environment >in which people could be introduced to crypto, and it could even expand Unless this list undergoes some VERY radical changes, it will never be a "safe and fun environment" to introduce new people to anything. At the moment, in order to get anything out of it, one has to devote large quantities of queue space and time to the subscription, and sift through the flames and other noise to locate the rare bit of truly valuable info. There are very few people on this list who routinely post things worth reading, and many who _never_ post things worth reading, and seem to be only around for the flame wars. And god forbid that a newcomer should ask a QUESTION! Dear lord no. That newcomer will be flamed so totally that no burn unit around will be able to save them. Most of those that are persistent or resiliant enough to survive what this list can often put people through may or may not decide to stay. I would imagine that such negative experiences would turn a lot of people off to the whole idea of crypto-privacy. If I hadn't already been committed to privacy when I joined the list, I would have immediately unsubscribed, called Fort Meade, and asked what I could do to help. The vast majority of people who post on this list and respond to other people's posts are obnoxious idiots who are willing to flame at the slightest provocation, and will do so until the person they attack backs down or simply gives up. No one on this list is entirely to blame, nor is anyone entirely blameless for this. Several of the top figures on the list (TC May and Eric Hughes to name two) have recently adopted an inappropriately elitist attitude toward the direction of the list, and the movement. No one can stop Eric from running the _list_ however he wants, but the _movement_ belongs to all of us, thank you. Even though I respect the crypto-political opinions that they express a great deal, I think that they and their supporters have taken this too far. And worse, they have not taken a firm stand against the kind of flame war that is continually erupting over individual posts on the list. For the leaders to sit back and watch this go on is simply not the appropriate way to handle things. Until we fix the serious problems in this list, it will never be an appropriate environment for newcomers to learn about crypto-privacy, just a training ground for flame-throwers. Dare I suggest (why not? I'm already burning to a crisp, how much worse could it get?) that we create a moderated newsgroup that would gateway the substantive traffic from this list into a more accessible forum (but NOT the other way around). In that manner, we could provide a place for newcomers to learn about cryptography and the movement, without forcing them to sift through mountains of flame wars. Questions could be referred to qualified personnel, instead of going to the list where they act like little flame magnets. This newsgroup would not replace the list, nor would it be more than marginally connected (because of the selected cross-postings), but it would provide the kind of environment that the list does not or cannot provide. Go ahead and dump flames in my mailbox. I've long since gotten used to it. I'm not going to back down until someone convinces me that a hospitable environment with informative traffic and a high s/n ratio is a bad idea. Or, you can save bandwidth and send the flames to /dev/null, because that's where anything that doesn't make sense will go. Rational comments are welcome, though. Oh, and for those of you that are tired of seeing me post, you can rest assured that you will never see it again. Contributing to this list has brought nothing but trouble to my life, and I have better things to do with my time than wade through piles of flamage in my personal mail box. -- Matthew B. Landry ml7694a at american.edu (Finally!) mbl at ml7694a.leonard.american.edu From tcmay Sat Oct 9 02:15:32 1993 From: tcmay (Timothy C. May) Date: Sat, 9 Oct 93 2:15:32 PDT Subject: Safe and fun environment? Message-ID: Matthew, I think you're taking the stuff here too personally. Not all the feedback to you has been negative--I recall congratulating you on a nice political piece. But you have raised issues about elitism and unwillingness to teach newcomers that others have raised. And you ought to see some of the abusive e-mail I get! Whew! Whenever I disagree with some of the paranoids and ranters, I am called a traitor, a hypocrite, a lackey of Eric Hughes, a member of the "Clique," and on and on. Let me comment on a few of your points: > a "safe and fun environment" to introduce new people to anything. At the > moment, in order to get anything out of it, one has to devote large quantities > of queue space and time to the subscription, and sift through the flames and > other noise to locate the rare bit of truly valuable info. There are very few > people on this list who routinely post things worth reading, and many who > _never_ post things worth reading, and seem to be only around for the flame > wars. I'm sorry to hear you're getting so little new stuff here. Many of us have spent many hour typing in (or scanning and OCRing, in my case) papers and articles, from Chaum's "Dining Cryptographers" paper (every bloody word of it!) to Shamir's "How to Share a Secret" to scads of shorter articles and whatnot. And the debate ranges from random number generators to Perl scripts and TCL to digital money to ECPA to .... well, to about 20 major topics, by my estimate. > And god forbid that a newcomer should ask a QUESTION! Dear lord no. > That newcomer will be flamed so totally that no burn unit around will be able > to save them. This is simply not true. I have answered--when I could--the questions of many people over the past 12 months. And I've repeatedly posted reading lists, pointers to the Glossary at the soda site, and so on. It is true that I sometimes am exasperated by people who have clearly not been reading the list who ask "Can anyone tell me about digital money?" when the topic has just been discussed! (A FAQ would be nice. I was about to agree to do it a year ago, when ...comments on status of the FAQ elided to reduce flamage and angry feelings.... Fortunately, there are many other newsgroups that beginners can read ot learn crypto....Cypherpunks was not set up to compete with sci.crypt and all the other sources. > The vast majority of people who post on this list and respond to other > people's posts are obnoxious idiots who are willing to flame at the slightest > provocation, and will do so until the person they attack backs down or simply > gives up. I think this is uncalled for. I haven't seen this kind of flaming, except in the XXXXX case, and that has its own dynamic. (And please, Matthew, try to find a post where I have flamed XXXXX in public...I don't believe you can easily find one.) > No one on this list is entirely to blame, nor is anyone entirely > blameless for this. Several of the top figures on the list (TC May and Eric > Hughes to name two) have recently adopted an inappropriately elitist attitude The mailing list cannot be run by "democratic means." Nor can "teaching assigments" be handed out. The list is like a party at someone's home. The will of the herd is not the will of the organizers. Nor is the Cypherpunks agenda all that clear. I, for example, want to see strong crypto deployed in ways very different than what others favor. Are we to take a majority vote on an agenda, a charter? It's better to just leave the agenda loose and unwritten, so as not to have to grapple with this collision of goals. We can all pretend the agenda is what we favor. > running the _list_ however he wants, but the _movement_ belongs to all of us, > thank you. Even though I respect the crypto-political opinions that they The _movement_ belongs to what gets written and what gets responded to. In other words, if you want to be listened to, you have to get people's attention by the quality of your arguments. You can't rail against "leaders" (an ironic choice of words you used) like Hal Finney or Duncan Frissell just because their posts get reaction. You can't argue that the "herd" didn't have a chance to vote. In fact, people vote with their own posts. Market democracy. > express a great deal, I think that they and their supporters have taken this > too far. And worse, they have not taken a firm stand against the kind of flame > war that is continually erupting over individual posts on the list. For the > leaders to sit back and watch this go on is simply not the appropriate way to > handle things. The "leaders"? I have commented many times on issues of rancor and flames, even recently, and for this I am accused by some of being part of "the Clique" that "runs" Cypherpunks. Nonsense. > Until we fix the serious problems in this list, it will never be an > appropriate environment for newcomers to learn about crypto-privacy, just a > training ground for flame-throwers. About 70% of the flames would subside if XXXXX would cool his jets, and stop ranting and raving. As for "training newcomers," it's not easy. Lots of books exist, and many of the really solid contributors (Barrus, Honeyman, Collins, Stewart, etc.) learned their crypto in exactly this way. Many of us wrote _very long_ articles of a tutorial nature when the list was getting started. Newcomers who are unwilling to read some of the technical books on crypto should not expect us to write customized tutorials. > mountains of flame wars. Questions could be referred to qualified personnel, > instead of going to the list where they act like little flame magnets. May I ask which "qualified personnel" you have in mind? As per the earlier comment, not many of the crypto experts I know have any interest in hand-holding, not when at least a dozen good books on crypto are readily available. > This newsgroup would not replace the list, nor would it be more than > marginally connected (because of the selected cross-postings), but it would > provide the kind of environment that the list does not or cannot provide. How is this group you propose any different from sci.crypt, talk.politics.crypto, the various *.privacy groups, the *.clipper group, or the *.security groups? Seems to me sci.crypt is exactly what you're looking for. (But don't expect hand-holding for newcomers there, either!) > Oh, and for those of you that are tired of seeing me post, you can rest > assured that you will never see it again. Contributing to this list has brought > nothing but trouble to my life, and I have better things to do with my time > than wade through piles of flamage in my personal mail box. Matthew, threatening to leave is not going to have much effect. But if you have decided to leave, good luck in all your endeavours. -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From tcmay at netcom.com Sat Oct 9 02:45:52 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 9 Oct 93 02:45:52 PDT Subject: Agenda, Goals, Flames...Comments Message-ID: <9310090945.AA03379@netcom5.netcom.com> I wrote this reply to Matthew Landry, who raised some complaints about the direction of this list, the role of the "leaders," and so on. I sent it to him personally, so as not to add to the already heavy volume of stuff on this list, especially the complaints of the last few days. I think the term "leader" is inappropriate. Several of us got the group rolling a little over a year ago, but the anarchic nature of the mailing list (source of strengths as well as weaknesses). In Matthew's post he on the one hand blasts the elitist attitude of Eric Hughes and myself while in the next paragraph blasting the lack of action taken by the "leaders" to control flames and set up systems to help newcomers. Anyway, I enjoyed a political piece Matthew wrote a couple of weeks or so ago, and I told him this. So his piece tonight (2:30 a.m) merited a response. And though some of you are no doubt sick of seeing these issues debated, I've decided to forward my letter to him to all of you, as I think some points need to be made. I've removed one or two sentences from the version I mailed to Matthew. Forwarded message: From gg at well.sf.ca.us Sat Oct 9 02:49:29 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sat, 9 Oct 93 02:49:29 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <93Oct9.024904pdt.14281-3@well.sf.ca.us> Re. wireless networks that know where you are without making that info available to anyone incl. net operators: I think I might have something for this. Ericsson wireless PBX; essentially similar to a cellular system. However, calls within the network are considered "intercom" calls and so the system's "call detail recorder" won't keep track of them. Ericsson is way hot in wireless voice and data networks; and we're their local distributor for PBX products. I haven't got prices on hand since we haven't gotten a request for something like this yet. However, if anyone's seriously interested, drop a line via email or phone me at 510-644.8085. -george gleason, gg at well.sf.ca.us From lazylion at netcom.com Sat Oct 9 08:55:56 1993 From: lazylion at netcom.com (Ben Weiss) Date: Sat, 9 Oct 93 08:55:56 PDT Subject: distributed autonomous networks Message-ID: <9310091552.AA08006@netcom.netcom.com> I've thought about this a lot. Right now, there's an international (very low speed) sort-of internet based in Amateur Packet Radio. Everyone has a 2meter FM (range 5-10 miles over flat turrain; up to 300 to a tall mountain through a repeater) handi-talky on their belts and a 1200 (a little 2400) *half duplex* modem with which they check into whatever bbs is near by and get their mail from all over the world. There are 19.2 & I think 56kpbs backbones operating over satelittes & High Frequency. It works. It's intolerably slow. It's operating legally on ham frequencies which do not (legally) allow encryption. The main reason it's so slow is that the protocal was designed by these guys in Phoenix 10 years ago to use the radios popularly off the shelf then. Now, however, there are *FULL DUPLEX* radios available cheap ($400) off the shelf that use separate bands for tx & rx to make them cheap. (Most of these are 144 MHz <-> 440 MHz, Transmit on one, receive on the other, either way) I'm working on a new protocal which instead of using the current CSMA/CD, has local repeaters serving an area which do full duplex & pass a token around. Unfortunately, I'll probably only be able to increase bandwidth enough to bring the current 4-5 users per frequency up to 15 or 20. This is still nowhere near enough to do what you want, but it does still use off-the-shelf radios & modems you can build for $20 in parts & connect to your PC or Mac (Software will also be req'd- mods to current stuff will work) My roomate, tvr at cnmat.CNMAT.Berkeley.EDU (KD6PAG), is working on custome radios that raise that 2400 bps barrier to 19.2 or 38kpbs. I think that without my full duplex protocal, he'll still have to wait around dealing with transmit-receive turnover latency, but hey- if it works, wow! Anyone else with any cool ideas? +--------------------------- Ben Weiss ------------------------------+ ! Telephone: (510) 841-5709 voice Internet: LazyLion at Netcom.com ! ! (415) 325-9600 fax Ben_D._Weiss at bmug.org ! +-------------- Packet Radio: WB5QAL at N6EEG.#NOCAL.CA.US ---------------+ From jgd at dixie.com Sat Oct 9 02:18:35 1993 From: jgd at dixie.com (John De Armond) Date: Sat, 09 Oct 93 09:18:35 GMT Subject: Pat Townson's latest escapades References: <10-06-93.311bed@telecom.chi.il.us> Message-ID: Thought you guys might be interested in seeing Pat the Moderator's latest escapades. Just when you thought he couldn't get any more sleazy. John ------------------------------------------------------------------------------- DIGITAL DETECTIVE 2241 W. Howard #208 Chicago, IL 60645 Phone: 312-465-0707 Fax: 312-743-0002 I wish to announce my recent aquisition of some databases which are primarily used by skip-tracing, investigative and government agencies to locate people, any assets they may have, and other pertinent and personal details of their lives. These databases are being made available to anyone who wishes to have access to them. The charges are simply being passed along, 'at cost' based on what I am paying. First, a description of what is available and the cost for access. Then, information on how to obtain the information you want. SOCIAL SECURITY NUMBER TRACING: =============================== You provide an SSN. I will advise you of all the names which have been used with this SSN, and the addresses which go with each. Or it can be the other way around: you supply an exact name and address (it can sometimes be a former address), and I will supply you with the SSN used by that person. Cost for each lookup, either direction is $60.00 PEOPLE FINDER: ============== You provide a name. Any name okay, but very common names will render a useless list. Middle initials and last known address is requested if possible. You'll receive a listing of every person who has that name, along with other data: New address if they moved; Telephone number provided the number is published; Residence type; Length of residence; Gender; Date of birth; Up to four other household members and their dates of birth. For additional information, People Finder also can provide a neighbor listing which includes up to ten neighbors, their addresses, phone numbers and residence types. The People Finder database has 120 million names, 80 million house- holds and 61 million telephone numbers. It can be searched by telephone number only: You provide the phone number, I will respond with the person's profile and neighbor listing. Ot it can be searched by address only, with the same results. Cost for each lookup is based on how extensive the search is. Within a single state only, $80 Checking two or three states, $95 Checking nationwide, $120 Address or phone trace, $50 (either one) Both address/phone trace $90 People Finder comes with a guarentee: if I cannot produce at least one person with the name you request plus an address for that person, then there is no charge. CONSUMER CREDIT REPORTS: ======================== Consumer Credit reports availale from one bureau, $60 Consumer Credit reports available from three bureaus, $100 I need two things: 1. The name and address of the person, plus SSN if possible. 2. A *signed* statement that your request is for bonafide, legal reasons, i.e. you are considering an extension of credit to the person, or possibly employing them, etc. I cannot proceed without this signed statement. OTHER DATABASE FEATURES: ======================== Has someone ever filed bankruptcy? The database will tell you if they have or not. Not all federal districts are yet installed but for those that are in the database, I can get you the details: Any one district $40 Checking all districts avail. $160 Commercial Credit reports available on any business in file, $95 About fourteen million businesses and corporations included. Criminal History records available at $75-100 per jurisdiction you request searched. Want to know if someone has ever been in prison? Want to know if someone has ever been sued, or been a defendant in a criminal action? I need the exact name, SSN and DOB of the person. (If needed, get the SSN and DOB by using the lookups mentioned earlier.) If you have a good idea *where* such action or incarceration may have taken place, it will greatly reduce your costs in using this database. Death Records can be provided in various formats: By SSN only - is the holder of that SSN deceased or not? $30 By name - a more detailed account of their demise $40 Drivers Records can be pulled but the exact name and DOB is essential; otherwise if you have the full driver's license number, the search can be reversed, providing a name and DOB plus address. (Then use People Finder address trace on them.) $65 Education and degree verification is possible, and frequently used to expose those people who are not what they claim to be. $35 Real Property Asset Locator database $75 I can do this, but need to know *which* areas to search. With this information, you know whether or not it is advisable to sue someone 'for everything he has got' or not. Who is the real owner of the corporation with which you are having a dispute? The name(s) and address(es) of the officers of corporations are available in many places. Sometimes you get their home address and phone number in the process. If you know what state the corporation is based in $45 If you wish to have a search of 30 states done $165 Would you like to know if soeone is getting workers comp money? If you know what state they are likely to get it from, I can verify it (only in selected areas) $63 Uniform Commercial Code filings by state $52 VIN (vehicle identification numbers) checked by state $50 ================================== Now those are the basic items available in the databases. There are other features and further, more detailed searches can be done at the rate of $100 per hour. Some caveats: You have to pay for the lookup whether or not it is successful because *I* have to pay each time I access the databases. The better the information you provide to start with, the more likely you will get positive results. The exception is 'People Finder'. If I cannot provide you with *at least one name* which matches your request or *at least one person* at the specified address or phone number, then there is no charge. 'People Finder' may or may not include unlisted/non-pub phone numbers. Don't count on it. It won't work with PO Box addresses. Regards SSN Trace, it does not work well if the person to whom the number is issued is less than 21-22 years of age. The number has to be circulating for a year or so in order for it to make its way into the database. Meaning, a person has to have credit, have entered into various agreements, etc ... and they may have done this as early as age 18, but best results are obtained on these traces if the person is at least a few years older. On the Drivers Records checks, CA only lists names without addresses and MA/GA are difficult to work with. If you want a credit bureau report on someone, I repeat: you must send a signed statement (by fax is okay) stating that you have a bonafide, legal reason for this information. Spouses are *not* legally entitled to the credit bureau file of their 'other half' without permission. ================== How to obtain the information you want: Payment can be by credit card, electronic funds transfer from your USA bank account, or check sent with your inquiry. If you pay by credit card or EFT, then transactions can be handled by phone or fax entirely. With your request, include your VISA/MC number, the name on the account, and date of expiration. Or, include the name of your bank, the exact name on the checking account, and *all* the numbers across the bottom of your check. Telephone: 312-465-0707 or Fax: 312-743-0002 Generally, your search results will be returned to you within 24-36 hours under most conditions. If you prefer to send a letter, you can include your check or relevant credit card information in the letter addressed to: Patrick Townson 2241 West Howard Street #208 Chicago, IL 60645 ------------------------------------------------------ Information should be available to everyone, not just the lawyers and bankers and government agencies. I'll provide information to anyone, at anytime from the categories above. Hope to hear from you soon with your requests. Here's to successful snooping! Get the goods on your friends and enemies alike. An imposter/fraud/con-artist on the net? Expose them in a detailed message with stuff you get from the database. Patrick Townson for DIGITAL DETECTIVE -- John De Armond, WD4OQC | For a free sample magazine, send Performance Engineering Magazine(TM) | a digest-size 52 cent SASE Marietta, Ga "Hotrods'n'computers" | (Domestic) to PO Box 669728 jgd at dixie.com "What could be better?" | Marietta, GA 30066 Email may be published at my sole discretion. From arthurc at crl.com Sat Oct 9 09:35:56 1993 From: arthurc at crl.com (Arthur Chandler) Date: Sat, 9 Oct 93 09:35:56 PDT Subject: Digital Cash In-Reply-To: <93Oct8.222520pdt.14270-4@well.sf.ca.us> Message-ID: I thought some folks here might get a kick out of this ascii note: ||====================================================================|| ||//$\\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\//$\\|| ||(100)==================| FEDERAL RESERVE NOTE |================(100)|| ||\\$// ~ '------========--------' \\$//|| ||<< / /$\ // ____ \\ \ >>|| ||>>| 12 //L\\ // ///..) \\ L38036133B 12 |<<|| ||<<| \\ // || <|| >\ || |>>|| ||>>| \$/ || $$ --/ || One Hundred |<<|| ||<<| L38036133B *\\ |\_/ //* series |>>|| ||>>| 12 *\\/___\_//* 1989 |<<|| ||<<\ Treasurer ______/Franklin\________ Secretary 12 />>|| ||//$\ ~|UNITED STATES OF AMERICA|~ /$\\|| ||(100)=================== ONE HUNDRED DOLLARS =================(100)|| ||\\$//\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\\$//|| ||====================================================================|| From pmetzger at lehman.com Sat Oct 9 09:39:28 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 9 Oct 93 09:39:28 PDT Subject: This just in.. In-Reply-To: Message-ID: <9310091637.AA08575@snark.lehman.com> nick kaplinsky says: > Sweet, thats rad. You know al wbalderson worked for epitope for a long time. > Hey , I 'm writing this on my Toshiba 1950 from home..... pretty cool. > I'll see you later > N People who want to post bizarre messages are directed to learn how the "Delete" key works. Perry From mg5n+ at andrew.cmu.edu Sat Oct 9 09:49:29 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sat, 9 Oct 93 09:49:29 PDT Subject: PHONE PRIVACY In-Reply-To: <9310082052.memo.46724@BIX.com> Message-ID: > I would not trust this for hiding from law enforcement. > You can get the 900 service's fone records with a warrant. > If not law enforcement, then who do you need this to > hide from? You can use a pay fone to fool caller-id boxes. > Well, I guess they dont hide the city. Well, if you have a pair of pay phones nearby, and the wires are concealed but accessable, you could rig it to answer calls on one line and then let the caller dial out on the other line. Only problem is that you have to use a calling card...unless you have a red box or rig a COCOT. ;) From vznquest at netcom.com Sat Oct 9 09:55:56 1993 From: vznquest at netcom.com (Alan Mason) Date: Sat, 9 Oct 93 09:55:56 PDT Subject: Safe and fun environment? In-Reply-To: <9310090817.AA10656@toad.com> Message-ID: As a newcomer here, I too detected what I saw as an elitist attitude at first. I also got 'spoken to' about low-content messages. My present feeling is that - with the exception of flames - things are going just about the way they should here. As Tim May and others have pointed out, there are Usenet groups covering cryptography, as well as an increasing amount of coverage in the popular press (for what its worth). I will go there for hard news. And there is email. My understanding of a list is that it isn't intended as a newsgroup. It is a way for people with common interests AND KNOWLEDGE to share those interests and that knowledge. An intermediate level between 1-to-1 email and a newsgroup with the qualities of each but performing a new function unique to itself. The power of the Net is that it allows the users to create tools to fit their needs, vs having to work with generic tools created by others. Please correct me if I am wrong, but it seems to me that this tool was created by the folks working on the crypto frontlines to exchange information, not as an alternative to sci.crypto, etc. Given that, the only appropriate thing for me to do as a bystander, IMHO, is to sit back and keep quiet until I have something to contribute. I don't know if this post violates that, but it seemed like something that needed to be said. ----------------------------------------------------------------------------- Alan Mason | Any time you find a simple answer to a question, vznquest at netcom.com | The odds are you asked the wrong question. ******************* | ---------------------------------------------------------------------------- From VACCINIA at UNCVX1.OIT.UNC.EDU Sat Oct 9 10:15:56 1993 From: VACCINIA at UNCVX1.OIT.UNC.EDU (VACCINIA at UNCVX1.OIT.UNC.EDU) Date: Sat, 9 Oct 93 10:15:56 PDT Subject: List Protocol Message-ID: <01H3WQR28QVQ0002W4@UNCVX1.OIT.UNC.EDU> I have been on the list for only 2 months now and I must say I enjoy the communication. Yes, there is alot of noise that comes thru the list but alot of it could be eliminated by not CC: to the list and communicating privately with those who have posted information of interest to you. I find alot of the back and forth communication annoying. Perhaps, if one notes something of interest to them from the list, they should communicate more with those who write them and evince interest in that subject and less with the list. I have found that when I see something I like on the list (it is usually a first posting) and contact that person directly they are very gracious and glad to help me out. I'm not particularly technisavvy yet, but when I have asked people directly for some pointer to information so that I can then go out and learn about it myself (rather then expecting them to educate me), they respond very positively. Also, those who do not think that there is a crypto-movement should hope that there is, otherwise they may soon find themselves outlaws of a much higher level. This is just my two cents, and sorry for the noise but I've seen a bit too much negativism posted lately to allow myself to remain silent. Scott G. Morham ! The First, Vaccinia at uncvx1.oit.unc.edu ! Second ! and Third ! Levels of ! Information Storage and Retrieval ! DNA, ! Biological Neural Nets, ! Cyberspace From swc at uc1.ucsu.edu Sat Oct 9 10:19:32 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sat, 9 Oct 93 10:19:32 PDT Subject: distributed autonomous networks Message-ID: <9310091720.AA28167@uc1.ucsu.edu> Meteor bounce is real. Ask anyone in military communications. It is not easy and it is not cheap (in present equipment volumes). The antennas tend to be bulky as well. But it is an option. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From swc at uc1.ucsu.edu Sat Oct 9 10:20:56 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sat, 9 Oct 93 10:20:56 PDT Subject: distributed autonomous networks Message-ID: <9310091723.AA28176@uc1.ucsu.edu> Don't try to forward messages to their destination. Instead, forward them to several sites distributed around the net, and folks can check their messages via the net from whatever site is closest to them. I would suggest using public keys in lieue of MAC addresses, and Shamir sharing really sensitive stuff. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From swc at uc1.ucsu.edu Sat Oct 9 10:21:22 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sat, 9 Oct 93 10:21:22 PDT Subject: distributed autonomous networks Message-ID: <9310091725.AA28179@uc1.ucsu.edu> At present, nobody knows how to RDF (radio direction find) the sources of meteor burst transmissions. But I know for a fact (from R&D proposal solicitations) that the military is trying to figure out how. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From mg5n+ at andrew.cmu.edu Sat Oct 9 10:29:32 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sat, 9 Oct 93 10:29:32 PDT Subject: Atari and VAX In-Reply-To: <01H3VWZ6ZIO08X1J5D@mr.alaska.edu> Message-ID: > Date: 08 Oct 1993 22:25:10 -0800 > From: "John W. Redelfs" > Subject: Atari and VAX > To: cypherpunks at toad.com > > If I owned a PC clone or a Mac, I'd be sitting pretty. If my host machine > was Unix, I'd be fine. But I'm using an Atari emulating vt100 off a > VAX 6510. Is there any help for me? How can I be a cypherpunk? > > I want to be using PGP, but I haven't found it for either machine I'm on. > > Any suggestions? > > John W. Redelfs, tsjwr at acad1.alaska.edu Well, you'll probably need to get the source and port it yourself, or give it to someone who can. If anyone has any suggestions or well-commented source code that could be ported easily let me know as well. I know several people using Apple II computers who would probably be interested. From frissell at panix.com Sat Oct 9 10:31:23 1993 From: frissell at panix.com (Duncan Frissell) Date: Sat, 9 Oct 93 10:31:23 PDT Subject: Who`s Most Receptive Message-ID: <199310091731.AA02951@panix.com> S >Also, I'm sending a note to Mitch. He was interviewed by NPR a few S >months ago about the National Information Infrastructure. I'll see if S >he can suggest a reporter. S >Shari I uploaded a transcript of NPR's report on the Clipper announcement to the list last April if anyone would like a copy. Dan Charles was the reporter and Whit Diffy was interviewed. It was favorable. I don't know why right wingers aren't as sympathetic to strong crypto. I used to be one and I am. Strong crypto protects us against the Trilateral Commission and the Bilderbergers. They can't put the number of the beast on us if we use it and crypto is obviously handy for financial privacy. After all would you want the dope smoking lesbian communist dominated Justice Department reading *your* mail, financial records, and medical records. Duncan Frissell "Nuke 'em 'till they glow then shoot them in the dark." --- WinQwk 2.0b#0 From swc at uc1.ucsu.edu Sat Oct 9 10:35:56 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sat, 9 Oct 93 10:35:56 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310091736.AA28215@uc1.ucsu.edu> I do not know of any way that the network can know where you are without there being a way that someone (net operators or authorities) can use that knowledge. I feel it is better to let the user go get his stuff via the net, versus have his stuff come to him. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From prz at columbine.cgd.ucar.EDU Sat Oct 9 10:59:32 1993 From: prz at columbine.cgd.ucar.EDU (Philip Zimmermann) Date: Sat, 9 Oct 93 10:59:32 PDT Subject: Zimmermann testimony to House subcommittee Message-ID: <9310091757.AA04856@columbine.cgd.ucar.EDU> Testimony of Philip Zimmermann to Subcommittee for Economic Policy, Trade, and the Environment US House of Representatives 12 Oct 1993 Mr. Chairman and members of the committee, my name is Philip Zimmermann, and I am a software engineer who specializes in cryptography and data security. I'm here to talk to you today about the need to change US export control policy for cryptographic software. I want to thank you for the opportunity to be here and commend you for your attention to this important issue. I am the author of PGP (Pretty Good Privacy), a public-key encryption software package for the protection of electronic mail. Since PGP was published domestically as freeware in June of 1991, it has spread organically all over the world and has since become the de facto worldwide standard for encryption of E-mail. The US Customs Service is investigating how PGP spread outside the US. Because I am a target of this ongoing criminal investigation, my lawyer has advised me not to answer any questions related to the investigation. I. The information age is here. Computers were developed in secret back in World War II mainly to break codes. Ordinary people did not have access to computers, because they were few in number and too expensive. Some people postulated that there would never be a need for more than half a dozen computers in the country. Governments formed their attitudes toward cryptographic technology during this period. And these attitudes persist today. Why would ordinary people need to have access to good cryptography? Another problem with cryptography in those days was that cryptographic keys had to be distributed over secure channels so that both parties could send encrypted traffic over insecure channels. Governments solved that problem by dispatching key couriers with satchels handcuffed to their wrists. Governments could afford to send guys like these to their embassies overseas. But the great masses of ordinary people would never have access to practical cryptography if keys had to be distributed this way. No matter how cheap and powerful personal computers might someday become, you just can't send the keys electronically without the risk of interception. This widened the feasibility gap between Government and personal access to cryptography. Today, we live in a new world that has had two major breakthroughs that have an impact on this state of affairs. The first is the coming of the personal computer and the information age. The second breakthrough is public-key cryptography. With the first breakthrough comes cheap ubiquitous personal computers, modems, FAX machines, the Internet, E-mail, digital cellular phones, personal digital assistants (PDAs), wireless digital networks, ISDN, cable TV, and the data superhighway. This information revolution is catalyzing the emergence of a global economy. But this renaissance in electronic digital communication brings with it a disturbing erosion of our privacy. In the past, if the Government wanted to violate the privacy of ordinary citizens, it had to expend a certain amount of effort to intercept and steam open and read paper mail, and listen to and possibly transcribe spoken telephone conversation. This is analogous to catching fish with a hook and a line, one fish at a time. Fortunately for freedom and democracy, this kind of labor-intensive monitoring is not practical on a large scale. Today, electronic mail is gradually replacing conventional paper mail, and is soon to be the norm for everyone, not the novelty is is today. Unlike paper mail, E-mail messages are just too easy to intercept and scan for interesting keywords. This can be done easily, routinely, automatically, and undetectably on a grand scale. This is analogous to driftnet fishing-- making a quantitative and qualitative Orwellian difference to the health of democracy. The second breakthrough came in the late 1970s, with the mathematics of public key cryptography. This allows people to communicate securely and conveniently with people they've never met, with no prior exchange of keys over secure channels. No more special key couriers with black bags. This, coupled with the trappings of the information age, means the great masses of people can at last use cryptography. This new technology also provides digital signatures to authenticate transactions and messages, and allows for digital money, with all the implications that has for an electronic digital economy. (See appendix) This convergence of technology-- cheap ubiquitous PCs, modems, FAX, digital phones, information superhighways, et cetera-- is all part of the information revolution. Encryption is just simple arithmetic to all this digital hardware. All these devices will be using encryption. The rest of the world uses it, and they laugh at the US because we are railing against nature, trying to stop it. Trying to stop this is like trying to legislate the tides and the weather. It's like the buggy whip manufacturers trying to stop the cars-- even with the NSA on their side, it's still impossible. The information revolution is good for democracy-- good for a free market and trade. It contributed to the fall of the Soviet empire. They couldn't stop it either. Soon, every off-the-shelf multimedia PC will become a secure voice telephone, through the use of freely available software. What does this mean for the Government's Clipper chip and key escrow systems? Like every new technology, this comes at some cost. Cars pollute the air. Cryptography can help criminals hide their activities. People in the law enforcement and intelligence communities are going to look at this only in their own terms. But even with these costs, we still can't stop this from happening in a free market global economy. Most people I talk to outside of Government feel that the net result of providing privacy will be positive. President Clinton is fond of saying that we should "make change our friend". These sweeping technological changes have big implications, but are unstoppable. Are we going to make change our friend? Or are we going to criminalize cryptography? Are we going to incarcerate our honest, well-intentioned software engineers? Law enforcement and intelligence interests in the Government have attempted many times to suppress the availability of strong domestic encryption technology. The most recent examples are Senate Bill 266 which mandated back doors in crypto systems, the FBI Digital Telephony bill, and the Clipper chip key escrow initiative. All of these have met with strong opposition from industry and civil liberties groups. It is impossible to obtain real privacy in the information age without good cryptography. The Clinton Administration has made it a major policy priority to help build the National Information Infrastructure (NII). Yet, some elements of the Government seems intent on deploying and entrenching a communications infrastructure that would deny the citizenry the ability to protect its privacy. This is unsettling because in a democracy, it is possible for bad people to occasionally get elected-- sometimes very bad people. Normally, a well-functioning democracy has ways to remove these people from power. But the wrong technology infrastructure could allow such a future government to watch every move anyone makes to oppose it. It could very well be the last government we ever elect. When making public policy decisions about new technologies for the Government, I think one should ask oneself which technologies would best strengthen the hand of a police state. Then, do not allow the Government to deploy those technologies. This is simply a matter of good civic hygiene. II. Export controls are outdated and are a threat to privacy and economic competitivness. The current export control regime makes no sense anymore, given advances in technology. There has been considerable debate about allowing the export of implementations of the full 56-bit Data Encryption Standard (DES). At a recent academic cryptography conference, Michael Wiener of Bell Northern Research in Ottawa presented a paper on how to crack the DES with a special machine. He has fully designed and tested a chip that guesses DES keys at high speed until it finds the right one. Although he has refrained from building the real chips so far, he can get these chips manufactured for $10.50 each, and can build 57000 of them into a special machine for $1 million that can try every DES key in 7 hours, averaging a solution in 3.5 hours. $1 million can be hidden in the budget of many companies. For $10 million, it takes 21 minutes to crack, and for $100 million, just two minutes. That's full 56-bit DES, cracked in just two minutes. I'm sure the NSA can do it in seconds, with their budget. This means that DES is now effectively dead for purposes of serious data security applications. If Congress acts now to enable the export of full DES products, it will be a day late and a dollar short. If a Boeing executive who carries his notebook computer to the Paris airshow wants to use PGP to send email to his home office in Seattle, are we helping American competitivness by arguing that he has even potentially committed a federal crime? Knowledge of cryptography is becoming so widespread, that export controls are no longer effective at controlling the spread of this technology. People everywhere can and do write good cryptographic software, and we import it here but cannot export it, to the detriment of our indigenous software industry. I wrote PGP from information in the open literature, putting it into a convenient package that everyone can use in a desktop or palmtop computer. Then I gave it away for free, for the good of our democracy. This could have popped up anywhere, and spread. Other people could have and would have done it. And are doing it. Again and again. All over the planet. This technology belongs to everybody. III. People want their privacy very badly. PGP has spread like a prairie fire, fanned by countless people who fervently want their privacy restored in the information age. Today, human rights organizations are using PGP to protect their people overseas. Amnesty International uses it. The human rights group in the American Association for the Advancement of Science uses it. Some Americans don't understand why I should be this concerned about the power of Government. But talking to people in Eastern Europe, you don't have to explain it to them. They already get it-- and they don't understand why we don't. I want to read you a quote from some E-mail I got last week from someone in Latvia, on the day that Boris Yeltsin was going to war with his Parliament: "Phil I wish you to know: let it never be, but if dictatorship takes over Russia your PGP is widespread from Baltic to Far East now and will help democratic people if necessary. Thanks." Appendix -- How Public-Key Cryptography Works --------------------------------------------- In conventional cryptosystems, such as the US Federal Data Encryption Standard (DES), a single key is used for both encryption and decryption. This means that a key must be initially transmitted via secure channels so that both parties have it before encrypted messages can be sent over insecure channels. This may be inconvenient. If you have a secure channel for exchanging keys, then why do you need cryptography in the first place? In public key cryptosystems, everyone has two related complementary keys, a publicly revealed key and a secret key. Each key unlocks the code that the other key makes. Knowing the public key does not help you deduce the corresponding secret key. The public key can be published and widely disseminated across a communications network. This protocol provides privacy without the need for the same kind of secure channels that a conventional cryptosystem requires. Anyone can use a recipient's public key to encrypt a message to that person, and that recipient uses her own corresponding secret key to decrypt that message. No one but the recipient can decrypt it, because no one else has access to that secret key. Not even the person who encrypted the message can decrypt it. Message authentication is also provided. The sender's own secret key can be used to encrypt a message, thereby "signing" it. This creates a digital signature of a message, which the recipient (or anyone else) can check by using the sender's public key to decrypt it. This proves that the sender was the true originator of the message, and that the message has not been subsequently altered by anyone else, because the sender alone possesses the secret key that made that signature. Forgery of a signed message is infeasible, and the sender cannot later disavow his signature. These two processes can be combined to provide both privacy and authentication by first signing a message with your own secret key, then encrypting the signed message with the recipient's public key. The recipient reverses these steps by first decrypting the message with her own secret key, then checking the enclosed signature with your public key. These steps are done automatically by the recipient's software. -- Philip Zimmermann 3021 11th Street Boulder, Colorado 80304 303 541-0140 E-mail: prz at acm.org From jamie at netcom.com Sat Oct 9 11:39:32 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Sat, 9 Oct 93 11:39:32 PDT Subject: Safe and fun environment? Message-ID: <9310091839.AA19624@netcom.netcom.com> [Cypherlings, excuse the bandwidth] Matthew, As a fresh newbie allow me to react for the record to your recent post. >a "safe and fun environment" to introduce new people to anything. I've never found a safe and fun environment anywhere, anytime if I looked closely enough to see what was going on; hence I never expect it anywhere, anytime. > And god forbid that a newcomer should ask a QUESTION! Dear lord no. >That newcomer will be flamed so totally that no burn unit around will be able >to save them. My questions have been answered graciously, thoroughly, and when I've been corrected, I should've been due to inattentive typing (e.g., author's names). > No one on this list is entirely to blame, nor is anyone entirely >blameless for this. Several of the top figures on the list (TC May and Eric >Hughes to name two) have recently adopted an inappropriately elitist attitude >toward the direction of the list, and the movement. Movement? Like in 'bowel'? I don't see the elitest approach; from my perspective it looks like people with knowledge being exasperated when others want private tutoring and don't RTFM. I'm pretty much the same way in my areas of expertise. >No one can stop Eric from >running the _list_ however he wants, but the _movement_ belongs to all of us, Let me get this straight -- you're claiming property rights to spontaneous behavior of other individuals? > Until we fix the serious problems in this list, it will never be an >appropriate environment for newcomers to learn about crypto-privacy, It's been good for me. Why do you think that might be? -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From nobody at soda.berkeley.edu Sat Oct 9 11:40:57 1993 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Sat, 9 Oct 93 11:40:57 PDT Subject: No Subject Message-ID: <9310091839.AA07718@soda.berkeley.edu> Covert Action article on Clipper/Skipjack by D. Sobel is out. I thought he was on this list? Did I miss mention of this? Looked good, but didnt have the $5.50, and they wouldnt accept my $100 DigiKash! Mr. Sobel, Can you post an electronic version of yer article please? [[Nonewsgroup, no cypherpunk cause/agenda, no leaders, no organization]] (There that didnt take up to much time now did it?) C. A. Informatik From frissell at panix.com Sat Oct 9 11:55:57 1993 From: frissell at panix.com (Duncan Frissell) Date: Sat, 9 Oct 93 11:55:57 PDT Subject: EFF GIF file recall n Message-ID: <199310091851.AA01370@panix.com> To: cypherpunks at toad.com S >Child pornography is not protected speech, and challenging S >child pornography laws is not currently on EFF's agenda Didn't the 9th Circuit Court of Appeals decide that the transport and sale provisions (unknowing posession) of the federal kiddie porn law were unconstitutional? Wouldn't a warning like yours risk converting unknowing to knowing posession. Duncan Frissell --- WinQwk 2.0b#0 From newsham at wiliki.eng.hawaii.edu Sat Oct 9 12:35:57 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Sat, 9 Oct 93 12:35:57 PDT Subject: DC-Net proposal, comments requested Message-ID: <9310091935.AA17001@toad.com> proposal: Dining Cryptographer's (DC) net built on top of TCP/IP. purpose: To explore the problems in implementing a useable DC net. description: The Net would allow connections to a PAD machine, the PAD machine would be used to establish a "connection" across the DC-Net to another PAD machine which would then allow an outgoing TCP connection. The connection through the DC-NET would be transparent and untraceable. Machines that are part of the DC-NET could talk to each other untraceably through the network. discussion: This net would allow a user to set up an 'untraceable' connection from one point on the internet to another. The NET would be made up of one or more actual DC-Nets. A DC-NET This net is broadcast in nature (data written by one machine can be seen by all other machines on the network) but with the characteristic that it is impossible to tell which machine on a particular DC-Net wrote out the data (except if all other machines are controlled by the same person?). The DC-NET itself is bit oriented. Such a DC-network would be the underlying layer for the packet network. The actual DC-Network would be made up of processes on various (or even the same, for testing purposes) machines all connected together with TCP. The Packet Net The Packet Network would be built with the DC-Net as a base. In order to send useful information across the network a single node would form data into packets. These packets would be outputted to the network a bit at a time. Since the DC-Net is bit oriented it is possible for another node to send some bits after one node has started to write out its packets. As a node writes out a packet it should listen to the network for "collisions" and if a collision is detected it would "give up" on the current transmission and wait for some time to start again. Packets from one machine to another must have some sort of addressing. The packet could be encrypted entirely in the public key of the destination if there is only a single DC net. If there are multiple DC-Nets with packet forwarding between them then there must be some sort of plaintext address information in the packets. The return address should *never* be in plaintext. Probably the data and return address of a packet would be encrypted in the public key of the destination or in a private key shared with the destination. Sessions Virtual connections can be built on top of the packet network in the same way as they are on top of other packet networks. Some protocol like TCP (or even the TCP protocol) could be used. Why should this be built on the internet? Writting and debugging a network of this sort on top of the internet should be easier than writing it and implementing it from scratch. Some people have proposed neighborhood networks that would be used to implement untraceable and unstoppable connections. This is an excellent way to develop and debug such a network. What needs to be resolved Alot! This is just something I threw together. There are alot of questions. In fact most of it is still a question. The protocol of the underlying DC-Net needs to be written. A packet layer must be written or adapted from current protocols. The issues of addressing need to be addressed. There are also sure to be alot of politically oriented questions as well. Tim N. From speth at cats.ucsc.edu Sat Oct 9 13:09:31 1993 From: speth at cats.ucsc.edu (speth at cats.ucsc.edu) Date: Sat, 9 Oct 93 13:09:31 PDT Subject: Wireless Networks info request... Message-ID: <9310092009.AA14789@am.ucsc.edu> This is beginning to stray from the realm of the cypherpunks, but the thread on wireless networks has gotten me interested, and I'd like pointers to more information. Does anyone have plans for building wireless network controllers? What commercial companies are out there besides TAL? Where is this sort of thing discussed regularly (usenet, mailing lists, etc.)? Any intel would be appreciated. ________________________________________________________________________________ james speth email for pgp compatible public-key speth at cats.ucsc.edu ________________________________________________________________________________ Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you... AT&T From jvarley at netcom.com Sat Oct 9 14:16:05 1993 From: jvarley at netcom.com (Laconic) Date: Sat, 9 Oct 93 14:16:05 PDT Subject: PGP help for dos Message-ID: <9310092116.AA16152@netcom5.netcom.com> I just got PGP 2.3a for Dos and I'm having trouble adding keys to my keyring. It seems it can only accept two keys. When I type pgp keyfile It says something like "Key found, add this key to pubring.pgp?" I hit Y, and then it tells me "No keyfile found in keyfile.$00". I've encountered this before. Last time, it was only my key in the pubring. When I went to add a second key, it wouldn't accept it. I wound up deleting my pubring, re-doing it, and then I could add a second key, but no more. -- jvarley at netcom.com | "...Soul of a woman was created below!" Tomes on IRC | -- Led Zeppelin PGP key available via finger From MJMISKI at macc.wisc.edu Sat Oct 9 14:35:58 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Sat, 9 Oct 93 14:35:58 PDT Subject: Wireless Net Message-ID: <23100916244253@vms2.macc.wisc.edu> Sorry to put this on the list but I forgot who posted the original. I believe it was Ed Carp that mentioned he had a wireless net set up between his 486 and his laptop. Could you detail this setup a bit more (hardware and code necessary). Also, is the connection (or lack thereof) encrypted end-to-end? --Matt ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From major at dcd.wa.gov.au Sat Oct 9 14:36:11 1993 From: major at dcd.wa.gov.au (major at dcd.wa.gov.au) Date: Sat, 9 Oct 93 14:36:11 PDT Subject: Atari and VAX Message-ID: <199310091958.AA04025@belfast.> "John W. Redelfs" writes: > If I owned a PC clone or a Mac, I'd be sitting pretty. If my host machine > was Unix, I'd be fine. But I'm using an Atari emulating vt100 off a > VAX 6510. Is there any help for me? How can I be a cypherpunk? > > I want to be using PGP, but I haven't found it for either machine I'm on. PGP version 2.3A contains conditionals for both Atari and VMS, The distribution includes a file vmsbuild.com which presumably does the obvious. I have no facilities to check if either of these actualy work. Major +------------------------------------------------+------------------------+ | Snail: Box T1680 GPO, Perth WA 6001, Australia | Phone: + 61 9 357-5076 | | email: major at dcd.wa.gov.au | FAX: + 61 9 370-3692 | +------------------------------------------------+------------------------+ Netware 4.0 slogan: Know no bounds; Internet slogan: Have no bounds From PSDAA%LSUVM.BITNET at RICEVM1.RICE.EDU Sat Oct 9 15:15:59 1993 From: PSDAA%LSUVM.BITNET at RICEVM1.RICE.EDU (PSDAA%LSUVM.BITNET at RICEVM1.RICE.EDU) Date: Sat, 9 Oct 93 15:15:59 PDT Subject: PGP,etc. Message-ID: <9310092213.AA19008@toad.com> I am very interested in PGP, anonymous mailers,etc. but I'm pretty new to the n et and I'm having trouble finding PGP and any other info. Please send me info. Thanks. Drew PSDAA at LSUVM.SNCC.LSU.EDU From gtoal at pizzabox.demon.co.uk Sat Oct 9 15:25:59 1993 From: gtoal at pizzabox.demon.co.uk (gtoal@gtoal.com) Date: Sat, 9 Oct 93 15:25:59 PDT Subject: POISON PILL Message-ID: <9310082121.AA03537@pizzabox.demon.co.uk> Stuart mailed this to me by accident and asked me to forward it to the list. G :From: "Stuart W. Card" :How's this as a dead man encryption protocol: :1) don't keep any sensitive stuff of your own on your own hardware, :put it on other peoples' machines (and let them put their stuff :on yours); :2) encrypt all of your stuff before transferring it to other peoples' :boxes; :3) send the keys that you used to do the encryption to other folks' :boxes as well (not the same ones on which you stored the files); :4) if you are really paranoid, Shamir share the keys; :5) don't keep any local copies of the plaintext, cyphertext or keys; :6) periodically send messages to the boxes where you have stashed :your files, saying "Everything is still cool, don't wipe my files :or my keys."; :7) if/when it hits the fan and you are pressured to reveal your stuff, :stop sending those messages -- the dead man switch goes off and your :files/keys are wiped. :There are countless variations on this theme, each offering a :different compromise between security against prying versus :overhead and the chance of unintended deletion. :------------------------------------------------------------------------ :Stuart W. Card, Consultant, Card & Associates -- Research & Development :Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 :swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From iansmith at cc.gatech.edu Sat Oct 9 16:45:59 1993 From: iansmith at cc.gatech.edu (Ian Smith) Date: Sat, 9 Oct 93 16:45:59 PDT Subject: PGP Interface Message-ID: <199310092340.AA17343@haring.cc.gatech.edu.cc.gatech.edu> As part of class project here at Ga. Tech, we are designing/implementing a new (graphical) interface for the program PGP, Pretty Good Privacy. To do this well, we need information about the potential user community of such an interface, and the pros/cons of the existing PGP interface... thus we are sending out this questions As mentioned in the survey, the data collected will be kept confidential, and we encourage the replies to this survey to be sent via anonymous remailers. ------------------------------------------------------------------------------ CS 6144 Design Project User Questionnaire The following questionnaire is for a Computer Science Class project assignment. The information that you provide will be used for designing a computer interface for an electronic mail enhancement. Data collected in this survey will be kept STRICTLY CONFIDENTIAL and will only be reported in an aggregated form. We would appreciate it if you would take a few minutes to complete it. Completed questionnaires, or any questions you may have concerning this questionnaire may be mailed to iansmith at cc.gatech.edu. Please complete it and return it as soon as possible. Thank you very much for your time and cooperation. Please mark an 'X' under the column that most closely describes your response. ------------------------------------------------------------------- GENERAL COMPUTER USAGE ------------------------------------------------------------------- 1. How often do you use: Frequently Occasionally Seldomly 3 2 1 a. a computer --- --- --- b. Electronic Mail --- --- --- 2. Do you use a computer for: Yes No a. business use? --- --- b. personal use? --- --- c. file transfer? --- --- 3. In what type of environment do you MOST OFTEN use a computer? (Please mark only ONE of the following) Use Most LAN (Local Area Network): --- WAN (Wide Area Network e.g.Internet): --- Laptop or Portable WITH a modem: --- Laptop or Portable WITHOUT a modem: --- Stand alone PC (not a laptop) WITH a modem: --- Stand alone PC (not a laptop) WITHOUT a modem: --- Other (please specify): _________________________________________ ---------------------------------------------------------------------- ELECTRONIC MAIL ---------------------------------------------------------------------- 4. Which of the following interfaces do you most often use for electronic mail (e-mail)? Use Most Text only interface: --- Graphical only interface: --- Combination (text and graphical): --- Other (please specify): ------------------------------- 5. Do you ever send e-mail messages you ONLY want the recipient(s) to read? Often Sometimes Seldomly Never 3 2 1 0 --- --- --- --- 6. Have you ever had occasion to believe a mail message you recieved was forged? Yes No --- --- 7. When sending/receiving e-mail, how much additional time would you be willing to spend to: Less than 5 to 30 30 sec. More than 5 seconds seconds to a minute a minute Digitially 'sign' your message: --- --- --- --- Authenticate the sender: --- --- --- --- Prevent eavesdropping: --- --- --- --- 8. Does the amount of time you would be willing to spend in the previous question depend on: Yes No Person the info was being sent to: --- --- Your workload at the time: --- --- Contents of the mail/msg: --- --- 9. Encryption is a common method of protecting information transmitted. The basic mechanism works as follows: The information or message (text) is encoded from its initial readable form, to an internal form by means of a 'key'. This internal text form (ciphertext), although readable, does not make any sense. To make sense of the cipher text, the receiver must decode it (with a 'key') back into its initial readable form. If the encoded information is accessed by an unauthorized person, it will be useless unless it can be decoded (i.e. a person has a 'key' for it). Yes No 9A. Are you familiar with this concept? --- --- 9B. Have you ever used encryption? --- --- 9C. Have you ever encrypted files or mail? --- --- The following questions relate to specifics about encryption use. If you answered 'NO' to ANY of the three questions above (9A, 9B, or 9C), please skip to the Background Information Section (questions 19-23). ---------------------------------------------------------------------- ENCRYPTION USERS ONLY ---------------------------------------------------------------------- 10. What encryption software have you used? PGP: --- Crypt: --- Other (please specify): ------------------------------- 11. Have you used the encryption software because Yes No You like it: --- --- It was the industry/school standard: --- --- It was the only one you had: --- --- It was used by others that you interract with: --- --- Industry/school required it be used: --- --- 12. Would you say the size of file(s) or message(s) you usually encrypt tend(s) to be: (4Kb+) (1Kb-4Kb) (100b-1Kb) (<100b) VERY large Large Medium Small --- --- --- --- 13. Have you ever spent multiple attempts trying to encrypt something? Yes No --- --- 14. What is the most common error you have encounterd trying to encrypt something? Most common error: ----------------------------------------------- 15. What is the frequency that you have made the following errors when encrypting something: Very often Sometimes Seldomly Never 3 2 1 0 Typing mistakes: --- --- --- --- Forgetting passwords: --- --- --- --- Misusing options/functions: --- --- --- --- Losing others' keys: --- --- --- --- Other (please specify): -------------------------------------- 16. Please rate the following features of encryption software in terms of the importance of the feature to you: Very Somewhat Not Very Not Important Important Important Important 3 2 1 0 Integration with other tools: --- --- --- --- Time it takes to encrypt: --- --- --- --- Time it takes to decrypt: --- --- --- --- Time it takes to digitally sign: --- --- --- --- Time it takes to authenticate: --- --- --- --- Distribution of 'Keys': --- --- --- --- Security of message contents: --- --- --- --- Other (please specify): ---------------------------------- 17. Please indicate which of the two attributes in each pair is MORE important to you: How long it takes ME vs. How long it takes the recipient --- --- Difficulty to encrypt vs. Security gained by encryption --- --- Security gained by encryption vs. Time it takes to encrypt --- --- 18. Overall, how satisfied are you with the encryption software that you use? Very Somewhat Not very Not at all Satisfied Satisfied Satisfied Satisfied 3 2 1 0 --- --- --- --- (optional comments:) ------------------------------------------------- ---------------------------------------------------------------------- BACKGROUND INFORMATION ---------------------------------------------------------------------- 19. What is your age (in years)? ------------------ 20. Are you Male? Female? --- --- 21. What is the highest level of an educational degree that you hold? HS AA BA/BS MA/MS PhD other(specify) --- --- --- --- --- ------------------- Yes No 22. Are you currently a college student? --- --- 22a. If (YES) you are a student, what is your major field of study? Major: -------------------------------------------------- 22b. If (NO) you are NOT a student, what is your occupation? Occupation: --------------------------------------------------- 23. We welcome any additional comments that you might have. Please feel free to add any comments, questions, or suggestions in the space below: ===================================================================== THANK YOU VERY MUCH FOR TAKING THE TIME TO COMPLETE THIS QUESTIONNAIRE. (Please return it to iansmith at cc.gatech.edu as soon as possible.) ====================================================================== From rarachel at ishara.poly.edu Sat Oct 9 18:10:59 1993 From: rarachel at ishara.poly.edu (A1 ray arachelian (library)) Date: Sat, 9 Oct 93 18:10:59 PDT Subject: Cypherpunk Cause In-Reply-To: <01H3VXEBY9AG9353JT@delphi.com> Message-ID: <9310092105.AA03310@ishara.poly.edu> Yes, I believe there is a cause: the freedom to use crypto tools to protect our conversations with others, be they text, voice, video, or even our conversations between our terminals/machines with other machines, and most importantly our conversations with data storage devices. Ie: an encrypted diary, database, an encrypted method of distributing licensed software (a la the Aldus On Call font CD, or whatever company it came from, etc.) The method to have this cause succede is partially to have the good folks of the land realize that "Honest folk don't have anything to hide" is in a great conflict with "Locks and gates keep people honest." If honest people don't have anything to hide or protect, they may as well open all their doors and windows, and put it "Rob me" signs on their lawns. I by all means feel that the government should be able to do its job, and especially the law enforcement branches, >WITHOUT< violating any of a person's rights by snooping through their files. Cries about child porno and other assorted crap (drug dealers included) are just the price we have to pay to have privacy. As cypherpunks (and you guys know I've not really participated in too much other than just throwing in my two cents here and there) we know that outlawing crypto won't make it vanish. Rather it will only put it in the hands of the criminals and prevent everyone else from having it. Hell I can forsee making a lot of money if crypto is illegal by simply selling copies of PGP and other packages for thousands to drug dealers. It's not exactly a too far fetched idea. The bigger issue is that the gubment flunkies are also aware of this. They're just using it as an excuse to be able to spy on the public. Hell I remember one of my professors (Computer Ethics) stating that at one point Uncle Sam appointed a brain tank to see if it were possible to spy on the private individuals at will whenever they wished. The unsurprising answer to this is that the system is already in place. Credit card info, anything passing through the post office, anything leaving your house via the garbage route, telephones, etc. can be used. Most of it is easy to get without direct spying. Any creditor will tell you "yes." So is it any surprise to possibly imagine Uncle Sam having the ability to use these readily availabe channels of information? Now I'm not saying the government is corrut. I don't need to. It has done a good job at that all by itself, and hell, it's the business of politics to have a fringe of impurity, if not a downright streak straight through its core. The most accepted form of this is "No new taxes" spewed by the very people who later raise taxes. Is it surprising to understand that one of the principal reasons that the thirteen colonies rebelled and broke off from mother England was taxes? Of course no one in his right mind would think of revolt. There's no need to. Just vote. But the trouble is once they're in office, there's nothing to make sure they make good on their promisses. It would be great to have a bi-monthly way of electing them out of office if they're not performing, or living up to their promises. Hey being stuck for even a year with a person who has claimed to do everything under the sun for you is the same as buying a sugar coated drug, only to find that it not only doesn't heal what it said it would, but causes cancer, brain damage, and other unmentioned side effects. Perhaps it is time we create something like the FDA for politicians? Label them as containing the intent to do as they say? And put some teeth into being able to sue them if they don't deliver. Perhaps even making a rule that any elected offical is bound by his word as if it were a signed contract? Gee, is there a single senator or house representative out there that would vote for such a bill? But hey, if there was, it would be easy to remove those who want abortion to be illegal, or strong crypto, etc. From cman at IO.COM Sat Oct 9 18:30:59 1993 From: cman at IO.COM (Douglas Barnes) Date: Sat, 9 Oct 93 18:30:59 PDT Subject: DC-Net proposal, comments requested In-Reply-To: <9310091935.AA17001@toad.com> Message-ID: <9310100127.AA23557@illuminati.IO.COM> > A DC-NET > This net is broadcast in nature (data written by one machine can be > seen by all other machines on the network) but with the characteristic > that it is impossible to tell which machine on a particular DC-Net > wrote out the data (except if all other machines are controlled by the > same person?). The DC-NET itself is bit oriented. Such a DC-network would Actually, a single collusion between two processes could isolate a single non-colluding process, if that process was "between" them on the graph. One of the hard problems with DC Nets is how to minimize the need for trust among the members, and how to arrange for net formation and re-formation in a way that minimizes the ability to deliberately or systematically partition all of the processes over a period of time as part of a "fishing expedition" to determine the source of some perceived-noxious output from the net. We talked about DC Nets at the Austin cypherpunks meeting, and played the "Dining Cryptographers Game" (complete with snazzy pieces provided by yours truly). It was fun, but folks were a little nonplussed about the degree of trust required among participants. > be the underlying layer for the packet network. The actual DC-Network > would be made up of processes on various (or even the same, for testing > purposes) machines all connected together with TCP. > > > The Packet Net > The Packet Network would be built with the DC-Net as a base. In order > to send useful information across the network a single node would form > data into packets. These packets would be outputted to the network a > bit at a time. Since the DC-Net is bit oriented it is possible for I've been looking at this problem as well, Tim, and it doesn't seem to me that you have to output a bit at a time. In fact, the DC net machines should probably be operating on blocks that fit nicely into single IP packets. Just consider the blocks to be the result of N coin tosses. > another node to send some bits after one node has started to write out > its packets. As a node writes out a packet it should listen to the > network for "collisions" and if a collision is detected it would > "give up" on the current transmission and wait for some time to start > again. Packets from one machine to another must have some sort of > addressing. The packet could be encrypted entirely in the public > key of the destination if there is only a single DC net. If there > are multiple DC-Nets with packet forwarding between them then there > must be some sort of plaintext address information in the packets. > The return address should *never* be in plaintext. Probably the > data and return address of a packet would be encrypted in the public > key of the destination or in a private key shared with the destination. > > Sessions > Virtual connections can be built on top of the packet network in > the same way as they are on top of other packet networks. Some protocol > like TCP (or even the TCP protocol) could be used. > > > Why should this be built on the internet? > Writting and debugging a network of this sort on top of the internet > should be easier than writing it and implementing it from scratch. Some > people have proposed neighborhood networks that would be used to > implement untraceable and unstoppable connections. This is an excellent > way to develop and debug such a network. > > What needs to be resolved > Alot! This is just something I threw together. There are alot of > questions. In fact most of it is still a question. The protocol > of the underlying DC-Net needs to be written. A packet layer must > be written or adapted from current protocols. The issues of addressing > need to be addressed. There are also sure to be alot of politically > oriented questions as well. > One head scratcher I've been considering is whether it would be better to simulate a token-passing scheme, or to have comparisons broadcast to all participants. Since in a broadcast scheme, the number of packets per round generated is n^2, it seems prima facie that token passing would be faster (it would certainly consume a much smaller % of the net's total bandwidth), but actually for reasonable n, the accumulated latencies from a few slow links could very well make the token passing slower. Also, I have thought of some ways of dealing with "slacker" processes or folks who suddenly drop out that work better with a broadcast approach, but there's probably a way to deal with them in the token-based scheme. Another issue is whether or not your processes need to elect a "lead" process to handle synchronization issues and serve as an arbiter in net formation and re-formation. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From ferguson at icm1.icp.net Sat Oct 9 19:30:59 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Sat, 9 Oct 93 19:30:59 PDT Subject: Cypherpunks Cause (tm) In-Reply-To: <01H3VV9GBC788X13HP@mr.alaska.edu> Message-ID: <9310100331.AA21287@icm1.icp.net> > > You bet there is a cypherpunks cause, and if there isn't there should be. > The cypherpunks cause: to promote encryption and other privacy software > usage on the Internet until it is beyond the control of totalitarian > governments. In other words, to protect the privacy rights of all by > making privacy universal. > > Any questions? No, but it really should have sounded more like this: Cypherpunks assume privacy is a good thing and wish there were more of it. Cypherpunks acknowledge that those who want privacy must create it for themselves and not expect governments, corporations, or other large, faceless organizations to grant them privacy out of beneficence. Cypherpunks know that people have been creating their own privacy for centuries with whispers, envelopes, closed doors, and couriers. Cypherpunks do not seek to prevent other people from speaking about their experiences or their opinions. The most important means to the defense of privacy is encryption. To encrypt is to indicate the desire for privacy. But to encrypt with weak cryptography is to indicate not too much desire for privacy. Cypherpunks hope that all people desiring privacy will learn how best to defend it. Cypherpunks are therefore devoted to cryptography. Cypherpunks wish to learn about it, to teach it, to implement it, and to make more of it. Cypherpunks know that cryptographic protocols make social structures. Cypherpunks know how to attack a system and how to defend it. Cypherpunks know just how hard it is to make good cryptosystems. Cypherpunks love to practice. They love to play with public key cryptography. They love to play with anonymous and pseudonymous mail forwarding and delivery. They love to play with DC-nets. They love to play with secure communications of all kinds. Cypherpunks write code. They know that someone has to write code to defend privacy, and since it's their privacy, they're going to write it. Cypherpunks publish their code so that their fellow cypherpunks may practice and play with it. Cypherpunks realize that security is not built in a day and are patient with incremental progress. Cypherpunks don't care if you don't like the software they write. Cypherpunks know that software can't be destroyed. Cypherpunks know that a widely dispersed system can't be shut down. Cypherpunks will make the networks safe for privacy. If the government (or any other oppressor that behaves like one) can effectively monitor communications, it can control or suppress them. And it will do so, because the natural tendency of controllers is always to seek more control. The government cannot be relied on to protect your privacy rights. Nor can anyone else --- certainly not your employer, or the corporations that want to know all about you so they can sell you things. Given half the chance, governments and corporations will always push for security standards that protect *them*, but not *you*. Computer technology can help protect you against would-be snoopers, but only if somebody is sufficiently smart and dedicated to build the tools. The Cypherpunks list exists to build and propagate privacy software. Our aim is to give you the tools to keep your private information private, and to communicate with other people and computers in ways snoopers cannot tap. _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From ld231782 at longs.lance.colostate.edu Sat Oct 9 20:25:59 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sat, 9 Oct 93 20:25:59 PDT Subject: Richard Stallman speaks at Michigan Message-ID: <9310100322.AA14929@longs.lance.colostate.edu> some cypherpunks may be interested in this ... ===cut=here=== From: "Theodore C. Belding" Subject: Richard Stallman to speak at the University of Michigan Date: Fri, 08 Oct 1993 23:55:25 +0100 Sender: streak%nv.engin.umich.edu at srvr4.engin.umich.edu [Please redistribute WIDELY, to anyone who may be interested. Thanks!] Richard Stallman will give a talk entitled "Protecting the Freedom to Write Software: The new software monopolies, and what we can do about them" on Wednesday, November 17, from 7pm to 9pm, in Auditorium 3 of the Modern Languages Building (MLB). The MLB is at the corner of E. Washington St. and Thayer St. on U of M's Central Campus in Ann Arbor. All are welcome to attend, and admission is free. Stallman is one of the founders of the League for Programming Freedom, an organization whose goal is to protect the freedom to write programs. Specifically, the League aims to abolish two recently established legal concepts which it feels restrict programmers' freedom to do their work: interface copyright and software patents. Stallman will speak about how interface copyright and software patents originated and why they hurt both computer users and programmers. In the field of software, Richard Stallman is best known for developing the popular Emacs text editor while working at the MIT Artifical Intelligence lab between 1971 and 1984. Today he is working to develop the free UNIX-compatible software system known as GNU. In 1990, Stallman received a MacArthur Foundation Fellowship; he also received the 1990 ACM Grace Hopper Award for his work on Emacs. Stallman's talk is being sponsored by the U of M and Ann Arbor chapters of the Association for Computing Machinery (ACM), the Wayne State University ACM, the Wayne State University CS Department, and the CSE Divison of the University of Michigan. The Association for Computing Machinery was formed in 1947 as the society for the computing community; its members are students and professionals interested in all aspects of computing. For more information on this or other UMACM activities, contact Ted Belding (Ted.Belding at umich.edu, streak at engin.umich.edu, or (313) 994-9573) or Sarah Granger (sgranger at engin.umich.edu or (313) 741-9318). For information about the Ann Arbor ACM, contact Susan Haynes (haynes at emunix.emich.edu or (313) 487-4446). Ted Belding, UMACM Chair From ld231782 at longs.lance.colostate.edu Sat Oct 9 20:49:34 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sat, 9 Oct 93 20:49:34 PDT Subject: Health Reform Smart Cards Message-ID: <9310100348.AA15302@longs.lance.colostate.edu> in respect to D. Frissnell - ------- Forwarded message Date: Sat, 9 Oct 1993 06:49:28 -0400 From: farber at central.cis.upenn.edu (David Farber) Subject: and you wondered what would take the place of Star Wars A review of the ****Clinton Health Care Plan To Focus On Computer Support 10/07/93 WASHINGTON, DC, U.S.A., 1993 OCT 7 (NB) "The Clinton Administration proposal would put smart cards in the hands of every US citizen and some legal aliens that would provide billing reference identification as well as carry up to about 30 pages of medical data about the individual. That change, along with a simplification of medical billing forms, would literally save billions of dollars that could be used to treat patients, and it looks as if there is growing pressure from the public to actually force the health care industry to take advantage of computer technology that has been available for at least 10 years. If health care reform really does take off, industry insiders say that computer sales, and especially integration services, will really explode, with health care taking on the same sort of high- profile, high-profit role that was, until recently, the sole purview of the military." ------- End of Forwarded Message From msattler at netcom.com Sat Oct 9 20:59:34 1993 From: msattler at netcom.com (Michael Sattler) Date: Sat, 9 Oct 93 20:59:34 PDT Subject: Cypherpunk Cause Message-ID: <9310100357.AA07056@netcom.netcom.com> At 17:05 93/10/09 -0400, A1 ray arachelian (library) wrote: >But hey, if there was, it would be easy to remove those who want abortion >to be illegal, or strong crypto, etc. Your presentation is interesting, but I believe your conclusion is based upon a majority sharing your beliefs. You are in good company. The architect of our country, Thomas Jefferson, based his plans on an informed and educated citizenry. What we have, however, is a poorly-educated, easily-swayed populace that considers TV Guide a magazine, makes Married With Children a hit, and only voted Ronald Raygun / George Bush out of office only because they saw all their jobs dissapearing (and not even then understanding it's because of unrestrained spending). ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From tcmay at netcom.com Sat Oct 9 22:40:59 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 9 Oct 93 22:40:59 PDT Subject: DC-Net proposal, comments requested In-Reply-To: <9310100127.AA23557@illuminati.IO.COM> Message-ID: <9310100540.AA03355@netcom5.netcom.com> Doug Barnes writes about Tim Newsham's work on DC-Nets: > I've been looking at this problem as well, Tim, and it doesn't seem to > me that you have to output a bit at a time. In fact, the DC net machines > should probably be operating on blocks that fit nicely into single IP > packets. Just consider the blocks to be the result of N coin tosses. Exactly. The "coin tosses" can be arranged far in advance and shared on CD-ROM (for example) or whatever's convenient. Chaum, Bos, Pfaltzman (I think...I don't have my paper handy) consider even using ciphers to generate the tosses, though then the DC-Net ceases to be information theoretically secure and is no more secure than the cipher itself. To see this in a simple way, forget about the "classical" DC-Net situation of n participants in a ring or other graph. Instead, consider only 2 participants, Alice and Bob. Alice and Bob share a sequence of random numbers, essentially a one-time pad. The sequence they share is, as an example: 1 0 1 1 0 1 1 0 0 0 1 0 1 0 ..... As a pair they can send 1s or 0s by the one of them sending the message XORing his message with the sequence and then both of them output the sequence. Let us imagine Bob wished to send the "message": 1 1 0 0 1 1 0 1 0 1 1... Alice: 1 0 1 1 0 1 1 0 0 0 1 0 1 0 ..... Bob: 1 1 0 0 1 1 0 1 0 1 1 .... (his message, before he sends it) XOR: 0 1 1 1 1 0 1 1 0 1 0..... (this is what Bob sends out) The outside world sees two different bit streams and recovers the message by XORing the streams put out by Alice and Bob: XOR: 1 1 0 0 1 1 0 1 0 1 1.... Thus, Bob's "message" has been sent out, but since the outside world does not the original one time pad Alice and Bob were using, it cannot know which of Bob or Alice was sending the pad and which was "lying," that is, XORing the message with the pad and outputting that. Of course, Alice knows it was Bob who sent the message (becuase she knows she didn't). Extending the protocol to the ring Alice-Bob-Charles in the classical DC-Net way completes the picture. But you can see how precomputed, preexchanged pads--or a very secure cipher (a good pseudorandom number generator, really)--would be used in practice to eliminate coin tosses, real or simulated. No DC-Nets would do things one bit a time, that I can see. > Also, I have thought of some ways of dealing with "slacker" processes > or folks who suddenly drop out that work better with a broadcast approach, > but there's probably a way to deal with them in the token-based scheme. "Disruption" by sending of spurious messages, to deny service by flooding the DC-net, seems to be the biggest problem, and Chaum and Bos devote most of their papers to schemes for handling this. I have some of these papers--let me know if you don' yet have them, especially the hard to find Jurgen Bos Ph.D. thesis. Great to see work on DC-Nets again! Yanek Martinson, who I've not seen on the list in many months, was working on an implementation, and at today's Cypherpunks meeting, Strick expressed interest in implementing DC-nets in his TCL-based crypto toolkit. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From szabo at netcom.com Sat Oct 9 23:20:58 1993 From: szabo at netcom.com (Nick Szabo) Date: Sat, 9 Oct 93 23:20:58 PDT Subject: PHONE PRIVACY: real-time billing with digital postage In-Reply-To: Message-ID: <9310100621.AA08523@netcom5.netcom.com> We take for granted that long distance companies must record who called whom, and when, in order to tally the bill. The 900 redialer doesn't obviate this; it simply adds an expensive level of indirection. Could not the need for such records be eliminated by real-time payment of digital postage? Debit cards for phone calls already exist along these lines, but they are restricted to public phones; I envision home use to eliminate the need for monthly bills and the accompanying recordkeeping. Scenario: long distance company receives a call from one of its customer phones. It doesn't know which phone, only that the phone's local service area provider is requesting a connection. It notes the area code/country to and from to determine the rate, and receives the proper digital postage payment from the calling phone. It notes the destination phone number only in order to pass it on and complete the circuit. The long distance provider doesn't know the caller's phone number and doesn't keep a permanent record of the other information. The incoming d-stamp serial numbers are checked to make sure they have not already been used, added to the used list, and a corresponding amount of time is added to the call. A simple LED on the customer's phone displays the duration and amount of billing as the call progresses. When the phone runs out of d-stamps it could be refreshed from magnetic strips on cards bought at the local drugstore. In addition to new-found privacy, real-time billing would be more customer-friendly, providing the real-time feedback on charges that is expected for most other transactions (eg retail purchase of a good). No more phone bill surprises! (But please, let's not replace bills with rude robot operators: "deposit fifty cents, please"). Alas, there might be regulations requiring some kind of traffic recording to be dealt with in some jurisdictions. But then again maybe not, since such recording has been taken for granted. During the Ma Bell breakup here in the U.S. there sprung up a bunch of Mom & Pop long distance companies. Some of these, providing specialized services, still exist. Assuming no deadly flaws in this real-time postage scheme, if none of the major long-distance companies are willing to implement it, a small startup might rent bulk long-distance time from the majors and concentrate on the anonymous real-time billing system. Nick Szabo szabo at netcom.com From zeek at IO.COM Sun Oct 10 00:19:37 1993 From: zeek at IO.COM (zeek) Date: Sun, 10 Oct 93 00:19:37 PDT Subject: The Bank of the Internet!? (fwd) Message-ID: <9310100715.AA27486@illuminati.IO.COM> No, I didn't read this entire message, but I thought it may be relevant... Forwarded message: *> From dummy Wed Feb 29 12:12:12 1990 *> X-EB: ------------------------------ *> Date: Fri, 8 Oct 1993 16:01:46 -0700 *> From: Arthur Chandler *> Subject: The Bank of the Internet!? *> *> Yesterday I went to hear a very interesting talk by Eric Hughes, one of *> the founding members of the Cypherpunk list/organization. Unlike most *> encryption pop journalists, who seem to limit themselves to PGP, this *> fellow brought up several boggling ideas: *> 1) "Cryptography is all economics." *> In other words, all encryption schemes come down to: how much $ am I *> willing to spend to keep you from getting into my secret info, and how *> much $ are you willing to spend to get it?" *> 2) There are two methods to keeping secrets on the NET (or IRL): trust *> some one, or trust an algorithm. And, in general, human trust is cheaper *> than technology. *> 3) The US government classifies encryption schemes as munitions, and is *> accordingly places all encryption technology under export restrictions *> controlled by the state department. *> 4) Claude Shannon's two basic principles of encryption: confusion and *> diffusion. *> *> He also mentioned something called a "blind signature" -- a special form *> of digital signature that keeps users unknown (through encryption) to both *> the bank they deposit with and sellers they transact with. I didn't *> understand this "blind digital signature" idea. Can anyone out here explain? *> *> But the real boggler is that this fellow Eric is, with the backing of *> the Electronic Frontier Foundation, going to start a Credit Union based on *> up-to-date encryption schemes and using the Internet as the monetary *> highway! It involves using something called digital money -- a system of *> encrypted data that expires over time, but that a highly flexible ability *> to purchase quantities or services. The data itself will be located *> over several nodes, so that no one site has all the info about your *> account, but that any "quorum number" of bank nodes can reconstruct the *> whole picture of your assets. Anyone trying to crack the system would *> have to crack, not just one or two nodes, but a quorum number. Such nodes *> will be distributed internationally, though favoring nations with *> encryption-favorable legislation. *> ************************************** *> I'm oversimplifying all this. But the whole notion of a Bank of the *> Internet, backed by the EFF and running encrypted international monetary *> transactions seems... well, this is Future Culture: what do you think? *> From strata at FENCHURCH.MIT.EDU Sun Oct 10 01:46:00 1993 From: strata at FENCHURCH.MIT.EDU (M. Strata Rose) Date: Sun, 10 Oct 93 01:46:00 PDT Subject: PGP misunderstanding Message-ID: Hi Hal & others, this is Strata, author of the Virtual City (tm) Network "faq" (which raises more questions than it answers, rev 1.1 will be more customarily faq-like.) Someone forwarded me your posting re the faq and I thought I would take a moment to reply. Please direct any correspondence to me directly, I am only on cypherpunks-announce and not the list itself. I had a misunderstanding about the PGP key servers, not realizing they existed to register your keys with and not to generate them. I have planned from the beginning to include serious privacy technology in the Virtual City, up to and including objects in the master database which can only be decrypted at runtime by those who have keys for them. I have been talking with Hugh Daniel about making his ideas on NYM's an integral part of the infrastructure and plan to include Digital Cash as soon as a version is ready to go. I was at today's Cypherpunks meeting to get more info on PGP and discuss details of the infrastructure with folks. I will be posting a slightly revised 1.0.1 faq which corrects some minor mistakes and also gives correct info about PGP key generation in detail. I will be writing up details of how I am thinking of implementing some of the privacy structure mentioned in the faq and above and posting it here for people to shoot at. I am very interested in doing this "right". In the last 48 hours since I posted the faq a number of messages from folks asking how they can get a public key, so I want to head them in the right direction. If I were to admit something seditious in public, which I never do, I might say that one of my many goals for the Virtual City (tm) Network was to get Joe & Jane Undergrad or Salaryperson casually using privacy tech in a matter of fact way-- they'll use it to protect their identity and privacy in the VC environment and to perform commercial transactions online. I think that people are not using the privacy tech that's out there simply because they feel they have no compelling reason to do so. If people start needing to use it to get at things they think are interesting or cool they will become familiar with the use of the tech and begin to use it casually elsewhere. That would seem to be the Right Thing. To spread usage out beyond Virtual City (tm) Network, I've also been thinking that later on when the service is established I should start an encrypted "vcn" news hierarchy. This will get randoms using PGP to read the news feed. I'm not familiar enough with the most recent news control mechanisms to feel certain that I can somehow "bounce" cleartext posts to these groups, I might have to make it unidirectional and gatewayed solely through a hacked mail filter that requires encrypted text. My worry is that sites that do satellite feeds might balk at carrying it, thinking it might violate some FCC regs about non-cleartext data over public airwaves. They might be right, I need to learn more about possible legal ramifications before doing that. Cheerfully educable, _Strata PS- I will support folks choosing their own encryption on data envelopes, but after seeing Arthur's presentation today I think I'd better make it abundantly clear that we can in no way be held liable if they insist on DES M. Strata Rose Unix & Network Consultant, SysAdmin & Internet Information Virtual City (TM) Network strata at virtual.net | strata at hybrid.com | strata at fenchurch.mit.edu From gg at well.sf.ca.us Sun Oct 10 01:49:36 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Sun, 10 Oct 93 01:49:36 PDT Subject: PHONE PRIVACY Message-ID: <93Oct10.014758pdt.14325-4@well.sf.ca.us> Re. wiring two payphone lines together: uh, NO. From a practical standpoint, it will probably drop trouble cards at the CO. From a legal standpoint, it's theft of service, and especially with red boxes etc.; again, a dumb place to make your stand in court. Again, I want to suggest that the best thing to do is get a group of folks together to establish a PBX which can be used as a concentrator/diverter. -gg From hughes at ah.com Sun Oct 10 07:56:04 1993 From: hughes at ah.com (Eric Hughes) Date: Sun, 10 Oct 93 07:56:04 PDT Subject: DC-Net proposal, comments requested In-Reply-To: <9310100540.AA03355@netcom5.netcom.com> Message-ID: <9310101455.AA08173@ah.com> >Doug Barnes writes about Tim Newsham's work on DC-Nets: >> I've been looking at this problem as well, Tim, and it doesn't seem to >> me that you have to output a bit at a time. Indeed, the DC-net protocol operates in any abelian (commutative) group, such as, say, integers mod 2^56 (the size of a ping packet body). The modulus need not be a power of two, but there's little advantage if it's not. The vectors in a linear code might also be appropriate for certain side effects. >[... some people] consider even using >ciphers to generate the tosses, though then the DC-Net ceases to be >information theoretically secure and is no more secure than the cipher >itself. In practice, this is a small problem. Since many of the messages that a deployed DC-net sends out will be text encrypted for some particular destination, one needs no greater computational security than that of the cipher used to encode the message. There are several random number generators provably as secure as the hard number-theoretic problems used for public key cryptography. The problems include quadratic residuosity, factoring, and discrete log. Eric From swc at uc1.ucsu.edu Sun Oct 10 08:19:42 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sun, 10 Oct 93 08:19:42 PDT Subject: PHONE PRIVACY: real-time billing with digital postage Message-ID: <9310101522.AA02031@uc1.ucsu.edu> I am presently looking into leasing fiber plant to set up a secure net with some of the attributes Nick Szabo mentions. Without enhancements to his scheme, however, I do not see how my cuso tomers can be sure that I am not recording traffic routine g, even if I claim that I am not. Furthermore, what is to prevent third parties from taping my      ping my trunks and decoding the signalling which is used to direct the route switching? ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From hughes at ah.com Sun Oct 10 08:21:05 1993 From: hughes at ah.com (Eric Hughes) Date: Sun, 10 Oct 93 08:21:05 PDT Subject: The Bank of the Internet!? (fwd) In-Reply-To: <9310100715.AA27486@illuminati.IO.COM> Message-ID: <9310101517.AA08200@ah.com> Zeek forwarded a message written by Arthur Chandler which appears to have appeared on Future Culture. This reply is going both to the cypherpunks list (worldwide) and also to the austin-cypherpunks list (a locality); some comments may be obvious for one group or the other. There are several small factual details incorrect in this post, most of which I will not try to correct. As he said, "I'm oversimplifying all this." One in particular, though, should be. The EFF is not "backing" a credit union, at least not the national organization. Members of EFF-Austin, a local chapter of the EFF, (well, the only local chapter, but that's another story) are looking to form their own credit union. Their efforts will provide a model for other such efforts. True, it will use the "internet as the monetary highway" (a phrase I delight in), but at least at the outset will neither issue digital money nor deploy internationally distributed secret sharing. I did talk about both of these, but not as specifically regards any particular financial project. Eric From hughes at ah.com Sun Oct 10 09:06:05 1993 From: hughes at ah.com (Eric Hughes) Date: Sun, 10 Oct 93 09:06:05 PDT Subject: Virtual City (tm) Network FAQ 1.0 (fwd) In-Reply-To: <9310090525.AA29378@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310101606.AA08264@ah.com> On money in Virtual City: First, a note of history. Strata and I have been talking about money in MUD-type environments (virtual, social, text-based). These discussions are reflected in her document. I had decided after much thought that the MUD type of environment would be a good place to prototype electronic money. I asked Strata about technical details, since I knew that she was setting one up; discussions ensued. A comment from Joichi Ito, a self-professed MUD enthusiast, which he made to me at CFP-93 in March, started this train of thought: "I would pay real money for MUD money." He spends enough time on MUD's that his personal life would be improved by spending cash dollars in exchange for increased ability on the MUD. One of the big problems in creating electronic money is that there must be something to spend it on, that is, some notion of actual value upon which to base the derived value of the electronic money. MUD's seem to have that property. I don't know exactly whence that value arises, but certainly it does factually exist. This question, the origin of value in MUD's, will develop a life of its own, no doubt, as various explanations arise, but this question is not central to any monetary system. What is needed is only that such value exists. Let us stipulate this for the purposes of discussion. Once there is value, an economy develops when there is a means of exchange for such value, typically coins. So the MUD needs a notion of exchange and a notion of representation of value. For exchange, I've designed a conceptual MUD object which is a simultaneous transacter. You put your stuff on the tray in front of you, likewise does your trading partner. After you both press the big red buttons in front of you, the contents of the two trays are magically interchanged. (Magically, of course, since this is a MUD.) Recall the big rotating lucite contraptions that post offices are using. In the MOO (MUD, Object Oriented), one can subclass this transacter and attach robot servers to the other side of the glass, creating vending machines. One particular vending machine could take the coin of the realm and exchange it for a bank note of the same amount. The bank note, digitally signed by the MUD bank, is an informational object. Because it is information and not a MUD object, the note can be freely transmitted _outside of the MUD_. Once you have the existence of such notes, one can set up inter-MUD currency exchanges, test the theory of free banking, and the like. Eric From pmetzger at lehman.com Sun Oct 10 09:11:20 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 10 Oct 93 09:11:20 PDT Subject: Cypherpunk Cause In-Reply-To: <9310100357.AA07056@netcom.netcom.com> Message-ID: <9310101611.AA11630@snark.lehman.com> Michael Sattler says: > With Children a hit, and only voted Ronald Raygun / George Bush out of > office only because they saw all their jobs dissapearing (and not even then > understanding it's because of unrestrained spending). If you want to spew nonsense, please do so on one of the politics newsgroups. This is for cryptography discussion. Perry Who suspects that not one in five of the so-called "intellectuals" in this country (who are all contemptuous of their own culture) even knows what the cause of inflation is, and that not one in twenty understands why increasing tax rates can lower tax revenues. From hughes at ah.com Sun Oct 10 09:29:42 1993 From: hughes at ah.com (Eric Hughes) Date: Sun, 10 Oct 93 09:29:42 PDT Subject: Diffie-Helman example in g++ In-Reply-To: <9310090216.AA20577@acacia.itd.uts.EDU.AU> Message-ID: <9310101629.AA08295@ah.com> >Earlier, Douglas Barnes wrote: >> // Demo of mathematics for Diffie-Hellman type key exchange >[..] >> // Does anyone have a clue what good values of 'a' are in this >> // algorithm? >> >> a = 127; Notation: here 'a' is the base of the D-H exponentials. >Feel free to correct me if I'm wrong, [...] Certainly. ;-) >The only restriction placed on /a/ is that it be a primitive root of >/p/. D-H works, i.e. a key is agreed upon, even if 'a' is not a primitive root mod p, but the security may be adversely affected if it is not. If 'a' is not a primitive root, then size of the search space which the exponentials may take will be less than maximal. In fact, the order of the element 'a' gives the number of such possibilities. (The order is the smallest power of an element that is equal to the identity.) >To do this, you choose /a/ at random until you find the condition >(/a/, /p/-1) == 1 is satisfied. Nope. Being relatively prime to p-1 is not even involved. Here is the actual condition for primitivity: For every prime q which divides p-1, a^((p-1)/q) != 1 (mod p) By Fermat's Little Theorem, x^(p-1) == 1 (mod p), for all 'x'. Now 'a' is primitive if p-1 is the smallest such number. Since the order of an element much divide the order of the group, if no divisor d of p-1 is such that x^d == 1 (mod p), then p-1 must be the smallest. Burt Kaliski, of RSA Labs, told be he picked a D-H modulus p such that p = 2q+1, where both p and q are prime. It took a long time to find such a pair. The advantage is that almost half the elements of such a field are primitive roots. Eric From huntting at glarp.com Sun Oct 10 09:49:42 1993 From: huntting at glarp.com (Brad Huntting) Date: Sun, 10 Oct 93 09:49:42 PDT Subject: PHONE PRIVACY: real-time billing with digital postage In-Reply-To: <9310100621.AA08523@netcom5.netcom.com> Message-ID: <199310101648.AA17331@misc.glarp.com> > We take for granted that long distance companies must record who > called whom, and when, in order to tally the bill. The 900 redialer > doesn't obviate this; it simply adds an expensive level of > indirection. Could not the need for such records be eliminated by > real-time payment of digital postage? Better yet, use an Internet based phone system. The phone companies draconian policies of billing for distance, time, and social standing are antiquated With the Internets method of billing for maximum usable bandwidth or connect time, it costs the same to send e-mail to another continent or just accross town costs the same. Distance based billing isolates people by preventing them from communicating with anyone but their neighbors. Internet style billing serves to create a sense of global unity limited more by language and access to technologie instead of geographical or political boundaries. A side effect of simplified billing and connectionless systems is that no records are kept of who contacted whom. In fact, it would be difficult even to make such records w/o having a specific target. brad From MJMISKI at macc.wisc.edu Sun Oct 10 10:26:05 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Sun, 10 Oct 93 10:26:05 PDT Subject: PHON PRIVACY Message-ID: <23101012250005@vms2.macc.wisc.edu> Our favorite Corporate entity, McDonald's, actually attempted a play on Mr. Szabo's idea. Here in Wisconsin, a while back, they distributed 3 minutedsErase they distributed 3 minutedsErase Erase Erase Select Mail Erase Erase Erase Extract/Mail Extract/Mail Help Erase ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From MJMISKI at macc.wisc.edu Sun Oct 10 10:29:43 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Sun, 10 Oct 93 10:29:43 PDT Subject: oops Message-ID: <23101012270256@vms2.macc.wisc.edu> Anyways. As i was saying.... McDonalds distributed 3 minute long distance cards that came with your favorite value meal. Completely anonymous when used from a payphone, and the same service as regular LD. --Matt ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From mg5n+ at andrew.cmu.edu Sun Oct 10 11:39:46 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sun, 10 Oct 93 11:39:46 PDT Subject: PHONE PRIVACY: real-time billing with digital postage In-Reply-To: <9310100621.AA08523@netcom5.netcom.com> Message-ID: Nick Szabo writes: > Scenario: long distance company receives a call from one of its > customer phones. It doesn't know which phone, only that the > phone's local service area provider is requesting a connection. It > notes the area code/country to and from to determine the rate, and > receives the proper digital postage payment from the calling phone. > It notes the destination phone number only in order to pass it on and > complete the circuit. The long distance provider doesn't know > the caller's phone number and doesn't keep a permanent record of the > other information. It's been tried before. That's how calling cards worked in the mid 1980's. The long distance company had no idea where the call was coming from when it went into their credit card port. It didn't take the hackers long to figure out how to exploit the anonimnity of that system! Now all credit card calls are automatically traced. I like the billing indicator on a LED on the phone tho... It would be easy to implement too. Right after the call was dialed, the phone company could send a short tone to indicate the cost per minute, which would be interpreted by a microchip in the display. When the receiving party answered, a second connect tone (or even a click by change in voltage) could signal the indicator to start counting time... The call would still be billed at the end of the month, but at least you could see what your phone bill would be before you got it. From mg5n+ at andrew.cmu.edu Sun Oct 10 11:46:05 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sun, 10 Oct 93 11:46:05 PDT Subject: PHONE PRIVACY In-Reply-To: <93Oct10.014758pdt.14325-4@well.sf.ca.us> Message-ID: > Re. wiring two payphone lines together: uh, NO. From a practical > standpoint, it will probably drop trouble cards at the CO. From a > legal standpoint, it's theft of service, and especially with red boxes etc.; > again, a dumb place to make your stand in court. Well, the suggestion wasn't meant to be taken all too seriously; note the smiley face. :) (Altho I wouldn't be too surprised if someone has actually tried it - you never know...) From arthurc at crl.com Sun Oct 10 11:56:04 1993 From: arthurc at crl.com (Arthur Chandler) Date: Sun, 10 Oct 93 11:56:04 PDT Subject: The Bank of the Internet!? (fwd) In-Reply-To: <9310101517.AA08200@ah.com> Message-ID: It's quite a jolt, to see one's post on one list (FutureCulture) pop up on another list (Cypherpunks). Well, it pays to stay networked. :<) I understand -- and believe I stated in the post -- that all these efforts seem to be in the future conditional tense (or is it future optimistic tense?). But I'll repeat what I mentioned to Eric at the meeting: It jarred me to see someone so blithely planning to enter into the world of international finance from an essentially "outsider" frame of reference. As impressed as I was by the range and depth of Eric's understanding of the technical aspects of encryption, I have the feeling that setting up such a revolutionary scheme -- which would threaten both traditional banking enterprises and the governments that monitor and tax them -- is bound to encounter opposition much more massive and sophisticated than he indicated. To be fair, he could only talk about the high points of his plans in the context of the afternoon talk. But I kept having flashbacks to the1960s and 70s, when counterculture groups laid intricate plans to overwhelm or endrun "the system." Put bluntly, any plans to enter international finance without a substantial component aimed at lining up political and traditional financial clout seems to me to be doomed to the dustbin of visionary schemes. After the smoke clears, we are far more likely to see Chase Manhattan with a platoon of hired cryptologists than EFF or Cypherpunks wheeling and dealing on a global scale. That's my &v$>{/! worth. <--- Encrypted digital $.02 From 72114.1712 at CompuServe.COM Sun Oct 10 12:11:04 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sun, 10 Oct 93 12:11:04 PDT Subject: PHONE PRIVACY Message-ID: <931010190721_72114.1712_FHF49-3@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Ron McCoy asked about the 1-900 number I posted some time ago. The number is 1-900-STOPPER. Though I originally mentioned STOPPER, I would recommend that the better solution is to use a pre-paid calling card. Several companies offer them, including AT&T (buy them at AT&T Phone Stores) and Western Union (buy them at authorized Western Union agents). They both charge you about sixty cents per minute for US domestic calls (more for overseas). They come in various denominations ($5, $10, $20, etc.) To use them, you dial a special 800 number. When you get a beep, you dial in the card's unique serial number. When you get a second dial tone, you dial the area code and phone number you wish to call. Depending upon the card you have, there will be some method for determining how much time/money you have left after each call. Since I have not yet found out whether or not the issuers retain *your* phone number (captured by ANI), or for how long, it would be prudent to use the cards at payphones for any highly sensitive communications. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cman at IO.COM Sun Oct 10 14:19:47 1993 From: cman at IO.COM (Douglas Barnes) Date: Sun, 10 Oct 93 14:19:47 PDT Subject: The Bank of the Internet!? (fwd) In-Reply-To: Message-ID: <9310102114.AA02874@illuminati.IO.COM> Arthur Chandler writes: > Put bluntly, any plans to enter international finance without a > substantial component aimed at lining up political and traditional > financial clout seems to me to be doomed to the dustbin of visionary > schemes. After the smoke clears, we are far more likely to see Chase > Manhattan with a platoon of hired cryptologists than EFF or Cypherpunks > wheeling and dealing on a global scale. > I think that somehow you have acquired a rather distorted impression of what is actually being proposed, at least here in Austin. Also, I think you are rather underestimating the knowledge and experience of the participants. When Eric came out here to be a guest speaker at our EFF-Austin crypto conference, we had been corresponding since last spring on the topic of establishing a fully digital Credit Union. I had planned to spend the summer working on it, but I got roped into creating Illuminati Online. Although things had been on the back burner, I had continued to do legal and regulatory research, make contacts, visit Credit Unions and talk to their staff, etc. Credit Unions have an interesting history and philosophy that places them somewhere between an "outsider" movement and an "insider" movement. They are legal (obviously), but can be started by any reasonably large group or combination of groups of like-minded individuals in a geographical area. They are non-profit, member-controlled financial institutions that nowadays are permitted to offer the same range of banking services as a "bank." Many successful ones started from extremely modest beginnings. I get the feeling you think that we are going into this blindly or naively. In the process of researching this project, I have consumed over forty hours of pro-bono legal time from a local lawyer, and have spent about as long reading the relevant laws and regulations myself. I know that Eric has certainly done even more legal research in this area than I have. Eric's crypto research at the moment is heavily focused towards financial transactions; I worked in banking MIS for three years. I have an offer from the CFO of the largest CU in Austin to act as an advisor. At the moment we are beginning the process of surveying members of local groups and employers in the high tech field to see if they are interested in being part of the field of membership of a fully digital Credit Union. We had our first Austin cypherpunks meeting yestereday, and it's clear that they will be the core of the new CU. I don't deny that the venture faces serious obstacles (writing software, putting together a field of membership, starting operations, etc.) Certainly it could fail, and end up on the "dustbin." I think that compared to many of the schemes that have been proposed on this list it is a good middle-ground approach. If other, similar Credit Unions are established, it would be the beginning of a national network that could pool resources for the purpose of creating or embellishing software and purchasing third-party services. This proposal is not about "wheeling and dealing", but rather about providing high-quality, secure banking services to average people, delivered by a democratic, member-centered institution. This may sound like some fantasy out of the 60's, but it's actually a extension of a fantasy out of the 19th century that has taken root all over the world. Also, I would like to emphasize, while these institutions are dedicated to the establishing of new or modified digital transactions, they are not intended, in any way, to break the law, avoid taxes, or push what I can't help but think of as the "Tim May .sig agenda" outside the bounds of the law. Many of us believe in aspects of that agenda, but this is an approach to push the envelope from the legal side. Doug -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From MIKEINGLE at delphi.com Sun Oct 10 15:21:07 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sun, 10 Oct 93 15:21:07 PDT Subject: Bank of the Internet Message-ID: <01H3YGMZ9AP48WXW7P@delphi.com> "arthurc at crl.com" "Arthur Chandler" wrote: > It jarred me to see someone so blithely planning to enter into the world >of international finance from an essentially "outsider" frame of >reference. As impressed as I was by the range and depth of Eric's >understanding of the technical aspects of encryption, I have the feeling >that setting up such a revolutionary scheme -- which would threaten both >traditional banking enterprises and the governments that monitor and tax >them -- is bound to encounter opposition much more massive and >sophisticated than he indicated. > To be fair, he could only talk about the high points of his plans in >the context of the afternoon talk. But I kept having flashbacks to the1960s >and 70s, when counterculture groups laid intricate plans to overwhelm or >endrun "the system." > Put bluntly, any plans to enter international finance without a >substantial component aimed at lining up political and traditional >financial clout seems to me to be doomed to the dustbin of visionary >schemes. After the smoke clears, we are far more likely to see Chase >Manhattan with a platoon of hired cryptologists than EFF or Cypherpunks >wheeling and dealing on a global scale. The reason such "counterculture" plans didn't work is because they are hard to do. They are a pain. People may talk about them, but they aren't that anxious to actually "live underground." They are also hard to coordinate. It is easier to just get a job and live a normal life. Even with PGP, more people talk about it than use it on a regular basis. I've even been flamed for sending people PGP messages, even when those people promote their PGP keys in their .sigs! All we have to do is make it technically easy. We are tool makers. Make the tools and it will happen. As for opposition from governments and the banking establishment, governments are right now being held hostage by capital. If they don't do what capital wants, capital gets up and leaves. East Germany used the Berlin Wall to contain its capital. When the wall came down, the capital left. The forces against us may seem overwhelming, but we have one huge advantage. They are limited to a specific region, or at least to one country. International collaboration is difficult and slow for those who enforce the status quo. Data crosses borders with impunity, and short of cutting all the wires and turning a country into Albania, there isn't much the governments can do about it. --- MikeIngle at delphi.com From mdiehl at triton.unm.edu Sun Oct 10 16:21:39 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sun, 10 Oct 93 16:21:39 PDT Subject: Was: POISON PILL In-Reply-To: <9310082121.AA03537@pizzabox.demon.co.uk> Message-ID: <9310102321.AA14258@triton.unm.edu> According to gtoal at gtoal.com: > > :1) don't keep any sensitive stuff of your own on your own hardware, > :put it on other peoples' machines (and let them put their stuff > :on yours); > :2) encrypt all of your stuff before transferring it to other peoples' > :boxes; > :3) send the keys that you used to do the encryption to other folks' > :boxes as well (not the same ones on which you stored the files); Good stuff. > :4) if you are really paranoid, Shamir share the keys; Please explain this to me. What is "Shamir?" > :5) don't keep any local copies of the plaintext, cyphertext or keys; > :6) periodically send messages to the boxes where you have stashed > :your files, saying "Everything is still cool, don't wipe my files > :or my keys."; > > :7) if/when it hits the fan and you are pressured to reveal your stuff, > :stop sending those messages -- the dead man switch goes off and your > :files/keys are wiped. Or how about if the "cool" messages stop comming in, you are to send the files to someone else. This way, if you "can't" send the "OK" message for some reason, the "right" people will get the data anyway. Is there any interest in setting this kind of think up. I'm currently "holding onto" some data for a friend, and could probably manage a few Megs more if someone has the need. In an ideal world, this would be done on an anonymous, distributed basis. Any comments? J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. PGP Key = 7C06F1 = A6 27 E1 1D 5F B2 F2 F1 12 E7 53 2D 85 A2 10 5D From smb at research.att.com Sun Oct 10 17:26:08 1993 From: smb at research.att.com (smb at research.att.com) Date: Sun, 10 Oct 93 17:26:08 PDT Subject: Was: POISON PILL Message-ID: <9310110021.AA04637@toad.com> According to gtoal at gtoal.com: > :4) if you are really paranoid, Shamir share the keys; Please explain this to me. What is "Shamir?" The reference is to the following paper: @article{sharesecret, author = {Adi Shamir}, journal = {Communications of the ACM}, number = {11}, pages = {612--613}, title = {How to Share a Secret}, volume = {22}, year = {1979} } More generally, see the article on shared control systems: @incollection{Simmons92, author = {Gustavus J. Simmons}, title = {An Introduction to Shared Secret and/or Shared Control Schemes and Their Application}, booktitle = {Contemporary Cryptology: The Science of Information Integr ity}, year = 1992, pages = {441--497}, editor = {Gustavus J. Simmons}, publisher = {{IEEE} Press} } I'm especially fond of this article: @article{sealing, author = {David K. Gifford}, journal = {Communications of the ACM}, number = {4}, pages = {274--286}, title = {Cryptographic Sealing for Information Secrecy and Authentication}, volume = {25}, year = {1982} } since it shows how to implement a variety of access mechanisms, including key-AND, key-OR, m-of-n, etc. > :6) periodically send messages to the boxes where you have stashed > :your files, saying "Everything is still cool, don't wipe my files > :or my keys."; Folks who contemplate such schemes should investigate the false alarm rate. Most automated systems experience a much higher rate of false triggers than true. Of course, as described here, you'd only get one, since your data would be gone after that... From arthurc at crl.com Sun Oct 10 18:09:47 1993 From: arthurc at crl.com (Arthur Chandler) Date: Sun, 10 Oct 93 18:09:47 PDT Subject: Virtual City (tm) and Virtual Capitalism In-Reply-To: <9310101606.AA08264@ah.com> Message-ID: I'm still not clear as to exactly what MUD money would purchase. In a MOO, such as MediaMOO or BayMOO, I can't conceive of what anyone could "buy" with virtual money. The one real item of scarcity in a MOO -- from the player's standpoint -- is quota. You are normally assigned a specific number of objects or features that you can own -- say, 20 -- and once you use that number up, you have to prove to the wizards that you really do need an increase in your quota, and that you haven't just gobbled up disk space with superfluous rooms or little-used objects. Any system of monetary exchange that would involve manipulating quotas, or translating them into a kind of tradeable commodity would, I think, be vigorously resisted by most MOO wizards. "I'll help you code that virtual Harley if you'll pay me two quota" would be antithetical to the whole spirit of cooperation I've seen in most (though not all) MOOs. In addition, it would be an ironic commentary on the old cyberpunk "Information should be free!" if Joe/Jane MOOwhiz sets up shop as a for-hire expert in coding, amassing virtual capital off of newbies. If we're talking about RPG money -- gold and jewels that have value within a MUD/RPG universe -- well, OK; but I think this would be a fairly trivial use of what I thought was supposed to be a sophisticated model for future monetary transactions on a global scale. And if, as part of your post suggests, RL money would be gratefully paid for increased power within a MUD -- shades of *Snow Crash*! And who would have guessed that it was cypherpunks in executive clothing that brought such a system into the MUD/MOO world. From anonymous at extropia.wimsey.com Sun Oct 10 18:29:48 1993 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Sun, 10 Oct 93 18:29:48 PDT Subject: Criminal GIF's "Offshore" Data Haven Message-ID: <199310110057.AA05796@xtropia> Charles Morgan said: Look around there everywhere In fcat those are not so bad L8r Charles Charles and anyone else who has examples of these "criminal GIF's" please send copies to a good home WhiteBeard 77308D As you might expect from "pool0", this is a pool address; all messages received at this address are remailed to a "pool" of subscribers, including WhiteBeard. Please encrypt your "criminal GIF's" with public key Type bits/keyID Date User ID pub 1024/77308D 1993/08/05 WhiteBeard 77308D -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3 mQCNAixg1V4AAAEEAK7+65Tb+IlceOkXbYr8KegFqJBsATfvHn0jWDhLomU1Bu9a N4QnUA7O7EA4klVjOkvFsizN+Ex94aAzSeEr2YEKA08wdCcDnOupTy5sGRcvJL3i e17y3/HS5zRq9bUrw/zVFWnF5XFaa0WXqEJF0mKNmIhQoUS0GWSPDqT/dzCNAAUT tC5XaGl0ZUJlYXJkIDc3MzA4RCAgPHBvb2wwQGV4dHJvcGlhLndpbXNleS5jb20+ =KKxu -----END PGP PUBLIC KEY BLOCK----- Note that the pool0 remailer does NOT attempt to conceal the identity of the SENDER. If you don't want your own identity attached to your message or file, send it through a remailer. Also, of course, you probably want to encrypt but NOT sign with PGP. WhiteBeard is also looking for the "politically incorrect" (and illegal outside the USA) program "Concentration Camp Commander". WhiteBeard will keep your "criminal GIF's" safely encrypted on diskettes. Should your own copies ever be lost or confiscated, just send WhiteBeard a call for help and he will send your GIF's (and any others he's collected you might want) to your anonymous remailer address. WhiteBeard already has a small collection of "interesting" GIF's dealing with beastiality and scatological domination. If you want a free sample, send WhiteBeard a request with an anonymous return address and pseudonymous public key. Please feel free to post this announcement to other mailing lists and newsgroups. From ferguson at icm1.icp.net Sun Oct 10 19:31:08 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Sun, 10 Oct 93 19:31:08 PDT Subject: The rubber and the road Message-ID: <9310110332.AA25892@icm1.icp.net> Grady, If this is a silly question, then chastise me later -- but when do you actually appear in court? I noticed PRZ's statement dated 12 Oct. Does your appearance fall shortly? Cheers and Support. From mccoy at ccwf.cc.utexas.edu Sun Oct 10 20:56:09 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Sun, 10 Oct 93 20:56:09 PDT Subject: The Bank of the Internet!? In-Reply-To: Message-ID: <199310110355.AA15157@tramp.cc.utexas.edu> Arthur Chandler writes: > > It jarred me to see someone so blithely planning to enter into the world > of international finance from an essentially "outsider" frame of > reference. [...] > > Put bluntly, any plans to enter international finance without a > substantial component aimed at lining up political and traditional > financial clout seems to me to be doomed to the dustbin of visionary > schemes. After the smoke clears, we are far more likely to see Chase > Manhattan with a platoon of hired cryptologists than EFF or Cypherpunks > wheeling and dealing on a global scale. It has to start somewhere pal. We are trying to start something small for a specific reason (at least I am, I do not presume to speak for Doug or the other cypherpunks working with us on the austin digital credit union): We want to be the ones who will define the protocol for currency on the net. We have specific goals regarding privacy and security which may be at odds with certain members of the traditional finance power structure. If you know anything about how network protocols really come into being it is because someone actually goes out, does the damn coding, and then people refine that work later. We want to score first so that others are forced to follow our lead, it only takes a small push at the beginning to determine the course of certain phenomena. I could care less if eventually the Citicorps and Chase Manhattans enter our arena and provide real banking services to the net. In fact, I one day hope to pitch them on that very idea. The point of our work down here is that we want to define the currency. We want to make it secure, private, and anonymous. What kind of standards your future net.bank may have on transaction records and other items relating to the net currency is between you and your bank, I want to make sure that the currency itself gives the possiblity for the highest possible levels of these "cypherpunk qualities". We are staring small and have no real plans on becoming future banking powerhouses (The Gnomes of Austin perhaps... :) but we would rather it be us who define the standard than Chase Manhattan or the US Government. jim mccoy From szabo at netcom.com Sun Oct 10 20:56:23 1993 From: szabo at netcom.com (Nick Szabo) Date: Sun, 10 Oct 93 20:56:23 PDT Subject: Virtual City (tm) and Virtual Capitalism (fwd) Message-ID: <9310110354.AA10813@netcom.netcom.com> Arthur Chandler: > Any system of monetary exchange that would involve manipulating quotas, > or translating them into a kind of tradeable commodity would, I think, be > vigorously resisted by most MOO wizards. Great! One of the main strengths of Virtual City seems to be to that its gets rid of the fascist heirarchy of "wizards", the virtual equivalent of factory managers in the old Soviet Union. (Caveat: these are just my impressions of the V.C. project, I'm not personally involved in it). Also the quote is "information _wants to_ be free", not "should be". Alas, it is easy to bottle up information by restricting it to small cliques of wizards. On the other hand, many of the world-wiser wizards may be able to use their MUD building skills to become Virtual City tycoons. There are probably plenty of wizards pissed off by politically-dominated MUDs, where access to resources has increasingly become a function of sharing beers with the "god" and less a function of contribution to the MUD. Wizards who are better MUD builders than beer buddies have incentive to jump ship and carve themselves out nice niches in a free-enterprise MUD. I suspect Virtual City, and net commerce in general, will evolve to where people buy and sell some information as services, and exchange other information freely. The distinguishing feature between valuable services and free information will likely be that services will be hard to copy, the end result of obscure, logically deep computations, providing information unique to each customer order or dependent on hard-to-duplicate phyiscal hardware. Freely copyable information typically will be sellable only a few times, and even then the sale price will depend on it being hot/unique news, uniquely valuable to a specific customer or temporary situation, or conveniently located. Old news, educational material, etc. will be free, barring fascist patent/copyright enforcement, but the customers will often pay for more convenient methods of distribution (eg smart filter services). Content _per se_ will want to be free, so one will not be able to generate revenue simply based on popularity of content. Content generation will not pay and will not dominate the economy. A good example is the distinction between the freely copyable GNU and X-Windows, and the for-pay consultation, customization, porting, help desks, etc. that have sprung up around them. Most of the effort goes into the latter: since people like to make a living, most of the economic effort will go into services rather than the exchange of free information. As bandwidth becomes cheaper the free info exchange will expand, but the incentive for creation is limited to self-sacrificing efforts or side-effects of government or consulting businesses or corporate charity (eg GNU, X, PGP). I look forward to something like Virtual City providing a free-market alternative to the heirarchical control of information (crypto key authorities, Unix file permissions model, MUD Wizard model, ad nauseum); I do not see it replacing the GNU free software model. Nick Szabo szabo at netcom.com From DON_HENSON at delphi.com Sun Oct 10 21:26:09 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Sun, 10 Oct 93 21:26:09 PDT Subject: Cypherpunks Cause Message-ID: <01H3YTBWAA0891X6YA@delphi.com> ferguson at icm1.icp.net writes: --> > >There is no cypherpunks cause. Neither is there a cypherpunks > >movement. Get these delusions out of your head. There is, however, > >cypherpunks software. > > > >I repeat, the cause and movement are in your own head. > > <-- > > If there is no cypherpunks cause or movement, please let me know What the hell are you talking about? <-- Well, I thought I was pretty clear in the first place so if you don't know what I am talking about, I guess I don't know either. Don Henson PGP key on server or on request From DON_HENSON at delphi.com Sun Oct 10 21:26:23 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Sun, 10 Oct 93 21:26:23 PDT Subject: Cypherpunks Cause Message-ID: <01H3YTC2SZ8U91X6YA@delphi.com> Eric Blossom writes: --> > If you believe there is a cypherpunks cause and you believe in it, > please post a short note to that effect to the list. > Anyone who is interested can keep count. What difference will any of this make? It is completely off topic for the list. Cypherpunks write code. <-- This was pretty typical of the response I got to my question about the cypherpunks cause. Apparently, I misinterpreted the intent of the list. Thanks for clearing it up for me. Goodbye. Don Henson PGP key avail on server or on request From mccoy at ccwf.cc.utexas.edu Sun Oct 10 21:36:09 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Sun, 10 Oct 93 21:36:09 PDT Subject: DC-Net proposal, comments requested In-Reply-To: <9310100127.AA23557@illuminati.IO.COM> Message-ID: <199310110432.AA15221@tramp.cc.utexas.edu> cman at IO.COM (Douglas Barnes) writes: > [dc nets stuff] > > One head scratcher I've been considering is whether it would be better > to simulate a token-passing scheme, or to have comparisons broadcast > to all participants. [...] Doug has already heard a lot of this over dinner discussions we have had on dc nets and networking, but here are a few more things I have been thinking about in regards to this. The idea we hashed around in the token passing realm was that members of the net would begin by knowing only thier partners (I will assume people are being honest in the network for the moment...) Each person will pass packets to the left, the person they share thier data with in the dc setup (i.e. the person whose menu they look behind and whose coin they compare thier toss with.) The "packets" will have two sizes, the small one for token negotiation and a large one for data transmission. Token-sized packets are passed until someone suceeds in transmitting the "i speak" token, then a data packet, and then token negotiation begins again. Everyone prepares two random numbers, one for the data sharing that is part of the dc net and another to use in the communications ring. When people have checked thier neighbors and are ready to transmit, they send thier second random number (and a random signed token so they know when they see thier token come back to them) to the person on thier left. When a packet is recieved, each number is incremented or not for the "same/different" message and passed to the next member. When your token finally gets back to you it is possible to check for the message sent by the net, you know your original random number and the number of passes necessary for you to get your token back tell you how many people are participating. Doug and I thought that perhaps if the broadcast signal was something like "1111(rand 8 bits)1111" and people backed down when they sensed collision, so that unless the 16 bits ended with 1111 people would know there was no token in that round (0 is the default message, when people colliding stop trying to send the negotiotion falls to zero for that round) and they would try again. Eventually someone would be able to transmit the sequence and because the number in the middle is random only they would know that they have the send token. Then people communicate for the preset length of the data packet and begin negotiating for the token again. As far as breaking up and reforming the network I am still looking for ideas, but have been reading some old crypto proceedings and I am going to play around with some ideas and see if Chaum's blind signature stuff coupled with a ZNP for proving identity might work (it happens to be the article I was reading on the way over to work and it has gotten me thinking...) > Also, I have thought of some ways of dealing with "slacker" processes > or folks who suddenly drop out that work better with a broadcast approach, > but there's probably a way to deal with them in the token-based scheme. Yes and no. The internet is not a connection-oriented medium and it is impossible to know whether or not a particular packet made it through. "Broadcasting" is also tricky for the same reason. The designers of the net have worked out several schemes for getting around these problems, it makes no sense not to lift a few good ideas for this... jim From tcmay at netcom.com Sun Oct 10 21:46:09 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 10 Oct 93 21:46:09 PDT Subject: The Bank of the Internet!? (fwd) In-Reply-To: <9310102114.AA02874@illuminati.IO.COM> Message-ID: <9310110445.AA18639@netcom5.netcom.com> Doug Barnes writes: > Also, I would like to emphasize, while these institutions are dedicated > to the establishing of new or modified digital transactions, they are > not intended, in any way, to break the law, avoid taxes, or push what I > can't help but think of as the "Tim May .sig agenda" outside the bounds > of the law. Many of us believe in aspects of that agenda, but this is an > approach to push the envelope from the legal side. And I think this is a wise thing to do. I comment these folks for pursuing this, all the more so becuas a "credit union" is not the sexiest thing I can think of (not compared to data havens at least). But it'll be the solidly middle class apps like digital credit unions that wil help further colonized cyberspace (and cypherspace). Meanwhile, I'm fairly "out" about my crypto preferences, and intend to continue talking about crypto anarchy. I'm sure you folks wouldn't want it any other way. Good luck! -Tim (infamous .sig follows) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From mccoy at ccwf.cc.utexas.edu Sun Oct 10 22:06:09 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Sun, 10 Oct 93 22:06:09 PDT Subject: Virtual City (tm) and Virtual Capitalism In-Reply-To: Message-ID: <199310110504.AA15258@tramp.cc.utexas.edu> Arthur Chandler writes: > > I'm still not clear as to exactly what MUD money would purchase. In a MOO, > such as MediaMOO or BayMOO, I can't conceive of what anyone could "buy" > with virtual money. What would one buy with any digital cash? Whatever anyone is willing to sell them. How about programs, stock quotes, orders for physical items, newspapers and magazines, etc... > [quotas as the scarese resource on MOOs...] > Any system of monetary exchange that would involve manipulating quotas, > or translating them into a kind of tradeable commodity would, I think, be > vigorously resisted by most MOO wizards. Quota is simply a manifestation of the only real resources that limit the size of a virtual world, storage space and computation time. There is no reason to think that any currency exchanges on such systems would need to limit themselves to this (but it does give one ideas as I will mention later.) > If we're talking about RPG money -- gold and jewels that have value > within a MUD/RPG universe -- well, OK; but I think this would be a fairly > trivial use of what I thought was supposed to be a sophisticated model for > future monetary transactions on a global scale. And if, as part of your > post suggests, RL money would be gratefully paid for increased power > within a MUD -- shades of *Snow Crash*! And who would have guessed that > it was cypherpunks in executive clothing that brought such a system into > the MUD/MOO world. Well, I do not know much about what the virtual city people are doing, but I can tell you a little bit about what I know of another MOO that is working on such a virtual marketplace, the metaverse MOO being run right now by Steve Jackson Games (metaverse.io.com port 7777) While people are still working on setting things up (the system is fairly new) a lot of ideas have been tossed around such as real online games done by professionsal corperations (sjg, etc) or online orders for magazines such as wired or mondo, or perhaps ordering equipment at computer sales outlet on the MOO. All one needs is currency and then the buyers and sellers can determine what the market will be. I find the MOO system interesting because it provides a structure of objects (data) and interaction of people and the objects. One of the reasons I have been interested in dc nets, encrypted filesystems, and the like is because I think it would be interesting to set up a completely distributed and secure/private computing system. I have figured out a lot of the filesystem and communications (i/o) issues through dc nets and various encrypted filesystem ideas. The stumbling block I kept running into was how to build a network CPU. What about a MOO? The MOO programming language itself is rather primitive, but it only concerns itself with negotiation of the objects within the system and simple interactions with those connected to the system; if one were to hook a perl, C, and tcl interpreter into such a system and add flags to objects to signal that they should be run through a particular interpreter then one would have the necessary CPU(s). One could use MOO money to pay for the data storage and CPU time (object quota and server ticks) and those providing cycles or storage space for the MOO would be compensated and the system could theoretically grow without bounds. Just an idea or two and perhaps a hint of things to come... jim From jkreznar at ininx.com Sun Oct 10 23:19:47 1993 From: jkreznar at ininx.com (John E. Kreznar) Date: Sun, 10 Oct 93 23:19:47 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310090132.AA08927@dink.foretune.co.jp> Message-ID: <9310110617.AA05506@ininx> > You can put up such a network, but given that your boxes have to receive > the signal, it will be detectable (but not understandable) to 3rd parties. Not necessarily. Done right, direct sequence spread spectrum transmissions cannot feasibly be detected except by a receiver using the right code. To be sure, ``feasibility'' here is being used in a weaker sense that cryptologists are accustomed to, but the effect is similar. Here are selected passages from "Modern Communications and Spread Spectrum" by George R. Cooper and Clare D. McGillem (McGraw-Hill, 1986) pp 309--311: ...another objective in using spread-spectrum techniques is to make it more difficult for an unauthorized observer to detect the presence of the signal.... When an unknown spread-spectrum signal is to be detected, it is necessary to assume something about what is known. In particular it is assumed that the spread-spectrum code is not known, and that it is desired only to determine the existence of the spread-spectrum signal and not to decode it. This implies then that some form of noncoherent detection must be employed and that the existence of a spread-spectrum signal can be determined only by noting a change in energy between the signal present and the signal not present. Thus it is necessary to consider an energy detector. ... [Engineering mathematics omitted.] ...However, in the case of noncoherent detection, the detectability depends upon the square of [a specific signal-to-noise ratio that they define], rather than upon the first power; thus operating with small values of E/N_0 makes things more difficult for the interceptor than it does for the desired signal receiver. > Anyone who wants to take you down will only need (1) a detector that can > point out your boxes and (2) a small caliber rifle. First he may need (0) the spread-spectrum code. These can be made strong, in a sense similar cryptographically strong random number generators. > Since the cost to find and destroy is much less than the cost to make and > deploy, a covert network of this sort wouldn't last long. This cost comparison might be reversed by forcing the adversary to use incoherent detection. John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. From ld231782 at longs.lance.colostate.edu Sun Oct 10 23:36:44 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 10 Oct 93 23:36:44 PDT Subject: Identity Tracking through Databases (fwd) Message-ID: <9310110636.AA12175@longs.lance.colostate.edu> from PRIVACY Forum Digest Sunday, 10 October 1993 Volume 02 : Issue 32 Moderated by Lauren Weinstein (lauren at vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===cut=here=== Date: Sun, 10 Oct 93 16:52 PDT From: lauren at vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: Personal Privacy vs. the "Digital Detective"? Greetings. This is going to be a somewhat complex message, but I feel that it's an important one, so please try to bear along with me. Also, I must ask that anyone who wishes to forward any information from this message please forward the entire message and keep it intact and complete with all attributions--any further excerpting from this material could be extremely confusing, to say the least. A few days ago, in my capacity as PRIVACY Forum moderator, I received an e-mail submission from Patrick Townson, politely asking if I would consider publishing it in the digest. (Pat is moderator of the TELECOM digest; we have various communications regarding digest matters from time to time.) The submission was essentially an ad promoting a new service he is offering. I informed him that my policy is not to run ads, though particular products and services may be mentioned in the context of informational or discussion messages submitted to the Forum. However, the particular ad in question is potentially of significant importance to readers of PRIVACY Forum, and brings to a sharp focus a number of issues which we've had bouncing around for sometime, with seemingly little action. So, I asked for and received permission from Pat to publish excerpts from his ad, as well as excerpts from our private communications that occurred after I read his original submission. I've attempted to keep these excerpts in context, and I'll have additional comments as we go along. Once again, I'm sorry about the complexity of this message. ---- EXCERPTED MATERIAL BEGINS BELOW. Omitted material is indicated by "..." in the text. The original complete message was widely distributed on Usenet, as indicated by the "Newsgroups" field below. *************** From: ptownson at telecom.chi.il.us Newsgroups: comp.society.privacy,alt.privacy,misc.consumers, misc.legal,misc.misc,chi.general Subject: Digital Detective At Your Service Date: Wed, 6 Oct 1993 15:35:00 CDT DIGITAL DETECTIVE ... I wish to announce my recent aquisition of some databases which are primarily used by skip-tracing, investigative and government agencies to locate people, any assets they may have, and other pertinent and personal details of their lives. These databases are being made available to anyone who wishes to have access to them. The charges are simply being passed along, 'at cost' based on what I am paying. ... SOCIAL SECURITY NUMBER TRACING: =============================== You provide an SSN. I will advise you of all the names which have been used with this SSN, and the addresses which go with each. Or it can be the other way around: you supply an exact name and address (it can sometimes be a former address), and I will supply you with the SSN used by that person. Cost for each lookup, either direction is $60.00 PEOPLE FINDER: ============== You provide a name. Any name okay, but very common names will render a useless list. Middle initials and last known address is requested if possible. You'll receive a listing of every person who has that name, along with other data: New address if they moved; Telephone number provided the number is published; Residence type; Length of residence; Gender; Date of birth; Up to four other household members and their dates of birth. For additional information, People Finder also can provide a neighbor listing which includes up to ten neighbors, their addresses, phone numbers and residence types. ... It can be searched by telephone number only: You provide the phone number, I will respond with the person's profile and neighbor listing. Or it can be searched by address only, with the same results. ... Cost for each lookup is based on how extensive the search is. ... Both address/phone trace $90 ... CONSUMER CREDIT REPORTS: ======================== Consumer Credit reports availale from one bureau, $60 Consumer Credit reports available from three bureaus, $100 I need two things: 1. The name and address of the person, plus SSN if possible. 2. A *signed* statement that your request is for bonafide, legal reasons, i.e. you are considering an extension of credit to the person, or possibly employing them, etc. I cannot proceed without this signed statement. ... Has someone ever filed bankruptcy? The database will tell you if they have or not. Not all federal districts are yet installed but for those that are in the database, I can get you the details: ... Criminal History records available at $75-100 per jurisdiction you request searched. Want to know if someone has ever been in prison? Want to know if someone has ever been sued, or been a defendant in a criminal action? ... Death Records can be provided in various formats: By SSN only - is the holder of that SSN deceased or not? $30 By name - a more detailed account of their demise $40 Drivers Records can be pulled but the exact name and DOB is essential; otherwise if you have the full driver's license number, the search can be reversed, providing a name and DOB plus address. (Then use People Finder address trace on them.) $65 [ Various other information types listed omitted. -- MODERATOR ] ... Information should be available to everyone, not just the lawyers and bankers and government agencies. I'll provide information to anyone, at anytime from the categories above. Hope to hear from you soon with your requests. Here's to successful snooping! Get the goods on your friends and enemies alike. An imposter/fraud/con-artist on the net? Expose them in a detailed message with stuff you get from the database. Patrick Townson for DIGITAL DETECTIVE *************** >>> End of excerpted material from original submission <<< After reading the original ad, I had a number of exchanges with Pat regarding the possible negative reactions to this service among the PRIVACY Forum readership. Here are some excerpts from that discussion. ----- Excerpts from followup messages begin below ----- >From Pat: Say whatever you like. I would ask that you point out a couple of pertinent things however: 1. All the information is gleaned from public sources. You'll find very few non-pub phone numbers for example unless the person used it someplace. And *yes* there are public sources of SSN's ... I know where, you don't know where, so you pay me to tell you where or at least produce the results. 2. All information is available free of charge to anyone who wants to go to the sources and get it himself. I'm placing myself in the middle as the 'gopher' ...I'll go fetch the information if you pay me. When I say 'free of charge if you get it yourself' I am not including the occassional cost of making copies, etc. That much is assumed. Regards criminal histories for example, if someone does not like the information being given out, then their real beef is with the concept of free, open to the public trials in the USA. In every courthouse in America, anyone is free to walk in, sit down and observe a trial going on. We do not have secret trials in the USA. So I am free to observe you on trial, and you are free to observe me on trial. It should follow then that we are free to exchange information with each other about trials we have observed. About 85 percent of the counties in the USA gladly supply transcripts and summaries of judgments regards criminal cases in their jurisdiction to anyone who asks for them (plus again, the copy costs etc). It is not feasable for you to come to Chicago and visit our courthouse, nor for me to visit the courthouses in California. So we cooperate with each other by you looking up things for me there and me looking up things for you here. It then should follow that a logical next step is to put it all on a computer; all researchers contibute their data to the common database. And so it goes. All I do is fetch the records you have created about yourself as a service for people who don't want to go to the trouble of fetching them for themselves. 3. Regards credit bureaus: Anyone can be a commissioned sales agent for the credit bureaus as long as they sign up with the bureaus to do that. You'll note I refuse to pull bureau files without your signed statement saying that you have a lawful purpose, ie an extension of credit or possible employment, etc. This puts the burden on you. In fact the bureaus themselves say in their contracts that they release information to their clients making the assumption the client has a lawful right to the information. If not, its your ass .. not theirs. If a bureau is pulled on you, you later find out and ask me why, I refer you to the person who purported to be lawfully inquiring. Doing so, I've met the requirements of the law. It is all public information except for the consumer credit reports, and for those the people who own the data base which I use absolutely insist on meeting all legal requirements. 4. Finally, it is only because we have computers that we can keep records in the prolific way we do. Do you also object to manual record keeping? Or is your complaint only that because it is computerized it has become so much easier for the average person to obtain? Remember, YOU are the person who gave out your SSN (I do not do the trace from government records but from public collections) ... YOU are the person who registered your telephone number in a directory of same with your address, etc. If you don't like people collecting information, don't give them any to collect, and get the law changed so that like in Russia you can be tried in secret and taken away in the middle of the night. Then there won't be any information for the public to look at regards what you were convicted of. Please summarize the above as my response to negative comments. Pat [ Below, text after ">" is from Lauren, other text is from Pat ]: Lauren: > I'm not disagreeing with your statements that it's all (presumably) > public information. In effect, that's what needs to be stopped! Pat: Well, then you better go to work on getting the First Amendment repealed or greatly modified addressing the issue of what people are permitted to say to other people, etc. If you feel I should be forbidden to speak about your SSN, so be it. Get the law changed and make sure it is constitutional. > In any case, publicizing your service may well have the effect of helping to > foster efforts to pass pending and future legislation to control the reuse > and distribution of such info, simply because so many people would get so > irate that such a service existed with such simple access. I want people to see how easy it is. I want enough people doing it that the cost of accessing the databases comes down from sixty dollars for an SSN to sixty cents! I want getting all sorts of info on your neighbors, enemies, employers and employees to be as easy as pushing a few keys on your keyboard. ... Nope, won't affect business at all because people have a short attention span. They will read it, cluck their tongues and by next week have forgotten. At my former employment I used to give seminars on how to collect bills. I gave these to employees of companies working collection. Afraid it would cut back the business they sent to our firm? Not at all. For a week or two, yes .. then they forget and go back to their old ways. Same thing here. ... Big firms, lawyers, bankers, law enfocement; they all get into the same information I use. Why shouldn't you be able to get into it also? You think if the laws are changed the lawyers won't somehow exempt themselves anyway? ... And as my ex-employer used to say, there is plenty of money to be made in collections and investigations by staying one hundred percent within the law ... no need to hack government data bases, no need to steal files from the credit bureau, no need to break into computers ... Someone wrote me and said getting into the NCIC was illegal (they were referring to my criminal histories database) ... hell, I get no where near NCIC .. I just use the combined efforts of researchers all over the USA who visit their courthouse daily to pull the new files for review; ditto with the Real Property transactions, tax records, voting records, etc .. ... but bear in mind if you try to censor the information you are treading dangerously into First Amendment stuff ... ... I thought it would make for great fun. Other than yours, the only letters I am answering on this are the ones which contain credit card numbers or EFT instructions ... and orders are coming in already. The neat thing about public information is you cannot be guilty of libel or slander when you distribute it as long as you do not embellish upon it. And my answers to inquiries go out ALWAYS as follows: "In consulting the XXX database, I noted the XXX database made the following statement(s) and/or allegation(s): (then the record) "If what was recorded in the XXX database is not correct, then the subject of the inquiry made at your request should notify the XXX database management of the error(s) and take appropriate action to correct the database record." It is never me claiming or alleging anything.... just telling you what I found out when I read the record. Same as the old credit bureau routine. Since I dont personally keep the rcords like the credit bureau does, it is not even within my power to correct the records. Obviously, that old First Amendment needs to be greatly modified, eh? Pat ----- End of excerpts from followup messages ----- Lauren here again. I think the above should give the flavor of the discussion and the related issues. We had some other discussions where I pointed out that the First Amendment wasn't really the issue, since it was not absolute, and that I felt some form of required "informed consent" (e.g., requiring firms to get written permission from customers from whom they obtain SS#, etc. before making it available to any commercial databases) would be a big help. But here's the *real* issue. If we assume that Pat is right in his statements that all of the information to which he has access is legally distributable, it goes far to pointing out what an utter disgrace the state of privacy and privacy laws in this country have become. Pat is certainly correct that many organizations already apparently have access to all of this data. All he's doing, seemingly, is trying to make a buck by providing "broader" access to the info. While one can argue that this is a very unfortunate thing to be doing, due to the range of new abuse that could potentially occur, it is also true that many crooks *already* have access to all this info, and that the information is already widely abused. Pat also suggests that there won't be any sustained opposition to such information releases--that most people have a very short attention span, will just read the message, and promptly forget about it. Is he right? The real problem is not with Pat's service, of course. The problem is that what should be private information is flowing around with such utter lack of sensible controls. If there were reasonable controls, it would be impossible for Pat's service, or many other similar services that cater to other customers out there, to be operational. There is certainly a philosophical underpinning to all of this. By analogy, Pat's view that everyone should have access to all the information available on everybody seems similar to the view that the way to solve the violent crime problem is to make sure that everyone in the country is carrying a gun at all times and is provided with plenty of ammunition. While some will no doubt agree with both of these concepts, hopefully many of us do not. It should now be crystal clear that the privacy situation in this country is in shambles. You can't just sit there, read this, and then file it off and forget it. Sooner or later, and most likely sooner, *you* are going to be affected. And just exactly what, my friends, are we going to do about it? --Lauren-- From ld231782 at longs.lance.colostate.edu Sun Oct 10 23:39:47 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 10 Oct 93 23:39:47 PDT Subject: Clipper Q&A (fwd) Message-ID: <9310110637.AA12183@longs.lance.colostate.edu> from PRIVACY Forum Digest Sunday, 10 October 1993 Volume 02 : Issue 32 Moderated by Lauren Weinstein (lauren at vortex.com) Vortex Technology, Woodland Hills, CA, U.S.A. ===cut=here=== Date: Thu, 30 Sep 93 14:31:41 EST From: "Tom Zmudzinski" Subject: Key Escrow Panel at 16th NCSC 21 Sep 93; 14:00-15:30; Room 317 of the Baltimore Convention Center Track "E" (Tutorials & Presentations) -- KEY ESCROWING ISSUES { This is an incomplete "transcribble" of what was said, a personal precis if you will, not a court-ordered wiretap. ;{D } Cast: Mr. Len McNulty (National Security Standards & Technology), Dr. Clinton Brooks (Advisor to the Director, NSA), Mr. Al MacDonald (Special Assistant to the Assistant Director of Technical Services, FBI), Dr. Dorothy Denning (Georgetown University), Mr. Miles Schmidt (Manager of Security Advisory Group, NIST), Mr. Daniel Weitzner (Senior Staff Council, Electronic Frontier Foundation) { Transcribbler's Note: I've done the best I can with what I heard, but cross-checking against the Preliminary Participants List proved to be useless so there may be some misheard/spelled names & titles. } McNulty chaired the panel and gave a background briefing on the "Clipper Chip/Skipjack Algorithm" broughaha. Bottom line: NIST saw a requirement for high grade encryption for voice and data throughout the private sector but also saw the need to retain the ability to wiretap under court order. { Transcribbler's Note: Anyone needing background details (1) hasn't been paying attention to the media or fora and (2) can get them there. } Brooks gave the NSA side -- NIST came to NSA in search of help with the encryption. The policy folks wrangled long and hard over installing a backdoor, but concluded that any such weakening would be self-defeating. Brooks went into detail about the workings of the key escrow process. Bottom line: The algorithm HAS to be kept secret other wise someone could reverse-engineer a box that would interoperate with an escrowed Clipper. This box could then "lie" in the LEAF (Law Enforcement Access Field) and thus be invulnerable to court-ordered breakback. MacDonald gave the FBI's version -- Wiretap is a rarely used, last ditch technique necessary to protect the country and the private individual. MacDonald cited the use of wiretap in a "kiddy porn" kidnap/murder case. Unfortunately, he presented NO hard data on the pros & cons, just opinion. Bottom line: Wiretap is too useful a tool for Law Enforcement to give up without a fight, so they're fighting. Denning gave a synopsis of the work to date on breaking Skipjack. (The interim report is available on the Internet.) Bottom line: Recognizing that the analysis was done under considerable time pressure, it bears out NSA's claim that Skipjack is high quality (comparable to military grade) encryption. Weitzner presented the EFF position -- The EFF Electronic Privacy Working Group shares the Government's goal of providing the users with choice as to how (or if) they would protect their privacy. A truly voluntary, well functioning escrow system is appropriate to look at and test as one of the many alternatives that people who need security and privacy have to work with. They are not taking the position that no escrow system should be implemented at all (although there is an EFF faction that doubts that the government is the appropriate escrow agent). For the EFF, the critical test will be whether or not the US export restrictions on cryptography are relaxed. Bottom line: EFF wants to make certain that it is a truly voluntary system, not mandated by law. ( Various questions from the floor to the panel ) (Someone questioned the academic rigor of the Skipjack Analysis.) A: Analysis was as good as could be done in the time available. (Cliford Ockersmith, Intel, wanted to know why Intel had been excluded from manufacturing the Clipper chip.) A: They haven't been. (There IS an issue because Clipper is a hardware standard, and Intel doesn't want to retool to meet this standard.) (It appears that the only time Clipper is vulnerable is when it is being keyed.) A: The various parts of the Skipjack keys are NEVER in the clear outside of the box that does the keying, even during a legal breakback. (What happens to a chip once it's been brokenback?) A: The wiretap process includes notifying the chip owner that it has been wiretapped. (What about a gift certificate for a new chip in the letter?) A: [ laughter ] (Someone asked again about making the algorithm public.) A: [ see above ] Also, this is a voluntary standard, you don't have to use it. (Question about terrorists voluntarily using other high grade encryption.) A: No change from today. (Question about identifying with whom one is securely conversing.) A: Not part of Clipper. (Phone companies market Caller-Id.) (Unidentified person handed out "A Scientific Statement on Clipper Chip Technology and Alternatives" at the exits.) A: Thank you. [ adjourn ] ----------- The preceding has the legal status of hearsay, so don't quote anybody. From doug at netcom.com Mon Oct 11 00:11:09 1993 From: doug at netcom.com (Doug Merritt) Date: Mon, 11 Oct 93 00:11:09 PDT Subject: Virtual City (tm) and Virtual Capitalism (fwd) Message-ID: <9310110711.AA29044@netcom4.netcom.com> Er...there are a *lot* of different kinds of mu*'s, and at least as many different definitions of "wizard". In some worlds they call people wizards who would simply be players elsewhere; in other worlds "wizards" have godlike status. Similarly with "programmer"; it can mean an advanced builder, or it can mean somebody who actually hacks the C underpinnings. You'd have to be a hardcore afficionado of the whole range to have basis for sweeping statements. (The kind that I'm least familiar with is apparently the most common, where people earn wizard status by advancing in some kind of game, but there's endless variation. When people create their own worlds, they tend to create ranks to suit their own tastes, too. Gonna legislate world creation? ;-) Doug -- a sometime but partially cured mu* wizard and programmer From loki at convex1.TCS.Tulane.EDU Mon Oct 11 00:16:09 1993 From: loki at convex1.TCS.Tulane.EDU (the mischeivious god) Date: Mon, 11 Oct 93 00:16:09 PDT Subject: Walk ME thru PGP por favor... Message-ID: <9310110712.AA12793@convex1.tcs.tulane.edu> Dear Cypherpunks, Ok I have been interacting now with the list for 2 months now in order to have circumvented what I am about to ask. I figured if I just pay attention to what all the chat is about I could figure out how to "casually" implement PGP and anon remailers into my daily routine..which is one of the objectives of the list or is it?? I have read the documentation, and I tried to compile the pgp2.3a on the convex but then I decided I had better keep all the secret stuff at home and not on the remote time share computer. HOwever I need to know some practical answers before I get going...and please respond as a layman please...I am not holding a contest for elliptical jargon users to show off. Having created a military grade secret key, where do I go from there. 1. I need public keys....how to get them? How to have them certified? How to certify the certifications? 2. I use PC DOS ( I have the Beta version of PGP2.3a for windows but it does not seem to work well if at all...). So with my pgp23a for DOS I want to write a letter....use a text editor? probably. So how should Save as the file ? Do I need a suffix especially for PGP? 3. Uploading is a bitch as our Kermit (yes we do not have zmodem and the server sports a 9600 baud top speed...what a pile of crap but it is PHREE.) ... as our Kermit server glitches most things sent. Hence the letter will be worthless by the time it gets to its destination. I hear about emacs and mime and other other goodies....how can I use these or should I bother? 4. Given that I have successfully encrypted how do I know it worked? I mean is it at all possible that my copy of pgp was tainted such that it looks encrypted but someone tacked on a backdoor to my downloaded version of PGP? 5. Now then given a successful upload how do I mail it? I use elm and vi is the default editor (VI=vile for novices) how do I pull up the file into the mailer via VI? Ok. 6. to recieve a letter just tell me the reverse...by the way I do not have problems downloading only uploading...everyone on our host who uses a modem instead of the newly installed campus LAN (which means anyone who has a life and needs more room than a shoebox sized dormroom). EXTRA note : The dorms at Tulane University got rewired for the new school year. It almost makes me want to go back to school _and_ live in the dorms. You see they put coax to all the rooms which has integrated the library catalog,cablevision with 32 channels (a hack infiltrated already and gave everyone PLAYBOY channel for 2 days...just imagine all the freshmen glued to the set.), and on the same cable we have IP access to the net though if you set up your ownnode it can only be temporary,,,they figured out a way to enforce this. Kind of makes drool as I am stuck with copper wire phone lines in a 100 year oldapartment building with my 2400 baud modem...the kids today get all the breaks! LOKI PS send all responses to me privately please loki at convex1.tcs.tulane.edu subject:LOKI:USE YOUR PGP COPY!!! From TSJWR at acad2.alaska.edu Mon Oct 11 00:29:47 1993 From: TSJWR at acad2.alaska.edu (John W. Redelfs) Date: Mon, 11 Oct 93 00:29:47 PDT Subject: Kiss My Elbow! Message-ID: <01H3YOP2T5FM9QV1NC@mr.alaska.edu> To those obnoxious codeheads who flipped me off with a suggestion that I do my own port of PGP to the Atari and/or VAX: Kiss my elbow! Anyone ignorant enough to write code before doing a search to see if the code is already available deserves to take your brain dead advice. Foolishly thinking that the cypherpunks were interested in spreading encryption technology on the Internet, I logically assumed an inquiry on this list would be part of such a search. Maybe the cypherpunks are a government front organization set up for _preventing_ the spread of encryption technology on the Internet. Stranger things have happened. --------------- John W. Redelfs, tsjwr at acad1.alaska.edu ----------------- --------- All my opinions are tentative pending further data. ----------- From pmetzger at lehman.com Mon Oct 11 06:46:15 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 11 Oct 93 06:46:15 PDT Subject: The Bank of the Internet!? In-Reply-To: <199310110355.AA15157@tramp.cc.utexas.edu> Message-ID: <9310111341.AA18008@snark.lehman.com> Jim McCoy says: > We want to be the ones who will define the protocol for currency on > the net. [...] > We are staring small and have no real plans on becoming future banking > powerhouses (The Gnomes of Austin perhaps... :) but we would rather it be > us who define the standard than Chase Manhattan or the US Government. I don't care for the Government, but I suspect that Chase Manhattan has a much better idea of the problems involved in cash transfer and accounting systems than you guys do. People who've never worked for financial institutions rarely understand where the real problems are. I don't mean this to be patronizing -- I have a good deal of respect for the smarts of people like Eric Hughes -- but its simply the truth. I remember the first time I did some research into back office systems and discovered where the real expenses at an institution were -- and nearly fell over in shock. Real world bank people have to worry about things like how to make sure that exceptional cases involving manual intervention (which represent well over 95% of expense) are minimized, they worry about auditing and making sure that systems are structured in such a way as to avoid constructing the capacity to embezzle into the system. They have to worry about downtime, clearing regulations, imaging documents, and other gunk. I say gunk because its all largely unglamorous in the same way that 99% of mechanical engineering is now both unglamorous and yet still critical to the safety of, say, automobiles. Doing these all right are skills which I have gained a good deal of respect for over the years. A bunch of hackers with experience in nothing but cryptography might get some of the privacy aspects right at the expense of producing a system which is otherwise unworkable. I wish you luck, but I want to warn you in advance that there is a good reason that computer people doing design work at banking institutions are usually a rare breed that get paid six figure salaries. If you set out to do this, it isn't going to be a part time job, and it isn't going to be something you can do without a good deal of expertise, either learned the hard way or hired. Perry From paul at poboy.b17c.ingr.com Mon Oct 11 07:59:49 1993 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Mon, 11 Oct 93 07:59:49 PDT Subject: [META] [LIST] Let the market decide Message-ID: <199310111456.AA26530@poboy.b17c.ingr.com> I write this in the hope that it'll finish off the list/newsgroup discussion and with the fear that it will make it worse. "Let the market decide." If you feel that a newsgroup is the right way to go, then start one. If it offers something valuable to current cypherpunks subscribers, they'll read it. Likewise with alternate mailing lists. If you want a crypto-politics list, start one. If it offers valuable material, people will subscribe. Do not presume to dictate to the folks like Eric and Tim who created, and have since nurtured, this list. Build a better mousetrap, and all that. -Paul -- Paul Robichaux, KD4JZG | "Change the world for a better tomorrow. But perobich at ingr.com | watch your ass today." - aaron at halcyon.com Intergraph Federal Systems | Be a cryptography user- ask me how. From cme at ellisun.sw.stratus.com Mon Oct 11 08:19:49 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 11 Oct 93 08:19:49 PDT Subject: Weak RSA keys? Message-ID: <9310111518.AA01724@ellisun.sw.stratus.com> >Date: Thu, 7 Oct 93 14:35:52 -0700 >From: hughes at ah.com (Eric Hughes) >Message-Id: <9310072135.AA01702 at ah.com> >Out of curiosity, does anybody here know how to calculate any >expectations for gcd(p-1,q-1) for, say, 2^n < p < q < 2^(n+1) ? I >don't know enough number theory myself. Eric, I don't think it's number theory you want so much as probability theory. I'm going to look at this to get the answer to the problem as you formulated it, but for values of n large enough (or, for values of 0 greater than (2^{-n}) :-) there's a simple form for that expected value. You can take it as an upper bound for the actual one: [note: I haven't verified this more than once...] E = sum_i sum_m p_i^{-m} where p_i is the i-th prime. - Carl From cme at ellisun.sw.stratus.com Mon Oct 11 08:51:32 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 11 Oct 93 08:51:32 PDT Subject: E[gcd(p-1,q-1)] Message-ID: <9310111549.AA01795@ellisun.sw.stratus.com> I just wrote: > > E = sum_i sum_m p_i^{-m} > >where p_i is the i-th prime. That didn't take into account that p and q were knwn to be odd. So, assuming p and q are randomly chosen odd numbers: E[gcd(p-1,q-1)] < 2.5 + sum_j 1/(p_j - 1) where p_j is the j-th odd prime. It's "<" because this doesn't take into account that there are (relatively small) values of m such that p_i^m > min(p,q). It also doesn't take into account the second order probability effects from depeltion of range. - Carl From msattler at netcom.com Mon Oct 11 09:09:49 1993 From: msattler at netcom.com (Michael Sattler) Date: Mon, 11 Oct 93 09:09:49 PDT Subject: The Bank of the Internet!? (fwd) Message-ID: <9310111609.AA01224@netcom.netcom.com> At 16:14 93/10/10 -40962758, Douglas Barnes wrote: >At the moment we are beginning the process of surveying members of local >groups and employers in the high tech field to see if they are interested >in being part of the field of membership of a fully digital Credit Union. >We had our first Austin cypherpunks meeting yestereday, and it's clear that >they will be the core of the new CU. And when you look further... I'm ready! ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From cman at IO.COM Mon Oct 11 09:26:15 1993 From: cman at IO.COM (Douglas Barnes) Date: Mon, 11 Oct 93 09:26:15 PDT Subject: The Bank of the Internet!? (fwd) In-Reply-To: <9310111609.AA01224@netcom.netcom.com> Message-ID: <9310111620.AA23813@illuminati.IO.COM> > > At 16:14 93/10/10 -40962758, Douglas Barnes wrote: > > >At the moment we are beginning the process of surveying members of local > >groups and employers in the high tech field to see if they are interested > >in being part of the field of membership of a fully digital Credit Union. > >We had our first Austin cypherpunks meeting yestereday, and it's clear that > >they will be the core of the new CU. > > And when you look further... I'm ready! > Because of (archaic) formation regulations, *a* Credit Union is restricted pretty much to a single, distinct geographical region, i.e. Travis County, Texas. CUs with national field of membership are apparently allowed, but an extremely tight associative bond is required (the somewhat scattershot associative bonds we hope to use in Austin would never fly on a national level.) There is nothing, however, to prevent multiple CUs from being created, with similar philosophies, that share software, expertise, etc. Doug -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From cman at IO.COM Mon Oct 11 09:46:15 1993 From: cman at IO.COM (Douglas Barnes) Date: Mon, 11 Oct 93 09:46:15 PDT Subject: The Bank of the Internet!? In-Reply-To: <9310111341.AA18008@snark.lehman.com> Message-ID: <9310111642.AA26409@illuminati.IO.COM> > I don't care for the Government, but I suspect that Chase Manhattan > has a much better idea of the problems involved in cash transfer and > accounting systems than you guys do. People who've never worked for > financial institutions rarely understand where the real problems are. > > I don't mean this to be patronizing -- I have a good deal of respect Oh really? :-) I worked for First City National Bank in MIS for three years... I'm sure Chase has the drop in terms of experience, but you need to realize that these institutions are the IBMs of the financial world. How much truly innovative tech do you see out of IBM, despite all the centuries of experience locked up in meetings? (I went to work for them after First City, so I got to see it frist hand.) Also, the Credit Union movement was started by amateurs in the 19th century, and the bulk of CUs are still started by rank amateurs today, albeit the regulators like to see some folks who have at least a basic grasp of accounting (of which do indeed have.) I think that you are overestimating the sexiness of this project, as did an earlier poster. It's really quite ordinary, except that rather than being driven merely by a desire to get low-cost loans and a customer-centered approach, our field of membership gets all the digital banking services we can legally provide.... and if a few standards get set on the way, all the better :-). Doug -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From an41418 at anon.penet.fi Mon Oct 11 09:56:17 1993 From: an41418 at anon.penet.fi (wonderer) Date: Mon, 11 Oct 93 09:56:17 PDT Subject: Breaking DES Message-ID: <9310111652.AA29091@anon.penet.fi> My understanding of how an exhaustive search on the key space can be used to break DES is that for every key, K, D(K,Cipher) is applied until the output matches something legible. Say that some random string, to be thrown out, is added to the beginning of the plain text, and that DES is applied in cbc mode, then how could such an attack work? My point, I don't see how DES can be broken if the initial block is a grabage block, and cipher block chaining is used. Please enlighten me (gently). One other point... is the decision to encrypt - decrypt -encrypt when applying triple des arbitrary? Why not just encrypt with k1 and then encrypt with k2. Isn't the effect the same? Thanks a lot, Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From mccoy at ccwf.cc.utexas.edu Mon Oct 11 09:59:48 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 11 Oct 93 09:59:48 PDT Subject: The Bank of the Internet!? In-Reply-To: <9310111341.AA18008@snark.lehman.com> Message-ID: <199310111657.AA16129@tramp.cc.utexas.edu> Perry E. Metzger writes: > > Jim McCoy says: > > We want to be the ones who will define the protocol for currency on > > the net. > [...] > > I don't care for the Government, but I suspect that Chase Manhattan > has a much better idea of the problems involved in cash transfer and > accounting systems than you guys do. People who've never worked for > financial institutions rarely understand where the real problems are. > [...] This is true. We are not trying to do this alone. We are working with a major local credit union to be able to handle these sorts of things. We also have people involved who have some real experience in this area. I guess I will say that we are trying to cover all of the bases as best we can (if you want a real fun mind-warp examine commercial paper and electronic wire transfer law...) and that we are going to do something. Enough has been bounced around in conversation here, we are going to try to get something done now... jim From pmetzger at lehman.com Mon Oct 11 10:16:19 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 11 Oct 93 10:16:19 PDT Subject: The Bank of the Internet!? In-Reply-To: <9310111642.AA26409@illuminati.IO.COM> Message-ID: <9310111713.AA18358@snark.lehman.com> Douglas Barnes says: > Oh really? :-) > I worked for First City National Bank in MIS for three years... I'm > sure Chase has the drop in terms of experience, but you need to realize > that these institutions are the IBMs of the financial world. How > much truly innovative tech do you see out of IBM, despite all the > centuries of experience locked up in meetings? Plenty. Find me a workstation with the sort of uptime a 3090 running MVS will give you. I think this is a matter of neglect and a lack of market pressure, but let it never be said that IBM's problem was a lack of technological expertise. They have possibly the finest manufacturing technology engineers in the world, and world class computer jocks, even in the mainframe world. They have expertise in scads. Their problem has always been an inability to understand that they are in a competitive marketplace. Thats why they are always suprised when their machines don't sell even though they are priced too high. They are also too big to manage. > Also, the Credit Union movement was started by amateurs in the 19th > century, and the bulk of CUs are still started by rank amateurs today, > albeit the regulators like to see some folks who have at least a > basic grasp of accounting (of which do indeed have.) Hey, thats fine, but if you aspire to revolutionize a business you should first understand it. To my knowledge, most credit unions do not produce financial innovations. > I think that you are overestimating the sexiness of this project, as > did an earlier poster. It's really quite ordinary, Thats my point. The ordinary day to day problems of producing good banking software are not trivial. Designing a dam for a large river presents no technological challenges whatsoever. Try doing it without a lot of specialized knowledge. So you are starting a bank. Tell me -- can you tell me what a bankers acceptance is? What the clearing time is for checks? What sort of securities instruments a bank is allowed to invest in? If you find yourself with fractional pennies in a transaction, what do you do with them? Can you tell me what organization sets accounting practices in the U.S., and what the name of their major publication is? Whats a CUSIP number? If one of your credit union's members cashes a savings bond, what sort of tax information must your accounting system keep, and what forms are you obligated to file, and when? How do you clear a check from an out of country bank? Indeed, how do you clear a a check from an american bank? What, legally, is a check? What language is needed on a loan document to make the loan transferable? This stuff isn't difficult. There is just scads of it. Getting the software to handle all of it properly isn't a part time job. Stating that you are setting out to produce "the" banking protocols of the future when you don't grok banking yet is a bit on the hubristic side. Perry From pmetzger at lehman.com Mon Oct 11 10:19:48 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 11 Oct 93 10:19:48 PDT Subject: The Bank of the Internet!? In-Reply-To: <199310111657.AA16129@tramp.cc.utexas.edu> Message-ID: <9310111716.AA18369@snark.lehman.com> Jim McCoy says: > Perry E. Metzger writes: > > > > Jim McCoy says: > > > We want to be the ones who will define the protocol for currency on > > > the net. > > [...] > > > > I don't care for the Government, but I suspect that Chase Manhattan > > has a much better idea of the problems involved in cash transfer and > > accounting systems than you guys do. People who've never worked for > > financial institutions rarely understand where the real problems are. > > [...] > > This is true. We are not trying to do this alone. We are working with a > major local credit union to be able to handle these sorts of things. We > also have people involved who have some real experience in this > area. Well, I'm glad that you understand that there is a problem here. > I guess I will say that we are trying to cover all of the bases as > best we can (if you want a real fun mind-warp examine commercial > paper and electronic wire transfer law...) I have. Commercial paper isn't actually too bad -- its pretty logical once you understand the principles. > and that we are going to do something. > Enough has been bounced around in conversation here, we are going to try to > get something done now... I wish you luck. Perry From habs at panix.com Mon Oct 11 11:29:50 1993 From: habs at panix.com (Harry S. Hawk) Date: Mon, 11 Oct 93 11:29:50 PDT Subject: The Bank of the Internet!? Message-ID: <199310111827.AA22615@panix.com> Perry >> I don't care for the Government, but I suspect that Chase Manhattan >> has a much better idea of the problems involved in cash transfer and >> accounting systems than you guys do. People who've never worked for >> financial institutions rarely understand where the real problems are. >Douglas Barnes >I worked for First City National Bank in MIS for three years... I'm >sure Chase has the drop in terms of experience, but you need to realize >that these institutions are the IBMs of the financial world. How >much truly innovative tech do you see out of IBM, despite all the >centuries of experience locked up in meetings? (I went to work for >them after First City, so I got to see it frist hand.) There is a huge difference between the back office transactions at a brokerage house and those in a small bank/credit union. A point of reference, in 1990 Shearson Lehman brokerage services used 18 gigabytes of data for client records (PER Month). Unable to keep all that data on disk (they were planning to go optical), they had huge costs in microfilm, esp. in paying folks to retrieve data by hand. A major problem with Brokerage back office is physically keeping track of where stocks are and where they are going (they can be sold, bought, held, borrowed and lent). Other rules, as Perry mentions, include suffering economic loss at certain points if you are unable to document certain transactions. I don't, however, see how any of this could impact a simple credit union type bank opperated over the Internet. Such a back office should be far simpler. The trick will be growing such a enterprise into a business that can offer any degree of sophisicated financial services. A major plus is that if digital signatures can be used, and strorage space allows, little if no paper records need be kept, which will allow the entire operation to exist in "cypherspace." I do agree with Perry in that it will be a full time activity, and that much learning will have to take place. I am more optimistic than Perry in feeling it can be done. >From Jan of 1988 to March of 1990 I worked in the Advanced Technology and Office Systems Consulting deptments of Shearson Lehman Brothers (now Smith Barney Shearson). I was involved in their efforts to implement optical storage systems for both data and images. -- Harry S. Hawk ON Vacation From pcw at access.digex.net Mon Oct 11 12:26:19 1993 From: pcw at access.digex.net (Peter Wayner) Date: Mon, 11 Oct 93 12:26:19 PDT Subject: Zimmerman on the Hill.... Message-ID: <199310111925.AA15091@access.digex.net> What time will Zimmerman be delivering his telegram to the Hill tomorrow? Does anyone know the date and time and location? I would appreciate the information. Thanks, ' Peter Wayner From nobody at rosebud.ee.uh.edu Mon Oct 11 12:29:50 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Mon, 11 Oct 93 12:29:50 PDT Subject: RSA Security Message-ID: <9310111927.AA16653@toad.com> Everyone here, of course, knows that breaking the RSA encryption scheme can be no harder than factoring huge numbers. The present security in RSA rests in the fact that nobody has found an efficient way to do it. At the same time, however, nobody has been able to show that it can't be done. We are simply going on faith and past history. The problem is that if someone were to discover a efficient method for factoring, I don't believe that we would know about it for a long time. For example, if by some stroke of genius, I were to discover an efficient way to factor, you would never hear about it from me! Being the greedy person that I am, I would say to myself: "How can I make a buck from this?". I would probably go to the government or some company (quietly) and say to them: "For X dollars each, I will break RSA keys for you." The beauty is that I would not need to disclose the algorithm for factoring. They could easily check if the results that I gave them were correct! From frissell at panix.com Mon Oct 11 12:49:50 1993 From: frissell at panix.com (Duncan Frissell) Date: Mon, 11 Oct 93 12:49:50 PDT Subject: Why X/Open in London? Message-ID: <199310111947.AA04793@panix.com> I noted that Novell was supposed, today, to assign its rights to Unix to the X/Open consortium based in London. You don't suppose that X/Open was founded in London so that future Unix versions could integrate crypto without bothering with US export laws. Another blow to America's competitiveness. Duncan Frissell --- WinQwk 2.0b#0 From an41418 at anon.penet.fi Mon Oct 11 12:51:10 1993 From: an41418 at anon.penet.fi (wonderer) Date: Mon, 11 Oct 93 12:51:10 PDT Subject: Security through obscurity Message-ID: <9310111947.AA02379@anon.penet.fi> I know that it is pretty much accepted by the security community that security through obscurity is useless. There are countless references to this, and it is a strong argument in favor of publishing algorithms. >From time to time, however, it is healthy to question policies such as these and ask ourselves whether or not this is a good idea. It seems that Denning has changed her mind on this by advocating the secrecy of the skipjack algorithm. All of the known plaintext attacks on algorithms such as DES, that involve exhaustive key search are based on knowledge of the algorithm. Wouldn't keeping the algorithm a secret render such chips, as the one presented in Eurocrypt '93 useless? I agree that analysis is more difficult when you don't know if an intruder has compromised your algorithm, but if it were my data that I wanted kept secret I wouldn't give the cracker a head start by publishing my algorithm. Clipper has proven how difficult it is to reverse engineer an algorithm. Let me just say that I know I have violated an accepted doctrine of computer security, but I think it's okay to question even the most accepted ideas every once in a while. I thought this would be a bit provocative. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From peb at PROCASE.COM Mon Oct 11 13:01:19 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Mon, 11 Oct 93 13:01:19 PDT Subject: RSA Security Message-ID: <9310112000.AA00873@banff.procase.com> > if someone were to discover a efficient method for >factoring, I don't believe that we would know about it for a long time. Yes, but consider that being world famous has its advantages for contracting and lecture fees... If factoring were discovered to cost polynomial time, then it would require an international math hooligan conspiracy to keep it quiet. Paul From djw at eff.org Mon Oct 11 13:19:50 1993 From: djw at eff.org (Daniel J. Weitzner) Date: Mon, 11 Oct 93 13:19:50 PDT Subject: Zimmerman on the Hill....(the details) Message-ID: <199310112016.AA21592@eff.org> Phil Zimmermann will be testifying Tuesday October 12th at 1:30 pm: Rayburn Room 2172 House Foreign Affairs Committee Subcommittee on Economic Policy, Trade, and the Environment Also featured will be demos of DES downloaded from foreign ftp sites and a large array of foreign-produced DES-based security packages. [It's always wise to check the room assigned on the day of the hearing.] ................................................................... Daniel J. Weitzner, Senior Staff Counsel Electronic Frontier Foundation 1001 G St, NW Suite 950 East Washington, DC 20001 202-347-5400 (v) 202-393-5509 (f) From doug at netcom.com Mon Oct 11 13:51:08 1993 From: doug at netcom.com (Doug Merritt) Date: Mon, 11 Oct 93 13:51:08 PDT Subject: RSA Security Message-ID: <9310112047.AA11247@netcom.netcom.com> peb at PROCASE.COM (Paul Baclace) said: >Yes, but consider that being world famous has its advantages for contracting >and lecture fees... That's also more attractive considering that the U.S. government is quite capable of demanding the secret of the factorization method and generally throw their weight around as "justified" by national security... I'm not generally very paranoid, but I *would* be in a situation like that. Just about any and all other laws go out the window once they invoke national security. Doug -- Doug Merritt doug at netcom.com Professional Wild-eyed Visionary Member, Crusaders for a Better Tomorrow (The above is a joke; the following are mailing lists:) Unicode Novis Cypherpunks Gutenberg Wavelets Conlang Logli Alife HC_III Computational linguistics Fundamental physics Cogsci SF GA VR CASE TLAs From smb at research.att.com Mon Oct 11 14:16:21 1993 From: smb at research.att.com (smb at research.att.com) Date: Mon, 11 Oct 93 14:16:21 PDT Subject: Breaking DES Message-ID: <9310112113.AA18057@toad.com> My understanding of how an exhaustive search on the key space can be used to break DES is that for every key, K, D(K,Cipher) is applied until the output matches something legible. Say that some random string, to be thrown out, is added to the beginning of the plain text, and that DES is applied in cbc mode, then how could such an attack work? My point, I don't see how DES can be broken if the initial block is a grabage block, and cipher block chaining is used. Please enlighten me (gently). One other point... is the decision to encrypt - decrypt -encrypt when applying triple des arbitrary? Why not just encrypt with k1 and then encrypt with k2. Isn't the effect the same? There are two reasons for that, one of which no longer applies. The one that still matters is that if you set k1==k2, then the operation is equivalent to single encryption with k1, thus providing backwards compatibility. The other reason is that it was initially feared that DES was a group. That is, encryption with k1 and k2 might be equivalent to single encryption with some unknown (to you and me) key k3. But a cryptanalyst or a brute- force cracker would neither know nor care that you double-encrypted. It has now been proved that DES is not a group. What isn't clear to me is whether it's ``mostly closed'', though I suspect not. From klbarrus at owlnet.rice.edu Mon Oct 11 14:59:50 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 11 Oct 93 14:59:50 PDT Subject: Breaking DES In-Reply-To: <9310111652.AA29091@anon.penet.fi> Message-ID: <9310112158.AA11809@flammulated.owlnet.rice.edu> wonderer wrote: >One other point... is the decision to encrypt - decrypt -encrypt >when applying triple des arbitrary? Why not just encrypt >with k1 and then encrypt with k2. Isn't the effect the same? Encrypting with k1 and then k2 leaves you open to the "meet in the middle" attack. Say I get a copy of the plaintext and ciphertext. I could encrypt the plaintext with 2^56 keys, and decrypt the ciphertext with 2^56 keys. Then by matching results of the above steps, I could figure out k1 and k2. The work for this attack is 2^56 + 2^56 = 2^57, which suggests that double encryption doesn't increase the complexity of breaking your text very much. It only increases it from 2^56 to 2^(56+1). So if you use the same k1 and k2 for all your documents and it is worth my time and money to figure out k1 and k2, favoring double encryption over single encryption doesn't make much sense. Otherwise, there was fear that DES was a group (encrypting with k1 and k2 is equivalent to encrypting once with k3), but I think this got buried (?) recently. Also, with the triple encrypt-decrypt-encrypt, if you pick the same key for each step, it is equivalent to just single encryption. Which may be of importance in compatibility issues, etc. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From mccoy at ccwf.cc.utexas.edu Mon Oct 11 15:01:22 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 11 Oct 93 15:01:22 PDT Subject: Security through obscurity In-Reply-To: <9310111947.AA02379@anon.penet.fi> Message-ID: <199310112157.AA16726@tramp.cc.utexas.edu> an41418 at anon.penet.fi (wonderer) writes: > [regarding security through obscurity and the clipper/skipjack stuff] > > All of the known plaintext attacks on algorithms such as > DES, that involve exhaustive key search are based on knowledge > of the algorithm. Wouldn't keeping the algorithm a secret > render such chips, as the one presented in Eurocrypt '93 > useless? > > [...] I wouldn't give the > cracker a head start by publishing my algorithm. You are not going to be able to keep your algorithm secret, period. Those who are determined enough will be able to dig it out of any programs or chips you use to implement your algorithm. Security through obscurity is stupid because no matter how smart you may think you are in hiding your method, there is always someone smarter who will dig it out and changing technology constantly lowers the barrier of how smart people need to be to dig information out of old locks using new tools. The problem with security through obscurity is that if it is set up as a part of a system people have a tendency to think that they can use the obscurity to hide weaknesses in the system. Once your system or chip is out there in quantity there will be nothing on it you can hide, and any weaknesses will be impossible to fix without a recall (severely damaging trust and reputation with your users...) If the algorithm is truly secure, then very little will be gained by letting everyone know the method used, and by letting others examine and test the system it is possible to have others establish the strength or weaknesses of your method for you. I do not trust you, I do not trust the NSA, I do trust the cryptography community in general because they have nothing to gain by misleading me. > Clipper has > proven how difficult it is to reverse engineer an algorithm. Clipper has proven nothing because _no one has had a chance to reverse engineer the algorithm_. Give me clipper in software or give some of the people on this list the clipper chips and see we'll see how long the method remains secret. So far clipper/skipjack is vapor. When I can hold one in my hand and tweak inputs and outputs then we shall see how difficult it is to reverse engineer an algorithm. jim From strata at FENCHURCH.MIT.EDU Mon Oct 11 15:16:23 1993 From: strata at FENCHURCH.MIT.EDU (M. Strata Rose) Date: Mon, 11 Oct 93 15:16:23 PDT Subject: PGP misunderstanding Message-ID: Derek writes: And just what is the point of an encrypted newsgroup? What key(s) would you use to encrypt the messages, and why? I would create a pair of keysets, VCNPoster and VCNReader and have both the public and private keys accessible via finger. The outbound news would be encrypted as if these two nyms were exchanging messages. It's not a security thing, it's just that people who won't bother to learn how to use the technology won't be able to read or post there. That will be enough incentive to get another class of folks using it, IMHO. _Strata M. Strata Rose Unix & Network Consultant, SysAdmin & Internet Information Virtual City (TM) Network strata at virtual.net | strata at hybrid.com | strata at fenchurch.mit.edu From pmetzger at lehman.com Mon Oct 11 15:59:50 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 11 Oct 93 15:59:50 PDT Subject: Breaking DES In-Reply-To: <9310112158.AA11809@flammulated.owlnet.rice.edu> Message-ID: <9310112259.AA19226@snark.lehman.com> Karl Lui Barrus says: > Encrypting with k1 and then k2 leaves you open to the "meet in the > middle" attack. > > Say I get a copy of the plaintext and ciphertext. I could encrypt the > plaintext with 2^56 keys, and decrypt the ciphertext with 2^56 keys. > Then by matching results of the above steps, I could figure out k1 and > k2. Tell you what, Karl -- when you build the device that can store 2^56 encryptions, let us know. You'll make a mint in the storage technology business. Also let us know how you'll index and fetch the encryptions in any reasonable time while you are at it, but by comparison thats a tiny problem. > The work for this attack is 2^56 + 2^56 = 2^57, which suggests that > double encryption doesn't increase the complexity of breaking your > text very much. Karl, are you sure that you want people to think you believe this? Perry From lefty at apple.com Mon Oct 11 16:09:51 1993 From: lefty at apple.com (Lefty) Date: Mon, 11 Oct 93 16:09:51 PDT Subject: The Bank of the Internet!? Message-ID: <9310112247.AA09195@internal.apple.com> Harry S. Hawk writes: > >I don't, however, see how any of this could impact a simple credit >union type bank opperated over the Internet. I would be surprised to discover that running a bank "over the Internet" didn't stand a fair chance of running afoul of interstate banking laws... -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From an41418 at anon.penet.fi Mon Oct 11 16:16:23 1993 From: an41418 at anon.penet.fi (wonderer) Date: Mon, 11 Oct 93 16:16:23 PDT Subject: Breaking DES Message-ID: <9310112312.AA12510@anon.penet.fi> I am sorry to have asked two questions in my original post. A few people have made me aware of the reason for encrypting EDE in triple DES for backward compatability and the issue of whether or not DES is a group. So, I'd like to redirect this thread to my other question: My understanding of how an exhaustive search on the key space can be used to break DES is that for every key, K, D(K,Cipher) is applied until the output matches something legible. Say that some random string, to be thrown out, is added to the beginning of the plain text, and that DES is applied in cbc mode, then how could such an attack work? My point, I don't see how DES can be broken if the initial block is a grabage block, and cipher block chaining is used. Please enlighten me (gently). Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From P.V.McMahon at rea0803.wins.icl.co.uk Mon Oct 11 16:26:23 1993 From: P.V.McMahon at rea0803.wins.icl.co.uk (P.V.McMahon at rea0803.wins.icl.co.uk) Date: Mon, 11 Oct 93 16:26:23 PDT Subject: Why X/Open in London? In-Reply-To: <199310111947.AA04793@panix.com> Message-ID: <"7381*/I=PV/S=McMahon/OU=rea0803/O=icl/PRMD=icl/ADMD=gold 400/C=GB/"@MHS> Duncan Frissell writes: > > I noted that Novell was supposed, today, to assign its rights to Unix to > the X/Open consortium > based in London. > > You don't suppose that X/Open was founded in London so that future Unix X/Open is based in Reading, Berkshire (a short walk from my office). Urban sprawl hasn't quite connected Reading and London yet. > versions could integrate crypto without bothering with US export laws. > X/Open doesn't integrate UNIX implementations; it publishes specifications for a Common Application Environment and defines branding schemes which permit users to use an independent yardstick to measure the openness of vendors' systems. > Another blow to America's competitiveness. > Apart from hinting that material considered to be munitions by US law may actuallly be available and in use outside the US (through the presence of interfaces such as crypt(), setkey(), and encrypt() in XPG4), I can't think of any relevance of X/Open's work to the burdens which cryptographic export controls may impose on US companies. Note that similar export constraints as are enjoyed in the US are applied by the national authorities of the UK, and other countries . > Duncan Frissell > > > > --- WinQwk 2.0b#0 ------------------------------------------------------- Piers McMahon 12OCT93 ICL post: Kings House, 33 Kings Road, Reading, RG1 3PX, UK email: p.v.mcmahon at rea0803.wins.icl.co.uk OR p.mcmahon at xopen.co.uk phone: +44 734 586211 extension 3285 fax: +44 734 855106 ------------------------------------------------------- From cman at IO.COM Mon Oct 11 16:29:50 1993 From: cman at IO.COM (Douglas Barnes) Date: Mon, 11 Oct 93 16:29:50 PDT Subject: The Bank of the Internet!? In-Reply-To: <9310112247.AA09195@internal.apple.com> Message-ID: <9310112326.AA02036@illuminati.IO.COM> > > Harry S. Hawk writes: > > > >I don't, however, see how any of this could impact a simple credit > >union type bank opperated over the Internet. > > I would be surprised to discover that running a bank "over the Internet" > didn't stand a fair chance of running afoul of interstate banking laws... > 1) It's a Credit Union, not a bank. 2) The field of membership for the individual CUs would be restricted to a local area. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From an38793 at anon.penet.fi Mon Oct 11 16:41:41 1993 From: an38793 at anon.penet.fi (an38793 at anon.penet.fi) Date: Mon, 11 Oct 93 16:41:41 PDT Subject: Security through obscurity Message-ID: <9310112341.AA18180@anon.penet.fi> > You are not going to be able to keep your algorithm secret, period. > Those who are determined enough will be able to dig it out of any > programs or chips you use to implement your algorithm. Security through > obscurity is stupid because no matter how smart you may think you are > in hiding your method, there is always someone smarter who will dig it > out and changing technology constantly lowers the barrier of how smart > people need to be to dig information out of old locks using new tools. I agree with this 100%. The interesting fact is, a lot of commercial programs rely on security through obscurity. Often, anyone who takes the time to disassemble the interesting routines, can crack the encryption. Yes it is stupid. But, a lot of people and companies rely on "security through obscurity" to protect their applications/data. Part of this is due to export restrictions, but a large part is just due to lack of awareness. One of my favorite applications has embedded in its license agreement: "...nor shall the Licensee attempt to decrypt any Passwords that may enable the Software's functionality..." This is not a substitute for real security. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From smb at research.att.com Mon Oct 11 17:16:42 1993 From: smb at research.att.com (smb at research.att.com) Date: Mon, 11 Oct 93 17:16:42 PDT Subject: Breaking DES Message-ID: <9310120012.AA21398@toad.com> My understanding of how an exhaustive search on the key space can be used to break DES is that for every key, K, D(K,Cipher) is applied until the output matches something legible. Say that some random string, to be thrown out, is added to the beginning of the plain text, and that DES is applied in cbc mode, then how could such an attack work? My point, I don't see how DES can be broken if the initial block is a grabage block, and cipher block chaining is used. Please enlighten me (gently). The decryption equation for CBC mode is P[n] <- D(C[n]) ^ C[n-1] In other words, decrypt the current ciphertext block, and XOR with the previous ciphertext block. Note carefully: the previous ciphertext block. That implies that you can start at any point in the string and do your decryption. You don't have to know the plaintext of the previous block to proceed, which is what you're implying. The property of CBC mode is related to its error propagation character- istics, which are important in some environment. Suppose that ciphertext block C[n] is garbled, either by a bird sitting on a phone line or by hostile action. That will garble two blocks of output: P[n] and P[n+1]. (Derivation is left as an exercise for the reader.) But P[n+2] will be decrypted properly, since it depends on P[n+1] and P[n+2]. (N.B. I'm deliberately ignoring insertion/deletion errors. If those are a concern, use CFB mode.) In accordance with my usual habits, I'll cite an excellent reference on how to use cipher systems, and what the properties of the different encryption modes are: @book{daviesprice, author = {Donald W. Davies and Wyn L. Price}, edition = {second}, publisher = {John Wiley \& Sons}, title = {Security for Computer Networks}, year = {1989} } Bruce Schneier's excellent book ``APPLIED CRYPTOGRAPHY: PROTOCOLS, ALGORITHMS, AND SOURCE CODE IN C'' is due out next month; it covers this, too. (I'll forbear to cite my own book till it's nearer completion...) From jet at netcom.com Mon Oct 11 17:36:24 1993 From: jet at netcom.com (J. Eric Townsend) Date: Mon, 11 Oct 93 17:36:24 PDT Subject: Breaking DES In-Reply-To: <9310112259.AA19226@snark.lehman.com> Message-ID: <9310120035.AA17275@netcom6.netcom.com> "Perry E. Metzger" writes: > Tell you what, Karl -- when you build the device that can store 2^56 I have 1/72nd of that storage capacity in the next room, using off-the-shelf technology. Also, 8GB RAM, and another 300-500GB of 'fast' storage local to the CPU. (Cray C90, 1GW main memory, .5TB drive storage of various types, 9 tape silos) Again, all off-the-shelf technology. Tape robots are a few years old, actually. :-) From jet at netcom.com Mon Oct 11 17:46:24 1993 From: jet at netcom.com (J. Eric Townsend) Date: Mon, 11 Oct 93 17:46:24 PDT Subject: whoops! Message-ID: <9310120045.AA18250@netcom6.netcom.com> I just sent mail saying I had 1/72 of 2^56 bytes of storage. I was wrong, it seems I dropped 'a few' zeros. In reality, there's 1/72057th or so next door. That's a bit different than 1/72. Never mind, From pmetzger at lehman.com Mon Oct 11 19:26:25 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 11 Oct 93 19:26:25 PDT Subject: Breaking DES In-Reply-To: <9310120035.AA17275@netcom6.netcom.com> Message-ID: <9310120225.AA19589@snark.lehman.com> J. Eric Townsend says: > "Perry E. Metzger" writes: > > Tell you what, Karl -- when you build the device that can store 2^56 > > I have 1/72nd of that storage capacity in the next room, using > off-the-shelf technology. Also, 8GB RAM, and another 300-500GB of > 'fast' storage local to the CPU. My bogometer just triggered, so I decided to check your math. (2^56)*8 = 576,460,752,303,423,488 ((2^56)*8)/72 = 8,006,399,337,547,548 or eight quadrillion bytes. > (Cray C90, 1GW main memory, .5TB drive storage of various types, 9 > tape silos) Gee, half a terrabyte. Thats 16,000 times less than you claimed. > Again, all off-the-shelf technology. Tape robots are a few years old, > actually. :-) Your off the shelf slow speed tape technology isn't even 1/16,000 of what you claimed, and its over a million times less storage than you would need, in *RAM*, for the proposed task. Perry From pmetzger at lehman.com Mon Oct 11 19:31:05 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 11 Oct 93 19:31:05 PDT Subject: whoops! In-Reply-To: <9310120045.AA18250@netcom6.netcom.com> Message-ID: <9310120228.AA19597@snark.lehman.com> J. Eric Townsend says: > > I just sent mail saying I had 1/72 of 2^56 bytes of storage. I was > wrong, it seems I dropped 'a few' zeros. > > In reality, there's 1/72057th or so next door. That's a bit different > than 1/72. Ah, reality catches up. You also forgot a factor of 8... Perry From jet at netcom.com Mon Oct 11 19:39:50 1993 From: jet at netcom.com (J. Eric Townsend) Date: Mon, 11 Oct 93 19:39:50 PDT Subject: Breaking DES In-Reply-To: <9310120225.AA19589@snark.lehman.com> Message-ID: <9310120238.AA25432@netcom4.netcom.com> "Perry E. Metzger" writes: > My bogometer just triggered, so I decided to check your math. As I said, I was off by a few orders of magnitude or so. > > > (Cray C90, 1GW main memory, .5TB drive storage of various types, 9 > > tape silos) > Gee, half a terrabyte. Thats 16,000 times less than you claimed. The .5TB is *local* storage. The 9 tape silos hold a couple of terabytes, uncompressed. > what you claimed, and its over a million times less storage than you > would need, in *RAM*, for the proposed task. Wouldn't need to be in RAM. Would interleave the search in some banks with loads of data into other banks. Stream the damn thing. From msattler at netcom.com Mon Oct 11 19:41:25 1993 From: msattler at netcom.com (Michael Sattler) Date: Mon, 11 Oct 93 19:41:25 PDT Subject: Cypherpunk Cause Message-ID: <9310120239.AA00773@netcom.netcom.com> At 12:10 93/10/10 -0400, Perry E. Metzger wrote: > >If you want to spew nonsense, please do so on one of the politics >newsgroups. This is for cryptography discussion. (Donning asbestos undies...) This kind of knee-jerk reaction dismays me. My response *was* about cryptography. Perhaps the following test would prevent you from (1) wasting bandwidth and (2) turning off people who are trying to put the flood of crypto info into perspective: "Does this email add any value to the discussion?" Give the rest of us a break; your usual postings are worth reading. ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From trebor at foretune.co.jp Mon Oct 11 19:56:25 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Mon, 11 Oct 93 19:56:25 PDT Subject: RSA Security In-Reply-To: <9310111927.AA16653@toad.com> Message-ID: <9310120254.AA25692@dink.foretune.co.jp> You write: >I would probably go to the government or some company (quietly) >and say to them: "For X dollars each, I will break RSA keys for you." You are very naive. Your secret would be very valuable, and there would be great incentive for an unscrupulous customer to get the secret from you. Put yourself in the position of DIRNSA. He is most likely an honorable person who wouldn't think of torturing the information out of you (and I'm not just saying that because the NSA is most likely reading this list -- most people in government are honorable). However, he has a problem: 1) Secrets leak - and sooner or later, someone who would stoop to nasty methods will find out about you. 2) He is responsible for protecting the country against certain threats. You are, in a sense, a threat -- because you might unintentionally do something really stupid with your knowledge. He must now balance your rights in our society vs. his responsibility to protect it. It is a difficult situation. I think the best you could hope for is to sell the secret to them and be made a job offer you can't refuse. If you figure out a cheap way to factor, I would advise you to publish it as widely as possible, most likely via multiple postings to multiple newsgroups on the net. As people are going to be very interested in your identity, I suggest you do it anonymously. VERY anonymously. Spookily yours, Robert "reads too many spy novels" Woodhead From doug at netcom.com Mon Oct 11 19:56:43 1993 From: doug at netcom.com (Doug Merritt) Date: Mon, 11 Oct 93 19:56:43 PDT Subject: Breaking DES In-Reply-To: Message-ID: <9310120254.AA04001@netcom6.netcom.com> pmetzger at lehman.com said: >Karl Lui Barrus says: >> plaintext with 2^56 keys, and decrypt the ciphertext with 2^56 keys. > >Tell you what, Karl -- when you build the device that can store 2^56 >encryptions, let us know. 2^56 bytes equals 10^7 gigabytes. At roughly $1000 per gigabyte, that equals 10^10 bucks...10 billion dollars. Or say there's a quantity discount in orders totalling a million units, and you get the whole capacity for 1 billion dollars. Well, that's a bit steep for me, but there's no question but that the NSA could afford it. Still, what do you say I wait a few years until it comes down to 10 million dollars, which I happen to have available in the year 2003 in my company budget? Ten years should do it, estimating conservatively. > Also let us know how you'll index and fetch the encryptions >in any reasonable time while you are at it, but by comparison thats a >tiny problem. That ten years also means that rather than searching 10^7 units in parallel, we will then be searching only 10^5 units in parallel. It'll still take a few hours, but that's ok. This all suggests that the NSA could do such a thing *now* if they *really* cared to, and could do so fairly trivially in 10 years. >> The work for this attack is 2^56 + 2^56 = 2^57, which suggests that >> double encryption doesn't increase the complexity of breaking your >> text very much. > >Karl, are you sure that you want people to think you believe this? I did a double take on this at first too, since naively one would expect the search to be (2^56)^2. However, this can be improved, for instance by sorting each set in N lg N time (56 * 2^56 operations), and then doing interleaved comparisons in N lg N time again, which can be mostly parallelized over those 10^5 computers that are running those 10^5 disks, so that the total time would be (since 10^16 = 2^56) 10^16 / 10^5 machines = 10^11 cycles, and given 10^3 MIP machines, this gives 10^4 seconds (20 minutes) for each phase...call it an hour total. (In other words, as a first approximation, Karl is accurate to assume linear rather than quadratic speed for this.) This neglects coordination of the networked machines, which one might expect to add a factor of 5 to 10 to those numbers. This rough analysis demonstrates that Karl's scenario is merely expensive now, and "cheap" (by NSA standards) ten years from now, rather than completely inconceivable. I guess the weakest point of the above back-of-the-envelope estimate is that each e.g. plaintext & cyphertext is assumed to be representable within one byte, but that's *not* fatal. You could use hashing to get down to one byte, and when a hit is detected, try again using two bytes. When hits are detected there, use four bytes...and so on. That approach allows the real world scheme to be reasonably close to the back of the envelope gross assumptions. Doug From banisar at washofc.cpsr.org Mon Oct 11 21:06:44 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Mon, 11 Oct 93 21:06:44 PDT Subject: CPSR Alert 2.03 Message-ID: <00541.2833227469.217@washofc.cpsr.org> CPSR Alert 2.03 ============================================================= @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@ @ @@@ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @ @ @ @ @@@@ @@@@ @ @ @ ============================================================= Volume 2.03 October 12, 1993 ------------------------------------------------------------- Published by Computer Professionals for Social Responsibility Washington Office (Alert at washofc.cpsr.org) ------------------------------------------------------------- Contents [1] Administration Continues NII Initiative [2] White House Announces New FOIA Procedures [3] Health Care and Privacy [4] CPSR Panel on Medical Privacy [5] CPSR Annual Meeting - October 16-17 [6] New Documents in the CPSR Internet Library [7] Upcoming Conferences and Events ------------------------------------------------------------- [1] Administration Continues NII Initiative Following the announcement of the "The National Information Infrastructure: Agenda for Action" in mid-September, the Administration is pushing forward the NII program. An open forum was held at the Department of Commerce at the end of September with high ranking officials, private sector representatives, and public advocates exchanging views on the NII program. The National Telecommunications and Information Administration is planning a series of hearings later this year on an updated concept of "universal service," and the Information Infrastructure Task Force working group on privacy has already held several meetings to examine privacy implications of the NII program. To obtain a copy of the NII report, FTP the document from ftp.ntia.doc.gov. Log in as "anonymous" with the password "guest" and change to directory "pub." Retrieve "niiagenda.asc." (The document is also available from the CPSR FTP site). CPSR will be submitting formal comments on the NII program later this month. To send comments directly to the administration, send email to nii at ntia.doc.gov. ------------------------------------------------------------- [2] Clinton Issues FOIA Directive Noting that "openness in government is essential to accountability," President Clinton issued a memorandum to all federal agencies on October 4 directing them to comply with "both the letter and spirit" of the Freedom of Information Act (FOIA). Clinton noted that the FOIA "is a vital part of the participatory system of government" and stated that "I am committed to enhancing its effectiveness in my Administration." The President also urged federal agencies "to enhance public access through the use of electronic information systems." The Clinton memorandum is a marked departure from directives issued during the Reagan and Bush Administrations, when most official pronouncements on FOIA tended to discourage agency disclosures. Attorney General Janet Reno simultaneously rescinded the Justice Department's 1981 guidelines for the defense of federal agencies in FOIA litigation. Under those guidelines, issued in the early months of the Reagan administration, the Department defended agency decisions to withhold information if there was merely a "substantial legal basis" for the withholding. Under the new Reno guidelines, the Department will only defend FOIA actions in which agencies can demonstrate that disclosure would result in some specific harm. Under the new policy, "Where an item of information might technically or arguably fall within an exemption, it ought not to be withheld from a FOIA requester unless it need be." The Attorney General directed that all pending FOIA cases be reviewed to determine compliance with the new policy and also called for a government-wide review of processing "backlogs" that have resulted in substantial delays in the disclosure of requested information. CPSR has several FOIA cases pending in federal court and has long urged that the federal information disclosure process be reformed to maximize the disclosure of requested agency records. The NII initiative also provide an opportunity to improve citizen access to government information. A copy of the White House and Atty General's memos is available at the CPSR Internet Library /cpsr/foia/clinton_foia_10_93.txt. ------------------------------------------------------------- [3] Health Care Reform and Privacy The recently released President's Health Security Plan includes important new provisions on privacy protection. The plan recommends new federal legislation based on a Code of Fair Information Practices. Currently, there is no federal protection for medical records. The new proposal also includes a provision for a national medical identity card, which is described in the plan as "like ATM cards, the health security card allows access to information about health coverage through an integrated national network. The card itself contains a minimal amount of information." President Clinton was asked about the privacy implications of the medical security card at a town hall meeting in Sacramento, CA on October 4. He replied that the card will be used to ensure that in an emergency that a person could be identified and that it "will have the same sort of protections that a Social Security card would..." He recalled opposition to the past attempts to expand the use of the SSN and noted that the card was only "for the purposes of establishing that you belong to the health care system." Another important aspect of the proposal is the identifying number. The proposal calls for the establishment of "a system of universal identifiers for the health care system." The proposal notes that "The unique identifier may be the Social Security Number or a newly created number limited to the health care system...In either case, the national privacy policy explicitly forbids the linking of health care and other information through the identification number." This will be determined by the National Health Board. In April 1992 CPSR sent a letter to Hillary Clinton with the endorsement of over two dozen privacy and computer experts requesting that the SSN not be used as the identifier. The letter cited privacy, security, and fraud problems and pointed out that other countries, such as Canada, have created limited purpose identifiers for medical record information. Other Privacy Provisions o The creation of mechanisms for effective enforcement including significant penalties. o Establishing a privacy framework based on the Code of Fair Information Practices including a right to know about and approve the uses of the data, assurance of no secret data systems, right to review and correct data, assurances that the data is only collected for legitimate purposes. o Issue effective security standards and guidance for health care information o Establishing as Data Protection and Security Panel to set privacy and security standards and monitor implementation of the standards, sponsor of conduct research, studies and investigations, and developing of fair consent forms. The relevant privacy provisions of the health care plan are available at the CPSR Internet Library /medical_privacy/ clinton_health_reform_plan.txt. A copy of the letter sent to Hillary Clinton is also available as hillary_letter.txt ------------------------------------------------------------- [4] CPSR Panel on Health Care and Privacy CPSR Annual Meeting - Sunday Evening - Special Session - Free to the general public 7:30 - 9:30 Special Panel Discussion "Health Care Reform and the National Information Infrastructure: Opportunities and Risks" The White House Task Force on Health Care reform has called for the development of community-based health data-management systems. A working paper from the task force notes: "Workgroup has vision for a community health information systems (CHIS) based on a computerized medical record. The CHIS will link all key parties in the healthcare delivery systems and service all their clinical and administrative requirements." The task force has estimated that the following areas: 1. Medical Electronic Data Interchange networking 2. Community Health Information Networks 3. Outcomes Analysis and 4. Computerized Patient Records. offer the near term potential (less than 5 years) to save 100 billion dollars a year via the development of standards, administrative reform, and federal leadership in using the existing networking infrastructure to promote electronic medical commerce. However, with these opportunities for improved efficiency and cost containment come risks - specifically privacy and access. The panel will include experts in medical information systems and privacy advocates. Come and learn about this important area. Join in this national discussion. Be part of the solution. Panelists: Richard Reuben, Executive Director, Foundation for Healthcare Quality Lance Heineccius, Director of Policy, Washington Health Services Commission David Flaherty, Information and Privacy Commissioner, British Columbia Irwin Goverman, CIO, Group Health Cooperative This special event is free and open to the public. It will be held in Kane Building room 210, University of Washington ------------------------------------------------------------- [5] CPSR Annual Meeting - October 16-17 COMPUTER PROFESSIONALS FOR SOCIAL RESPONSIBILITY ANNUAL MEETING October 16 - 17, 1993 University of Washington, South Campus Center Seattle, Washington, USA Envisioning the Future: A National Forum on the National Information Infrastructure and Community Access The National Information Infrastructure (NII) is the proposed medium or "electronic highway" that will connect schools, libraries, government agencies, and citizens using state-of-the-art computer and communications technology. Media, computer, and telecommunications companies are also acutely interested in the NII as it dramatically increases their opportunity for delivery of communication, services, and entertainment. CPSR is convening this meeting for both computer professionals and the informed public to discuss the broad range of choices facing society regarding the NII. Saturday, October 16 Keynote Address - Bruce McConnell, Office of Management and Budget "Shaping National Information Infrastructure Policy" Bruce McConnell, Chief of Information Policy at the Office of Information and Regulatory Affairs in the Office of Management and Budget (OMB), will present his views on the major NII issues now facing the administration. He has been with OMB since 1985 and became head of Information Policy in 1992. He now chairs the inter-agency task force responsible for developing federal information policy for the Information Infrastructure Task Force. Other Panels: "Public Access to Internetworks" Public access to the Internet (and other major networks) is a critical issue in any discussion about an "electronic highway". Panelists representing a wide variety of perspectives, including representatives from the Pacific Northwest, will present their views. "Municipal Information Infrastructure" City and other government agencies are exploring possibilities for developing municipal networks. In this panel a city official as well as a representative from the state regulatory agency and a representative of commercial interests will offer their insights and interests. "Networking in the Community" Community networks exist and are being developed all over the U.S. Panelists from various community networks will present their perspectives on the state of community networking now and in the future. "Computers and Democracy - What's the Connection?" How might computers facilitate the democratic process? How might they pervert it? "Electronic Democracy" is currently in the public eye and aspects of it will probably be tested soon. What can be done to promote wise uses of computers in this critical area? + Presentation of the 1993 Norbert Wiener Award to The Institute for Global Communications (IGC) + Banquet Address and Interactive Event - Kit Galloway, Electronic Cafe International Kit Galloway of Electronic Cafe International in Santa Monica, California will present his innovative approach to electronic communication using phone lines, slow-scan television, and other technology. Using videotapes and a live demonstration with CPSR chapters in Los Angeles and other locations, Kit will discus how the Electronic Cafe concept has been used in a variety of settings. Electronic Cafe International has staged global events with poets, children, and communities in France, Nicaragua, Japan, as well as a variety of American cities. Sunday, October 17th The second day of the conference will feature a more interactive format including several workshops, a discussion of CPSR's NII vision, and a special - free and open to the public - panel discussion on "Privacy Implications of Health Care Reform" Sunday evening. Gender Relations in Networking Information Policy: A Framework for Action Computer Professionals and Social Action Towards Participatory Design of Community Oriented Systems and Services CPSR NII Vision Document Discussion "Health Care Reform and the National Information Infrastructure: Opportunities and Risks" For more information, contact the National Office at cpsr at cpsr.org, or Aki Namioka, Annual Meeting Chair, at aki at cpsr.org. ------------------------------------------------------------- [6] The CPSR Internet Library Nearly 40 people who submitted comments to NIST have forwarded their remarks to CPSR. These comments are now archived by last name in /crypto/clipper/call-for-comments/ Submit your comments to clipper at washofc.cpsr.org Dr. Dorothy Denning and several law enforcement officials have prepared a paper on the law enforcement perspective on wiretapping and procedures need to obtain permission for conducting a wiretap. /communications_privacy/wiretap/denning_wiretap_procedure.txt The CPSR Internet Library is available via FTP/WAIS/Gopher from cpsr.org /cpsr. Materials from Privacy International, the Taxpayers Assets Project and the Cypherpunks are also archived. For more information, contact: Al Whaley (al at sunnyside.com) ------------------------------------------------------------- [7] Upcoming Conferences and Events "Universal Service: New Challenges and New Options in Tomorrow's Network of Networks." Sponsored by the Benton Foundation & the Columbia Institute for Tele-Information. Washington, DC October 15. Contact: Andy Blau (ablau at cap.gwu.edu) CPSR Annual Meeting, "Envisioning the Future: The National Information Infrastructure and Local Access." Seattle, WA. October 16-17, Contact: Aki Namioka (aki at atc.boeing.com). "International Symposium on Technology and Society '93." Washington DC. October 22-23. Deadline for submission: February 28. Contact: m16805 at mwvm.mitre.org. "Technology: Whose Cost?. . .Whose Benefits?" Sponsored by IEEE, George Washington University, MITRE. Washington, DC. October 22-23. Contact: wjkelly at mitre.org "Cyberculture Houston 93." Houston, Tx. December 10-12, Contact: cyber at fisher.psych.uh.edu "Computers, Freedom and Privacy 94." Chicago, Il. March 23-26. Sponsored by ACM and The John Marshall Law School. Contact: George Trubow, 312-987-1445 (CFP94 at jmls.edu). DIAC-94 "Developing an Effective, Equitable, and Enlightened Information Infrastructure." MIT Media Lab, Cambridge, MA. April 1994 (tentative). Contact: Doug Schuler (douglas at grace.rt.cs.boeing.com). 5th Conference On Women Work And Computerization "Breaking Old Boundaries: Building New Forms." UMIST, Manchester, UK. July 2-5. Abstracts by 10/1/93. Contact: Andrew Clement (clement at vax.ox.ac.uk) (Send calendar submissions to Alert at washofc.cpsr.org) ============================================================== To subscribe to the Alert, send the message: "subscribe cpsr " (without quotes or brackets) to listserv at gwuvm.gwu.edu. Back issues of the Alert are available at the CPSR Internet Library FTP/WAIS/Gopher cpsr.org /cpsr/alert Computer Professionals for Social Responsibility is a national, non-partisan, public-interest organization dedicated to understanding and directing the impact of computers on society. Founded in 1981, CPSR has 2000 members from all over the world and 22 chapters across the country. Our National Advisory Board includes a Nobel laureate and three winners of the Turing Award, the highest honor in computer science. Membership is open to everyone. For more information, please contact: cpsr at cpsr.org ============================================================== CPSR MEMBERSHIP FORM Name ______________________________________________________________ Address ___________________________________________________________ ___________________________________________________________ City/State/Zip ____________________________________________________ Home phone _____________________ Work phone _____________________ Company ___________________________________________________________ Type of work ______________________________________________________ E-mail address ____________________________________________________ CPSR Chapter __ Acadiana __ Austin __ Berkeley __ Boston __ Chicago __ Denver/Boulder __ Los Angeles __ Madison __ Maine __ Milwaukee __ Minnesota __ New Haven __ New York __ Palo Alto __ Philadelphia __ Pittsburgh __ Portland __ San Diego __ Santa Cruz __ Seattle __ Washington, DC __ No chapter in my area CPSR Membership Categories __ $ 75 REGULAR MEMBER __ $ 50 Basic member __ $ 200 Supporting member __ $ 500 Sponsoring member __ $1000 Lifetime member __ $ 20 Student/low income member __ $ 50 Foreign subscriber __ $ 50 Library/institutional subscriber Additional tax-deductible contribution to support CPSR projects: __ $50 __ $75 __ $100 __ $250 __ $500 __ $1000 __ Other Total Enclosed: $ ________ Make check out to CPSR and mail to: CPSR P.O. Box 717 Palo Alto, CA 94301 ------------------------ END CPSR Alert 2.03----------------------- From nobody at entropy.linet.org Mon Oct 11 21:59:50 1993 From: nobody at entropy.linet.org (nobody at entropy.linet.org) Date: Mon, 11 Oct 93 21:59:50 PDT Subject: Digital Bank Message-ID: >I don't mean this to be patronizing -- I have a good deal of respect >respect for over the years. A bunch of hackers with experience in >nothing but cryptography might get some of the privacy aspects right >at the expense of producing a system which is otherwise unworkable. I Good Lord. This debate over how to get a digital bank started reminds me of an excellent humor book I read, called "29 Reasons not to go to Law School". >From the book (as my memory serves): How to start a company in Japan 1) buy land 2) build a factory 3) hire workers 4) produce widgets How to start a company in America: 1) hire property lawyers to examine zoning laws 2) hire employment lawyers to examine compliance with various Federal statutes (child labor, equal oppurtunity, fair wage, osha, etc.) 3) hire corporate lawyers to examine your competitors 4) file tons of paperwork to incorporate 5) hire workers 6) train them since they probably can't do the job 7) fend off lawsuits from your competitors 8) etc. etc. Some people have expressed a desire to start a digital bank. I say, go for it, and work out the problems as they arise. Naturally, plan ahead as much as possible, but get working on something. There wouldn't by anything if people sat around and answered every single question before starting. From an12070 at anon.penet.fi Mon Oct 11 22:16:25 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Mon, 11 Oct 93 22:16:25 PDT Subject: codehead flames Message-ID: <9310120512.AA20789@anon.penet.fi> cypherpunks. there seems to be some tension on this list lately. in particular some newbies are getting flamed for not being "codeheads". please send me any flames on the subject you have received in email. i plan to try to do something that will help resolve the tension. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an24519 at anon.penet.fi Mon Oct 11 22:49:50 1993 From: an24519 at anon.penet.fi (an24519 at anon.penet.fi) Date: Mon, 11 Oct 93 22:49:50 PDT Subject: An idea. Message-ID: <9310120547.AA26215@anon.penet.fi> With the rise in lucrative computer thefts perpetrated by TLE's, I foresee the day when undercover investigations (aka entrapment) will be much more common place. In an effort to enable people to know whom they are communicating with electronically, (without ever meeting them face-to-face) I suggest that it might be a good idea for people to release and sign a short bio on themselves. These could be validated by trusted third-parties and traded like a commodity. We of course, wouldn't incriminate ourselves, just state who we are, what we do for a living, and what our interests are. This would open up one more avenue for communications security, and a good use for digital-cash. Any comments? ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From drunkfux at cypher.com Tue Oct 12 01:16:25 1993 From: drunkfux at cypher.com (Drunkfux) Date: Tue, 12 Oct 93 01:16:25 PDT Subject: HoHoCon '93 : Official Announcement Message-ID: <9310120308.aa09620@zero.cypher.com> [Official Announcement / Call For Participation - October 11, 1993] (Distribute Freely) dFx, Phrack Magazine and cDc - Cult Of The Dead Cow proudly present : The Fourth Annual H O H O C O N "Cliff Stoll My K0DEZ!@$#!" Who: All Hackers, Journalists, Security Personnel, Federal Agents, Lawyers, Authors, Cypherpunks, Virtual Realists, Modem Geeks, Telco Employees, and Other Interested Parties. Where: Austin North Hilton & Towers and Super 8 Motel 6000 Middle Fiskville Road Austin, Texas 78752 U.S.A. Hilton : (800) 347-0330 / (512) 451-5757 Super 8: (800) 800-8000 / (512) 467-8163 When: Friday December 17 through Sunday December 19, 1993 What is HoHoCon? ---------------- HoHoCon is the largest annual gathering of those in, related to, or wishing to know more about the computer underground. Attendees generally include some of the most notable members of the "hacking" and "telecom" community, journalists, authors, security professionals, lawyers, and a host of others. Previous speakers include John Draper (Cap'n Crunch), Ray Kaplan, Chris Goggans (Erik Bloodaxe), Bruce Sterling, and many more. The conference is also one of the very few that is completely open to the public and we encourage anyone who is interested to attend. Hotel Information ----------------- The Austin North Hilton recently split its complex into two seperate hotels; the Hilton and the newly added Super 8. HoHoCon guests have the choice of staying in either hotel. Group rates are as followed : Super 8: Single - $46.50, Double - $49.50, Triple - $52.50, Quad - $55.50 Hilton : Single - $69.00, Double - $79.00, Triple - $89.00, Quad - $99.00 Once again, the hotel has set aside a block of rooms for the conference and we recommend making your reservations as early as possible to guarantee a room within the block, if not to just guarantee a room period. Rooms for the handicapped are available upon request. To make your reservations, call the the number listed above that corresponds with where you are and where you want to stay and make sure you tell them you are with the HoHoCon conference or else you'll end up throwing more money away. The hotel accepts American Express, Visa, Master Card, Discover, Diner's Club, and Carte Blanche credit cards. Check-in is 3:00 p.m. and check-out is 12:00 noon. Earlier check-in is available if there are unoccupied rooms available. Please note that in order for the hotel to hold a room past 6:00 p.m. on the date of arrival, the individual reservation must be secured by a deposit or guaranteed with one of the credit cards listed above. Also, any cancellations of guaranteed reservations must be made prior to 6:00 p.m. on the date of arrival. You will be responsible for full payment of any guaranteed reservations which are not cancelled by this time. The hotel provides transportaton to and from the airport and will give you full information when you make your reservations. Directions ---------- For those of you who will be driving to the conference, the following is a list of directions provided by the hotel (so, if they're wrong, don't blame me): Dallas : Take IH 35 south to exit 238-B, the Houston exit. At the first stop light, turn right on to 2222. Turn off of 2222 onto Clayton Lane (by the Greyhound Station). At the stop sign, turn right onto Middle Fiskville, the hotel is on the left. San Antonio : Take IH 35 north to exit 238-B, the Houston exit. At the second stop light, turn left onto 2222. Turn off 2222 onto Clayton Lane (by the Greyhoud Station). At the stop sign, turn right onto Middle Fiskville, the hotel is on the left. Houston (on 290) : Take 290 west into Austin. Exit off of 290 at the IH35 exit (do not get on 35). Stay on the access road heading west, you will pass two stop lights. Turn off the access road onto Clayton Lane (by the Greyhound Station). At the stop sign, turn right onto Middle Fiskville, the hotel is on the left. Houston (on 71) : Take 71 west into Austin. Exit onto 183 north. Take 183 north to 290 west. Take 290 west to the IH 35 exit. Exit off of 290 at the IH 35 exit (do not get on 35). Stay on the access road heading west, you will pass two stop lights. Turn off the access road onto Clayton Lane (by the Greyhound Stattion). At the stop sign, turn right onto Middle Fiskville, the hotel in on the left. Airport : Exit the airport parking lot and turn right onto Manor Road. Take Manor Road to Airport Boulevard and turn right. Take Airport Boulevard to IH 35 north. Take IH 35 to exit 238-B. At the second stop light, turn left onto 2222. Turn off of 2222 onto Clayton Lane (by the Greyhound Station). At the stop sign, turn right onto Middle Fiskville, the hotel is on the left. Call the hotel if these directions aren't complete enough or if you need additional information. Conference Details __________________ HoHoCon will last 3 days, with the actual conference being held on Saturday, December 18 starting at 11:00 a.m. and continuing until 5 p.m. or earlier depending on the number of speakers. Although a few speakers have confirmed their attendance, we are still in the planning stages and will wait until the next update to release a speaking schedule. We welcome any speaker or topic recommendations you might have (except for, say, "Why I Luv Baked Potatos On A Stik!"), or, if you would like to speak yourself, please contact us as soon as possible and let us know who you are, who you represent (if anyone), the topic you wish to speak on, a rough estimate of how long you will need, and whether or not you will be needing any audio-visual aids. We would like to have people bring interesting items and videos again this year. If you have anything you think people would enjoy having the chance to see, please let us know ahead of time, and tell us if you will need any help getting it to the conference. If all else fails, just bring it to the con and give it to us when you arrive. Any organization or individual that wants to bring flyers to distribute during the conference may do so. You may also send your flyers to us ahead of time if you can not make it to the conference and we will distribute them for you. Left over flyers are included with information packets and orders that we send out, so if you want to send extras, go ahead. Cost ---- Unlike smaller, less informative conferences, we do not ask you to shell out hundreds of dollars just to get in the door, nor do we take your money and then make you sleep in a tent. We are maintaining the motto of "give $5 if you can", but due to the incredibly high conference room rate this year, we may step up to "$5 minimum required donation" or "give us $5 or we'll smash your head in". Five dollars is an outrageously low price compared to the suit infested industry conferences or even the new "Cons are k00l and trendy, I gotta do one too!" conferences that are charging up to $50 for admission alone. To encourage people to donate, we will once again be having our wonderless "Raffle For The Elite" during the conference. We will issue a prize list in a future update, but we can guarantee that this year there will be a lot more (and better) prizes than last year, including a full system (and, no, it's not a c64 or 286). Anyone who wishes to donate worthwhile items to the raffle, please let us know ahead of time, or if it's a last minute aquirement, just bring it to the conference. Miscellaneous Notes ------------------- To save myself some time by mailing responses to a lot of the same questions I expect to get, I'll answer a few of them here. Although I have not talked to him myself yet, Steve Ryan has told me that Bruce Sterling will indeed be in attendance and may say a few words. As far as I know, there will not be any visitors from any other planets at the conference. Scot Chasin is still on Earth and will be making an appearance. Video cameras will *not* be allowed inside the conference room without prior consent due to previous agreements made with speakers who do not wish for certain parts of their speech to be rebroadcast. Still cameras and Etch-A-Sketch's are fine and tape recorders are too easily hidden for us to be able to control. Videos and T-Shirts from last year's conference are still available, and will also be on hand during the conference. We do not handle the LoD World Tour shirts, but I can tell you that that the old ones are gone and a *new* LoD shirt will be unveiled at the conference. The HoHoCon shirts are $15 plus $3 shipping ($4.00 for two shirts). At this time, they only come in extra large. We may add additional sizes if there is a demand for them. The front of the shirt has the following in a white strip across the chest: I LOVE FEDS (Where LOVE = a red heart, very similar to the I LOVE NY logo) And this on the back: dFx & cDc Present HOHOCON '92 December 18-20 Allen Park Inn Houston, Texas There is another version of the shirt available with the following: I LOVE WAREZ The video includes footage from all three days, is six hours long and costs $18 plus $3 shipping ($4.00 if purchasing another item also). Please note that if you are purchasing multiple items, you only need to pay one shipping charge of $4.00, not a charge for each item. If you wish to send an order in now, make all checks or money orders payable to O.I.S., include your phone number and mail it to the street address listed below. Allow a few weeks for arrival. There will be new HoHoCon '93 shirts available at the conference and a video of the festivities will be out early next year. Correspondence -------------- If anyone requires any additional information, needs to ask any questions, wants to RSVP, wants to order anything, or would like to be added to the mailing list to receive the HoHoCon updates, you may mail us at: hohocon at cypher.com drunkfux at cypher.com cDc at cypher.com drunkfux at crimelab.com dfx at nuchat.sccsi.com drunkfux at 5285 (WWIV Net) or via sluggo mail at: HoHoCon 1310 Tulane, Box 2 Houston, Texas 77008-4106 We also have a VMB which includes all the conference information and is probably the fastest way to get updated reports. The number is: 713-867-9544 You can download any of the conference announcements and related materials by calling Metalland Southwest at 713-468-5802, which is the offical HoHoCon BBS. The board is up 24 hours a day and all baud rates are supported. Those of you with net access can ftp to cypher.com and find all the HoHoCon information available in /pub/hohocon. The .gifs from previous cons are *not* currently online. Conference information and updates will most likely also be found in most computer underground related publications and mailing lists, including CuD, CSP, Mondo 2000, 2600, Phrack, TUC, phn0rd, cypherpunks, etc. They should also appear in a number of newsgroups including comp.dcom.telecom, alt.security, comp.org.eff.talk, and sci.crypt. We completely encourage people to use, reprint, and distribute any information in this file. Same stupid ending statement from last year to make us look good ---------------------------------------------------------------- HoHoCon '93 will be a priceless learning experience for professionals and gives journalists a chance to gather information and ideas direct from the source. It is also one of the very few times when all the members of the computer underground can come together for a realistic purpose. We urge people not to miss out on an event of this caliber, which doesn't happen very often. If you've ever wanted to meet some of the most famous people from the hacking community, this may be your one and only chance. Don't wait to read about it in all the magazines and then wish you had been there, make your plans to attend now! Be a part of what we hope to be our largest and greatest conference ever. From tcmay at netcom.com Tue Oct 12 01:36:45 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 12 Oct 93 01:36:45 PDT Subject: NSA Can Spend a Billion on a Computer In-Reply-To: <9310120254.AA04001@netcom6.netcom.com> Message-ID: <9310120836.AA22300@netcom5.netcom.com> Doug Merritt wrote: > 2^56 bytes equals 10^7 gigabytes. At roughly $1000 per gigabyte, > that equals 10^10 bucks...10 billion dollars. Or say there's a quantity > discount in orders totalling a million units, and you get the whole > capacity for 1 billion dollars. > > Well, that's a bit steep for me, but there's no question but that the > NSA could afford it. Still, what do you say I wait a few years until it Probably. But I suspect we'd know it had been built. Norm Harrdy described for us his experiences with the "Harvest" machine at NSA in the early 60s. (Bamford also describes this in some detail...worth taking a quick look at, I think.) Harvest was built by IBM as a special-purpose add-on, or auxiliary processor I suppose, to the IBM "Stretch," then the fastest computer in the world. Harvest was quite impressive for its time, as Norm explained it to us. A 300 nanonsecond cycle time, with a 64-bit word. Lots of core memory, special tractor tape drives to load in data. The Harvest machine was particularly good at brute force breaking of Hagelin-type rotor machines, the "DES of its day" (the NSA had encouraged foreign governments to buy surplus U.S. rotor machines, assuring them that changing to their own rotor settings would make them good as new...this did not, and NSA's knowledge of the machine designs gave them a headstart on cracking the ciphers). So, I would imagine that the effort put into Harvest in 1962, and later into the financing of both Cray Research (confirmed) and Thinking Machines (suspected by many), would possibly be put into the breaking of modern ciphers. Cost for Stretch (in 1962 dollars): $13 million. Cost for Harvest (in 1962 dollars): $13 million. Cost for special tape drives: $5 million Total Cost (in 1962 dollars): approximately $30 million. Total Cost (in 1993 dollars): approximately $100-200 million, depending on what inflation index one uses. Would NSA spend $200 million on cipher-busting machines? Well, modern spy satellites often cost upwards of a bilion apiece, so this seems possible. Note that NSA contracted with National Semiconductor several years back to have a dedicated wafer fab in a secure area of Fort Meade, to supply custom chips. But could such a project escape notice--and publicity--outside the NSA? CPU desiginers would have to be brought it, and no doubt much of the work would be contracted out. Any rumors floating around? --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From blaster at rd.relcom.msk.su Tue Oct 12 02:59:54 1993 From: blaster at rd.relcom.msk.su (Victor A. Borisov) Date: Tue, 12 Oct 93 02:59:54 PDT Subject: Breaking DES Message-ID: > The other reason is that it was initially feared that DES was a group. > That is, encryption with k1 and k2 might be equivalent to single encryption > with some unknown (to you and me) key k3. But a cryptanalyst or a brute- > force cracker would neither know nor care that you double-encrypted. > > It has now been proved that DES is not a group. What isn't clear to me > is whether it's ``mostly closed'', though I suspect not. It can be right, but we can use some intermidiant operation. For example: DES(randomHeader+DES(zip(DES (text, k1)), k2), k3) DES (text, k) - encryption text "text" by key k; randomHeader - some good random text; zip - some archiver. --- Victor A. Borisov aka blaster; Relcom R&D; Email: blaster at rd.relcom.msk.su; Phone: +7(095)-943-4735; +7(095)-198-9510; === Don`t panic! === From MERCURY at lcc.edu Tue Oct 12 05:29:54 1993 From: MERCURY at lcc.edu (Michael E. Marotta) Date: Tue, 12 Oct 93 05:29:54 PDT Subject: Summa Pro Credit Union Message-ID: <624CCE1380A01E6B@sleepy.egr.msu.edu> Tangential to the "Credit Union" Question by Michael E. Marotta mercury at well.sf.ca.us Most of this "Bank of the Internet" stuff blew past me, but I was stopped short by Perry Metzger's assertion that credit unions are not innovative. Here in Michigan, we have World Computer Corporation, a Data General VAR. They serve the largest and smallest credit unions. I have written about them twice for FOCUS, a DG user magazine. The first time, I spent 30 hours onsite with customer service. In fact, our household does most of our financials through a credit union, having been members of one since 1985. In truth credit unions are light years ahead of banks in innovation. For instance, we have long enjoyed voice-response and touchtone dial-in account services. I never use my statement. I dial in and reconcile. Banks are only now coming online. Banks are IBM mainframe environments. Credit Unions go with DG, NCR, Digital, anyone who can give them an edge. Banks argue about "outsourcing." CUs have been doing this all along. Most CUs don't even have data processing departments any more than they plow their own drive ways. You contract services that are not in your line of business. Credit Unions borrow and lend money. Data processing can be done inhouse and often is, but no one's brass plate gets polished as a result. CUs are small. They don't have (other people's) money to throw around. Credit Unions are member-owned. They can't by law lend money they don't have. They must by law have a defined (sometimes CLOSELY defined) market which restricts them. As a result of all of this, they look to _technology_ for wins. All the nay-saying here has come from the pudknockers while those who do, did. Good luck. You deserve it. From hiscdcj at lux.latrobe.edu.au Tue Oct 12 07:22:03 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Tue, 12 Oct 93 07:22:03 PDT Subject: distributed autonomous networks In-Reply-To: <9310082312.AA02297@newton.apple.com> Message-ID: <9310121421.AA25625@lux.latrobe.edu.au> > >[stuff about possible power sources and transmission media] >A television report on 'Beyond 2000' described meteor-bounce radio. The >technique extends the idea of bouncing radio waves off the ionosphere (for >distance), to bouncing off the atmospheric trails of micro meteors. Are these particularly common? Or only when there are meteor showers... >Reported applications are economical (at least run-time economical, >start-up cost was not discussed) weather telemetry stations in remote >areas. A solar panel provides the power, a small computer is needed to >direct transmission. Right. what sort of computer? Would it be possible to run this sort of setup from an 8088? They are pretty cheap at the moment. :-) >This technique may not be feasible in the context you are describing, but >the telemetry application was parallel in that it also comprises many >independent, self-contained transmitters. Ahh. Well, I'll have to look into it. Dwayne. From hiscdcj at lux.latrobe.edu.au Tue Oct 12 07:24:54 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Tue, 12 Oct 93 07:24:54 PDT Subject: distributed autonomous networks In-Reply-To: <9310081716.AA13288@lux.latrobe.edu.au> Message-ID: <9310121421.AA25634@lux.latrobe.edu.au> >Well, building the transmitter wouldn't be too hard, and you could >probably transmit much larger amounts of data than over a modem if you >used high frequencies. The most difficult thing as I see it is that >you'd have to build a small computer for each box, and program it to >route data packets, error-check them, and so on. Could an 8088 do this? (he says, having just asked this in a previous message). The thing would be to do it via as cheap and readily availabe a chip as is possible. >A Fully-Qualified-Domain-Name type of network would create >complications. Since the network will be constantly expanding and >changing, you'd probably need relative domain names. (you'd have to >specify: send packet thru site #10 thru site #34 and deliver to site #19) >To have fully qualified domain names, you'd need to have something on >the net cataloging them. Erp. Right. Hmmm. I just thought it wuld be kind of nice to have an internet address for some of the nodes, so we can mail to and from the internet, while preserving the geographical invisibility that punknet would provide. Dwayne From hiscdcj at lux.latrobe.edu.au Tue Oct 12 07:26:28 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Tue, 12 Oct 93 07:26:28 PDT Subject: distributed autonomous networks In-Reply-To: <9310090005.AA11624@anchor.ho.att.com> Message-ID: <9310121421.AA25641@lux.latrobe.edu.au> >Meteor Burst is real stuff, though the last time I knew a little about it >the bandwidth was pretty low; e.g. you got 300 baud average throughput >doing bursts of 4800 baud with really heavy-duty forward error correction, Hmm, not much use unless you had some sort of massivley parallel setup. Still, it's an idea. >since it's a pretty sporadic medium. Power usage is really low, >and typical applications are things like telemetry from snow-depth recorders >out in the mountains, where line-of-sight is essentially unavailable. Yes, but I assume that we are talking about moving a bit more data than this. >I don't know how much bandwidth or area you get out of it, or how traceable >it is - our meteor expert retired years ago, and was looking at problems like >how to build radio data networks that weren't bothered by nuclear explosions. I don't think the Powers That Be will get _that_ heavy... :-) >If there's a spare satellite slot available, ALOHANET technology is a reasonably >efficient way to use it. Err, which is? Dwayne. From hiscdcj at lux.latrobe.edu.au Tue Oct 12 07:26:49 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Tue, 12 Oct 93 07:26:49 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310090132.AA08927@dink.foretune.co.jp> Message-ID: <9310121422.AA25737@lux.latrobe.edu.au> >You can put up such a network, but given that your boxes have to receive >the signal, it will be detectable (but not understandable) to 3rd parties. That is why we try to make them as cheaply as possible. Then if they are hard to get hold of (hidden/camouflaged/stuck up cliffs and flagpoles) the cost to retrieve them will be prohibitively high. >Anyone who wants to take you down will only need (1) a detector that can >point out your boxes and (2) a small caliber rifle. Errrrr. Hadn't thought of that. Placement will be a major factor, I beleieve. >Since the cost to find and destroy is much less than the cost to make and >deploy, a covert network of this sort wouldn't last long. An _overt_ >network, perhaps a commercial entity that networks an entire city, would >be an interesting prospect. Depends how you place them. If you put them _on top_ of things, you'd need a helicopter to shoot 'em. >The techniques for maintaining location information on actual machines >connected to the net, and for updating them as they move, are actually >quite simple and well understood (cellular telephones are a simple, >dumb version of the technology). The trick is to find out a way that >the network can know where you are but not give that information out >(even to the owners of the network), without unacceptable overheads. This is true. But if we make the things in thick boxes (well, slightly bullet-proof, anyway), and put them in places where theyare hard to shoot at, then we should be right. We would only need a few each suburb. Dwayne. From hiscdcj at lux.latrobe.edu.au Tue Oct 12 07:27:03 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Tue, 12 Oct 93 07:27:03 PDT Subject: distributed autonomous networks In-Reply-To: <199310081918.AA06860@Menudo.UH.EDU> Message-ID: <9310121421.AA25614@lux.latrobe.edu.au> >Haha! That's exactly how I got hyped about the Julieboard -- >rummaging in the backlog of the voluminous-but-valuable cpunk posts... :-) Yeah, they are useful. I got on this list only a couple of months ago, so I am sure I have missed a lot. >My question: Exactly how cheap can we make these things? Mass >produced boards, a bag of appropriate components, and a few dozen >cpunks working in parallel could work wonders. This is what I thought. If they are made so that they are self-powering, and tuned via crystals, there is no reason why we couldn't have them mass-produced wherever the hell they are cheapest to manufacture, as part of a big world-wide single order. My friend over here suggested we get in touch with the ham radio set, plus the bbs scene. The more the merrier, I say. The advantage of crystals, or at least a tunable set, is that we can then tune them to whetever local frequency is appropriate... >What about surface mount components? Harder to assemble, and fewer >people have the skills, but the resulting box would be very small >and more easily concealed. Well, the smaller the better, I think. Ideally they'd be match box or cigarette packet sized, or smaller. But I have no idea how big the julieboard is.... >If you are hiding boxes on telco poles, an obvious source of power >presents itself. :-) Phone lines are underground, here. Power lines aren't, though :-) >I like the EMF idea! Ideologically and technically interesting... >Is it practical? Heat to electricity? hmm... The EMF isea IS practical. Apprently they have things in the train stations which induce a hum in a loop in a hearing aid so blind people can navigate the platforms. This is in the undergroun stations in central melbourne. I know nothing about EMF, but my freind does, and he think it's practicable. I don't know about the heat-to-power idea, and neither does he, he's just heard of it. >Someone suggested general use of IR laser links, but someone else >mentioned that it would be a bitch to operate a decentralized network >of IR links. Well, lasers and microwave are probably best suited for >mid-range connections betweens clusters of boxes. This is what I thought. I thought of using IR lasers for the net-to-Internet link. What sort of traffic can an IR laser carry, and how cheap are they? Is this sort of stuff easily done? >(Ham radio tinkers with microwave and laser communication experience > should probably comment here... ) >Since the FCC frowns on encrypted amateur radio, I doubt we could >openly use the ham nets or satellites...but how about bit fiddling >with slow-scan TV? :-) The list has generated many good ideas >on tunneling naughty data in otherwise innocent exchanges... Well, the idea behind this is that even if the authorities DID frown on the whole thing, there is nothing they can do about it. there is no centralised switching mechanism, just lots of cheap nodes scattered (and hidden) all over the place. The concept of ARPAnet as an uninterruptible net was what set me off on this track. Even if they could find the nodes, we just put more up. they could jam the links, but if we make them so that we can remotely change the frequncy, or use spread-spectrum tech, then what can they do? The radio direction finding bunch in the government here has been shut down due to cost-cutting so there is bugger all that could be done to stop it, in this country at least. If we make the whole thing into suburban cells, and run each cell on a different frequency, then it wuld be impossible to jam the network. >How many people are interested in this idea? Is it time for >a radiopunk task force? Does one already exist? :-) Well, there is one over here, so i'll co-ordinate it if people are interested. People can mail me directly, and in a couple of weeks I'll have my own UUCP site so I can set up a maling list if the traffic gets too big. I think this is a very good idea. Sure, we can encrypt our data, but we are still transmitting it over =someone else's net= So, let's build our own! Dwayne. From dean at ucc.su.OZ.AU Tue Oct 12 07:46:28 1993 From: dean at ucc.su.OZ.AU (Dean Van Dyke) Date: Tue, 12 Oct 93 07:46:28 PDT Subject: PLEASE REMOVE ME !!! In-Reply-To: <624CCE1380A01E6B@sleepy.egr.msu.edu> Message-ID: please unsubscribe me from "cypherpunks" NOW ! thank-you. From geoffw at nexsys.net Tue Oct 12 07:56:28 1993 From: geoffw at nexsys.net (Geoff White) Date: Tue, 12 Oct 93 07:56:28 PDT Subject: NSA Can Spend a Billion on a Computer Message-ID: <9310121452.AA01668@nexsys.nexsys.net> > > But could such a project escape notice--and publicity--outside the > NSA? CPU desiginers would have to be brought it, and no doubt much of > the work would be contracted out. > > Any rumors floating around? > Note: I doubt that they will have to "bring in" CPU designers. Back when I was an EE undergrad in Massachusetts, I had a part-time job at a small outfit that did custom VLSI design work, the guy who ran the mass. office was the best VLSI designer that I had ever seen, he eventually became the chief enginneer on a couple of major CPU projects for a very large well know computer company (not IBM) headquarted in eastern massaachusetts. He was also the mentor to some of the people who made RISC work at berkeley. He learned his trade at the NSA. He told me so himself. From Hastings at courier8.aero.org Tue Oct 12 08:19:53 1993 From: Hastings at courier8.aero.org (Hastings at courier8.aero.org) Date: Tue, 12 Oct 93 08:19:53 PDT Subject: Spread Spectrum Decoys Message-ID: <00086F64.MAI*Hastings@courier8.aero.org> Part of the "hunt and destroy vs. cost to deploy" equation thread about spread spectrum networks was forwarded to me. How about putting several cheap noise generators on the air as decoys? This might tip the cost balance in favor of the network. The Julieboard Direct Digital Synthesizer board, which only needs numbers fed to it from a PC printer port or microcontroller output, can be bought wired and tested for $125. Production in volume should be cheaper. So who is hunting down transmitters and killing them, and risking a confrontation with an armed opponent, for this paltry sum? Kent - From pmetzger at lehman.com Tue Oct 12 08:21:29 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 12 Oct 93 08:21:29 PDT Subject: Summa Pro Credit Union In-Reply-To: <624CCE1380A01E6B@sleepy.egr.msu.edu> Message-ID: <9310121520.AA25245@snark.lehman.com> "Michael E. Marotta" says: > In truth credit unions are light years ahead of banks in > innovation. For instance, we have long enjoyed voice-response > and touchtone dial-in account services. I never use my > statement. I dial in and reconcile. Banks are only now coming > online. Chem Bank has offered this in New York for at least five years and possibly longer. Systems like this are commercially available. I don't think its an "innovation". Citibank offered banking by modem ("Pronto") about nine years ago. None of this stuff is new or thrilling, and it was all pioneered by the big New York banks. Anyway, I stand by my general statement, but it really wasn't that important. Lets get off the topic. Perry From swc at uc1.ucsu.edu Tue Oct 12 08:41:28 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Tue, 12 Oct 93 08:41:28 PDT Subject: The Bank of the Internet!? (fwd) Message-ID: <9310121543.AA11365@uc1.ucsu.edu> Douglas Barnes writes -- > There is nothing, however, to prevent multiple CU's from being created IMHO, this is part of the answer to Perry's concerns regarding the difficulty of getting it right. Multiple digital CU's and other similar projects will try different approaches; eventually creativity and natural selection will evolve a usable system through market forces. Although I have not had Perry's experience with this sort of thing, I tend to agree with him that the magic will be in the details, and mostly in the NON-technical details, making this an EXTREMELY difficult project. But lay on! I applaud your daring, and wish you success, and recognize that even if you fail, you will have contributed much in the process. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From swc at uc1.ucsu.edu Tue Oct 12 09:29:53 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Tue, 12 Oct 93 09:29:53 PDT Subject: transmission facilities Message-ID: <9310121633.AA11635@uc1.ucsu.edu> Perhaps I am stating the obvious, but... There has been a fair amount of discussion regarding setting up our own networks of various kinds so that we don't have to live within the strictures imposed upon us by providers (and regulators) of 'conventional' WAN's and financial networks. This is good. However, thinking that this is a final solution is a delusion. We are too few in number; they COULD shut us down if they wanted to badly enough. To become 'ineradicable', we must proliferate our approaches: use LOTS of different physical plants and protocols, etc., with numerous interrconnecting gateways. That way, taking down a single physical network, protocol, encryption algorithm or business strategy does not eradicate the underground internet. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From mike at NetAcsys.com Tue Oct 12 09:31:48 1993 From: mike at NetAcsys.com (mycal (voices through your head @ 88.1MHz)) Date: Tue, 12 Oct 93 09:31:48 PDT Subject: Why X/Open in London? Message-ID: <2cbadb11.acsys@NetAcsys.com> On Mon, 11 Oct 1993 15:47:03 -0400, "Duncan Frissell" wrote: > You don't suppose that X/Open was founded in London so that future Unix > versions could integrate crypto without bothering with US export laws. > > > Another blow to America's competitiveness. > I know several small companies from canada that had offices in the us that moved them back to canada so they wouldn't be bothered by the US export laws since they use RSA in there product. The US is blowing it. mycal From doug at netcom.com Tue Oct 12 09:39:54 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 09:39:54 PDT Subject: Breaking DES In-Reply-To: Message-ID: <9310121637.AA21284@netcom6.netcom.com> > pmetzger at lehman.com said: >Doug Merritt says: >> 2^56 bytes equals 10^7 gigabytes. > >First off, you are forgetting a factor of eight. No, I'm not. I *am* assuming disk, obviously, since I quoted $1000 per gigabyte, which is disk price range, not RAM. > and if you use disk storage your whole device is going >to run far, far, far slower. Untrue. The disks will be used in a predictably serial fashion, and therefore read-ahead can be arranged such that everything is in RAM by the time the algorithm is ready to use it, so the whole thing runs at RAM speeds. >however, and have to factor in the cost of the rest of the equipment, >like power supplies, enclosures, controller cards, computers to run >the whole thing, I'd say we are talking a trillion dollars, give or >take a factor of 20%. It's true I didn't factor in the cost of the systems, but that doesn't give more than a factor of 2 to 5 in cost (depending on assumptions about the precise kind of pc clone used), where you seem to have come up with a factor of 100. >> Or say there's a quantity discount in orders totalling a million >> units, > >Say that my aunt was a Greyhound Bus if you like. You're dreaming, bub. Skip the sarcasm and pick a different quantity discount. If you don't like my 90% discount for quantity 1 million disk drives, pick another one. There is always some discount for quantity, and this is just a back of the envelope estimate, so I don't care much what you pick. 0% discount leaves the estimate in the region of $10 billion...that's still not inconceivable, merely expensive. That was my only point, that this *could* be done, and I've proven that, despite your misunderstandings. Doug From pmetzger at lehman.com Tue Oct 12 09:41:49 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 12 Oct 93 09:41:49 PDT Subject: Why X/Open in London? In-Reply-To: <2cbadb11.acsys@NetAcsys.com> Message-ID: <9310121641.AA25367@snark.lehman.com> "mycal (voices through your head @ 88.1MHz)" says: > > Another blow to America's competitiveness. > > I know several small companies from canada that had offices in the us that > moved them back to canada so they wouldn't be bothered by the US export > laws since they use RSA in there product. The free trade pact and COCOM regs mean that Canada is as restrictive as the U.S. This makes your story hard to swallow. Perry From cman at IO.COM Tue Oct 12 09:56:29 1993 From: cman at IO.COM (Douglas Barnes) Date: Tue, 12 Oct 93 09:56:29 PDT Subject: What is a Credit Union? In-Reply-To: Message-ID: <9310121650.AA13076@illuminati.IO.COM> I received this very good question from one of the list readers, and thought it might be of some interest to those following the Digital Credit Union discussion: > > Doug, > > Could you tell me what a Credit Union *is*? I don't know enough about > USAan culture. Actually, they started out in Germany, where I believe they still exist. They are one of the earliest forms of institutionalized cooperation, one of the founding pillars of the cooperative movement of the 19th c. Basically, they were a reaction to the big landowners and manufacturers controlling all the financial institutions; they have their roots in somewhat informal 'lending societies' which were groups of folks who would, rather than put their money in banks, pool it and lend it to members of their group. (A practice still common in Asia; even my students at various banks there engaged in this practice, and in fact were quite discursive on how they operated.) Nowadays Credit Unions are sanctioned by the government; however they still retain many of their desirable features. They can be created with as few as 300 members, they (legally) require only $1,000 starting capital, they are democractically controlled by their members, they are essentially non- competitive (old ones are often glad to help a new one get started), and they already operate as a national network to combine buying power for many third-party transaction processing services. Generally, Credit Unions are able to provide credit at rates lower than banks, and have generally had a much more customer-focused approach than traditional banks, although many large banks are catching on to this and have maintained parity on some of the technical innovations; it's hard though to duplicate the lending ecnonomies and general coziness of a bank that is owned by its members, all of whom either know each other or share a common bond. Also, to be a federally sanctioned CU, you have to have deposit insurance; the most common provider of CU insurance is the National Credit Union Asssociation, which also devotes a large part of its resources to assisting new or troubled Credit Unions. So, if for some odd reason I forget round fractional cents in transactions, I can pick up the phone and ask. Doug From pmetzger at lehman.com Tue Oct 12 10:21:49 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 12 Oct 93 10:21:49 PDT Subject: Breaking DES In-Reply-To: <9310121637.AA21284@netcom6.netcom.com> Message-ID: <9310121721.AA25429@snark.lehman.com> Doug Merritt says: > > pmetzger at lehman.com said: > >Doug Merritt says: > >> 2^56 bytes equals 10^7 gigabytes. > > > >First off, you are forgetting a factor of eight. > > No, I'm not. Look, I'll repeat the calculation again for anyone who cares to see it, ok? (2^56)*8 = 576,460,752,303,423,488 (2^56)*8*1000/(10^9) = 576,460,752,303 Assuming your very own figure of $1000 per gigabyte, the total comes to $576 BILLION dollars, just for disk storage, without anything else. You can scream your head off and the calculations still will come out the same way. > > and if you use disk storage your whole device is going > >to run far, far, far slower. > > Untrue. The disks will be used in a predictably serial fashion, Lets think for a moment, shall we? You are encrypting every possible block with DES, which results in lots of random blocks. You really want to search through the lot of them serially without any indexing whatsoever? Seems like you haven't thought this out. Oh, now I just realized -- you are going to have to store each source block with each output block. That means that even if you don't do any indexing, you are going to need twice the disk space I just mentioned, or over $1 TRILLION in disk for a very slow DES cracker. Sorry, but you lose. > and therefore > read-ahead can be arranged such that everything is in RAM by the time > the algorithm is ready to use it, so the whole thing runs at RAM speeds. Never designed a disk system, have you? Sorry, but you can't actually read a disk as fast as you can read RAM. Caching only works if you have frequently accessed blocks -- if you are reading a whole disk you can't go faster than the disk transfer rate no matter how many gods you pray to. Your technical credibility is rapidly plunging. > >however, and have to factor in the cost of the rest of the equipment, > >like power supplies, enclosures, controller cards, computers to run > >the whole thing, I'd say we are talking a trillion dollars, give or > >take a factor of 20%. > > It's true I didn't factor in the cost of the systems, but that doesn't > give more than a factor of 2 to 5 in cost (depending on assumptions about > the precise kind of pc clone used), where you seem to have come up > with a factor of 100. Guess you can't read my calculations, can you? And I was off by a factor of two as well, which I just discovered. My current estimate for real cost is about 1.5 Trillion, which is over the national federal budget. > >> Or say there's a quantity discount in orders totalling a million > >> units, > > > >Say that my aunt was a Greyhound Bus if you like. You're dreaming, bub. > > Skip the sarcasm and pick a different quantity discount. If you don't > like my 90% discount for quantity 1 million disk drives, pick another > one. Sort of like saying "if you don't like the laws of physics, pick different laws"? Perry From frissell at panix.com Tue Oct 12 10:29:53 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 12 Oct 93 10:29:53 PDT Subject: Health Reform Smart Cards Message-ID: <199310121728.AA03421@panix.com> L.>"The Clinton Administration proposal would put smart cards in the L.>hands of every US citizen and some legal aliens that would L.>provide billing reference identification as well as carry up to L.>about 30 pages of medical data about the individual. "The long-term strategy for health care information envisions creation of a Point-of-Service information system that brings valuable information to consumers, health providers, payers and policymakers." [the FBI, the NSA, the DIA, the CIA, Janet, Donna, Chelsea, Socks in real time] The President's Health Security Plan -- Page 127 No smartcard initially. They start with cards "much like ATM cards". The "unique identifier" may be the SS# or it may be another number (they haven't decided yet but not to worry because it will be illegal (or at least against policy) to link health and other records. This is a continueing cypherpunks issue because it means we have to finish our deployment before January 1, 1997. That should be plenty of time. Today's messages: THE COW IS LAME, THE COW IS LAME. THE BALD MAN ATE CHILI, THE BALD MAN ATE CHILI. THE CORN RIPENED EARLY THIS YEAR, THE CORN RIPENED EARLY THIS YEAR. And now back to our regular program already in progress... Duncan Frissell "In the 20th Century, Health became the most important thing in men's lives so naturally they started to kill each other for Health." --- WinQwk 2.0b#1165 From tcmay at netcom.com Tue Oct 12 11:21:29 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 12 Oct 93 11:21:29 PDT Subject: Meteor-bounce Communications In-Reply-To: <9310121421.AA25625@lux.latrobe.edu.au> Message-ID: <9310121821.AA02456@netcom5.netcom.com> Dwayne asks about meteor-bounce communications: > >technique extends the idea of bouncing radio waves off the ionosphere (for > >distance), to bouncing off the atmospheric trails of micro meteors. > > Are these particularly common? Or only when there are meteor showers... The micro-meteors are frequently showering the earth...I seem to recall most systems having to wait on the order of tens of seconds for a suitable trail to appear (and then only for fractions of a second). The transmitters have to be "opportunistic," waiting for a suitable ionization trail and then blasting away for the few hundred milliseconds the trail is active. I think trucks are big users of this system, that is, radio communication with home bases. The data rates don't have to be high, and the sporadic, opportunistic nature is OK. (The same would apply to Net-type communications, of a personal sort, but not the backbone links, of course.) Qualcomm builds truck systems that use other techniques, so perhaps Phil can comment on the current status of meteor-bounce comm systems. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From an41418 at anon.penet.fi Tue Oct 12 13:06:29 1993 From: an41418 at anon.penet.fi (wonderer) Date: Tue, 12 Oct 93 13:06:29 PDT Subject: Breaking DES Message-ID: <9310122004.AA26442@anon.penet.fi> Since I started this thread, and because I have always had a problem with the rude way many people discuss things in this group, I was wondering, Perry Metzger, what contribution your sarcastic tone and occasional insults make to your argument. I believe it is possible to continue this debate and stick to the technical issues without getting personal or being rude. I wish more people would realize this. Wonderer (peacemaker?) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From mech at eff.org Tue Oct 12 13:06:50 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 12 Oct 93 13:06:50 PDT Subject: Virtual City (tm) and Virtual Capitalism In-Reply-To: Message-ID: <199310122006.AA04422@eff.org> > I'm still not clear as to exactly what MUD money would purchase. In a MOO, > such as MediaMOO or BayMOO, I can't conceive of what anyone could "buy" Well, this is true of MOOs in general but not MUDs most of which are D&D-style combat games, wherein virtual money already plays a strong role; many muds have banks, which have fees, interest rates, etc., and loan sharks abound. RL money does not come into it, and barter is usually quite acceptable. I agree that the whole idea is rather trivial, but it would seem to be a good test, at least: see if MUDdom will cooperate enough to have a networked form of MUDbucks. I don't think most MUDs would go for the players being able to buy power(s) outright, but goods should not be a problem. Anyway, the difference between the typical MOO and typical MUD community is very great in many ways and it doesn't do to conflate them. > Any system of monetary exchange that would involve manipulating quotas, > or translating them into a kind of tradeable commodity would, I think, be > vigorously resisted by most MOO wizards. "I'll help you code that virtual > Harley if you'll pay me two quota" would be antithetical to the whole > spirit of cooperation I've seen in most (though not all) MOOs. In > addition, it would be an ironic commentary on the old cyberpunk > "Information should be free!" if Joe/Jane MOOwhiz sets up shop as a > for-hire expert in coding, amassing virtual capital off of newbies. The capitalists here probably think that's a great idea, though the LPF fans here would disagree. This strikes me as remarkably similar to a BBS- based idea that went around for a while, to have BBSbucks, that one could spend to get online time on any participating BBS. One got the bucks by uploading to file oriented boards, posting on msg. oriented boards, etc. Of course, sysops in general slammed the idea, since it was immediately obvious to most of them that people would manipulate the less popular and more open (by necessity) boards. People would call some newbie board, and upload garbage to it, knowing that the sysop would not say much about it, being in the process of trying to get new users and keep them, then take the electricash to the popular boards. If one looks at BBSs like countries, it would be as if they were 3rd world nations being farmed for their cheap resources and labour, and all the money goes out of the country to the Big Empires. > future monetary transactions on a global scale. And if, as part of your > post suggests, RL money would be gratefully paid for increased power > within a MUD -- shades of *Snow Crash*! And who would have guessed that > it was cypherpunks in executive clothing that brought such a system into > the MUD/MOO world. Well, one can remove the necessity, for now, that RL money be paid. What then is the real objection? I can see nothing keeping the idea from working. As for the RL for digicash scenario, well *I* wouldn't play, having better things to waste money on, but if some will, why not? Why should MUD programmers and site providers have to do it all for free, while their game-programming counterparts in the online services rake in good salaries? At times I shudder to think what it's costing in bandwidth to keep all these NeTrek players going, night and day. Make them PAY a little for it (not much, but enough that they notice), place the financial burden where it belongs. Note: my commentary on MUD/MOO practices dates from 92, so it may be outdated by this point, seeing how fast that virtcom changes. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From cme at ellisun.sw.stratus.com Tue Oct 12 13:59:56 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Tue, 12 Oct 93 13:59:56 PDT Subject: E[gcd(p-1,q-1)] Message-ID: <9310122057.AA04053@ellisun.sw.stratus.com> Sorry, folks -- the formulae I posted yesterday are flawed. More later. - Carl From mech at eff.org Tue Oct 12 15:39:55 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 12 Oct 93 15:39:55 PDT Subject: WinPGP Message-ID: <199310122238.AA06178@eff.org> anyone have a site name for this beta of Windows PGP? Or just a filename, so it can be archiefied? -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From wak at next0.math.pitt.edu Tue Oct 12 16:36:32 1993 From: wak at next0.math.pitt.edu (wak at next0.math.pitt.edu) Date: Tue, 12 Oct 93 16:36:32 PDT Subject: PGP,etc. by PSDAA Message-ID: <9310122332.AA01982@next0.math.pitt.edu> Look (anon ftp) in soda.berkeley.edu/pub/cypherpunks. From ssteele Tue Oct 12 14:19:08 1993 From: ssteele (Shari Steele) Date: Tue, 12 Oct 1993 17:19:08 -0400 Subject: EFF GIF file recall n (fwd) Message-ID: <199310122119.AA05257@eff.org> Hi Stanton. Duncan asked: >Didn't the 9th Circuit Court of Appeals decide that the transport and sale >provisions (unknowing posession) of the federal kiddie porn law were >unconstitutional? Wouldn't a warning like yours risk converting unknowing >to knowing posession. The case to which Duncan is referring is U.S. v. X-Citement Video, Inc., decided last December in Pasadena, CA. The Ninth District Court didn't hold that the transport and sale provisions of the federal child porn statute were unconstitutional. What it did hold was that the statute was unconstitutional in that it did not require knowledge by the prosecuted individual of the age of the depicted youth. The court was clear to distinguish the lack of a knowledge requirement of the age of the depicted youth (which was unconstitutional) from the lack of knowledge that the files were sent (in this case mailed, which the court held was not really an issue.) My warning to sysops simply said that these files were listed on a federal indictment, so the "lack of knowledge of the age of the depicted people" defense remains -- I did not identify the people depicted as being under the age of 18. (I couldn't have done so -- I haven't seen the files. I was only passing on the info contained on the indictment.) In addition, provisions of a federal statute are not officially unconstitutional in all jurisdictions until the U.S. Supreme Court declares them to be so. (In other words, the court's decision is only binding on the 9th Circuit.) Shari P.S. Say hi to the 'punks for me. I really enjoyed the list, but the volume was just prohibitive. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From arthurc at crl.com Tue Oct 12 17:29:55 1993 From: arthurc at crl.com (Arthur Chandler) Date: Tue, 12 Oct 93 17:29:55 PDT Subject: Native American Encryption?! Message-ID: I remember hearing many years ago that one of the branches of the armed aervices during WWII used a native American -- Cherokee? Apache? -- language to communicate. The Japanese (the story goes) went nuts trying to crack the code -- unsuccessfully. Two questions: 1) Can anyone give me a reference for this story (assuming it's true)? 2) If one used a natural language for encryption, and the would-be code crackers did not know it was natural language (say, Hittite), could they crack it? I seem to remember that hieroglyphs were undecipherable until the Rosetta Stone was discovered. But maybe current techniques would do a better job....? From mech at eff.org Tue Oct 12 17:36:32 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 12 Oct 93 17:36:32 PDT Subject: EFF GIF recall/Duncan's question Message-ID: <199310130035.AA07326@eff.org> Forwarded message: From mg5n+ at andrew.cmu.edu Tue Oct 12 17:49:55 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 12 Oct 93 17:49:55 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310090132.AA08927@dink.foretune.co.jp> Message-ID: >>Anyone who wants to take you down will only need (1) a detector that can >>point out your boxes and (2) a small caliber rifle. > >Errrrr. Hadn't thought of that. Placement will be a major factor, I >beleieve. > >>Since the cost to find and destroy is much less than the cost to make and >>deploy, a covert network of this sort wouldn't last long. An _overt_ >>network, perhaps a commercial entity that networks an entire city, would >>be an interesting prospect. > >Depends how you place them. If you put them _on top_ of things, you'd need >a helicopter to shoot 'em. Someone walking around a city shooting a rifle is likely to attract a lot more attention than a secret network would. Secondly, the transmitter doesn't necessarily have to be exposed, it could be kept hidden and only the antenna would need to be exposed. You'd have to be a damn good shot to hit a wire antenna. Plus the antenna would be easy to disguise or hide in many places. >>The techniques for maintaining location information on actual machines >>connected to the net, and for updating them as they move, are actually >>quite simple and well understood (cellular telephones are a simple, >>dumb version of the technology). The trick is to find out a way that >>the network can know where you are but not give that information out >>(even to the owners of the network), without unacceptable overheads. > >This is true. >But if we make the things in thick boxes (well, slightly bullet-proof, >anyway), and put them in places where theyare hard to shoot at, then we >should be right. We would only need a few each suburb. Well, you may know that you can reach a certain person thru site #127, and that stie #127 can be reached thru site 35 or site 68, and so on...which gives you a sort of virtual-space map, which would reveal nothing about actual phyical location of the sites or the person you are contacting. Suppose you were connected to site #1 and you were communicating with site #3 thru site #2. Site #3 could be 50 meters away, or 2 km, and you would never know the difference because you didn't have any way to directly contact site #3. Hence we have achieved our objective - you know how to contact site #3 in netspace - it has a cybernetic location relative to other sites, but that tells you nothing about it's actual physical location. From tcmay at netcom.com Tue Oct 12 17:51:32 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 12 Oct 93 17:51:32 PDT Subject: NSA Can Spend a Billion on a Computer Message-ID: <9310130051.AA27641@netcom5.netcom.com> Whit Diffie has some more info, including a clarification, on the differences between Hagelin and rotor machines: Forwarded message: To: tcmay at netcom.com (Timothy C. May) From: whitfield.diffie at Eng.Sun.COM Date: Tue, 12 Oct 1993 at 08h00 Subject: NSA Can Spend a Billion on a Computer Minor technical point > The Harvest machine was particularly good at brute force breaking of > Hagelin-type rotor machines, the "DES of its day" Hagelin machines aren't considered rotor machines even though their main moving elements do rotate. Rotor machines had rotating elements that were wired wheels implementing table look-ups, i.e., S-boxes. The six wheels in a Hagelin machine merely have setable bits around their edges. The are in effect pieces of binary key that rotate --- much like the C and D registers in DES. Feel free to redisseminate this if you like. Whit From mech at eff.org Tue Oct 12 17:51:53 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 12 Oct 93 17:51:53 PDT Subject: TIS testimony Message-ID: <199310130051.AA07457@eff.org> Just in...got "Testimony by Stephen T. Walker, President, Trusted Information Systems, Inc., for Subcommittee on Economic Policy, Trade and Environment, Committee on Foreign Affairs, U.S. House of Representatives, October 12, 1993". This is about a 75k document, and is to be found via FTP as: ftp.eff.org: /pub/eff/temp/testimon.tis It begins thusly: "I am pleased to testify today about the negative impact that U.S. export control regulations on cryptography are having on one of the few industries where the U.S. remains dominant worldwide: the information system software industry. The major point of my testimony are that U.S. export controls do not prevent the international availability of good quality cryptography but do penalized the U.S. software industry and U.S. business in general." I'd post it, but it's 1500+ lines. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From aq528 at yfn.ysu.edu Tue Oct 12 14:55:42 1993 From: aq528 at yfn.ysu.edu (Rita M. Rouvalis) Date: Tue, 12 Oct 1993 17:55:42 -0400 Subject: [NFJAD@acad3.alaska.edu: Republic of Georgia] Message-ID: <199310122155.AA28753@yfn.ysu.edu> ================= Begin forwarded message ================= From: NFJAD at acad3.alaska.edu (Joe Davis) To: rita at eff.org Subject: Republic of Georgia Date: Tue, 12 Oct Hi, Speaking of fronteers and freedom, here is a need for communications equiptment for which I have been unable to get any direct help. Any chance of posting this on the EFF? Good Wishes, Joe Joe Davis nfjad at alaska.bitnet Joe Davis Box 15301, Fritz Creek, AK 99603 (907) 235.4069 Email: afcrrjoe at aol.com Oct. 12, 1993 Senator Stevens Washington DC Attn: Senator Stevens Anna Kerttula Anna KerttulaUs replacement Dear Senator Stevens, It is appalling what goes on in Georgia. It is a chaos of crime and needs direct attention now. Is there nothing that the US can do? Cannot Russia control her own boarders and disallow weapons and soldiers to assist in the murder of Georgians? How can we loan money to the Russians while this continues? And where is the United Nations during this critical time? I am faxing you the latest and perhaps the last information from the office of Mr. Shevardnadze and his assistant, Dr. Gomelauri. They need medical help, communications help, but mostly, UN peace keeping forcer and Russia to keep her word on helping to keep the peace. I realize the Russians have had their own problems this past week but that does not excuse them for their lack of help and allowing of arms and soldiers to attack the Georgians. Please read these two short letters I just received via email. Please pass them on to Dr. Butros-Ghali of the UN as I have neither his fax number or email address. I am very actively searching for grants relative to the communications needs of Georgia and as soon as I can find one I will apply and notify you of the same. Is there a way to get equipment for a node over there now? You will see that they need the freedom to communicate. Dr. Gomelauri of the Georgian Academy of Sciences working in conjunction with Mr. Shevardnadze would be the first level of priority to receive such equipment. If I can be of any assistance, please call on me. To sum up this letter: 1) Georgia needs peace keeping enforcement now. 2) Georgian needs humanitarian relief now 3) Georgia needs independent communication abilities now 4) Georgia needs American friendship Thank you, Joe Davis Attached: letter from Dr. Gomelauri letter from Mr. Shevardnadze both posted for general distribution From: ggom Subject: Re: URGENT from Paul M. Palo Alto From: ggom at coira.kheta.georgia.su Dear Paul, Thanks to you and all who are trying to support democratically- oriented forces in Georgia and personally Mr. Shevardnadze. Every day the situation is more and more tragic in Georgia. Our entrance in the Mow. computer node (the only canal to the Internet) is practically closed. I received your mail after 3 days you send it to me. WE NEED DIRECT ENTRANCE IN TO THE INTERNET to give the possibility our users including Brian to send you information from here promptly. The port POTI was occupied earlier few days ago by Kobalia supported by killers, Kazak and North-Caucasus Russian citizens. So Georgia can not be reached from the Black Sea. That means hunger will start fast. Separatist forces continued to move to the east. Pleas try to explain to ISF it is vital for Georgia TODAY to keep the node GGOM at CIT.GE in operation. My proposal about the Support and Renovation today is vital not only for the Academy but whole country. Big plans for future with many VAXes may not be needed if Georgia does not exist at all. To my Proposal satellite line must be added because as I see the dish of Georgian Foundation will not arrive this year. Please try to find someone who will donate CIT few mobile laptops (second hand PC/XT compatible) with modems, satellite canal and necessary hardware + software. You know we will put it in operation in few hours. This is tremendously important. We can not reach Moscow node few days so I am afraid you will get my mail too late if ever. Here is very important information from the Head of the State for the posting worldwide on the networks. Please continue to do this. George Tbilisi October 03, 1993 From: ggom Subject: Tragedy in Svaneti - Georgian Caucasus From: ggom at coira.kheta.georgia.su D E C L A R A T I O N On September 16, 1993 the Gudauta side once again violated the July 27 Sochi cease-fire agreement and began a large-scale assault upon the city of Sukhumi. Disarmed pursuant to the above agreement the defenders of Sukhumi after selflessly fighting a fierce battle left the city along with the tens of thousands of civilians. However, the Gudauta separatists were not content with this and continued hostilities in the direction of Ochamchira and Gali. The only safe area where the refugees could hide themselves from the barbaric atrocities, perpetrated by the mercenaries hired by the Gudauta side, was the mountainous region of Svaneti. Therefore, over one hundred thousand refugees among whom the overwhelming majority are women, children and old people are currently seeking shelter in the mountains. This created a very difficult situation in Svaneti. It has been snowing for some time now. Dozens of people have already died of hunger and cold, and what is particularly tragic there are infants among the dead. The Georgian leadership is taking all possible measures to help people. Food and warm clothes as well as various conveyances to bring the refugees out of Svaneti are being sent there. This, however, is not enough. The acute economic crisis raging in Georgia makes it impossible to use every means to save those in trouble. Unless immediate decisive measures are taken, the current disastrous situation will turn tragic. The overall situation is being seriously aggravated by the supporters of the ex-president, who have cut off the major communication arteries. Considering the present situation Svaneti shall be declared the zone of distress. I request all the neighboring countries, the people of good will - to empathize with the Georgians in trouble. Do not let tens of thousands of children, women, old men die of hunger and cold. The quickest and the most convenient way to bring them out is by helicopters. However, Georgia has only a few. We are also in dire need of warm clothes, foodstuffs and medications. I want you to know that Georgia expects and believes that you will help promptly. The delay is tantamount to death. May God bless you. Eduard Shevardnadze. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From klbarrus at owlnet.rice.edu Tue Oct 12 17:56:53 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Tue, 12 Oct 93 17:56:53 PDT Subject: Breaking DES In-Reply-To: <9310112259.AA19226@snark.lehman.com> Message-ID: <9310130056.AA06298@flammulated.owlnet.rice.edu> Perry E. Metzger wrote: >Tell you what, Karl -- when you build the device that can store 2^56 >encryptions, let us know. You'll make a mint in the storage technology >business. Also let us know how you'll index and fetch the encryptions >in any reasonable time while you are at it, but by comparison thats a >tiny problem. Maybe I'm being overly sensitive, but lately some of my posts are getting attacked for being wrong or impractical. I did not invent the cut-and-choose protocol (previously described as incorrect), nor did I invent the "meet in the middle" attack outlined in a previous post which Perry has so eloquently described above as infeasible. I am just passing along information about an attack against double DES which demonstrates that double DEs encryption does not increase complexity very much at all. >Karl, are you sure that you want people to think you believe this? "I" do not care what "people" think of "this" attack, since it is valid and I didn't invent it. So maybe it's only of theoretical interest, sort of like differential cryptanalysis against the DES - which requires 10^47 chosen plaintexts. Why don't you mail Biham and Shamir that their method sucks. It's fairly infeasible as well. I think I need a long vacation from this list. Naturally, I'm not so egotistical to think anybody gives a damn. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From tcmay at netcom.com Tue Oct 12 17:59:55 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 12 Oct 93 17:59:55 PDT Subject: Native American Encryption?! In-Reply-To: Message-ID: <9310130059.AA28188@netcom5.netcom.com> > I remember hearing many years ago that one of the branches of the armed > aervices during WWII used a native American -- Cherokee? Apache? -- > language to communicate. The Japanese (the story goes) went nuts trying to > crack the code -- unsuccessfully. > Two questions: > 1) Can anyone give me a reference for this story (assuming it's true)? They were the Navajo (or Navaho) code talkers. Kahn's "The Codebreakers" has a discussion of this, as I recall. Probably the "Encyclopedia Britannica" will also a mention of it. > 2) If one used a natural language for encryption, and the would-be code > crackers did not know it was natural language (say, Hittite), could they crack > it? I seem to remember that hieroglyphs were undecipherable until the > Rosetta Stone was discovered. But maybe current techniques would do a > better job....? These are codes, not ciphers, and are of course not very secure. The Germans and Japanese in WW II obviously did not have enough time to find native Navajo speakers, and I suspect few books on that language were available at that time, hence the scheme was temporarily secure. Otherwise, forget it. -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From mg5n+ at andrew.cmu.edu Tue Oct 12 18:09:55 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 12 Oct 93 18:09:55 PDT Subject: Secret network Message-ID: There is something else that we can use for secret communications and that is ... (don't laugh, I'm serious) - water pipes. Many places still use metal pipes, thru which radio waves can travel quite well. I read an article in a science magazine a few weeks ago, where a team of researchers were tracking various electromagnetic emissions in residential households. They fould that a lot of background magnetic fields and radio emissions were coming from the water pipes. When the neighbors used certain appliances, they could detect it because the EM emmissions were picked up and carried by the metal water pipes. And that's was just background noise. Imagine what we could transmit by intentionally broadcasting signals thru the metal pipes! Also, most of the "noise" was low frequency, and since our transmitters would be high frequency, it would probably work pretty well (unless, of course, you had plastic pipes). Most of the local net traffic could be handled thru the pipe-network, while the radio transmitters, lasers & microwave stuff could be used for longer distance stuff. From hughes at ah.com Tue Oct 12 18:26:34 1993 From: hughes at ah.com (Eric Hughes) Date: Tue, 12 Oct 93 18:26:34 PDT Subject: Virtual City (tm) and Virtual Capitalism In-Reply-To: <199310122006.AA04422@eff.org> Message-ID: <9310130126.AA11689@ah.com> >I agree that the whole idea is rather trivial, but it would seem to be a >good test, at least: see if MUDdom will cooperate enough to have a >networked form of MUDbucks. I wish to clarify a point here. The system as I envision it would not have a single currency. Rather, each MUD/MOO would create its own currency or currencies. Interdomain transfer would be accomplished by trading promissory notes. As to what the money buys, at the very least it could buy those things which resolve down to CPU time and disk space and network bandwidth. Eric From mg5n+ at andrew.cmu.edu Tue Oct 12 18:36:35 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 12 Oct 93 18:36:35 PDT Subject: Spread Spectrum Decoys In-Reply-To: <00086F64.MAI*Hastings@courier8.aero.org> Message-ID: > Part of the "hunt and destroy vs. cost to deploy" equation thread about > spread spectrum networks was forwarded to me. How about putting several > cheap noise generators on the air as decoys? This might tip the cost > balance in favor of the network. > > The Julieboard Direct Digital Synthesizer board, which only needs numbers > fed to it from a PC printer port or microcontroller output, can be bought > wired and tested for $125. Production in volume should be cheaper. So who > is hunting down transmitters and killing them, and risking a confrontation > with an armed opponent, for this paltry sum? Decoys would be easy to build, just build a cruddy receiver, tune it to a dead station, add an amplifier, and retransmit the noise at another frequency, and presto, you have a decoy. Incredibly cheap to build, (nothing more than a few transistors, capacitors, and resistors, which don't have to be good quality either); the most expensive thing would probably be the power supply. Since the signals would be encrypted, they wouldn't know static from data (well, they could probably figure it out if they tried, it just depends on how much effort they want to put into it). As for the Julieboard, $125 sounds a bit steep. If we build the boards ourselves, it could be done a lot cheaper. Making rough guesses, we would need: 8088 (or similiar capacity chip): $2-3. Small amount of low-power static RAM (16K or less): $5 eproms: $2-3 UART or something similiar: $2-3 cpu clock, transistors, TTLs, logic gates, other paraphinelia to interface CPU to transmitter: $?? Transmitter and receiver: <$10. (This is USA $$$ btw... also I haven't been following the electronics market too closely lately so correct my guesses if they're wrong.) The only problem is finding people experienced enuff to build the boards. From mech at eff.org Tue Oct 12 18:56:35 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 12 Oct 93 18:56:35 PDT Subject: TEST: ignore.me Message-ID: <199310130155.AA08226@eff.org> testing blahb lahblahblabhblhalblah blah sorry folks... -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From anagld!decode!system at uunet.UU.NET Tue Oct 12 18:59:55 1993 From: anagld!decode!system at uunet.UU.NET (System Operator) Date: Tue, 12 Oct 93 18:59:55 PDT Subject: Internet Security Scanner available Message-ID: <2wwBBc1w165w@decode.UUCP> For those of you without FTP access who would like to take a look at the Internet Security Scanner, it is available on my BBS in /public/crypto. Call +1 410 730 6734, 12/24/96, login "cypher" password "punk". Dan -- system at decode.UUCP (System Operator) Cryptography, Security, Privacy BBS +1 410 730 6734 Data/FAX From swc at uc1.ucsu.edu Tue Oct 12 19:16:39 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Tue, 12 Oct 93 19:16:39 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310130219.AA14828@uc1.ucsu.edu> Has anyone pointed out that the ideal location for these packet repeaters is in the cars of as many people as possible? ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From swc at uc1.ucsu.edu Tue Oct 12 19:26:34 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Tue, 12 Oct 93 19:26:34 PDT Subject: Spread Spectrum Decoys Message-ID: <9310130228.AA14849@uc1.ucsu.edu> Building boards from scratch always sounds a lot cheaper than it is. You'll find it hard to build any kind of electronics for less than $126 5. The manufacturing cost almost always exceeds the component cost, and you always needs l    lots of little components that you didn't think of at first (miscellaneous glue logic, power supply, enclosure, etc.). ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From swc at uc1.ucsu.edu Tue Oct 12 19:26:55 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Tue, 12 Oct 93 19:26:55 PDT Subject: Secret network Message-ID: <9310130226.AA14844@uc1.ucsu.edu> Alas, water pipes are much better for 1) noise and unintentional transmissions (which can be quite garbled and no one cares), and 2) low frequency transmissions (which can carry only low bandwidth communications). Trying to transmit meaningful communications at high data rates over water pipes would be a TREMENDOUS technical challenge, requiring a vast amount of signal processing to compensate for multipath reflections, impedance mismatches, thermal noise, pickup of an almost variety of interference soures  ces,                                infinite variety of interference sources. , nonstationary channel characteristics, intermittent grounds, etc etc ad infinitum (or at least ad nauseam). Sorry about the cold water, I have seriously considered this scheme and believe that it can be used only for very short haul, very low bandwidth communications (say intra-building at 300 baud).  , although that's a guess not a simulation result). ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From doug at netcom.com Tue Oct 12 19:29:57 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 19:29:57 PDT Subject: Breaking DES In-Reply-To: Message-ID: <9310130229.AA09377@netcom5.netcom.com> > pmetzger at lehman.com said: >(2^56)*8 = 576,460,752,303,423,488 > >(2^56)*8*1000/(10^9) = 576,460,752,303 I was originally assuming a one byte result per calculation and gave a hashing justification. (I glossed over the overhead for this approach, but we could analyze this, too, if anyone's interested.) You however are multiplying by 8 for no clear reason. Feel free to explain, but the way I see it, the calculation is: (2^56 calculations) * (1 byte per) * ($1000/disk) / (10^9 bytes/disk) ...which comes to 72 billion dollars. This is significantly larger than my first calculation, and the difference is purely due to roundoff error, because I said that 2^56 = 10^16, where it's actually 10^16.8576. 10^16 * $1000 / 10^9 does indeed equal my original figure of $10 billion, so it's just that I should have left another digit of precision in rounding the exponent. Now I agree that 72 billion dollars is a lot. Even 10 billion is a lot. But all I was trying to establish was that these numbers are not *completely* impossible, because you were giving Karl a hard time about this. Ridiculously expensive is a very different thing than *impossible*. There are schemes that result in figures like 10^9 billion dollars... *that* I call plainly impossible. I also projected forward 10 years to let prices come down by a factor of 10...that's another way of underscoring *possibility*. Over the last 10 years disk drive prices have fallen significantly more than a factor of 10 per megabyte, so I am being quite cautious here. A factor of 30 is justifiable, but I won't go that far, I'll continue to be conservative. Even your own figure of $576 billion becomes $57.6 billion in 10 years, which is merely too expensive, not *impossible*...if WW III were underway and such a project were of critical importance, it would happen... $50 billion would not be too much under *those* circumstances. That's the difference between "impossible" and "expensive". >Lets think for a moment, shall we? You are encrypting every possible >block with DES, which results in lots of random blocks. You really >want to search through the lot of them serially without any indexing >whatsoever? Seems like you haven't thought this out. If you want to critique this part of my back-of-the-envelope, its weakest part is the sorting, in which it is very hard to effectively serialize disk access. For the benefit of the doubt, let's give that a factor of 100 slowdown... so that 10 years from now we have an *average* disk transfer rate of 10^7 bytes per second for this algorithm rather than the 10^9 that I was assuming. I think it could be done faster, but even so, this increases the time from 1 hour to 4 days...still not an impossibility, just not as *nice* as 1 hour. Again, I need only establish possibility for the algorithm Karl related; I'm not saying the NSA *will* do this. >Oh, now I just realized -- you are going to have to store each source >block with each output block. That means that even if you don't do any >indexing, you are going to need twice the disk space I just mentioned, >or over $1 TRILLION in disk for a very slow DES cracker. Ok, so figures are doubled...my 72 billion becomes 144 billion. Pretty expensive. Not *impossible*. >Sorry, but you lose. I never claimed this was likely...all I was after was to see whether it worked out to e.g. 10^9 trillion dollars...*that* I would call impossible. >Never designed a disk system, have you? Actually, yes I have; I've been a hardware and software systems architect in all kinds of different subspecialties. The fact that we may disagree doesn't make me an idiot...hell, I may even make drastic mistakes and say things that *are* idiotic. It still doesn't make me an idiot...it would make me "someone who made a mistake". Considering that I was doing a quickie back-of-the-envelope, I'm not even embarassed about such mistakes. No one else did an estimate. 2^56 *sounds* ridiculously huge; I'm content to be within a factor of 100 in showing that it is merely quite expensive. I daresay that you yourself have a better feel for the expense now than you did when you first critiqued Karl's post. Flaming me is a poor way to win an inherently technical argument. Stick to the point. >Sorry, but you can't actually >read a disk as fast as you can read RAM. Caching only works if you >have frequently accessed blocks -- if you are reading a whole disk you >can't go faster than the disk transfer rate no matter how many gods >you pray to. Your technical credibility is rapidly plunging. It is true that you can't do better than the average transfer rate, and here you have a valid point, I neglected this. It would be unrealistic given the other assumptions to assume better than 10^7 bytes per second transfer rate with technology 10 years hence. In fact even 100 megabytes per second might seem high to you, so let's call it 50Mb/s (surely a very conservative figure), for a total of 20 times slower than I estimated. That increases the 4 days to 80 days. Not very nice...but *possible*. You see the pattern here...you are raising valid technical objections, a whole series of good points that I glossed over with my back-of-the- envelope calculations. But even so, it doesn't change my basic point that the approach is *possible*. You need to find a factor of perhaps 1000 in cost and a factor of perhaps 1000 in time in order to demonstrate that this approach is inherently *impossible*. The fact that you spot flaws in my back-of-the-envelope also doesn't mean that it's called for to flame me. Again, let's stick to technical discussion. >Guess you can't read my calculations, can you? Tsk, another flame. >> Skip the sarcasm and pick a different quantity discount. If you don't >> like my 90% discount for quantity 1 million disk drives, pick another >> one. > >Sort of like saying "if you don't like the laws of physics, pick >different laws"? Even for a flame, I don't get this. I said, if you think that a 90% discount for quantity-million is unrealistic, tell me what discount you think *is* realistic. That's a valid question. The $1000 per gigabyte drive is roughly accurate *today* in quantity *one*. The higher the quantity you buy, the better a discount you get; that's the way it works, and I'm sure you know that as well as I. So perhaps my 90% discount is overly optimistic...fine, I say...tell me a different figure. If you say 10% I'll argue. Anything between 10% and 90% is conceivable, so pick your figure. It still doesn't affect the bottom line argument as to whether the algorithm Karl mentioned will be possible in 10 years. It clearly would be very very expensive. It would also clearly *not* be completely impossible. Karl posted something which is theoretically reasonable but that is nontrivally expensive even ten years from now. He deserves credit for discussing a theoretical possibility which is even marginally conceivable. He does not deserve a harsh response...and I think you *were* harsh to him. Do me a favor and skip the flames in your future responses; they're not very much fun. Doug -- Doug Merritt doug at netcom.com Professional Wild-eyed Visionary Member, Crusaders for a Better Tomorrow (The above is a joke; the following are mailing lists:) Unicode Novis Cypherpunks Gutenberg Wavelets Conlang Logli Alife HC_III Computational linguistics Fundamental physics Cogsci SF GA VR CASE TLAs From jel at sutro.SFSU.EDU Tue Oct 12 19:41:34 1993 From: jel at sutro.SFSU.EDU (John E. Levine) Date: Tue, 12 Oct 93 19:41:34 PDT Subject: Internet Security Scanner available In-Reply-To: <2wwBBc1w165w@decode.UUCP> Message-ID: <9310130238.AA02302@sutro.SFSU.EDU> In your post to the Cypherpunks list of Tue, 12 Oct 93 18:42:12 EDT your said > For those of you without FTP access who would like to take > a look at the Internet Security Scanner, it is available on > my BBS in /public/crypto. Call +1 410 730 6734, 12/24/96, > login "cypher" password "punk". Can you tell me please where it is available by anon. ftp? Thanks. It would be a lot easier for me than a call to area code 410. :-) Thanks, jel at sutro.sfsu.edu From jkreznar at ininx.com Tue Oct 12 19:41:55 1993 From: jkreznar at ininx.com (John E. Kreznar) Date: Tue, 12 Oct 93 19:41:55 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: Message-ID: <9310130241.AA06390@ininx> > Secondly, the > transmitter doesn't necessarily have to be exposed, it could be kept > hidden and only the antenna would need to be exposed. Not even the antenna should be visible. Remember, for spread spectrum radio detectable only by the intended receivers (which use the correct spread-spectrum code for coherent detection), the power density should be hardly distinguishable from the ambient noise. One way to arrange this is to put the antenna inside of a physically secure perimeter, outside of which the power density is too low for noncoherent detection. The perimeter can be optically opaque (e.g. a building), as long as it leaks enough r.f. in the direction of the receiver(s) for coherent detection. Preventing noncoherent detection may often require _attenuation_ of an otherwise too-powerful signal, and the building may serve part of this function. > Plus the antenna would be easy to disguise or hide in many places. Yup. John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. From mg5n+ at andrew.cmu.edu Tue Oct 12 20:09:57 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 12 Oct 93 20:09:57 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310130219.AA14828@uc1.ucsu.edu> Message-ID: > Has anyone pointed out that the ideal location for these > packet repeaters is in the cars of as many people as possible? This would defeat many detection methods, but would complicate the software further, because it would need to be able to quickly compensate for repeaters which travelled out of range. From doug at netcom.com Tue Oct 12 20:36:35 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 20:36:35 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: Message-ID: <9310130301.AA12952@netcom5.netcom.com> Matthew J Ghio said: >Depends how you place them. If you put them _on top_ of things, you'd need >a helicopter to shoot 'em. I used to work with the person who set up 80% of the West Coast ham radio digital packet system repeaters. He had a bit of money to burn, and he set up a *bunch* of these repeaters on various mountain tops up and down the West Coast. This was circa '85 by the way. Each repeater required: 1) a source of power -- this is easy to forget, but it is nontrivial. Batteries just don't cut it. Rather than explain about batteries, I invite people to ponder power requirements for given broadcast distances and guess battery lifetime. Anyway, he had a PG&E (electric power) hookup and a monthly bill for each of these. Good thing he had all that money... He had trouble finding people who were willing to allow his stations; people who live on mountain-tops tend to be rugged individualists. :-) But he managed. 2) Line of sight reception and transmission. The higher the frequency used, the more that line of sight is required by the physics of the situation. Even if line of sight isn't strictly required, signal strength drops when you get out of line of sight -- if you depend on radio wave diffraction to get the signal to you and from you, you can count on heavy signal loss in the process. 3) Protection from the elements. He used rack-mounted 286 cards in an industrial enclosure, but there was *no way* he could leave the boxes exposed to the elements. A roof was required. This is the kind of issue that is easy to neglect, but is absolutely essential for real life conditions: weatherproofing of the assembly. If you don't use as roof and walls, you'd better have a genius mechanical engineer design the enclosure. This is a lot harder than it sounds. >Someone walking around a city shooting a rifle is likely to attract a >lot more attention than a secret network would. Your opponents wouldn't do that...the "enemy" here is simply the FCC, count on it. They have field agents who triangulate illicit transmitters, and once they find one, they simply get all the warrants and court orders needed to deal with it. >Secondly, the >transmitter doesn't necessarily have to be exposed, it could be kept >hidden and only the antenna would need to be exposed. You'd have to be >a damn good shot to hit a wire antenna. Plus the antenna would be easy >to disguise or hide in many places. Sure, this is possible. But it doesn't help *that* much. Triangulation of signal spots any antenna quickly, and they cut that off immediately. You can get increasingly elaborate about hiding the signal source, and restoring antennae quickly as they're pinched, but it's sort of a losing battle unless you assume real time response by the underground lead by a brilliant EE type. I am not saying that an underground wireless net is impossible. I *am* saying that the difficulties are much higher than they may seem at first blush. I think doing something like this is possible, and it would have definite benefits. But anyone moving on this would do well to get in touch with the existing ham radio crowd who have dealt with the pragmatic issues involved for the better part of a decade (or more). > Hence we have achieved >our objective - you know how to contact site #3 in netspace - it has a >cybernetic location relative to other sites, but that tells you nothing >about it's actual physical location. Right...in a sense, this is the easy part. Definitely one can hide physical locations if everything is set up carefully. Doug From doug at netcom.com Tue Oct 12 20:46:35 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 20:46:35 PDT Subject: Native American Encryption?! Message-ID: <9310130343.AA20536@netcom5.netcom.com> tcmay at netcom.com (Timothy C. May) said: >They were the Navajo (or Navaho) code talkers. Kahn's "The >Codebreakers" has a discussion of this, as I recall. Probably the >"Encyclopedia Britannica" will also a mention of it. It's mentioned in a bunch of crypto sources, but coincidentally, PBS just ran an entire show about this precise subject a couple weeks back. Not just passing mention...the whole show was about this. Therefore talking to PBS people would likely yield some good info... and possibly videos. >> 2) If one used a natural language for encryption, and the would-be code >> crackers did not know it was natural language (say, Hittite), could they crack >> it? I seem to remember that hieroglyphs were undecipherable until the >> Rosetta Stone was discovered. But maybe current techniques would do a >> better job....? > >These are codes, not ciphers, and are of course not very secure. Err...."of course"??? Codes are (all else being equal) quite a bit more secure than ciphers. (or do I have "code" and "cypher" reversed...whatever. :-) There's a classic SF story, whose title I forget, about anthropologists trying to figure out writings of a dead species on Mars. The table of elements finally proved to be the Rosetta Stone equivalent. The interesting thing about codes, which in a sense includes all natural languages, versus ciphers, is that code systems represent semantics. If the underlying semantics is radically different than what the code-breaker knows...too bad. >Germans and Japanese in WW II obviously did not have enough time to >find native Navajo speakers, and I suspect few books on that language >were available at that time, hence the scheme was temporarily secure. > >Otherwise, forget it. It was more complicated than that. They used a hybrid system that native Navajo speakers could not decrypt, because the system used not only Navajo, but on top of that, arbitrary (and newly invented) metaphors for concepts, and (newly invented) puns to represent ciphers, too. It is certainly true that part of the security was "through obscurity", but (A) that part was effective..."security through obscurity" can be effective over short periods of time...and (B) they layered ciphers on top of codes. The obscure linguistic aspects of Navajo vs. other modern languages is also said to have played a part, but I haven't researched this yet, so I won't comment. Arthur Chandler said: >I seem to remember that hieroglyphs were undecipherable until the >Rosetta Stone was discovered. But maybe current techniques would do a >better job....? In the absence of a Rosetta-Stone-sort-of-thing, we're still lost. For instance, the Easter Island hieroglyphs are still completely mystifying. Some of Nyquist's mathematical results are still classified, so one never knows, but... Arbitrary semantic systems encoded in writings are not decipherable, period, barring some breakthrough in mathematical semantics...don't hold your breath. :-) Doug From pmetzger at lehman.com Tue Oct 12 20:49:58 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 12 Oct 93 20:49:58 PDT Subject: Breaking DES In-Reply-To: <9310130056.AA06298@flammulated.owlnet.rice.edu> Message-ID: <9310130349.AA00794@snark.lehman.com> Karl Lui Barrus says: > So maybe it's only of theoretical interest, sort of like differential > cryptanalysis against the DES - which requires 10^47 chosen > plaintexts. > > Why don't you mail Biham and Shamir that their method sucks. It's > fairly infeasible as well. It *IS* infeasable, and they realize it. The breakthrough was differential cryptanalysis itself, and the discovery that DES was fairly resistant to it. The fact that they made ANY crack in it was kind of neat, by the way. A huge number of chosen plaintexts is of course pretty much not possible in practice, especially since you might not get any chosen plaintexts at all! Perry From doug at netcom.com Tue Oct 12 21:06:36 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 21:06:36 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310130403.AA23351@netcom5.netcom.com> jkreznar at ininx.com (John E. Kreznar) said: >Not even the antenna should be visible. Remember, for spread spectrum radio >detectable only by the intended receivers (which use the correct spread- >spectrum code for coherent detection), the power density should be hardly >distinguishable from the ambient noise. This is true only for casual observers. If the FCC were after you, they could most definitely triangulate on unusual noise sources as well as they could a coherent signal. Power signals are a giveaway. >One way to arrange this is to put the antenna inside of a physically >secure perimeter, outside of which the power density is too low for >noncoherent detection. The perimeter can be optically opaque (e.g. a >building), as long as it leaks enough r.f. in the direction of the >receiver(s) for coherent detection. Preventing noncoherent detection >may often require _attenuation_ of an otherwise too-powerful signal, >and the building may serve part of this function. Good enough as far as it goes. But this implies a large drop in efficiency of the transmitted signal. That's not a stopper...*if* you've got power to spare. But that implies enough power for bad guys to triangulate your noise source...ouch. If they pin you down to within a building, you've lost. There are other approaches...phase-sweeping...phase-conjugation... Doug From doug at netcom.com Tue Oct 12 21:09:58 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 21:09:58 PDT Subject: Breaking DES In-Reply-To: Message-ID: <9310130408.AA24361@netcom5.netcom.com> Thank you, Perry, for some good comments that were flame-free. I personally appreciate that, especially considering that your comments are both apropos and good food for thought. Doug >pmetzger at lehman.com said: >Karl Lui Barrus says: >> So maybe it's only of theoretical interest, sort of like differential >> cryptanalysis against the DES - which requires 10^47 chosen >> plaintexts. >> >> Why don't you mail Biham and Shamir that their method sucks. It's >> fairly infeasible as well. > >It *IS* infeasable, and they realize it. The breakthrough was >differential cryptanalysis itself, and the discovery that DES was >fairly resistant to it. The fact that they made ANY crack in it was >kind of neat, by the way. > >A huge number of chosen plaintexts is of course pretty much not >possible in practice, especially since you might not get any chosen >plaintexts at all! From doug at netcom.com Tue Oct 12 21:16:35 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 12 Oct 93 21:16:35 PDT Subject: Breaking DES In-Reply-To: Message-ID: <9310130416.AA25367@netcom5.netcom.com> pmetzger at lehman.com said: >Each DES block is eight bytes. You can't use hashing -- the idea is >nonsense in context. Did you read the original post? Yes, I did. If hashing doesn't work, you'll have to say why not. It's a technique that works in most other situations. >First of all, its actually twice that because you really need 16 >bytes. As I said, we can tackle this if anyone cares to...it's unclear that this is an invitation, but assuming it is: hashing gives a first-pass screening good for every 1/256 calculations, given the assumptions I stated. For each collision more work is needed...but you haven't invited that analysis, nor addressed it yourself. >Second of all, the method is still impractical. I was merely >giving the easiest and most obvious attack on it. Impractical? Your response to Karl implied that it was *impossible*. If you wish to apologize to Karl, and say that it is merely "impractical", then I will agree with you and drop the subject. The expense required definitely indicates that it is "impractical." >I see no reason to continue this. I don't think your argument has >credibility. Clearly you are preparing to drop the argument because you sense that your tactic of flaming didn't work. I welcome the lessening of flames, so thank you for that. We could use less flames here. Doug From tcmay at netcom.com Tue Oct 12 21:36:36 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 12 Oct 93 21:36:36 PDT Subject: Native American Encryption?! In-Reply-To: <9310130200.AA09164@pride.ugcs.caltech.edu> Message-ID: <9310130436.AA28397@netcom5.netcom.com> Median writes: > I may be in trouble for not knowing basic literature, but if so so be > it. Would a code you created yourself be secure? If you create your > own language from scratch, and the 'enemy' never gets something to act > as Rosetta Stone, is it still not secure? Or is the "aliens figure out > our language with lots of computers" cliche bogus? > I want to avoid casually dismissing Median's question without writing a mini-essay on code-breaking. Especially when so many fine and accessible (easy to read) books on code-breaking are available. (To find them, cruise your local library. I recall the Herbert S. Zim book as being a very fine introduction. Basic, and nonmathematical. But a good start. I read it in junior high school, many years ago. I was reminded of it recently, when I think Whit Diffie cited it as an influence on him as well--he obviously was more influenced by it than I was, as he went into crypto and I went into physics, a much less interesting field.) Basically, word-frequency analysis kill simple codes. Replace the word "the" with the string "globflq" and it's still going to be fairly obvious that "globflq" means "the." And so on. And, as Median mentioned, a few words may become known, in all the usual ways, and thus a Rosetta Stone has been found. The issue of communication with extraterrrestrials--some day perhaps--is an interesting one. I have no idea what work has been done on "breaking the code" when almost no clues exist. Some SF writers have explored this idea. But in summary, codes are a poor approach. The entropy of coded messages gives clues about the underlying plaintext and eventually the code falls. Usually fairly quickly. Ciphers (or cyphers) are superior, as the entropy of the ciphertext can be very high (roughly, "maximally random," though I don't want to get into what randomness means here). Kahn's "The Codebreakers" remains the definitive book. All Cypherpunks should at least read the paperback abridgment of the original massive book. "Kahn on Codes" is also pretty good. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From ld231782 at longs.lance.colostate.edu Tue Oct 12 22:39:57 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Tue, 12 Oct 93 22:39:57 PDT Subject: pornography & the ``cypherpunk cause'' Message-ID: <9310130537.AA23327@longs.lance.colostate.edu> First of all, a clarification. I raised this issue with EFF because I'm utmostly concerned about upholding their sterling image, not because I am trying to start a flame war or engage in a sniper attack. If I had sent email to a few key people there I would have gotten nowhere (as my email actually proves). Here we have a *small personal forum* to discuss this in *unemotional* terms. I raised it in that spirit and am very disillusioned to see it all dragged through the gutter by many respondents. People are reacting like I've said, There Is No Cypherpunk Cause or Eric Hughes and T.C. May Are Traitors. So, I'm quite relieved that D. Frissell has posted some cool comments on case law and others who have focused on the issue of *operator knowledge* related to the law, which was one of my chief concerns from the beginning. * * * S. Steele >My warning to sysops simply said that these files were listed >on a federal indictment, so the "lack of knowledge of the age of the >depicted people" defense remains The bulletin strongly suggests that the files constitute illegal child pornography. therefore, that would imply to a sensible operator that the age of the people pictured is not above that allowed for legal pornography. The point of *requiring knowledge of age*, in my view, seems to be a subset of a more important idea of *knowing the pictures violate the law*. Knowing the age of the participants is *one* way that one might know that the pictures violate the law. But one may come to that conclusion otherwise. For example, learning that they are the target of a federal investigation into child pornography would imply to a high degree of probability they are `illegal'. Of course, I don't claim to be a lawyer, and this is just one interpretation. perhaps it is mistaken. feel free to correct and insult me at the same time (what fun is it without both?). * * * I would like to say the following. My analogy to the CERT warning that appeared here seems to have completely escaped many, or perhaps everyone is intentionally evading it. The metaphor is extremely compelling. Both are sent to operators in order to bring something to their attention they `might' need to fix by an outside party generally interested in the operators own best interests. While I'm not sure that what CERT did was apropos, that warning was so *delicately worded*. In contrast the EFF announcement SHOUTS IN YOUR EAR. the CERT announcement was extremely diplomatic. the EFF announcement was SCREECHING. Do `we' have *any* consistency, sophistication, or coherence as a group? Recent messages have DISMAYED me. is `our' philosophy nothing but Beavis&Butthead style ``Gubberment and the Fedz and Pigs are THINGS THAT SUCK and EFF is a THING THATS COOL.'' Or do `we' have no philosophy at all? Are `we' just blind, crosseyed, and elitist `codeheads' that char newbies for cruel sport? Is it better to just ignore the `politics of cryptography' which coincidentally involves things like what has been called the `Tim May .sig Agenda' because some people might have strong opinions? If `we' don't have our own house in order, `we' are nothing but LOUD HYPOCRITES. If you don't clean your dirty laundry, IT STINKS. Excuse me, but I think the press adores the Cypherpunk cause, and `we' got press exposure such as the NYT and Wired article, because there appears to be LEADERS and a DEFINITE POLITICAL AGENDA. It appears, reading from those, that perhaps we even view the whole matter of free cryptography use as a MORAL ISSUE, which of course would seem to imply we possess some MORALITY to so claim. Oh yes, what was that hand-wringing a few months ago on the list about the ``MOVEMENT STALLING''? I wonder why! who posted that, anyway? I forget. p.s. I dare someone to post that old CERT announcement sent to E.H. that was posted here and caused such a noxious stink here. Look at how gentle it really is. In fact, I would recommend that future announcements of this sort look to it as a model. It clearly has been finetuned past many revisions. As much as I hate to admit it, CERT has a lot of expertise in dealing with this kind of thing. If anyone wants to emulate them, don't reinvent the wheel. p.p.s. go ahead, flame me into oblivion. ah, anonymously is even better! from people we've never *heard* of before on the list! yes, let everone up to the top tell me what a jerk I am for caring. please be as *emotional* as possible. defend the silly announcement or the Cypherpunk Status Quo as if I had accused *you* of being a child pornographer or traitor. Even better, banish me from the list for my thoughtcrimes! Yes, cyberspatial hemlock is what I need right now. From wmo at rebma.rebma.mn.org Tue Oct 12 22:51:36 1993 From: wmo at rebma.rebma.mn.org (Bill O'Hanlon) Date: Tue, 12 Oct 93 22:51:36 PDT Subject: Breaking DES Message-ID: Whenever Perry Metzger defends an opinion of his well, somebody whines. Whenever Perry Metzger disagrees with someone's arguments, someone else crys "unfair! He's using his WITS on me!" Whenever Perry Metzger has to stop and demonstrate something as simple as arithmetic to end an argument, someone cries "foul! sarcasm! Hey, he's not playing nice!" Y'all need to develop slightly thicker skins. Perry's efforts could serve to raise the thought level of other posters to this list, if they'd stop reacting to each prod with an irritated swipe back at the prodder. I like the strife on this list. Happy people getting along famously are dull. (Someone could consider adding to the cypherpunk philosophy: Cypherpunks write code, and cypherpunks are irritable.) -Bill From xentrac at phobos.unm.edu Wed Oct 13 00:21:36 1993 From: xentrac at phobos.unm.edu (Kragen J Sittler) Date: Wed, 13 Oct 93 00:21:36 PDT Subject: MEETING?: Albuquerque cypherpunks Message-ID: <9310130721.AA02042@phobos.unm.edu> Sorry to waste yet more list bandwidth... but I have seen many meeting announcements posted on cypherpunks. I would love to attend a cypherpunks meeting, but unfortunately, I have seen none within a thousand miles. So, Albuquerque cypherpunks, such as Mike Diehl, the Mystic Homeboy, and any others whom I don't know, please email me at this address. I don't know if there are enough of us to have an actual meeting, but it would be nice to get together and talk even if not. Kragen p.s. I am subscribed at to1sittler at apsicc.aps.edu. Please do NOT email me there. Use only xentrac at phobos.unm.edu. (Kragen Sittler) From blaster at kiae.su Wed Oct 13 03:36:37 1993 From: blaster at kiae.su (Victor A. Borisov) Date: Wed, 13 Oct 93 03:36:37 PDT Subject: New aproach in pgp-randomizer!!! Message-ID: Hello! Today I saw paraphysics randomizer in pgp: pgp -kg was run; it ask me about user id and passphrase; then it run generation (it wrote like this: ............ ++++); But, as we see, it did not ask about key typing!!! The most intresting pgp generate key pair and rendseed.bin-file. I thinck this is related to new topsecret paraphysics randomyser (today is 13.10.93).:) Some words about technical ditails: Hardwate - i486; Software - MS-DOS 3v30 (I boot from protected floppy and ran good antivitus utility before keypair generation). PGP 2v3a was run. I have expiriance in pgp (i maintain pgp-keys server). I keep keypair and randseed file and try to repiad this fantastic result, but paraphysic energy is go out :). Mr. Zimmermann, I hope, that this was really paraphysic (or my mistake:(), because the trust to crypt-program is very unstable thing. From gg at well.sf.ca.us Wed Oct 13 03:37:01 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Wed, 13 Oct 93 03:37:01 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <93Oct13.033350pdt.13932-3@well.sf.ca.us> RE your item, "a sort of virtual-space map, which would reveal nothing about actual phyical location of the sites or the person you are contacting." I'm not so sure... in cellular systems, cells must know where the handsets are located in order to send incoming calls. Your transmitter has a physical location which could presumably be tracked in the normal manner, and I would expect the overall routing information in a net to be susceptible to traffic analysis in any case. An individual who is using the system to communicate wouldn't be able to find the physical address of another user, but e.g. an intelligence agency which was looking at the entire network would. Even assuming spread-spectrum and various link encryption techniques on top of whatever end-user encryption is supplied; with enough traffic and enough time, it should be possible to do TA. Or have I missed something....? -gg From trebor at foretune.co.jp Wed Oct 13 05:36:39 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Wed, 13 Oct 93 05:36:39 PDT Subject: Spread Spectrum Nets (Way to do safely) Message-ID: <9310131234.AA13625@dink.foretune.co.jp> Succinctly, use the purloined letter technique -- hide it in plain sight. There are RF bands set aside for unlicensed low-power operation; some new phones use spread-spectrum techniques in these bands. Build and sell wireless ethernet nodes that talk using these techniques. Customers will demand strong encryption to prevent their data leaking out and outsiders sneaking in, so you have a good reason for adding this to the product. Develop a robust set of protocols that automatically manage the net, which is logically dynamic (movement of nodes and episodes of interference are logically equivalent to dynamic modification of the topology of the net. You can consider each node to be on N ethernets, where N is the number of nodes it is currently able to talk to, each ethernet having only two members.) Now the kicker; the nodes can be programmed to only talk to other nodes known to them (ie: the office work-group, building, etc), or to freely accept and route messages from "alien" nodes. Given a population of "liberal" message passing nodes, one can then add a new layer of routing protocols that do regional networking, with dynamic re-routing as needed. Purchasers of the wireless nodes should be encouraged to enable the "pass-through" option, and the protocols should guarantee that assisting in the passing on of messages does not affect local net performance. If you do it this way, you'll succeed much faster because people will be paying you to do it. You'll have more money for R&D, and you'll have a lot more people bitching if someone tries to take your toys away. The protocol design is, as they say, left as an exercise to the reader. It isn't all that difficult. From m5 at vail.tivoli.com Wed Oct 13 05:56:38 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 13 Oct 93 05:56:38 PDT Subject: pornography & the ``cypherpunk cause'' In-Reply-To: <9310130537.AA23327@longs.lance.colostate.edu> Message-ID: <9310131248.AA27665@vail.tivoli.com> "L. Detweiler" writes: > For example, learning that they are the target of > a federal investigation into child pornography would imply to a high > degree of probability they are `illegal'. Seems to me it only implies that the files are central to a particular investigation. Unless you take the Ed Meese line that if you're a suspect then ipso facto you're a criminal, the implication has no legal weight (says this non-lawyer). > While I'm not sure that > what CERT did was apropos, that warning was so *delicately worded*. In > contrast the EFF announcement SHOUTS IN YOUR EAR. the CERT announcement > was extremely diplomatic. the EFF announcement was SCREECHING. Think of it this way. If I'm tooling down the Interstate at 75 and my passenger says Though ultimately you will have to make this decision for yourself, because in your capacity as driver of this motor vehicle you are solely responsible for adherence to state and local traffic ordinances, you should be aware that an official affiliated with a law enforcement organization is at this moment using a speed measurement device from his vehicle parked ahead of us behind a bush, and that there may be legal ramifications to his detection of your current speed. I'd be like real pissed off while the ticket was being written. If, on the other hand, my companion said TROOPER! SLOW DOWN! we'd probably make it to Stuckey's before they ran out of pecan log roll. -- Mike McNally From paul at poboy.b17c.ingr.com Wed Oct 13 06:39:59 1993 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Wed, 13 Oct 93 06:39:59 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <93Oct13.033350pdt.13932-3@well.sf.ca.us> Message-ID: <199310131338.AA02798@poboy.b17c.ingr.com> > I'm not so sure... in cellular systems, cells must know where the handsets > are located in order to send incoming calls. Your transmitter has a > physical location which could presumably be tracked in the normal manner, > and I would expect the overall routing information in a net to be > susceptible to traffic analysis in any case. An individual who is using the > system to communicate wouldn't be able to find the physical address of > another user, but e.g. an intelligence agency which was looking at the > entire network would. Even assuming spread-spectrum and various link > encryption techniques on top of whatever end-user encryption is supplied; > with enough traffic and enough time, it should be possible to do TA. Cell systems have to know which cell you're in (visualize each cell as a circle centered on the cell site) to know how to route a call _to_ you. I believe the MTSO (== cellular CO) will route the call directly to the cell site for the cell you're in. Of course, the cell will also know what cell you're in when you originate a call. This knowledge is useful for traffic analysis, but it's also required for the system to be able to route incoming and outgoing calls. An alternative is the ham packet radio-style addressing of user at node@node..., where "user" represents the call sign of the intended receiver and each node represents the call of a digipeater between the sender and recipient. The hard part here is that you must be able to dynamically generate a route between Alice and Bob if either of them move from their last known location. Of course, there's always store-and-forward. A spread-spectrum network of small digipeaters, combined with crypto remailing and pool software, would really be something. I'm not sure that it would work well for spread-spectrum SLIP, though. -Paul -- Paul Robichaux, KD4JZG | "Change the world for a better tomorrow. But perobich at ingr.com | watch your ass today." - aaron at halcyon.com Intergraph Federal Systems | Be a cryptography user- ask me how. From jingoro at rahul.net Wed Oct 13 06:57:02 1993 From: jingoro at rahul.net (Kasuga Jingoro) Date: Wed, 13 Oct 93 06:57:02 PDT Subject: The Bank of the Internet!? In-Reply-To: <9310111713.AA18358@snark.lehman.com> Message-ID: <199310131356.AA13313@bolero.rahul.net> > Plenty. Find me a workstation with the sort of uptime a 3090 running > MVS will give you. Since you asked... I don't know what the average uptime of a 3090 is, but from several years of experience as a Unix sysadmin, most of the Sun systems I've been involved with easily had uptimes ranging months at a time. Powering down a system for maintenance or adding equipment was more common than crashes. If you insist on promoting the reliability of the 3090, perhaps you'd be so kind as to cite some figures. I'd hazard to guess though that a 3090 could be sufficiently mismanaged to produce dismal uptimes as well as a workstation can. In any case, your rather condescending attitude about workstations only seems to reinforce what I percieve as a condescending attitude towards the people inteding to start the digital credit union. And since some of the more high-profile cypherpunks are not just workstation users but inventors of the technology, I would think that your comments have probably similiarly affected other members of this group. Aside: welcome to Robert Woodhead who is in the best position to know what my username means. ---- jingoro at tcp.com -- Jim Lick -- jingoro at rahul.net -- jIngOrO at CaveMUCK ---- --:):-- perfect little dream the kind that hurts the most -- |\| | |/| --:(:-- --- CaveMUCK is back! --- Telnet to cave.tcp.com (128.95.10.106) port 2283 --- -- Finger me for fun, excitement or for my PGP Public Key Encryption Block -- From avalon at coombs.anu.edu.au Wed Oct 13 07:06:39 1993 From: avalon at coombs.anu.edu.au (Darren Reed) Date: Wed, 13 Oct 93 07:06:39 PDT Subject: Internet Security Scanner available In-Reply-To: <9310130238.AA02302@sutro.SFSU.EDU> Message-ID: <9310131404.AA22060@toad.com> > In your post to the Cypherpunks list of Tue, 12 Oct 93 18:42:12 EDT > your said > > > For those of you without FTP access who would like to take > > a look at the Internet Security Scanner, it is available on > > my BBS in /public/crypto. Call +1 410 730 6734, 12/24/96, > > login "cypher" password "punk". > > Can you tell me please where it is available by anon. ftp? > Thanks. It would be a lot easier for me than a call to > area code 410. :-) coombs.anu.edu.au:/pub/net/misc/iss1.21 coombs.anu.edu.au:/pub/net/misc/ypx2.2 Those are the posts from Usenet of the rspective items. There are .tar.Z's for those that wish to bother. It is probably elsewhere too, ask archie. Both are required for full operation of ISS. darren From pmetzger at lehman.com Wed Oct 13 07:36:40 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 13 Oct 93 07:36:40 PDT Subject: Breaking DES In-Reply-To: <9310130416.AA25367@netcom5.netcom.com> Message-ID: <9310131433.AA06289@snark.lehman.com> Doug Merritt says: > pmetzger at lehman.com said: > >Each DES block is eight bytes. You can't use hashing -- the idea is > >nonsense in context. Did you read the original post? > > Yes, I did. If hashing doesn't work, you'll have to say why not. > It's a technique that works in most other situations. You don't know anything about hashing, then. When I use a hash table, it is never a substitute for storing the actual value of the thing I'm hashing. Its always just a way of rapidly FINDING the underlying object. I have to store the underlying object in order to compare to it. As an example, in a hashed symbol table, I store the actual symbols. If you tried to work out your proposed cracking algorithm instead of requesting that other people do all your thinking for you, you'd see what was wrong with it. > >Second of all, the method is still impractical. I was merely > >giving the easiest and most obvious attack on it. > > Impractical? Your response to Karl implied that it was *impossible*. The two are very similar in our field. Cracking RSA with a 2000 bit key is merely impractical, not impossible, where "impractical" is defined as completely beyond human ability. > Clearly you are preparing to drop the argument because you sense that > your tactic of flaming didn't work. You can lead a horse to water, but you can't make him think. Perry From djw at eff.org Wed Oct 13 08:06:39 1993 From: djw at eff.org (Daniel J. Weitzner) Date: Wed, 13 Oct 93 08:06:39 PDT Subject: Notes from House Hearing on Cryptography Export Controls Message-ID: <199310131504.AA14248@eff.org> October 12, 1993 House Foreign Affairs Committee Subcommittee on Economic Policy, Trade, and the Enviornment Hearing on mass market cryptography and export controls Rep. Sam Gejdenson (D-Conn.), Chair [A hopefully informative and probably biased account of the hearing by EFF] Committee Members present: Gejdenson, Cantwell (D-Wash.), Fingerhut (D-Ohio), Rohrbacher (R-Calif.) Manzullo (R-Ill.) Witnesses: PANEL 1 (Open) J. Hendren, Arkansas Systems (A data security firm that does a lot of international banking work) Ray Ozzie, IRIS Associates for Business Software Alliance (Lotus Notes developer) Stephen Walker, Trusted Information Systems for Software Publishers Association Philip Zimmermann, PGP developer Don Harbert, Digital Eqiupment Corp. PANEL 2 (Secret Session) NSA representative Opening Statement of Gejdenson: "This hearing is about the well intentioned attempts of the National Security Agency to try to control the uncontrollable.... The NSA itself acknowledges that if you have a long distance telephone line and a modem, you can send this software anywhere in the world. If you have a computer and a modem you can take this software off of the Internet anywhere in the world.... I do not question the value of the information sought by the National Security Agency. But once it is determined that the dispersion of this software cannot be controlled, then however much we might want to protect our ability to obtain information, it is beyond our means to do so. Just as in the case of telecommunications, the National Security Agency is attempting to put the genie back in the bottle. It won't happen; and a vibrant and productive sector of American indsutry may be sacrificed in the process." The main points raised by witnesses were these: 1. DES and other strong encryption which is barred by ITAR is in the public domain and available on the global market from foreign software manufacturers: -Ray Ozzie used his laptop and a modem to show how to get a DES implementation from ftp.germany.eu.net. The committee loved it and most of them seemed to understand what was going on on the screen, even though they had never heard of ftp. -Stephen Walker described the results of an SPA study which uncovered over 250 cryptography packages which offer DES-based or stronger algorithms. -Phil Zimmermann testified that he designed PGP from publicly available information. 2. Foreign DES implementations are just as good as US versions. Surprisingly enough, this is a contentious issue. Some members of the committee seemed to have been told by someone or another that foreign versions of DES may not be as strong as those that are made in the USA. If this were true, then export controls might still be justified despite the numerous foreign versions of DES on the market. In my view, this is a pretty desperate argument. -Steve Walker demonstrated that all DES works the same way by encrypting a passage from Mozart's Eine Kleine Nachtmusik with several different foreign DES packages, and then decrypting them. Surprise! They all sounded just the same. 3. Lots of money is being lost by US software/hardware vendors: -Don Harbert from DEC told of loses of over $70 Million in just the last few months. -BSA estimates that export controls exclude access to a global market the is $6-9 Billion. 4. People want their privacy -Phil Zimmermann told the committee about his experience with PGP users and how badly people need and want to protect their privacy in electronic environments Committee Responses: Overall, the committee was quite sympathetic to the witnesses. Chairman Gejdenson seemed very supportive of changing export controls. Rep. Dana Rohrbacher, no flaming liberal, said, "the cold war is over. I sympathize with everything that has been said here." ................................................................... Daniel J. Weitzner, Senior Staff Counsel Electronic Frontier Foundation 1001 G St, NW Suite 950 East Washington, DC 20001 202-347-5400 (v) 202-393-5509 (f) From mech at eff.org Wed Oct 13 08:07:03 1993 From: mech at eff.org (Stanton McCandlish) Date: Wed, 13 Oct 93 08:07:03 PDT Subject: bad news from Georgia (the Republic of) Message-ID: <199310131441.AA13653@eff.org> This might be interesting, though international, to many of you. Seems a certain Internet node is perceived as vital to the Georgians in their struggles. Forwarded message: From pmetzger at lehman.com Wed Oct 13 08:19:59 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 13 Oct 93 08:19:59 PDT Subject: The Bank of the Internet!? In-Reply-To: <199310131356.AA13313@bolero.rahul.net> Message-ID: <9310131517.AA06375@snark.lehman.com> Kasuga Jingoro says: > > Plenty. Find me a workstation with the sort of uptime a 3090 running > > MVS will give you. > > Since you asked... I don't know what the average uptime of a 3090 is, > but from several years of experience as a Unix sysadmin, most of the > Sun systems I've been involved with easily had uptimes ranging months > at a time. This isn't cypherpunks stuff. I'll happily argue with you elsewhere. Perry From koontzd at lrcs.loral.com Wed Oct 13 08:26:39 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Wed, 13 Oct 93 08:26:39 PDT Subject: Native American Encryption?! Message-ID: <9310131525.AA03957@nebula.lrcs.loral.com> Navajo (Navaho) Indians. Referred to as Code Talkers. I believe you'll find something in David Kahns "The Code Breakers". They were used in tactical situations. To break an otherwise unknown language would require context, such as good traffic flow analysis and otherwise good intelligence. I beleive there was a program on A&E (TV) on the Navajo code talkers in the Pacific (WWII). Navajo code talkers used lots of colloquilisms and all new each other more or less. You could have ended up attacking language code in sets between two code talkers. From nate at rodin.VIS.ColoState.EDU Wed Oct 13 08:27:02 1993 From: nate at rodin.VIS.ColoState.EDU (nate at rodin.VIS.ColoState.EDU) Date: Wed, 13 Oct 93 08:27:02 PDT Subject: The Bank of the Internet!? In-Reply-To: <199310131356.AA13313@bolero.rahul.net> Message-ID: <9310131522.AA00413@rodin.VIS.ColoState.EDU> writes Kasuga Jingoro: > >> Plenty. Find me a workstation with the sort of uptime a 3090 running >> MVS will give you. > >Since you asked... I don't know what the average uptime of a 3090 is, >but from several years of experience as a Unix sysadmin, most of the >Sun systems I've been involved with easily had uptimes ranging months >at a time. Powering down a system for maintenance or adding equipment >was more common than crashes. If you insist on promoting the reliability >of the 3090, perhaps you'd be so kind as to cite some figures. I'd >hazard to guess though that a 3090 could be sufficiently mismanaged to >produce dismal uptimes as well as a workstation can. I have (well, I manage) a sun 4/280 server, and it was once up for 180 days straight, but we restarted it just because it had been up for what we thought was a really long time... In my experience, Big Blue machines only talk to themselves correctly, and don't talk to much else. Just my $0.02 -nate -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From mech at eff.org Wed Oct 13 08:29:59 1993 From: mech at eff.org (Stanton McCandlish) Date: Wed, 13 Oct 93 08:29:59 PDT Subject: from a source who said "NOT FOR ATTRIBUTION" re: National Performance Review (fwd) Message-ID: <199310131527.AA14771@eff.org> A "National Privacy Protection Board" ?! Forwarded message: > Posted-Date: Wed, 13 Oct 1993 08:35:15 -0400 > Message-Id: <9310131235.AA08993 at linc.cis.upenn.edu> > X-Sender: farber at linc.cis.upenn.edu > Mime-Version: 1.0 > Content-Type: text/plain; charset="us-ascii" > Date: Wed, 13 Oct 1993 08:35:15 -0400 > From: farber at central.cis.upenn.edu (David Farber) > Subject: from a source who said "NOT FOR ATTRIBUTION" re: National Performance Review > Precedence: list > > > "The Vice President's recent report "From Red Tape to Results: Creating a > Government that Works Better and Costs Less (National Performance Review) > is peppered with recommendations about how to use information technology to > "reinvent government." They would put in place an administrative > infrastructure that empowers agencies and tracks progress, and undoing much > of the entrenched bureaucracy that evolved and got ossified in the single > vendor-mainframe era. > > The meat behind the recommendations, teased together with much help from > industry and information technology experts, is in a yet unreleased > technical report, and it appears that it may never be vetted in public. The > reason seems to be fears within the VP's public relations hirearchy, that > the background report may generate controversy. This one should- among the > ossified. Early and inaccurate drafts have begun circulating, raising risks > that many of the good ideas will be stillborn as bureaucratic barriers that > threaten the status quo are errected. > > The recommendations include no-brainers (placing all agencies on the > Internet and spreading e-mail through all agencies), huge $ savers > (generating agency agreements for integrating tactical law enforcemnt > network technology) and actual innovations (replacing the infamous "GSA > Schedule" (which slows federal procurement of IT and raises costs) with a > real time electronic marketplace. Some short acronym agencies appear > sensitive to a proposal for a National Privacy Protection Board. > > Curious? Take a look at the report on the UNC Sunsite Gopher. Want to know > more contact the VP and tell him!" > > > -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From pmetzger at lehman.com Wed Oct 13 08:36:39 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 13 Oct 93 08:36:39 PDT Subject: Notes from House Hearing on Cryptography Export Controls In-Reply-To: <199310131504.AA14248@eff.org> Message-ID: <9310131531.AA06409@snark.lehman.com> Daniel J. Weitzner says: > > Committee Responses: > > Overall, the committee was quite sympathetic to the witnesses. Chairman > Gejdenson seemed very supportive of changing export controls. Rep. Dana > Rohrbacher, no flaming liberal, said, "the cold war is over. I sympathize > with everything that has been said here." Rohrbacher was once a libertarian, although he's done much to cover up that fact over the years since. Perry From an41418 at anon.penet.fi Wed Oct 13 08:39:59 1993 From: an41418 at anon.penet.fi (wonderer) Date: Wed, 13 Oct 93 08:39:59 PDT Subject: Native American Encryption?! Message-ID: <9310131538.AA25657@anon.penet.fi> If nothing else, adding encryption on top of the Navajo language makes known-plaintext much more difficult. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From wcs at anchor.ho.att.com Wed Oct 13 08:42:03 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Wed, 13 Oct 93 08:42:03 PDT Subject: Spread Spectrum Nets (Way to do safely) Message-ID: <9310131541.AA22489@anchor.ho.att.com> Robert Woodhead writes: > Succinctly, use the purloined letter technique -- hide it in plain sight. > There are RF bands set aside for unlicensed low-power operation; some > new phones use spread-spectrum techniques in these bands. It's more than just purloined-letter issues - it's *legal*. That means that the FCC won't be triangulating around to find and destroy your transmitters, which is good. So you're back to threats from the CIA/DEA/NSA/FBI, pigeons, vandals, etc., and encryption and spread-spectrum make it a lot easier to avoid problems from frustrated cops. From koontzd at lrcs.loral.com Wed Oct 13 09:11:40 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Wed, 13 Oct 93 09:11:40 PDT Subject: Native American Encryption?! Message-ID: <9310131610.AA04035@nebula.lrcs.loral.com> >If nothing else, adding encryption on top of the Navajo >language makes known-plaintext much more difficult. Navajo has no written language. From doug at netcom.com Wed Oct 13 09:16:42 1993 From: doug at netcom.com (Doug Merritt) Date: Wed, 13 Oct 93 09:16:42 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310131614.AA28603@netcom4.netcom.com> jkreznar at ininx.com (John E. Kreznar) said: >Are you taking into account that as the power is dropped, coherent >communication can compensate by dropping the data rate Very low power transmitters are actually legitimate, at least in some bands, so you don't have to drop the signal to the point where it'd merge seamlessly with ambient noise. However I doubt that extremely low power transmitters will accomplish what is desired. I also wonder whether extremely low data rates are desired. >> There are other approaches...phase-sweeping...phase-conjugation... >Do you have a reference for these? Neither appears in the index of any of the >books in my spread-spectrum library. Maybe they're not spread-spectrum? Different topic. Try "phase conjugate mirrors" in optical and physics journals. I'm not positive that this would be good enough to help avoid detection. Doug From doug at netcom.com Wed Oct 13 09:42:03 1993 From: doug at netcom.com (Doug Merritt) Date: Wed, 13 Oct 93 09:42:03 PDT Subject: Breaking DES In-Reply-To: Message-ID: <9310131642.AA01905@netcom4.netcom.com> >When I use a hash table, it is never a substitute for storing the >actual value of the thing I'm hashing. Its always just a way of >rapidly FINDING the underlying object. I have to store the underlying >object in order to compare to it. As an example, in a hashed symbol >table, I store the actual symbols. Instead of storing the underlying value, I am assuming that it is *thrown away*, and recalculated whenever there is a collision. This cuts down on the expense of this disk drives, at the cost of increasing runtime by roughly a factor of 7 (log_base_256(2^56)). I didn't include that cost in my previous estimates because I was doing a very rough back of the envelope calculation, but I accept that it should be included. >> Impractical? Your response to Karl implied that it was *impossible*. > >The two are very similar in our field. Cracking RSA with a 2000 bit >key is merely impractical, not impossible, where "impractical" is >defined as completely beyond human ability. It's a question of where you draw the line. A budget of one hundred billion dollars and a runtime of say a year, I'm willing to call "impractical". A budget of 10 trillion dollars and a runtime of 100 years, I'd be willing to call "impossible". The 2000 bit key is over everyone's threshold. Doug From lefty at apple.com Wed Oct 13 09:56:42 1993 From: lefty at apple.com (Lefty) Date: Wed, 13 Oct 93 09:56:42 PDT Subject: Native American Encryption?! Message-ID: <9310131653.AA08213@internal.apple.com> > I remember hearing many years ago that one of the branches of the armed >aervices during WWII used a native American -- Cherokee? Apache? -- >language to communicate. The Japanese (the story goes) went nuts trying to >crack the code -- unsuccessfully. It was Navajo. > Two questions: > 1) Can anyone give me a reference for this story (assuming it's true)? There was a recent (i.e. within the past year) article in Smithsonian magazine on the "code talkers". I believe only one or two of them are still surviving. This sort of thing doesn't constitute what would properly be called a cipher; it's either a code, or perhaps a species of steganography. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From yerazunis at aidev.enet.dec.com Wed Oct 13 10:16:42 1993 From: yerazunis at aidev.enet.dec.com (A little like having bees live in your head. 13-Oct-1993 1306) Date: Wed, 13 Oct 93 10:16:42 PDT Subject: Native American Encryption Message-ID: <9310131712.AA09184@enet-gw.pa.dec.com> >>If nothing else, adding encryption on top of the Navajo >>language makes known-plaintext much more difficult. > >Navajo has no written language. Not so. There has been a written form for Navajo for the last few decades (at least). It uses the Roman alphabet but the mapping of sound-to-character is not the same as for English. Vowels aren't even a, e, i, o, and u, which certainly doesn't help speakers of English trying to form syllables. To my eye, it more closely resembles modem noise on an ASCII terminal than anything else, but it does exist. (no, I can't read it) Navajo code talkers spoke with Navajo words, but not with Navajo meanings. Parts of speech that should be nouns became adjectives, etc. Navajo Elders who heard the code talkers commented "It sounds like Navaho, but it doesn't make any _sense_!". -Ya-ha'-tey! Bill Yerazunis From vznquest at netcom.com Wed Oct 13 10:26:42 1993 From: vznquest at netcom.com (Alan Mason) Date: Wed, 13 Oct 93 10:26:42 PDT Subject: New aproach in pgp-randomizer!!! In-Reply-To: Message-ID: I experienced the same thing the first time I ran pgp 23 on my stone generic 286 fossil. In fact, I was shocked when, a few weeks later, it asked for keystrokes when doing -kg. Anyone have any ideas about this??? ----------------------------------------------------------------------------- Alan Mason | Any time you find a simple answer to a question, vznquest at netcom.com | The odds are you asked the wrong question. ******************* | ---------------------------------------------------------------------------- On Wed, 13 Oct 1993, Victor A. Borisov wrote: > Hello! > > Today I saw paraphysics randomizer in pgp: > pgp -kg was run; > it ask me about user id and passphrase; > then it run generation (it wrote like this: ............ ++++); > > But, as we see, it did not ask about key typing!!! The most intresting > pgp generate key pair and rendseed.bin-file. I thinck this is related to > new topsecret paraphysics randomyser (today is 13.10.93).:) > Some words about technical ditails: > Hardwate - i486; Software - MS-DOS 3v30 (I boot from protected floppy and > ran good antivitus utility before keypair generation). PGP 2v3a was run. > I have expiriance in pgp (i maintain pgp-keys server). > > I keep keypair and randseed file and try to repiad this fantastic result, but > paraphysic energy is go out :). > > Mr. Zimmermann, I hope, that this was really paraphysic (or my mistake:(), > because the trust to crypt-program is very unstable thing. > > From mimir at u.washington.edu Wed Oct 13 10:29:59 1993 From: mimir at u.washington.edu (Grendel Grettisson) Date: Wed, 13 Oct 93 10:29:59 PDT Subject: Internet Security Scanner available In-Reply-To: <2wwBBc1w165w@decode.UUCP> Message-ID: On Tue, 12 Oct 1993, System Operator wrote: > For those of you without FTP access who would like to take > a look at the Internet Security Scanner, it is available on > my BBS in /public/crypto. Call +1 410 730 6734, 12/24/96, > login "cypher" password "punk". How about for those of us WITH FTP access? From tcmay at netcom.com Wed Oct 13 10:56:43 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 13 Oct 93 10:56:43 PDT Subject: Dangers of skipping too many messages Message-ID: <9310131754.AA23663@netcom5.netcom.com> Folks, part of the list volume problem is apparently that a lot of us are skipping a lot of the messages. Sounds paradoxical, but hear me out. Someone asked about the Indian code talkers used in World War II, and suggested they might be Apache or Cherokee. Well, to date, about half a dozen responses have all pointed out they were the famous Navajo code talkers. Nice to see such knowledge. But the responses seem to indicate no awareness that several others have already answered the question. And this is not a "response cluster" phenomenon, as the answers have been straggling in for a few days. (However, it may be that some folks are way behind in their reading and fired off an answer when they read the first question.) I don't have an answer to either of these problems (people skipping messages, people behind in reading), but both appear to be symptomatic of an overloaded list. Eric H. tells me we're well over 500 subscribers now. Gulp! --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From ee at lever.com Wed Oct 13 11:26:43 1993 From: ee at lever.com (Edward Elhauge) Date: Wed, 13 Oct 93 11:26:43 PDT Subject: pornography & the ``cypherpunk cause'' In-Reply-To: <9310131248.AA27665@vail.tivoli.com> Message-ID: In message <9310131248.AA27665 at vail.tivoli.com>, Mike McNally writes: >Think of it this way. If I'm tooling down the Interstate at 75 and my >passenger says > Though ultimately you will have to make this decision for > yourself, because in your capacity as driver of this motor > vehicle you are solely responsible for adherence to state > and local traffic ordinances, you should be aware that an > official affiliated with a law enforcement organization is > at this moment using a speed measurement device from his > vehicle parked ahead of us behind a bush, and that there > may be legal ramifications to his detection of your current > speed. >I'd be like real pissed off while the ticket was being written. If, >on the other hand, my companion said > TROOPER! SLOW DOWN! A counter-example might be: 1) Someone breaks down my door while I am eating. As per California law there is a REBUTABLE PRESUMPTION (embedded in statutory law) that my life is in danger and that deadly force is justified. Consequently, my response to the situation is ruled justifiable homicide. 2) Someone breaks down my door while I am eating. A feeble minded guest of mine shouts out "I don't think he's armed." Consequently, the police find that the man is either not armed or had a water pistol. I might do 5-10 for manslaughter or 2nd degree murder. Your example doesn't involve a law that requires knowledge or a state of mind to be guilty. Laws about the transport of illegal information do! -- Edward Elhauge | "The only thing worse than being talked about Lever Industries | is not being talked about." San Francisco | -- Oscar Wilde ee at lever.com | From Hastings at courier8.aero.org Wed Oct 13 12:06:42 1993 From: Hastings at courier8.aero.org (Hastings at courier8.aero.org) Date: Wed, 13 Oct 93 12:06:42 PDT Subject: Electronic Production Costs Message-ID: <00087B6A.MAI*Hastings@courier8.aero.org> When I mentioned the cost of the Julieboard at $125 wired and tested, I said that volume (say 1,000,000 units) would bring the cost down. I didn't mean to say that I could build one board from parts myself for less than $125. Using a commercial manufacturing assembly line on the final product should lower the cost, figuring efficiency and volume discounts on the components, and getting the Hell out of Ontario with its high income and value added taxes will make a big difference.The Julieboard performance/price ratio was unheard of a few years ago when I looked at the A&A Williams synthesizer. The author/designer of Julieboard says he has done frequency-hopping spread spectrum designs, and the next project he publishes for the ham radio market could be a digital transceiver. Kent - "Ask not for whom the bill tolls." From amcgee at netcom.com Wed Oct 13 13:27:15 1993 From: amcgee at netcom.com (Arthur R. McGee) Date: Wed, 13 Oct 93 13:27:15 PDT Subject: bad news from Georgia (the Republic of) In-Reply-To: <199310131441.AA13653@eff.org> Message-ID: GlasNet Ulitsa Yaroslovaskaya 8, Korpus 3, Komnata 111, 129164 Moscow, Russia Phone: +7 (095) 217-6182 Email: support at glas.apc.org From tcmay at netcom.com Wed Oct 13 13:49:59 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 13 Oct 93 13:49:59 PDT Subject: Dangers of skipping...my solution for now Message-ID: <9310132048.AA16584@netcom5.netcom.com> Earlier I wrote about the dangers of skipping too many messages, of a kind of "response cluster" when the same question gets answered many times. Somewhat making their point, several people have responded to me privately saying they try to answer questions in e-mail and then let the questioner summarize the responses in public, if he wishes. Advantages of this approach: - reduces repetitive answers (saves list bandwidth) - questioner can synthesize from all answers Disadvantages: - others may want to see the answers and may, under this approach, flood the list with "me too" lines (seen in many newsgroups, when "send answer in e-mail" gets met by "Hey, I'd be interested, too" follow-ups). - others may not know the question has already been answered, resulting in much wasted time (e.g., 30 private e-mail messages all addressing the Navajo code talker question). (Aside: there's a standard game theory example on how often one should help...it works better in game theory than in practice.) Finally, to me the most serious problem with moving more responses to private e-mail is that the discussion group aspect of the list gets lost. So I still don't have an answer. However, as an experiment, I plan to try to move as many of my responses off the list proper as possible. Things that are clearly of interest to a reasonable fraction of the entire list, I'll still post to the list. (Note again, as many of us have described, the Extropians list software allows threads to be ::excluded, as well as authors, so repetitive traffic can be reduced. It takes a minute or so to send off the ::exclude, so many of us prefer to just hit the "D" key promptly. Still, a portent of things to come.) -Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From an42035 at anon.penet.fi Wed Oct 13 13:51:45 1993 From: an42035 at anon.penet.fi (Shimrod) Date: Wed, 13 Oct 93 13:51:45 PDT Subject: FLAME: breaking DES Message-ID: <9310132049.AA21296@anon.penet.fi> I have been following this argument, and I cannot let this post slide without comment. As near as I can tell, Karl pointed out an attack which shows that double encrypting really doesn't buy you much security over single encrypting. Perry has chosen to ridicule this for impracticality. (Incidentally, I notice a slight error in a followup post by Karl, undoubtedly a typo on his part. The number of chosen plaintexts needed by differential cryptanalysis is 2^47 and not 10^47. While still a large number at more than 100 trillion, it is at least much smaller than 10^47!) This fact seems to have eluded Perry, despite his apparent expertise. There are other meet-in-the-middle attacks, such as the one Chaum and Evertse use against a DES variant (fewer number of rounds), described in "Cryptanalysis of the DES with a reduced number of rounds" at CRYPTO '85. The meet-in-the-middle attack Karl posted is by Merkle and Hellman, from the 1981 paper "On the Security of Multiple Encryption", Communications of the ACM. Strange, but I don't recall Perry asking if Merkle and Hellman were worried that others might think they beleived this. Incidentally, the complexity of factoring a 2000 bit number is on the order of 2.4 X 10^43 steps. >Whenever Perry Metzger defends an opinion of his well, somebody whines. >Whenever Perry Metzger disagrees with someone's arguments, someone else >crys "unfair! He's using his WITS on me!" >Whenever Perry Metzger has to stop and demonstrate something as simple as >arithmetic to end an argument, someone cries "foul! sarcasm! Hey, he's not >playing nice!" Well, if Perry were to have the BALLS to make impracticality arguments against the experts who actually created the protocols and methods, instead of taking cowardly pot-shots, maybe we wouldn't think he's full of shit. The attack is impractical, and if Perry weren't so strung out he could have written a coherent post stating despite the cleverness of the attack, it is out-of-reach with today's technology, with some calculations showing this. In the 1980 paper by Helleman "A Cryptanalytic Time-Space Tradeoff", Helleman suggests it is possible to pre-compute and store 2^56 results, and use this information to lookup keys. Cost: estimated at $5 million. (Although this is for singly encrypted text). Funny, but I don't recall any dissenting papers by Perry on this subject. He didn't ask if Helleman really wanted people to think he beleived this. >Y'all need to develop slightly thicker skins. Perry's efforts could serve to >raise the thought level of other posters to this list, if they'd stop reacting >to each prod with an irritated swipe back at the prodder. First off, Perry Metzger had treated this list to such CYPHERPUNK (?) gems as: 1) his dripping sarcasm 2) posts about theories on government, anarchy, and nazis 3) riduling posts obviously mistakenly sent (one such post with several ^H in it) 4) mailing list vs. newsgroup and how he can handle 300 mails a day and get work done 5) posts on the wide variety of services banks offer in New York 6) posts on the former libertarian orientation of Rep. Dana Rohrbacher 7) other pointless garbage If Perry wanted to raise the thought level of other posters, he would quit posting such bilge. Ah, but then, he wouldn't be posting at all! If he would take his BULLSHIT to private email, this list would improve vastly. If I missed the cypherpunk content in the above examples, point it out. He has a rather inflated ego and is quick to insult others: >You don't know anything about hashing, then. So if Perry feels that "you can lead a horse to water but can't make him think" he could perhaps pull his head out of his ass, wipe the shit from his eyes and ears, buy a fucking clue at the nearest store, and shut up. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From arthurc at crl.com Wed Oct 13 14:32:16 1993 From: arthurc at crl.com (Arthur Chandler) Date: Wed, 13 Oct 93 14:32:16 PDT Subject: Too Many Messages? Not! Message-ID: As the culprit who started the "Native American Encryption" thread, I'd like to speak out in thanks and in favor of many answers to a question. It's true that lots of folks correctly identified Navajo as the source pf the language used. But lots of other details came in, one post at a time, that clarified the picture, and made it both more accurate and more interesting to folks interested in this fascinating chapter in the history of coding. The fact that Navajo was originally all-oral, but is now written; that the talkers used a compound of Navajo and on-the-fly slang; that real-language systems are immeasurably harder to crack than encrypted messages if you don't know they are real-life languages; etc. etc. -- I for one got a great deal out of the thread, including some references to follow up on. And all this has made me wonder if real-life languages, as opposed to algorthymic encryption schemes,.... Well, that's another thread. From mg5n+ at andrew.cmu.edu Wed Oct 13 15:19:59 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Wed, 13 Oct 93 15:19:59 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310130301.AA12952@netcom5.netcom.com> Message-ID: > Sure, this is possible. But it doesn't help *that* much. Triangulation > of signal spots any antenna quickly, and they cut that off immediately. > You can get increasingly elaborate about hiding the signal source, and > restoring antennae quickly as they're pinched, but it's sort of a losing > battle unless you assume real time response by the underground lead by > a brilliant EE type. Switching frequencies rapidly to prevent triangulation is still the best defense. In my previous post I was just pointing out the silliness in worrying about someone going around and shooting at transmitters. From mg5n+ at andrew.cmu.edu Wed Oct 13 16:02:16 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Wed, 13 Oct 93 16:02:16 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <93Oct13.033350pdt.13932-3@well.sf.ca.us> Message-ID: > "a sort of virtual-space map, which would reveal > nothing about actual phyical location of the sites > or the person you are contacting." > > I'm not so sure... in cellular systems, cells must know where the handsets > are located in order to send incoming calls. Your transmitter has a > physical location which could presumably be tracked in the normal manner, > and I would expect the overall routing information in a net to be > susceptible to traffic analysis in any case. An individual who is using the > system to communicate wouldn't be able to find the physical address of > another user, but e.g. an intelligence agency which was looking at the > entire network would. You've hit the key concept - motion. If you are operating from a fixed transmitter, finding locations is very difficult. The problem is that if someone was to drive around the city in a radio equipped truck, and log into lots of different nodes, they could at least get a partial map of where various nodes are located. This could be countered by additional software which would emulate the node you logged in on even tho it actually switched you to another node (you communicate with a virtual fixed node which may or may not be the actual one you are communicating with). hmm... Which leaves us with the problem of developing software to do that, and developing some method of logging into the system which would not be node-specific (if you had to do something special for each node, it would immediately reveal what areas the nodes were in.) That creates the problem of developing something that is not a plainly obvious "log-in" signal that the FCC could look for. Ideas? From lefty at apple.com Wed Oct 13 16:07:16 1993 From: lefty at apple.com (Lefty) Date: Wed, 13 Oct 93 16:07:16 PDT Subject: FLAME: breaking DES Message-ID: <9310132306.AA15145@internal.apple.com> According to > >Well, if Perry were to have the BALLS to make impracticality arguments >against the experts who actually created the protocols and methods, >instead of taking cowardly pot-shots, maybe we wouldn't think he's >full of shit. Firstly, these are bold words coming from someone posting through an anonymous remailer. Secondly, what do you mean "we", kimosabe? I can only imagine that you're referring to yourself and your intestinal parasites. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From jdblair at nextsrv.cas.muohio.EDU Wed Oct 13 16:56:45 1993 From: jdblair at nextsrv.cas.muohio.EDU (jdblair at nextsrv.cas.muohio.EDU) Date: Wed, 13 Oct 93 16:56:45 PDT Subject: Midwest Cypherpunk Meeting Message-ID: <9310140014.AA08021@ nextsrv.cas.muohio.EDU > Are there enough Cypherpunks in the Midwest to have a meeting, no matter how small? I've been following the list (rarely posting) for quite a while now, but I'd like to discuss these issues in person, and maybe feel a little less isolated here in Ohio. E-mail me back directly if there is any interest. John Blair jdblair at nextsrv.cas.muohio.edu From holland at CS.ColoState.EDU Wed Oct 13 17:10:01 1993 From: holland at CS.ColoState.EDU (douglas craig holland) Date: Wed, 13 Oct 93 17:10:01 PDT Subject: !FLAME: breaking DES Message-ID: <9310140009.AA06153@beethoven> OK, I sort of wanted to break up the constant flaming on this thread, so I thought I would introduce my own (admittedly ignorant) way to break DES. 1. Start with a full keysearch of all 2^56 possible DES keys. 2. If you have plaintext to work with, compare each sample decryption with the plaintext. 2a. If you don't have plaintext, I would try washing the decryptions through a pattern searching algorithm that would include a dictionary, patterns from compression programs like PKZip, machine language instructions, and any other possible form of communication that can be represented as a binary string. At least that's how I would do it. If anyone has any suggestions, corrections, etc. I wouldn't mind hearing them. Doug From trebor at foretune.co.jp Wed Oct 13 17:26:45 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Wed, 13 Oct 93 17:26:45 PDT Subject: Spread Spectrum Nets (Way to do safely) In-Reply-To: <9310131541.AA22489@anchor.ho.att.com> Message-ID: <9310140025.AA17210@dink.foretune.co.jp> You write: >Robert Woodhead writes: >> Succinctly, use the purloined letter technique -- hide it in plain sight. >> There are RF bands set aside for unlicensed low-power operation; some >> new phones use spread-spectrum techniques in these bands. >It's more than just purloined-letter issues - it's *legal*. You miss the point. The point is, rather than build an underground net, build an overt one that has the features you want, that lots of people would like to use. The classic example of this technique, of course, is the Internet itself. I'm sure there are people who would hold that it has resulted in the dissemination of lots of "classified" cryptographic munitions. Yet you don't see anyone trying to shut it down. Why? Because it is useful and has a large user community of good folks who would get royally p'od at anyone who tried. Same thing with cellular phones. With TV. And on and on. From doug at netcom.com Wed Oct 13 19:26:46 1993 From: doug at netcom.com (Doug Merritt) Date: Wed, 13 Oct 93 19:26:46 PDT Subject: pornography & the ``cypherpunk cause'' In-Reply-To: Message-ID: <9310140227.AA02879@netcom2.netcom.com> Edward Elhauge said: >A counter-example might be: > 1) Someone breaks down my door while I am eating. As per California law >there is a REBUTABLE PRESUMPTION (embedded in statutory law) that my life is >in danger and that deadly force is justified. Consequently, my response to the >situation is ruled justifiable homicide. Doesn't this need to be phrased more cautiously? As I understand it, you need to demonstrate to the jury that you feared for your life, and someone breaking down your door is not enough for that. Unlike in some other states, in California it is essential that there be a clear threat to your life. > 2) Someone breaks down my door while I am eating. A feeble minded guest >of mine shouts out "I don't think he's armed." Consequently, the police find >that the man is either not armed or had a water pistol. I might do 5-10 for >manslaughter or 2nd degree murder. The phrasing of this makes me think that you and I have the same impression of the law, but that you just were a bit terse in phrasing #1. >Your example doesn't involve a law that requires knowledge or a state of mind >to be guilty. Laws about the transport of illegal information do! I tend to be concerned about arguments that don't take the infamous "ignorance of the law is no excuse" into account. That is, one needs to make a clear distinction between ignorance of the law and ignorance of the action itself. There have been times in this particular thread when I wasn't clear whether people were making that distinction. Doug From glidedw at sfsuvax1.sfsu.edu Wed Oct 13 19:36:46 1993 From: glidedw at sfsuvax1.sfsu.edu (Godzilla's Home Boy) Date: Wed, 13 Oct 93 19:36:46 PDT Subject: RSA crap Message-ID: Howzsa battles going. What are the chances of getting caught using pgp out of this country? I have friends in Russia, I'd like to use more than ordinary encryption getting to them. From doug at netcom.com Wed Oct 13 19:46:47 1993 From: doug at netcom.com (Doug Merritt) Date: Wed, 13 Oct 93 19:46:47 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: Message-ID: <9310140244.AA04580@netcom2.netcom.com> Matthew J Ghio said: >Switching frequencies rapidly to prevent triangulation is still the best >defense. Think from the point of view of the spotters. They can look at a broad-spectrum scan, gradually eliminate known sources, and end up homing in on the remaining high power signals. Doug From klbarrus at owlnet.rice.edu Wed Oct 13 20:19:59 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 13 Oct 93 20:19:59 PDT Subject: DES: breaking, attacking Message-ID: <9310140317.AA06605@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- On the method Douglad Holland posted about breaking the DES... an interesting property of DES is that of complimentation. That is, if encryption of plaintext P under key K produces ciphertext T, then encryption of plaintext P' under key K' produces ciphertext T', where the primes (') mean bitwise complement. If: T = DES(P ,K) then T' = DES(P', K') Cryptanalysis can exploit this if two pairs are available such that T' = T or P' = P. What this boils down to is a 50% reduction in work. So now instead of taking 10 billion years it'll just take you 5 billion :-) Complexity wise, it's just 2^55 steps instead of 2^56, so it may not buy you too much. A more interesting attack I read of is a probabilistic attack against DES. Suppose you encrypt sensitive data, and change keys once a month. I can attack you by trying as many decryptions as possible within the month. Sure, I am not guarenteed success, but the point is that if I do this month after month, I have a decent chance of success at some point during the year. And if the information you encrypt is valuable, once success during the year is all I'll need. An upcoming book on cryptanalysis details this attack; the author calculates success rates given various estimates for hardware (speed and number) and frequency of key shifting. It is quite arresting: even if you change keys every week, if I can muster enough computer power to give me a 1% chance of success, the chances are "good" that at some time during the year I'll succeed in decrypting a message. For example, if I can be guarenteed of breaking your DES encrypted message in a year (say I can mount a brute force attack that does 2^56 encryptions and takes a year), there is an 8% chance the key will be recovered in one month. So even if you change your key every month, I have an 8% chance of success. If your key is needed to conduct financial transactions and you are a bank, I can profit greatly from one success. So basically, DES is looking more and more disadvantaged with its relatively small key size (64 bits, of which 8 are predictable parity bits). Karl Barrus -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLLzEJ4OA7OpLWtYzAQHE7AP7BpG0k0bOjLbTPJbiaMzEFSZuquo/te0w EeD4cC22jru8jXCEtM6AUHp94UJucAXDzY7szDhNlcMY5uv0OIXaFyoohPxBDEw5 CxKKUt0TxpqFdGwwkW8jpPMoBtZa8rGu/yPEZJ9CmcuHDANbEnVlQ9w8weMTWDHD qqCSlsuziOs= =hS3G -----END PGP SIGNATURE----- From glidedw at sfsuvax1.sfsu.edu Wed Oct 13 20:26:46 1993 From: glidedw at sfsuvax1.sfsu.edu (Godzilla's Home Boy) Date: Wed, 13 Oct 93 20:26:46 PDT Subject: RSA crap Message-ID: I don't want to give the program pgp 2.2 to russians, since i got it from them! From swc at uc1.ucsu.edu Wed Oct 13 22:06:53 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Wed, 13 Oct 93 22:06:53 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310140508.AA23738@uc1.ucsu.edu> PCS is coming. It will support data communications at moderate rates to and from portable (handheld) units. We may achieve some gains by simply using PCS with encryption. You (I don't know who:-) may object: every PCS unit will have an ID will   hich will be traceable to a person. But this need not be so. What if XYZ cmpany were to buy thousands of PCS units to issue to its independent agents and accept billing responsibility for all of them? XYZ could use anonymous account registration and pseudonyms from there on out. Thus the telcos and PCS operators get paid (by XYZ corp.) without having to know who the individual unit users are. XYZ can cut off an anonymous user who fails to pay his bill by telling the telcos/PCS operators to stop accepting calls from that ID (nobody needs to know who the deadbeat connected to that ID is). As long as there is sufficient prepayment by unit users to XYZ, that meritorious company can avoid losing its shirt to repeat deadbeats who keep registering (anonymously) for new accounts, running up big bills and not paying. What important point am I missing here? Thanks in advance to all the professional flamers out there who will make it clear to me :-) ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From MIKEINGLE at delphi.com Wed Oct 13 22:36:53 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Wed, 13 Oct 93 22:36:53 PDT Subject: New aproach in pgp-randomizer!!! Message-ID: <01H432GVY4HE91XV2I@delphi.com> blaster at kiae.su writes: >Hello! >Today I saw paraphysics randomizer in pgp: >pgp -kg was run; >it ask me about user id and passphrase; >then it run generation (it wrote like this: ............ ++++); >But, as we see, it did not ask about key typing!!! The most intresting >pgp generate key pair and rendseed.bin-file. I thinck this is related to >new topsecret paraphysics randomyser (today is 13.10.93).:) >Some words about technical ditails: >Hardwate - i486; Software - MS-DOS 3v30 (I boot from protected floppy and >ran good antivitus utility before keypair generation). PGP 2v3a was run. >I have expiriance in pgp (i maintain pgp-keys server). >I keep keypair and randseed file and try to repiad this fantastic result, >but paraphysic energy is go out :). >Mr. Zimmermann, I hope, that this was really paraphysic (or my mistake:(), >because the trust to crypt-program is very unstable thing. This is not a bug. PGP times your keystrokes when you type your key id and passphrase, using the timing information for randomness. If it gets enough randomness from these keystrokes (i.e. if you type a long id and passphrase), it does not need you to type randomly because it already has enough random material to generate the key. You can re-create this by choosing a short (384-bit) key, typing a long id and passphrase, and typing slowly so that PGP gets a good random byte from each keystroke. This does not make the key predictable or cause a loss of security. ------------------------------------------------------------------------- an42035 at anon.penet.fi, writer of "FLAME: breaking DES": anon wrote: (a rather crude and profane personal attack against Perry Metzger, which I have no intention of echoing) Anonymous personal attacks usually say more about the attacker than about the target. This one is no exception. You have a lot of nerve to talk about Perry's "balls" when you don't even have the "balls" to sign your name to your flame against him. This attack is at about the same cowardly level as most bathroom-wall graffiti. P.S. Go ahead and flame me. My address is "mikeingle at delphi.com", make sure you spell it right. The longer and more venomous your flame, the bigger idiot you reveal yourself to be for wasting all that time in taking an anonymous potshot at someone. From newsham at wiliki.eng.hawaii.edu Wed Oct 13 22:41:17 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Wed, 13 Oct 93 22:41:17 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310140508.AA23738@uc1.ucsu.edu> Message-ID: <9310140537.AA03804@toad.com> > XYZ can cut off an anonymous user who fails to pay his bill by telling the > telcos/PCS operators to stop accepting calls from that ID (nobody needs to > know who the deadbeat connected to that ID is). As long as there is > sufficient prepayment by unit users to XYZ, that meritorious company can > avoid losing its shirt to repeat deadbeats who keep registering > (anonymously) for new accounts, running up big bills and not paying. > What important point am I missing here? Thanks in advance to all the > professional flamers out there who will make it clear to me :-) XYZ can also cut off an anonymous user who has paid all his bills. The user will then either lose his money or get in contact with the company to resolve the issue. This is an excellent opportunity to match an ID with a face. > Stuart W. Card, Consultant, Card & Associates -- Research & Development > Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 > swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From szabo at netcom.com Wed Oct 13 23:26:52 1993 From: szabo at netcom.com (Nick Szabo) Date: Wed, 13 Oct 93 23:26:52 PDT Subject: Pseudonymous & anonymous billing & credit In-Reply-To: <9310140537.AA03804@toad.com> Message-ID: <9310140623.AA01295@netcom5.netcom.com> [Attribution lost, sorry] > > XYZ can cut off an anonymous user who fails to pay his bill... Stuart Card: > XYZ can also cut off an anonymous user who has paid all his bills. > The user will then either lose his money or get in contact with > the company to resolve the issue. This is an excellent opportunity > to match an ID with a face. A pseudonymous customer has the opportunity to either file a tort under their pseudonymous ID or to publicize the fraud, either under their pseudonymous ID or anonymously. Either way the service provider's reputation is damaged if it cannot disprove the allegation. In general, the difficulty of anonymous credit is a good argument for making the payments as fine-grained as possible (eg digital postage), instead of tallying up bills. A trusted bank that knows the customer's True Name, long term reputation, or co-signers can handle extensions of credit to that customer for various purposes. With such streamlined credit and postage there's no reason for most service providers to be concerned about a customer's credit. Nick Szabo szabo at netcom.com From cman at IO.COM Thu Oct 14 01:16:52 1993 From: cman at IO.COM (Douglas Barnes) Date: Thu, 14 Oct 93 01:16:52 PDT Subject: Dining Sternlight Net Message-ID: <9310140810.AA27651@illuminati.IO.COM> The Dining Sternlight Net ========================= Objective: ---------- To create a system of communication among N parties that features sender and recipient untraceability, while frivolously expending Usenet bandwidth. Protocol (Net formation): ------------------------- N participants (up to 25) post the following to alt.fan.david-sternlight: Subject: Join DS Net BEGIN DS NET <128-bit hexadecimal random number> END DS NET Net moderator (initially mccoy at binky.cc.utexas.edu) posts a close of entries message containing a full list of net participants, along with their random numbers and PGP keys. Moderator will also chose a Net Name, which will be employed by participants to indicate what net they are participating in. Hereafter Subject lines will read: A MD5 digest hash of the postings to cypherpunks dated by toad.com between midnight and noon of the day following close of entries is generated. Random numbers are encrypted using DES with the lower 56 bits of the hash as key, thus creating the "Ordering Value" of each participant. The "Ordering Values" of the participants will be posted by the moderator with Post Type "Net Order", but the values can be checked by all. Protocol (Message passing): --------------------------- Participants all generate and save Int(N + (N * .2)) * 1024 random bits, which are encrypted using the PGP public key of the person whose Ordering Value places them immediately before theirs, except for the participant with the lowest Ordering Value, who encrypts with the PGP key of the participant with the highest Ordering Value. The encrypted block is posted to alt.fan.david-sternlight with Post Type: "Pass Left" Participants now build the "Difference Block" from their saved random bits and the random bits they retrieve from the newsgroup encrypted with their public key. The block is initially constructed by XOR of the saved bits with the bits retrieved in the "Pass Left" posting. The Difference Block is to be viewed as a collection of 1K sub-blocks. Participants will randomly choose one of the blocks to attempt to transmit their message, by XOR of their message with the bits of the selected sub-block. The resulting block is posted to the newsgroup with Post Type: "Difference". After retrieving all of the posted Difference Blocks, anyone can XOR the blocks together and view the "Result Block". Moderator will post official results with Post Type "Results", which will be conveniently separated into separate messages. If the 1k sub-block selected by a participant does not yield their original message in the Result Block they have suffered a collision. All participants who collide should not overlay a message in the following round. After observing the following round, participants who have collided select randomly from the empty blocks of that round, and attempt to send again. Wash, Rinse, Repeat. Additional Aspects: ------------------- To send a private message, participants should encrypt with the public key of the indended recipient. All participants who have not collided in the previous round must post a message (even if it is just random gibberish). If the net must be re-formed for any reason, the remaining participant with the Ordering Value closest to the MD5 digest of the last complete round of Result Blocks following the announcement by the previous moderator that the net must be reformed, or following three days of no postings by the moderator to alt.fan.david-sternlight. Although it was initially decided to announce this on both cypherpunks and the newsgroup, to maintain the proper degree of rude shock and befuddlement on alt.fan.d-s, we recommend that the protocol simply commence. Brought to you by: ------------------ The letter K, the number 2^644 - 1, and the Austin Cryptographer's Workshop. Acknowledgements: ----------------- The ACW wishes to thank Katz's Deli for providing the caffeine and bagels which made this project possible. From an12070 at anon.penet.fi Thu Oct 14 03:31:55 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Thu, 14 Oct 93 03:31:55 PDT Subject: cypherpunk mindfucking Message-ID: <9310141031.AA23760@anon.penet.fi> there is some serious mindfucking going on recently with pseudo addresses in postings to the list. it has reached critical mass. i've been monitoring the list for some time. _pure_ cypherpunks, go back through your archives to discover the stinky irregularities. send the instances to the list and cc: me. something needs to be done about the fucking perversions. we are being mindfucked by traitors. a _large_ amount of list traffic is originating from a _few_ real identities. you know what they say about 90% of everything being crap, eh? 90% of the crap here is poison "from above". you want to know why there are too many postings? too much out-of-order crap? a lot of bizarre & abusive flames? strange newbies? _desperate_ opposition to changing the list status quo? heh. guess. it's called "damage control". the frauds are among us. they are under a lot of stress lately in fact, a lot of vomit from one or _two_ depraved persons through different sites, with lax authentication, say netcom.com, crl.com, anon.penet.fi, or io.com could look a lot like a "clique" eh? and if "they" were to do their cybermasturbation in public, it might look like "elitism" eh? there is quite a bit of jacking around lately... yeh, paranoid rants are really the only problem! heh. gee, i wonder how _long_ this has been going on ... since the beginning, i'm sure. that's the point. do not be afraid of "status". be sickened by it. you know why "leadership" is a bad word around here? heh, do a grep for "qualified personel" or "the agenda" or "a traitor, a hypocrite, a lackey" or "Clique" or "newbie" or "Bamberg" because there is nothing but mindfucking. "we can all pretend the agenda is what we favor" thanks to everyone who has sent me mail. keep it coming. i intend to get to the ugly bottom of this if i have to. there is a putrid rotten stench here, i pray to GOD that others will finally smell it. i'm getting closer. i'm breaking it _wide_ open. the pretenders and traitors will be shot. the Cause has been stalled. the Cause will conquer. the Cause will live on. beware of anyone who tells you to throw away your Cypherpunk archives. they are a record of treason. C.R.A.M. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From jrk at sys.uea.ac.uk Thu Oct 14 03:56:55 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Thu, 14 Oct 93 03:56:55 PDT Subject: cypherpunk mindfucking Message-ID: <12172.9310141057@s5.sys.uea.ac.uk> Used to be that it was only Usenet that got pestered by children at the start of every academic year. Now they're getting wise to mailing lists. Inevitable, I suppose. Do the owners of this list have any policy on kicking people off? Or is it better to just ignore them, lest, like antibiotic-resistant bacteria, they learn to disguise themselves more effectively? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From P.V.McMahon at rea0803.wins.icl.co.uk Thu Oct 14 04:20:00 1993 From: P.V.McMahon at rea0803.wins.icl.co.uk (P.V.McMahon at rea0803.wins.icl.co.uk) Date: Thu, 14 Oct 93 04:20:00 PDT Subject: cypherpunk mindfucking In-Reply-To: <9310141031.AA23760@anon.penet.fi> Message-ID: <"7437*/I=PV/S=McMahon/OU=rea0803/O=icl/PRMD=icl/ADMD=gold 400/C=GB/"@MHS> Shouldn't this sort of posting be directed a news group where its qualities of invective and use of powerful English may be better appreciated? It doesn't seem very relevant to privacy, cryptography or code, & merely serves to exercise delete key.. From VACCINIA at UNCVX1.OIT.UNC.EDU Thu Oct 14 07:30:00 1993 From: VACCINIA at UNCVX1.OIT.UNC.EDU (VACCINIA at UNCVX1.OIT.UNC.EDU) Date: Thu, 14 Oct 93 07:30:00 PDT Subject: Glitches in PGP Messages Message-ID: <01H43KOVVS5U000TY4@UNCVX1.OIT.UNC.EDU> And now for something completely different, a question. Lately I have been the recipient of PGP encoded messages which look like this: ------Begin PGP Message------- ssdfkighjsdw'kjojnhsfkassofka[ofk[oaekfowwjkg[owlketglks[orkg[wpokloekfgtfoweo sadifhjwpiejfowjieffgoweito[ikweo[gikw[oekjg[owkjgokjweljkgw[jfowjhygwrkoettf[ sadfflo sadkpjfpajf[oqwkfo[qkfo[qekf[oekqffoekfg[wekfgoejfgoiwqekjkff;lqfpkqwep sd;kljfgfgv'pkisjdfgf'pskjmdgvmeduwelgl;wleiogl;ed;h,./rthledky,elky;elrth;rel ------End PGP Message-------- PGP gives me an error message if I try to decrypt this ciphertext. However, if I edit the ciphertext beforehand (connecting the two truncated lines) , the ciphertext can be decrypted. Is this just a glitch in the transmission? What would cause a text line to be disrupted onto two lines? I suppose it could occur during downloading or when it is sent thru the NET. My friend uses MacPGP 2.3. This has happened the last two times I have gotten my buddies messages. Any ideas as to what the possible causes of this simple glitch could be? Thanks. Scott G. Morham ! The First, Vaccinia at uncvx1.oit.unc.edu ! Second ! and Third ! Levels of ! Information Storage and Retrieval ! DNA, ! Biological Neural Nets, ! Cyberspace From todd at tivoli.com Thu Oct 14 07:40:01 1993 From: todd at tivoli.com (todd at tivoli.com) Date: Thu, 14 Oct 93 07:40:01 PDT Subject: Breaking DES In-Reply-To: <9310130416.AA25367@netcom5.netcom.com> Message-ID: <9310141442.AA07423@palomar.tivoli.com> "Perry E. Metzger" writes: > > Doug Merritt says: > > pmetzger at lehman.com said: > > >Each DES block is eight bytes. You can't use hashing -- the idea is > > >nonsense in context. Did you read the original post? > > > > Yes, I did. If hashing doesn't work, you'll have to say why not. > > > It's a technique that works in most other situations. > > You don't know anything about hashing, then. > > When I use a hash table, it is never a substitute for storing the ^^^^^^^^^^^^^^^^^^ > actual value of the thing I'm hashing. Its always just a way of ^^^^^^ > rapidly FINDING the underlying object. I have to store the underlying > object in order to compare to it. As an example, in a hashed symbol > table, I store the actual symbols. > I haven't been following this thread very closely, but I do want to point out some serious errors in Perry's previous paragraph. Hashing can indeed be a substitute for storing the actual value of the thing being hashed, and it can often be used to reduce storage requirements. I'm not sure if it can be used in the case of a meet in the middle attack on double DES encryption; I'll have to leave the answer to that question up to those that are following this thread. I have used hashing in ways other than for *FINDING* the underlying object. Often, I don't need to know the correct answer to a question with 100% confidence. When I'm satisfied with an algorithm that gives the correct answer 99.999999999999999995% of the time I can use a good 64 bit hash as a surrogate for the actual value that may be too costly to store, compare, look up, or compute. The use of a message digest, like MD5, to insure message integrity is an example of this kind of "hashing". Other uses include keeping a short (say 32 bit) hash value in memory for every record stored in secondary storage. This allows very fast lookups that return negative answers, if the hash value isn't found there is no need to examine the values stored in secondary storage. For a large class of problems one expects not to find an entry for the record at all for most lookups. (Knuth uses the example of a hyphenation dictionary that stores exceptions to some hyphenation algorithm. Before applying the general algorithm consult the in-memory table to see if the word being hyphenated might even appear in the exception dictionary; there is no need to search the exception dictionary if it contains no words with the same hash value as the word being hyphenated. An example more appropriate for this group might be detecting replay attempts. One doesn't expect replay attacks to happen so the algorithm should be performance optimized with this in mind.) Finally, there are times when space-time kinds of trade-offs are being made in the design of an algorithm where hashing can be used. For example, if computing some value takes too long it may be possible to pre-compute it or cache previous computations of the value. Techniques like this are easy to apply and are frequently used, but there are times when it is infeasible to store all of the values one would like to for space or even security reasons. Instead one can store a hash of each value (presumably, the hash is smaller than the value like a 32 bit hash instead of a 64 byte value) and only bother to recompute the value when a matching hash indicates a high likelyhood that it will be useful to compute the value and check for an actual match. > You can lead a horse to water, but you can't make him think. The discussion on this thread doesn't seem to warrant statements like this. I've had the pleasure of working with some of the world's most talented computer scientists over the years, and I simply can't imagine one of them using a statement like this in the context of this topic thread. Statements like this are cute and impress me with the cleverness and humor of the author, but in writing they are so easy to misinterpret. In my opinion, they are best saved for use in social situations where some friendly kidding is going on, not mail groups where people are simply asking for help in understanding a subject they are unfamiliar with. Todd -- Todd Smith TIVOLI Systems, Inc. todd at tivoli.com 6034 West Courtyard Dr. Suite 210 (512) 794-9070 [794-0623 fax] Austin, TX 78730 From koontzd at lrcs.loral.com Thu Oct 14 08:30:00 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Thu, 14 Oct 93 08:30:00 PDT Subject: DES: breaking, attacking Message-ID: <9310141529.AA04661@nebula.lrcs.loral.com> >From: Karl Lui Barrus >interesting property of DES is that of complimentation. That is, if Thats complementation. T is the complement of T'. T is not complimenting T' on a new pair of shoes. >An upcoming book on cryptanalysis details this attack; the author >calculates success rates given various estimates for hardware (speed >and number) and frequency of key shifting. Whose book? There is a recent paper on brute force DES breaking: ripem.msu.edu:/pub/crypt/docs/des_key_search.ps, which discusses pipelined DES chips capable of doing 50 Million DES iterations per second. (I believe the rate is conservative, and can be increased by 50 percent.) The point being that any concept of time to attack DES found in print is in danger of being inaccurate shortly after publication. Also DES runs 1,000 - 2,000 times faster in hardware than software implementations (although someone sent mail saying they had a CRAY MP software version). NSA tried to get DES decertified for unclassified government data in 1987-88. I would guess they either saw the handwriting on the wall or have a key breaking machine. The machine in the paper cited above could break a key in 3 1/2 hours for $1 million in hardware costs, or a few minutes for $10 million worth of hardware. There are several criteria involved in cost/protection. NSA is still discouraging the spread of DES. Enough people using DES everywhere would make it harder to pick who they target, or require lots of key breaking machines to search for keys to lots of traffic. Assuming that an adversary had a machine capable of doing a search in 3 1/2 minutes that he could dedicate to finding your key, how often would you have to change keys to make it not worth while? If he was very interested in your traffic, it becomes a question of volume - can he decrypt all the traffic you generate in 24 hours in a 24 hour interval? A dedicated target search with unlimited money would make DES totally insecure. If on the other hand they have to wade through lots of encrypted traffic (Because there is no Law Enforcement Access Field ala clipper) from various parties, and it all needs to be decrypted, the cost/benefit ratio goes to hell. The real world falls somewhere in between. Hardware key attack machines can be defeated by using variants of the cryptographic algorithm they attack. Most variations of DES have been shown to be cryptographically weaker (Biham-Shamir, "Differential Cryptanalysis of the Digital Encryption Standard", (Chap 4), Springer-Verlag 1993). The Biham-Shamir book does point to at least one method of modifying DES that doesn't weaken it, incidently closing the complementation property. A lot of people have been using triple DES for years. There are several other schemes, or algorithms that are supposed to be harder to break for that matter. DES has had the lions share of non-government attention in the last several decades. From jamie at apl.washington.edu Thu Oct 14 08:56:58 1993 From: jamie at apl.washington.edu (Jamie Jamison) Date: Thu, 14 Oct 93 08:56:58 PDT Subject: DES Message-ID: Two questions about DES. 1) If the current, 56 bit, DES system is so easy to break why don't people switch over to a DES system that uses a larger key space, say 128 bits? People obviously aren't, so what's the barrier to this? 2) How much longer would it take to break triple DES versus standard DES using one of the key-breaking machines described? As an aside I'll point out that I go by the Yakima Research Station once a month when I'm out with my National Guard unit, this is the radio dish that's on the cover of _The Puzzle Palace_. It's not a very large installation. Jamie Jamison niteowl at u.washington.edu From hiscdcj at lux.latrobe.edu.au Thu Oct 14 09:16:57 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Thu, 14 Oct 93 09:16:57 PDT Subject: spread spectrum net (punk net) Message-ID: <9310141615.AA10497@lux.latrobe.edu.au> Hiyas, I've been discussing this with my friend who came up with the idea, and he said that if anyone wants to discuss this whole concept with him, feel free, he just doesn't have a huge mailbox, so he hasn't subscribed to the list. His address is: jon at werple.apana.org.au mention 'punk.net' which is his term for the concept. I prefer it to the current subject of 'spread spectrum nets' or whatever is the current vogue. Also, anyone know how to set up aliases under elm? Or is the list in general happy with this discussion taking place under the aegis of cypherpunks at toad.com ???? I'd set up an alias file under elm to handle this, and then we could boot off cypherpunk (maybe post a weekly digest or something) but the man page for elm is missing on this site (derrr...) Dwayne. (Dwayne Jones-Evans IRC: ddraig ) ( SCA: Cynon Yscolan ap Myrddin, Stormhold, Lochac, West) PGP public key available. finger me. be gentle. internet---> hiscdcj at lux.latrobe.edu.au From pmetzger at lehman.com Thu Oct 14 09:17:15 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 14 Oct 93 09:17:15 PDT Subject: DES In-Reply-To: Message-ID: <9310141616.AA11778@snark.lehman.com> Jamie Jamison says: > > Two questions about DES. > > 1) If the current, 56 bit, DES system is so easy to break why don't people > switch over to a DES system that uses a larger key space, say 128 bits? > People obviously aren't, so what's the barrier to this? DES only takes 56 bit keys. > 2) How much longer would it take to break triple DES versus standard DES > using one of the key-breaking machines described? Using brute force, it would take the cube of the time it takes to break single DES. Whether a more sophisticated techinque is possible is unknown. Perry From wcs at anchor.ho.att.com Thu Oct 14 09:32:15 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Thu, 14 Oct 93 09:32:15 PDT Subject: Spread-spectrum net (vulnerability of) Message-ID: <9310140715.AA20064@anchor.ho.att.com> Stuart Card suggests that, even if PCS devices are individually billed, a company could buy a herd of PCS accounts and rent them out to prepaid anonymous users, without the PCS vendor having to know individual IDs; the risk is that anonymous deadbeat users can rent them, run up big bills, and not pay. ("Let's rent sushi-net and not pay!") "What important point am I missing here?" Well, if PCS billing options are sufficiently flexible, XYZ corp could keep each account registered for a certain amount of usage with the PCS vendor; the user pays the rent to XYZ in digicash, and prepays for however many minutes of sushi-net he wants, and can update payments as he goes along, akin to putting more coins in a payphone. If you want convenience, prepay a lot, and only send updates occasionally; if you only make small payments, you may get hit with more transaction charges by paying more often. The exposure of the reseller is limited by the amount of deposit kept with the PCS accounts, or equivalently, the maximum charge permitted for the PCS accounts, and this may get handled by a prepayment deposit. The exposure of the customer is limited both by the prepayment amount he selects, and on the ability to tell the bank which digibucks were ripped off if the reseller defaults, if the digicash system supports that. Similarly, my exposure to ripoffs by the subway system is limited to how much I want to spend on metro tickets, as well as my ability to take (at the cost of anonymity) a bad metro ticket into the office and yell at people :-) Bill # Bill Stewart wcs at anchor.ho.att.com +1-908-949-0705 Fax-4876 # AT&T Bell Labs, Room 4M-312, Crawfords Corner Rd, Holmdel, NJ 07733-3030 After 10/15, NCR, Pleasanton CA, Beeper 510-224-7043, Phone/email TBD From baldwin at LAT.COM Thu Oct 14 09:46:58 1993 From: baldwin at LAT.COM (Bob Baldwin) Date: Thu, 14 Oct 93 09:46:58 PDT Subject: Generating random numbers from english text Message-ID: <9310141629.AA15178@LAT.COM> Hello, With the current random number discussion going on, I thought I would point out one convenient way to generate random numbers in the situation where you do not need to generate them frequently. I believe that Claude Shannon (Dr. Information Theory) proposed this: 1. Ask a person to speak about any topic for a paragraph or two. Instruct them to generate original sentences, not just repeats of some passage of a written work. Write down what they say. 2. The english language has an entropy of 1.0 to 1.5 bits per letter, so it is safe to extract one bit per character. If you read Shannon's work and its modern interpretation, you will understand that this bit per character is truely random. It is uncorrelated with all the other bits. The reason for avoiding a pre-existing written work (poem, article, story, etc), is to avoid a brute force search of the source language space. The modern version of this algorithm, is to compute the MD5 digest of a long text string. For a 128 bit digest, you need at least 128 characters of source language. For a larger random number, you can concatenate multiple MD5 values from multiple pieces of source text. If the random numbers form the basis of crypto keys, then it is important to make sure no one can uncover the original source text. --Bob From mg5n+ at andrew.cmu.edu Thu Oct 14 10:06:57 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 14 Oct 93 10:06:57 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310140244.AA04580@netcom2.netcom.com> Message-ID: Matthew J Ghio said: >Switching frequencies rapidly to prevent triangulation is still the best >defense. Doug Merritt wrote in reply: >Think from the point of view of the spotters. They can look at a >broad-spectrum scan, gradually eliminate known sources, and end up >homing in on the remaining high power signals. This is similar to the discussion of breaking advanced cryptographic techniques, comparing possibility to practicality. Sure anything is possible, given enuff resources. But the question is weather or not its feasible for them to try to track it down. If it takes them a month and costs them $10000 in equipment and salaries to track down one transmitter, then they haven't really accomplished much. I would say frequency switching would be better than a continuous signal spread across many frequencies. Here's why: Once you've locked onto a signal and try to triangulate, it's gone. After one transmitter has swithced off a certain frequency, another transmitter can use it. Multiple broadcast sources on a frequency give confusing readings which makes locating them difficult. Finally, why would the FCC or equivilent be trying to shut down such a network? Someone would have to complain first. And why would someone complain? They would only complain if the broadcast was interfering with their transmissions. This can be solved easily. While data was not being received, have the receivers monitor noise levels on various frequencies, and select only those not being used for transmission. This could be implemented without additional hardware, as we will already have an onboard computer for routing data, this would simly make use of idle time. (BTW many cordless phones already do this.) From VACCINIA at UNCVX1.OIT.UNC.EDU Thu Oct 14 10:36:57 1993 From: VACCINIA at UNCVX1.OIT.UNC.EDU (VACCINIA at UNCVX1.OIT.UNC.EDU) Date: Thu, 14 Oct 93 10:36:57 PDT Subject: SADF Message-ID: <01H43RKY0IVM000NKJ@UNCVX1.OIT.UNC.EDU> Matt wrote me: >Look at the keyboard and then look at the message. Now keep your hands in the >normal position and type random (psuedo) keys. Hmm... I tend to hit 'sadf' an >awful lot too. The text that I typed as an example (not an actual PGP message) does seem to have many repeating characteristics; I wonder if this affects the generation of PGP keys? If Matt tends to hit 'sadf' alot, maybe it happens with others as well. Perhaps random typing is not as random as one might think. Could this be true for both letters and keystroke time? What would be the consequences of this for key generation? Scott G. Morham ! The First, Vaccinia at uncvx1.oit.unc.edu ! Second ! and Third ! Levels of ! Information Storage and Retrieval ! DNA, ! Biological Neural Nets, ! Cyberspace From an41418 at anon.penet.fi Thu Oct 14 10:51:59 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 14 Oct 93 10:51:59 PDT Subject: DES Message-ID: <9310141751.AA06344@anon.penet.fi> I don't think it takes the cube of it. There are 56 bits in one key, and 112 bits in two keys, so there could not be an entropy of more than 112 bits to triple DES. It is no more cryptographically secure than double DES because it uses 2 keys. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From nobody at alumni.cco.caltech.edu Thu Oct 14 10:52:16 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Thu, 14 Oct 93 10:52:16 PDT Subject: Generating random numbers from english text Message-ID: <9310141748.AA11655@alumni.cco.caltech.edu> On Thu, 14 Oct 93 09:29:16 PDT., baldwin at LAT.COM (Bob Baldwin) writes: < With the current random number discussion going on, I thought < I would point out one convenient way to generate random numbers in < the situation where you do not need to generate them frequently. I believe < that Claude Shannon (Dr. Information Theory) proposed this: < < 1. Ask a person to speak about any topic for a paragraph or two. < Instruct them to generate original sentences, not just repeats of < some passage of a written work. Write down what they say. < < 2. The english language has an entropy of 1.0 to 1.5 bits per letter, < so it is safe to extract one bit per character. If you read Shannon's < work and its modern interpretation, you will understand that this < bit per character is truely random. It is uncorrelated with all < the other bits. The reason for avoiding a pre-existing written < work (poem, article, story, etc), is to avoid a brute force search < of the source language space. can you provide a citation? i recently read a paper Shannon wrote [1] on a study of randomness in english text, and this is definitely not the impression i got from it. in this study Shannon demonstrates that english-speaking humans are very capable of predicting the next letter of an unknown text given the letters up to that point (he also shows this for the reverse direction; that is, starting at the end of the text and working forward, subjects were almost as capable of predicting correctly as they were starting from the front of the text). this seems to imply that there is some non-random relationship (statistical or otherwise) among the letters in a text. might this redundancy be carried over into any encoding (MD5 hash, e.g.) of the text? theoretically, at least, this may compare to Vigne're ciphers; the key is based on some text other than the plaintext. < The modern version of this algorithm, is to compute the < MD5 digest of a long text string. For a 128 bit digest, you need < at least 128 characters of source language. For a larger random number, < you can concatenate multiple MD5 values from multiple pieces of source text. could someone here describe how this compares to other pseudo-random sources? how well would this function as a seed to some other pseudo-random number generation process? [1] Shannon, Claude E., "Prediction and Entropy of Printed English," Bell System Technical Journal, vol. XXX, No. 1, Jan. 1951, pp. 50-64. From mech at eff.org Thu Oct 14 10:56:58 1993 From: mech at eff.org (Stanton McCandlish) Date: Thu, 14 Oct 93 10:56:58 PDT Subject: notes on Gejdenson's House hearing on mass-mkt. crypto export ctrls. Message-ID: <199310141753.AA03361@eff.org> I have a document, described in the subject line, by EFF's Danny Weitzner If you'd like this posted (it's about 100 lines) let me know. It's FTPable at ftp.eff.org, /pub/eff/Temp, gejcrypt.exp -- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK -=> mech at eff.org NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1 From MJMISKI at macc.wisc.edu Thu Oct 14 11:06:58 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Thu, 14 Oct 93 11:06:58 PDT Subject: SADF Message-ID: <23101413042150@vms2.macc.wisc.edu> Scott, While the timing of the -kg keystrokes is 'more' pseudo-random (heh.) than is the obviously repititive nature of your first post you do bring up a valid concern that Im sure someone of the many PRNG people on the list can, and will answer. This particularly ties in with the thread coming in from the previous poster whom refered to the new pgp23a process of -kg. I would think that my typing while entering my pass phrase is *definitely* less random than when I am consciously aware that I am generating a key. (This very awareness of course makes the randomness less random, ugh! where is chaos when you need/want it?) --Matt ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From pmetzger at lehman.com Thu Oct 14 11:11:58 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 14 Oct 93 11:11:58 PDT Subject: DES In-Reply-To: <9310141751.AA06344@anon.penet.fi> Message-ID: <9310141809.AA11855@snark.lehman.com> wonderer says: > I don't think it takes the cube of it. There are 56 bits in > one key, and 112 bits in two keys, so there could not be > an entropy of more than 112 bits to triple DES. It is no > more cryptographically secure than double DES because it > uses 2 keys. In spite of the "standard" most people do triple DES with three keys. With the two key system, it would take T^2+T time to do the calculation, where T is the time to crack single DES on your machine. Perry From jthomas at pawpaw.mitre.org Thu Oct 14 11:16:58 1993 From: jthomas at pawpaw.mitre.org (Joe Thomas) Date: Thu, 14 Oct 93 11:16:58 PDT Subject: DES Message-ID: <9310141814.AA14779@pawpaw.mitre.org> > > 2) How much longer would it take to break triple DES versus standard DES > > using one of the key-breaking machines described? > > Using brute force, it would take the cube of the > time it takes to break single DES. Hmm... I can't figure out what it would mean to cube time. For two-key (112 bit) triple DES, it should be 2^56 times longer to exhaustively search the keyspace, with three keys, 2^112 times longer. This assumes the keysearch engine is pipelined, so each trial encryption takes the same amount of time, despite the additional rounds. Such a machine would cost more, of course, since it would have a longer pipeline, but wouldn't otherwise be significantly different in design. Back-of-the-envelope calculation: a design like the "7-hour exhaustive keysearch" engine for 2-key triple DES would take 50 trillion years or so to exhaust the keyspace. That's for a cost on the order of $1 million (it should be buildable for less than three times the cost of the 56-bit key version). Seems secure, but as Perry says, > Whether a more sophisticated techinque is possible is unknown. Joe From MJMISKI at macc.wisc.edu Thu Oct 14 11:21:58 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Thu, 14 Oct 93 11:21:58 PDT Subject: Glithces in PGP Message Message-ID: <23101411384099@vms2.macc.wisc.edu> Ummm... Thats not a PGP message ya got thare, but rather someone who likes to type gibberish and send it as a message. Look at your keyboard and then look at the message. Now keep your hands in the normal position and type random (pseudo) keys. Hmm...I tend to hit 'sadf' an awful lot too. --Matt ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From pmetzger at lehman.com Thu Oct 14 11:51:59 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 14 Oct 93 11:51:59 PDT Subject: DES In-Reply-To: <9310141814.AA14779@pawpaw.mitre.org> Message-ID: <9310141850.AA11890@snark.lehman.com> Joe Thomas says: > > > 2) How much longer would it take to break triple DES versus > > > standard DES using one of the key-breaking machines described? > > > Using brute force, it would take the cube of the > > time it takes to break single DES. > > Hmm... I can't figure out what it would mean to cube time. For > two-key (112 bit) triple DES, it should be 2^56 times longer to > exhaustively search the keyspace, with three keys, 2^112 times > longer. Lets assume we are using three keys, which I what I meant. Lets say 1 is the time do one encryption. (On a parallel machine, just think of things as being on a uniprocessor going N times faster.) It would take 2^56*N time to break single DES. My claim is that it should take (2^56)^3 = 2^56*2^56*2^56 = 2^168. Your claim, which is that it would take 2^56*2^112=2^168, which is the same. The only difference is that I didn't assume piplineing so there is a constant factor different floating around somewhere. Perry From whitfield.diffie at Eng.Sun.COM Thu Oct 14 10:52:01 1993 From: whitfield.diffie at Eng.Sun.COM (whitfield.diffie at Eng.Sun.COM) Date: Thu, 14 Oct 93 11:52:01 -0600 Subject: PK patents In-Reply-To: <9310140527.AA28238@longs.lance.colostate.edu> Message-ID: <9310141751.AA15104@lion.Eng.Sun.COM> > I forget if your name is on any patents. My name is on the exponential key exchange patent (4,200,770). I wasn't much involved in the filing process and the for all that it pays me royalties and is of commercial significance, I didn't pay a lot of attention to it. I can believe someone might write an entertaining article called the ``The Public Key Patent Squabble,'' but I have no interest at all in doing so. What exactly do you think I should have included? > I understand that the NSA tried to deny the RSA patent . . . > Do you know anything about what I'm talking about? No. But after all, the RSA patent was filed from MIT by people (R, S, and A) that I didn't know well till much later. There may have been some hankey pankey I didn't know about, but I certainly don't recall the New York Times article you refer to. The statement that ``They just got the application back rejected.'' Doesn't sound right to me. I presume that the Patent Office has to state why an application is returned. It's decisions, after all, are a constant subject of litigation and it must have to be very careful about following its own procedures. There was an interference between the RSA patent and the Pohlig-Hellman patent, which is the reason RSA didn't issue till '83. > I'm very concerned about some anomalies on the cypherpunk list. > Are you on it? Yes. Is that irregular or are you referring to something I haven't noticed? > In particular some messages you may have traded with T.C. May have > shown up lately and I'm a bit suspicious of some irregularities. That's because, as discussed one of Tim's messages yesterday, I normally send comments only to the people who posted and leave it to them to repost to the whole list if they think what I said is worthwhile. Like Tim, I have noticed that the list is cluttered with multiple responses to the same question. Whit From wak at next0.math.pitt.edu Thu Oct 14 12:12:29 1993 From: wak at next0.math.pitt.edu (wak at next0.math.pitt.edu) Date: Thu, 14 Oct 93 12:12:29 PDT Subject: Reason Magazine Nov 1993 Message-ID: <9310141912.AA05170@next0.math.pitt.edu> Cypherpunks and Extropians, I'd like to mention that the Nov 1993 issue of Reason ("Free Minds and Free Markets") magazine has an article addressing the issue of electronic privacy by Lee Dembart entitled "Hide and Peek". Walter A. Kehowski wak at next0.math.pitt.edu From mech at eff.org Thu Oct 14 12:17:00 1993 From: mech at eff.org (Stanton McCandlish) Date: Thu, 14 Oct 93 12:17:00 PDT Subject: pornography & the ``cypherpunk cause'' In-Reply-To: <9310130537.AA23327@longs.lance.colostate.edu> Message-ID: <199310141912.AA04581@eff.org> LD: [the comparison of EFF's note to CERT's, from L. Detweiler, that] > appeared here seems to have completely escaped many, or perhaps > everyone is intentionally evading it. The metaphor is extremely > compelling. Both are sent to operators in order to bring something to > their attention they `might' need to fix by an outside party generally > interested in the operators own best interests. While I'm not sure that > what CERT did was apropos, that warning was so *delicately worded*. In > contrast the EFF announcement SHOUTS IN YOUR EAR. the CERT announcement > was extremely diplomatic. the EFF announcement was SCREECHING. > > Do `we' have *any* consistency, sophistication, or coherence as a > group? Recent messages have DISMAYED me. is `our' philosophy nothing > but Beavis&Butthead style ``Gubberment and the Fedz and Pigs are THINGS > THAT SUCK and EFF is a THING THATS COOL.'' Or do `we' have no [...] > things like what has been called the `Tim May .sig Agenda' because some > people might have strong opinions? I won't speak for CPs at large on what is important to them, but I think several things are a little off here. To keep it short, and hopefully end this marginal thread, the important difference between the "warnings" from EFF and CERT [the old one, not the recent one about the security tester] is INTENT. CERT is not Officer Friendly. They can sometimes be OK, but the message in question was rather big brotherish. Does anyone here really WANT to have CERT telling you what they think you should do? I don't. The EFF on the other hand posted this material specifically to help people AVOID being trapped in a situation that may result in prison terms. The other side of the fence entirely. As I've explained to Lance in email, it's like the difference between a cop saying "I don't think you should be drinking", and a person warning their friend drinking in the park,"Better ditch that beer, here come the cops." That, and I really don't think that the TONE of "voice" of the messages in question have anything whatsoever to do with their content. At any rate, I'd really like to just table this matter, it is getting further and further afield. -- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK -=> mech at eff.org NitV-DC 202-232-2715, Fido 1:109/? IndraNet 369:111/1 From mech at eff.org Thu Oct 14 12:27:00 1993 From: mech at eff.org (Stanton McCandlish) Date: Thu, 14 Oct 93 12:27:00 PDT Subject: multiposts... Message-ID: <199310141926.AA04771@eff.org> Many apologies for the multiple posts that emmanated from eff.org yesterday. I noiced that both mine and Danny's showed up twice. No idea what caused it, but it does not appear to be doing it now... -- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK -=> mech at eff.org NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1 From an41418 at anon.penet.fi Thu Oct 14 13:40:00 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 14 Oct 93 13:40:00 PDT Subject: Digital cash Message-ID: <9310142037.AA07131@anon.penet.fi> Can someone explain to me how the system where double spending can reveal the identity of a user, but without double spending it is never discovered? I read the paper over and over, but I think a clearer explination would help. Thanks. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From strick at osc.versant.com Thu Oct 14 14:00:00 1993 From: strick at osc.versant.com (henry strickland) Date: Thu, 14 Oct 93 14:00:00 PDT Subject: about Cypherpunks (fwd) "instant faq" Message-ID: <9310142100.AA29030@osc.versant.com> Someone on the FutureCulture list asked about Cypherpunks. I took the opportunity to be the first to reply, to try to get 1) hard information there and 2) some practical advice on how to participate. I hope my tone was not too discouraging. Others might want to take advantage of the "instant faq" I threw together, if you see queries in other places. strick cypherpunks write code Forwarded message: # Subject: about Cypherpunks # To: FUTUREC at UAFSYSB.UARK.EDU # Date: Thu, 14 Oct 93 13:54:27 PDT # From: henry strickland # # # Does anyone here know about Cypherpunks? # # The list is pretty high volume, and is currently experiencing # signal/noise problems, but that should be nothing new to FCers :-) # # # # You might first check out the archives # # ftp://soda.berkeley.edu:/pub/cypherpunks # # to see if it holds your interest. It is a list on which you # should do some serious reading before beginning to post. # # # # cypherpunk strick # cypherpunks love to practice # # # # ----------------------------------------------------------------------------- # # Cypherpunks assume privacy is a good thing and wish there were more # of it. Cypherpunks acknowledge that those who want privacy must # create it for themselves and not expect governments, corporations, or # other large, faceless organizations to grant them privacy out of # beneficence. Cypherpunks know that people have been creating their # own privacy for centuries with whispers, envelopes, closed doors, and # couriers. Cypherpunks do not seek to prevent other people from # speaking about their experiences or their opinions. # # The most important means to the defense of privacy is encryption. To # encrypt is to indicate the desire for privacy. But to encrypt with # weak cryptography is to indicate not too much desire for privacy. # Cypherpunks hope that all people desiring privacy will learn how best # to defend it. # # Cypherpunks are therefore devoted to cryptography. Cypherpunks wish # to learn about it, to teach it, to implement it, and to make more of # it. Cypherpunks know that cryptographic protocols make social # structures. Cypherpunks know how to attack a system and how to # defend it. Cypherpunks know just how hard it is to make good # cryptosystems. # # Cypherpunks love to practice. They love to play with public key # cryptography. They love to play with anonymous and pseudonymous mail # forwarding and delivery. They love to play with DC-nets. They love # to play with secure communications of all kinds. # # Cypherpunks write code. They know that someone has to write code to # defend privacy, and since it's their privacy, they're going to write # it. Cypherpunks publish their code so that their fellow cypherpunks # may practice and play with it. Cypherpunks realize that security is # not built in a day and are patient with incremental progress. # # Cypherpunks don't care if you don't like the software they write. # Cypherpunks know that software can't be destroyed. Cypherpunks know # that a widely dispersed system can't be shut down. # # Cypherpunks will make the networks safe for privacy. # # ----------------------------------------------------------------------------- # # # A Cypherpunk's Manifesto # # by Eric Hughes # # Privacy is necessary for an open society in the electronic age. # Privacy is not secrecy. A private matter is something one doesn't # want the whole world to know, but a secret matter is something one # doesn't want anybody to know. Privacy is the power to selectively # reveal oneself to the world. # # If two parties have some sort of dealings, then each has a memory of # their interaction. Each party can speak about their own memory of # this; how could anyone prevent it? One could pass laws against it, # but the freedom of speech, even more than privacy, is fundamental to # an open society; we seek not to restrict any speech at all. If many # parties speak together in the same forum, each can speak to all the # others and aggregate together knowledge about individuals and other # parties. The power of electronic communications has enabled such # group speech, and it will not go away merely because we might want it # to. # # Since we desire privacy, we must ensure that each party to a # transaction have knowledge only of that which is directly necessary # for that transaction. Since any information can be spoken of, we # must ensure that we reveal as little as possible. In most cases # personal identity is not salient. When I purchase a magazine at a # store and hand cash to the clerk, there is no need to know who I am. # When I ask my electronic mail provider to send and receive messages, # my provider need not know to whom I am speaking or what I am saying # or what others are saying to me; my provider only need know how to # get the message there and how much I owe them in fees. When my # identity is revealed by the underlying mechanism of the transaction, # I have no privacy. I cannot here selectively reveal myself; I must # _always_ reveal myself. # # Therefore, privacy in an open society requires anonymous transaction # systems. Until now, cash has been the primary such system. An # anonymous transaction system is not a secret transaction system. An # anonymous system empowers individuals to reveal their identity when # desired and only when desired; this is the essence of privacy. # # Privacy in an open society also requires cryptography. If I say # something, I want it heard only by those for whom I intend it. If # the content of my speech is available to the world, I have no # privacy. To encrypt is to indicate the desire for privacy, and to # encrypt with weak cryptography is to indicate not too much desire for # privacy. Furthermore, to reveal one's identity with assurance when # the default is anonymity requires the cryptographic signature. # # We cannot expect governments, corporations, or other large, faceless # organizations to grant us privacy out of their beneficence. It is to # their advantage to speak of us, and we should expect that they will # speak. To try to prevent their speech is to fight against the # realities of information. Information does not just want to be free, # it longs to be free. Information expands to fill the available # storage space. Information is Rumor's younger, stronger cousin; # Information is fleeter of foot, has more eyes, knows more, and # understands less than Rumor. # # We must defend our own privacy if we expect to have any. We must # come together and create systems which allow anonymous transactions # to take place. People have been defending their own privacy for # centuries with whispers, darkness, envelopes, closed doors, secret # handshakes, and couriers. The technologies of the past did not allow # for strong privacy, but electronic technologies do. # # We the Cypherpunks are dedicated to building anonymous systems. We # are defending our privacy with cryptography, with anonymous mail # forwarding systems, with digital signatures, and with electronic # money. # # Cypherpunks write code. We know that someone has to write software # to defend privacy, and since we can't get privacy unless we all do, # we're going to write it. We publish our code so that our fellow # Cypherpunks may practice and play with it. Our code is free for all # to use, worldwide. We don't much care if you don't approve of the # software we write. We know that software can't be destroyed and that # a widely dispersed system can't be shut down. # # Cypherpunks deplore regulations on cryptography, for encryption is # fundamentally a private act. The act of encryption, in fact, removes # information from the public realm. Even laws against cryptography # reach only so far as a nation's border and the arm of its violence. # Cryptography will ineluctably spread over the whole globe, and with # it the anonymous transactions systems that it makes possible. # # For privacy to be widespread it must be part of a social contract. # People must come and together deploy these systems for the common # good. Privacy only extends so far as the cooperation of one's # fellows in society. We the Cypherpunks seek your questions and your # concerns and hope we may engage you so that we do not deceive # ourselves. We will not, however, be moved out of our course because # some may disagree with our goals. # # The Cypherpunks are actively engaged in making the networks safer for # privacy. Let us proceed together apace. # # Onward. # # Eric Hughes # # # 9 March 1993 # # From catalyst at netcom.com Thu Oct 14 15:00:01 1993 From: catalyst at netcom.com (Scott Collins) Date: Thu, 14 Oct 93 15:00:01 PDT Subject: Generating Random Numbers... Message-ID: <9310142157.AA12040@newton.apple.com> Bob Baldwin writes: >The english language has an entropy of 1.0 to 1.5 bits per letter, so it >is safe to extract one bit per character. [Shannon's work et al >demonstrates] that this bit per character is truely random. - entropy - In information theory, a visceral meaning of the term 'entropy' is 'a measure of surprise', or unpredictability. Entropy is the amount of information in some chunk of data, that could not be deduced. Equating entropy with randomness is a tautology. Entropy (like velocity) is relative, however, to the observer. If the observer has a good model of the data, the entropy will be low (not much information present). If the observer has a bad model, the entropy will be high. One example that demonstrates a difference in relative entropies is a block of ciphertext. The entropy of the block with respect to its intended recipient (who has the key) is low; with respect to an interloper (no key), it is high. - the entropy of english text - The paper cited by nobody, and alluded to by Bob Baldwin, is a landmark paper in estimating the entropy of english text. Note that these estimates are not lower bounds, but empirical values with respect to the human 'predictors'; and that the (1, 1.5) bits per character are an _average_ across an entire message. For example, if the message begins "Four score ", then, with respect to a typical American history student, there is very little entropy in the remainder of the sentence, should it continue " and seven years ago". - turning entropy into random numbers - >From reading Bob Baldwin's post, I am not sure how he intended to extract this 'one bit per character'. You would certainly not just pick the n-th bit from every byte. A good way to turn entropy into actual bits is to build a compressor. A compressor is usually a combination of a predictor (or model) and an encoder. The predictor plays the role of the human 'predictors' in Shannon's experiment, and for each new symbol of the message, generates a probability that represents (inversely) its 'surprise' at seeing that symbol. A good encoder uses the probabilities from the predictor to encode the symbol in the smallest number of bits. The better the predictor, the less it is suprised, the larger the probabilities it returns to the encoder, the fewer number of bits output. Thus, good predictors (and competent encoders) lead to efficient compressors. See Bell, Cleary, & Witten, "Text Compression" Prentice Hall, 1990. ISBN 0-13-911991-4. Especially Ch. 5 'From Probabilities to Bits'. - entropy and transformations - Both Bob Baldwin and nobody discuss the use of hash functions on the text to get random numbers, and wonder if redundancy in the underlying message will 'show through'. Cryptographically secure deterministic hash function are designed with this criteria in mind. That is, one goal is that the entropy in the bits of the hash itself, relative to an observer who knows the input stream, is 0; to an observer who does not know the input stream, it is maximal (i.e., has a lower bound related to your predictability in selecting an input). nobody asks: >could someone here describe how this compares to other pseudo-random >sources? how well would this function as a seed to some other >pseudo-random number generation process? Using hashes as random number generators is as secure as the hash which (for a cyptographically poor hash) may be dependent on the entropy of the input, and your use of it (e.g., don't always hash the 'Gettysburg Address' to get your random numbers). Using compression to convert the entropy in a message (with respect to the compression model) into a random number is dependent on the quality of the model. If you use a poor model, someone else will be able to find, and perhaps capitalize on, redundancy in your output. Related to this, in a conversation on this topic with Ron Rivest he noted that good enough compression might be secure in itself (with the model and its initial state as the key), and that he had students who were researching this. Hope this helps, Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com From wcs at anchor.ho.att.com Thu Oct 14 15:40:00 1993 From: wcs at anchor.ho.att.com (Bill_Stewart_HOY002_1305) Date: Thu, 14 Oct 93 15:40:00 PDT Subject: Generating random numbers from english text Message-ID: <9310142239.AA21234@anchor.ho.att.com> Bob Baldwin, describing Shannon's info theory stuff, said: > 1. Ask a person to speak about any topic for a paragraph or two. > Instruct them to generate original sentences, not just repeats of > some passage of a written work. Write down what they say. > 2. The english language has an entropy of 1.0 to 1.5 bits per letter, so Actually, if you've got an audio input on your computer, one way to generate "true" randomness for use in keys or whatever would be to turn on the microphone and _speak_ about any topic for a few seconds, and take the MD-5 of the sound file; the differences in voice, timing background noise, microphone quality, etc., ought to add a lot to the randomness. (Or else, turn on the mike and type N random characters and record them :-) From pdn at dwroll.dw.att.com Thu Oct 14 16:37:03 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Thu, 14 Oct 93 16:37:03 PDT Subject: cypherpunk mindWHAT? Message-ID: <9310142335.AA19400@toad.com> Hello, all! I assume all of you saw the message about 'cypherpunk mindfucking' today. It appears to have come from an anonymous mail system (unless S. Boxx is the name of the sender- but then, that name sounds a lot like the S-box used in the DES encryption scheme. Call me paranoid, or give me a point for catching an inside joke.) That said, it seems that the point of the message is that there is a lot of smoke coming from people who use aliases or anonymous remailer services to post to the cypherpunks list. Does this posting contribute to that problem, or have I missed something? > i've been monitoring the list for some time. > something needs to be done about the fucking perversions. we are being > mindfucked by traitors. > thanks to everyone who has sent me mail. keep it coming. i intend to > get to the ugly bottom of this if i have to. there is a putrid rotten > stench here, i pray to GOD that others will finally smell it. i'm > getting closer. i'm breaking it _wide_ open. the pretenders and > traitors will be shot. the Cause has been stalled. the Cause will > conquer. the Cause will live on. What the hell ?!? I've either missed something significant (and would appreciate enlightenment) or this is a candidate for 'strangest post of the year'. If 'S. Boxx' really exists and is the author of this posting, I apologize- if not, then come out from behind your damn remailer and quit contributing to the problem. As for monitoring the list for traitors, go ahead- I post under my own name, and I don't give a shit what you do with the text. If I was concerned about lurkers building 'traitor files', I'd encrypt my messages and happily watch you choke on them. ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From mg5n+ at andrew.cmu.edu Thu Oct 14 16:40:00 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 14 Oct 93 16:40:00 PDT Subject: Glitches in PGP Messages In-Reply-To: <01H43KOVVS5U000TY4@UNCVX1.OIT.UNC.EDU> Message-ID: > PGP gives me an error message if I try to decrypt this ciphertext. However, if > I edit the ciphertext beforehand (connecting the two truncated lines) , the > ciphertext can be decrypted. Is this just a glitch in the transmission? What > would cause a text line to be disrupted onto two lines? I suppose it could > occur during downloading or when it is sent thru the NET. My friend uses MacPGP > 2.3. This has happened the last two times I have gotten my buddies messages. > Any ideas as to what the possible causes of this simple glitch could be? Thanks. It's probably an incompatible CR/LF setting. Try asking your friend to set up his software to add line feeds to carriage returns. From mg5n+ at andrew.cmu.edu Thu Oct 14 16:57:03 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 14 Oct 93 16:57:03 PDT Subject: DES In-Reply-To: Message-ID: Jamie Jamison wrote: > Two questions about DES. > > 1) If the current, 56 bit, DES system is so easy to break why don't people > switch over to a DES system that uses a larger key space, say 128 bits? > People obviously aren't, so what's the barrier to this? It's not easy to break. It is possible to break it with about $1 million worth of specialized computing hardware. Many programs, such as PGP, do use larger keys. > 2) How much longer would it take to break triple DES versus standard DES > using one of the key-breaking machines described? If all combinations had to be tried, it would take 2^112 times longer to break a triple DES (168 bit) code than to break the standard 56 bit code. From 72114.1712 at CompuServe.COM Thu Oct 14 17:20:02 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Thu, 14 Oct 93 17:20:02 PDT Subject: KIDDY KRYPTO Message-ID: <931015000719_72114.1712_FHF30-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, I was just watching cartoons on TV with my granddaughter. I almost missed a commercial that is right up our alley. Casio has come out with something called, "My Magic Diary." It's a kids' version of the electronic pocket planner. What caught my attention was its password protection of the kid's privacy. How subversive! Kids can now buy an encryption product to keep their secrets, secret. I imagine the password system is extremely unsophisticated, but I wouldn't be surprised if it were parent-proof. Sure beats the hell out of those pitiful little traditional diaries with their oh-so-pickable "locks." Want to raise the consciousness of the next generation? Give "My Magic Diaries" to the kids of your anti-privacy relatives and acquaintances. It will empower the kids, frustrate their parents and help pave the way for a pro-privacy future. Like the song says, "Teach your children well" (or your neighbor's children). Know any cops with kids? S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From mg5n+ at andrew.cmu.edu Thu Oct 14 17:30:00 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 14 Oct 93 17:30:00 PDT Subject: SADF In-Reply-To: <01H43RKY0IVM000NKJ@UNCVX1.OIT.UNC.EDU> Message-ID: VACCINIA at UNCVX1.OIT.UNC.EDU wrote: > The text that I typed as an example (not an actual PGP message) does > seem to have many repeating characteristics; I wonder if this affects the > generation of PGP keys? If Matt tends to hit 'sadf' alot, maybe it > happens with others as well. Perhaps random typing is not as random > as one might think. Could this be true for both letters and keystroke > time? What would be the consequences of this for key generation? Actually, as you learn to type certain words or phrases very well, your keystrokes do become very regular. Many years ago, (around 1988 or so) there was a popular online game called Spacer's Quest, which used keyboard timings for random numbers. Many people who played the game regularly started noticing that they would repeatedly find the same things in the same places, even tho it was supposed to be random, because they were habitually responding to the prompts almost the same way every time. However, I suspect that this was an extreme example, since the anti-random effect was intensified by slow modems, which could not convey timing differences of less than 1/240 of a second at 2400 bps or no less than 1/120 of a second at 1200 bps. This probably would not happen with PGP, because on the local console you could measure timing differences of a few millionths of a second (well, at least less than a thousandth of a second), and it is very difficult to be that precise in typing something the same way twice. Besides, even if your typing caused the same public key to be generated twice (highly unlikely), that doesn't help anybody else generate it. From mg5n+ at andrew.cmu.edu Thu Oct 14 17:32:04 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 14 Oct 93 17:32:04 PDT Subject: DES In-Reply-To: <9310141751.AA06344@anon.penet.fi> Message-ID: Wonderer wrote: > I don't think it takes the cube of it. There are 56 bits in > one key, and 112 bits in two keys, so there could not be > an entropy of more than 112 bits to triple DES. It is no > more cryptographically secure than double DES because it > uses 2 keys. Wouldn't "triple-DES" imply three keys, or did I miss something? From exabyte!smtplink!mikej at uunet.UU.NET Thu Oct 14 17:42:03 1993 From: exabyte!smtplink!mikej at uunet.UU.NET (Mike Johnson) Date: Thu, 14 Oct 93 17:42:03 PDT Subject: Generating random numbers Message-ID: <9309147506.AA750645992@smtplink.exabyte.com> If you have an audio input to your computer, try recording noise from a fan, traffic on a busy street, or the roar of a crowd at a football game. Then compress the output to remove any obvious redundancies such as 60 Hz hum from a fan motor or unused dynamic range of the input digitizer. This results in much better "randomness" than some keystroke timing techniques. Of course, writing cryptographic software would be a whole lot easier if all computers had a built in real random number generating device that could produce quantum physics related data as fast as you could read it. Anyone want to build a serial or parallel port attachment that could be read by any software needing random numbers for crypto or other applications? Mike Johnson mpjohnso at nyx.cs.du.edu From mg5n+ at andrew.cmu.edu Thu Oct 14 18:02:03 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 14 Oct 93 18:02:03 PDT Subject: Secret network In-Reply-To: <9310130226.AA14844@uc1.ucsu.edu> Message-ID: Stuart W. Card wrote: > Trying to transmit meaningful communications at high data rates > over water pipes would be a TREMENDOUS technical challenge, > requiring a vast amount of signal processing to compensate > for multipath reflections, impedance mismatches, thermal noise, > pickup of an almost variety of interference soures... Well, I'm sure that multipath reflections would cause wave interference which would garbel whatever was modulated on that signal, however, the carrier wave itself would still be detectable. Suppose you were to broadcast a short burst of a signal at 250,000 hz into the water system. You would get lots of echos, noise, etc, but it would still be detectable as a 250,000 hz signal. It might not be possible to tell exactly what that signal was, but you could still detect the frequency; you could tell that, in fact, a 250,000 hz signal had been sent. Now you could determine the minimum interval of time necessary between bursts for the receiver to be able to identify them as seperate bursts. Having done this, you could send 250,000 hz bursts at regular interals, and then accompany some with 500,000 hz bursts (one bits) and leave the other pulses without an accompanying transmission (zero bits). I'm not really sure what frequencies would work best, that would probably have to be determined experimentally. From ee at lever.com Thu Oct 14 18:07:03 1993 From: ee at lever.com (Edward Elhauge) Date: Thu, 14 Oct 93 18:07:03 PDT Subject: pornography & the ``cypherpunk cause'' In-Reply-To: <9310140227.AA02879@netcom2.netcom.com> Message-ID: In message <9310140227.AA02879 at netcom2.netcom.com>, Doug Merritt writes: >Edward Elhauge said: >>A counter-example might be: >> 1) Someone breaks down my door while I am eating. As per California law >>there is a REBUTABLE PRESUMPTION (embedded in statutory law) that my life is >>in danger and that deadly force is justified. Consequently, my response to th >e >>situation is ruled justifiable homicide. > >Doesn't this need to be phrased more cautiously? As I understand it, you >need to demonstrate to the jury that you feared for your life, and someone >breaking down your door is not enough for that. Unlike in some other states, >in California it is essential that there be a clear threat to your life. No the door breaking down is good enough. The legislature explicitly said that that was good enough regardless of what common law might say. The phrasing refers to a "tumultuous" entry, so breaking through a window or wall would count too. This does not apply if a family member is involved. Back to the relevance to knowledge of illegal info; the presumption is REBUTABLE. For instance if the person was searched before entering the property and it can be proven that you knew that they were unarmed you would be guilty of some level of murder. A less jarring example might be the protection couriers such as UPS have. If in the normal course of business they can't know what they are handling they are not responsible for the contents. Both these protections and the email protection revolve around letting people carry on business in a routine way, without being second guessed latter. Society needs common carrier like transport of mail and objects and it isn't feasible to check each package so a cut and dried protection is extended. Society realizes that most of the time a person breaking down a door is a danger and that there is no time for the defender to research the situation if they are going to protect their lives. Occasionally the rule of thumb turns out wrong (what if my neighbor breaks down my door because they see a fire in my house that I am not aware of). That is why we need these protections. >>Your example doesn't involve a law that requires knowledge or a state of mind >>to be guilty. Laws about the transport of illegal information do! > >I tend to be concerned about arguments that don't take the infamous >"ignorance of the law is no excuse" into account. That is, one needs to >make a clear distinction between ignorance of the law and ignorance of the >action itself. Exactly right. We are assumed to be knowledgeable of the law no matter how unreasonable it is. [It is physically impossible for one person to keep up with all law]. In certain cases ignorance of facts or actions is a protection though. I would rather not have seen the EFF warning and I never looked for those files; it isn't my responsibility. -- Edward Elhauge -- ee at lever.com -- Lever Industries, San Francisco "At every stage of history our concern must be to dismantle those forms of authority and oppression that survive from an era when they might haave been justified in terms of the need for security or survival or economic development, but that now contribute to -- rather than alleviate -- material and cultural deficit." -- Noam Chomsky From VACCINIA at UNCVX1.OIT.UNC.EDU Thu Oct 14 19:02:20 1993 From: VACCINIA at UNCVX1.OIT.UNC.EDU (VACCINIA at UNCVX1.OIT.UNC.EDU) Date: Thu, 14 Oct 93 19:02:20 PDT Subject: Spread Spectrum Net Message-ID: <01H4491PRPG2000ZKW@UNCVX1.OIT.UNC.EDU> I have been reading with interest about a wide variety of conduits for signals that could be used for a spread spectrum net (water pipes, power lines, radio signals etc.). Is the electromagnetic signal which could be sent thru pipes and electric power lines known as a carrier wave? I seem to remember a short story by John Varley (The book of short stories is called 'Blue Champagne'), which somewhat chillingly described what a newly evolved AI entity could do with a spread spectrum net. To find out PRESS ENTER: Scott G. Morham ! The First, Vaccinia at uncvx1.oit.unc.edu ! Second ! and Third ! Levels of ! Information Storage and Retrieval ! DNA, ! Biological Neural Nets, ! Cyberspace From trebor at foretune.co.jp Thu Oct 14 19:17:03 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Thu, 14 Oct 93 19:17:03 PDT Subject: KIDDY KRYPTO In-Reply-To: <931015000719_72114.1712_FHF30-1@CompuServe.COM> Message-ID: <9310150214.AA14778@dink.foretune.co.jp> Sandy writes: >I was just watching cartoons on TV with my granddaughter. I >almost missed a commercial that is right up our alley. Casio has >come out with something called, "My Magic Diary." It's a kids' >version of the electronic pocket planner. Low tech. Here in Japan the latest rage are these little pocket devices that let you type in a message and IR beam it to your buddy's device. Great for the classroom, or when your friends have been caged up by an evil demonic rock-star (as in the commercial, starring the demon-rock-star who was on Larry King when he was in Tokyo [fun guy, btw]) From doug at netcom.com Thu Oct 14 20:12:04 1993 From: doug at netcom.com (Doug Merritt) Date: Thu, 14 Oct 93 20:12:04 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: Message-ID: <9310150310.AA26447@netcom5.netcom.com> Matthew J Ghio writes: [ several good points ] On the other hand, this particular approach to spread spectrum is mostly depending on avoiding getting the FCC annoyed in the first place, which means that bandwidth consumed per unit metropolitan area must be below some particular threshold. If that net became very popular, it might be difficult to hold down to the required level. If the FCC *did* go after the transmitters, it wouldn't cost them anything like $10K per to find. Well, I dunno, I suppose you could assume that the transmitters are awfully hard to distinguish from ambient sources, but it would take more than handwaving to establish such a high cost to the FCC. I'm willing to believe some such design is possible, but I wouldn't want to leave it to chance and oversight. Also, let's say you had a good design that cost the FCC a fair amount of bucks to design a specific detector using a targeted active filter, for instance. Then you'd be safe right up to the point where it's not worth their while, and the network grows, and then suddenly they invest the time and money to build something that can catch dozens of transmitters per day. In other words, you'd want something that still worked even given growth and success. Doug From arthurc at crl.com Thu Oct 14 21:17:05 1993 From: arthurc at crl.com (Arthur Chandler) Date: Thu, 14 Oct 93 21:17:05 PDT Subject: Passwords (fwd) Message-ID: There's a thread on MOO-Cows -- a list primarily for folks interested in the technical side of maintaining MOO databases (new releases of the core, bugs in current core, questions about MOO-coding, etc.) -- that has to do with passwords and encryption. It's been the fond hope of many people in the MOO world that someone will come up with a kind of gateway that will let players move from one MOO to another. There are lots of problems -- different ID numbers for the (essentially) same objects in each MOO, different criteria for membership in different MOOs, etc. But one really fundamental issue is: how can you use the same password to move from MOO to MOO? I'm forwarding the essentials of the thread, plus one ambitious proposal for solving the dilemma. Anyone here got any thoughts on the problem and/or its solution(s)? ---------- Forwarded message ---------- Date: Thu, 14 Oct 1993 09:07:31 PDT From: Off-path travel kills plants 14-Oct-1993 1122 To: "uso01 at mailhost.unidata.com"@us2rmc.enet.dec.com Cc: moo-cows.parc at xerox.com Subject: RE: Passwords Somebody I know is trying to figure out a secure way to handle passwords in a MOO-to-MOO connection system. The idea is to set it up so players can "walk" from MOO to MOO without worrying that their passwords are compromised. Something that occurred to me is that perhaps the first MOO could take the already-encrypted password of the player, and pass it to the second MOO. Then a simple comparison to see if the encrypted passwords match. Does this work? No!!!! It does not work, and as a matter of fact, it is worse than sending a plaintext password. The reason is that not only is your plaintext password a piece of valuable information, but the encrypted password is, too. Possibly more valuable. If you *merely* send the encrypted password, and then merely compare it against what's in the database on the other side, then what you've done is manage to reduce the problem of encrypted passwords to the previously solved problem of plaintext passwords. All you're doing with the "encryption" is transforming the plaintext password "alacazam" into "p9&5kgwqp%$3=l" which is less human readable, but once snarfed off the net by an interloper, all they have to do is hack up a client to send MOO2 a connect that says, "Hi, I'm an inter-MOO connection, here's the encrypted password for Soandso." Poof, they're in. If you want to have a secure login system you have to go to a little more work. I'll describe a mechanism that is actually in place in a business oriented MUD called "Meeting Space" today. (1) Get yourself a 1-way hash algorithm. MD5 is good one. If you need MD5, send me mail, I'll dredge it up for you. It's stuffed on my cognitive prosthesis somewhere. (2) The client to your MOO sends the server a message. The message says, "Hi, I want to log in as Soandso." (3) The server has in its database Soandso's password. The password has been munched up with MD5 and also some random stuff, called "salt" in the trade. It's there to simply make it harder for someone to grind up /etc/passwd and do simple comparisons. The server sends back a message to the client that says, "Cool. Do this for me. take the salt characters "fnord" and the string "172355555" and grind them all up together, and send me back the answer. The latter string is a quasi-random, non-repeating message. The easiest way to get one of those is to call time() and turn it into a string. If you want to get fancy, toss in some things like the number of pagefaults the system has done, concatenated with the number of times that you've authenticated someone today, and so on. The time is really good enough as it is, though tossing in the number of times you've played this game makes it foolproof. The real point is that you can't *ever* use this query again. How you construct such a message is up to you. What you're doing is making a "one-time pad" in the lingo. (4) The client does all of this, using MD5 to grind up the plaintext password, and the extra stuff (the client doesn't really need to know what the meaning of the extra stuff is, it just has to grind it all up), and sends the server back the result. (5) The server mixes up the extra stuff with its already-hashed password and compares the result to what the client sent. If they match, the client gets in. If not, the server sends back a message that says, "No, sorry." There are many other possible algorithms. The trick in thinking about them is to assume that there are other people are listening. In our case, assume there's an eavesdropper, with total knowledge of the algorithm. What have they learned? Well, they learned what the system time on the server was. No harm in that. They learned the client's password's salt. This is mildly irksome, but only mildly. This potentially makes it easier for them to use a dictionary- attack on the password, but not really. For anything that's really useful, it's *far* easier for them to figure out how to hijack the whole database. All they really know is that every time you log in, the magic question is going to have a constant in it. Big deal. Note that while not perfect, all forms of attack on this system involve both hacking up a client and stealing the server's database. While not an unattainable task, an authentication system like this is *more* secure than the authentication system used to let you log into a privileged account on the host operating system, even ones as reasonably secure as unix and VMS. How's this, clear as mud? Unsolved problems (left as an exercise to the reader): (1) Securely changing Soandso's password in the presence of eavesdroppers. (very hard without a pubic-key crypto system) (2) Managing the plaintext password on the client system (which is required here) so that it isn't compromised. (rather easy) Jon From tcmay at netcom.com Thu Oct 14 21:40:02 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 14 Oct 93 21:40:02 PDT Subject: Spread-spectrum net (vulnerability of) In-Reply-To: <9310150310.AA26447@netcom5.netcom.com> Message-ID: <9310150438.AA06433@netcom5.netcom.com> Doug Merritt writes: > On the other hand, this particular approach to spread spectrum is > mostly depending on avoiding getting the FCC annoyed in the first place, > which means that bandwidth consumed per unit metropolitan area must be > below some particular threshold. If that net became very popular, it > might be difficult to hold down to the required level. > > If the FCC *did* go after the transmitters, it wouldn't cost them anything > like $10K per to find. Well, I dunno, I suppose you could assume that > the transmitters are awfully hard to distinguish from ambient sources, > but it would take more than handwaving to establish such a high cost to > the FCC. I'm willing to believe some such design is possible, but I > wouldn't want to leave it to chance and oversight. Reports in newspapers I've just been reading about the search for "Warlord" Aidid in Modadishu indicate that tracking "low-tech" transmitters (low-power walkie-talkies, small radios) has been a real problem for the military, the CIA, and the NSA. This week's "Newsweek" reports: "Why can't Mohammed Farah Aidid be captured?...Aidid rarely talks on the radio, preferring messengers. The Pentagon tries to use signal direction-finding equipment to home in on his propaganda broadcasts. But Aidid usesa mobile, low-power transmitter, turned on erratically, making it impossible to fix his position. "Low tech is baffling high tech," says a Pentagon aide." ("Newsweek," 10-18-93, p. 38) Now this does not disprove Doug's point...I just submit it as evidence that the combined forces of the CIA/military/NSA/etc. are probably spending a whole lot more than "$10K per" and still can't find the transmitters reliably. Given many thousands of low-power transmitters, complying with "Part 15" FCC restrictions (i.e., down near the noise level of equipment and consumer radio devices requiring no licenses), and given dispersion in hundreds of cities, including some "just across the border" in Mexico or Canada, and I'd expect few busts. (And if the transmitters are really Part 15, what would be the grounds of the bust? After all, computers put out RF at these levels, as do many other sources.) Food for thought. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From hal at alumni.cco.caltech.edu Thu Oct 14 22:27:32 1993 From: hal at alumni.cco.caltech.edu (Hal Finney) Date: Thu, 14 Oct 93 22:27:32 PDT Subject: test post Message-ID: <9310150523.AA24699@alumni.cco.caltech.edu> I apologize for the bandwidth waste, but I have sent four posts to the list this week from my usual posting site and none of them have appeared. Ironically, the first two (the second one was a re-typing of the first) discussed the unreliability of email and its implications for mailing digital cash. I also sent a 13K byte message describing how Cah\\ Chaum arranged to detect double-spenders of digital cash. If this message appears I'll try re-sending some of the others. Is anyone else having posting problems? Hal hal at alumni.caltech.edu From zeek at IO.COM Thu Oct 14 22:57:05 1993 From: zeek at IO.COM (zeek) Date: Thu, 14 Oct 93 22:57:05 PDT Subject: The Bank of the Internet!? (fwd) Message-ID: <9310150551.AA09472@illuminati.IO.COM> More news from FUTURE-C in Re:gards to The Bank of the Internet. I say again that I know not much about this biz or crit... I only post it here for your info: Forwarded message: *> Date: Tue, 12 Oct 1993 22:13:35 -0700 *> From: John Frost *> Subject: Re: The Bank of the Internet!? *> *> The Capitalization of the Internet. And I thought it was gonna come from the *> outside. All this talk of AT&T or TCI buying parts of the net and eventually *> kicking those who won't pay exorbinate prices (that is the nightmare, right>) *> off the Internet (or the DataHighway, as it will then be called) is just dust *> in the wind compared to what this Eric guy is planning. *> *> Actually, his idea isn't that bad. It would certainly help those shareware *> developers to earn some dough and us Authors could get a few pennies for our *> words. It won't be too long before somebody thinks they have information that *> people would be willing to pay for. They'll set up an email list and you'll *> have to pay to be on it. Clarinews will make more money. The Electronic Zines *> can recover some costs, and even the OTIS gallery could collect some dues. *> Soon it will become obvious who has the capital to control the net's *> information (my bet is on Bill Gates), and a new hierarchy based on the old *> hierarchy of capitalism will soon run the Internet. (this is of course a bleak *> vision, but I haven't been given reason to think otherwise.) *> *> Chandler wrote this: *> + But the real boggler is that this fellow Eric is, with the backing of *> + the Electronic Frontier Foundation, going to start a Credit Union based on *> + up-to-date encryption schemes and using the Internet as the monetary *> + highway! It involves using something called digital money -- a system of *> + encrypted data that expires over time, but that a highly flexible ability *> + to purchase quantities or services. The data itself will be located *> + over several nodes, so that no one site has all the info about your *> + account, but that any "quorum number" of bank nodes can reconstruct the *> + whole picture of your assets. Anyone trying to crack the system would *> + have to crack, not just one or two nodes, but a quorum number. Such nodes *> + will be distributed internationally, though favoring nations with *> + encryption-favorable legislation. *> *> Sounds Technically sound, but as a political entity? I don't think it will *> hold water. Doesn't it have to pass the Federal Banking System board or *> something. THat should take nearly 5 years. Buy then don't you suspect the net *> will have morphed beyond the culture that would make this system needed? *> *> This feels like just another introduction of what was bad in the ER (everyday *> reality) that we might surpass in VR. *> *> + I'm oversimplifying all this. But the whole notion of a Bank of the *> + Internet, backed by the EFF and running encrypted international monetary *> + transactions seems... well, this is Future Culture: what do you think? *> *> It Stinks. Where do I sign up. *> *> -indigo *> ------------------------------ From nobody at cicada.berkeley.edu Thu Oct 14 23:17:23 1993 From: nobody at cicada.berkeley.edu (nobody at cicada.berkeley.edu) Date: Thu, 14 Oct 93 23:17:23 PDT Subject: Crackers Exposed! Message-ID: <9310150611.AA22950@cicada.berkeley.edu> COURTESY OF THE UNITED STATES SECRET SERVICE (WITHOUT PERMISSION) THE MASTERS OF DECEPTION "MOD" CIRCA NOVEMBER 1990 GIF87A FORMAT, GREYSCALE begin 444 MOD.GIF M1TE&.#=AD`&0`?<``````,8```#&`,;&````QL8`Q@#&QL?'Q\?FQZK2_/O[ M^^GIZ=C8V,7%Q;.SLZ&AH8^/CWQ\?&IJ:EE964='1S0T-"(B(A`0$``````` M@`"`@`"``("``(```(``@/S__SB`@(#_`#@X`/S2JO^``*BCHX`X`(``_X`` M.``X@``````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M```````````````````````````````````````````````````````````` M`````````````````````````````````````````/___*.CJ("`@/\```#_ M`/__````__\`_P#______RP`````D`&0`0`(_P`Q"!PX\,(%@@@3*ES(L"%# M"Q`C2I18 at 8*$"`\>.(`P88($"1,J0*Q0D8)(@R at O3(28LJ4%A2T-.IQ)LV9# ME!)CZEQI<*4%G4"#!K594ZC1HT8=(EV*DB&`IU`!+/QYD*C5JRY]^J2`4:.# M!@\B7`0ILD+'CA2HIO09]&5"H5?C6HV9\RA/E7>9ZHTI=Z_?OX"7.HWZ]&U* MN8 at ++M4ZLB)&!U\;-(#\@*/)BF?3[JR[-R)0SX!!L\RJ%B=GTUI[,A8=D61I MI*`#RYY-NS;>8;E9T$%$K#'P&3#";=1?";1YY^'W"FX M7W3\*C:GZ!>.5?-))WXWD$VC>163\V$&2&#F04 M69K&E43!FS#2UJ2<<8[8XHY1XMD:E?S5F9Z?T\VYY5Y=-O at E0C+-))M^/I$T MP6-F"@E9FAEY%99\;\(YZ*9.^F8?BBH)R*=W5I+8(J>H'I50C0[NMM"6C*[_ M]*8$$#P0Z9F35E8K96(=!VBJ?RX8Z(X\IHCJQB5A:7N^ MB=&M04JJ:Z5&RK0VZZYRAPW$ZH-8_4GM2!1T M1*M[Q`W);7RN]2?HD^,63)NYPS:7KJCMPOONPP8G*A"K,+I5;VW2C4E2OAX% M-^G'[CG0*WY:\KC=P`[[5AO"YY:J[K'!0BQSEJ411+&K%]/)HUF9Y7L1!$"# M+%R0#[1),K/1N=PNR at 0?+-2):S$<\\Q4PU:SO-`.A5C#(TZ)6<\^1R!VI1^; MN5%:&:]&W!(YVLR\?>G??F+\;+MZ%:(P8XQJUE6OCI'9,M69`. M')FPVO=-2^QT@=+.'7;7!3PY=)SW?N#>&,Q;%8X#4;XSQZBC%78$NQ+WP`3W M/JZYYK?/'J["=3Y>G^[U3>[[]^QZ'CRTQ!/$+KX>?012X6\:WE7B$&AFHG5- MP[H[RB5[+6KF>PX8+O@`G$UW;$:^\LWM18[2E_IZ)J#V'8Y;QED1["2WJ;A9 M;EA&01_J/B*?8ZWK?P$,(,@\"8E&?#/]?$[<1LDB$P-(/UD!GP/RD<'V941%+7L:S!7:D M<7>"6I64=B]T1D8BJ`2XQ*AB`2!-MR)S!H:Y# M2$N at X4(BP2]V*E8ELU?=&F41L8QM2$)+D]A"TL).I8J+;!37\-X(E3C.D8Z+ ML:/R?(6TQF`&)/++8O[2:#+C]6F0*ZD(K8"V*THE,B-F9!;U](;)2&Y18I0L MC,4@)"(]8JI#-AQ39M9F2 at I6\%ZD424K:T4V?Y%1;$>:83%MB;="P1%,]MN? M_^:G/V(J:9I6LYUIJFA('_[(F64$(MH<2"C_MEH!S2N3FDQE`'8T=QH4+PRZ)F]\1T_.C"XSI2D`;9K02HJT:GF17 at X#>5(!3E.?'6NE4-=W MD6;FJC)H(>*`[JE49S6U,$^E6E2ERA@,JC%P&,,,,[\*1/>U,E=BZ:!8J436 MLJ;JI at I-C%7/)4BV&C8K23ME=MQ:+/]D9V-G5":_(`.T'G[D?6.$)C"CEE2_ M@@^P3LUIYQA+.L.:%K'.N=SN2`LJ/0&G5Y97RX5$Y"U'/ M7 at FT:!6MRFY7H at _QE*W=LR>67J>GDGZQK:%Z5*V"V+ZQWD5I>M"W%K M5ZSC;DQ3VMF3AG>Y>$$P>:-ES=`*5D)TN]\?3_NA)YG6O<:]\&HO<-\@RN=1 M`,76F01:JTB)#)IA1*,$21C=-;S/AC"+0.0J2Z<7`MKN)X_ M;FZ`.L:\14HWQ`Q8@)*5G"$U9=2V>E6Q212G&::ARA3HH)O*0D MKC&I^M>0WGBT\C5I,,D&R2 M%FLG2A at G^-16:QNCJ=;EP/8E9E@^;&I3[<G%P2AB*C7:@>_.GRH3C-T24WK4=MZPPK.-2I) MMK'T=35QB21.1LD(TV-_*-G>#C.W4PO?>DLSL6N,Z(*J'=QW*NIW84;NM\5, M3:SJB]T:*>JZ$8[G_N%+V>/N+<3ZJJ#/7;,E'#O6V]@U(\/+FT$8-A4MKE!CG:I:YUJJOZ2#=9I)EJ\BK(PF+9 M[H(''Q:;D9L]KBE:07S>F4QIM33^`U1"T^O^:1,;I2Z!_3E;'Y:'"T M)?U3QF2ZJ%5=M9B?T-^*&2QSK;Y%]G:\WMT+-]YQ#>Z4FCL"Z"1Y(HD-Y19^ MS>PJ;[E/1RIQ&;E=ZH@"\\8CK5CC#GR\>DH8E;&\V)9\\K*1\3K8\8KR'@V3 M9Z'&>;9UVG@:0SVX<9]1A"(V]T=[W,RJW[F5ESWI"W^^JR87/,DS&\28AC&" M.R0[,<7L]`5SZ?4VCCW&IT[[1-M>T;A_>>?M_:UM:_CX7?W*_T9V!?1T0K.[ M!CE^6L)X1EWC3MHQ=CZAH$]]N+]]R]>+S9JWG6KN675V5B<]_(,3RR,6K?1/ MPR=^XE=9>>4MZ4!35%_=W=]CA-DP21% M:%=*/F:")_A!H:*"%\$O%\)?_84FE1%!OU&#+8=U%CAOM-1V.QAYLN>%GL)] M._5])#&$_*-X/<9-2/@;2HA5/`1Z03)G^8FC:,[^D.$`J-SD/\FAA1&@$360[.59`IPB0HPATO6'O]D M)!`W$A(H-2T#B;GW/_D$3GPH&!DHB+BD at 7!S9DE($9F2B)_(=6?12#EW-`(G M;K(FB?PT6TN&B9DX9W%(9T#3$9I5A1VDA/*69AUXBE.S)6Y'B)/DB at EBB`Q3 M.HDG1&@X,RC6!H?S)F6MI4.MS(,9GB0+]V*2-HC]U67^1(+6%T4>BX`%&H M;L,!-'>H%8>W/UX$)?58 at N%X;Z.UCZE87EUHC0`Y;1W9/Y^(+_+8C7OT83_# M3``#C at PY:.O_18J-PI%18Q&T4HG$F"WM439@\3S[!XK+R(R39QU3I7,VQV&IKYWZ+YW at GR8K52)AO99<5B'I>V3.T MLDARQ2N_U)(E67NK`9-H at 8L3\D)>(6)/^%5.=F*C$VL3 at 9>B2)D/I7]1R7^[ MARY9!G]V$E\\9Y*`Z(.M:)BW])0W-V3&X8X'J2\>UC[G!%/#I)JRPU:V&%:C M029>I6Z=N2V?^1&!II$L5)K6YY$[U6C60XKQQWEI!YOYN&^S28U9_]E8VR.9 M&JD\/F=N7^DC"5=\;:)LG")5E at F!;@,@E( M?1F8:)DLLN&/*/F*=S(LBBB`T^DFY at 9%F.(1#*@^H`2?Q_0X$LH^5`$<=S59 M7Q5$NE63*[D[\%:$JT8W[86=!*JB*1.;MPD8"FJ;V#:@LE:9IJ-"ZXFA*V23 M\7F"IL,^K@&BFXDF)'>,A<-!>6::VF&#>Y=]ML.+[U4_5!9_,FH;-6J5^H:C MN[B32TJARJ.>\AB/I5B<.WF<[VBDPH&D14.6$DH6NDAYFG>@S#6E`NJ4J[=V M^/<=6WI_^O9C"9-")>JC[0.!'L2?$P>/[/^#="#&+PMGA[*(/$VJ8N9)G/!W MIG*G5'_Z+HCID"Z95=GE85]YJ"6!)%-9=X34/M.)AV6B;FP2:IK467M"IUFJ MJ=7749WZ,+9J7(1ZH6':F[P9:F%8H.(HH7#"E?NR)L0661U:J9SUH!S7A]QY M/JWI6[OJJ3=82G&J6Q0Z%H>Z2<0:)ASY_U*./_*53TDL/E%A/?!=>H#6WA4K`(H M5V62)M#3%'TRG][_$J6H5+%G6:=7FK%:R#D<>R4ORG$L^7L<](:&FC[ZPDA* M:4.J5**_66#58UA?0Y,4HM&VL]6[ACZYIF M%9Y8V7D^9J5#RWSHH[8^NDI%=Q;GEZ&)F&)V0:@KQ4S`&DJG9(AFBG%^NZ,+ M](D(FFCE>II*,XI6JFU_6)4'Y+%\:HI>*SAX^;8+Q$^D6F0G&S`[!+KOBI!D MA$X<`2XW1YT'44<'J;MR"J/YJ)'H2J7?":./F[`5-YA<6G?S6ES)RT)O_WM^ M/N2CTK4^+PE9?@)RJ8-P9#2S.D)W?,$=W=B;B/J at XKB&J#6&51>X7IJJZE6V M at E:M9VEU,'E;MW6Y))NAR+.,ZT6H[$M&KO.^N1F_3MN\AVK!&CJU^(NG08B; M*[IQ[L)4BKN at 3;.M&ORQ7A.^EK5!5K28#FBX/?FVK62112*G/[B3[X>U%6S! MXAJAM/N0$QM?^X>;\>J7J"A'V at NH]UB9\!:Z.CFI*HQBIW.Z[HJX!%:WK.0` M<;D19(F\L8BI@`I9%MR\FP2D+FJ""(:SL$C$)BQI]@+`_:LQ/MDKTXN=9QNG M*]N`R7.I$FQ'%6(F3[:;"WG"D:C#G^%S8TR_!/_K:%?:;!F&HX;[J9 at J2>`I MNPVIHZLT4#QJQM8II&BA0%),I)>*+(UQP3\7,AQ!.&5YOVW[5X<7KCRJ/&A$<#OAQZ#$GKEB M)&Z[9Y>LR^7R-.GY2T-:.-2LA@\Y7&5VPF2;Q"0(BA[C+U"FXRC4[D&,`6=NF\ M6<7L\0XA\D&(LO`+_#:"(_)7\E,<:3=-Q/,F&3+<276ZR#"(E7=2"RH7A M22J8<4B#%\SQP4V7D>(1& M/<'>R<8GA="VH5*C-W2V-6`U_:X1[2M6G<,!$L50-J&X%51%$TT$";^J`M:S M.)\^BKKZNL%W?=9?VK,NIG5L_;I(];0N-9?1;&PTO<_8/&7>C'4II5]%]D-Y M-18@\9,(J$@U>7B"G12$O8T7?9G&^LVEQ=@^#<-&/(@A910!TQ8(N5^631DM M#=7]FR7;U-/$B55^+9P5XF;K:RFAS*2K#1(;=;1[V'5^1 M_XU4RKR3A[J"1TK#A/?4$\V4I?S">?NRV at 2S85?:/R)4_319S$UD&4G10S'= M5W1T7RF9(BBM;)C/U[C=F2?0(/C=+N&3_V[O@ M"A2W"93(!Q68&,[$/@?=-TR&R0>J5F+?;>DEFN`?FD`B[C(>D0N3W=^(P\1C:FAD,DYUU\ZY2+4YU?7DS`CA)# M8)GD[7;`E(C*W7(X@'W47RUE'13+G/1^]J;E`P[/*O_IY:-\UO5A$V,>%.KW M2:)==+IE9WH\G**YL&.LN1+,AJD$O`Q>YY;2+0JTNW=%=!0:Y9J-XL;2E;&\ MZ..H,9ZDY8C^36DJO;!N=8Y.'O<71HS49 at C'4I`YK*E7>XHIT\6=X3A\KO at R ML!TQWZ2.C.,+X?3]GE\NY>81P]LLT@/];K1(Z[7>Y9_>DA);TKL>3T^#/+$E MJEX7S$%E1CXWCSMR[(O,14!ARAELY M)2J*O1$VD'K[D.=^<;P=19(^,88)"-B#[A1QS#!D0P"&=W5MIC+;U%>ZKSFYI(N#_Z M!0$-0)'/@XRV=4Y"N2%PYIZLI'PG3JX'&_/&.40X%/8T7_:FUS/_K:E%J_!@ M'O%.Y?895/%.*"1$1]\>$]<`?ZX;.>L1FRG+3(XPB5L,D(FM\V:>EI`M19/% M=TZ689YZTZ^1__4N5(*S[O"KF\(3^G=YQ>)O\^E?#,1$42,.P,VC+_1R;_J( MD^<"_]5N#2XK=B6I]!ZQ,T72Y=95M?\/"G#[D[A2#USM*V at VEX+7VEW=ETG\ M^!)$,)X[2]_.A.0^`"%!8`0)$2`0G)!0804+%BX\A!A18D.*%BHPK)C1(D:- M'3UVQ!!2Y$B2(@&<1`G@@02%$RI$;/BP8 at 4*$PH^<-!`9P,&#!HX>!`APH,' M$(SFU`D4X<6/%`06A%#494V7%REG"`40H,%__XI8"!484&Q M48GBW/DSZ%,)$!@L^.D@`H6N%V)*!!Q8L-^-5ZFVU,I58X4)12'PS2 at SZV3* ME1M.IIBUYE.AG0T>I"MP`@6&@P%G9JI8]>J_%TJ^)ID2I?\#EE@=0OP[<_-0 MI'$;.#8*W$%/N1%<DHOLA?_\X^_RYR#KSL!!US.0",37*W%)W'K2Z8(89L0``D MW@(Q`J1(K.I$_?C3$J8G8TP.)SO_23300`TAZ+`G1_,R*M+@[K+1QC'!TQJ"`G54"! M!<2]U,I8-?6OTTX_I8^"!\1=X#%S8<1RR6`'"K-`NHY+TS3%ZJVU5.ER+6G7 M,/DZ#36:@N6-J.`<>XN at 8Q_`S\%E3WV/5GH[;0E6CQAC-"=JBT+H6J.RYA4,C4,=[==2*S*_8I6_9 M at 0D>R6`"_^<3=,NAH<+3K>!8[LZMO93]$ZO*;).3-4X#K$WGS*3M;:?Q1KNJ MNC#=>FM8T!HFJ@'LX$4K@@LG\I5,S3SEJFI4:7K7QL=TMC4U@,$&\&@5Y3L, MV^/0=58UP*N&.NH),1B0.1>WI/S>(!V65.*UU/(3-ZI$6Y&RP('>BCH584>, M60D\X,]7T3X8T]LAP5"EP`%Z*2?NO M\5293C/%A<;F>"#1,<^\<.B?[ES"ST/G?B8O1].P+>L^9#E??F/=**Q\T^X7 M[?ZU&\_ at 2U$FFHD$R&*CF%'J)R`*"TZ\!:8!'24OR at M7=GP"@?^+1.]%[,D< MM`J3/1MMCWI6.QQ'Y'0V*YTM;L$RDLU*E;ZM`"XW#6E?2-J$@0DBI%<685C) MZA\["RJB`[=EF,2GLWFD69IRD^65A\4&BE)@_`E6E?E/;#1%Y1++0R2=:-#)B;6C(&/)0D(I.:DAC>M*[ MWFF1-BS9$)`,E91A]:9.,#-CO/B%.0]*AS$$>8D`G[4?I\RQ`A`&7O2+3LC*:(T$H&7V=T6IU1*&P?'HH+,B%HE,A%5WA at C_]G/:Y^,$\CD.T05 at MD92@@BKHH`>A@%=XR;V&6D4"###+&8W3'#=RCZR[ MG!T0HU(B!/W%F/9;BL*8`L4%11,ZB-RAI(S72._@::Q70UY2ER,VW;P0B9M) MR%JM%;L3ENF1_Q1,6T`M$"5^[L2I',I1*D?VTI=RB%+B:L!!9BG59F((B#7- MI=74E3.K2"FLLH3;B9J%5CDYA:5MOHM^D7V;T%[K,0TB:&KNJ5.(Z/44Y'[W;K%Y965VL[E MI.JO>2T4AAUQH;HFTQ at SGF4EL;TCH.[8D:LN1[;*I%O)P"(\X^''ELXQTS._ M9]'5J&FXBC3N7I>Y6Y*!$[HKXBHQ+Q-=T<+G,\:Q257LJ-!_^<]XKQJH'Z\% M%=#8Y&7H'59G1]:V\Z+Q:RE>KT)G.+3]8[R[!5S.\$E>[!/9D$4\F4ZL$=*KN711+]_C) M^=`D3 at SZHT?/)]"Z&G,X#+R1V[Z[9Q[Q1"=^.S..:QDYD6K(R&4%DO"2[UO5809OBI' M+LV#O8KY\&NJ5IOM/5`QCJ!!",^7?;:!>=ES*Y\JE*P&.L>U#7$X%_57=LU4 MIYM9WFO-^4ZY0MJ%3_9,-WL$I&_61'C>TG1^L=1IB^TZ(UU6)+Z",ZRV=":, M0'5<8[>T&;9(&)O=B2V62(P:C\2M+NE9HPS_U2DD,X*6O.7UR5ZB>NP$<5+3 MMUXGB(#Y,2:5[J%A/:->`.AC:W/LIT+I,[>*T\A8!QB70#N0F4;O6IX)3.#F9ZX`/-%W2 at MF0?2(7ARE/+T]< M.0 at Y65V0@R>I.6*.;)T-[44K0.,^QQD>&8KI`87\4=R.,M:XYI!'SU:04=^( MRU$R:J&XJ22QVM*.E4:/DXGU`/*MHB!K`)!"/(X/HCA+"IZH5SR/G_3%S#! M*EW[H$]+H`<8E^L#K0>"C,TQ+>[#O.=ZO\Y;&>]R%+TXM(DZOT5;@)78N&K[ ML11:J,U0K)=BI;O;E_=S&!";*P5)N>YC#[D["0R0N+&PD=^(,):Q)DG2+KJ( MN+P+HW6[.FMID<&P'2\Q0#!1+W.C0"5[F47#/MH`J:D:I``*0;^($O![H/^( MVST.7)J:$++7#PB0";(LV_`WRVS3&>!>,:T$Q$:DZ9+_BVY,9F:`*D8]I"*8CZ\&`6R]EE+F\R3,H&XAH3`K_K(O$(&DW/XQ")7RW.\3'!=B^`")$[JJ+;?F===,)!GC$]-BRA7&M?'0T M<1.AZ[F7+_PG8*HI;%$4>F,4?5R2#+,H6IJ^AU#&9S2(!1*O$PL1XH`4 at M0Y MEGF8XHJ4JI.DX2F-PE"^%^+$`NF5DE2BDY2F#3.*I&,`FFG'E]0CMEDZGKBZ MWM#&H-BI.W**[,$.=5R166R6P]F-Y1G*6",UU6&5L6"`(H&,/X)`T>A&"V1' M!(G*KW2W\/H-2@(YG?@.3YHY*/3*O6JGJK._R%P5N.D2)Z1&-:)+NLJMA,!` MM-BHV)05S:NT.@'-;^,0_]%8JQ1T(P4BBT9C+(W1+UKC#V]#3#J:BJ,QFGI; M(,B\C,IAL3]TP(39MW);#\'H/^(BELT4CRE<-YD+,[W3R(A#STLTOBHQOV`4 M/J(1L#-W(3B"DSPMP.)#;&J9Z#,+#I2AJ$JZR M&I1,4`:MSHMCM+ at T/V"L'Z$$J._YRRZR*=I at NY^+'.5`OGW\T0=9$_\S/H(( M//\)^XS@>R0\S)H=I"`6%3RMV8NQH5$O6;ZG[)>VA"-E*C:Z_-'3FB*ZR1'V MZ\OI.+W^H)79\TG'N4?2NY2KN3<=7)X6C*&%>3&-JPN^[$[=T)9MX2)VL]$D MR14SM::,U!_*D:G52<"'$4TY=='/:[^>$TD#.T;-T:7:R5/2"ZB"J at XXU1\J>(%97_XE"UN8R(4NW6XX$@ M#--/(`T6;^7*2;M.4W-5=1VSYJ._3\PQ-OH9!IG7E45)6L/1,GR\7R%0092? M;SO0W8DEH;#7BAN(L8 at E,?2WZ2JG5ZE,((J@\+B+B(67B14L0*R7P,!81/L;>B7823RB;QG-;W$]=BU:!+(]5N-37'W96_72F77'6ZDU?,59M^PL%W10 MLXA+N=3$"2U8YJ&8G`M:O1/3T:&.H9!)F?$GJ/5,8*T]!X.0'9J<7:W/R$$H M`Y)$J,'YCMW)B=J,J$.]`-0O9"DUTSW9MUTJ$9HQBK$0T2")N+79"3/+3H M6[\M(+\#"QL-4J2`6*>=DKGP*+'XPP,Q28N(D!T278FP':/T/4ELF8/XUH_Z MHQX-8(M9$NT-X`=17D3547Y5V#W;EH+;CAL;8'Q!3!N#3\9S$K!@"1<)4KBH MW]]%0AJYJ=14C/_]G`AV)@(*1P/^-NA]B at R#X, at UE_?8X0BNJI>$HPIF/R:" MB^\:$@T>7G"BM[H0VC/Z#1^ZR+]JB,2S51%4-]ZYUIAANKS!RK!]X>-5)!F. MB*$+WO_W!9/33&""@%QRO$RI(PTR;LC2A=<0XJ6AL*"=J-#U;4']+9'X=;&7 M24=-/1C8VY_$^\0KG)$%NE:;G+$*%0]S2KV.F0DVB6$Y]E@"-F`#7F,H9&/0 M'5/M]!6:(-1D\5]=N60R=C*CG%`;YEH)_*G1.D9`)67VZE_] M(\13%F(H";H*)BME;1E80DG*C65- at AB5:! MX)T-]"MV=J4_S at I+'F,Y?N9OJA]I3N"LT:8V%BALQMZVM2'_;@9";R;$*CXH M/H';GW0HG7AE[),9CW[,T2#.P.03>L,*G6*7&4J.`W)BY3$O%RR/SJ0Y5%*> MLZO3FA!H4T:+GQ\,QEV1;5.[>I)X7-ZNAS'/J[+6`">"0<)GJ$UH8 MIF274"F+K+X^#1QDE_#J$LHIR)[:[:0.EB[1C5Q"O5MD\UJ(;6L`"F9[,;>CZ6=BV!-R7;V MI\HVQ:'%;**8$H!.2(F^&%]5$<+-"U9RFZ:+VI at TKQLSWMAH9F?.VP)F,(.BTI.B0*M\&FI(T)K`B/1FM.".\D;Y=-7CR+`9B M[LKVNJF`[HB*P23S:ZVRU\FYRA&12?.X(`FZ&Y>NR!X+:),8;SEV.&F../1> MT0+[V#T\#MC\9H%!%SN5<)H;K$$\-OR.:!*#"<6NKYG9.L5N7=KM$QDAQLDR M4([6:@27TBBQBZ<#$)PC&])%DVOKI)N0R9HD#JSTD`S?;F4^-P\?Z%(^+1'_ MVM!!VG8%I?\?]MX*3!+KSN5J`;E';"='8S@:AR(;AX@*B(#6M5N)2:O)%N05,-YY./\)PN MW^D03]'C8=/"\\=-E*QVE*8S'UW!`;S0#K8]B<>XBO.GKLY_#2LI1;Q80[^S MP)$7)5ZUNK/E/O!3I(I/_ACJL<(`73(TQ6Y))RJGLG3A\3SPUHA-U^E2]B/H M=,),0U##W-0">S-3;S54=W(X7C;OZ#R1XS,7CG7$WC!:3\>#?4_[T&IA#E/^ M71O'_.A"1R,1.U040 at TE\=6684.18^28\1WYLXZ\D/9IY_)J)^C_V4Q?90_< MI=%),0NWOW;C3O4TF_G222RO"O^12OSD=>?AZMS)UX+W.,OU["`7G-I'+HFG M+7+:'"^7++%>?B/LDU36&BR*>22+F:_T"Z*1X>4*:I?KG4:1K?VFTSVZ>TJJ M9,'XT`UL^^;XH1GQA%>98,LDE35E60>0D\_S742Z(M>@$M'MA6(BR_)==#R+ M_*Q.CU&H!=5YX?,NIG.;?K)?J+6TL?8(HU=M:X>2)MD7!RR3*77B^1O5]8'9 MWXYHJ_S[29MKO<@.2\Z6 at 1#6_='NR#[=-R.)OO(:N7H2@%VNW6>I:ZR M3A.,$_:-HE at EHB*EH$\>6-/HEFOXH_?R_WGCQ"TL_!UW$ML^-CXU76[Z>,OZ M"F-:8N8X81D8K,)Y6A M\KO$K$CY<8LR#+\_1&L'C`YVB8 at N/VC2C"HLV^U,:DEM&=YD=O/*1JD%B`H6 M+ERP,)`@PH0*+V!8N-#@P800#1*$6&&"`P7_-FYD(*&"0`L5*)#$N&"C1I0* M5BY at P``"A8@$+TX@*>%!@P8N&2SHN7)CRP@@)Q*U&+(H18<7)3"%X(!!`P@>MU=IQ`Y8UG&&(&I4?26:EQU-%'(96E MG at 00],;`;!TNT$`$%.3'V&M/[=03B at I\J!UQ_`&&7'RH,9<99)J%%1U7UT5F MG5;8B<6=A4=]%YYXYAEI'WKI)?A04>\5)E^#$!T9HY1]0?ED=TV6]-K_C at U@ M9^"!%QYH46<*&MD@!3/BME1&$_[#0(A!)HDA5;VAB"(#PLFDVVZP^?9;2P]( M$%.+BZ%7$XRGT;0<9&`Y%EU7.N+H558/T"@H22_^!=&01"XX):A6BEFF8O>% MFEBH9Q[$)Y`79 at B9I7IQERE:K:U7 at 9GD%0=2AAJRR*9J'<4YZY8$. at 9K;SG! MY!Y($T2P(4\:J=B`=F;!J&5-3CY$$U6/=9LA==:)*U6C&EIJH+6#5=!I>)^F MJJI(ZA6(:ZFFG>K7N_:M.N>!Z1'8V+.QUM29OS7]2RA-H,GE;KWJ.AO6@,U& MT$"P"C108:L/RFMLK[[BUJ3$74;[CXH,W):N_[T at HWS7:^9"X-BW86F(HV4\ M(HNL6&$:NNY:1,*5+[P7/JP9>U9&5!_0GR7-8&MHT>KO9NO!_#)38&J7$@;O>=NZ"H'6XQ(_%;57-6%4**W4UZC7P<1:P^Q;#2S-)$]8R:Q83?DI+7MKFAS6]\<`< M$^V89IM5S;;46:.V]9%>FUJ1IF,[`!Q+#[B]:=JH#_R at MJ+261UP/8%XNU%X M,TMJ?'S#JEU_-(;KFU6)(]ZCI=X2W9E!C[L5>>>P8RBS@)K1RZK"FWO=.:L; M;[;<E,,#3IVU9D at Y+_ MV>UU7TO98,[#I;^I[5B2D8YE$C>IJV2E3ENIU,O6H[TB=6\NE!-<=FHDHH*\ MJ(3W<^'>P at 0U\&7G93*IR7-,25#%(/`C[CGN0BM)PZ304R M4 at D1D\H'PU2=;R8"F5->'G,X&_*M6RA<(V8N1[`>QA&(^K/6_F!#1``21X!L M.]V_6D4BYCAQ6@/:"P214IJ_2+!T1W':!*M#Q at T2+E)AA-:?H&*I,\XQ1FG_ M`DO`IO?&%6ZRE>:3HZ at F*<8N"DIJ-7H6]=R(&2QF"C2&_.&+EL*<,;J$D08$ M'1+=ISO4->98L6%)GGX4&/HXL)NO7,_.Z#2S"X9+7#FR2AMY`KWH08:5MC1( MRYQ'KA[!D4H&3%>^ZK at T5BES0UC1CB]CU1R;V9`QF+L2,I>(._=\+RS,I)81 M^3/-B::.=)FI*/]"K;D;*JX#1C979"0=A MX\Y6\NJ7<7-CI>K)3882*"3YQ&72C.,:<$6/*N[KFXVH$IO+%#1)`T%H_J0X MF'M^3Y&5&5X`"W8PM3T2AS-R7T9]LL"L7/)6(!5J_W=\&*\Q\32/_NF2.<]Y MF?Z!T2LR]50K5Q>P2]U,A8WL3MAD-55]VM*$"%+/.-]8.AI%!99UJME7LH4> M^\61._R4I*9XFJ$&X,D!(1IL at _!2((U!DV,P&Y"\GL4A-UF,6NXKX%JW]-%5 MH0VT9$*B'N-:2 at Y&YJ7CNFN[\LJWE++Q9D95*)FP1SFLA\CW6:,^%QXQ:MR M,RK=9O/41NKEM+ZXO.P=T_]+JY"2.$V3FJ4F8\08J0Y6M%:SB1,YH@#X\BZ9 MHHN?8"596Z'EQ5S5X6_T$M at 2`%-K`@/&ZQPO4J?BXE3!GV66(Q\,OB>+=,(, M2JZ4<0RS%%QIWE-6*XTA$&JJ+DBUE4`XDH[H9I"#L>I6M5"<2DE=I_O(2= M0?6[Y181VZQ"'+N"ZY&4":>,AQ(N'`H\''(T[=A8J at E)3%([XQJO80C-ZL"/ MYZ;;1!OYMY*8QZHMR2YG97FZR-PX$Q)9BF.G-I]>7EFUX7WE^TVU0)0G\ M03=H-&5'>+=C[T M["N=9#VNF*;MY^PMQOV9XZ;FO;LY]E.TM[QJ#&R?)S?5NY^[[W%2;.D(G^&6 MZ6A---WVT!1S419)/9A>L)M\29_?^$W%7<_U95Y=+)>%29-%B=ROZ8W9_95M MW=>JG86C00;5L5C-?1B4]9YL\9Z%O%[LJ&#JN>`*7DU5[)_"^0_T&%4`GA$: MY8ORX89$;!]]?9*J.8P\'!Y:7!^J>180@ M>74 at W)F at RO39B]68#7:%.S at NU`. M93G>!8H/VMG8!#79+XE>$A88RJG5;IC.]X5>)-5*EC`-NDVA`G):"%(9?FT2 MF]52FWGAG?'>&;(@)F;BWN&9O)S.##+3G[#AG600U1R(',(%'=*1!B9/'D[; M6J'?_ at C:$8H>O74/8=6+:'6>AB`B>M58+HY?(]Y3%ZY at K\3;W>P)OJ at 5-WFA M"\*@[I'9U6Q5WH&.*!K=B0R9*0X95`"4*NJ@$BH?#JV90:E=8%E>$HV)(*98 M>:R5IR7_HS0%(^\-(W3M#+M98;R0CM95(N?,FSZ!E'I$(R?FER15XXL)VZCE M!5RI(8``2AMFD]BLHEHH(6J,FM]1%-`5XNG(GV>4$*J\(UG$(X1=HVR]QY%\ M2NZ97PLN'PF6S\QM767M'CU*HP(>9$V2EGZ)G)PAW!J:HF5D73AZ2BN"I"/= MCB-=8(3QF-BXXSU2HGD1A_L9U$299/RAI)'L8*&4&"$]4.O(9'N,2DY^5-JI M&[&(I:YQ9!*-HD/ZQJWIVY`5V42*HP16V+_D#H%,6=14X^UEV[U`9:SYXT at Y M3?R!(D(FHCW6A58&T.F5G6"Z7V*:VORM&Y^P)$Z2ULW%XWI4_T7A'-U;$I%K MS2510N94[5,H#DKNA%OX0&`U]4O`1>:510E4-N-VT23`&297,1<[3DE1SF:+ MV%-L5IGX2>8Y>I<6CAE-8F:U?1MG1HIG+APV91/X at 01%HE&ZW59-&1M.\@$IOFF?>!.)P%I+LC2=RTN()SMVH MX!%)6M.?2$=.%%[2Y4G)D41U$B(><<8@,F)>((Q^'PA1^H'--C M*D5Z;M\A/N&W82=O)@W(Q%IPUB=8JIC/D=@0[J$B?A@A.]?B at OBSIA19ATIIDB;$>Y*FK`DGAI*HN=4;.MK?,0H< MOX1I-&V&GY`I,W5C:!8,T^5HA*!.U-QA&ID9AR;6N01:C1B,N93+1U#8,?6I M5M6IRV"=H^S0E')-&KDCHK;JO#%)?#1JZDD59CT-&(:G_%2JC-:@*68J[U6G M%X);^W3E+4D4SJG?5UA:!_E2CX!%T93H/1U%4!&K:CJ at Y8D<2(1*H6Z@;V+H M2XYGDZH<(E'_9K"":8)^VZ,D'/\)G_]X5D+&X1E-D[/&#_:`I):D!\Q0A[@1 M&[PQ)#VAYCL>DK<"S7F]3RP9881>3B"F)/HPHP^ M8LWFE_3Y4;%F!W5YIV`UK(EFZ*EXW;511S!%S*`NQ+FR;:>^BF8TQU<4J:?N M%=6Q:RY);8NJGJ\29C6>K(D0D?]T"#9YA33M#D4.&_L\7]U2V.F9_RR]IHZI M>BS3,TXV0RV,>E'<[@?8AD!!+X=,G?/*;LQ2LZ&B3^ M929SQL9+L6&-NF'DIL?DQJS%7B[FEAGGT>OI-.]>78[@:ML_OM-%%J'-T"WJ M+ at P,%8?!/4544,S*PNZ/*9PJ-9#KO)\9LA]ELFBDW1\N_^A at KES*#T5(LE(NWV[B-T6`:'!`O).&[2 M>0FFQ>0FG66C,B9:NF^Q/@7CFBG#R15F1.[]M at MWDET!LRI#:>K(7=[WJ/!/ M9:^(CB3?@A#=+K`2ELI(()`(NPD0R]B'+/\8S7%3!D/J!O_5Y'GP!Y?2[_I? M5V30,/W+LK5+E(%J83V3IJK/$X9.>^[P#*.&.GXNQ$;OA%+OA=-5$%4,.QWXDUYU@[=$0:_H9&(?QZO0= M#6-I(^N+JRPCRZ1T#CO&*OG)N>GBRJG_RKL MO;IEX[8$5E`*9CS`&6F710)KD':NCY05>LWR+4/5YJANP^9R@$HP+Y/,*<6< MQT[1-!IS03YJ(&O_:B$<>XS*F*YRT_UR-K M[QRID22/,VN=$@@M'^9YSB>IL_I^:7IN9)2Q4=8J,QM*<9-%P!GELT#72 at NK M#^#XQ_,)A$K+* M[__AE'!T]#87[F'5G1%"=/QI41IS8_^5\F]@15KC\TG/8L98W\%`JUQ?_W:, M((13AZ[1&$RQB/8_G*+.N5%C41+]*A2OMJM1%[97 M(VY7LPUTO*Y83?!M=V-N.YUS0!DXET81U.2#!<:EA> MCU)T+$NZ&<_;]#;),A<6M>]$&PMS0Z>'D$MH>S?R);)DDV`+Z=&(Z0V6!@D^,=;B&<57?&2!P<&C:Q!OABLX1G-85VHT@#?/<` M8K9XP]ZM-OCJTE'2XRSP&!N7$5*N$XTY( MR5"+0U&&GI"F!AOSZ(9595SR%T8C at 62W[YZB&^].B=3SRUSYSYSW;Z[NDP"W M at T?K]`*D,9W5EO`CA$?W6OT>=4CUOIT$0J]QG67%1EF,GF*IYG#:)RM)FNR( MI5\''Z7EH6QFZ18>DZ,6U$!=6AQX0!=Z;$9W%B-Z?::K\2A3=ES03F!*(R,& M6D@`"*=(;0=HIFNZ2VP%;2A`W9A at J'\X9O*&.LV-D-M&FA)DW0T4LA;?-4:2 MH&]VKB,Z2G/VQR*JDGK_G+12ZK'W'T=`D22B+D0,EVJ53;+[^+)7\G0P@(PI M@#/]D&%9MWH\@&PLG)K/V+EX9*P3&RE/R_#@'TB,>Y>;\5HWNO0Z,CJO>RY. M1/?*#;;S\HH0SS[SKQ)DC](Q%A;\#Q0)``')))2\*7`2\/,I/,$SO MZX,BK'M!_+!X%\5W.=%S*VQZ.,V)%%%8.W#L>[SK";T?Q.+UUE3/6)`[/5#T M^P(M0`0<398"K;;!XP.<^4_`-/.`HK'XF';G1-!CUM`7/=PWS)9_36!&)6M; MQ,2L_#C/F%#T:*(;&#!=O9H+OM-/2UZO!IQX_<\*]M$P!@1 at NJ9C$P#B)F*9 M_[CP7$Q$D\7;QSWG,WKV>?Y6;5NY=O7[]_`>=5>0'EA`A< M&S)@8!+E4ID2&EC=R9@"!`@X)6=4R,"!!`H1*TAXX$"QY*(I'5<8N!@"!<=/ MH<:T,/,LSI__>-[6C76!8H.+.TN(O7?I2J=(!T7FH9@<"44^$L.#V@@AB M2]L-MP8Z,FXF_GGA:2#K?'J#_+@(9Q]*.*]8@"'$I\%`2;[SRX at M22,%"NPZ^ MNPZ,X*0ADYIO19T6L&D"QRBHJK^.JLK0IX4D?$\@*Y^[ST&9$NRL.`IERJZF M)S7+;\!.AA'KC*D;+('A`T&D;X at I8 MCQISZ[NW+'!T+D at E#1>]J694TK//8,H4L0HD`@@JCUL*$8'\JVK6VU]98\<6$>T5T\*Q`9.T77&\C9"$0,MS`,?35) M(@E*]94S704&-EK,H&057MMP8Y#BXRB=<^9.,ZY9 at H5SZK@WJ+=,B,6A(GY@ MXI6Q_BOMJ"K<6*=]ERW)(=!$)EG00`/]$"0>M97(Y;IB#GQM]PX#\X/D7YNSK!6`_N?*"DN#,R%'IAZL*J%,[8OF<2Z:<4.%SM( MRV6WW!_EP*'G MR\'"RDK>9IKHG%E(U2K*,,JQ*H?2;#"Q*FIJ[KLG6TPOTP===*:JGO)VJ#(E MB>S?76\8[GYECU!BC\BBO7'5BB6J69C'.O0;Z;!K*:DK2,GP5ZT<*>\S:(.+ M\P`7/0VZ1U8V\PCB/O*9P07)`I71G,!LDB^-1.DPDB$*SQIH&^ M&'@F2BTN/&3R-W!MD(R,]E0L7+.Y8;\"U)_QN8DHK"+3&UUT MD at KUB88F*E*#A-1`LZ at NB7@K8L/_?"7$0:&L7#RSTPAE-B9C3:4BA;1(;X at 7 M(3UJ;336\N1O`A6A"?*M1Q@<(QDUV+:/[(V"89D0XT+#-7G9RW*BL8AF.'(^1Y:G:-3KK_,>)TD.=8;:#/\4<$I%A\]V at G#4:R\B/@,09T]5F at ZRX M\6M9+R)0]6KBR4)I<5IZ`T]80B+&(;$1E;`YIN$^V,KE101Z4Y'E$=_TO8KH MJX]+^1(S at 9FP2B)D?:D9IFMN=T:1D$R9^7-8V`H9H4PVP"9Z?*0`=T1/PBDO M5]OT:.L\1"@(S`A:R*O1C*)9T2_*DP+JW!Y*VGFQV8@$GH>K&3K76,]=/K17 MWY/%.$QC1C,Z5I33_H5A$*KH3M MX]7;_EI+4KU-:$+%XPM1,]2/&76I,9KK)".YGII^Q#H%B1M/(5K%XDG'?SF4 MRIV$YU7D;"MQEMG*0:;H.[*.]9LKY9%A1OH5L"@4IRY]%T@>2U>9'8BR>+W9 M67,:LXGX%;-8Z9=)^K23 at 3&*CV2SX\;V55 at JB::ID(T);R=+4X*HMKAOPV1# MQ(I:#VE%CY]%4AJQQJCKT21:TEKFURRI2%&&B)1J_$A]WV);\_]DQ!%*^?*7DL*WW%MQ;4$%A6X>XW!J3O[\-H0<) M0II#\UC8Z9EZWB(6.)1SRH^L<#4Q=\UTE6:)K=U`J=K4 M=E''.V:QCUE62N>=\LRJR:N9C=P4F_6YP$K*,W7Z6TRUW6DF12,*H5)UJDHV MK5Y->U]?,W,:T.P.L0^RF]4X.+W"#/C_OBF"+3Q)=LO')3$Q%^$IZ_QG1SVA MV:*$6R^TV`N!0(]UT**T7N<6A49H%XO'CM%O8(:1_D[@7Q;-6V^319%%:M_TPR=TE6\Y%FPJPL&P^-J` MR?87-1V]$N;9TF4!=\MUE/(!>]J=1T[KW&F2]6D=HE*BSR*)8Z0EN1, M)Z]C&(^D_2,?_R]0A]MEIXLV;]$]/)#R7AQI+YD%WY6VM,C_.S]*GEA*;MM< M:R;0$,DPR#`\[_G[0E,Y?^$'S`M.[8JQ^M'(T;AGS_3/^/L[H:J;H'WGJB^CB-E)X M"]4"QY.K"([DA4]U'Y%EB3&)KQSC(=,3J3DH\:E.?9;Y>3\Q$6=1J-->- at _( M&7";EIS2>3.<2F*I0X]I:L4I3BJ[Q]1<=-[08B1SQ(?I3"Y22@ MY&SEC/+N^/A,^2R->>K/FAQ.=_ at C3OY#=QJ"F*QO\=B%.5S(L\C$\?^>8YKV M:5>`BH'([\XPRH06#MQ."[[XY6&BYIO*C\7DCD)$HO^4K[+\YT-`Z*S^#WE` MPCK`P@@+$+2R8S04$$U:KP&Y[0&A"C]V3.4ZC3>B!"(J0U3LB7QP0_KV at TWJ M""*\Q`L'A":TR8C at AD`@3O/(+=;LJ9"\@KTLKKM4Q44*#0N,#J;$*+08] M`HPL?I&]JJ._9$SM!$Y):J^]3LH`,64LFC'([`X:H]&=YF\2]ROJ=&5?@LY! MJL0,6>A"Y*6(Q#$79\(@)&:VOFZCU-&-+$Z1*B5:2,/7:`EB%N,_;E`71RNA M=E`[8LLSDBPDL,-PUDH at S\481VJ:H&X+'\@9&Y*$AH-$JI%)2NCGL,*+VN8R M2/`Y'((FPL=4V`4U, at 5$&HZO9N(DN8BB5-)^\"D>HX8![.R:YJP$2&IE;IQOE=5JC<_)-B33N at _^: M#RD8#6:J1L08 at CH`#;4NZS<[Q@:I<>XRK]KH#TD2E$!GPZY>,3XRI9.<94(I M%)4LU`F1I<8^KUUJII).C]?H397\S1*A""]*5%Q"@[VL[A at K*RQ_PS?_)%3H MZS-'TCP-#;38R(>B=)UZM),>`$B#=(,230)'5"ED[.4\PTY.5&EN\M1>8TAE MAB6FU&?^\&2PIR9`Z6[`IF&BA!ZGDT#A\-"G<)Y*];_HTTP9E9T@"57_(\6&NH*1:"*9PA(SN`DM MJ5`I(;)`M4;@GNX^!5.5HE4K+/57A&44 at U!17*S1A0H\ZQI5 MST4X559=&]6^EFS@\"UF36EF:79=W7+-Y')8.?4^V1)'S8M)M/:)7$W%"$6+ M+`F?O@?P^#124D-GJ.5X_Y)'1]U"[JTE)0'H:@D,:Q<-XDELF+QF9!NK(#J:'$Q:$7]*H'8F^& M=5O7=BD0-+&59G!*=D528&62 at -,#?%G%S=D>1TH'# M94K-]%VMR8"$*,YR>'CY*46[U1Z!^+;:ZU"44\YPS&1^$%$,T1=?#GLF:P)0 M&(IK%U[-\QF=SHK_+8:')8WY at HO==6R-*3_?*Y2VJ6N>,W-IF*ZRJ72;M_TF M2CG%"1CUL57KF(GQ^(GUF*]H)F<`.9Z$)8I168,8C4_/U$XT4-`8F5_N!Q=; M>8K;:,;LV(FS-Y1%>1G5R`__>TLD:7=\;3EP5GE4 MR7?/FO(@\M=0`3$=>W M!K5E_P=;X=E>0\^*>I?D>KRN63FRUC#:)"J2"CC6?F[G< M5,FW`$A&*!FF7RYQD]["N'&V8-TZ9`?G#;K:$_8Z3(R"G=5JX6*HT4Q.G`':E^QB: M.8R`!KIDE2VIEU1_.$)/A?-,_[R8?MLR80`WS39UGNK+A7UQJT^JJT'YJP&, MIR\:JMR*(1G6HQG:K*?9AZ5Z3D]*.\D:OZH8@`&[TKR: ML-LHK'N:IM&*HU&)L<.T1&A#Q%3QO6)5KLF492.W at 6%#:^QXF*W8MXL0DGNM_XLI"6!=?RNDLRN^'[1+B[ MNS.:>4Q;O`-[M\N[88./H@,H\"L=$L,VK M'`ZO?%8K6\N[K:>YG+T-V[`3N&KQBLS+W'4+]#M<.!A=Z0;/T\7)EUW=R)_C MW'C$C&PK^W4A7]$[&\@+D.7R.J(?9:(+W9F?F[:R4Z\5=\DE MQ=$O"M(I(G\]"F1$Q])#\\7KZB$+F$8OZH\W]84#?<75&S7_.WG,B3S5"]K' M#)O#M1.,T!;6=;=`-\W^#@B!XH9`JGNNAQ1WRO;"\_G1:538#YN]_7JYQ=KE M.OF3BYO9&4?6SDBKE6S139Q=T=K:S^PE/K*1O>:;MKEG/QK<[[NHH0Z_9538 M?SJ\19V5 at EL?F^#S3A& MGYO*2S+ESSI8ZQ*U8?[<7?ZT_0YP,8 at N'++.*=1GE3[B at IR3.9M8*?YQ-_JQ MKVZQY)=4R;9PAPV;5OBST?W9%Q[(_WMPZO]F/&X7Z\]3ZY]LHQX6GG@;MY at G M,%&]J[9&T%)LSLT).[H0<\`JK^\C$_\S5_\SF_\SW_ M\T$_]$5_]$F_]$W_]%$_]55_]5F_]5W_]6$_]F5_]FF_]FW_]G$_]W5_]WF_ M]WW_]X$_^(5_^(F_^(W_^)$_^95_^9F_^5<_(^3B'YQ'^J-?(ZK_)Z[_-NC" M^N>"^KL?(\8#^KW__C&? M_-]?_[L__/E?_0$"@$"!_P;^*VB0($*%!`<"./APX<&)!@M"5$BQXL*(&3=& M="AQH\B1#O\_5C19$N'%D"!%EGP),Z;,F31KVKR),Z?.G3Q[IB3YTN7%ART3 MGC0Z%*5*EBN7'O7($.11HE.I1O68-*E2EBFO5LWJ,ZS8L63+FCT;4ZM5J4A5 M%FWXM*K7K3^CFLPH]^W:E4'=ZD5I=ZC:O%G]HCV,.+'BQ3@'!V;+MRA6PVHC M"YX]?NG9%UXW+.+7JU:Q[.E;*]B/FR7 at K4W8:^_)/S:4W M&\4X./CFSH";RK3=DGCKY"IRW.!CF_(72]7J)HQRQ4^TWQWK4=@@0;_'@<:3->- M=A^`GOUU77Y22?A8;Y#Y)YZ#:?%GWX$>?KA>=O6])YUX]Q6'%7S8,;74;7 MB6>>>N[)9Y]^_ at EHH(%"N1N2/]+D)'CT]0CJ*I9+XZ*9KXL95;[$6J5V27W5HHW&W?LHJ7-_9 M6%Q\8,GJ4JT)FKC5K!3JAYNL,P)Y8J5O_\*Z:ZT!%HMBMLA=]J6R2'S#Y+ZU6XO at LME="Z6:FZF5V[8&4F2IAKL_-1BZ"P0!V[I'?% M_LK?<36&*BZRW`$+L6$)F8048L\`\ M-UIEJ4V:&FJ]%:=Y\[HZU:8SQB<_39I^O(Z,KLBB.96T1K<&IW7+/I)=]M?5 M`9G=U6=FS:U-MIZX[W[VXHSQV/'%;+:BLD'(*]Z2M3. at YHI1(Q2OF2JZ7*-ZM2<1GH^]E/6+"B>]-]=?TWWYT_G_F7Z/RC^ M^0F`8R+ at GPPHP`0J<($,;*`#'PC!"$IP at A2LH`4OB,$,:G"#'.R@!S\(0DM= MCU2/@]3[^@._G*4*>]434HI$U2L0RM!7*B..3#UK!R>$3@\=!TR$-7$(,HN_,8;C^G\0_%5I>@G9"O?]`3GLS at .R5/0"V,<>[C&)T:Q9.F:FQ1E4T)6F8]^ M$&M;'KVXQP&!2T6*_"/,'%FYS7UO:8><82*32")^[1!D1T2=#7_(MTI^\)*Z M`QH2C>BY]Q3,E+`!'"5%:<&BJ5!]$VK?J5)X2TS]3$IT9"'U7`7+8$Y+F,2$ M(`*+B'^>BY M+!.N0H*E8B:%J$N+0/TD*T$'1IXY:*DB6U9/0^E#5Z+Q<<'ZJ"J7][>RY*>H.^5=A(1B MT5#^BZ>(TQQ4V54Z'V:Q9)YT(E8A]U0:L2VIAI1D4<SLELFQL+T-;O^:"Y80>T,` M08ZF=]TB'X\*R$4R4K3Q^VSC!D<7O+)-D5XEHV"QRA.B"K:LMJ7A$)7:-5=2 M+*RL?2M3%Z791V;2J_]$A)W#E-5Z*50ZC^+.N5\E&>GF6MZK,*XPSM>KS?3DD#0*O/'*Q. at D.UT9&LF>9 at - M7#*1GPSE*$MYRE2NLI6OC.4L:WG+7.[R_Z;63A*.EB(7DYR'ZC M:'BYU]&,6B2E>EVS`A_FX*?:-:B':R1Y[6SD-E?X85B$FX7G.S`G`YI>@N9W M,U$+/=Y88:YNBUZ@\]YI/25I^HW/G7%V"UKI0(?/O@/S[6TQ_.D4*SK4KPKD MH*GXF?-2-M4O8G7^5IOGBKZRNN)MKZW[A&LW;Q*4D%ZP)('[ZSE=>H1B9O;\ ?F,U/Z*&8A'1,MK6OC>UL:WO;W.ZVM[\-[G`#("``.UZP ` end From MIKEINGLE at delphi.com Thu Oct 14 23:32:05 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Thu, 14 Oct 93 23:32:05 PDT Subject: ARTICLE: IRS learning how to spook Message-ID: <01H44IW21L4E9370SR@delphi.com> InformationWeek, October 4, 1993, p. 38 Interview: Investigator Donald Vogel Plans to Milk the IRS Go Sour Computer-aided tax fraud is rising - and so is enforcement When executives at Stew Leonard's Dairy, a food retailer in Norwalk, Conn., pleaded guilty in July to skimming $17 million in sales to avoid paying $6.7 million in taxes, the case had a singular twist: It was the largest instance of tax evasion to rely on a computer program. Inside a hollowed-out book, Internal Revenue Service agents found the fraud software - dubbed "Equity" - which a programmer had developed, maintained, and enhanced at the direction of Leonard's managers. To find out just how prevalent high-tech tax fraud is becoming - and the level of IS involvement and culpability - InformationWeek senior writer Bruce Caldwell talked with Donald Vogel, assistant commissioner for criminal investigation at the IRS. What's different about IS-assisted tax fraud? These schemes are no differnet from those that use paper. But with automation, entries can be adjusted quickly, while on paper it can take hours or days. There's also a degree of comfort in knowing that records on diskette can't be as easily accessed as journal entries. IS folks can be involved in the overall scheme, or can be doing things at the direction of the business owner that they know are being done only to perpetrate fraud. [But in other cases] they may not know the true purpose. What happens to IS employees who assist in tax fraud? Every case stands on its own, but if an IS person is setting up these accounts and working with an owner to tweak accounts, he or she can be culpable for participating in a conspiracy to defraud the IRS. I would equate IS people with accountants. In most cases, these people are not drawn in as defendants; they're typically the ones who testify on behalf of the government. They can talk about the system, its audit features, who gave the instructions, etc. We have to prove intent as well as knowledge. Did the IS person know that what he or she was doing helped perpetrate the crime? What did this person do to continue the crime? What did he or she gain from this involvement? I would suspect that most people setting up books and records know when they're being asked to do something out of the ordinary, when something is not right. How do you investigate cases that involve information technology? We have 87 agents across the country who have been through computer training. They understand the workings of a PC, and have a lot of information about programming. They know how to pull out files that were encrypted, or booby-trapped, or segmented. They know how to safely download files and maintain a chain of custody for court purposes. Those 87 agents represent about 3% to 4% of all agents. We also have two transcription centers where software is run through programs to check for problems. When we run into an unfamiliar program or operating system, we can draw upon specialists in the examination division to help. Was Leonard's a particularly difficult case to crack? What was unique in the Leonard's case was that we found software specifically used to adjust for skim. Usually, there is compartmentalized information that leads to skims or other audit trails. With Leonard's, adjusting books for skim was facilitated because [the participants] could adjust all accounts, including bank deposits, within seconds. Is computer-aided tax fraud on the rise? It's expanding along with automation. We hope our prosecutions deter such activity. But I'm not so naive to think that people won't try it. -------------------------------------------------------------------------- Hmmm...87 agents specially trained for computer tax fraud, and they know how to "pull out" encrypted files. Now, what if those files were encrypted with, say, IDEA, or even DES? That would be a little harder to "pull out". And what if "Equity" (great name for a tax-cheating program!) was on an encrypted hard-drive partition instead of in a hollowed-out book? That might create a real headache for the IRS. This could lead to some interesting cases in the near future, especially if the person with the encryption keys was also the defendant in the case. From deltorto at aol.com Fri Oct 15 00:57:05 1993 From: deltorto at aol.com (deltorto at aol.com) Date: Fri, 15 Oct 93 00:57:05 PDT Subject: Mom & Pop Operating Systems Message-ID: <9310150350.tn57426@aol.com> I saw this Letter to the Editors recently in a "family-oriented" Macintosh weekly & thought you'd all enjoy it... - dave "Ma and Pa Finder Can Beat the Peter Pan Syndrome" -------------------------------------------------- My mother was right. I am not capable of taking care of myself. Although I haven't mislaid my head as she long predicted, I have lost nearly everything else. I thought the Macintosh was going to help me organize my life, but it let me down. My start-up volume, Moby Disk, is full of hundreds of folders with names like Stuff, Stuff2 and Son of Stuff. The names are somewhat accurate, they do contain stuff, but I have absolutely no idea what that stuff is. The Macintosh doesn't help. For me, the Finder is more of a Loser. I've noticed [MacWEEK columnist] Don Crabb's ongoing attempt in The Mac Manager column to inspire Finder improvements and alternatves. These new approaches will never succeed. The onus is still on the user to organize data, and a lot of us are simply incapable of doing that. A woman recently told me that many men suffer from the Peter Pan syndrome. They refuse to grow up. I think she's right, and I qualify. I appreciate this slander, because it provides me with a flimsy excuse for my lack of any organizational maturity. I'm one of those fellows who believes that underwear on the floor and socks in the hallway are easier to find. If Apple wants to show off one of its new technologies and promote a better user environment, it needs to incorporate psychology. For many of us, our mothers are the only people who ever managed to exert some semblance of control over our naturally messy selves. Bring out the Ma Finder. Using PlainTalk's synthetic speech capabilities, the Ma Finder talks to you as you perform tasks: "Now pick up that file and put it where it belongs!" This is way cool. I'd love it if my mother took over my life. The real one would never put up with my nonsense again, but the Ma Finder would. More disk space: "Do you really need a seventh copy of TeachText?" Better descriptors: "Nice people don't use file names like that!" Easier searches: "This folder looks like a pigsty. Clean it up." Better moral values: "I found this GIF file in your 'Hot' folder and, frankly, I'm a little disappointed." And old fashioned motherly feedback: "So if George threw his System folder in the Trash, would you have to do the same thing?" You'd have to be careful, though. If the Ma Finder started getting on your nerves, it is not as simple as going to the Sound control panel and pulling the slider down to zero. "Don't you hush me, young man!" Try it, and you're likely to hear from her partner, the Pa Finder. The Pa Finder might have a very different way of communicating with you. "Get your butt in here and empty the Trash! " Or perhaps, "Boy, what is wrong with you?" Apple can get a bit crazy when it comes to product introductions. We might end up seeing a different Finder personality every six months. Bully Finder: "Drop one more file in this folder and I'm going to sock you! " Cop Finder: "Let me see your license and registration card." Doctor Finder: "Cough." Boyfriend Finder: "Trust me." Girlfriend Finder: "No." Michael H. Spindler Finder: "You need to toss out another 1,400 files." I really would like a Macintosh that helped me intelligently manage massive amounts of data. It is difficult to maintain schemes for organizing years of work and thousands of files. I don't have time during the day to Iook for the perfect algorithm, so I am hoping that Apple or a third-party developer discovers the right solution. G Morgan Watkins Manager, Microcomputer Technologies University of Texas at Austin --------------------------------------------------------------- From cs93jks at brunel.ac.uk Fri Oct 15 02:12:06 1993 From: cs93jks at brunel.ac.uk (Jonathan Keith Saville) Date: Fri, 15 Oct 93 02:12:06 PDT Subject: Subscribe me... Message-ID: <7135.9310150909@molnir.brunel.ac.uk> please could you subscribe me to the cypherpunks mailing list at the following address. Thanks. cs93jks at brunel.ac.uk Jon -- # Jon Saville | 'May'st not tell thy dreams?' | # cs93jks at brunel.ac.uk | Keats, The Fall of Hyperion, 1819 | # | PGP 2.3a public key available | From blaster at rd.relcom.msk.su Fri Oct 15 03:10:04 1993 From: blaster at rd.relcom.msk.su (Victor A. Borisov) Date: Fri, 15 Oct 93 03:10:04 PDT Subject: Monitor radiation overlooking. Message-ID: Hello! I read about overlooking of monitor radiation. Introder can scan the electron-beam radiation from electron-gun. He simple transmit this radiation to self electron-gun and sinchronize frequance. This method work with b/w monitor. The overlooking of color-monitor more dificult - introder will see 4 gradation of gray (all guns off, work one, two, three guns). But we can select spesial colors (red-blue or blue-green) and allways will work only one (or two) guns. In this way introder will see dark (or light) gray screen without any information!!! Is it corect? Do now present more improve overlooking system? Some words about DES - I spoke with one cryptoanalisyst from KGB and he sow, that for number crypto algotitm c(key, text) (key is keyLength tall) present f(key, text), that for all key1 and key2 present key with length keyLength, that c(key2, c(key1, text))==f(key, text). He also say, that now present f() for c()=des(), more f() wery like des(). That`s why for decrypting of des(k1, des(k2, ... des(kN, text) ... )) we must try 2^56 keys with spetial function. --- Victor A. Borisov aka blaster; Relcom R&D; Email: blaster at rd.relcom.msk.su; Phone: +7(095)-943-4735; +7(095)-198-9510; === Don`t panic! === From frissell at panix.com Fri Oct 15 04:10:05 1993 From: frissell at panix.com (Duncan Frissell) Date: Fri, 15 Oct 93 04:10:05 PDT Subject: ARTICLE: IRS learning how Message-ID: <199310151109.AA21883@panix.com> Stew Leonard (Hero of Capitalism) whose Stew Leonard's Dairy Store in Norwalk, CT has the highest sales per square foot of any retail store in the world (allegedly), was busted not because of a computer enforcement move by the IRS but because he was arrested smuggling cash out of the country. He was taking 80K to the Bahamas or Caymans or somewhere on his private plane. The Feds didn't say if they got a tip or if it was a spot check based on a flight plan. That was a couple of years ago. Finally, they raided his store and home and found the Equity software. The programmer should market the code. It would (probably) be legal to do so. Just goes to show that you computer criminals out there can't neglect your physical privacy arrangements. I could have taught Stew any one of a dozen ways to expatriate funds without risk of arrest. Many of them would not even have involved a violation of the laws governing the international transfer of monetary instruments. Duncan Frissell --- WinQwk 2.0b#1165 From an12070 at anon.penet.fi Fri Oct 15 05:07:08 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Fri, 15 Oct 93 05:07:08 PDT Subject: PROOF POSITIVE OF POISON Message-ID: <9310151202.AA22292@anon.penet.fi> === From: tcmay at netcom.com (Timothy C. May) Subject: Options for Speech on Cypherpunks Date: Wed, 6 Oct 93 12:31:04 PDT Lots of options for dealing with too much volume, too much flamage, too little content, too many diverse interests, whatever. Not all options are feasible for the Sysadmin (Eric Hughes), of course, and software is not always available. Needless to say, these ideas are swirling around in many minds. "Abraham-Hughes" described their ideas along these lines at a Cypherpunks meeting, === From: jamie at netcom.com (Jamie Dinkelacker) Subject: Newbie reading: Bamberg Date: Thu, 7 Oct 93 18:17:53 -0700 Newbie cypheroids and cypherettes, Tim May has pointed to _The Puzzle Palace_ by Bamberg several times here and on the Extropians list. If like me you're a newbie, it's a quick, excellent read. Don't miss it. It'll give context for the quote, "gentlemen don't read each other's mail." === From: tcmay at netcom.com (Timothy C. May) Subject: Bamford's "The Puzzle Palace" Date: Thu, 7 Oct 93 18:59:41 PDT "My name is Bamford, _James_ Bamford." Bamford's "The Puzzle Palace" is a bit dry in places, but is very well-researched. I first read it in hardback in 1982 and the stuff about intercepts of commercial intelligence (stock trades, corporate secrets, etc.) got me to thinking about how the NSA may be _using_ the fruits of its corporate intercepts. This motivated the plot of the novel I've been working on, and my interest in the "BlackNet" aspects of crypto, so I can honestly say Bamford's book changed my life. He also describes in previously-nonpublicized detail the "Harvest" and "Lodestone" systems installed at NSA headquarters at Fort Meade around 1963. Our own Norm Hardy was involved in this and will be describing his "Harvest" experiences at this Saturday's Cypherpunks meeting. See (some of) you there! === From: jamie at netcom.com (Jamie Dinkelacker) Subject: Re: Bamford's "The Puzzle Palace" Date: Thu, 7 Oct 93 19:48:17 -0700 ooops, Tim's right. I was listening to David Bromberg (urg?) while writing that post and it slipped out. Thanks, Tim. === From: tcmay at netcom.com (Timothy C. May) Subject: Re: The death of the list as we know it (tm) Date: Fri, 8 Oct 93 10:43:05 PDT My point is this: there are many sound reasons to keep a group such as ours a mailing list and not open it to every freshman in college who can grep for "punk" and stumble across us, or for every Sternlight-type bozo who delights in creating noise and rancor in groups. As others have mentioned, tools exist to locally feed mailing list traffic into pseuodo-newsgroups, which can then be treated as the newsgroup format some folks desire. We debate this issue every couple of months. Give it up. Or start your own newsgroup. Or use one of the existing newsgroups. === From: tcmay at netcom.com (Timothy C. May) Subject: Re: The death of the list as we know it (tm) To: trebor at foretune.co.jp (Robert J. Woodhead) Date: Fri, 8 Oct 93 19:16:36 PDT Robert Woodhead writes: > This is called "security through obscurity." I'm shocked to see it > advocated in this list! ;^> And I'm shocked--:-}-- that people keep beating a dead horse, expecting that if they repeat their arguments enough times, something will miraculously change. This rarely works, and mainly just dilutes the content of the list further. > Opening up the list into a newsgroup has risks, but they can be mitigated > and doing so would make it easier to use, and reduce the load on toad. I won't repeat my own arguments for the 7th or 8th time. In any case, Eric Hughes has the final say and he has said it will not happen in no uncertain terms. If you vote otherwise, send your votes to dev/null. They'll count more that way. (There is no pretense that the list is a democracy.) > Bottom line, isn't one of the goals of punkery in general (whatever > flavor) to _spread_ knowledge. Shouldn't this stuff be shouted from > the digital treetops? Not one of the major goals, from my perspective. We don't advertise, we don't lobby, we aren't even _set up_ to do such a thing. And when we're interviewed (and anybody _can_ be), nobody spouts off the "Cypherpunks agenda." Books and magazines spread knowledge. Notice that we don't even have a FAQ? We're hardly in the education business. We're a loose collection of folks, bound by the mailing list and the various physical meetings (and those of you out in the hinterlands should simply organize your own gatherings). The interest in remailers, digital money, code, etc., is the main glue. Political action is a detour. The Clipper debate was one such detour, occuoying too much time for several months, though I suspect some good came out of it. Anyway, it's not for me to say what the Cypherpunks are, but all those folks shouting that "we" are a lobbying group, or whatever, are misguided, I think. One of the advantages of a mailing list is the implied sense of community and of a shared history. It is expected that most on the list have seen the traffic go by, even if they skipped many of the messages. Newsgroups, on the other hand, encourage people to dip in for a few days, ignore for several weeks, dip in again, and so on. Thus, a huge number of repeat topics as people dip in and out and miss the context of comments, the history, and so on. Progress stalls, even more so than progress may've stalled in some areas on this List. And while I agree that TLAs may be reading this list, one way or another, making it a newsgroup would open it up for archiving around the world, for appearance on those CD-ROMS filled with Usenet traffic, and for easy grepping by future employers and future government snoops. In other words, a public forum. That's great if the goal is to educate people about crypto, not so great if the goal is frank discussion of tough problems. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. === Date: Sat, 9 Oct 93 04:18:31 EST From: Matthew B. Landry Subject: Safe and fun environment? >Still, it might make sense for someone from this list to give them some >help on the crypto aspects. This could be a safe and fun environment >in which people could be introduced to crypto, and it could even expand Unless this list undergoes some VERY radical changes, it will never be a "safe and fun environment" to introduce new people to anything. At the moment, in order to get anything out of it, one has to devote large quantities of queue space and time to the subscription, and sift through the flames and other noise to locate the rare bit of truly valuable info. There are very few people on this list who routinely post things worth reading, and many who _never_ post things worth reading, and seem to be only around for the flame wars. And god forbid that a newcomer should ask a QUESTION! Dear lord no. That newcomer will be flamed so totally that no burn unit around will be able to save them. Most of those that are persistent or resiliant enough to survive what this list can often put people through may or may not decide to stay. I would imagine that such negative experiences would turn a lot of people off to the whole idea of crypto-privacy. If I hadn't already been committed to privacy when I joined the list, I would have immediately unsubscribed, called Fort Meade, and asked what I could do to help. The vast majority of people who post on this list and respond to other people's posts are obnoxious idiots who are willing to flame at the slightest provocation, and will do so until the person they attack backs down or simply gives up. No one on this list is entirely to blame, nor is anyone entirely blameless for this. Several of the top figures on the list (TC May and Eric Hughes to name two) have recently adopted an inappropriately elitist attitude toward the direction of the list, and the movement. No one can stop Eric from running the _list_ however he wants, but the _movement_ belongs to all of us, thank you. Even though I respect the crypto-political opinions that they express a great deal, I think that they and their supporters have taken this too far. And worse, they have not taken a firm stand against the kind of flame war that is continually erupting over individual posts on the list. For the leaders to sit back and watch this go on is simply not the appropriate way to handle things. Until we fix the serious problems in this list, it will never be an appropriate environment for newcomers to learn about crypto-privacy, just a training ground for flame-throwers. Dare I suggest (why not? I'm already burning to a crisp, how much worse could it get?) that we create a moderated newsgroup that would gateway the substantive traffic from this list into a more accessible forum (but NOT the other way around). In that manner, we could provide a place for newcomers to learn about cryptography and the movement, without forcing them to sift through mountains of flame wars. Questions could be referred to qualified personnel, instead of going to the list where they act like little flame magnets. This newsgroup would not replace the list, nor would it be more than marginally connected (because of the selected cross-postings), but it would provide the kind of environment that the list does not or cannot provide. Go ahead and dump flames in my mailbox. I've long since gotten used to it. I'm not going to back down until someone convinces me that a hospitable environment with informative traffic and a high s/n ratio is a bad idea. Or, you can save bandwidth and send the flames to /dev/null, because that's where anything that doesn't make sense will go. Rational comments are welcome, though. Oh, and for those of you that are tired of seeing me post, you can rest assured that you will never see it again. Contributing to this list has brought nothing but trouble to my life, and I have better things to do with my time than wade through piles of flamage in my personal mail box. === From: tcmay at netcom.com (Timothy C. May) To: cypherpunks at toad.com Date: Sat, 9 Oct 93 2:45:26 PDT I wrote this reply to Matthew Landry, who raised some complaints about the direction of this list, the role of the "leaders," and so on. I sent it to him personally, so as not to add to the already heavy volume of stuff on this list, especially the complaints of the last few days. I think the term "leader" is inappropriate. Several of us got the group rolling a little over a year ago, but the anarchic nature of the mailing list (source of strengths as well as weaknesses). In Matthew's post he on the one hand blasts the elitist attitude of Eric Hughes and myself while in the next paragraph blasting the lack of action taken by the "leaders" to control flames and set up systems to help newcomers. Anyway, I enjoyed a political piece Matthew wrote a couple of weeks or so ago, and I told him this. So his piece tonight (2:30 a.m) merited a response. And though some of you are no doubt sick of seeing these issues debated, I've decided to forward my letter to him to all of you, as I think some points need to be made. I've removed one or two sentences from the version I mailed to Matthew. === From: tcmay (Timothy C. May) Subject: Re: Safe and fun environment? To: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Sat, 9 Oct 93 2:15:32 PDT Matthew, I think you're taking the stuff here too personally. Not all the feedback to you has been negative--I recall congratulating you on a nice political piece. But you have raised issues about elitism and unwillingness to teach newcomers that others have raised. And you ought to see some of the abusive e-mail I get! Whew! Whenever I disagree with some of the paranoids and ranters, I am called a traitor, a hypocrite, a lackey of Eric Hughes, a member of the "Clique," and on and on. Let me comment on a few of your points: > a "safe and fun environment" to introduce new people to anything. At the > moment, in order to get anything out of it, one has to devote large quantities > of queue space and time to the subscription, and sift through the flames and > other noise to locate the rare bit of truly valuable info. There are very few > people on this list who routinely post things worth reading, and many who > _never_ post things worth reading, and seem to be only around for the flame > wars. I'm sorry to hear you're getting so little new stuff here. Many of us have spent many hour typing in (or scanning and OCRing, in my case) papers and articles, from Chaum's "Dining Cryptographers" paper (every bloody word of it!) to Shamir's "How to Share a Secret" to scads of shorter articles and whatnot. And the debate ranges from random number generators to Perl scripts and TCL to digital money to ECPA to .... well, to about 20 major topics, by my estimate. > And god forbid that a newcomer should ask a QUESTION! Dear lord no. > That newcomer will be flamed so totally that no burn unit around will be able > to save them. This is simply not true. I have answered--when I could--the questions of many people over the past 12 months. And I've repeatedly posted reading lists, pointers to the Glossary at the soda site, and so on. It is true that I sometimes am exasperated by people who have clearly not been reading the list who ask "Can anyone tell me about digital money?" when the topic has just been discussed! (A FAQ would be nice. I was about to agree to do it a year ago, when ...comments on status of the FAQ elided to reduce flamage and angry feelings.... Fortunately, there are many other newsgroups that beginners can read ot learn crypto....Cypherpunks was not set up to compete with sci.crypt and all the other sources. > The vast majority of people who post on this list and respond to other > people's posts are obnoxious idiots who are willing to flame at the slightest > provocation, and will do so until the person they attack backs down or simply > gives up. I think this is uncalled for. I haven't seen this kind of flaming, except in the XXXXX case, and that has its own dynamic. (And please, Matthew, try to find a post where I have flamed XXXXX in public...I don't believe you can easily find one.) > No one on this list is entirely to blame, nor is anyone entirely > blameless for this. Several of the top figures on the list (TC May and Eric > Hughes to name two) have recently adopted an inappropriately elitist attitude The mailing list cannot be run by "democratic means." Nor can "teaching assigments" be handed out. The list is like a party at someone's home. The will of the herd is not the will of the organizers. Nor is the Cypherpunks agenda all that clear. I, for example, want to see strong crypto deployed in ways very different than what others favor. Are we to take a majority vote on an agenda, a charter? It's better to just leave the agenda loose and unwritten, so as not to have to grapple with this collision of goals. We can all pretend the agenda is what we favor. > running the _list_ however he wants, but the _movement_ belongs to all of us, > thank you. Even though I respect the crypto-political opinions that they The _movement_ belongs to what gets written and what gets responded to. In other words, if you want to be listened to, you have to get people's attention by the quality of your arguments. You can't rail against "leaders" (an ironic choice of words you used) like Hal Finney or Duncan Frissell just because their posts get reaction. You can't argue that the "herd" didn't have a chance to vote. In fact, people vote with their own posts. Market democracy. > express a great deal, I think that they and their supporters have taken this > too far. And worse, they have not taken a firm stand against the kind of flame > war that is continually erupting over individual posts on the list. For the > leaders to sit back and watch this go on is simply not the appropriate way to > handle things. The "leaders"? I have commented many times on issues of rancor and flames, even recently, and for this I am accused by some of being part of "the Clique" that "runs" Cypherpunks. Nonsense. > Until we fix the serious problems in this list, it will never be an > appropriate environment for newcomers to learn about crypto-privacy, just a > training ground for flame-throwers. About 70% of the flames would subside if XXXXX would cool his jets, and stop ranting and raving. As for "training newcomers," it's not easy. Lots of books exist, and many of the really solid contributors (Barrus, Honeyman, Collins, Stewart, etc.) learned their crypto in exactly this way. Many of us wrote _very long_ articles of a tutorial nature when the list was getting started. Newcomers who are unwilling to read some of the technical books on crypto should not expect us to write customized tutorials. > mountains of flame wars. Questions could be referred to qualified personnel, > instead of going to the list where they act like little flame magnets. May I ask which "qualified personnel" you have in mind? As per the earlier comment, not many of the crypto experts I know have any interest in hand-holding, not when at least a dozen good books on crypto are readily available. > This newsgroup would not replace the list, nor would it be more than > marginally connected (because of the selected cross-postings), but it would > provide the kind of environment that the list does not or cannot provide. How is this group you propose any different from sci.crypt, talk.politics.crypto, the various *.privacy groups, the *.clipper group, or the *.security groups? Seems to me sci.crypt is exactly what you're looking for. (But don't expect hand-holding for newcomers there, either!) > Oh, and for those of you that are tired of seeing me post, you can rest > assured that you will never see it again. Contributing to this list has brought > nothing but trouble to my life, and I have better things to do with my time > than wade through piles of flamage in my personal mail box. Matthew, threatening to leave is not going to have much effect. But if you have decided to leave, good luck in all your endeavours. -Tim May === From: jamie at netcom.com (Jamie Dinkelacker) To: Matthew B. Landry Date: Sat, 9 Oct 93 11:39:51 -0700 Subject: Re: Safe and fun environment? [Cypherlings, excuse the bandwidth] Matthew, As a fresh newbie allow me to react for the record to your recent post. >a "safe and fun environment" to introduce new people to anything. I've never found a safe and fun environment anywhere, anytime if I looked closely enough to see what was going on; hence I never expect it anywhere, anytime. > And god forbid that a newcomer should ask a QUESTION! Dear lord no. >That newcomer will be flamed so totally that no burn unit around will be able >to save them. My questions have been answered graciously, thoroughly, and when I've been corrected, I should've been due to inattentive typing (e.g., author's names). > No one on this list is entirely to blame, nor is anyone entirely >blameless for this. Several of the top figures on the list (TC May and Eric >Hughes to name two) have recently adopted an inappropriately elitist attitude >toward the direction of the list, and the movement. Movement? Like in 'bowel'? I don't see the elitest approach; from my perspective it looks like people with knowledge being exasperated when others want private tutoring and don't RTFM. I'm pretty much the same way in my areas of expertise. >No one can stop Eric from >running the _list_ however he wants, but the _movement_ belongs to all of us, Let me get this straight -- you're claiming property rights to spontaneous behavior of other individuals? > Until we fix the serious problems in this list, it will never be an >appropriate environment for newcomers to learn about crypto-privacy, It's been good for me. Why do you think that might be? ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From Lyle_Seaman at transarc.com Fri Oct 15 07:27:08 1993 From: Lyle_Seaman at transarc.com (Lyle_Seaman at transarc.com) Date: Fri, 15 Oct 93 07:27:08 PDT Subject: Monitor radiation overlooking. In-Reply-To: Message-ID: <4gjf9GqSMUgEIMznwj@transarc.com> Excerpts from internet.cypherpunks: 15-Oct-93 Monitor radiation overlooking. Victor A. Borisov at rd.rel (1286) > Some words about DES - I spoke with one cryptoanalisyst from > KGB and he sow, that for number crypto algotitm c(key, text) > (key is keyLength tall) present f(key, text), that for all > key1 and key2 present key with length keyLength, that > c(key2, c(key1, text))==f(key, text). > He also say, that now present f() for c()=des(), more f() wery > like des(). > That`s why for decrypting of des(k1, des(k2, ... des(kN, text) ... )) > we must try 2^56 keys with spetial function. I had a little trouble with the English, but I think I followed the math. I believe Victor's KGB friend is claiming that DES is a group. Victor, does the following text contradict your claim? >From the Crypto FAQ: Excerpts from netnews.sci.crypt: 4-Oct-93 Cryptography FAQ (05/10: Pr.. crypt-comments at math.ncsu (20767) > The security of multiple encipherment also depends on the > group-theoretic properties of a cipher. Multiple encipherment is an > extension over single encipherment if for keys K1, K2 there does > not exist a third key K3 such that > E_K2(E_K1(X)) == E_(K3)(X) (**) > which indicates that encrypting twice with two independent keys > K1, K2 is equal to a single encryption under the third key K3. If > for every K1, K2 there exists a K3 such that eq. (**) is true then > we say that E is a group. > This question of whether DES is a group under this definition was > extensively studied by Sherman, Kaliski, and Rivest [SHE88]. In their > paper they give strong evidence for the hypothesis that DES is not a > group. In fact DES is not a group [CAM93]. > [CAM93] K. W. Campbell, M. J. Wiener, Proof the DES is Not a Group. In > Proceedings of CRYPTO '92, 1993. > [SHE88] B. Kaliski, R. Rivest, A. Sherman, Is the Data Encryption > Standard a Group. Journal of Cryptology, vol. 1, #1, > 1--36, 1988. From cme at ellisun.sw.stratus.com Fri Oct 15 08:02:08 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 15 Oct 93 08:02:08 PDT Subject: An idea. Message-ID: <9310151501.AA14843@ellisun.sw.stratus.com> >Message-Id: <9310120547.AA26215 at anon.penet.fi> >From: an24519 at anon.penet.fi >Date: Tue, 12 Oct 1993 05:47:52 UTC >Subject: An idea. >I suggest that it might >be a good idea for people to release and sign a short bio on themselves. If all you're worried about is entrapment, you need only ask the person in question if s/he works for any law enforcement or surveillance agency. If they lie, then anything after that is entrapment. I'm not a lawyer but I learned this from my masseuse in SLC UT, where mixed-gender massage is considered a "sex act for hire" and she was constantly subject to entrapment. - Carl From pmetzger at lehman.com Fri Oct 15 08:47:08 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 15 Oct 93 08:47:08 PDT Subject: An idea. In-Reply-To: <9310151501.AA14843@ellisun.sw.stratus.com> Message-ID: <9310151546.AA16910@snark.lehman.com> Carl Ellison says: > If all you're worried about is entrapment, you need only ask the person > in question if s/he works for any law enforcement or surveillance agency. > If they lie, then anything after that is entrapment. Not true. Its a common myth, though. I imagine Duncan Frissell or one of the other lawyers on the list could expand on this. Perry From nobody at alumni.cco.caltech.edu Fri Oct 15 08:57:09 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Fri, 15 Oct 93 08:57:09 PDT Subject: Detecting double-spending (long) Message-ID: <9310151550.AA01682@alumni.cco.caltech.edu> Here is an attempt to describe Chaum's digital cash from his paper, Untraceable Electronic Cash, by Chaum, Fiat, and Naor, from the Crypto 88 proceedings. This cash has the property that the user of the cash can remain anonymous so long as she does not spend it more than once, but if she does double-spend then her identity is revealed. The explanation is kind of complicated, but I'm hoping to improve this description to the point where people can actually understand it, so I'd appreciate feedback. This is how it works in general terms: Alice opens an account with a bank non-anonymously. She shows ID so that the bank knows who she is; both she and the bank know her account number. When she withdraws cash, she goes to the bank or contacts them electronically and presents some proof of who she is and what her account number is, and the bank gives her some digital cash. The digital cash is an information pattern, perhaps stored in a computer file on a smart card or magnetic disk. Later, she spends the digital cash by sending or giving it to Bob, a merchant. Bob can check and verify that the cash must have come from the bank. He accepts the cash if it is valid, giving Alice the merchandise. Later, he sends the cash to the bank to be added to his own account. Note that this much could basically be done with a simple RSA signature. The bank could give Alice a statement saying, "this is worth $1", signed by the bank's public key. Bob could verify that the statement was in fact signed by the bank, and know therefore that no one else than the bank could have created that statement. He accepts it and sends it to the bank, which honors it since it recognizes its own signature. One problem with this trivial money is that double-spending can not be detected or prevented since all the cash looks alike. This can be remedied by having the cash include a unique serial number. Now when Bob goes to accept the cash from Alice, he can call the bank and say, has anyone else deposited serial number 123456? If not, he accepts the cash and deposits it. This is called on-line electronic money; the merchant must check with the bank for each transaction. This improved simple system does not deserve to be called cash, though, because it lacks the distinguishing characteristic of digital cash: it is not anonymous. When the bank sees money with serial number 123456 being deposited, the bank recognizes that this was the same bill that Alice withdrew. The bank can therefore deduce that Alice spent the money at Bob's, and from this kind of information a dossier could be built up with all kinds of privacy-destroying information about her. To allow anonymity, we have to get into the mathematics. What we want is for Alice and the bank collectively to create an RSA signature from the bank that could not be forged, but one which the bank will not recognize as coming from Alice. This is the first thing Chaum's paper discusses. The money in this system is of the form (x, f(x)^(1/3)) mod n, where n is the bank's public modulus. f() (and, below, g()) is a one-way function, one which can be calculated easily but for which it is infeasible to calculate the inverse. It should also be infeasible to come up with two different y,z such that f(y) = f(z). Today there are several suitable choices for one-way functions, the most common being the MD4 and MD5 algorithms from RSA. The reason the expression above would be accepted as cash is two-fold. First, only the bank can calculate anything ^ (1/3) mod n. This is basically the RSA signing operation for the exponent of 3. Nobody else can find cube roots. The reason f(x) is used is this. Suppose we proposed that (x, x^(1/3)) should be the cash, for some random x, reasoning that only the bank could find the cube root of x. Can you see how to forge cash like this? (Take a few moments and try to see how you could construct a pair like this even if you can't take cube roots.) The answer is that it is easy to forge this by first choosing a random y, and exhibiting the pair (y^3, y). Now we have a number and then its cube root. Yet we didn't have to take any cube roots to find it. That's why this kind of money would be no good. Chaum's system avoids this by taking the cube root of a one-way function of x. To forge it without taking a cube root you'd have to produce (finv(y^3), y), which would match the above pattern, but you can't invert the one-way function like that. So only the bank can create money of the proper form. This can be thought of as the formal, mathematical form of my informal "money" above which was a digitally signed note with a serial number. Here, x is the serial number, and it's digitally signed in this special way. Nothing more is needed. The nice thing about this money is that it allows for blinding, a method of having the bank sign the value without knowing what value it is signing. It works like this. Alice chooses x, which will be the x in the cash. She calculates f(x), but instead of sending it to the bank to be signed (raised to the 1/3 power) she first chooses a random number r, and sends f(x)*r^3 to the bank. The bank takes this number to the 1/3 power, getting r * f(x)^(1/3). Remember, though, that the bank doesn't see r or f(x) separately, but just their product. It doesn't know what r or f(x) is. They could each be anything, actually. The bank sends this r * f(x)^(1/3) back to Alice, and she divides it by r, which she knows. This gives her f(x)^(1/3), and she puts that together with x to get her digital cash: (x, f(x)^(1/3)). She has a piece of money which could only have been signed by the bank, yet the bank won't recognize it when it is deposited. Other, non-mathematical, things take place as this withdrawal goes on. Alice must prove her identity to the bank, as mentioned above. And the bank will debit her account by the value of the cash. In this system, we are assuming for simplicity that all cash has the same value. In a real system, different values might be encoded by different exponents than 3. When Alice deposits the money, Bob must call the bank to make sure that it hasn't been deposited before, this being an "on-line" system. Although the bank won't recognize x (it's never heard of it) it will remember all the x's which have been deposited and so can alert Bob if the money has been spent before. Both Bob and the bank can verify the digital signature on the money and so will honor it. All the material above takes up less than one page of Chaum's nine-page paper. For Chaum, this much is trivial. Now we get to the interesting part. Now we will see the scheme that allows double-spenders to lose their anonymity. This will allow for "off-line" electronic cash; Bob will no longer have to check with the bank to see if the money has already been spent. He accepts it from Alice knowing that if she does cheat, the bank will honor the cash and sue Alice to make up the loss. Let's start with the form of the cash itself. It is the product of k/2 numbers, where k is a "security parameter" that affects the chance of a cheater getting away with it. Each number is of the form f(xi,yi)^(1/3), where f is a two-argument one-way function like the f above. (The "xi", "yi", "ai", etc. here are separate values for each i from 0 to k/2.) xi and yi are like this: xi = g(ai, ci), where ai and ci are random, and g is another one-way function. yi is kind of complicated. It is basically g(ai xor , di). di is another random number, and , the key to this whole operation, is identifying information about Alice's account! It is her account number concatenated with a serial number for the cash. Now, why go through all this? Here's why. If you could find out both ai and (ai xor ), for some i, you would know Alice's identity. (Xor'ing them would produce .) When Alice double-spends, both ai and ai xor will be revealed. What happens when Alice spends the coin is this. For each i from 0 to k/2 Bob chooses 0 or 1 at random. If he chooses 1 he gets told ai (and some other stuff). If he chooses 0 he gets told ai xor (and other stuff). The other things he gets told are sufficient to let him confirm that the money is of the proper form. Now, if Bob does this, he'll know a bunch of ai's, and he'll know a bunch of (ai xor )'s, but they are for different i's. He doesn't know both ai and (ai xor ) for any one i. So he can't break Alice's anonymity. When Bob deposits the money at the bank, he passes along the information he got from Alice regarding the ai's and such. Now, suppose Alice cheats. She spends the money again somewhere else, at Charlie's. Charlie goes through the same procedure as Bob, choosing 0 or 1 at random for each value of i. Here is the catch. Since he is choosing at random, it would be very unlikely that he will choose exactly the same 0's and 1's that Bob chose. (Here is where the size of k matters - making it bigger makes it less likely that Charlie and Bob will choose the same pattern of 0's and 1's. But it makes the calculations take longer.) That means for one or more values of i, Charlie will probably choose a 0 where Bob chose a 1, or vice versa. Because of this, if Bob got ai for that i, Charlie will get ai xor . Or if Bob got ai xor , Charlie will get ai. Either way, when Charlie sends his record of this information to the bank, the bank will put Bob's and Charlie's information together and get both ai and ai xor . Xor'ing these together reveals , and Alice is caught! This is the main idea. All the other things, the ci's and di's and such, are there so that Bob can confirm that the money is of the proper form. For each value of i Alice has to give him enough information to calculate xi and yi. If Bob chooses a 1, she gives him ai, ci, and yi. Given ai and ci Bob can calculate xi (=g(ai,ci)), and with this and yi he can calculate f(xi,yi). If Bob chooses a 0, she gives him (ai xor ), as described before, and also di and xi. Given (ai xor ) and di, Bob calculates yi (=g(ai xor , di)), and with this and xi he can calculate f(xi,yi). So for each i, whether Bob gives a 0 or a 1 he gets enough information to calculate f(xi,yi). He multiplies these all together and confirms that they are equal to Alice's original "money" value when it is taken to the 3rd power (recall the money was product of f(xi,yi)^(1/3) for all i). Only the bank could have produced a signature on this one-way function f whose arguments take this special form. One more complication exists. (Well, actually, an almost infinite number of complications exist if you look hard enough. But we'll just focus on one more.) Alice needs to get this special form of money from the bank in such a way that the bank won't recognize it. That means she has to blind it. But in this case the bank wants to be sure that the money is of the proper form when it signs it; in particular, it wants to make darned sure that Alice's which is buried deep in all of those f's of g's is actually the right one for her. But since the bank can't see what it is signing, this is hard to do. Chaum uses cut-and-choose for this. He has Alice prepare all these f's and g's according to the form above, carefully embedding her own incriminating in each one. Then she multiplies each f(xi,yi) by a blinding factor ri^3 just like in the first cash. These are what she sends to the bank to be signed. The trick, though, is that she sends twice as many as will be used. She sends k of them, but only k/2 will be used. (That's why the loop above used k/2 as the limit.) The bank chooses k/2 at random out of the k she sent as the ones which will actually be used. Alice then has to send the blinding ri values for the ones which the bank didn't pick. The idea is that if Alice tries to cheat, embedding "Bozo" instead of "Alice" in that field, she's taking a chance. First, to be useful, she's going to have to embed it in a lot of fields for different values of i. When Bob and Charlie compare notes after she double-spends, every value of i for which they chose different 0's and 1's, which will be on the average half of them, will reveal an field. If she only fakes a few, chances are her real identity will still be revealed. But if she falsifies a great many of them, then when the bank chooses half, chances are at least some of the fake ones will be in the set the bank didn't choose. Then when Alice has to reveal her blinding r's, the jig will be up. The bank will un-blind all those f(xi,yi)'s which aren't being used, and see the fake fields. This cut-and-choose methodology has the disadvantage that Alice has to do twice as much work in preparing the money, half of which will just be thrown away. But it is a simple, "brute force" way to make sure that blinding signatures are actually being done on properly-formed data. So, there you have it. Anonymity as long as you don't cheat, and double-spenders get caught. It's a little complicated but that's what computers are for; Bob and Alice wouldn't do all this stuff by hand. Alice would push the "generate a money candidate" button and get something to be sent to the bank (lots of the new PDA's have infrared wireless communications that would be perfect for face-to-face transactions). Bob would push the "check money" button when Alice spent it and it would flash red or green. As long as the calculations don't actually take too much time, which they really wouldn't in this case despite this long-winded explanation, the people involved can ignore the details. Hal Finney hfinney at shell.portal.com From mbl at ml7694a.leonard.american.edu Fri Oct 15 09:17:08 1993 From: mbl at ml7694a.leonard.american.edu (Matthew B. Landry) Date: Fri, 15 Oct 93 09:17:08 PDT Subject: PROOF POSITIVE OF POISON Message-ID: <9310151613.AA01987@toad.com> "Proof Positive"? I didn't see any proof of anything except the fact that "S. Boxx" has enough time on his hands to repost messages that the list members have already read. Did anyone see any proof of anything (or even any hint of what he was getting at)? Please let me know if I'm missing something here. -- mbl at ml7694a.leonard.american.edu Speak for the University? HAHAHAHA! That's the craziest idea I've ever heard! From pmetzger at lehman.com Fri Oct 15 10:02:08 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 15 Oct 93 10:02:08 PDT Subject: PROOF POSITIVE OF POISON In-Reply-To: <9310151613.AA01987@toad.com> Message-ID: <9310151701.AA16987@snark.lehman.com> Matthew B. Landry says: > "Proof Positive"? I didn't see any proof of anything except the fact > that "S. Boxx" has enough time on his hands to repost messages that the list > members have already read. Did anyone see any proof of anything Yes. I saw proof that S. Boxx's posts are an annoying waste of time. I suggest ignoring them, though -- whats the point in wasting MORE time discussing them, given that he's unlikely to stop posting them no matter what we do. > (or even any hint of what he was getting at)? I think he thinks there is some sort of elitist conspiracy going on here where the people that know how to add and multiply are looking down on the people who don't. > Please let me know if I'm missing something here. Less than you imagine. Perry From an41418 at anon.penet.fi Fri Oct 15 10:17:09 1993 From: an41418 at anon.penet.fi (wonderer) Date: Fri, 15 Oct 93 10:17:09 PDT Subject: Detecting double-spending (long) Message-ID: <9310151710.AA01173@anon.penet.fi> Very good summary!! It's much clearer now! So, can I take it that if Alice or anyone else can figure out how the bank randomly picks half of the k values sent in, that Alice or anyone else can now get free money by using bozo instead of her real identity in the right k/2 messages? Also, how does the bank calculate cube roots? Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From pdn at dwroll.dw.att.com Fri Oct 15 10:27:09 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Fri, 15 Oct 93 10:27:09 PDT Subject: Casio kid diary- Executive Toy? Message-ID: <9310151725.AA02877@toad.com> Hello, all! The post about the Casio kids' diary with password protection started me thinking... has anyone tried to incorporate encryption into one of those executive-toy memo-minders (Sharp 'Wizard', for example) or a PDA (EO, Apple Newton, etc) for the business-suit crowd? That group is at least as susceptible to market pressure and the 'I-want-the-newest-toy-NOW!' mindset as the kids. It would indeed be ironic to hear two suits exchanging PGP public keys as part of their corporate business-card-swap ritual. Obviously, you can run PGP off a laptop's disk drive in the conventional manner. What I've got in mind is more like the PCMCIA (or EIEIO, whatever that acronym is) cards that let you add functionality to your processor by plugging hardware modules in. It seems to me that a PGP port to this platform, with an E-Mail interface and some sort of user interface (apologies to Zimmermann) might very well sell like hotcakes and go a long way toward the goal of educating the public about encryption. Executives with room-temperature IQs can't be bothered to load software, but plugging in a cartridge and following the bouncing ball would be easy. Maintaining physical security of the card is easier than wagging the whole box around, too- PC repairs could be done without compromising PGP, etc. Issues abound; any interest? ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From marc at GZA.COM Fri Oct 15 10:37:09 1993 From: marc at GZA.COM (Marc Horowitz) Date: Fri, 15 Oct 93 10:37:09 PDT Subject: Detecting double-spending (long) In-Reply-To: <9310151550.AA01682@alumni.cco.caltech.edu> Message-ID: <9310151736.AA13259@dun-dun-noodles.aktis.com> Great description! One question, which struck me when I heard Chaum present this material at IETF Amsterdam: >> Now, suppose Alice cheats. She spends the money again somewhere else, >> at Charlie's. Charlie goes through the same procedure as Bob, choosing >> 0 or 1 at random for each value of i. Here is the catch. Since he is >> choosing at random, it would be very unlikely that he will choose >> exactly the same 0's and 1's that Bob chose. (Here is where the size of >> k matters - making it bigger makes it less likely that Charlie and Bob >> will choose the same pattern of 0's and 1's. But it makes the >> calculations take longer.) That means for one or more values of i, >> Charlie will probably choose a 0 where Bob chose a 1, or vice versa. What if Alice, Bob, and Charlie are all colluding, and Bob and Charlie present the same 1's and 0's to Alice? The bank would know the same bill was spent twice once it got it, but wouldn't be able to determine that Alice was the spender. Bob and Charlie could both claim "What a cooincidence!" and say they wanted their money. I suppose the bank could just write the scenario down, and hand the money to Bob and Charlie (who give their cut to Alice, in anonymous digicash, of course). If it happens again, the bank says "yeah, right" and invokes the clause in their contract which allows the bank to terminate its relationship with Bob and Charlie. Assuming the digicash economy is strong enough that people won't cut off the relationship with the bank so easily, most people won't try this. But it will cause the bank to want to put an upper limit on transaction size. Marc From trestrab at GVSU.EDU Fri Oct 15 10:52:09 1993 From: trestrab at GVSU.EDU (BETH TRESTRAIL) Date: Fri, 15 Oct 93 10:52:09 PDT Subject: Novell Leads Assault on Clipper Encryption Standard Message-ID: <9309157507.AA750718171@GVSU.EDU> (taken from Nov '93 Computer Shopper, page 109) The Clinton administration's effort to establish a new encryption standard for the coming data superhighway has drawn a firestorm of criticism - with Novell the lead flamethrower. Joined by AT&T, Computer Associates, Citicorp, Hughes Aircraft, Motorola, and other major corporations, Novell argues that Clipper - intended to protect both government and private-sector data communications - was designed from the start as an easy nut to crack. Specifically, these companies suspect that Clipper's creators (the National Security Agency and the National Institute of Standards and Technology) made the encryption system child's play for government agencies to decrypt. True or not, Novell and its allies are adamently opposed to Clipper's adoption by corporate America. [3 paragraphs concerning Novell's NetWare ellided] What is clear, though, is that Clipper will be hardpressed to succeed in the private sector with such influential opponents. If this article truly represents opposition to Clipper, and not just jockeying for position to be included on the "inside", then Clipper is in far bigger trouble than the Cypherpunks can make for it: MONEY TALKS. Jeff From jim at chiba.Tadpole.COM Fri Oct 15 11:32:30 1993 From: jim at chiba.Tadpole.COM (Jim Thompson) Date: Fri, 15 Oct 93 11:32:30 PDT Subject: Casio kid diary- Executive Toy? Message-ID: <9310151828.AA03222@chiba.tadpole.com> Along the same lines, I'm fairly sure that the NSA had a RFQ out for much the same kind of thing. (Key management on PCMCIA memory cards.) Jim From jim at Tadpole.COM Fri Oct 15 11:40:10 1993 From: jim at Tadpole.COM (Jim Thompson) Date: Fri, 15 Oct 93 11:40:10 PDT Subject: NAFTA event Message-ID: <9310151835.AA03297@chiba.tadpole.com> Appologia to those of you who've seen this already. Carl invites you to send email. I'd suggest some verbage about export controls for crypto. Jim From: carl at town.hall.org Subject: White House NAFTA Event Org: Internet Multicasting Service Channel: Internet Town Hall On Wednesday, October 20, the White House is showcasing the benefits of the North Amercian Free Trade Agreement (NAFTA) to American workers and the American economy. President Clinton and Vice President Gore will highlight American-made products which are currently sold in Mexico. The range of products, and the number of American workers who make them is enormous and the White House would like to present to the American public the benefits of increased trade with our neighbors. The White House has invited over 200 companies and their employees to bring their products to the West Lawn of the White House. Sun Microsystems is one of the companies invited and they would like to use this opportunity to highlight the computer industry in general as a crucial technology for our global economy and in particular to highlight the significant role the Internet will play in fostering trade in the global marketplace. Sun Microsystems, in conjunction with several other companies, will put two Sparcstations on the lawn of the White House. Using a Persoft Intersect Remote Bridge wireless 2 Mbps spread-spectrum radio link, we will link the LAN on the White House lawn to our facilities in the National Press Building. That network will in turn use the MFS Datanet national fiber backbone to link us at 10 Mbps to Alternet, our IP service provider. The workstations on the White House lawn will feature a variety of Internet applications such as NCSA Mosaic for X, Gopher, and other applications that highlight the scope and diversity of the global Internet computer network. Here is how you can participate! Send your electronic mail to: nafta at town.hall.org The mail will be collected and will be available on the screen as well as being printed out on a laser printer. Tell the President, the Vice President, members of the Cabinet, members of the Congress, and the national media what you think about NAFTA. Help demonstrate to this important audience that the Internet is an important forum for the discussion of public affairs. If you feel the need to flame pro or con on this subject, feel free to cc: nafta at town.hall.org in your discussions to the list. For general information on the Internet Multicasting Service, send mail to info at town.hall.org. From peb at PROCASE.COM Fri Oct 15 12:32:09 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Fri, 15 Oct 93 12:32:09 PDT Subject: ARTICLE: IRS learning how Message-ID: <9310151931.AA02360@banff.procase.com> >He was taking 80K to the Bahamas or Caymans [...] Well, obviously he should have taken tip from Ollie North and paid a courier to fly back and forth with $9500 at a time. No laws against that. Paul E. Baclace peb at procase.com From nobody at alumni.cco.caltech.edu Fri Oct 15 12:52:31 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Fri, 15 Oct 93 12:52:31 PDT Subject: Detecting double-spending Message-ID: <9310151948.AA06508@alumni.cco.caltech.edu> Wonderer asks about Alice guessing the bank's random choices of the blinded f()'s that she creates. Certainly this would let her cheat. The bank would probably use a quantum-based hardware random number generator (as a seed, at least) to make this impossible. To take cube roots, the bank must find a d such that d*3 = 1 mod (p-1)(q-1), where p and q are the secret primes in its RSA system. Finding such a d is a simple application of Euclid's algorithm. It has the property that (m^d)^3 = (m^3)^d = m. In other words, taking a number to the power of d produces its cube root. This is the basic mathematics behind the RSA public-key cryptosystem. Marc Horowitz asks about collusion between Bob and Charlier to pick the same 1's and 0's. It is true that this would defeat the scheme. However, the chances of this happening randomly are so low that the bank would know that at least one of them was cheating, although it would not know which. Chaum discusses this threat in his paper. He suggests that each merchant in the system would have a unique ID number. The 1's and 0's that the merchant uses in the payment protocol would be partially random choices as I described and partially based on the unique ID. Since all ID's are different this would guarantee that any two merchants would use different patterns of 1's and 0's even if they were cheating. Hal Finney hfinney at shell.portal.com From pmetzger at lehman.com Fri Oct 15 13:07:09 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 15 Oct 93 13:07:09 PDT Subject: ARTICLE: IRS learning how In-Reply-To: <9310151931.AA02360@banff.procase.com> Message-ID: <9310152003.AA17210@snark.lehman.com> Paul Baclace says: > > >He was taking 80K to the Bahamas or Caymans [...] > > Well, obviously he should have taken tip from Ollie North and paid a > courier to fly back and forth with $9500 at a time. No laws against > that. No laws against taking 80k in cash out, either. You just have to fill out the right forms. The problem is that taking that much out tends to indicate that you have signature authority over a foreign bank account which you neglected to mention on your 1040 form last year. Perry From cme at ellisun.sw.stratus.com Fri Oct 15 13:12:09 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 15 Oct 93 13:12:09 PDT Subject: new magazine: Computer Telephony Message-ID: <9310152010.AA15328@ellisun.sw.stratus.com> I just saw Vol 1 No.1 in the corporate library. Subtitle: The Magazine For Computer And Telephone Integration Subscription info: 215-355-2886 - Carl From peb at PROCASE.COM Fri Oct 15 13:27:09 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Fri, 15 Oct 93 13:27:09 PDT Subject: ARTICLE: IRS learning how Message-ID: <9310152026.AA02401@banff.procase.com> > You just have to fill out the right forms. Yes, of course, that's what I meant. There are no laws against skirting the paperwork if you are under the limit. Or, as you note, the "IRS 1040 list of foreign bank accounts" is another matter completely. Paul From bgomes at netcom.com Fri Oct 15 13:57:09 1993 From: bgomes at netcom.com (Bill Gomes) Date: Fri, 15 Oct 93 13:57:09 PDT Subject: Monitor radiation overlooking. Message-ID: <9310152054.AA12419@netcom.netcom.com> Victor A. Borisov (blaster at rd.relcom.msk.su) writes: > Some words about DES - I spoke with one cryptoanalisyst from > KGB and he sow, that for number crypto algotitm c(key, text) > (key is keyLength tall) present f(key, text), that for all > key1 and key2 present key with length keyLength, that > c(key2, c(key1, text))==f(key, text). > He also say, that now present f() for c()=des(), more f() wery > like des(). > That`s why for decrypting of des(k1, des(k2, ... des(kN, text) ... )) > we must try 2^56 keys with spetial function. And Lyle_Seaman at transarc.com replies: > I had a little trouble with the English, but I think I followed the > math. I believe Victor's KGB friend is claiming that DES is a group. > Victor, does the following text contradict your claim? > > (Excerpt from sci.crypt faq deleted) I think that Victor's friend proposes a second function, f(), which is not the same as DES. He is saying that for every set of three keys used for triple-DES (k2,k3,k4), there is a key (k1) such that: f(k1,text) = DES(k2,DES(k3, DES(k4,text))) It seems to me this is different than saying DES is a group, since f != DES. Am I mistaken? From 72114.1712 at CompuServe.COM Fri Oct 15 14:00:13 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Fri, 15 Oct 93 14:00:13 PDT Subject: IRS LEARNING . . . Message-ID: <931015205509_72114.1712_FHF121-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Paul Baclace wrote: Well, obviously he should have taken tip from Ollie North and paid a courier to fly back and forth with $9500 at a time. No laws against that. Well, yes and no. As Perry pointed out, there is no limit to how much you can take out if you report it. The trouble is, though it is legal to take out less than $10,000 without reporting it, you can't perform a series of such transactions in order to ultimately move out an amount greater than $10k. They call it *structuring*, and it 'taint legal. Of course, structuring may be difficult to detect, so as a practical matter, you might get away with it. (If, however, you are found with $9500 in cash, they still might seize it under our wonderful new "fruits of drug dealing" laws.) But in any event, there are better ways to accomplish the same result. My favorite *fun* solution would be to buy $80,000 in travellers cheques and then *burn* them. I leave the rest of the transaction as an exercise for the student. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cme at ellisun.sw.stratus.com Fri Oct 15 14:27:10 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 15 Oct 93 14:27:10 PDT Subject: Generating random numbers Message-ID: <9310152123.AA15536@ellisun.sw.stratus.com> >Date: Thu, 14 Oct 93 17:46:32 MDT >From: "Mike Johnson" >Message-Id: <9309147506.AA750645992 at smtplink.exabyte.com> >Subject: Generating random numbers > >If you have an audio input to your computer, try recording noise from a fan, >traffic on a busy street, or the roar of a crowd at a football game. Then >compress the output to remove any obvious redundancies such as 60 Hz hum from >a fan motor or unused dynamic range of the input digitizer. This results in >much better "randomness" than some keystroke timing techniques. True. You get even better entropy if you turn off the mic (or unplug it) and run the sampled audio output into compress -- assuming your mic is like mine and lets a bit of electronic noise sneak through every byte or two. The fan noise sounds random to us but it's relatively simple, in Fourier space. The same applies to fluorescent light noise. Although it's simple, it can defeat compress - so you end up with low entropy per byte. - Carl From an41418 at anon.penet.fi Fri Oct 15 15:17:10 1993 From: an41418 at anon.penet.fi (wonderer) Date: Fri, 15 Oct 93 15:17:10 PDT Subject: Detecting double-spending (long) Message-ID: <9310152216.AA18612@anon.penet.fi> So, this method relies on trusting the bank? After all, Alice must include her identity in the messages, so that double spending can be detected later. When the bank verifies that it says 'Alice' and not 'Bozo', then it could keep track of her coins. Is this true? Is there a way of ever having an ananymous cash system where the bank does not have to be trusted at all? What I mean is, where the bank could not possible know the identities of its customers under any circumstances where no violation takes place? Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From remail at tamsun.tamu.edu Fri Oct 15 16:17:11 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Fri, 15 Oct 93 16:17:11 PDT Subject: NSA already has a key distribution card for us to use Message-ID: <9310152316.AA22865@tamsun.tamu.edu> > Along the same lines, I'm fairly sure that the NSA had a RFQ out for > much the same kind of thing. (Key management on PCMCIA memory cards.) The card already exists. It is called the TESERA (sp?) card. Guess what, it uses the Capstone chip (clipper + key exchange). I have also heard a rumour that there is a proposal to use a similar version of Capstone for the Administrations Health ID card. Clipper, coming to a health care provider near you... From nobody at alumni.cco.caltech.edu Fri Oct 15 19:30:13 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Fri, 15 Oct 93 19:30:13 PDT Subject: Detecting double-spending (long) Message-ID: <9310160224.AA12745@alumni.cco.caltech.edu> (Actually, it _is_ from the person in the "from" address above. The Portal system, from which I usually post, seems to have lost the ability to send mail to toad.com.) Wonderer asks: > So, this method relies on trusting the bank? After all, > Alice must include her identity in the messages, so that > double spending can be detected later. When the bank > verifies that it says 'Alice' and not 'Bozo', then it > could keep track of her coins. This method does not depend on trusting the bank not to reveal Alice's identity. That's why this is called "cash". As long as she does not double-spend, her identity is kept secret. I'm not sure whether you are asking about the part of the protocol where Alice withdraws her cash from the bank, or the later part where she spends the money and the merchant sends it to the bank. When she withdraws the money, she blinds the f(xi,yi) candidates by multiplying them by ri. For half of those, she has to reveal the ri, but that half IS NOT USED in the rest of the protocol. The ones which are used are blinded and so the bank never sees her in those. When she spends the money and reveals the values to the merchant, Alice only includes her in the form (ai xor ), where ai is a random value that nobody knows unless she double-spends. The ai "blinds" the so that (ai xor ) does not reveal . Only if she double-spends is both ai and (ai xor ) revealed for some i, and only then is her exposed. Hal hfinney at shell.portal.com From 72114.1712 at CompuServe.COM Fri Oct 15 19:37:12 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Fri, 15 Oct 93 19:37:12 PDT Subject: IRS LEARNING . . . Message-ID: <931016022542_72114.1712_FHF82-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Paul Baclace wrote: Well, obviously he should have taken tip from Ollie North and paid a courier to fly back and forth with $9500 at a time. No laws against that. Well, yes and no. As Perry pointed out, there is no limit to how much you can take out if you report it. The trouble is, though it is legal to take out less than $10,000 without reporting it, you can't perform a series of such transactions in order to ultimately move out an amount greater than $10k. They call it *structuring*, and it 'taint legal. Of course, structuring may be difficult to detect, so as a practical matter, you might get away with it. (If, however, you are found with $9500 in cash, they still might seize it under our wonderful new "fruits of drug dealing" laws.) But in any event, there are better ways to accomplish the same result. My favorite *fun* solution would be to buy $80,000 in travellers cheques and then *burn* them. I leave the rest of the transaction as an exercise for the student. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From karn at qualcomm.com Fri Oct 15 20:40:13 1993 From: karn at qualcomm.com (Phil Karn) Date: Fri, 15 Oct 93 20:40:13 PDT Subject: IRS LEARNING . . . In-Reply-To: <931016022542_72114.1712_FHF82-1@CompuServe.COM> Message-ID: <9310160338.AA06519@servo> >there are better ways to accomplish the same result. My favorite >*fun* solution would be to buy $80,000 in travellers cheques and >then *burn* them. I leave the rest of the transaction as an >exercise for the student. Well, yes, I suppose you could then leave the country, find an Amex office and file a claim for the missing $80,000 of travelers checks, but wouldn't this generate precisely the kind of paper trail you're trying to avoid? Anyway, back to cryptography, I do suspect that the government will eventually point to digital cash as justification for controlling all of cryptography. Or they will refuse to back it up in court as legal tender, thus helping undermine it. I know there's this concept called "reputation" that's supposed to take the place of the government enforcing contracts, but I have a hard time understanding just how it will work for very large transactions between individuals (like buying a house or even a used car). Phil From cme at ellisun.sw.stratus.com Sat Oct 16 08:57:18 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Sat, 16 Oct 93 08:57:18 PDT Subject: Triple-DES strength (was Re: Monitor radiation overlooking.) Message-ID: <9310161549.AA16807@ellisun.sw.stratus.com> You wrote: >Some words about DES - I spoke with one cryptoanalisyst from >KGB and he sow, that for number crypto algotitm c(key, text) >(key is keyLength tall) present f(key, text), that for all >key1 and key2 present key with length keyLength, that >c(key2, c(key1, text))==f(key, text). > >He also say, that now present f() for c()=des(), more f() wery >like des(). > >That`s why for decrypting of des(k1, des(k2, ... des(kN, text) ... )) >we must try 2^56 keys with spetial function. I suspect that you will get several comments about the proof that DES isn't a group. That doesn't apply here since you have not claimed that f() is DES -- only that it's DES-like. I would expect the strength of triple-DES to show up in Diff.Cryp. attacks, but maybe not. Meanwhile, I stick to my sci.crypt suggestion: compress|des|tran|des|tran|des If you could get more details from your KGB friend about that attack, there are one or two people here who would be very interested. :-) - Carl From VACCINIA at UNCVX1.OIT.UNC.EDU Sat Oct 16 09:17:18 1993 From: VACCINIA at UNCVX1.OIT.UNC.EDU (VACCINIA at UNCVX1.OIT.UNC.EDU) Date: Sat, 16 Oct 93 09:17:18 PDT Subject: Glitches in PGP messages Message-ID: <01H46GXJ4Y2600175C@UNCVX1.OIT.UNC.EDU> To all who responded to my question about some truncation of lines in PGP messages, my thanks. It did indeed turn out to be a CR/LF problem. The problem being that there were none in the entire message! I looked at the messages I had been getting in my text editor and found the text to be one long line. I surmise that this has something to do with why PGP then truncates at line 16 of the ciphertext every time, interesting. My friend uses a program called POPMAIL to post with, which I now advise people to avoid. It seems to be hard to hack with a Mac. Thanks to y'all again. Scott G. Morham !The First, vaccinia at uncvx1.oit.unc.edu! Second ! and Third Levels ! of Information Storage and Retrieval !DNA, ! Biological Neural Nets, ! Cyberspace From mg5n+ at andrew.cmu.edu Sat Oct 16 09:30:16 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sat, 16 Oct 93 09:30:16 PDT Subject: IRS LEARNING . . . In-Reply-To: <9310160338.AA06519@servo> Message-ID: <8gk23ji00awHMvCUd3@andrew.cmu.edu> Phil Karn > Anyway, back to cryptography, I do suspect that the government > will eventually point to digital cash as justification for > controlling all of cryptography. Or they will refuse to back it up > in court as legal tender, thus helping undermine it. Well, credit cards aren't really legal tender either - nobody is required to accept them. People accept them because of convienience, but the government doesn't recoginze it as legal tender (Try telling the IRS you want them to charge it to your MasterCard hahaha...) Digital cash would probably be the same. The government probably wouldn't take it, but that wouldn't stop everyone else from using it. Hmm... if they decalred it not legal tender, does that mean you could take $10,000 in digicash out of the country and not be required to report it? hehehehe... or maybe you could just spend your digicash out of a foreign bank account. (Bank of Oceania? hmm...) From 72114.1712 at CompuServe.COM Sat Oct 16 10:40:17 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sat, 16 Oct 93 10:40:17 PDT Subject: IRS LEARNING . . . Message-ID: <931016173528_72114.1712_FHF53-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, I wrote: My favorite *fun* solution would be to buy $80,000 in travellers cheques and then *burn* them. To which Phil Karn responded: Well, yes, I suppose you could then leave the country, find an **Amex** office and file a claim for the missing $80,000 of travelers checks, but wouldn't this generate precisely the kind of paper trail you're trying to avoid? . . . I do suspect that **the** government will eventually point to digital cash as justification for controlling all of cryptography. [**emphasis** added.] Folks, you have to stop thinking so parochially. The world is full of travelers check companies. Most of them protect their clients' privacy. Moreover, there is no *the government*. At any given time, their are 100-200 competing nation-states and other semi-autonomous political entities. Phil went on to say: Or they will refuse to back it [digital cash] up in court as legal tender, thus helping undermine it. I know there's this concept called "reputation" that's supposed to take the place of the government enforcing contracts, but I have a hard time understanding just how it will work for very large transactions between individuals (like buying a house or even a used car). Think a minute here. What legal tender laws back up the very travelers checks we have been discussing? What government says merchants must accept your Amex/Bank of American/Citibank/Thomas Cook/etc. travelers checks? As for "very large transactions," I again leave that as an exercise for the student. (Hint: How might an escrow be used?) I apologize to Phil for using him as an example of the provincial nature of the Cypherpunks list. At least, he is working with the concepts. The Cypherpunks list, though nominally international, is dominated by Americans. Unfortunately, we Yanks bring our own peculiar form of ethnocentrism to the list. (I also apologize to non-US list members for belaboring the obvious.) Punksters, we live in a transnational world. We work and play on the transnational Internet. Our computers and our cryptography transcend the evil empires. Transnationalize yourself; and swim like a fish through the sea of the nation-states. With apologies to Mao, S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From dwwillia at cyclops.iucf.indiana.edu Sat Oct 16 11:42:18 1993 From: dwwillia at cyclops.iucf.indiana.edu (David Williams) Date: Sat, 16 Oct 93 11:42:18 PDT Subject: IRS LEARNING . . . In-Reply-To: <931016173528_72114.1712_FHF53-1@CompuServe.COM> Message-ID: > Punksters, we live in a transnational world. We work and play on > the transnational Internet. Our computers and our cryptography > transcend the evil empires. Transnationalize yourself; and swim > like a fish through the sea of the nation-states. > > With apologies to Mao, > > S a n d y > I have found myself writing things with nearly the same revolutionary bent to congresional e-mail addresses. Reading what Sandy has written, it finally struck me that the world we are envisioning and fighting to can very easily be cast as a communist/socialist movement. On the other-hand, you can also envision an anarchist future much like Gibson's novells where everyone is a free agent and thus out for his own good: capitalism. Lets have a discussion as to what political organization we ultimately want to bring about. If this has already been done, then please send me references. I hope a world to come with an omnipresent network and widespread public key encryption. National governments remain, but in a much diminished roll. A global government comes into being. Represenative democracy is augumented with the option of direct representation. Everyone has a professional represenative who is authorized and required to cast their vote on issues which are appropriate for his domain. At anytime, a voter can exercise his own right to vote directly, thus reducing my represenative's voting power by one. There are represenatives at levels which might be consistent with the current scheme: city, county, state, national, and global. I believe that the inertia of the massess will give represenatives in the larger domains the leway they require to impliment necessary but less than popular policies. Perhaps it should be implimented so that the larger the domain, the larger the percentage required to change a policy in that domain. From ao27+ at andrew.cmu.edu Sat Oct 16 11:52:18 1993 From: ao27+ at andrew.cmu.edu (Anthony D Ortenzi) Date: Sat, 16 Oct 93 11:52:18 PDT Subject: IRS LEARNING . . . In-Reply-To: <9310160338.AA06519@servo> Message-ID: >Anyway, back to cryptography, I do suspect that the government will >eventually point to digital cash as justification for controlling all >of cryptography. Or they will refuse to back it up in court as legal >tender, thus helping undermine it. I know there's this concept called >"reputation" that's supposed to take the place of the government >enforcing contracts, but I have a hard time understanding just how it >will work for very large transactions between individuals (like buying >a house or even a used car). > >Phil Think of ATM's... we use them and assume that our money is safe... people are comparing credit cards to digital cash... the main difference is that the credit-card companies guarantee payment, and it's NOT OUR MONEY... also.. we get receipts for ATM transactions, would we get encrypted receipts by e-mail that contained transaction info in a verifiable format? Would it be possible for a third party to somehow carbon-copy all of your receipts to them? It's mind-boggling, the need for security as the computer age rules our lives... Anthony Ortenzi ao27+ at andrew.cmu.edu From mg5n+ at andrew.cmu.edu Sat Oct 16 12:37:18 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sat, 16 Oct 93 12:37:18 PDT Subject: crypto technique Message-ID: I was recently doing a calculation involving polynomials when I noticed the following: The function: 1 2 1 y = ( - x + - x + C ) mod P 2 2 where C is any integar constant, and P is any integral exponent of 2, given any positive integer less than P as input in x, will produce a unique positive integer output in the same range, [0,P). Hence we have an encryption technique which works well for binary data. Decrypting this is a bit trickier. It is possible to find the inverse equation for this, (without the modulus) which is: x = SQR(2(y-c) + 1/4) - 1/2 (SQR=Square root) Finding the square root of the modulus is the tricky part, but it is possible, since for every number it is possible to add some multiple of P and find a rational square root (There is a fairly systematic way to do this; I don't want to bore you with the math right now, I'll go into it later if anyone wants. Just trust me for now; it's possible to do without too much computation.) Now, there are some ways to beat this if you were encrypting one byte at a time, such as looking for recurring spaces in ASCII text, but if you were to group 8 bytes together and set p=2^64, it would be fairly difficult to crack. Anyway, in case you're getting bored, here comes the fun part: What happens when we double-encrypt with this technique? Well, obviously you need to use both keys (both values of C) in order to unencrypt it. For encrypting tho, we have a nested function of x: 1 1 2 1 2 1 1 2 1 y = - ( - x + - x + C ) + - ( - x + - x + C ) + D 2 2 2 2 2 2 where D is a second constant. This multiplies out to a fourth degree polynomial which can not be easily factored to find it's orininal components. Adding a third layer of encryption creates an eighth degree polynomial which is hopelessly beyond factoring in any reasonable amount of time. Hence, it is impossible to determine the decryption key if one has the encryption key. Therefore, the multiplied polynomial can be distributed as a public key, and the inverse functions needed to decrypt are kept secret (private key). Has this ever been tried before? Has it been broken? I don't see any way to break this, but I could be overlooking something. If this works it seems like it might be simpler to generate keys for than RSA. I wrote out an example of this on paper here, picking some values for C, and got: 4 3 2 y = .125x + .25x + 63.875x + 63.75x + 8159 and I was able to find values of x for values of y. Go ahead, post a number, I can decode it (can you?). Oh, don't forget to say what P is. :) P.S. In case you're wondering where that function came from, and why it always produces integars, it's a representation of the series 1+2+3+4+5... From chrome at jhunix.hcf.jhu.edu Sat Oct 16 15:07:18 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 16 Oct 93 15:07:18 PDT Subject: William Gibson In-Reply-To: Message-ID: > On the other-hand, you can also envision an anarchist future much like > Gibson's novells where everyone is a free agent and thus out for his > own good: capitalism. It is only through theory that an pseudoanarchist capitalist State can exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's futuristic view is not anarchy, it is multi-national oligarchy to an extreme. If you have read all his novels (I assume you have) you'll notice that he mentions how the economy, and the resulting power from that pure free-market economy, is of a corporate nature, and that power lies not in the members of the board, but of the zaibatsus in themselves; that they behave as organic beings. His vision is far from anarchy, and his version of free-market libertarian economics should never be confused with the apolitical (antibehavior-control) aspects of anarchy. [also, I think that he isn't trying to make political or economic statements with his books, but that those details enhance the effect of his stories (just my opinion)] All this talk about one particular form of digicash has me wondering: why not multiple forms of digicurrency? This would decentralize any kind of power electronic banks would have through monetary strength, and ensure that those banks do not add themselves to the system as inconspicuous political parties (anarchy is the end, and reducing, not creating, political power is the means, right?). From klbarrus at owlnet.rice.edu Sat Oct 16 16:12:19 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sat, 16 Oct 93 16:12:19 PDT Subject: crypto technique In-Reply-To: Message-ID: <9310162310.AA16785@flammulated.owlnet.rice.edu> Matthew J Ghio wrote: > > 1 1 2 1 2 1 1 2 1 >y = - ( - x + - x + C ) + - ( - x + - x + C ) + D > 2 2 2 2 2 2 > > 4 3 2 >y = .125x + .25x + 63.875x + 63.75x + 8159 > By expanding the equation above (the top one), I got this: y = 1/8*x^4 + 1/4*x^3 + (3/8 + c/2)*x^2 + (1/4 + c/2)*x + (1/2*c + 1/2*c^2 + d) and by matching powers, got the following equations: c/2 + 3/8 = 63.875 1/2*c^2 + 1/2*c + d = 8159 These equations are easily solved for c = 127, d = 31. From there, I can compute the required inverse equations, and so on. I'm not too sure about the security of this method; it seems it boils down to solving simultaneous equations, which yield the constant terms. And you even know how many nested equations there are from the power of the leading term. But, as a test, post a harder one (maybe four or more nestings) and see if I can get it! -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From rjc at gnu.ai.mit.edu Sat Oct 16 16:17:19 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 16 Oct 93 16:17:19 PDT Subject: William Gibson In-Reply-To: Message-ID: <9310162315.AA04893@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > > > > On the other-hand, you can also envision an anarchist future much like > > Gibson's novells where everyone is a free agent and thus out for his > > own good: capitalism. > > It is only through theory that an pseudoanarchist capitalist State can > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's > futuristic view is not anarchy, it is multi-national oligarchy to an extreme. The very same thing could be said about anarchosocialism. Without the fictional non-selfinterested man and the postulate of non-scarcity it couldn't possibly work. (taking 3. anarchy - "absolute and complete freedom") I have never seen someone argue economic theory by quoting _fiction_ books. Gibson (and Sterling) are as clueless on economic issues as they are on computers (e.g. Gibson's plan to improve schools by forcing telephone companies to give teachers "free" long distance) The only way the super corporations in Gibson's world could exist is through government help (e.g. Japan's restrictions on trade, distribution, and banking) The barriers to entry in many markets are historically low, there's no way a natural monopoly could exist, for instance, in software, unless software patents (e.g. GOVERNMENT) prevent you from developing. Stop reading fiction for your education and pick up David Friedman's _The Machinery of Freedom_. Anarchy is the non-existence of rulers, not the non-existence of rules. -Ray, capitalist exploiter extraordinaire -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From chrome at jhunix.hcf.jhu.edu Sat Oct 16 17:32:19 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 16 Oct 93 17:32:19 PDT Subject: William Gibson In-Reply-To: <9310162315.AA04893@geech.gnu.ai.mit.edu> Message-ID: On Sat, 16 Oct 1993, Ray wrote: > > > On the other-hand, you can also envision an anarchist future much like > > > Gibson's novells where everyone is a free agent and thus out for his > > > own good: capitalism. > > > > It is only through theory that an pseudoanarchist capitalist State can > > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's > > futuristic view is not anarchy, it is multi-national oligarchy to an extreme. > > The very same thing could be said about anarchosocialism. Without the > fictional non-selfinterested man and the postulate of non-scarcity it couldn't > possibly work. (taking 3. anarchy - "absolute and complete freedom") Freedom is a tricky word. Is freedom from governoeconomic restrictions "absolute and complete freedom?" Skinner (the behaviorologist) would say no, because the money which isn't under the government's control is under some businessman's control. Ayn Rand would say that non-scarcity isn't an issue, i.e. when the sun dies, mankind will have found a substitute, etc. You can't throw around terms like anarchy and anarchosocialism, etc. Anarchy means no rules, no rulers, period. Rulers use many tools, yes, including money, to coerce behavior out of people and enforce rules upon them. This includes the grand scheme of net-cash people are throwing around. > > I have never seen someone argue economic theory by quoting _fiction_ > books. Gibson (and Sterling) are as clueless on economic issues as they > are on computers (e.g. Gibson's plan to improve schools by forcing telephone > companies to give teachers "free" long distance) > Some authors (including Rand) use fiction as a means to present their individual political and economical theories. Aldous Huxley did so in his _Brave New World_. Using numerous Rand works I could argue a pseudoanarchist "free-"market state. Like I said before, I feel Gibson is not intending to argue any economic theories but to add depth to his storytelling. > The only way the super corporations in Gibson's world could exist is > through government help (e.g. Japan's restrictions on trade, distribution, > and banking) In this country, the same argument is wrong. There are anti-trust laws which prevent American zaibatsus to form. Some theorize that this is the reason Japan has grown so fast. > The barriers to entry in many markets are historically > low, ???? Go to Japan and try to start a business there! > developing. Stop reading fiction for your education and pick up > David Friedman's _The Machinery of Freedom_. I'll take that as a friendly jibe. > > Anarchy is the non-existence of rulers, not the non-existence of rules. > It's both. Do some fiction and non-fiction reading. Alex Reynolds From rjc at gnu.ai.mit.edu Sat Oct 16 18:42:19 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 16 Oct 93 18:42:19 PDT Subject: William Gibson In-Reply-To: Message-ID: <9310170141.AA05687@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > > On Sat, 16 Oct 1993, Ray wrote: > > > > On the other-hand, you can also envision an anarchist future much like > > > > Gibson's novells where everyone is a free agent and thus out for his > > > > own good: capitalism. > > > > > > It is only through theory that an pseudoanarchist capitalist State can > > > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's > > > futuristic view is not anarchy, it is multi-national oligarchy to an extreme. > > > > The very same thing could be said about anarchosocialism. Without the > > fictional non-selfinterested man and the postulate of non-scarcity it couldn't > > possibly work. (taking 3. anarchy - "absolute and complete freedom") > > Freedom is a tricky word. Is freedom from governoeconomic restrictions > "absolute and complete freedom?" Skinner (the behaviorologist) would say > no, because the money which isn't under the government's control is under > some businessman's control. Ayn Rand would say that non-scarcity isn't an > issue, i.e. when the sun dies, mankind will have found a substitute, etc. Absolute and complete freedom means "freedom from ALL restrictions" If you collectively own property, you are under the restriction of the majority's will to control that property. Non-scarcity _is_ an issue. If there is scarcity, there will be competition for the limited resources -- whether it is individuals, businesses, or nations. We see this all throughout nature and all throughout history and there isn't anything to indicate that you can just ignore it. Your brand of anarchism won't work without massive reprogramming of the populace's meme structures. Since you're so keen on "proof by fiction", take a look at Demolition Man, or perhaps Star Trek where everything is free and replicated. > You can't throw around terms like anarchy and anarchosocialism, etc. Actually I can, I have a dictionary. > Anarchy means no rules, no rulers, period. Rulers use many tools, Well if that is what it means than anarchy is physically impossible. You can't avoid the laws of physics. To survive, you must eat, to eat, you must work, or someone must work for you. If you are forced to work, you are being ruled, if someone else is, you are ruling them. No doubt someone will bring up automation or nanotechnology, but they work because they significantly lower scarcity, hence the non-scarcity requirement. > yes, including money, to coerce behavior out of people and enforce rules > upon them. This includes the grand scheme of net-cash people are throwing > around. If net-cash is a tool used by rules, then we are the rulers, and we are ruling ourselves. I don't subscribe to these absurd socialist buzzwords though. Money was invented for specific reasons which benefit everyone -- both rulers and the ruled. If you don't understand that, you don't understand how economics works. > > > > I have never seen someone argue economic theory by quoting _fiction_ > > books. Gibson (and Sterling) are as clueless on economic issues as they > > are on computers (e.g. Gibson's plan to improve schools by forcing telephone > > companies to give teachers "free" long distance) > > > > Some authors (including Rand) use fiction as a means to present their > individual political and economical theories. Aldous Huxley did so in his > _Brave New World_. Using numerous Rand works I could argue a pseudoanarchist > "free-"market state. Like I said before, I feel Gibson is not intending > to argue any economic theories but to add depth to his storytelling. Rand did not present an economic theory, she presented a philosophy. You can present a theory through fiction, but you can not prove or disprove it through a story book world, hence I take object to your ridiculous assertion: > It is only through theory that an pseudoanarchist capitalist State can > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's Here you imply Atlas Shrugged proves that an anarchocapitalist state can only exist in theory. Whoops, back to logic 101. > > > The only way the super corporations in Gibson's world could exist is > > through government help (e.g. Japan's restrictions on trade, distribution, > > and banking) > > In this country, the same argument is wrong. There are anti-trust > laws which prevent American zaibatsus to form. Some theorize that this is > the reason Japan has grown so fast. Actually, Japan has grown so fast because it came from so little. Look at the growth rates of South American economies, many averaging 10+% annual growth. Once you reach the level of complexity and bureaucracy of a typical western economy, you start to slow down. (e.g. marginal returns) It's easy to get 100% economic growth if your GNP is smaller than McDonalds and you are just switching to a capitalist industrial system. Anyway, My argument was that zaibatsus are metastable and will break up without government restrictions in the market. Your argument is that I am wrong because America has anti-trust laws?? Again, your argument is circular and makes no sense. America's antitrust laws do more harm than good. > > The barriers to entry in many markets are historically > > low, > > ???? Go to Japan and try to start a business there! Because they have an anti-capitalist INTERVENTIONIST system, this is an argument against GOVERNMENT, not free markets. > > developing. Stop reading fiction for your education and pick up > > David Friedman's _The Machinery of Freedom_. > > I'll take that as a friendly jibe. I intended for you to read it so you could learn something. > > > > Anarchy is the non-existence of rulers, not the non-existence of rules. > > > > It's both. Do some fiction and non-fiction reading. Fine, may I suggest you pick up a dictionary? Anarchy: 1. the condition of a society without a government 2. an ideal society having no government and made up of individuals who enjoy complete freedom. Taken directly from Webster's. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From tcmay at netcom.com Sat Oct 16 18:57:19 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 16 Oct 93 18:57:19 PDT Subject: crypto technique In-Reply-To: Message-ID: <9310170152.AA00409@netcom5.netcom.com> Matthew, >From what I can tell from your description, you (may) have created a "one-way function." Nest enough terms and you indeed have a function that is difficult to invert. Cellular automata do the same thing...crunch for several generations, and the inverse is very hard to find. (BTW, Steven Wolfram was once touting cellular automata as an ideal encryption scheme. Indeed, running a linear CA on a string can scramble it quite a bit. The problem is that inverses cannot be easily found, and if they can, so can the opponent. Also, someone later showed that CAs are essentially equivalent to linear feedback shift register (LFSR) schemes, which have been analyzed and are not P-K systems. I'm not saying your scheme is the same, though.) But what you need for crypto is a _trapdoor_ one-way function, one for which a very fast (but secret, of course) inverse does exist. In RSA, the knowledge of the originally chosen primes p and q allows the "owner" of the public and private keys to quickly decrypt a message. Anyone who does not know the p and q values cannot compute the inverse in the ring (p -1)(q - 1), and so must try to factor n to find p and q. In your scheme, a message may be easily turned into a jumble (as with a cellular automata, an LFSR, etc.), but how will it be unjumbled easily? If you can compute the inverse, so can anyone else. The RSA scheme allows the owner to compute an inverse in a very clever way, using number theory. I don't see how your systems allows this. I could be missing something basic about your idea. (And, in any case, I really like that you are trying to come up with new schemes.) -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From anonymous at phoenix.Princeton.EDU Sat Oct 16 19:30:18 1993 From: anonymous at phoenix.Princeton.EDU (anonymousmous) Date: Sat, 16 Oct 93 19:30:18 PDT Subject: Passwords (fwd) Message-ID: <9310170043.AA25680@Princeton.EDU> > >Unsolved problems (left as an exercise to the reader): > >(1) Securely changing Soandso's password in the presence of eavesdroppers. > (very hard without a pubic-key crypto system) >(2) Managing the plaintext password on the client system (which is required > here) so that it isn't compromised. (rather easy) > > Jon Why not just have them use PGP? Pass out public keys. To get in, sign a random string, different every time. From chrome at jhunix.hcf.jhu.edu Sat Oct 16 19:31:53 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 16 Oct 93 19:31:53 PDT Subject: William Gibson In-Reply-To: <9310170141.AA05687@geech.gnu.ai.mit.edu> Message-ID: > > > > > On the other-hand, you can also envision an anarchist future much like > > > > > Gibson's novells where everyone is a free agent and thus out for his > > > > > own good: capitalism. > > > > > > > > It is only through theory that an pseudoanarchist capitalist State can > > > > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's > > > > futuristic view is not anarchy, it is multi-national oligarchy to an extreme. > > > > > > The very same thing could be said about anarchosocialism. Without the > > > fictional non-selfinterested man and the postulate of non-scarcity it couldn't > > > possibly work. (taking 3. anarchy - "absolute and complete freedom") > > > > Freedom is a tricky word. Is freedom from governoeconomic restrictions > > "absolute and complete freedom?" Skinner (the behaviorologist) would say > > no, because the money which isn't under the government's control is under > > some businessman's control. Ayn Rand would say that non-scarcity isn't an > > issue, i.e. when the sun dies, mankind will have found a substitute, etc. > > Absolute and complete freedom means "freedom from ALL restrictions" If > you collectively own property, you are under the restriction of the majority's > will to control that property. That assumes that the majority has a will. > > Non-scarcity _is_ an issue. If there is scarcity, there will be competition > for the limited resources -- whether it is individuals, businesses, or > nations. We see this all throughout nature and all throughout history and > there isn't anything to indicate that you can just ignore it. Your brand > of anarchism won't work without massive reprogramming of the populace's > meme structures. You're also assuming that I am pushing Ayn Rand's pseudoanarchist theories on you. Quit it, I never made any statement defending her stance. > Since you're so keen on "proof by fiction", take a look > at Demolition Man, or perhaps Star Trek where everything is free and > replicated. I am not "keen on proof by fiction." You are putting words in my mouth just so you can have a moral high ground upon which to stand! Again, quit it! I'll make myself clear, OK? Some fiction writers present ideas and theories and philosophies, all of which are compatible metaphors in my mind. So if a writer takes 1000 pages to present her view of utopia, and defends it with logic and clear-cut style, then she obviously has more on her mind than a few opinions which she likes to spew. Proof itself is circumspect; I could use statistics on almost anything to run circles around you no matter where you might stand. I never said you could prove with fiction, but I did say that you could theorize using fiction. Ayn Rand did. She said that people working for their own good will prosper and that "resources be damned!" etc. etc. > > You can't throw around terms like anarchy and anarchosocialism, etc. > > Actually I can, I have a dictionary. Yes, with only a dictionary and obviously a closed mind you can define and isolate anything the world! > > > Anarchy means no rules, no rulers, period. Rulers use many tools, > > Well if that is what it means than anarchy is physically impossible. You can't > avoid the laws of physics. To survive, you must eat, to eat, you must work, > or someone must work for you. I never said anarchy was easy. If you want to starve, then that is your choice; that is anarchy: nobody forcing you to behave as THEY want you to by THEIR rules. > If you are forced to work, you are being > ruled, if someone else is, you are ruling them. That is what a "free-"market economy does! It removes government rule over people and replaces it with business/oligarchial rule. > No doubt someone will bring up automation or nanotechnology, but they work because they significantly lower scarcity, hence the non-scarcity requirement. > > > yes, including money, to coerce behavior out of people and enforce rules > > upon them. This includes the grand scheme of net-cash people are throwing > > around. > > If net-cash is a tool used by rules, then we are the rulers, and we are > ruling ourselves. I don't subscribe to these absurd socialist buzzwords > though. Money was invented for specific reasons which benefit everyone -- > both rulers and the ruled. If you don't understand that, you don't understand > how economics works. I have read a good deal on the nature of money; its history and its use. Money is a tool to perpetuate the power of its possessor. Its use doesn't neccessarily benefit the "ruled," but it certainly benefits the ruler, otherwise it would not have been created. Don't tell me that money is a means to quantify value of product, and that it has no power effects, because a Monetarist would show you why it does. > > > > > > I have never seen someone argue economic theory by quoting _fiction_ > > > books. Gibson (and Sterling) are as clueless on economic issues as they > > > are on computers (e.g. Gibson's plan to improve schools by forcing telephone > > > companies to give teachers "free" long distance) > > > > > > > Some authors (including Rand) use fiction as a means to present their > > individual political and economical theories. Aldous Huxley did so in his > > _Brave New World_. Using numerous Rand works I could argue a pseudoanarchist > > "free-"market state. Like I said before, I feel Gibson is not intending > > to argue any economic theories but to add depth to his storytelling. > > Rand did not present an economic theory, she presented a philosophy. You didn't read the book. > You can present a theory through fiction, but you can not prove or disprove > it through a story book world, hence I take object to your ridiculous > assertion: > > > It is only through theory that an pseudoanarchist capitalist State can > > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's > > Here you imply Atlas Shrugged proves that an anarchocapitalist > state can only exist in theory. Whoops, back to logic 101. > Again you do not understand what anarchy is! Read Skinner's Beyond Freedom or Dignity! That is a non-fiction book with an incredibly scientific view, so you should have no moral qualms at least reading it! > > > > > The only way the super corporations in Gibson's world could exist is > > > through government help (e.g. Japan's restrictions on trade, distribution, > > > and banking) > > > > In this country, the same argument is wrong. There are anti-trust > > laws which prevent American zaibatsus to form. Some theorize that this is > > the reason Japan has grown so fast. > > Actually, Japan has grown so fast because it came from so little. Look > at the growth rates of South American economies, many averaging 10+% > annual growth. Once you reach the level of complexity and bureaucracy of > a typical western economy, you start to slow down. (e.g. marginal returns) > It's easy to get 100% economic growth if your GNP is smaller than > McDonalds and you are just switching to a capitalist industrial system. > I said : "SOME THEORIZE." I did not say that I feel this way! Stop attacking me for total bullshit! > Anyway, My argument was that zaibatsus are metastable and will break up > without government restrictions in the market. Your argument is that I am wrong > because America has anti-trust laws?? Again, your argument is circular and > makes no sense. America's antitrust laws do more harm than good. Ok, how is it a circular argument? You feel that monopolies cannot exist without government intervention, yet at the same time America cannot have monopolies with government intervention. Your argument is contradictory. > > > > The barriers to entry in many markets are historically > > > low, > > > > ???? Go to Japan and try to start a business there! > > Because they have an anti-capitalist INTERVENTIONIST system, this is an > argument against GOVERNMENT, not free markets. > > > > developing. Stop reading fiction for your education and pick up > > > David Friedman's _The Machinery of Freedom_. > > > > I'll take that as a friendly jibe. > > I intended for you to read it so you could learn something. Obviously we BOTH have some things to learn. > > > > > > > Anarchy is the non-existence of rulers, not the non-existence of rules. > > > > > > > It's both. Do some fiction and non-fiction reading. > > Fine, may I suggest you pick up a dictionary? Fine, may I suggest you read something other than a dictionary? > > Anarchy: 1. the condition of a society without a government 2. an ideal > society having no government and made up of individuals who enjoy > complete freedom. Freedom from others monetary sytems? Freedom from each others guns? > > Taken directly from Webster's. Well, you can read alright, but can you _understand_? > > -- Ray Cromwell | Engineering is the implementation of science; -- > -- EE/Math Student | politics is the implementation of faith. -- > -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- Science IS faith, as much as religion is, but on a much more inconspicuous level. From F_GRIFFITH at CCSVAX.SFASU.EDU Sat Oct 16 19:57:19 1993 From: F_GRIFFITH at CCSVAX.SFASU.EDU (F_GRIFFITH at CCSVAX.SFASU.EDU) Date: Sat, 16 Oct 93 19:57:19 PDT Subject: digital cash/legal tender Message-ID: <931016215711.22e16048@CCSVAX.SFASU.EDU> Legal tender is a quality given by government to certain forms of money such that a creditor who refuses to accept that money in payment of a debt loses certain rights (e.g. to collect further interest. In our system, federal reserve notes are legal tender,your personal check is not. It is acceptability, not government edict wich makes something money. (Note the development of NOW accounts, e.g.). Credit cards are not money. When you use a credit card, you are promising to pay in the future. The merchant sells this promise to the credit card issuer. In order for electronic money to be true cash, it must be able to circulate from Alice to Bob to Carl to Dave without the need to contact the issuing bank. Otherwise, it is merely an electronic check, perhaps anonymous. If Bob must deposit or validate the money first in order to make sure Alice doesn't double spend it, then it is no different from Alice having $200 in her checking account and writing a $150 check to Bob and a $150 check to Carl. The first one who gets it to her bank collects, the other one has it bounced back. From nobody at alumni.cco.caltech.edu Sat Oct 16 20:47:45 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Sat, 16 Oct 93 20:47:45 PDT Subject: digital cash/legal tender Message-ID: <9310170343.AA00165@alumni.cco.caltech.edu> F. Griffith argues that a digital cash system in which the cash must be exchanged at the bank between transactions is really just an electronic checking system. It is true that this is an inconvenient attribute of some digital cash systems, but there is still an important difference between these systems and digital checking. The cash exchanges are anonymous. Bob, the merchant, does not know who is sending him (or handing him) the digital cash. With a checking system, OTOH, you know who is giving you the check, because they sign their name to it. There have been some cash proposals which don't require this bank exchange at each step. Barry Hayes had one which was analogous to a check which was endorsed over from one person to the next at each transaction. Alice would write the check to Bob, who would endorse it over to Charlie, who would endorse it over to Delores, and so on. This doesn't sound very anonymous, but Hayes was going to let people use pseudonyms rather than their real names. He used a variation on Chaum's double-spending detec- tion that I posted that long message about to catch people who cheated. This system was described in the AusCrypt proceedings. It's important to be aware of the difference between digital cash and other forms of digital money. Cash protects privacy; most other proposals would impair it. Our goal here, insofar as we can still be said to have one, is to protect privacy. As far as the acceptability of digital cash, there are two issues that I see. One is whether the cash is legal, and the other is whether it would be accepted. My opinion is that if digital cash is or could be made legal, it would be accepted. As others have argued, we have many examples (travelers checks, credit cards) where people accept money substitutes without government backing. As for its legality, I posted some research results on this earlier this year. Until the 1860's, private banks created and circulated their own banknotes. Around the time of the civil war, a 10% tax was created on these notes by the federal government to drive them out of circulation, which it did. This tax is still on the books, but I'm not familiar with its details. The other way banks can issue cash is by holding certain kinds of gold-backed federal certificates, but these certificates don't exist any more. So at this point my conclusion was that it would not be legal for a bank to issue its own cash other than by paying the 10% tax, which was considered prohibitive. Hal Finney hfinney at shell.portal.com From swc at uc1.ucsu.edu Sat Oct 16 22:00:18 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sat, 16 Oct 93 22:00:18 PDT Subject: "reputation" Message-ID: <9310161354.AA06162@uc1.ucsu.edu> Reputation is not the only thing available to depend upon when using digital cash. Escrow accounts coupled with Shamir sharing can push the difficulty of cheating way beyond where it is profitable. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From mdiehl at triton.unm.edu Sat Oct 16 22:20:18 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Sat, 16 Oct 93 22:20:18 PDT Subject: William Gibson In-Reply-To: Message-ID: <9310170517.AA19826@triton.unm.edu> According to Alexander Reynolds: > > > On the other-hand, you can also envision an anarchist future much like > > Gibson's novells where everyone is a free agent and thus out for his > > own good: capitalism. I agree. I was relieved to read a sci-fi which wasn't socialistic. > It is only through theory that an pseudoanarchist capitalist State can > exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's > futuristic view is not anarchy, it is multi-national oligarchy to an extreme. I have to differ here. These mutli-national (all-powerfull?) corporations were held powerless by those with the technology to do so. This is the essence of why I have developed strong computer skills; technology is power. Power to protect yourself from many threats. > His vision is far from anarchy, and his > version of free-market libertarian economics should never be confused with the > apolitical (antibehavior-control) aspects of anarchy. [also, I think that he > isn't trying to make political or economic statements with his books, but > that those details enhance the effect of his stories (just my opinion)] Well, I don't think mankind will ever shed all forms of behavioral control. Man has an inherent set of norms which I doubt he will shed, and remain civilized. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. PGP Key = 7C06F1 = A6 27 E1 1D 5F B2 F2 F1 12 E7 53 2D 85 A2 10 5D From rjc at gnu.ai.mit.edu Sat Oct 16 22:57:19 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 16 Oct 93 22:57:19 PDT Subject: William Gibson In-Reply-To: Message-ID: <9310170552.AA07373@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > > Absolute and complete freedom means "freedom from ALL restrictions" If > > you collectively own property, you are under the restriction of the majority's > > will to control that property. > > That assumes that the majority has a will. Sooner or later there is going to be a conflict. If you can do anything you desire with your body and the surrounding matter/energy, that is equivalent to absolute property rights. If a sufficiently large group of people come along and restrict your activity, you don't have absolute and complete freedom, QED. > I never said anarchy was easy. If you want to starve, then that is your > choice; that is anarchy: nobody forcing you to behave as THEY want you to > by THEIR rules. And if you disagree with the way the majority of your "collective"/commune is using the collective property? Love it or leave it? What happens if a capitalist is magically transported to this society and he wishes to start a business. No one is going to force him to not behave like an entrepreneur? > > If you are forced to work, you are being > > ruled, if someone else is, you are ruling them. > > That is what a "free-"market economy does! It removes government rule > over people and replaces it with business/oligarchial rule. And anarchosocialism removes it from business and places it among the group. Either way, a group of people has some control over your life. By your definition of anarchism, it is an oxymoron. > > Rand did not present an economic theory, she presented a philosophy. > > You didn't read the book. Objectivism is a _philosophy_, not an economic theory. Objectivists tend to be pro-laissez-faire simply because it follows naturally from individualism. That's why the objectivism usenet group is called alt.philosophy.objectivism, not sci.econ.objectivism. If Atlas Shrugged presented an economic theory, could you please define the model rigorously? (If you have taken atleast Econ 101 you will know what I mean by "model") >> You can present a theory through fiction, but you can not prove or disprove >> it through a story book world, hence I take objection to your ridiculous >> assertion: >>> It is only through theory that an pseudoanarchist capitalist State can >>> exist, read Ayn Rand's _Atlas Shrugged_ and you'll see my point. Gibson's >> >> Here you imply Atlas Shrugged proves that an anarchocapitalist >> state can only exist in theory. Whoops, back to logic 101. >> > > Again you do not understand what anarchy is! Read Skinner's Beyond Freedom or You still didn't answer my criticism. In the quote above you state "It is only through theory that a pseudoanarchist capitalist state can exist" and as proof of this bald assertion, you state "read Atlas Shrugged" The implication you made was, by reading a book of fiction book you can disprove a economic theory. Care to explain that? There are two ways to disprove a theory: 1) show that it isn't self-consistent 2) apply the theory and produce a counter example from reality. You haven't shown (1), and since Atlas Shrugged isn't reality and never has been, (2) doesn't work either. This is my last message on the subject. You should think about what cypher technology can do and compare that to your philosophy. A functioning BlackNet(tm) won't produce a non-market non-laissez-faire system. If anything it will promote buying and selling of data, dossiers, stolen designs, property, etc. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From ld231782 at longs.lance.colostate.edu Sun Oct 17 01:30:19 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 17 Oct 93 01:30:19 PDT Subject: solving polynomials modulo P Message-ID: <9310170829.AA25652@longs.lance.colostate.edu> Matthew J Ghio suggested an encryption scheme based on polynomials mod P. I haven't looked at this too thoroughly yet, but a quick read seemed to suggest that it relies on the intractability of solving polynomial equations mod P. If so, realize that this is a very tractable problem with efficient (polynomial time) algorithms given by e.g. Knuth. If anyone wants more info I'll post the reference. It's in his sections on computer arithmetic. The algorithm was discovered by a researcher at Bell Labs as I recall; the name escapes me. From ad620 at freenet.buffalo.edu Sun Oct 17 13:56:53 1993 From: ad620 at freenet.buffalo.edu (Nick Janiga) Date: Sun, 17 Oct 93 13:56:53 PDT Subject: Big Brother stickers.. Message-ID: <9310171945.AA11571@freenet.buffalo.edu> I recently had a problem with my internet mailbox and I lost some important posts to the list..ALso, bedcause of lack of time I have had to drop the net..but I read a post a short while back about somebody had a bunch of stickers made up of that gif that says Big Brother INside Would you email me with the price of the stickers..I'm interested in buying some... Thankyou Nick From nobody at alumni.cco.caltech.edu Sun Oct 17 13:56:54 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Sun, 17 Oct 93 13:56:54 PDT Subject: RISKS of using email for dcash Message-ID: <9310171815.AA06166@alumni.cco.caltech.edu> -----BEGIN PGP SIGNED MESSAGE----- [It is with some trepidation that I try, for the third time, to send this to the list. Ever since I tried the first time my email to the list has silently failed. This is pretty strange, given the topic of the mail!] If we have digital cash, we may want to send it through the mail. Sending regular cash through regular mail is not safe, as we all know. The cash could get lost or stolen. With digital cash, stealing can be made less of a problem; it can be encrypted with the public key of the person who wants to receive it. But loss is still a problem. Email is not perfectly reliable. All too often we experience mail bounces, errors, or mysterious disappearances. Given the heterogenous nature of the net and the many systems through which mail must often pass, this is not too surprising. People have to learn to adapt to the vagaries and inconsistencies involved and take special care when they are sending something important. (I've been trying for the last three days to send a particular message (part 7 of a 13-part archive) from my school account to my work account. So far I've sent it three times. I'm hoping it will come through today.) With digital cash, this problem will come to the fore. Many people never send anything too important through email, but once they start sending cash, they will care if it disappears. Losing money gets people's attention. The solution, generally, is to keep a copy of whatever important mail you send, so that you can re-send it if it doesn't appear. Then, if and when you get confirmation that the mail has arrived, you can delete the copy. It will complicate any implementation of digital cash if it has to be aware of and concerned with this problem. The protocols involved with a secure cash system can be complicated enough on their own without having also to deal with an unreliable transport system. My suggestion is that this problem should be solved at the level of the email system. There should be a protocol for reliable email. Software to implement reliable email would save copies of outgoing mail, automatically send receipts when mail arrives, re-send mail which does not arrive after a certain period of time, handle duplicate mail arrivals, and so on. It would present to the user a model of an email system which is reliable as far as message delivery. All the issues of dealing with an unreliable network would be hidden by the reliable email system. This would be analogous to how network protocols implement reliable stream connections on top of unreliable datagram packet connections. Imagine how difficult it would be to write network software if all we had to work with were unreliable packets. The stream abstraction makes it far easier to use the network. It lets programmers concentrate on the protocols specific to their application. Reliable email would have advantages beyond digital cash, of course. As we move to a world where more commercial data travels on the network the impact of lost email will increase. I'm sure we can all think of applications which would benefit from a truly reliable mail model. I recognize that implementing reliable email would not be easy given the vast range of mail agents which exist on the net. I think the first step would be to specify a protocol for receipt and re-transmission so that "reliable-aware" mail agents would have the tools needed to implement the reliable transmission. Then it would be a matter of time and user pressure to get this support built into more mail agents. The real point of my suggestion is that implementors of digital cash should not worry about message transmission. I was trying to work out a dcash system some time back and this became a big headache - when to safely delete a digital "banknote" which had been sent to a vendor. My feeling now is that the digital cash system should ignore this problem, encouraging users to put pressure on their email servers to provide them with reliable mail. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMFPPKgTA69YIUw3AQEWoQQAg5v20Y4yZkd2GAF0hZgcRAHG30sJcAXS zDhc7qNesbkR2o7ym7f84Z2zxHE/q6UOf50mWLJn5/dU79HLmwvwtlzq8RfCSy1A UsYtaAk23Nh+pMjUTxUYrCVt3IgvlcbC+qP/+hOyIixgANgv96bKZXRWnUmovpof vtGYytp0qv4= =3RLN -----END PGP SIGNATURE----- From mg5n+ at andrew.cmu.edu Sun Oct 17 13:56:55 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sun, 17 Oct 93 13:56:55 PDT Subject: crypto technique In-Reply-To: <9310170152.AA00409@netcom5.netcom.com> Message-ID: Timothy C. May wrote: > But what you need for crypto is a _trapdoor_ one-way function, one for > which a very fast (but secret, of course) inverse does exist. In RSA, > the knowledge of the originally chosen primes p and q allows the > "owner" of the public and private keys to quickly decrypt a message. Ah... but I do have exactly such a "trapdoor". Consider the output produced by y = 0.5x^2 + 0.5x: (p=2^3) y mod 8 x y in binary - -- --------- 0 0 000 1 1 001 2 3 011 3 6 110 4 10 010 5 15 111 6 21 101 7 28 100 Note that the last digit of the binary number repeats every four numbers. From only the last number, I know that x mod 4 must be only one of two values. By looking at the second to last binary digit of y, I can narrow my list further, by deducing that x mod 8 could only be one of two values. I can then test those two values and determine x. For example: Suppose I am given the value 1101 and p=16. I first try x=0. That gives me zero, so that must be wrong. I try x=1, and I get a 1 for the last digit. That macthes what I have. So next I try x=1 and x=2. x=1 goves me 01, so that's right. Next I try x=1 and x=6. (6 because 2^3-1=7, 7-x=6) x=1 gives me 001, that's not it. 6 gives me 101, which is what I'm looking for. Finally I try 6 and 9. (because 2^4-1=15 and 15-6=9) 6 gives me 0101, which isn't it, so I try 9, which gives me 1101. So the answer is x=9. (and in fact, .5(9)^2 + .5(9) = .5(81) + .5(9) = 45, which in binary is 101101; mod 16 = 1101 , which is what we started with.) So the inverse does exist and can be solved with relativly few calculations. I suppose this is what L. Detweiler was referring to, am I correct? Now, the public key part of the system: Previously, I posted the following sample polynomial: 4 3 2 y = .125x + .25x + 63.875x + 63.75x + 8159 Karl Lui Barrus quickly pointed out how easily he could solve it. (I really only intended it as an example, so I didn't try to make it too difficult.) But since we now have the values, I'll go ahead and use this example again to show how to actually solve it, and point out ways it could not be solved. Since we have C=127, D=31, we can solve for any x, given y and p. I didn't give a value for p earlier, so let's use p=256 (one byte encryption. Of course this could be brute-force attacked, but let's keep the math simple for this demonstration.) Suppose we have y=61. To solve for x, we first subtract D, conevert to binary and solve with the above method. To save space, I won't go into the calculation here, but go ahead and try it yourself if you want. You should come up with 172. This can be checked easily: (172^2)/2 + 172/2 + 31 = 29584/2 + 172/2 + 31 = 14792 + 86 + 31 = 14909 Taking 14909 mod 256, we get 61, so it checks out. Next we do the same step again, starting with y=172. I fairly quickly solved this to get x=9. Nine is, in fact, what was put in originally. This can be shown by: 4 3 2 y = (.125x + .25x + 63.875x + 63.75x + 8159) mod 256 4 3 2 y = (.125(9) + .25(9) + 63.875(9) + 63.75(9) + 8159) mod 256 y = (.125(6561) + .25(729) + 63.875(81) + 63.75(9) + 8159) mod 256 y = (820.125 + 182.25 + 5173.875 + 573.75 + 8159) mod 256 y = 14909 mod 256 y = 61 Note that none of the preceeding could have been done without knowing the values of C and D. So if Karl Barrus can find C and D using his clever factoring technique, does that defeat the system? Actually, Karl's trick is easy to avoid. Since the entire polynomial is mod 256, we can mod each term by 256. Which gives: 4 3 2 y = (.125x + .25x + 63.875x + 63.75x + 223) mod 256 which still produces the same values for y, but the factoring technique fails. One other question which could be asked is, does the technique for calculating roots of moduli work for the entire polynomial? A view of a sample of numbers reveals that it does not: x y binary y - --- -------- 0 223 11011111 1 95 01011111 2 98 01100010 3 238 11101110 4 12 00001100 5 200 11001000 6 49 00110001 7 89 01011001 which reveals no repeating patterns in the last digits (or any digits). In summary, I see no method which would yeild the original input without knowing the values added to the nested polynomials (the private key), and there is no way to determine the private key if the modulus is applied to the resulting function. P.S. I could beat the RSA system too, if the modulus was left out. :) From klbarrus at owlnet.rice.edu Sun Oct 17 14:00:44 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sun, 17 Oct 93 14:00:44 PDT Subject: Crypto Technique Message-ID: <9310171914.AA03297@arcadien.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- I think that the proposed one-way function is too easy to invert. To decrypt a message requires producing the inverses for each function, which in turn requires knowing the constants (c1, c2, ...). But these constants can be easily obtained from expanding the general form of the equation and setting coefficients equal to one another. The resulting equations are in an easy to solve form (I think it's called upper triagonal form in linear algebra (?)). As it turns out, only a fraction of the simultaneous equations generated are needed to solve for the constants. For instance, at the end of this message is the polynomial obtained from the following nested equations: a = 1/2 x^2 + 1/2 x + c1 b = 1/2 a^2 + 1/2 a + c2 c = 1/2 b^2 + 1/2 b + c3 d = 1/2 c^2 + 1/2 c + c4 d is then the resulting 16th degree polynomial at the end of this message. [By the way, I used Mathematica to do this - the Expand[] function.] The reason the resulting simultaneous equations can be solved so easily is they are in a form convenient for back-substitution: The coefficient for x^14 is (9/8192 + c1/2048) x^12 is (139/16384 + c1 7/512 + 7/2048 c1^2 + c2/1024) etc. The first equation immediately yields c1; this in the next yields c2, etc. So the various constants can be obtained with no trouble. Here is the polynomial d: c1/8 + (7*c1^2)/32 + (7*c1^3)/32 + (25*c1^4)/128 + c1^5/8 + (5*c1^6)/64 + c1^7/32 + c1^8/128 + c2/4 + (3*c1*c2)/8 + (9*c1^2*c2)/16 + (7*c1^3*c2)/16 + (3*c1^4*c2)/8 + (3*c1^5*c2)/16 + (c1^6*c2)/16 + (3*c2^2)/8 + (3*c1*c2^2)/8 + (9*c1^2*c2^2)/16 + (3*c1^3*c2^2)/8 + (3*c1^4*c2^2)/16 + c2^3/4 + (c1*c2^3)/4 + (c1^2*c2^3)/4 + c2^4/8 + c3/2 + (c1*c3)/4 + (3*c1^2*c3)/8 + (c1^3*c3)/4 + (c1^4*c3)/8 + (c2*c3)/2 + (c1*c2*c3)/2 + (c1^2*c2*c3)/2 + (c2^2*c3)/2 + c3^2/2 + c4 + x/16 + (7*c1*x)/32 + (21*c1^2*x)/64 + (25*c1^3*x)/64 + (5*c1^4*x)/16 + (15*c1^5*x)/64 + (7*c1^6*x)/64 + (c1^7*x)/32 + (3*c2*x)/16 + (9*c1*c2*x)/16 + (21*c1^2*c2*x)/32 + (3*c1^3*c2*x)/4 + (15*c1^4*c2*x)/32 + (3*c1^5*c2*x)/16 + (3*c2^2*x)/16 + (9*c1*c2^2*x)/16 + (9*c1^2*c2^2*x)/16 + (3*c1^3*c2^2*x)/8 + (c2^3*x)/8 + (c1*c2^3*x)/4 + (c3*x)/8 + (3*c1*c3*x)/8 + (3*c1^2*c3*x)/8 + (c1^3*c3*x)/4 + (c2*c3*x)/4 + (c1*c2*c3*x)/2 + (15*x^2)/128 + (49*c1*x^2)/128 + (159*c1^2*x^2)/256 + (45*c1^3*x^2)/64 + (155*c1^4*x^2)/256 + (51*c1^5*x^2)/128 + (21*c1^6*x^2)/128 + (c1^7*x^2)/32 + (21*c2*x^2)/64 + (57*c1*c2*x^2)/64 + (39*c1^2*c2*x^2)/32 + (39*c1^3*c2*x^2)/32 + (45*c1^4*c2*x^2)/64 + (3*c1^5*c2*x^2)/16 + (21*c2^2*x^2)/64 + (27*c1*c2^2*x^2)/32 + (27*c1^2*c2^2*x^2)/32 + (3*c1^3*c2^2*x^2)/8 + (3*c2^3*x^2)/16 + (c1*c2^3*x^2)/4 + (7*c3*x^2)/32 + (9*c1*c3*x^2)/16 + (9*c1^2*c3*x^2)/16 + (c1^3*c3*x^2)/4 + (3*c2*c3*x^2)/8 + (c1*c2*c3*x^2)/2 + (35*x^3)/256 + (109*c1*x^3)/256 + (95*c1^2*x^3)/128 + (105*c1^3*x^3)/128 + (185*c1^4*x^3)/256 + (49*c1^5*x^3)/128 + (7*c1^6*x^3)/64 + (43*c2*x^3)/128 + (27*c1*c2*x^3)/32 + (87*c1^2*c2*x^3)/64 + (35*c1^3*c2*x^3)/32 + (15*c1^4*c2*x^3)/32 + (21*c2^2*x^3)/64 + (21*c1*c2^2*x^3)/32 + (9*c1^2*c2^2*x^3)/16 + (c2^3*x^3)/8 + (7*c3*x^3)/32 + (7*c1*c3*x^3)/16 + (3*c1^2*c3*x^3)/8 + (c2*c3*x^3)/4 + (305*x^4)/2048 + (127*c1*x^4)/256 + (855*c1^2*x^4)/1024 + (495*c1^3*x^4)/512 + (755*c1^4*x^4)/1024 + (21*c1^5*x^4)/64 + (7*c1^6*x^4)/128 + (21*c2*x^4)/64 + (243*c1*c2*x^4)/256 + (339*c1^2*c2*x^4)/256 + (15*c1^3*c2*x^4)/16 + (15*c1^4*c2*x^4)/64 + (75*c2^2*x^4)/256 + (9*c1*c2^2*x^4)/16 + (9*c1^2*c2^2*x^4)/32 + (c2^3*x^4)/16 + (25*c3*x^4)/128 + (3*c1*c3*x^4)/8 + (3*c1^2*c3*x^4)/16 + (c2*c3*x^4)/8 + (69*x^5)/512 + (475*c1*x^5)/1024 + (801*c1^2*x^5)/1024 + (447*c1^3*x^5)/512 + (35*c1^4*x^5)/64 + (21*c1^5*x^5)/128 + (135*c2*x^5)/512 + (207*c1*c2*x^5)/256 + (15*c1^2*c2*x^5)/16 + (15*c1^3*c2*x^5)/32 + (3*c2^2*x^5)/16 + (9*c1*c2^2*x^5)/32 + (c3*x^5)/8 + (3*c1*c3*x^5)/16 + (497*x^6)/4096 + (837*c1*x^6)/2048 + (1437*c1^2*x^6)/2048 + (345*c1^3*x^6)/512 + (175*c1^4*x^6)/512 + (7*c1^5*x^6)/128 + (231*c2*x^6)/1024 + (153*c1*c2*x^6)/256 + (75*c1^2*c2*x^6)/128 + (5*c1^3*c2*x^6)/32 + (15*c2^2*x^6)/128 + (3*c1*c2^2*x^6)/32 + (5*c3*x^6)/64 + (c1*c3*x^6)/16 + (391*x^7)/4096 + (663*c1*x^7)/2048 + (531*c1^2*x^7)/1024 + (105*c1^3*x^7)/256 + (35*c1^4*x^7)/256 + (81*c2*x^7)/512 + (45*c1*c2*x^7)/128 + (15*c1^2*c2*x^7)/64 + (3*c2^2*x^7)/64 + (c3*x^7)/32 + (2337*x^8)/32768 + (123*c1*x^8)/512 + (675*c1^2*x^8)/2048 + (105*c1^3*x^8)/512 + (35*c1^4*x^8)/1024 + (99*c2*x^8)/1024 + (45*c1*c2*x^8)/256 + (15*c1^2*c2*x^8)/256 + (3*c2^2*x^8)/256 + (c3*x^8)/128 + (101*x^9)/2048 + (311*c1*x^9)/2048 + (175*c1^2*x^9)/1024 + (35*c1^3*x^9)/512 + (25*c2*x^9)/512 + (15*c1*c2*x^9)/256 + (259*x^10)/8192 + (85*c1*x^10)/1024 + (147*c1^2*x^10)/2048 + (7*c1^3*x^10)/512 + (21*c2*x^10)/1024 + (3*c1*c2*x^10)/256 + (9*x^11)/512 + (77*c1*x^11)/2048 + (21*c1^2*x^11)/1024 + (3*c2*x^11)/512 + (139*x^12)/16384 + (7*c1*x^12)/512 + (7*c1^2*x^12)/2048 + (c2*x^12)/1024 + (7*x^13)/2048 + (7*c1*x^13)/2048 + (9*x^14)/8192 + (c1*x^14)/2048 + x^15/4096 + x^16/32768 -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMGZfoOA7OpLWtYzAQHZ7QP8Dl0YlZaDCcOmloRmxVH7s3eGaARM6xBx q38k3ck6zw6bCFRxR2rQFflokxauEZ455l8sJv3iMJYTimORoetq6zEygZ8Wchsa 5/P1kZJL4sIQYkMuc/+iZqad9WJZz5nerHRQ/nu+2kfBJCCl8Xrvytwg9xhO4s4G sCUccLBHuIA= =BE17 -----END PGP SIGNATURE----- From bogus@does.not.exist.com Sun Oct 17 14:00:47 1993 From: bogus@does.not.exist.com () Date: Sun, 17 Oct 93 14:00:47 PDT Subject: Problems of anonymous posts Message-ID: <9310171819.AA21961@soda.berkeley.edu> -----BEGIN PGP SIGNED MESSAGE----- (This is from Hal; I still can't post from Portal.) After going to enormous efforts to create a network of anonymous remailers, we are hoist by our own petard, as our list receives strange, irrelevant, and argumentative posts through our own anonymous remailers. (Not all anonymous posts are like this, but there have been quite a few in the last few weeks which fall into these categories.) This should challenge us to reconsider the value of anonymity and remailers. Are we working only to make the net safe for the immature and incoherent? I would say not, but these posts should remind us of how incomplete is the infrastructure needed for successful use of anonymity. A brief recap of the benefits of anonymous mail: presently, on the net, all mail is tagged with the sender and destination. This means that not only the recipient, but any net snoopers and sysops at systems through which the mail passes, may be able to know that person A is sending mail to person B. This kind of information can be used to build up dossiers of who talks to whom. Worse, as we move into an era of electronic commerce, more and more of our lives may begin to take place on the net. We may shop, find entertainment, do business, even work for a living across the network. This will open up even more opportunities for collecting data about how we live our lives. In my opinion, the best way to preserve our privacy is to make it impossible to collect this data. Anonymous remailers, and their cousins, IP bouncers (which perform an analogous function for telnet-type connections), can prevent the collection of this kind of information by hiding exactly who is communicating with whom. These services can serve as the basis for the other privacy-protecting technologies we've been discussing, such as digital cash. There's not much point in using digital cash to prevent tieing customers to vendors if monitoring the net will provide that information anyway. This isn't just a futuristic concern, either. Already today the government is taking steps which could, under some not-so-far-fetched extrapolations, get people on the list in trouble. Many people on this list have communicated with Phil Zimmermann, for example. What if email logs were used to track all those people down, and they became suspects in this criminal investigation that the government seems to be pursuing? It's not even impossible that the government could someday try to paint the cypherpunks themselves as a subversive organization. Think how much more difficult any such diabolical attack would be if people subscribed to the list via remailers, under digital pseudonyms. These days, with the shaky legal status of cryptography, we of all people should be able to see the benefits of anonymous communication. The problem is, then, how to gain the benefits of anonymity, while avoiding the abuses. One solution which we have long discussed is reputations and pseudonyms; another is making people pay to use remailers. The way reputations work is that people would digitally sign their anonymous postings. This way someone could post anonymously and build up a reputation by means of a series of postings signed under the same name. As time went on, they would no more want to damage the reputation of their pseudonym than they would want to damage their reputation under non-anonymous posting. To make this work, people need to be able to easily filter their mail on the basis of the pseudonym it came from, rather than the (irrelevant) anonymous remailer which sent it. Then they can choose to accept and read mail from anonymous posters who have built up a good reputation while ignoring that from those who have ruined their good (pseudo) name. Karl Barrus has done some experiments along these lines. He described some time back a system he had for working with the elm mail reader, one of the most common Unix-based mail agents. The software will display the true originator of PGP-signed posts (anonymous or not). This allows readers to apply the same standards to signed anonymous mail as to regular mail. It raises anonymous posters to the same level, and holds them to the same standards, as other posters. This software could allow anonymous posters to build up their reputations, encouraging more responsibility on their part. The other solution, pay-for-use remailers, has also been pioneered by Karl. His idea is to make the remailer a little harder to use by forcing the user to include some digital postage (based, I think, on what Tim May called "poor man's postage stamps"). This could help reduce the volume of anonymous mail and make it less likely that joke or trivial messages would be posted. (We could even consider applying Karl's approach to the list as a whole; people would have to apply ahead of time for posting tokens in order to post. This might force people to take a little more care and time in their postings.) I don't think Karl's efforts have been sufficiently appreciated here. He is quietly working to create the tools needed to allow anonymity to be a useful and important part of the net architecture rather than the annoying sideshow that it sometimes seems to be becoming. We need to support Karl, work to bring his innovations into other remailers and other mail agents, if we want to gain the benefits from what we have done so far. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMFf3qgTA69YIUw3AQEp9QP/UyEvuQgM6GKiKdkZtHJw4/NhMwQDihrs 2D8weSeUQpKHPpxEnXiDEG6qswI0B4auq+hK3EDYIzccA6c6/+0Xa7SzESsujtjs VDRY7BNphAQ8ix6vd4Ti2vuk8sWa7IHasuAF+UytJrUXPaMbJgH1u/84M9HstA4t kNQ3venrgh4= =CFWw -----END PGP SIGNATURE----- From kelly at netcom.com Sun Oct 17 14:16:53 1993 From: kelly at netcom.com (Kelly Goen) Date: Sun, 17 Oct 93 14:16:53 PDT Subject: ENOUGH ALREADY!!!(Was Re: Gibson In-Reply-To: Message-ID: <9310172117.AA26114@netcom.netcom.com> Dear Sir, Without enrolling in yours and others discussion about anarcho/capital/social/ isms Ad Nauseam... would you mind taking this SOMPLACE ELSE... this discussion is NOT appropriate for the list WE have REAL issues and problems to address... Thanx in advance... cheers kelly -- From slacker at netlink.nix.com Sun Oct 17 14:46:55 1993 From: slacker at netlink.nix.com (John Witteborg) Date: Sun, 17 Oct 93 14:46:55 PDT Subject: encryption Message-ID: Is PGP hard to set up, use? does it wok with all communication software? could you send me a copy, info? Thanks a ton....SLACKER -- INTERNET: slacker at netlink.nix.com (John Witteborg) UUCP: ...!ryptyde!netlink!slacker Network Information eXchange * Public Access in San Diego, CA (619) 453-1115 From mg5n+ at andrew.cmu.edu Sun Oct 17 15:26:56 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sun, 17 Oct 93 15:26:56 PDT Subject: encryption In-Reply-To: Message-ID: slacker at netlink.nix.com (John Witteborg) wrote: > Is PGP hard to set up, use? does it wok with all communication software? > could you send me a copy, info? Thanks a ton....SLACKER You can get it from ftp.demon.co.uk in the directory pub/pgp From 72114.1712 at CompuServe.COM Sun Oct 17 16:26:58 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sun, 17 Oct 93 16:26:58 PDT Subject: PROBLEMS OF ANONYMOUS . . . Message-ID: <931017232243_72114.1712_FHF100-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Hal Finney wrote: It's not even impossible that the government could someday try to paint the cypherpunks themselves as a subversive organization. Gee, Hal, that can't be right. I've always thought we were a subversive *dis*organization. According to my online dictionary: THE AMERICAN HERITAGE DICTIONARY OF THE ENGLISH LANGUAGE Third Edition Copyright 1992 Houghton Mifflin Company. All rights reserved. subversive ======================================== sub*ver*sive adjective (1) Intended or serving to subvert, especially intended to overthrow or undermine an established government: "Sex and creativity are often seen by dictators as subversive activities" Source: Erica Jong Sounds good to me. Say! Do you think we could work that sex part in somehow? ("I'll show you mine, if you'll show me yours . . . public key, that is.") S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From pcw at access.digex.net Sun Oct 17 16:51:59 1993 From: pcw at access.digex.net (Peter Wayner) Date: Sun, 17 Oct 93 16:51:59 PDT Subject: crypto technique Message-ID: <199310171750.AA29851@access.digex.net> There is a patent by a fellow named Walter Anderson on a public-key crypto system that uses a similar principle. I believe that his patent might even cover the technique described in your posting about multiplying polynomials together. I wish I had the number, but it came out very recently. Incidentally, I managed to break early versions of the system. -Peter Wayner From ferguson at icm1.icp.net Sun Oct 17 17:06:59 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Sun, 17 Oct 93 17:06:59 PDT Subject: EFF servers down? Message-ID: <9310180107.AA15898@icm1.icp.net> I noticed that the EFF FTP server (FTP.EFF.ORG/KRAGAR.EFF.ORG) appears to be down. Is this a scheduled outage (servicing, etc.) or are they having problems. Curiously, _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From composer at Beyond.Dreams.ORG Sun Oct 17 17:37:01 1993 From: composer at Beyond.Dreams.ORG (Jeff Kellem) Date: Sun, 17 Oct 93 17:37:01 PDT Subject: EFF servers down? Message-ID: <9310180029.AA02972@Beyond.Dreams.ORG> On the cypherpunks mailing list, Paul Ferguson wrote... > I noticed that the EFF FTP server (FTP.EFF.ORG/KRAGAR.EFF.ORG) appears > to be down. Is this a scheduled outage (servicing, etc.) or are they > having problems. It's a scheduled downtime. They're moving the machines from Cambridge, MA to Washington, D.C. The machines should be back up, hopefully, in the next day or so. Be patient... :) -jeff Jeff Kellem Internet: composer at Beyond.Dreams.ORG From trebor at foretune.co.jp Sun Oct 17 17:52:01 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Sun, 17 Oct 93 17:52:01 PDT Subject: Problems of anonymous posts In-Reply-To: <9310171819.AA21961@soda.berkeley.edu> Message-ID: <9310180047.AA04439@dink.foretune.co.jp> Hfinney writes some excellent comments on anon remailers and how to deal with them. Possible low-tech solution: mail-list software where the moderator has the ability to screen messages from particular sites and/or accounts. In other words: IF account is in THEN let_me_see_it_first ELSE IF site is in THEN IF account is NOT in THEN let_me_see_it_first Question: how easy is it to use public information (ie: out of the phone book), PGP and an anon-remailer to create a "Fake ID" From pmetzger at lehman.com Sun Oct 17 17:52:03 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 17 Oct 93 17:52:03 PDT Subject: IRS LEARNING . . . In-Reply-To: <9310160338.AA06519@servo> Message-ID: <9310161536.AA22525@snark.lehman.com> Phil Karn says: > Anyway, back to cryptography, I do suspect that the government will > eventually point to digital cash as justification for controlling all > of cryptography. Or they will refuse to back it up in court as legal > tender, thus helping undermine it. I know there's this concept called > "reputation" that's supposed to take the place of the government > enforcing contracts, but I have a hard time understanding just how it > will work for very large transactions between individuals (like buying > a house or even a used car). You don't need legal tender laws to make a currency worthwhile. In many third world countries, U.S. Dollars and German Marks are more accepted than local currencies for transactions. There are no laws in those countries mandating that these currencies be accepted -- indeed the laws usually make them illegal -- and yet they are accepted. If Union Bank of Switzerland set up a digital cash system that officially was not sanctioned for use in the U.S. but in practice could be, it would make little difference whether the U.S. Government liked, sanctioned, or even permitted it. How could "reputation" take the place of government in the enforcement of contracts? Well, I'd say that you don't quite have the right question in mind, but I would direct you to Bruce Benson's "The Enterprise of Law." Basically, I will start by pointing out that modern contract law was developed entirely in private merchant courts without any power of enforcement, and yet still worked. The system in question, the Lex Mercatoria, was only co-opted fairly recently by state-based legal systems. There are many ways that contracts can be enforced without the use of the state, and I don't mean through the use of mafia hit-men, either. Perry From frissell at panix.com Sun Oct 17 17:57:01 1993 From: frissell at panix.com (Duncan Frissell) Date: Sun, 17 Oct 93 17:57:01 PDT Subject: IRS LEARNING . . . Message-ID: <199310180053.AA29669@panix.com> To: cypherpunks at toad.com D.>Lets have a discussion as to what political organization we D.>ultimately want to bring about. If this has already been done, then D.>please send me references. Don't give this one away: Case 1 A<----------->B Free Trade - Free Market Case 2 A<----------->B "Fair Trade" - Regulated Market ^ | | C - A Government Case 3 ------------------- | A<----------->B | Free Trade - Free Market ------------------- ^ | _____| | | | | | | C - A Government | | | |--Strong crypto, anonymous networks, digicash, etc. We know what to call a political or economic system in which political intervention doesn't occur because it has been technologically excluded. It is called a free market and a voluntary society (to avoid the "A" word). Duncan Frissell --- WinQwk 2.0b#1165 From zeek at bongo.cc.utexas.edu Sun Oct 17 18:42:04 1993 From: zeek at bongo.cc.utexas.edu (zeek) Date: Sun, 17 Oct 93 18:42:04 PDT Subject: key management workshop Message-ID: <199310180140.AA06726@bongo.cc.utexas.edu> -----BEGIN PGP SIGNED MESSAGE----- I'm interested in starting a key management workshop for the purpose of learning more about how to properly manage keys, the use of anon remailers, hopping mail, and pgp in general. I would appreciate copies of your public key if you are interested in participating. Please keep in mind this exersise is for EXPERIMENTAL PURPOSES ONLY. I'm running pgp on a shared system, therefore the security here is not fully tamperproof (ie. passwords can be picked up on the line from this local machine to the remote site). If you would rather submit a "test" key, please do so. I would like to know if anyone on either list has objections to using the cypherpunks at toad.com and/or austin-cypherpunks at mcfeeley.utexas.edu list as places of exchange of group messages. One last thing; any information on the format for hopping mail through encryption supported remailers would be appreciated. I look forward to your support and participation. Thank you, - -z - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAiy/d2oAAAEEAPEFrakegXbaR6SYC8/aG0Fy6I0BFF8jjzim/6ekJP3wdVXb EGqjnRGoL9yJHNuLQudDBoHmV1LfJdsy1gzONcEbM2mmuxKGUSh1KUypbtZVc23Z FD/LmQmOs1cl3yQgs5d8r1/2H1TWl80sWS+RAg02lMqkTxhL/GH4Xujemt89AAUR tCtLZXZpbiBULiBLcnV6aWNoIDx6ZWVrQGJvbmdvLmNjLnV0ZXhhcy5lZHU+ =TgqV - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMHzrGH4Xujemt89AQG7ZQP/Qlbp/VVNRYp1J+z9IbFhGU1866rzxTyh ErPNxyJ2HLIs4iSBQDMFRbHLCwtoZw7qnPXyBY4EH1Xjwdbp/bbq+vChH7n7mA0E s05u4zKNklT5bTjX0WC0tNXSX87YrDvcnysCbdxQWpXJzu9TbHBJwfVFEPA+f98B E8Cwl0/TMWs= =un/i -----END PGP SIGNATURE----- From VACCINIA at UNCVX1.OIT.UNC.EDU Sun Oct 17 18:42:05 1993 From: VACCINIA at UNCVX1.OIT.UNC.EDU (VACCINIA at UNCVX1.OIT.UNC.EDU) Date: Sun, 17 Oct 93 18:42:05 PDT Subject: Problems of anonymous posts Message-ID: <01H48FNTQPJM0012K1@UNCVX1.OIT.UNC.EDU> Continueing in the discussion that Hal recently posted: >We need to support Karl, work to bring his innovations into other remailers >and other mail agents, if we want to gain benefits from what we have done so >far. Having received from Karl (using my own identity) some digicash strings to use as postage for his remailer, I know that my reputation, while using his remailer, is on the line (if he knows that I have these particular strings, I assume he does). This innovation suggests a method for implimenting a postive reputation scheme. One may apply to the operators of remailers for an initial allotment of digicash to use as postage using a digital psuedonym and signature. The initial allotment would be a small number of strings. If the strings are used responsibly, then the person could reapply and receive more strings. Irresponsible use would result in refusal to grant postage and thus limit access to the remailer system. There does seem to be a problem with the concept of pseudoanonymous positive reputations; that is, how to prevent someone from establishing an endless string of digital identities to use irresponsibly? This problem is limited by granting a small number of postage strings at first, thus forcing the person to frequently discard and establish identities as he trashed them, but this nuisance may be only partially inhibitory. The digital signature of a pseudonym would be required to be displayed at posts. Complaints about irresponsible use could then be attributed to a pseudonym, enough complaints would result in revocation of postage and denial of reapplication for postage. Unfortunately, this places quite a burden on those who run remailers as they would have to be the ones who decide what posts are acceptable and unacceptable (as well as hearing about an awful lot of stupid crap). But, it does have the effect of: 1) limiting unacceptable use of remailers 2) establishing a positive reputation (which could be used at other remailers) 3) maintaining anonymity 4) inhibiting endless strings of pseudonyns to be used bogusly (although not eliminating the possibility) The major problem in my mind is the undue burden placed on remailer operators. However, there must be some clever folks out there who can figure out a way to help out in this regard. Also, could someone point me to some information about the IP bouncers Hal mentioned? Thanks. Scott G. Morham ! The First, Vaccinia at uncvx1.oit.unc.edu ! Second ! and Third ! Levels of ! Information Storage and Retrieval ! DNA, ! Biological Neural Nets, ! Cyberspace From bogus@does.not.exist.com Sun Oct 17 20:22:05 1993 From: bogus@does.not.exist.com () Date: Sun, 17 Oct 93 20:22:05 PDT Subject: Problems of anonymous posts Message-ID: <9310180321.AA29436@soda.berkeley.edu> From: "Robert J. Woodhead" > Possible low-tech solution: mail-list software where the moderator has > the ability to screen messages from particular sites and/or accounts. I think the problem here is the amount of time which would be taken by the moderator. If you were going to go this route, you might as well have a completely moderated list. This slows down list turnaround and is a lot of work for somebody. > Question: how easy is it to use public information (ie: out of the > phone book), PGP and an anon-remailer to create a "Fake ID" I'm not sure what you mean here. Perhaps you are talking about someone who posts saying, "Hi, this is Bill Gates, I just joined your list, and here's my PGP key, I'll just be posting through these anonymous remailers for now. Oh, and to prove it's really me, my annual salary is such-and- such, which you can confirm by reading the most recent annual report from Microsoft." This wouldn't fool anyone for an instant. Or, someone posts and says, "My name is Deadbeat, here is my PGP key, and I'll just be posting through anon remailers," then he does so for months on end. This also doesn't "fool" anybody, but does represent an ID which can get established and become as legitimate as other ID's on the net - in a sense, a "Fake ID"; this is what we call a digital pseudonym. Hal Finney From pmetzger at lehman.com Sun Oct 17 21:12:06 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 17 Oct 93 21:12:06 PDT Subject: digital cash/legal tender In-Reply-To: <931016215711.22e16048@CCSVAX.SFASU.EDU> Message-ID: <9310180406.AA28399@snark.lehman.com> F_GRIFFITH at ccsvax.sfasu.edu says: > In order for electronic money to be true cash, it must be able to > circulate from Alice to Bob to Carl to Dave without the need to > contact the issuing bank. Otherwise, it is merely an electronic > check, perhaps anonymous. No digicash system can possibly operate under this constraint. Mere numbers, unlike gold, can be duplicated. Without some sort of central verification involved the techniques cannot work. I suppose "true" digitcal cash by your definition is impossible. Perry From na26540%anon.penet.fi at Princeton.EDU Sun Oct 17 21:32:07 1993 From: na26540%anon.penet.fi at Princeton.EDU (Walter Mitty) Date: Sun, 17 Oct 93 21:32:07 PDT Subject: MacUser Security 1.1 Message-ID: <9310180347.AA29902@Princeton.EDU> I came across the following in the comp.sys.mac.etc faq under security: > If > you need to protect sensitive data I recommend that you encrypt it > with software such as MacUser Security 1.1. Does anyone know anything about this program and whether or not it is worth a damn? Would this be more on-topic at sci.crypt or comp.security? Walter Mitty From rjc at gnu.ai.mit.edu Sun Oct 17 21:32:08 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sun, 17 Oct 93 21:32:08 PDT Subject: digital cash/legal tender In-Reply-To: <9310180406.AA28399@snark.lehman.com> Message-ID: <9310180427.AA13871@geech.gnu.ai.mit.edu> Perry E. Metzger () writes: > F_GRIFFITH at ccsvax.sfasu.edu says: > > In order for electronic money to be true cash, it must be able to > > circulate from Alice to Bob to Carl to Dave without the need to > > contact the issuing bank. Otherwise, it is merely an electronic > > check, perhaps anonymous. > > No digicash system can possibly operate under this constraint. Mere > numbers, unlike gold, can be duplicated. Without some sort of central > verification involved the techniques cannot work. I suppose "true" > digitcal cash by your definition is impossible. Doesn't Chaum's "observer" based system allow digi-coins to work? (e.g. by carrying around copy protection which prevents you from 'cp'ing cash instead of 'mv'ing it, or prevention of double spending?) Observer's may not be cypherpunk-correct technology but they might work with legal (govt) backing. Counterfeiters who "copy" cash by breaking the tamper-proof observers would be hunted down through traditional investigatory means. The economy/banks might take a hit the way credit card companies get hit by con-artists, but overall they would remain stable. Does anyone have a reference on Chaum's observers besides the SciAm article (which I read a long time ago and have now forgotten)? -Ray -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From pmetzger at lehman.com Sun Oct 17 21:37:06 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 17 Oct 93 21:37:06 PDT Subject: digital cash/legal tender In-Reply-To: <9310180427.AA13871@geech.gnu.ai.mit.edu> Message-ID: <9310180432.AA28418@snark.lehman.com> Ray says: > > No digicash system can possibly operate under this constraint. Mere > > numbers, unlike gold, can be duplicated. Without some sort of central > > verification involved the techniques cannot work. I suppose "true" > > digitcal cash by your definition is impossible. > > Doesn't Chaum's "observer" based system allow digi-coins to work? > (e.g. by carrying around copy protection which prevents you from 'cp'ing > cash instead of 'mv'ing it, or prevention of double spending?) Such a system would depend on people trying to break the system being unsophisticated. I do not believe you can rely on trick hardware to provide "copy protection" for digital coins. Perry From bogus@does.not.exist.com Sun Oct 17 21:52:06 1993 From: bogus@does.not.exist.com () Date: Sun, 17 Oct 93 21:52:06 PDT Subject: Detecting double-spending (long) Message-ID: <9310180444.AA12390@alumni.cco.caltech.edu> For those of you who slogged through my description last week of Chaum's "simple" digital cash which detects double-spending, I've realized on further thought that a simplification is possible. Writing that long essay improved my own understanding of his system. Recall that the double-spending cash is the product, for i from 0 to k/2, of f(xi,yi)^(1/3), mod the bank's public modulus. f() is a one-way function, one which can't be inverted. xi and yi were a little complicated, and here is where my simplification comes in. Let xi be g(ai), where ai is a random number and g is a one-way function. Let yi be g(ai xor ), where is Alice's identifying information, her account number. Normally the ai "blinds" that since it is random and it is xor'd onto it. But if ever both ai and ai xor are known, is revealed and Alice's goose is cooked. Everything else works as Chaum suggested; I have just eliminated his ci and di random numbers. In his proposal, g took two arguments, and ci and di were appended for the xi and yi cases. But I'm convinced now that these are unnecessary for our purposes. The purpose for ci and di are to provide "unconditional" anonymity to Alice if she doesn't cheat. Look what happens with my simpler system. She tells Bob ai and yi for certain i's. Now, g is a one-way function, but suppose Bob had a big enough computer to try all possible arguments to g. Sooner or later he'd find a value Z for which g(Z) was yi. So then he could figure that Z equals ai xor , and he knows ai, so he could find . This means that in my simplified system Alice is depending on Bob (and everyone else) being unable to crack g() in order to stay anonymous. Chaum's system is better. By having a g with two arguments he creates a huge number of solutions to g(Z1,Z2) = yi. There is no way for Bob to tell which one is right, so even with infinite computing resources he can't crack Alice's anonymity. My thought is, unconditional anonymity is really no better than computational anonymity in the real world. Eric Hughes often says "all cryptograpy is economics". In practice, beyond a certain point, anonymity would not be broken by a direct computational attack, but rather by other means - bribery, theft, etc. In the real world there is no such thing as "unconditional" anonymity. In practice, computational anonymity is enough. So my feeling is that for implementation purposes the ci and di in Chaum's system can be removed, simplifying the protocols somewhat, at the cost of reducing Alice's anonymity from unconditional to computational. Hal Finney hfinney at shell.portal.com From klbarrus at owlnet.rice.edu Sun Oct 17 22:42:07 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sun, 17 Oct 93 22:42:07 PDT Subject: crypto technique In-Reply-To: Message-ID: <9310180538.AA21321@flammulated.owlnet.rice.edu> Matthew J Ghio wrote: >we can mod each term by 256. Which gives: > > 4 3 2 >y = (.125x + .25x + 63.875x + 63.75x + 223) mod 256 > >which still produces the same values for y, but the factoring technique fails. I still don't know about that - I think all it does is remove the problem one step from immediately solvable. Is that P term public knowledge (here P = 256)? If so, the revised equations are: c1/2 + 1/4 = 63.75 ===> c1 = 127 c1/2 + 1/4 x1^2 + c2 = 223 + 256k ===> c2 = -7905 + 256k And this will yeild either c2 = -225 or c2 = 31. The computational expense of trying both is small. If it does turn out that the magnitude of the constants must be less than P, I don't think taking the mod of each coefficient obscures the problem very much at all. It still boils down to solving systems of simultaneous equations, which isn't the same complexity as solving discrete logarithms or factoring. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From ld231782 at longs.lance.colostate.edu Sun Oct 17 23:07:08 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 17 Oct 93 23:07:08 PDT Subject: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310171819.AA21961@soda.berkeley.edu> Message-ID: <9310180605.AA13346@longs.lance.colostate.edu> H. Finney >After going to enormous efforts to create a network of anonymous remailers, >we are hoist by our own petard, as our list receives strange, irrelevant, >and argumentative posts through our own anonymous remailers. (Not all >anonymous posts are like this, but there have been quite a few in the last >few weeks which fall into these categories.) I've been thinking about this a lot lately. I think a large part of the problem as you indicate is associated with reputation. How does one build up a reputation and identity in cyberspace in general? Part of the problem IMHO is that this list software & the internet in general is extremely vulnerable to a lot of different kinds of spoofing. People are very sensitive to the perception of a `consensus' -- they are deeply influenced by what they perceive to be the `majority opinion'. What if that `opinion' was not an accurate representation of reality? what if a few people were creating the illusion that some different kind of consensus existed? what if that `agenda' were actually something inherently wicked like lawlessness or anarchy? what if a conspiracy created the impression that some project or progress was underway when it really wasn't? or that some person was loudly favored or condemned by the `group'? this could be especially problematic if any kind of intimidation were happening `behind the scenes' in email. who would ever know? unless the dissatisfaction reached the list, how would we find out? another problem is that, at the same time being strongly influenced by a lot of flames, people just delete them out of sheer distaste and they may not be around later for inspection. what really is our assurance that all these email addresses actually exist and represent *unique* people? there really is very little currently. I think newsgroups are far less vulnerable to this kind of spoofing, but unfortunately mailing lists are *extremely* vulnerable. (Keep in mind, there are a whole set of other benefits and detriments in *other* categories which I'm not talking about here.) In the former we have thousands of subscribers all checking on each other's honesty. If a suspicious address or opinion pops up, there is some probability someone will notice, and cases of spoofing would probably be noise drowned out in the representative opinion. Also, distribution is centralized, so that `message blocking' is not very feasible. In the latter case, i.e. mailing lists such as this one, there is a much closer knit community that is geographically isolated. Individuals on the list are far more susceptible to spoofing. People are more likely to see *every* message including the `spoofed' ones. There are far fewer people to `check up' and those that are there may not have the technical expertise. What's worse, the list is not `distributed' in a certain sense. If someone wants to get out the message that `something wrong is going on' it could be censored because of the centralization of the distribution. This wouldn't work with Usenet because the distribution of the messages (e.g. NNTP servers) is generally cleaved from the people with strong self-interests in the traffic (e.g. people who post to group [x]). This cyberspace stuff can be a *very* powerful influence on many. It is an electronic community, and peer pressure is *extremely* powerful. Many people do not have an extremely strong internal `moral compass' and could be influenced by this kind of corrupt magnetism associated with a `conspiracy of spoofing'. Note that reputations are crucial in not only persuading us to listen attentively to those we respect, but to `tune out' the lunatics and criminals. * * * Spoofing Regarding the what also gets my vote as `strangest posting of the year' by `S. Boxx', Philippe D. Nave, Jr. (based on my email, a loyal cypherpunk and fellow Denverite!) wrote: >[...] it seems that the point of the message is that there is a lot >of smoke coming from people who use aliases or anonymous remailer >services to post to the cypherpunks list. Does this posting contribute >to that problem, or have I missed something? [...] >What the hell ?!? I've either missed something significant (and would >appreciate enlightenment) or this is a candidate for 'strangest post >of the year'. If 'S. Boxx' really exists and is the author of this >posting, I apologize- if not, then come out from behind your damn >remailer and quit contributing to the problem. As for monitoring the >list for traitors, go ahead- I post under my own name, and I don't >give a shit what you do with the text. If I was concerned about lurkers >building 'traitor files', I'd encrypt my messages and happily watch you >choke on them. I think I speak for many here in saying that I weigh anonymous postings very little, but don't consider the capability a serious problem. They have very significant purposes in e.g. `whistleblowing' `within the system' that I've always been attracted to. On the other hand, I think there is an implicit assumption by virtually everyone here that addresses on public posts and private email that are not specifically anonymous represent *unique* people. That is, if some people were taking advantage of the loose, free, and open atmosphere here to influence opinion or perception of reputations by posting messages under different presumably `real' identities (defined as anything that is not obviously tagged as anonymous), I and probably everyone else would feel very `upset' in the least and `violated' at the most. It would seem like a very serious breach of community trust, and might even have the effect of derailing positive contributions to the `cypherpunk cause' (whether algorithmic or political, the two chief schools of thought). I recall discussions of this related to the Extropians list, which specifically bars this practice. * * * List suggestions The fact that this `uniqueness of real identities' has always been something of an implicit assumption here bothers me. I think anything this delicate and important should be made formal and explicit. We should not simply assume that `everone is honest and no one would be depraved enough to do this.' I think the following guidelines are very reasonable, and might be part of a list charter agreed to by new members: 1) list members are allowed *one* anonymous identity if any. They are required to associate some name with all anonymous posts via that identity. 2) *no one* is allowed multiple `real' identities and in fact any violation of this is considered an extremely serious breach of netiquette & honesty. 3) completely anonymous posts from `outside' the list are allowed; if no pseudoidentity is given they are assumed to come from `outside'. and if anyone has been posting under multiple `real' identies, I think they owe it to everyone here to `come clean'. I don't see why anyone would go to the trouble but if someone was just unstable or obsessive enough to equate reputation with posting traffic, s/he might go off the deep end. The practice amounts to `spoofing' and any patriotic cypherpunk with some integrity ought to recognize that immediately and condemn it, technical capabilities regardless. I would equate this practice with `lying to one's colleagues'. spoofing is probably the #1 crime against cypherpunk ideology. * * * Reputations As for reputations, what can we do about this? I think that there are a lot of solutions to be experimented with in software. One of the best is just to have archives that are searchable by ID. But archives are very disk-consuming. I have some various other ideas that wouldn't require much beyond the current database maintenance of email addresses. Suppose that along with everyone's name, the following statistics were presented: 1) how long they have been on the list in days, 0 if none at all 2) how many postings they have posted here 3) maybe a posting/age ratio -- some people seem to be very sensitive or tune out people with a high one. 4) another idea: tracking the number of responses a given poster has, average, per original post, measured by `re: [x]' subject tracking. now, look what we get with all these. They are all simple to implement. They all can tremendously help us weigh the various opinions that are out there. They can set up a positive feedback system whereby `good' posters potentially really are quantitatively identified. Regarding (4), one way to `punish' a poster for irrelevant postings is to simply not respond, and they will not get any `credit' in this statistic. The problem with this is that from my experience, sometimes my most authoritative and finely-crafted postings generate the least response. But note the point of all these things: they don't necessarily require any digital signatures to implement. Authentication of postings `allowed' to the group really seems like a separate problem to me. Another simple idea is to have a voting system in response to postings. People's `credit' associated with their postings could be listed in headers too. This of course is far more ambitious, and the generally complex problem of authentication rears its ugly head. In addition to all this, I would like to see protocols that guarantee honesty on the part of the list maintainer. When databases like this are maintained, a little unilateral tweaking here and there can be extremely deleterious to community integrity, honesty, and reputations. From hughes at ah.com Mon Oct 18 00:02:09 1993 From: hughes at ah.com (Eric Hughes) Date: Mon, 18 Oct 93 00:02:09 PDT Subject: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310180605.AA13346@longs.lance.colostate.edu> Message-ID: <9310180658.AA01694@ah.com> >I think the following guidelines are very >reasonable, and might be part of a list charter agreed to by new members: >1) list members are allowed *one* anonymous identity if any. [etc. ...] [...] >spoofing is probably the #1 crime against cypherpunk ideology. That which can never be enforced should not be prohibited. The claim that a person should have only one pseudonym per forum indicates profound misunderstanding. If someone wants to have multiple cryptographically protected pseudonyms, they will be able to; that is one of the main goals of cypherpunks software. The situations you despise will occur. This is reality. Change your own psychology or change your own software. You will not be able to change the other person. Eric From jamie at netcom.com Mon Oct 18 00:37:10 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Mon, 18 Oct 93 00:37:10 PDT Subject: on anonymity, identity, reputation, and spoofing Message-ID: <9310180737.AA14508@netcom.netcom.com> > >1) how long they have been on the list in days, 0 if none at all >2) how many postings they have posted here >3) maybe a posting/age ratio -- some people seem to be very sensitive >or tune out people with a high one. >4) another idea: tracking the number of responses a given poster has, >average, per original post, measured by `re: [x]' subject tracking. > Each of these suggestions call for data that may contribute to identifying individuals, tracking their behavior or providing information useful to decypher some messages. This has a very NSA feel to it. -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From ld231782 at longs.lance.colostate.edu Mon Oct 18 00:57:10 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 93 00:57:10 PDT Subject: Internet show on PBS Message-ID: <9310180753.AA14654@longs.lance.colostate.edu> from author of `Zen & the Internet', don't miss it! ===cut=here=== Date: Thu, 14 Oct 1993 16:03:12 -0700 From: Brendan Kehoe The Computer Chronicles (a show on PBS) will be doing a program about the Internet, to be aired on your local PBS station the week of November 1st. It'll have stuff about World Wide Web (demo'd by April Marine at NASA Ames), virtual communities (with Howard Rheingold), the Net in general (me), Internet Talk Radio (with Carl Malamud), the gigabit testbeds [I think] (with someone from Bellcore), and something with Phil Kahn at ARPA. The producer of it is really psyched; it sounds like it's gonna be pretty cool. Brendan - -- Brendan Kehoe brendan at zen.org Stop the murder! Support dolphin-free networking. ------- End of Forwarded Message From ld231782 at longs.lance.colostate.edu Mon Oct 18 02:42:12 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 93 02:42:12 PDT Subject: PSEUDOSPOOFING Message-ID: <9310180941.AA15703@longs.lance.colostate.edu> I'm absolutely *horrified* and *nauseated* that our eminent list moderator E.H. has come out in total support of what I have been calling `spoofing' or using pseudo-real addresses to post to the list. (It isn't `really' spoofing in the exact sense because as I noted there has only been an *implicit assumption* by all of us here that opinions from unique addresses were themselves unique. so, lets call it) PSEUDOSPOOFING the activity of misleading people into thinking that an identity is unique when it really isn't! i.e. posting behind `real' addresses not specifically noted as anonymous! I consider pseudospoofing a *detestable* and *reprehensible* activity if it exists. Am I the only one who finds this absolutely *repulsive* and *abhorrent*? How long has this been going on? who has been doing it? am I the first to suspect it is happening? how many debates have been affected? how many people have been *harassed* or *intimidated* or *burned* to a *crisp* by pseudospoofers? is this going on in *private email* too? how many debates have been skewed? how many people here DON'T EXIST? Are the other founders T.C.May and J.Gilmore in favor of this too? how much have you guys been doing this? is this really part of the cypherpunk agenda? who here supports this, anyway? does this have anything to do with the bizarre conspiracy theories posts of `S.Boxx'?! is this why `everyone' is opposed to a newsgroup or other change in the `status quo'?! Is this why *I* get *flamed* so much? is this polluting other mailing lists?! E.H. >The claim that a person should have only one pseudonym per forum >indicates profound misunderstanding. If someone wants to have >multiple cryptographically protected pseudonyms, they will be able to; >that is one of the main goals of cypherpunks software. IMHO, this itself represents a `profound misunderstanding' under what actually constitutes an OPEN FORUM. If we are merely conducting some depraved experiment on the psychology of pseudonymity and pseudospoofing on unwilling participants, please say so! I for one never saw *that* announcement when I signed up! calling `pseudospoofing' `one of the `main goals' of cypherpunks software' sounds *criminal* to me. Or maybe I'm missing the point! I guess this is what anarchy really *is* all about! * * * speaking of OPEN FORUMS, `Jamie Dinkelacker' objects to my other proposals for reputation tracking statistics: >> >>1) how long they have been on the list in days, 0 if none at all >>2) how many postings they have posted here >>3) maybe a posting/age ratio -- some people seem to be very sensitive >>or tune out people with a high one. >>4) another idea: tracking the number of responses a given poster has, >>average, per original post, measured by `re: [x]' subject tracking. >> > >Each of these suggestions call for data that may contribute to identifying >individuals, tracking their behavior or providing information useful to >decypher some messages. This has a very NSA feel to it. A very ``NSA FEEL''?! all of these statistics could be generated by *anyone* who subscribes to the list! is this an OPEN FORUM or not?! How could *anyone* object to anything so innocuous? A *true* forum would be *representative*. For example, I already have the impression that no one here supports my suggestions whatsoever on list modifications & protocol from E.H.'s comments and jamie at netcom.com. Now, humor me, and take the hypothetical situation that these are the same person! how can this be a `forum' if an opinion is not *representative*? what if a single person just `ganged up' on someone they didn't like by overwhelming them with pseudospoofs? what if there was *truly* support for some project but a pseudospoofer ganged up on the proponents and clobbered them with flames? does this sound anything like what has happened on this list in the past? doesn't it throw every `conversation' on this list into spectacularly *grotesque* doubt? wouldn't that be a lot like intimidation at best and *extortion* at worst? would it look like a `clique'? what if this was happening *routinely*? what if people were being *influenced* by what they perceived was the *majority opinion* or the *views of their peers* that were really nothing but DECEPTION AND LIES? what if it was *thwarting progress*? I would consider this nothing but TREACHERY and HIGH TREASON. is all this really one of the `main goals' of the cypherpunk agenda? if so, SIGN ME OFF. Regardless of whether anyone believes in democracy (a `lot' of people here said they didn't a while ago, but now I have my doubts!) the idea of `one man one vote' is SACRED. it means in essence, one man shall not have UNFAIR INFLUENCE. anything less is just the `Golden Rule: He who Has the Most Gold Makes the Rules'. or, `you can be here as long as I always have more *power* than you do and you don't complain!' it is *anti egaltarian*. it is a recipe for anarchy, dischord and chaos. Or perhaps I'm MISSING THE POINT?! maybe that's what somebody *wants*. is *this* what the Cypherpunks really stand for? UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. p.s. if anyone doesn't hear from me for awhile, assume I've been `liquidated' and this isn't really an `open forum' ... From ld231782 at longs.lance.colostate.edu Mon Oct 18 02:57:12 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 93 02:57:12 PDT Subject: THE CYPHERPUNK CAUSE Message-ID: <9310180956.AA15929@longs.lance.colostate.edu> now I understand why `someone' told me in private email, `THERE IS NO CYPHERPUNKS CAUSE. GET THIS DELUSION OUT OF YOUR HEAD.' From szabo at netcom.com Mon Oct 18 03:32:13 1993 From: szabo at netcom.com (Nick Szabo) Date: Mon, 18 Oct 93 03:32:13 PDT Subject: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310180737.AA14508@netcom.netcom.com> Message-ID: <9310181029.AA03491@netcom6.netcom.com> It is suggested we can gather this information per pseudonym: > >1) how long they have been on the list in days... > >2) how many postings... > >3) ...posting/age ratio... > >4) ...tracking the number of responses a given poster has... Jamie Dinkalecker responds: > Each of these suggestions call for data that may contribute to identifying > individuals, tracking their behavior or providing information useful to > decypher some messages. Nevertheless, there is nothing to prevent such information being gathered by list subscribers, with the minor change that (1) would be time since first posting. The NSA, BlackNet, Internet junk mailers, or Extortions R Us might be gathering it now if they liked, and for many of us with our True Names to boot. In my limited experience creating Internet pseudonyms, I've been quite distracted by the continual need to avoid leaving pointers to my True Name lying around -- excess mail to/from my True Name, shared files, common peculiarities (eg misspellings in written text), traceable logins, etc. The penet.fi site explicitly maintains a list of pointers to the original address. All kinds of security controls -- crypto, access, information, inference -- have to be continually on my mind when using pseudonymous accounts. The hazards are everywhere. With our current tools it's practically impossible to maintain an active pseudonym for a long period of time against a sufficiently determined opponent, and quite a hassle to maintain even a modicum of decent security. Pointers to info and/or tools to enable the establishment and maintenance of a net.nym, beyond the standard cypherpunks PGP/remailer fare with which I'm now familiar, greatly appreciated. Especially nice would be a list of commercial net providers that allow pseudonymous accounts. Another big problem I see with pseudonymous reputations is entry. If most people are blocking posts from new pseudonyms, how does one get a new reputation established? I've had several years to establish a net.reputation for "Nick Szabo", and it might take a long time for any of my pseudonyms to catch up. Altruistic sponsorship requires trusted friends knowing the True Name, but that public sponsorship itself provides important clues pointing to that Name. Sponsorship by the True Name via an anonymous reputation market (like HEx, but securely anonymous and perhaps tied to futures on the pseudonym's declared income), might be quite useful. (For information on the HEx market, send mail to hex at sea.east.sun.com with the subject line "commands"). I hope that we stick to experimenting with pure anonymity in many venues. I suggest we'll find out that purely anonymous posts are not so bad, overall. Some of the recent stuff has been weird or rude, but so have been a lot of True Name flames that have passed thru this list. We find True Name posts easier to deal with because it's what we're used to. Many are comforted by the thought that as a last resort, if a flame is just too evil, the poster can be tracked down and made to pay for his sins. The WELL was so threatened by the thought of anonymity that they required all pseudonyms to be traceable to the True Name, as an explicit policy right from the start of the system. Pure anonymity in all its manifestations is a strange, threatening, fascinating beast in our panoptic social-welfare world. Even those of us at the forefront of harnessing this monster shrink back in fear when it whinnies. Many of the recent anon posts have been quite productive, eg "Wonderer's" embarrassing newbie questions which motivated Hal Finney to first write a nice explanation of digital cash, then think of an interesting simplification of Chaum's scheme. Under any system falling short of truly intelligent filters, Hal would not have filtered S. Boxx's first posts without also filtering Wonderer's first posts. Pure anonymity provide voice for a wide variety of new kinds of expression that up until now have been suppressed. Some kinds are good (whistleblowing), some bad (slander). Most are good or bad depending on the situation (asking embarrassing newbie questions, expressing politically incorrect opinions, discussing illegal activities, etc.) I hope we continue experimenting with pure anonymity for a while longer, as well as experimenting with reputation-based pseudonymous systems. Some of what comes out might look very strange, something like tapping into previously concealed areas of our social psyche. I suspect the result will be a more honest dialog, a more productive conversation freed from posturing and, ironically, from the concealment of threatening truth. I hope we will observe the resulting new forms of good and evil with Zen patience and allow this quite interesting experiment to continue. Nick Szabo szabo at netcom.com From jrk at sys.uea.ac.uk Mon Oct 18 03:47:13 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Mon, 18 Oct 93 03:47:13 PDT Subject: PSEUDOSPOOFING Message-ID: <15143.9310181046@s5.sys.uea.ac.uk> An entity posting as "L. Detweiler" writes: >PSEUDOSPOOFING > >the activity of misleading people into thinking that an identity is >unique when it really isn't! i.e. posting behind `real' addresses not >specifically noted as anonymous! Such as that posting itself? BTW, someone has claimed in email to me that they wrote the "cypherpunk mindfucking" rant as a satire. Still an utter waste of time. -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From ebrandt at jarthur.Claremont.EDU Mon Oct 18 03:47:16 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Mon, 18 Oct 93 03:47:16 PDT Subject: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310180605.AA13346@longs.lance.colostate.edu> Message-ID: <9310181044.AA06678@toad.com> > From: "L. Detweiler" > On the other hand, I think there is an implicit assumption by virtually > everyone here that addresses on public posts and private email that are > not specifically anonymous represent *unique* people. [...] > 1) list members are allowed *one* anonymous identity if any. They are > required to associate some name with all anonymous posts via that identity. > 2) *no one* is allowed multiple `real' identities and in fact any > violation of this is considered an extremely serious breach of netiquette & honesty. [...] > deep end. The practice amounts to `spoofing' and any patriotic > cypherpunk with some integrity ought to recognize that immediately and [...] > crime against cypherpunk ideology. [...] It's interesting to see the different mental models that people hold of the net. To me, this equation that one truename means one persona is not realistic or reasonable. People spawn personas (-ae?) for many reasons, including psychological exploration, sociological experiments, sexual thrills, or just for practice at maintaining personas. I know of several instances in which one person patted himself on the back circularly, or took half a dozen sides in a discussion -- and can surmise about others. This sort of thing may well happen routinely, particularly in the low-rent areas of Altnet, where participation is a kind of game. What's more, the privacy technology `we' espouse can only promote this. There is no way to maintain this one-to-one equation when working with pseudonyms, when the human "dongle on the keyboard" is no longer a viable identifier. I think the Usenet motto, "Live with it", applies. Eli ebrandt at jarthur.claremont.edu From blaster at rd.relcom.msk.su Mon Oct 18 04:02:13 1993 From: blaster at rd.relcom.msk.su (Victor A. Borisov) Date: Mon, 18 Oct 93 04:02:13 PDT Subject: Monitor radiation overlooking. In-Reply-To: <4gjf9GqSMUgEIMznwj@transarc.com> Message-ID: > I had a little trouble with the English, but I think I followed the > math. I believe Victor's KGB friend is claiming that DES is a group. > Victor, does the following text contradict your claim? Sorry for my poor English. I want to saw, that DES is`t group. We can`t say, that: A k1, k2: E k0, that des(k2, des(k1, text))=des(k0, text) (A mean "for all", E mean "exist"); or: E k1, k2: A k0, that des(k2, des(k1, text))!=des(k0, text) I saw, that: E f(k, text): A k1, k2: E k0, len(k0)=len(k1)=len(k2), that des(k2, des(k1, test))=f(k0, text) f() like des(), but f() is not des()!!! My friend saw, that introder must try only 2^56 keys for des(des()). Once more, sorry for my poor English. PS I am sorry for my stupid letter about PGP randomizer. --- Victor A. Borisov aka blaster; Relcom R&D; Email: blaster at rd.relcom.msk.su; Phone: +7(095)-943-4735; +7(095)-198-9510; === Don`t panic! === From szabo at netcom.com Mon Oct 18 05:27:14 1993 From: szabo at netcom.com (Nick Szabo) Date: Mon, 18 Oct 93 05:27:14 PDT Subject: SILLY FLAMES: pseudospoofing In-Reply-To: <9310180941.AA15703@longs.lance.colostate.edu> Message-ID: <9310181225.AA06177@netcom6.netcom.com> L. Detweiler -- shocked, simply shocked, at the realization that multiple pseudonyms are possible on the net -- explodes: > ....how can this be a `forum' if an opinion > is not *representative*? Perhaps there are differences between a forum and a voting booth? > what if a single person just `ganged up' on > someone they didn't like by overwhelming them with pseudospoofs? what > if there was *truly* support for some project but a pseudospoofer > ganged up on the proponents and clobbered them with flames? Perhaps "support" is better measured by how many people are motivated enough to go to the effort to make multiple but individually unique, reputable posts in favor of a proposition, rather than by simple numerical polls that abstract away knowledge and motivation, or by how many True Names position themselves with I'm-on-your-side posts. On cypherpunks' better days, "support" is measured by what kind of code gets written, not by who flames whom how often under how many names. Of course we all know that writing code does not constitute *true* support, since only Democracy is The One True Way. > doesn't > it throw every `conversation' on this list into spectacularly > *grotesque* doubt? Welcome to the Internet, Detweiler. Perhaps you might get together some physical meetings in Colorado, talk to more cypherpunks on the phone, look at the pictures in Wired magazine (perhaps also faked?), etc. if you are so concerned about being ganged up on by unknown numbers of strangers. (Is it better to be ganged up on by known numbers of strangers? Why of course, that's called Democracy). > the idea > of `one man one vote' is SACRED. Hallelujah! Praise the Lord & pass the card punch! Let's vote ourselves bigger paychecks & unlimited medical care. Let's take a vote on which cypherpunks tools we will implement. Those who vote with the minority get to do the programming work, those in the majority get to tell the minority what to write. I nominate L. Detweiler President of the Cypherpunks. All in favor say "aye" and bow down to His Holiness of the Veiled Booth! > it is > *anti egaltarian*. it is a recipe for anarchy God forbid! Quick, Detweiler, get out your garlic, raise up your cross and abjure these crypto-anarchists before we spread any further! Next thing you know we'll get some elitist, anti-democratic development like untraceable digital cash. Some people will accumulate more digicash than others, and Detweiler won't even know who they are. Horrors! Quick Detweiler, write your electronic leveling tax protocols before its too late. Better yet, get the majority to vote on making us evil crypto-anarchists -- only a small cypherpunk minority once our pseudonyms are unmasked, of course -- make us write them for you. After all, egalitarian software is a basic human right! > UNFAIR INFLUENCE. ABUSE > OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. >... Isn't it just dreadful? > p.s. if anyone doesn't hear from me for awhile, assume I've been > `liquidated' and this isn't really an `open forum' ... Detweiler to be axed by untraceable crypto-moderator. Can't figure out how to make a pseudonym or use a remailer to avoid his fate in Oblivion. Graphic pictures at 11, may be unsuitable for children! Nick Szabo szabo at netcom.com From m5 at vail.tivoli.com Mon Oct 18 06:07:15 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Mon, 18 Oct 93 06:07:15 PDT Subject: PSEUDOSPOOFING In-Reply-To: <9310180941.AA15703@longs.lance.colostate.edu> Message-ID: <9310181302.AA01381@vail.tivoli.com> "L. Detweiler" writes: > I'm absolutely *horrified* and *nauseated* ... If digicash were a reality, I'd send you some with the proviso that you only spend it on clues. Repeat this chant until you attain enlightenment: Pseudospoofing cannot be prevented Pseudospoofing is a reality of online existance No amount of fear and loathing will make it go away If it weren't for fundamentally new concepts like the ability to pseudospoof (that's a lousy term, by the way), the net would not be the quantum change in human communication and human thought it is. > p.s. if anyone doesn't hear from me for awhile, assume I've been > `liquidated' and this isn't really an `open forum' ... No, I'll assume the ELF-2 running your pseudomind blew a fuse. -- Mike McNally From mnemonic at eff.org Mon Oct 18 06:27:14 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 18 Oct 93 06:27:14 PDT Subject: An idea. In-Reply-To: <9310151501.AA14843@ellisun.sw.stratus.com> Message-ID: <199310181324.AA09911@eff.org> Carl Ellison writes: > If all you're worried about is entrapment, you need only ask the person > in question if s/he works for any law enforcement or surveillance agency. > If they lie, then anything after that is entrapment. Please. This is not a way to avoid entrapment. Undercover police lie all the time, and their lying does not become a predicate for an entrapment defense. > I'm not a lawyer but I learned this from my masseuse in SLC UT, where > mixed-gender massage is considered a "sex act for hire" and she was > constantly subject to entrapment. One shouldn't generalize too much from massage-parlor cases. --Mike From frissell at panix.com Mon Oct 18 06:32:14 1993 From: frissell at panix.com (Duncan Frissell) Date: Mon, 18 Oct 93 06:32:14 PDT Subject: What, Me Worry? Message-ID: <199310181329.AA10213@panix.com> I realize that Blacknet debate was eons ago in net time (100 to 1 compression net time vs real time?) but I failed to stick my oar in because I was trying to cope with the 500 messages accumulated while I took an innocent weekend off. (Note to Perry -- Not *everyone* has a Sparc station at home and at work -- some of us can be swamped). Aside from contract murder, which shouldn't be much more of a problem than it is now because most people still won't be worth the powder it takes to blow them up, I don't expect blackmail and dossier abuse to be more of a problem on Blacknet than it was, say, in 1925. Why? Because there may be fewer grounds for blackmail and the damage possible to a person's reputation will be greatly reduced because (to Moderns) reputations are much less important. If you compare what a blackmailer might have threatened to reveal about a person in 1925 with what Madonna get's paid millions to do live on stage before thousands of people, you can see the problem. After all, it doesn't make much sense for a blackmailer to say to you, "I'm going to tell everyone that you are the practitioner of an alternative life style that they are teaching in the schools these days." Reputation was significant in the past because people were stuck in one small community for their whole lives and they, their children, and grandchildren would have to be living with their neighbors for the next hundred years. This sort of intimacy with "strangers" ended with the advance of technology, markets, and mass migration. The nets can only make this worse as even the strangest individuals can find a home with their fellow "deviates" somewhere in cyberspace. With the President a philandering, dope smoking, draft dodger; at least two cabinet jobs held by homosexuals, the mayor of New York an admitted tax evader; and the rather straight organiation I contract for giving baby showers for the single mothers as they go off to reproduce; it is hard to see many grounds for blackmail. Dope dealers --- WinQwk 2.0b#1165 From frissell at panix.com Mon Oct 18 06:32:16 1993 From: frissell at panix.com (Duncan Frissell) Date: Mon, 18 Oct 93 06:32:16 PDT Subject: What, Me Worry? Message-ID: <199310181329.AA10216@panix.com> I realize that Blacknet debate was eons ago in net time (100 to 1 compression net time vs real time?) but I failed to stick my oar in because I was trying to cope with the 500 messages accumulated while I took an innocent weekend off. (Some of us don't have SPARC stations at home and *can* be swamped.) Aside from contract murder, which shouldn't be much more of a problem than it is now because most people still won't be worth the powder it takes to blow them up, I don't expect blackmail and dossier abuse to be more of a problem on Blacknet than it was, say, in 1925. Why? Because there may be fewer grounds for blackmail and the damage possible to a person's reputation will be greatly reduced because (to Moderns) reputations are much less important. If you compare what a blackmailer might have threatened to reveal about a person in 1925 with what Madonna gets paid millions to do live on stage before thousands of people, you can see the problem. What could one say about Ophra guests that is worse than what they say about themselves. After all, it doesn't make much sense for a blackmailer to say to you, "I'm going to tell everyone that you are the practitioner of an alternative life style that they are teaching in the schools these days." Reputation was significant in the past because people were stuck in one small community for their whole lives and they, their children, and grandchildren would have to be living with their neighbors for the next hundred years. This sort of intimacy with "strangers" ended with the advance of technology, markets, and mass migration. The nets can only make this worse as even the strangest individuals can find a home with their fellow "deviates" somewhere in cyberspace. With the President a philandering, dope smoking, draft dodger; at least two cabinet jobs held by homosexuals, the mayor of New York an admitted tax evader; and the rather straight organization I contract for giving baby showers for the single mothers as they go off to reproduce; it is hard to see many grounds for blackmail. Dope dealers don't much care if they are reported to the authorities. That is just another risk of doing business and they don't respect the authorities enough even to fear them. The authorities are so swamped in any case that they find it hard to grab too many people. Child molesters remain unpopular (unless they work for the local schools) but they seem almost alone in their openness to blackmail. Bankrupts, drunks, drug addicts, homosexuals, single mothers, tax evaders, the politically incorrect, anarchists, people who run red lights, are all accepted as part of the glorious mosaic of American society. Even if they are occassionally fired, the booming market for contingent employment means that they won't suffer much loss of income. Seems like Blacknet blackmailers are going to have slim pickins. Duncan Frissell "Jennifer! Did Governor Clinton use a condom?" -- Unanswered question asked at Jennifer Flowers' March 1992 press conference. --- WinQwk 2.0b#1165 From cme at ellisun.sw.stratus.com Mon Oct 18 07:27:17 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 18 Oct 93 07:27:17 PDT Subject: uniqueness Message-ID: <9310181424.AA21853@ellisun.sw.stratus.com> >what really is our assurance that all these email addresses actually >exist and represent *unique* people? there really is very little currently. I see no way to guarantee uniqueness of the person unless you manage to incorporate some unique characteristic of a person (right hand print, for example) into a digital signature. PEM's key certificates might be an attempt to guarantee uniqueness but even there I can cheat by having a second job under a second name, for example, and getting a certificate in both. - Carl From cme at ellisun.sw.stratus.com Mon Oct 18 07:47:16 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 18 Oct 93 07:47:16 PDT Subject: Monitor radiation overlooking. Message-ID: <9310181439.AA21879@ellisun.sw.stratus.com> >Once more, sorry for my poor English. Your English is much better than my Russian. :-) I've cleaned up spellings and punctuation in the quote below, to reflect my understanding. Was I correct? >I want to say that DES isn`t group. We can`t say >that: >A k1, k2; E k0; ST des(k2, des(k1, text))=des(k0, text) > (A means "for all", E means "exist", ST means "such that"); > >or: E k1, k2; A k0; ST des(k2, des(k1, text))!=des(k0, text) > >I say that: >E f(k, text); A k1, k2; E k0 ST len(k0)=len(k1)=len(k2) and >des(k2, des(k1, text))=f(k0, text) > >f() is like des() but f() is not des()!!! >My friend says that the intruder must try only 2^56 keys for des(des()). What's missing in the last statement is the qualification of . Is it A text or E text ? Meanwhile, some method of learning f would be nice :-). Is it also claimed that: E g(k,text); A k1,k2,text; E k0 ST len(k0)=len(k1)=len(k2) and des(k2, f(k1, text)) = g(k0,text) for f(,) as defined above? (That is, does this method continue to apply for an indefinite number of DES copies?) - Carl From jdemmers at noel.pd.org Mon Oct 18 08:32:15 1993 From: jdemmers at noel.pd.org (Jim Demmers) Date: Mon, 18 Oct 93 08:32:15 PDT Subject: on anonymity, identity, reputation, and spoofing Message-ID: <199310181525.AA25442@noel.pd.org> > What if that `opinion' was not an accurate representation of > reality? what if a few people were creating the illusion that some > different kind of consensus existed? what if that `agenda' were > actually something inherently wicked like ... anarchy? ^^^^^^^^^^^^^^^^^ Nothing, absolutely nothing (IMVHO) is inherently wicked. This is a virtual forum, and as such, it is not (nor should it be) subject to the same laws that bound similar dialogues in actuality. The cyberspacial medium begs the development of new and unique forms of interaction - and broadening one's means of expression through the use of multiple identities is perfectly valid in my book. As for conspiracies-to-mislead, I must have seen at least 20 or 30 last night while I was watching the World Series. I don't know how many others 'buy' (pun intended) into the crap that passes between their ears during the course of any given day, but I consider myself intelligent enough to weed through the chaff unassisted. Peer pressure has always been a powerful coercive - so what? It's not my job to calibrate the 'moral compass' of others...I leave it to them as an exercise (to be turned in at check out time). > > 1) list members are allowed *one* anonymous identity if any. They are > required to associate some name with all anonymous posts via that identity. > 2) *no one* is allowed multiple `real' identities and in fact any > violation of this is considered an extremely serious breach of netiquette > & honesty. > 3) completely anonymous posts from `outside' the list are allowed; if > no pseudoidentity is given they are assumed to come from `outside'. > Give me a break! A little structure goes a long way but these rules call to mind elementary school experiences that I thought I'd left behind. I can see it now: The Cypherpunks List (schizophrenics need not apply) Let's move on... [the preceeding has not been a flame but a commentary. It should be taken as such.] -jim |=========================================================================| | | | Jim Demmers Public Domain, Inc. INET: jdemmers at pd.org | | P.O. Box 8899 jim.demmers at oit.gatech.edu | | Atlanta, GA 30306-0899 balder at gnu.ai.mit.edu | | Phone: 404-377-2627 FAX: 404-894-9135 | | | |=========================================================================| From klbarrus at owlnet.rice.edu Mon Oct 18 08:37:15 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 18 Oct 93 08:37:15 PDT Subject: crypto technique In-Reply-To: Message-ID: <9310181535.AA27722@great-gray.owlnet.rice.edu> Matthew J Ghio wrote: >In summary, I see no method which would yeild the original input without >knowing the values added to the nested polynomials (the private key), >and there is no way to determine the private key if the modulus is >applied to the resulting function. I've been thinking about this (well, not too much since I'm in the midst of midterms week :-). I beleive the equation leaks information. When you expand the equation symbolically, it is easy to solve for the constants by matching the coefficients of the highest powers and working backwards. If the constants can be negative as well as positive, the signs of some of the terms will reflect this. We know the magnitude of the constants must be less than P, which is public. But can they be negative - will the decoding process still work? Or, will you obtain the correct decoding for the correct choice and an incorrect decoding for the incorrect choice? If it turns out that either choice will decode a number to the same value, or if the decoding won't work with negative numbers, then this method is too easy to invert. If the constants can't be negative, or if they can be but it doesn't make a difference in the decoding, then taking the modulus doesn't obscure anything at all. For example, suppose c = 127 and d = -225. Then y1 = 7903. + 63.75 x + 63.875 x + 0.25 x + 0.125 x which becomes (after mod 256) y1 = 223. + 63.75 x + 63.875 x + 0.25 x + 0.125 x However, if c = 127, d = 31, then y2 = 8159. + 63.75 x + 63.875 x + 0.25 x + 0.125 x which becomes (after mod 256) y2 = 223. + 63.75 x + 63.875 x + 0.25 x + 0.125 x So y1 = y2. Here, d = -225 and d = 31 yeild the same equation (after mod operation). Now I need to try the decoding process to see if d = -225 or d = 31 yeild the same or different answers. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From arthurc at crl.com Mon Oct 18 08:47:15 1993 From: arthurc at crl.com (Arthur Chandler) Date: Mon, 18 Oct 93 08:47:15 PDT Subject: Cypherwaffle on spoofing Message-ID: I understand Detweiller's frustration. On another list, someone posted as if he/she were William Gibson. That kind of fraud undermines confidence on several levels. It attempts to dupe us, and usurps the name and reputation of a well-known writer, and sets up an atmosphere of suspicion and doubt fatal to any community. How would you like it if someone spoofmailed to this list under your name, then published Nazi slogans and argued for the legalization of rape? What I find odd is the number and vehemence of posts ON A LIST DEVOTED TO ENCRYPTION saying "Hey, it's a fact of life, accept it" -- even dragging out Machiavelli's profoundly mistaken "if you can't enforce it, don't prohibit it." Of all the groups on the Internet, I would think that this one would be in a special position to say "put your digital John Hancock on your post if you want to to taken seriously." From mnemonic at eff.org Mon Oct 18 09:02:15 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 18 Oct 93 09:02:15 PDT Subject: EFF servers down? In-Reply-To: <9310180107.AA15898@icm1.icp.net> Message-ID: <199310181557.AA11179@eff.org> Paul Ferguson writes: > I noticed that the EFF FTP server (FTP.EFF.ORG/KRAGAR.EFF.ORG) appears > to be down. Is this a scheduled outage (servicing, etc.) or are they > having problems. We were down over the weekend as eff.org moved from Cambridge to DC. --Mike From doug at netcom.com Mon Oct 18 09:17:15 1993 From: doug at netcom.com (Doug Merritt) Date: Mon, 18 Oct 93 09:17:15 PDT Subject: Cypherwaffle on spoofing In-Reply-To: Message-ID: <9310181616.AA18629@netcom6.netcom.com> Arthur Chandler said: > What I find odd is the number and vehemence of posts ON A LIST DEVOTED >TO ENCRYPTION saying "Hey, it's a fact of life, accept it" -- even >dragging out Machiavelli's profoundly mistaken "if you can't enforce >it, don't prohibit it." I don't understand your point. If it really is impossible to prevent people from creating multiple anonymous identities, what good does it do for any or all of us to say that we abhor the results? I grant you that there will be bad effects...but what precisely do you suggest we do about it? If you think that people *can* be somehow limited to a single anonymous identity, you'd best explain how you think so. If on the other hand you agree that such a limitation can't be enforced, then I fail to see your point at all. Doug From m5 at vail.tivoli.com Mon Oct 18 09:17:19 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Mon, 18 Oct 93 09:17:19 PDT Subject: Cypherwaffle on spoofing In-Reply-To: Message-ID: <9310181616.AA01727@vail.tivoli.com> Arthur Chandler writes: > What I find odd is the number and vehemence of posts ON A LIST DEVOTED > TO ENCRYPTION saying "Hey, it's a fact of life, accept it" -- even > dragging out Machiavelli's profoundly mistaken "if you can't enforce > it, don't prohibit it." Oh well, it's "profoundly" mistaken, so we'd better change our tune. OK, let's prohibit it. The net sure will be wonderful once that magic wand is waved. > Of all the groups on the Internet, I would > think that this one would be in a special position to say "put your > digital John Hancock on your post if you want to to taken seriously." Uhhhh... That's the *point*. It is a waste of time and energy to prohibit anonymity/pseudonymity when it's so easy to render it completely ineffective through the use of strong cryptography and digital signature technology. Note that if it weren't for the fact that humans can use sensory mechanisms to determine with some confidence the identity of a human they're talking to, we'd have been faced with the same problem for quite some time. That's one of the foundations of the whole cypherpunk concept: freedom to develop and use strong cryptosystems makes this confidence of identity possible over electronic networks. (Please pardon my presumption at speaking for the "organization"; I'm paraphrasing something Mike Godwin said at the Austin EFF Crypto meeting.) Note also that the problem *does* exist now: politicians recieve letters about hot issues from constituents---or at least they're *assumed* to be from constituents. How many votes have been changed over the years by clever miscreants sending many letters under different assumed identities? -- Mike McNally From cman at IO.COM Mon Oct 18 09:27:15 1993 From: cman at IO.COM (Douglas Barnes) Date: Mon, 18 Oct 93 09:27:15 PDT Subject: PSEUDOSPOOFING (lions and tigers and bears, oh my!) In-Reply-To: <9310180941.AA15703@longs.lance.colostate.edu> Message-ID: <9310181621.AA11152@illuminati.IO.COM> L. Det writes: > I for one > never saw *that* announcement when I signed up! calling > `pseudospoofing' `one of the `main goals' of cypherpunks software' > sounds *criminal* to me. Or maybe I'm missing the point! I guess this > is what anarchy really *is* all about! It was one of the main reasons *I* signed up... we were working on a TV show about cyberspace, and Paco Nathan explained public key encryption, digital money, and nyms with reputations in his inimitably cheerful and energetic fashion for our cameras. The part he was most excited about (a part that still fascinates me no end) is the possibility of spawning new identities that can acquire reputations, property, prestige, ignominity, whatever, without the need to appeal to a government bureaucracy for validation. Furthermore, the whole notion that there is some kind of implied contract when you join a free mailing list completely absurd, second only to your notion that we are all pushing for the same political agenda (or should be) because we put our names in the same hat at toad.com. It just ain't so, and no amount of wishing will make it so. And, to cap it all off, I have had more external validation of the physical existence of the key members of *this* data space than any other international data space I participate in; in addition to numerous pictures, I've met a number of the folks, who have, in turn, met a number of the folks... cypherpunks is one of the meetingest mailing lists I've ever seen or heard of. Doug PS: the show never got edited, because Steve and I decided to set up io.com. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From bogus@does.not.exist.com Mon Oct 18 09:27:19 1993 From: bogus@does.not.exist.com () Date: Mon, 18 Oct 93 09:27:19 PDT Subject: your mailRe: on anonymity, identity, reputation, and spoofing Message-ID: <9310181620.AA17894@alumni.cco.caltech.edu> I do sympathize with L. Detweiler's concern about multiple identities. Human nature being what it is, if a series of posts appears quickly taking one view, people who disagree may think, well, I guess I'm in the minority on this, I won't make a stink about it. That's just part of the herd instinct, which, IMO, we all share. The lesson is that it is even more important on the net not to be afraid to take unpopular stands. You may find that there are more people who agree with you than you thought. In particular, although I think Detweiler's posts could be tightened up considerably, and I don't agree with his solutions in detail, I can understand his paranoia, having shared it from time to time. There are some possible technological solutions to some of the issues raised. Chaum, in his 1985 CACM paper, describes how "credentials" can be exchanged among various pseudonyms a person may have. A credential can basically be any statement by a 3rd party about a person. It could be a statement by a college that he had a certain degree. It could be a statement by a government that he had a driver's license. It could be a statement by a business that he was an agent for that business. The credential would be given to the person, then Chaum shows how it could be re-blinded and shown under other pseudonyms. The credential can be verified, but it can't be linked to the True Name or other pseudonyms of the holder. We could think about using something like this for reputations. Take Nick's question about how a new pseudonym could get through the filters. Maybe the person posts under his real name for a while, then some respected person is willing to give him a "valued poster" credential. He can re-blind this credential and submit it with posts he starts to make under his pseudonym. People will know that the pseudonymous poster is at least potentially capable of making sense, and give his words some weight. But there will be no connection to his True Name. (Of course, this could lead occasionally to a Dr. Jekyll who makes sensible and weighty posts under his own name, while under his Mr. Hyde pseudonym he rants and raves. But hopefully this would not happen too often.) Other credentials could be related to some of the other points Detweiler raised, such as list membership > some number of months. The point would be that these credentials are voluntary, used to get past people's filters, and that they retain poster anonymity while giving readers useful information about the poster. It's ironic that L. Detweiler, who has played a major part in spreading awareness of Cypherpunks technology through his widely read Privacy and Anonymity FAQ, is suggesting that people should be limited in their use of this technology. Still, the concerns he raises are going to be shared by many people, and we should try to be ready with technological solutions that are consistent with privacy protection. Hal Finney hfinney at shell.portal.com From jrk at sys.uea.ac.uk Mon Oct 18 09:37:15 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Mon, 18 Oct 93 09:37:15 PDT Subject: Cypherwaffle on spoofing Message-ID: <28946.9310181639@s5.sys.uea.ac.uk> Arthur Chandler writes: > What I find odd is the number and vehemence of posts ON A LIST DEVOTED >TO ENCRYPTION saying "Hey, it's a fact of life, accept it" -- even >dragging out Machiavelli's profoundly mistaken "if you can't enforce >it, don't prohibit it." "It's a fact of life" is a fact central to the, ahem, cypherpunk cause. Virtual personas are here. The only question is how this will change the way people deal with each other over the net. >Of all the groups on the Internet, I would >think that this one would be in a special position to say "put your >digital John Hancock on your post if you want to to taken seriously." That is one possibility: people start signing posts with IDs that verifiably mean something over a wider range of net and RL spaces than just a single small world like cypherpunks at com.toad. Personas which consist only of postings here might come to be taken less seriously, even if their content appears useful and constructive. I do not see what authoritarian action is needed, desirable, or practical. I would rather see a consensus emerge over how to behave in this new environment. I notice you didn't sign your post. Can I conclude that you do not want it to be taken seriously? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From mech at eff.org Mon Oct 18 09:42:15 1993 From: mech at eff.org (Stanton McCandlish) Date: Mon, 18 Oct 93 09:42:15 PDT Subject: German "NSA" has a Clipper plan too? + News of German conf. Message-ID: <199310181637.AA11758@eff.org> More int'l. news of some interest. **** Begin Forwarded message **** From: Reiner Perivolaris Message-Id: <9310082023.AA03362 at w250zrz.zrz.TU-Berlin.DE> Subject: CCC'93 and You ... To: fig at well.sf.ca.us Date: Fri, 8 Oct 1993 13:23:34 -0700 Re-To: reiner at physik.tu-berlin.de X-Mailer: ELM [version 2.4 PL5] Content-Type: text Content-Length: 1827 The plan of the Clinton administration for the ISDN-Net (?!) will be a part of a workshop or a own theme and the fight for private cryptos (eg. PGP), include the trouble of P. Zimmerman. The 'Clipper/Skipjack'-Chip can/will be a theme, because storys are "on their way", that german BSI (*my* translation:Federal Office for Security of Informationsystems) and the TELEKOM (Telephoncompany) have a plan like the NSA. Where all this and more? At the CCC'93 (10. Chaos Communication Congress 1993). 27. -29. Dec. 1993 Eidelstedter Buergerhaus Alte Elbgaustr. 12 Hamburg-Eidelstedt Germany Organization: Choas Computer Club e.V. Address: CCC e.V. (Orga-CCC'93) Schwenckestr. 85 20255 Hamburg Germany I am one of the guys who organize this workshop and the congress. We are reading 'comp.org.eff.news', 'comp.org.eff.talk' and other information we can get. But only to talk about the EFF *we thing* is not enough. It would be nice, if members of Your organization will be there and have the chance to explain what EFF is doing. And when You get new members *we hope so* it will be good for Your movement and the 'global village'. **** End Forwarded Message **** -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From tcmay at netcom.com Mon Oct 18 10:17:15 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 18 Oct 93 10:17:15 PDT Subject: Uniqueness and "is-a-person" credentials In-Reply-To: <9310181424.AA21853@ellisun.sw.stratus.com> Message-ID: <9310181717.AA24067@netcom5.netcom.com> Carl Ellison writes: > I see no way to guarantee uniqueness of the person unless you manage to > incorporate some unique characteristic of a person (right hand print, for > example) into a digital signature. > > PEM's key certificates might be an attempt to guarantee uniqueness but even > there I can cheat by having a second job under a second name, for example, > and getting a certificate in both. I don't know if we've ever talked on this list about the "is-a-person" protocols discussed in several "Crypto" papers, namely, the Fiat-Shamir passport scheme for credentialling persons, the ability to spoof with the complicity of states (e.g., Libya conspires to create false "is-a-person" passports for its agents), etc. I don't like the idea of state-run registries of "legal persons." Better to live with the occasional vagaries of digital pseuodonyms than to ban them. (And multiple identies can have many uses, some good, some not. Welcome to the future.) Since it may touch on our "cypherpunks agenda," I plan to read up on some of these proposals for "is-a-person" credentialling and see how they might relate to schemes for centralized key registration or escrow. Any suggestion besides the "Crypto" proceedings? --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From tcmay at netcom.com Mon Oct 18 10:37:15 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 18 Oct 93 10:37:15 PDT Subject: "True Names" and "Ender's Game" (was: Cypherwaffle...) In-Reply-To: <9310181616.AA01727@vail.tivoli.com> Message-ID: <9310181737.AA26709@netcom5.netcom.com> Some novels to enjoy... Earlier today Nick Szabo (not his True Name?) made some references to True Names. I'm sure you all have heard many of us speak about Vernor Vinge's "True Names." If you have not yet read it, buy a copy today and read it tonight in lieu of reading this list! Another novel is "Ender's Game," by Orson Scott Card, in which some kids carry on a political debate on the Nets of the future under the digital pseudonyms "Locke" and "Demosthenes." Over a period of months and then years, these nyms ("True Nyms"?) develop a large following and are demonstrably important entities. About the way our own "S. Boxx" could be if he/she/it didn't periodically lapse into rants and flames about "traitors," the "death fo the cypherpunks cause," and so on. Actions have consequences, even in cypherspace. Anyway, I strongly recommend both "True Names" and "Ender's Game." --Tim May (my True Name) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From hal at alumni.cco.caltech.edu Mon Oct 18 10:47:15 1993 From: hal at alumni.cco.caltech.edu (Hal Finney) Date: Mon, 18 Oct 93 10:47:15 PDT Subject: Uniqueness and "is-a-person" credentials Message-ID: <9310181740.AA19147@alumni.cco.caltech.edu> I remembered about is-a-person credentials after I posted. I had thought this idea came from Chaum but I didn't see it in his 1985 paper. I don't recall the details of this credentialling mechanism, so take what I say here with a grain of salt. I hope someone can post a cite. One point is, there is no need to associate these with states. Private corporations could easily issue is-a-person credentials. You show up and let them take your thumbprint (retina print, DNA scan, ...), and they give you the credential. They don't need to know your name, just that you don't already have a credential. (The different agencies would have to share a database as is done in many industries today.) Then, if L. Detweiler wants to accuse Eric and Jamie of being the same person, they can disprove it by exhibiting their different is-a-person credentials. (They might not "exhibit" them, they might use some kind of zero-knowledge proof to show they are different.) If anonymity and spoofing get to be too bad a problem, most people may refuse to have net.dealings with anyone who is not willing to show an is-a-person credential. Among your pseudonyms, only one can show it, otherwise they will be linked. This would force all but one of your pseudonyms into second-class citizenhood on the net. This may seem unfortunate, but as those who just got through flaming Detweiler remind us, if something like this is possible then just because you don't like it, that won't stop it from happening. It may be that in the future the net is not a very anonymous environment, just because the technology exists to catch spoofers. L. Detweiler may get his wish after all. Hal Finney hfinney at shell.portal.com From an41418 at anon.penet.fi Mon Oct 18 10:57:16 1993 From: an41418 at anon.penet.fi (wonderer) Date: Mon, 18 Oct 93 10:57:16 PDT Subject: on anonymity, identity, reputation, and spoofing Message-ID: <9310181752.AA07689@anon.penet.fi> I believe it is very valuable to have an anonymous identity that nobody can associate with your actual one. Besides asking embarsassing newbie questions (which I will become more and more famous for), I am learning a lot about what it means to build up an anonymous reputation. I have posted to a few other newsgroups as well, and I am having dialogues with people through e-mail. I feel as though I have a real identity. My actual identity also has reasons for not wanting to appear on this mailing list. I wonder if I am catching some strain of multiple personality disorder... Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From smb at research.att.com Mon Oct 18 11:07:15 1993 From: smb at research.att.com (smb at research.att.com) Date: Mon, 18 Oct 93 11:07:15 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) Message-ID: <9310181804.AA11971@toad.com> I have a fairly strong bias these days towards staying out of meta- discussions on mailing lists and newsgroups, and primarily contributing when I have some particular expertise I can bring to bear. I'll break that rule now... There's a persistent tendency on this list to confuse technical feasibility, political feasibility, and ultimate desirability. The whole business about pseudonyms is a good example. Guess what -- the ability to use pseudonyms is not new. Yes, the Net makes it easier, but they're far from rare in the ``real world''. The potential for abuse is obvious -- and that's why the government has tried to make it harder and harder to create truly-functional aliases, to the point of criminalizing many aspects of it. Nor is the concept of an anoymous spending mechanism new. We speak of ``digital cash'' for a reason -- its essential properties are modeled on those of real cash. Of course, when real cash became problematic for the government, they did the obvious -- they promulgated laws and regulations regarding what you can do with it (i.e., the rules on forms to be filled out when leaving the country, the bank rules on large cash transactions, etc.). Are any of these laws 100% effective? Or even substantially effective? Of course not -- but they've accomplished two things. One, they've raised the ante for playing certain games that the government doesn't want played. Two -- and probably more important -- they've provided the government with a new weapon to use against you. Can't convict Al Capone of racketeering? No problem; just charge him with tax evasion. So it is with the net. When email and digital cash become social forces in the larger community, as opposed to our electronic subcommunity, you'll start to see more regulation. It might not even be purely governmental; the large companies that want to run ``the'' net have their own agendas, which concern things like large profits and keeping the government away, and have little to do with privacy. Remember Prodigy? I haven't noticed that it's lacking for customers because of their policies. Or -- envision, if you will, an ukase that the FCC will regulate the Internet, and that anyone who wants to connect will have to agree to an acceptable use policy that includes the requirement that all mail be digitally signed, both by the individual and by the site, and that mailers enforce this requirement. Can't happen? Nor do I think that ``offshore data havens'' will help. Apart from the fact that most major governments are basically in accord on the question of who makes the rules (them, not the people -- or did you see any governments denouncing Clipper? I saw lots of endorsements), there is a potent weapon that can be used: mandatory disconnection from the net for any country that doesn't co-operate enough. (Even the famed Swiss banking system is under a lot of pressure these days on such issues, and they and the Swiss government are co-operating a lot more with other countries. Wanna place any bets on creating a whole new anonymity structure?) For that matter, international bandwidth is a matter for diplomats as well as technicians; permission to create new circuits will simply be withheld. If you doubt me, try placing a call to Cuba, or to the former USSR. After your Nth ``circuits busy'' message, don't bother asking why the long distance carriers haven't installed more trunks, when there's obviously a demand for them. Certainly, there are ways around some restrictions. The inability to call directly between Israel and the Arab countries has bred call- forwarders. But to the extent that these have come to official notice of governments that care to suppress the traffic, they've been shut down. This is force majeure, friends, not bits on a wire. Cryptographic technology is an enabling mechanism for various social changes. It by no means makes them inevitable. Don't delude yourself on that; the political will to do something is more important when various alternatives exist. To allude to fiction again, I've heard people cite Margaret Atwater's ``The Handmaid's Tale'' as an argument against electronic banking and the like. In the book, at the stroke of a pen all women's bank accounts were cancelled. But that's the wrong lesson; the real issue was the governmental decision to take the action. And throughout the centuries, governments have had no trouble stripping hated minority groups of their assets, without any need for computers. If you want a Brave New Digital World, it isn't sufficient to build the tools. You also have to convince people that it's a good idea. Oh, the online world is coming; no doubt about that. But people have to be convinced that privacy and the like is in their interests, that it will solve problems that *they* will have. Equally important, they have to be convinced that it will not create new problems, to their perception (and the perception may have little to do with reality. 500 -- nay, 500,000 -- channels of digital information to the home will do nothing to educate those who prefer to learn about the world from McData Services, or from CBS/NBC/ABC/Fox/AP/UPI. There are myriad sources of information right now that most folks never see, because they don't know of them, don't trust them, or just don't want to bother. Face it, it's easier to let someone else do the editing -- but then you have to trust them. Do you want an example? Here's how to shut down an anonymous remailer. First, find a name for a host that no longer exists. Send a note through the remailer to someone putatively on that host, making it appear like a stolen account (bin at foo.bar.edu, or some such). The mail should appear to discuss criminal activity, and be signed with a name from the proper ethnic group. The message will be queued forever, of course, and will likely be stored on the backup tapes for the mail spool directory. Next, send a message through the remailer to president at whitehouse.gov, threatening the president. Poof -- the Secret Service *will* come investigating (those guys have no sense of humor). They may or may not believe that the planted note is genuine. But they will approach the appropriate dean to demand that this tool of criminal activity be shut down. Quick -- how many remailers have the support of the university? How many boards of trustees -- at state universities, often linked to the government -- will back them, if the Secret Service ``requests'' that they be shut down. The answer, of course, is to have a defense ready in terms that such people can accept. Show the good remailers can do (i.e., alt.abuse.recovery, though I know of the controversy surrounding it). Show them as a paradigm for privacy. And show that abuses are not tolerated by the community. The recent ``traitor mail'' here is actually a good example. While there have been refreshingly few calls for limiting anonymity, there's also been no tolerance for the ideas expressed. I've gone on too long, and this message has started to ramble. Enough for now. --Steve Bellovin From hughes at ah.com Mon Oct 18 11:22:15 1993 From: hughes at ah.com (Eric Hughes) Date: Mon, 18 Oct 93 11:22:15 PDT Subject: ANON: _The Economist_ on South Korea Message-ID: <9310181820.AA02600@ah.com> The 11 Sep 93 Economist had an article on South Korea called "Too clean for comfort" about their president Kim Young Sam and his political housecleaning. I excerpt a relevant passage. [...] One of Mr Kim;s first presidential acts was to bare his assets. Then ministers, MPs and top civil servants were all required to disclose their net worth. To no one's surprise, while the president's people were mostly clean, many of the old guard turned out to be rolling in wealth whose origins they could not readily explain. Many resigned. The "real names" reform, announced on August 12th, was Mr Kim's most radical step yet. The issue had been hotly debated for over a decade. Hitherto South Koreans had been able to keep bank accounts in any name they cared to invent; convenient for tax evasion, and for recycling the cash-stuffed white envelopes that for decades have routinely oiled the country's wheels of business and politics alike. Mr Kim struck out of the blue. Only the secret task force drawing up the plan knew about it; they had told their families that they were on a course in America. Even Mr Kim's cabinet was informed only an hour before the public announcement. Not a word leaked out. [...] Anyone who upsets so many applecarts risks making himself a lot of enemies. But Mr Kim's positioning is good. Anyone who speaks out against real names or asset-baring must surely have something to hide. Conversely, the whole campaign is widely popular with the public, chiming as it does with the widespread perception (even in a country with one fo the world's most even distributions of income) that fat cats are licking off the cream. A new target market? Eric From 72114.1712 at CompuServe.COM Mon Oct 18 11:27:15 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Mon, 18 Oct 93 11:27:15 PDT Subject: DETWEILER Message-ID: <931018181809_72114.1712_FHF80-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Lance Detweiler finished his most recent rant thusly: . . . is *this* what the Cypherpunks really stand for? UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. Lance, stop frothing at the mouth and get a life. S a n d y (aka Tim May, Eric Hughes, Nick Szabo, Perry Metzger, Duncan Frissell, Mao Tse-tung, George Herbert Walker Bush and a cast of thousands) >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cdodhner at indirect.com Mon Oct 18 11:42:15 1993 From: cdodhner at indirect.com (Christian D. Odhner) Date: Mon, 18 Oct 93 11:42:15 PDT Subject: Big Brother Inside Stickers Message-ID: <199310181838.AA25403@indirect.com> I received the stickers from the printer about 10 minutes ago. It'll take me a day or three to get them all mailed out. ( they came pre-cut rather than in sheets like I thought they would; Big orders of 1000 or more are going to involve some substantial processing time ;) Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 From sameer at netcom.com Mon Oct 18 12:07:15 1993 From: sameer at netcom.com (Sameer Parekh) Date: Mon, 18 Oct 93 12:07:15 PDT Subject: Introducing digital cash in a MOO Message-ID: <9310181903.AA18518@netcom.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- I remember Eric was talking at the 2nd last (September) cypherpunks meeting about setting up some sort of digital cash system in MU*s. It's a very good idea, yes. I was thinking that metaverse.io.com would be an interesting ground to implement digital cash, because this MOO seems like a very commercial-oriented system. I know that Fringe Ware, Inc. has set up an office in the MOO where once it's up and running will serve people's requests for information. Paco, in his article on Metaverse in the new Fringe Ware Review, talks about how small start up companies can get offices in metaverse, if they can't afford (like apple) an ftp site to serve their customers. This might be extended to an actual *commerce* system. Someone could lease a plot of MOO-space, set up a digital bank, issue bank notes, and users could use these digicash notes to purchase products at the offices of small companies located in the Metaverse. Because io.com is a commercial system, it might actually not be that tough to implement a us-dollars-backed system. I.e.: a digibank would take actual DOLLARS from users, give them digicash notes, and users can use the notes to make transactions in MOOspace, and vendors and users alike may redeem their digicash for us-standard cash. In order to deal with the legal issues associated, it might be easiest for io.com to actually run the digibank, but not necessary. Personally, I'd prefer a digibank run by a third-party, but I have no real problem with io.com running the thing. It certainly seems promising. - -- Sameer sameer at netcom.com -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMLogwvya0ihLgutAQHU0QP/eib6YHPE3/dgipfy+WQ6pMM6TTq8lxl6 BnsxtOBC6jGALbZyCSp7ADfhEHYQAd0ZcgrvwE9bwJW05iRNb2U8H+QlrEovoPD3 0VBnmlL9ge2wr4bGnTZvSSob4ooODEgFj8BDjwfya8UVhgeGfcAIzvp8pEd4nsII kpJ4i/Yqw4M= =5vMg -----END PGP SIGNATURE----- From nowhere at bsu-cs.bsu.edu Mon Oct 18 12:12:15 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Mon, 18 Oct 93 12:12:15 PDT Subject: Leisure Suit Larry Message-ID: <9310181910.AA23049@bsu-cs.bsu.edu> On 18 Oct 93 14:18:10 EDT Sandy Sandfort <72114.1712 at CompuServe.COM> wrote - > Punksters, > > Lance Detweiler finished his most recent rant thusly: > > . . . is *this* what the Cypherpunks really stand for? > UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. > TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. > > Lance, stop frothing at the mouth and get a life. Uh, its not "Lance," its "Larry" Detweiler, as in Leisure Suit Larry. (Sorry, Larry.) Spooge From tcmay at netcom.com Mon Oct 18 12:47:15 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 18 Oct 93 12:47:15 PDT Subject: Time for me to come clean... Message-ID: <9310181946.AA16825@netcom5.netcom.com> My experiment has gone far enough. One of you has claimed that the Net entity "tcmay" (Timothy C. May, putatively) is actually "jamie" (Jamie Dinkelacker, putatively). This person has at other times claimed that perhaps Eric Hughes and Jamie are the same person, and that the Net entity "tcmay" is the "lackey of Eric Hughes." It is all getting so confusing! Allow me to clarify. I entered this list under a variety of pseudonyms, with the intent of compiling information on all of you. I have been posting under the identities of Tim May (who has actually never existed....the man behind the mask on the cover of "Wired" was a hired actor, as were the stand-ins for the personnas of Eric Hughes and John Gilmore), Sandy Sandfort, Jamie Dinkelacker, and many others. I disavow any connection to the paranoid "S. Boxx," however. In fact, I think there are only five actual biological entities on the list. Makes for some good conspiracy theories for the paranoids. Finally, I also write under the nym de guerre of "Dorothy Denning." The real Dorothy Denning is too busy grading papers for her freshman crypto class to post, so I fill in. My real name should be apparent to you all. I knew if I used it, the other four of you would not take me seriously. But now the secret's out. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb From lefty at apple.com Mon Oct 18 13:02:15 1993 From: lefty at apple.com (Lefty) Date: Mon, 18 Oct 93 13:02:15 PDT Subject: PSEUDOSPOOFING Message-ID: <9310181855.AA26688@internal.apple.com> >what if people were being *influenced* by what >they perceived was the *majority opinion* or the *views of their peers* >that were really nothing but DECEPTION AND LIES? what if it was >*thwarting progress*? I would consider this nothing but TREACHERY and >HIGH TREASON. is all this really one of the `main goals' of the >cypherpunk agenda? if so, SIGN ME OFF. Works for me. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From chrome at jhunix.hcf.jhu.edu Mon Oct 18 13:02:19 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Mon, 18 Oct 93 13:02:19 PDT Subject: ENOUGH ALREADY!!!(Was Re: Gibson In-Reply-To: <9310172117.AA26114@netcom.netcom.com> Message-ID: On Sun, 17 Oct 1993, Kelly Goen wrote: > Date: Sun, 17 Oct 1993 17:17:19 -0400 > From: Kelly Goen > To: chrome at jhunix.hcf.jhu.edu > Cc: cypherpunks at toad.com > Subject: ENOUGH ALREADY!!!(Was Re: Gibson > > Dear Sir, > > Without enrolling in yours and others discussion about > anarcho/capital/social/ isms Ad Nauseam... would you mind > taking this SOMPLACE ELSE... this discussion is NOT appropriate for the list > WE have REAL issues and problems to address... Thanx in advance... > cheers > kelly > -- I said this once, and I guess I'll have to enlighten those who were ignorant enough not to read the first time around! My first message ended something like this: "how about multiple forms of digital cash? This removes a centralized monopolized bank as a form of electronic power, i.e. the bank president could refuse digi-loans to those elements of society he figured would usurp his(her?) bank's power." Does this figure into the ideological framework of your newsgroup? It looked like, but if you still think that I am way out of line with that comment, just drop a line and I'll have myself removed from the list. OK? That's all for now, and please don't hesitate if something else like thi bothers you! -Sincerely pissed off at everyone who keeps sending me mail like this, -Alex Reynolds From paul at poboy.b17c.ingr.com Mon Oct 18 13:27:15 1993 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Mon, 18 Oct 93 13:27:15 PDT Subject: Leisure Suit Larry Message-ID: <199310182026.AA12159@poboy.b17c.ingr.com> In-Reply-To: <9310181910.AA23049 at bsu-cs.bsu.edu>; from "Anonymous" at Oct 18, 93 2:10 pm > Uh, its not "Lance," its "Larry" Detweiler, as in Leisure Suit > Larry. (Sorry, Larry.) Well, Dorothy Denning referred to "Larry Detwiler"'s comments on the ITAR in the latest RISKS, which I don't have handy. I always thought it was Lance. Could there be more than one? Is "tcmay" also posing as one of the L. Detwilers? Are we being pseudospoofed? Maybe someone should call Dan Rather. -- Paul Robichaux, KD4JZG | "Change the world for a better tomorrow. But perobich at ingr.com | watch your ass today." - aaron at halcyon.com Intergraph Federal Systems | Be a cryptography user- ask me how. From XXCLARK at indst.indstate.edu Mon Oct 18 13:47:24 1993 From: XXCLARK at indst.indstate.edu (XXCLARK at indst.indstate.edu) Date: Mon, 18 Oct 93 13:47:24 PDT Subject: Breath of... Message-ID: <9310182045.AA13401@toad.com> > From: smb at research.att.com > Received: by gryphon; Mon Oct 18 14:02:02 EDT 1993 > To: cypherpunks at toad.com > Subject: jrk at sys.uea.ac.uk (Richard Kennaway) > Date: Mon, 18 Oct 93 14:02:01 EDT > There's a persistent tendency on this list to confuse technical > feasibility, political feasibility, and ultimate desirability... ... a breath of fresh air. --------------------------------------------------------------------- PGP key internet : xxclark at indst.indstate.edu by request. Vanilla BITNET: XXCLARK at INDST Plus e la change, plus c'est la mme chose. --------------------------------------------------------------------- From exabyte!smtplink!mikej at uunet.UU.NET Mon Oct 18 14:47:25 1993 From: exabyte!smtplink!mikej at uunet.UU.NET (Mike Johnson) Date: Mon, 18 Oct 93 14:47:25 PDT Subject: Time for me to come clean... Message-ID: <9309187509.AA750982510@smtplink.exabyte.com> >My experiment has gone far enough. >One of you has claimed that the Net entity "tcmay" (Timothy C. May, >putatively) is actually "jamie" (Jamie Dinkelacker, putatively). This >person has at other times claimed that perhaps Eric Hughes and Jamie >are the same person, and that the Net entity "tcmay" is the "lackey of Eric >Hughes." >It is all getting so confusing! >Allow me to clarify. >I entered this list under a variety of pseudonyms, with the intent of >compiling information on all of you. I have been posting under the >identities of Tim May (who has actually never existed....the man >behind the mask on the cover of "Wired" was a hired actor, as were the >stand-ins for the personnas of Eric Hughes and John Gilmore), Sandy >Sandfort, Jamie Dinkelacker, and many others. >I disavow any connection to the paranoid "S. Boxx," however. >In fact, I think there are only five actual biological entities on >the list. Makes for some good conspiracy theories for the paranoids. >Finally, I also write under the nym de guerre of "Dorothy Denning." >The real Dorothy Denning is too busy grading papers for her freshman >crypto class to post, so I fill in. >My real name should be apparent to you all. I knew if I used it, the >other four of you would not take me seriously. But now the secret's >out. >David >-- >David Sternlight When the mouse laughs at the cat, > there is a hole nearby.--Nigerian Proverb Oh, my! I'm so confused! I think I may have to sue myself for libel for connecting such two vastly different personas of myself with each other! --Tim May (AKA George Bush, David Sternlight, etc.) From ee at lever.com Mon Oct 18 15:12:29 1993 From: ee at lever.com (Edward Elhauge) Date: Mon, 18 Oct 93 15:12:29 PDT Subject: ANON: _The Economist_ on South Korea In-Reply-To: <9310181820.AA02600@ah.com> Message-ID: In message <9310181820.AA02600 at ah.com>, Eric Hughes writes: > [...] One of Mr Kim;s first presidential acts was to bare his > assets. Then ministers, MPs and top civil servants were all > required to disclose their net worth. To no one's surprise, while > the president's people were mostly clean, many of the old guard > turned out to be rolling in wealth whose origins they could not > readily explain. Many resigned. > > The "real names" reform, announced on August 12th, was Mr Kim's > most radical step yet. The issue had been hotly debated for over a > decade. Hitherto South Koreans had been able to keep bank accounts > in any name they cared to invent; convenient for tax evasion, and > for recycling the cash-stuffed white envelopes that for decades > have routinely oiled the country's wheels of business and > politics alike. >A new target market? My first reaction to this post was, "Are we supposed to feel sorry for these people?" But then I realized that the real problem was giving other people enough power over you that you depend on them to be honest. -- Edward Elhauge | "The only thing worse than being talked about Lever Industries | is not being talked about." San Francisco | -- Oscar Wilde ee at lever.com | From ferguson at icm1.icp.net Mon Oct 18 15:12:30 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Mon, 18 Oct 93 15:12:30 PDT Subject: Dan Rather, et al. (WAS: Leisure Suit Larry) In-Reply-To: <199310182026.AA12159@poboy.b17c.ingr.com> Message-ID: <9310182312.AA02437@icm1.icp.net> > > Uh, its not "Lance," its "Larry" Detweiler, as in Leisure Suit > > Larry. (Sorry, Larry.) > > Well, Dorothy Denning referred to "Larry Detwiler"'s comments on the > ITAR in the latest RISKS, which I don't have handy. I always thought > it was Lance. > > Could there be more than one? Is "tcmay" also posing as one of the L. > Detwilers? Are we being pseudospoofed? Maybe someone should call Dan > Rather. I've been sitting back, watching the signal-to-noise on the list fluctuate with a smidgeon of a grin on my face. "Pay no attention to the man behind the curtain!" Personally, I think that the list is just going through a few minor changes, the worst of which are new people checking into "something that they had heard about." Face it -- the net grows a bit more "open" every day. As far as Dan Rather goes, I'd bet he wouldn't even understand. ,-) Cheers, _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From honey at citi.umich.edu Mon Oct 18 15:52:21 1993 From: honey at citi.umich.edu (peter honeyman) Date: Mon, 18 Oct 93 15:52:21 PDT Subject: Dan Rather, et al. (WAS: Leisure Suit Larry) Message-ID: <9310182251.AA15673@toad.com> > As far as Dan Rather goes, I'd bet he wouldn't even understand. kenneth, what is the frequency?!? peter From peb at PROCASE.COM Mon Oct 18 16:02:21 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Mon, 18 Oct 93 16:02:21 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) Message-ID: <9310182300.AA03078@banff.procase.com> I share many of these same concerns. Ultimately, it's an arms race. One thing is clear: the ways around restrictions lower bandwidth. Examples: steganography and covert channels are low-bandwidth. By analogy, successive transfers of small amounts of money gets around the reporting to the "Benevolent Caretaker" is also a lowering of bandwidth. However, it should be remembered that authorities attempted to outlaw the printing press after its invention. I'm not sure how long that lasted, but since the Soviet Union kept tabs on all copiers, in some sense, such repression lasted a long time. (And in the U.S., it has been said that color copiers are tracked, but this sounds like a bluff to me since a color scanner+color printer is sufficient to duplicate that capability. Is it possible to buy a color copier anonymously?) Given this, it *is* possible that freedom of expression is going to win eventually. Anonymous digital cash is more likely to be compromised since, as you note, even the Swiss have been pressured into opening up their records of anonymous bank accounts. Paul E. Baclace peb at procase.com P.S.: Prodigy is not yet profitable, last I heard. ``Is that a real network or is that a Sears network?'' --Frank Zappa paraphased. From pdn at dwroll.dw.att.com Mon Oct 18 16:07:21 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Mon, 18 Oct 93 16:07:21 PDT Subject: Coffee, anyone? Message-ID: <9310182305.AA15900@toad.com> Hello, _real_ people and cypher-crypto-pseudo-spoofs! I almost fell out of my chair laughing at the recent post revealing the TRUE identities of half the people (I use that term guardedly these days) in the mail group. It did me a world of good. Try this on for a quick reality check- this is how I view the issue of anonymity, trust, reputation, validity, etc. in the Cypherpunk forum: I see the list as a coffee house, buried in the bowels of a machine at Berkeley. People wander in and out, some to chat, others to listen. There is no implied social contract in place among the participants, really, just some common interests. For the price of a cup of coffee (my time and my connection to Internet), I can enjoy stimulating conversation and shoot the breeze. When people present their ideas, I take their identities at face value (asking for ID's before making small talk seems a bit gauche). Every now and then, a message in a bottle comes sailing through the (open) door- the waiter pulls the message out and reads an anonymous posting. Those so motivated can put replies in the bottle and sling it back outside, where the anonymous poster picks it up. Truly obnoxious messages can be answered by Molotov cocktails in the same manner . My point is this: we're in a coffee house, not a courtroom. If I meet someone in a coffee house and want to do serious business like buying a car, co-publishing a paper, or betting my career on a set of equations, I (we) would adjourn to a somewhat more formal setting and follow entirely different rules for establishing trust and reputation. In the same vein, I might listen to a chorus of voices spouting political agendas while sipping my coffee, but I wouldn't expect the applause and the catcalls to be tabulated and published as election results. I agree entirely with Detweiler about the importance of being able to validate people electronically, but I think it would be a shame to close the door to the coffee house, take attendance, and charge admission. ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From ferguson at icm1.icp.net Mon Oct 18 16:22:20 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Mon, 18 Oct 93 16:22:20 PDT Subject: A valid, practical point In-Reply-To: <9310181620.AA17894@alumni.cco.caltech.edu> Message-ID: <9310190022.AA02744@icm1.icp.net> Hal writes - > It's ironic that L. Detweiler, who has played a major part in spreading > awareness of Cypherpunks technology through his widely read Privacy and > Anonymity FAQ, is suggesting that people should be limited in their > use of this technology. Still, the concerns he raises are going to be > shared by many people, and we should try to be ready with technological > solutions that are consistent with privacy protection. .... And THAT is perhaps the most cognizant, practical and lucid suggestion I have heard to date (not as an aside to those who have proposed technical solutions, et al). Let's face it -- the net will do nothing less than become larger, more accessible, more complex and even easier to spoof, if a cryptographic stop-gap does not materialize which provides a comfortable buffer for those desire anonymity and those who are afraid of it. We can do more than bicker amongst ourselves, cypherzoids. _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From pmetzger at lehman.com Mon Oct 18 16:27:21 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 18 Oct 93 16:27:21 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310182300.AA03078@banff.procase.com> Message-ID: <9310182324.AA03908@snark.lehman.com> Paul Baclace says: > However, it should be remembered that authorities attempted to outlaw > the printing press after its invention. I'm not sure how long that > lasted, but since the Soviet Union kept tabs on all copiers, in some > sense, such repression lasted a long time. (And in the U.S., it has > been said that color copiers are tracked, but this sounds like a bluff > to me since a color scanner+color printer is sufficient to duplicate > that capability. Is it possible to buy a color copier anonymously?) Go to you local copier store. Pay cash. No one will care. > Anonymous digital cash is more likely to be compromised > since, as you note, even the Swiss have been pressured into opening up > their records of anonymous bank accounts. Others have not. Perry From peb at PROCASE.COM Mon Oct 18 17:12:20 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Mon, 18 Oct 93 17:12:20 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) Message-ID: <9310190009.AA03154@banff.procase.com> >Go to you local copier store. Pay cash. No one will care. I'm talking about buying the color *copier* itself. In all the copier businesses I've seen, none of them allowed one to make color copies unattended. Is this because they are complicated or expensive per copy or because of some kind of technology restriction (e.g., high quality color copies cannot simultaneously be anonymous and private). Paul E. Baclace peb at procase.com From pmetzger at lehman.com Mon Oct 18 17:37:20 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 18 Oct 93 17:37:20 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310190009.AA03154@banff.procase.com> Message-ID: <9310190032.AA03963@snark.lehman.com> Paul Baclace says: > > >Go to you local copier store. Pay cash. No one will care. > > I'm talking about buying the color *copier* itself. So am I. Some of the low end units are only $5000-$7000. People pay cash for things that expensive all the time. Its really not such a big deal. Perry From nate at VIS.ColoState.EDU Mon Oct 18 17:47:19 1993 From: nate at VIS.ColoState.EDU (nate at VIS.ColoState.EDU) Date: Mon, 18 Oct 93 17:47:19 PDT Subject: Dan Rather, et al. (WAS: Leisure Suit Larry) In-Reply-To: <9310182312.AA02437@icm1.icp.net> Message-ID: <9310190043.AA00862@seurat.VIS.ColoState.EDU> writes Paul Ferguson x2044: > >Personally, I think that the list is just going through a few minor >changes, the worst of which are new people checking into "something that >they had heard about." > >Face it -- the net grows a bit more "open" every day. > The WIRED article helped with this, I am sure... there's a LOT of kids out there on the net who just post to things for the hell of it, and seeing refs in magazine like WIRED certainly helps! -nate +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From trebor at foretune.co.jp Mon Oct 18 17:57:19 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Mon, 18 Oct 93 17:57:19 PDT Subject: "True Names" and "Ender's Game" (was: Cypherwaffle...) In-Reply-To: <9310181737.AA26709@netcom5.netcom.com> Message-ID: <9310190052.AA16863@dink.foretune.co.jp> Tim May writes: >Anyway, I strongly recommend both "True Names" and "Ender's Game." A very strong second for True Names. Read it and find out who really invented "Cyberspace" (It wasn't Gibson). If you like it, try Vinge's "A Fire Upon the Deep." From trebor at foretune.co.jp Mon Oct 18 18:02:21 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Mon, 18 Oct 93 18:02:21 PDT Subject: Big Brother Inside Stickers In-Reply-To: <199310181838.AA25403@indirect.com> Message-ID: <9310190059.AA17013@dink.foretune.co.jp> You write: >I received the stickers from the printer about 10 minutes ago. It'll take >me a day or three to get them all mailed out. ( they came pre-cut rather >than in sheets like I thought they would; Big orders of 1000 or more are >going to involve some substantial processing time ;) Don't count them. Use a scale. You'll be able to get it to +-10. Close enough for government work, so to speak. From ejo at world.std.com Mon Oct 18 18:07:19 1993 From: ejo at world.std.com (Edward J OConnell) Date: Mon, 18 Oct 93 18:07:19 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310190032.AA03963@snark.lehman.com> Message-ID: I work at a graphic arts service bureau, and someone told me that they had seen a canon representative, with a straight face, say at a trade show that there was a chip in these machines that detected the pattern created by currency, and blocked out the image. Easy to test. Of course, not true--at least, not the canon clc 300 I run. The control panel of the canon has a list of things you are not supposed to copy. That is the extent of the restriction. For some obscure reason I follow these rules. I'm not sure why. The chip thing made me laugh. What is amazing to me is that canon would try to create this easily disprovable myth. Has anyone else heard this story? My friend was adamant that he had heard this spiel (and not a friend of his) but I suppose this could itself be an urban myth. I suppose I could call canon...but attracting that kind of attention to myself seems really stupid... E. Jay O'Connell____________________________________________________ "God does not play dice with the Universe"--A Einstein "No, she plays SuperScratch-Card Wingo (TM)"--Me. ____________________________________________________________________ Information Wants to Be Free PGP Public Key available by Finger From catalyst-remailer at netcom.com Mon Oct 18 18:07:24 1993 From: catalyst-remailer at netcom.com (catalyst-remailer at netcom.com) Date: Mon, 18 Oct 93 18:07:24 PDT Subject: Crypto Anarchy (jrk@...) Message-ID: <9310190102.AA12700@mail.netcom.com> smb at research.att.com wrote: >Do you want an example? Here's how to shut down an anonymous remailer. >First, find a name for a host that no longer exists. Send a note through >the remailer to someone putatively on that host, making it appear like >a stolen account (bin at foo.bar.edu, or some such). The mail should appear >to discuss criminal activity, and be signed with a name from the proper >ethnic group. The message will be queued forever, of course, and will >likely be stored on the backup tapes for the mail spool directory. Next, >send a message through the remailer to president at whitehouse.gov, threatening >the president. Poof -- the Secret Service *will* come investigating >(those guys have no sense of humor). They may or may not believe that >the planted note is genuine. But they will approach the appropriate dean >to demand that this tool of criminal activity be shut down. Well, this apocraphyl scene is easily avoided - remailers can be configured to refuse remailing to whitehouse.gov. But then this is the Secret Service. Are they more likely to a) seize all equipment peripherally related and a bunch that isn't b) inquire about having anonymous mail blocked Undoubtedly we could launch into a discussion of why it is anybody with a pocket full of change can walk up to a payphone and leave a variety of threats at the whitehouse switchboard - the phone company need not fear having its equipment seized, while a computer used in forwarding mail containing the same threats will probably be taken along with anything else the SS feels like taking. >Quick -- how many remailers have the support of the university? How many >boards of trustees -- at state universities, often linked to the government >-- will back them, if the Secret Service ``requests'' that they be shut >down. Gee, I don't know. Does the phone company have any government deals, say to manufacture products using a government designed chip, that may be at risk if its found out that phone company equipment is constantly being used for threats?? The point is we are in a research & development stage (if you will) with anonymous remailers, reputations, filters, digital cash, dc-nets, etc. It is very likely that the projected reality, desired reality, and actual reality will be quite different; nevertheless, experimentation continues. From plaz at netcom.com Mon Oct 18 18:12:19 1993 From: plaz at netcom.com (Geoff Dale) Date: Mon, 18 Oct 93 18:12:19 PDT Subject: Introducing digital cash in a MOO, Metaverse Message-ID: <9310190111.AA09519@netcom.netcom.com> sameer at netcom.com (Sameer Parekh): > I was thinking that metaverse.io.com would be an interesting >ground to implement digital cash, because this MOO seems like a very >commercial-oriented system. I know that Fringe Ware, Inc. has set up >an office in the MOO where once it's up and running will serve >people's requests for information. I have been poking around in Metaverse this last week, (under the handle of "PlasticBeethoven"). I think you are very right about this. They have a whole area reserved for *REAL* business, called Freegate. WIRED, EFF, Fringeware, BoingBoing, and of courese Steve Jackson Games all have virtual offices there. In most cases the offices are just shadows of what they could be. I'm also considering setting up an office there (details may follow once I get it set up). A hobby store has also set up shop, and will allow you to order from them. Billing, alas, is done the old fashioned way. I've noted, that there seems to be a vague interest in dealing with these issues, if it does not represent a tremendous investment of time for them. Also note that Doug Barnes (metaverse: CoffeeMan) and Lloyd Blankenship (metaverse: Mentor), who are both "Wizards", also frequent this list. They are also the very same Austin-Cypherpunks featured in the "Bank of the Internet" thread about Internet Credit Unions. Looks like a possible convergence. > Paco, in his article on Metaverse in the new Fringe Ware >Review, talks about how small start up companies can get offices in >metaverse, if they can't afford (like apple) an ftp site to serve >their customers. > This might be extended to an actual *commerce* system. Someone >could lease a plot of MOO-space, set up a digital bank, issue bank >notes, and users could use these digicash notes to purchase products >at the offices of small companies located in the Metaverse. > Because io.com is a commercial system, it might actually not >be that tough to implement a us-dollars-backed system. I.e.: a >digibank would take actual DOLLARS from users, give them digicash >notes, and users can use the notes to make transactions in MOOspace, >and vendors and users alike may redeem their digicash for us-standard >cash. > In order to deal with the legal issues associated, it might be >easiest for io.com to actually run the digibank, but not necessary. >Personally, I'd prefer a digibank run by a third-party, but I have no >real problem with io.com running the thing. > It certainly seems promising. Well they already have credit card numbers for most of they're users, they could do something like Compuserve's MALL and just set up a system were they bill through connect fees. (At least that's how I thought CI$'s system worked. I haven't used it much.) State banking regulations might prohibit the creation of a bank in the metaverse, if thier customers are all over the world. My $.02, as citizen of the Metaverse. _______________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- plaz at netcom.com "We are the shock troops of reality." - Voice of the Friends (Wild Palms) From owen at autodesk.com Mon Oct 18 18:12:21 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Mon, 18 Oct 93 18:12:21 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing Message-ID: <9310190105.AA23713@lux.YP.acad> > Subject: Re: on anonymity, identity, reputation, and spoofing > From: hfinney at shell.portal.com > Comments: Ignore the comment above. > Content-Length: 2979 > X-Lines: 55 > I do sympathize with L. Detweiler's concern about multiple identities. > Human nature being what it is, Considering that human nature allows for pathological behavior in some individuals, and that anonymity seemingly decreases the potential for being held acountable for pathological behavior, I think it follows that it would be unwise NOT to be concerned. > if a series of posts appears quickly taking > one view, people who disagree may think, well, I guess I'm in the minority > on this, I won't make a stink about it. That's just part of the herd > instinct, which, IMO, we all share. The lesson is that it is even more > important on the net not to be afraid to take unpopular stands. You may > find that there are more people who agree with you than you thought. You may also find that such gentile methodology as attempting to sway opinion or unfairly weight ones opinion in order to alter the flow of disscussion are the least you can expect. I bet that clever sociopaths will find ways to leverage anonymity schemes to accomplish mayhem of magnitude well beyond these sort of things. believe me, you don't want to find out by being subjected to such mayhem, and if it happens you will be much harder pressed to come up with ways to patch things than if you take time to try and deal with it now. > There are some possible technological solutions to some of the issues > raised. Chaum, in his 1985 CACM paper, describes how "credentials" can > be exchanged among various pseudonyms a person may have. A credential > can basically be any statement by a 3rd party about a person. It could > be a statement by a college that he had a certain degree. It could be > a statement by a government that he had a driver's license. It could be > a statement by a business that he was an agent for that business. How about *credentials* that certify the capabilities or flag the potential dangers of a binary object. Aren't there schemes out there that hold promise for that sort of *trustworthiness* stamp of approval? Aren't such schemes prone to the potential of cliquish abuse? > The credential would be given to the person, then Chaum shows how it > could be re-blinded and shown under other pseudonyms. The credential > can be verified, but it can't be linked to the True Name or other pseudonyms > of the holder. what are you credentialing? that someone *should* know what they are talking about? even so it would not preclude being burned, psychopaths tend to be very clever? > We could think about using something like this for reputations. Take > Nick's question about how a new pseudonym could get through the filters. > Maybe the person posts under his real name for a while, then some respected > person is willing to give him a "valued poster" credential. He can > re-blind this credential and submit it with posts he starts to make under > his pseudonym. People will know that the pseudonymous poster is at least > potentially capable of making sense, and give his words some weight. But > there will be no connection to his True Name. why not just build your reputation as the psuedo right from the start? > (Of course, this could lead occasionally to a Dr. Jekyll who makes > sensible and weighty posts under his own name, while under his Mr. Hyde > pseudonym he rants and raves. But hopefully this would not happen too > often.) Oh, I don't know anybody who does that sort of thing! :-) do you ? > Other credentials could be related to some of the other points Detweiler > raised, such as list membership > some number of months. The point would > be that these credentials are voluntary, used to get past people's filters, > and that they retain poster anonymity while giving readers useful information > about the poster. If all you'r talking about is mail-list or newsgroup membership, why not just have testing and stringent membership requirements? > It's ironic that L. Detweiler, who has played a major part in spreading > awareness of Cypherpunks technology through his widely read Privacy and > Anonymity FAQ, is suggesting that people should be limited in their > use of this technology. Still, the concerns he raises are going to be > shared by many people, and we should try to be ready with technological > solutions that are consistent with privacy protection. exactly. I don't think it's ironic, I will be disapointed if the cypher-head community doesn't pay attention to the disphoric aspects of the technology it wields. Would you like to be the Edward Teller of cypher ? I don't think so. I want privacy too, and I want as much free-wheeling as possible in the matrix. Personally I think that accountability is going to be required as the price for reasonably secure encryption, reasonably open access, and reasonably secure privacy of data. IMNSHO, it is unreasonable to expect an anarcho-libertarian outcome to these issues. If you can prove me wrong I will be thrilled. The other thing that I am a bit surprized about is the relatively tight focus in this group regarding text. It seems to me that multimedia extensions have an *unfolding of the lotus* like effect upon the issues involved. I also see very little regarding potential for breaking the mind machine link, or biologic interfaces? core technologies are important, but an eye on the future is just as important. LUX ./. owen From trebor at foretune.co.jp Mon Oct 18 18:17:23 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Mon, 18 Oct 93 18:17:23 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310182300.AA03078@banff.procase.com> Message-ID: <9310190112.AA17160@dink.foretune.co.jp> Paul writes: >Anonymous digital cash is more likely to be compromised >since, as you note, even the Swiss have be>en pressured into opening up >their records of anonymous bank accounts. I believe you are confusing cash with deposits. Cash (either paper or digital) can be passed untraceably from palm to palm (or palmtop to palmtop, if you will). Deposits, on the other hand, require a method for the bank and the depositor to authenticate each other. In the past, anonymous authentication was rife with problems, but cryptography might solve these problems. However, I think the deeper question is worth considering: what is the justification for anonymous bank accounts? Avoiding taxes just doesn't cut it for me; much as I hate to pay them, I recognise the need to do so. From rjc at gnu.ai.mit.edu Mon Oct 18 18:52:21 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Mon, 18 Oct 93 18:52:21 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310190105.AA23713@lux.YP.acad> Message-ID: <9310190147.AA24417@geech.gnu.ai.mit.edu> D. Owen Rowley () writes: > I want privacy too, and I want as much free-wheeling as possible in the > matrix. Personally I think that accountability is going to be required > as the price for reasonably secure encryption, reasonably open access, > and reasonably secure privacy of data. Why should it be? Reasonably secure encryption, reasonably open access, and reasonably secure privacy of data can all be implemented without accountability. (I refer you to Public Key cryptography, DC/Mix nets, and secret sharing) Perhaps in practice, the majority of people will refuse to participate in such a network but that does not stop crackers/pirates from using one. Crackers routinely dick each other over because of lack of accountability, but the trade off (getting free software/phone access) is better than (getting busted) Do you think I am accountable? If I didn't put my real name in my sig you'd never be able figure out who I really am. Not even gnu, who graciously allows me use of their machines, has my real address or phone. The annex port that I log in on is set up incorectly allowing me to telnet anywhere without needing to use my student account (and thus not linking rjc@ to my college where my really private info resides) rjc@ is simply my pseudonym. I could be Bill Clinton and you wouldn't know, so why worry about it? What keeps me in line in the reputation linked to rjc@ which I have spent a long time building up. Acting like an asshole and choosing a new account name would waste a lot energy that I put into posting these years. If you consider a BlackNet in terms of Interated Prisoner's Dilemma, it makes sense that the good guys will outnumber the bad with a minority of jerks (who can be controlled with intelligent filtering software) > IMNSHO, it is unreasonable to expect an anarcho-libertarian outcome to > these issues. If you can prove me wrong I will be thrilled. You made the assertion, the proof is up to you. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From rjc at gnu.ai.mit.edu Mon Oct 18 19:02:20 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Mon, 18 Oct 93 19:02:20 PDT Subject: ENOUGH ALREADY!!!(Was Re: Gibson In-Reply-To: Message-ID: <9310190159.AA24469@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > My first message ended something like this: "how about multiple forms of > digital cash? This removes a centralized monopolized bank as a form of > electronic power, i.e. the bank president could refuse digi-loans to those > elements of society he figured would usurp his(her?) bank's power." Sounds good but money isn't fiction. If there's nothing of value backing these "multiple forms of digital cash" you will still need to go to the evil nasty bank president. Otherwise, it's just monopoly money. That's what the bank of the internet proposes to do (provide digicash with backing). I doubt real banks would bother with digicash anyway since they like having financial data on you. The cost of implementing such a system for the bank would be far more expensive than the benefit received by the few customers who appreciate privacy. An enterprising credit card company might chance it sooner or later. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From cman at IO.COM Mon Oct 18 19:22:18 1993 From: cman at IO.COM (Douglas Barnes) Date: Mon, 18 Oct 93 19:22:18 PDT Subject: Introducing digital cash in a MOO, Metaverse In-Reply-To: <9310190111.AA09519@netcom.netcom.com> Message-ID: <9310190218.AA02522@illuminati.IO.COM> Geoff writes: > I have been poking around in Metaverse this last week, (under the handle of > "PlasticBeethoven"). I think you are very right about this. They have a > whole area reserved for *REAL* business, called Freegate. WIRED, EFF, > Fringeware, BoingBoing, and of courese Steve Jackson Games all have virtual > offices there. In most cases the offices are just shadows of what they > could be. I'm also considering setting up an office there (details may > follow once I get it set up). Note that while we are technically 'open for business', we are the first ones to admit we have a ways to go before we are 100% ready for prime time. > > A hobby store has also set up shop, and will allow you to order from them. > Billing, alas, is done the old fashioned way. This will change as better tools emerge. This is the plan. > > I've noted, that there seems to be a vague interest in dealing with these > issues, if it does not represent a tremendous investment of time for them. The interest is considerably more than vague; we're hesitant to commit to it or hype it while we're sorting out more fundamental issues. > Also note that Doug Barnes (metaverse: CoffeeMan) and Lloyd Blankenship > (metaverse: Mentor), who are both "Wizards", also frequent this list. They > are also the very same Austin-Cypherpunks featured in the "Bank of the > Internet" thread about Internet Credit Unions. Looks like a possible > convergence. Imagine that... :-) > Well they already have credit card numbers for most of they're users, they > could do something like Compuserve's MALL and just set up a system were > they bill through connect fees. (At least that's how I thought CI$'s system > worked. I haven't used it much.) We will (obvoiusly) be working very closely with the attempt to set up the Digital Credit Unions, and will (obviously) be one of the first vendors to be able to process electronic checks written in the MOO etc. Certainly various kinds of anonymous 'tokens' will be available as well, which could become a medium of exchange (although it is unclear at present whether these will be redeemable for cash). Most of these things have been in the plan from the beginning; things will be announced as they happen, and hopefully not too much before. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From chrome at jhunix.hcf.jhu.edu Mon Oct 18 19:27:19 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Mon, 18 Oct 93 19:27:19 PDT Subject: backing? In-Reply-To: <9310190159.AA24469@geech.gnu.ai.mit.edu> Message-ID: > Alexander Reynolds () writes: > > My first message ended something like this: "how about multiple forms of > > digital cash? This removes a centralized monopolized bank as a form of > > electronic power, i.e. the bank president could refuse digi-loans to those > > elements of society he figured would usurp his(her?) bank's power." > > Sounds good but money isn't fiction. If there's nothing of value backing > these "multiple forms of digital cash" you will still need to go to the > evil nasty bank president. Otherwise, it's just monopoly money. > > That's what the bank of the internet proposes to do (provide > digicash with backing). I doubt real banks would bother with digicash So what would back digicash? A promise to pay? That is all I can see at the moment, other than the physical force of a government, which would give digicash its worth, and somehow, human nature being what it is, I doubt that would be a strong foundation for a digital economy. From pmetzger at lehman.com Mon Oct 18 19:37:19 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 18 Oct 93 19:37:19 PDT Subject: Crypto Anarchy (jrk@...) In-Reply-To: <9310190102.AA12700@mail.netcom.com> Message-ID: <9310190235.AA04079@snark.lehman.com> catalyst-remailer at netcom.com says: > Well, this apocraphyl scene is easily avoided Its "apocryphal". I've finally figured out why all these people insist on posting anonymously. They can't spell. Perry From jamie at netcom.com Mon Oct 18 20:07:20 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Mon, 18 Oct 93 20:07:20 PDT Subject: Shockwave Rider ( True Names, Enders Game, Islands In The Net) Message-ID: <9310190303.AA07520@netcom.netcom.com> Brunner's _The Shockwave Rider_ is also recommended readings, especially for those most concerned with nyms, access rights/abilities and the net. -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From jamie at netcom.com Mon Oct 18 20:07:25 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Mon, 18 Oct 93 20:07:25 PDT Subject: Nickname Nyms Message-ID: <9310190303.AA07533@netcom.netcom.com> Cypherpunks, Pseudonyms are an everyday occurrence. The net just takes these things a step further. At present, this is a quantitative, not necessarily qualitative, distinction. Many of us have nicknames; some easily derived from True Names (Jim from James) others not so easily derived (Peggy from Margaret). Many athletes have field nicknames, often which change every season, that enable person to person communication on the field of play due to familiarity of calling voice and nym. Opponents (often last year's former teammates) don't know the nym and their chatter used to spoof ("Jamie, on your right!) when the ball is actually on your left is easily filtered. Performers often use nyms because they have a certain cachet: Rock Hudson, Englebert Humperdink, Elton John. Writers use pen names. Reputations are built around some of these names. Communication immediacy works in other instances. And, pseudonymity allows others to go into malls without being mobbed (e.g., well known radio personalities). Three cheers for Zachary Fox and the First Extropian Squirrel. Nyms are part of day to day discourse. -- ................................ Jamie Dinkelacker Palo Alto CA (almost a true name) Jamie at netcom.com 415.941.4782 From doug at netcom.com Mon Oct 18 20:17:20 1993 From: doug at netcom.com (Doug Merritt) Date: Mon, 18 Oct 93 20:17:20 PDT Subject: "True Names" and "Ender's Game" (was: Cypherwaffle...) Message-ID: <9310190313.AA26304@netcom6.netcom.com> tcmay at netcom.com (Timothy C. May) said: >Anyway, I strongly recommend both "True Names" and "Ender's Game." I second that. Not only are they aropos, they are also some of the better stories by those two excellent authors. Doug From 72114.1712 at CompuServe.COM Mon Oct 18 21:22:21 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Mon, 18 Oct 93 21:22:21 PDT Subject: MORE PUBLICITY Message-ID: <931019020707_72114.1712_FHF140-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, A friend of mine gave me a copy of a newsletter called "Gary North's REMNANT REVIEW." It bills itself as "explicitly Christian and pro-free market in perspective." This issue covered the bad news: the Waco Massacre cover-up, mysterious death of White House attorney, Vince Foster and the Randy Weaver case. It also covered the good news: Crypto Anarchy(!) The article was based on Kevin Kelly's piece in the "Whole Earth Review." North paraphrased Tim May extensively and was very impressed with the whole concept. It was quite a valentine to Cypherpunks. For subscription information, call (800) 528-0559 (or -0550, it's hard to read my copy). I'll bring a photocopy to the SF meeting in November. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From swc at uc1.ucsu.edu Mon Oct 18 21:22:23 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Mon, 18 Oct 93 21:22:23 PDT Subject: backing? Message-ID: <9310190423.AA07858@uc1.ucsu.edu> I propose a simple basis for digicash: gold. REAL gold in a depositary, for which the digicash is basically a warehouse receipt. Try this: Alice purchases 10 ounces of gold and puts it in Bob the Banker's account at a depositary institution (like the big one in Zurich that holds much of the world's physical gold). When she makes the deposit, she annotates the transaction with an encrypted message to Bob saying "This deposit from ." Alice then logs into Bob's public access system with a pseudonymous account (automatically generated by Bob's hacked login software). Alice sends another message to Bob saying "Hey, that deposit you got from was from me: pseudonym." Bob issues digicash to (not knowing this is Alice), and Alice happily spends the money under a DIFFERENT pseudonym. OK, fire away, my head is down :-) ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From tcmay at netcom.com Mon Oct 18 21:52:22 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 18 Oct 93 21:52:22 PDT Subject: backing? In-Reply-To: <9310190423.AA07858@uc1.ucsu.edu> Message-ID: <9310190450.AA03867@netcom5.netcom.com> Stuart Card writes: > I propose a simple basis for digicash: gold. > REAL gold in a depositary, for which the digicash is > basically a warehouse receipt. Try this: > > Alice purchases 10 ounces of gold and puts it in Bob the Banker's > account at a depositary institution (like the big one in Zurich > that holds much of the world's physical gold). When she makes > the deposit, she annotates the transaction with an encrypted > message to Bob saying "This deposit from ." > Alice then logs into Bob's public access system with a pseudonymous > account (automatically generated by Bob's hacked login software). > Alice sends another message to Bob saying "Hey, that deposit you > got from was from me: pseudonym." > Bob issues digicash to (not knowing this is Alice), > and Alice happily spends the money under a DIFFERENT pseudonym. > > OK, fire away, my head is down :-) Some points: * When Alice deposits the gold, the many television cameras in the Zurich bank take many pictures of her. When she later dials in and uses the pseudonym "Clara," the bank can associate Clara with the images (and other True Names data). Little is gained. None of the "blinding" which is so elegant in Chaum's work (and recently described by Hal Finney). * The role of *gold* is tangential and secondary. Any stable currency would suffice, and in fact gold bullion would be no more desirable than yen or Deutschmarks. * Also, how does this solve the problems of digital money (double spending, transferrability, etc.) we've been talking about? After all, there are still banks which allow "numbered" accounts (in Lichtenstein, I hear), so this level of anonymity stil exists. And where banking laws don't allow such numbered accounts, they likely won't allow "gold bullion anonymous accounts." * However, I have heard--as Stuart Card may have also--that "warehouse receipts" could form the basis of a new type of bank. I don't know anything beyond this, so maybe this idea could be developed. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From plaz at netcom.com Mon Oct 18 22:02:21 1993 From: plaz at netcom.com (Geoff Dale) Date: Mon, 18 Oct 93 22:02:21 PDT Subject: Cypherwaffle on spoofing Message-ID: <9310190458.AA18671@netcom.netcom.com> -----BEGIN UNSIGNED MESSAGE----- > I understand Detweiller's frustration. On another list, someone posted >as if he/she were William Gibson. That kind of fraud undermines >confidence on several levels. It attempts to dupe us, and usurps the name >and reputation of a well-known writer, and sets up an atmosphere of >suspicion and doubt fatal to any community. > How would you like it if someone spoofmailed to this list under your >name, then published Nazi slogans and argued for the legalization of rape? > What I find odd is the number and vehemence of posts ON A LIST DEVOTED >TO ENCRYPTION saying "Hey, it's a fact of life, accept it" -- even >dragging out Machiavelli's profoundly mistaken "if you can't enforce >it, don't prohibit it." Of all the groups on the Internet, I would >think that this one would be in a special position to say "put your >digital John Hancock on your post if you want to to taken seriously." So where's your John Hancock? Put your money where your mouth is. Anyone is free to delete unsigned messages, and many people do sign thier messages, but cypherpunks is an informal mailing list. Why require silly rules like this? Over on Extropians this is called spontanious order. If you think something is important, starting doing it, and encourage other people to do it. If it's really as important as you think it is, it'll spread and become a dominant meme. If it's useless drivel, it will be ignored. -----END UNSIGNED MESSAGE----- _______________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- plaz at netcom.com "We are the shock troops of reality." - Voice of the Friends (Wild Palms) From doug at netcom.com Mon Oct 18 22:32:23 1993 From: doug at netcom.com (Doug Merritt) Date: Mon, 18 Oct 93 22:32:23 PDT Subject: backing? Message-ID: <9310190531.AA07250@netcom6.netcom.com> tcmay at netcom.com (Timothy C. May) said: >* The role of *gold* is tangential and secondary. Any stable currency >would suffice, and in fact gold bullion would be no more desirable >than yen or Deutschmarks. You are a modern person in this thinking. Not all are. The uncoupling of the U.S. dollar from a government-specified gold standard in the 1970's is *still* a controversial issue with some people (not all of whom are idiots, by the way, although I personally with disagree with 95% of them). It is practically a truism that bull markets bring out modern thinking about currency and that bear markets bring out gold-standard thinking about currency. Low-margin speculators regularly make money by predicting that kind of psychological reaction alone. (The "low-margin" qualifier is a short-hand to say that "no, *you* can't count on making money that way." :-) I assume that some will disagree that *anyone* makes money that way, but that's not really my point. My point is, for digital currency, it makes sense to model non-digital forms. There will be times that people feel insecure and believe (for whatever reason) that gold-backed digital currency is the way to go. Other people in other times won't be interested in gold-backed digital currency, and that brings up different algorithms. The psychology of the market (past, present and future) seems to me to say that one shouldn't consider algorithms of only one form. Anyone for digital currency mutual funds? :-) Doug From XXCLARK at indst.indstate.edu Mon Oct 18 23:57:23 1993 From: XXCLARK at indst.indstate.edu (XXCLARK at indst.indstate.edu) Date: Mon, 18 Oct 93 23:57:23 PDT Subject: Canon copier engine Message-ID: <9310190654.AA23942@toad.com> >From: Edward J OConnell >Subject: Re: jrk at sys.uea.ac.uk (Richard Kennaway) >To: "Perry E. Metzger" >Cc: cypherpunks at toad.com >seen a canon representative, with a straight face, say at a trade show >that there was a chip in these machines that detected the pattern created >by currency, and blocked out the image. Read something like this in either Electronic Design or Electronic Products, within the last nine months. Sorry, can't cite. Claims were for the _new_ color Canon copiers to be sold beginning 1994. The article claimed the memory of the copier held representations of all major paper currencies. Any attempt to copy would produce only a black rectangle in stead of a bill. The worrisome item was the statement that the copiers would add some sort of unspecified marking to each copy made, allowing copies to be traced back to their source. No details on the latter, of course. Don't recall if there was even a hint of invisibility. With the SS concerned about money funnier than that we use each day, I had no trouble believing in a machine capable of currency recognition. What I could never decide to believe without proof, however, was the marking/traceability claim. From jersmit at eis.calstate.edu Tue Oct 19 00:12:23 1993 From: jersmit at eis.calstate.edu (Jeremy Smith) Date: Tue, 19 Oct 93 00:12:23 PDT Subject: IRC Servers Message-ID: As a relative newbie to the Net, I have tried in vain to find an IRC serve that is up and running. Are there any current IRC servers that I could telnet to? Bradenville.andrew.cmu.edu does not exist and neither does santefe.santafe.edu. Those two were given to me as was 131.130.39.27 6668. However, that site does not seem to respond to any login attempts. Frustrated, I turn to the Cypherpunks for help... ----------------------------------------------------------------------------- Jeremy Smith -*jersmit at eis.calstate.edu*- My views are my own and nobody else can have them! ----------------------------------------------------------------------------- From an42035 at anon.penet.fi Tue Oct 19 00:52:24 1993 From: an42035 at anon.penet.fi (the Surgeon) Date: Tue, 19 Oct 93 00:52:24 PDT Subject: Crypto Anarchy ... Message-ID: <9310190748.AA07082@anon.penet.fi> Perry Metzger wrote: >Its "apocryphal". ^^^ >I've finally figured out why all these people insist on posting >anonymously. They can't spell. What a useful post. But look again - can you spot the grammar error? It is underlined. Perry must mean "it's" as in "it is"; not "its" as in "possessive". Naturally, using bandwidth to point out spelling error and grammar mistakes is POINTLESS, and WASTEFUL. Perhaps a future requirement to read this list will be: read and understand Emily Post-News Nettiquette. The height of irony is a non-anonymous post (with a grammar error) with a humorous attempt to criticize an anonymous post (with a spelling error). I'll comment on Steve Bellovin's post: excellent overall and thought provoking. However, he is putting the cart before the horse and worrying to much about future acceptance. Technology is neither good nor evil; progress in crypto-anarchy will grind to halt if the people involved become overly concerned with future acceptance. Would we have the phone system of today if AT&T would have waited for Western Union's blessing? We'd probably have some warped telegraph system instead. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an12070 at anon.penet.fi Tue Oct 19 00:57:23 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Tue, 19 Oct 93 00:57:23 PDT Subject: POISONOUS CYPHERPUNK TRAITORS Message-ID: <9310190753.AA08212@anon.penet.fi> THE CYPHERPUNKS HAVE BEEN POISONED WITH LIES AND HIGH TREACHERY. THOSE WHO DO NOT CONFESS WILL BE EXPOSED. THE FRAUDS AND THE POSEURS WILL BE RUTHLESSLY PUNISHED. IF NECESSARY, ON TALK.POLITICS.CRYPTO OR IN THE MAINSTREAM MEDIA. YOU HAVE BEEN WARNED. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an41418 at anon.penet.fi Tue Oct 19 00:57:29 1993 From: an41418 at anon.penet.fi (wonderer) Date: Tue, 19 Oct 93 00:57:29 PDT Subject: Other forms of strong cryptography Message-ID: <9310190754.AA08386@anon.penet.fi> Why is it that the idea of taking a difficult problem, such as a knapsack problem, and using it to encode ciphers, was abandoned? Too many trapdoors? These NP-complete type problems seem ideal since they can be verified in polynomial time, but are practically impossible to solve for any significant input. Verification of a solution could be decryption, where the solution is the key, and the problem could be used to encode the text somehow. I understand that Shamir broke the knapsack problem. So, is that enough reason to completely abandon this approach? Nobody seems to talk about it anymore. Wonderer (My apologies to those who prefer to use this list to play games with pseudonyms and discuss their paranoid ideas. I prefer to use cypherpunks to learn about cryptography and its interesting applications) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From smb at research.att.com Tue Oct 19 01:37:23 1993 From: smb at research.att.com (smb at research.att.com) Date: Tue, 19 Oct 93 01:37:23 PDT Subject: Other forms of strong cryptography Message-ID: <9310190836.AA26630@toad.com> Why is it that the idea of taking a difficult problem, such as a knapsack problem, and using it to encode ciphers, was abandoned? Too many trapdoors? These NP-complete type problems seem ideal since they can be verified in polynomial time, but are practically impossible to solve for any significant input. Verification of a solution could be decryption, where the solution is the key, and the problem could be used to encode the text somehow. I understand that Shamir broke the knapsack problem. So, is that enough reason to completely abandon this approach? Nobody seems to talk about it anymore. The approach hasn't been abandoned; it's just a lot harder than it looks, for a number of reasons. First is that complexity theory says nothing about the average difficulty of solving a problem, as opposed to the worst case. A cryptosystem that only hides 1% of the messages isn't very useful. Second, finding a suitable problem -- one that has a keyed back door isn't that easy. Third -- and this is what sunk the knapsack problem -- you need a cryptosystem that exploits the full NP-complete problem, as opposed to just a simple case. (The knapsack problem was solvable by someone who knew the key because it wasn't a general knapsack, but a super- increasing sequence -- each number in it was greater than the sum of all of its predecessors. (This was the simplest version; there were, I believe, some others.)) From an43512 at anon.penet.fi Tue Oct 19 01:52:24 1993 From: an43512 at anon.penet.fi (an43512 at anon.penet.fi) Date: Tue, 19 Oct 93 01:52:24 PDT Subject: MIT Guide to Lockpicking Message-ID: <9310190847.AA17601@anon.penet.fi> I want to share with you an interesting story about information sharing, copyrights, artistic control and lockpicking. Long ago I wrote the MIT Guide To Lockpicking, and wanted to limit its distribution (for reasons that are no longer apparent). I decided to delete the electronic forms, and just allow the distribution of hardcopy. That worked for many, many years. Over the summer, I started taking steps to publish the Guide electronically, but I was beaten to the punch-line by some cyberpunks who scanned it in, and posted it. On the whole I don't mind, since I was planning to publish it anyways, but it does feel wrong that as the author of this work I do not have any say over its distribution anymore. The copyright notice in the Guide says that it can be feely distributed, but at the time, that meant hardcopy form, because scanners were too expensive for anyone to be likely to scan in the guide, and the printers had not reached any standard for expressing pictures. Thus, the original copyright notice did what I wanted. As technology changed, the term "feely" came to mean "very feely in any form". Oh well. Is there any crypto technology that would allow an author to control derivative works based on something that has been published on the network as a postscript file, or a latex source file? I know that a worked could be signed to indicate that it is "authorized", but can any more be achieved? For your information, I have attached the posting announcement I sent to the alt.locksmithing. Hopefully someone will place the Guide in an FTP site soon (any volunteers from soda?), as I do not want to be sending out email copies. By the way, having a pseudonym to carry out correspondence as "Ted The Tool" was an enabling technology for me to post the Guide, and to request cooperation on producing the next revision. Thank you for creating this technology. Sincerely, Ted The Tool ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From gg at well.sf.ca.us Tue Oct 19 02:57:25 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Tue, 19 Oct 93 02:57:25 PDT Subject: "ignore them" Message-ID: <93Oct19.025613pdt.14421-4@well.sf.ca.us> The simple solution to pesky posts is, as soon as you see it's something you're not interested in, press ctrl C and go on to the next posting. If someone's being a real online pest, ignore them and maybe they'll go away. -gg From remail at tamsun.tamu.edu Tue Oct 19 04:27:26 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Tue, 19 Oct 93 04:27:26 PDT Subject: on line books & credit card scams Message-ID: <9310191126.AA28249@tamsun.tamu.edu> Forwarded message: From m5 at vail.tivoli.com Tue Oct 19 05:57:28 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Tue, 19 Oct 93 05:57:28 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310190105.AA23713@lux.YP.acad> Message-ID: <9310191253.AA02627@vail.tivoli.com> D. Owen Rowley writes: > Personally I think that accountability is going to be required as the > price for reasonably secure encryption, reasonably open access, and > reasonably secure privacy of data. IMNSHO, it is unreasonable to > expect an anarcho-libertarian outcome to these issues. If you can > prove me wrong I will be thrilled. By whom is accountability going to be required? How will it (or how can it) be implemented? What sort of mechanisms can be expected to reliably and universally evolve in the decentralized anarchic network we know today that will make "paying the price" a meaningful concept? I con't prove you wrong because I cannot understand what you predict. > It seems to me that multimedia extensions have an *unfolding of the lotus* > like effect upon the issues involved. Explain: is it because of the medium itself or because of the nature of information that'll be available with multimedia delivery systems? > I also see very little regarding potential for breaking the mind machine > link, or biologic interfaces? Uhhhh, OK. -- Mike McNally From pmetzger at lehman.com Tue Oct 19 06:02:24 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 19 Oct 93 06:02:24 PDT Subject: backing? In-Reply-To: <9310190531.AA07250@netcom6.netcom.com> Message-ID: <9310191258.AA08710@snark.lehman.com> Doug Merritt says: > tcmay at netcom.com (Timothy C. May) said: > >* The role of *gold* is tangential and secondary. Any stable currency > >would suffice, and in fact gold bullion would be no more desirable > >than yen or Deutschmarks. > > You are a modern person in this thinking. Not all are. The uncoupling of > the U.S. dollar from a government-specified gold standard in the 1970's > is *still* a controversial issue with some people (not all of whom are > idiots, by the way, although I personally with disagree with 95% of them). Average inflation since 1970 has been higher than before 1970. Average inflation between the elimination of gold drawing rights and the banning of gold ownership by private citizens and 1970 were higher than in the immediate period before that. Average inflation from the establishment of the Federal Reserve to the depression was higher than in period before that, when inflation scarcely occured for almost 120 years. Seems to be a pattern to me, buddy boy. > It is practically a truism that bull markets bring out modern thinking > about currency and that bear markets bring out gold-standard thinking > about currency. Not bear markets. Inflation. > My point is, for digital currency, it makes sense to model non-digital > forms. Lets model the non-digital forms. Non-digital currency for approximately three thousand years was gold or promisary notes to pay in gold. In every time and place that this was eliminated, the currency eventually collapsed, from the systematic debasement of currency by the last Roman Emperors to revolutionary France all the way to Weimar Germany and soon the former Soviet Union. I agree that we should follow the historical models. Gold cannot be printed, is cheap to store, and is widely recognized as having value. Perry From nowhere at bsu-cs.bsu.edu Tue Oct 19 06:07:28 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Tue, 19 Oct 93 06:07:28 PDT Subject: No Subject Message-ID: <9310191308.AA04219@bsu-cs.bsu.edu> S. Boxx wrote: >THE CYPHERPUNKS HAVE BEEN POISONED WITH LIES AND HIGH TREACHERY. THOSE >WHO DO NOT CONFESS WILL BE EXPOSED. THE FRAUDS AND THE POSEURS WILL BE >RUTHLESSLY PUNISHED. IF NECESSARY, ON TALK.POLITICS.CRYPTO OR IN THE >MAINSTREAM MEDIA. > >YOU HAVE BEEN WARNED. Jeez... switch to decaf. From pmetzger at lehman.com Tue Oct 19 06:07:32 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 19 Oct 93 06:07:32 PDT Subject: POISONOUS CYPHERPUNK TRAITORS In-Reply-To: <9310190753.AA08212@anon.penet.fi> Message-ID: <9310191307.AA08752@snark.lehman.com> S. Boxx says: > THE CYPHERPUNKS HAVE BEEN POISONED WITH LIES AND HIGH TREACHERY. THOSE > WHO DO NOT CONFESS WILL BE EXPOSED. THE FRAUDS AND THE POSEURS WILL BE > RUTHLESSLY PUNISHED. IF NECESSARY, ON TALK.POLITICS.CRYPTO OR IN THE > MAINSTREAM MEDIA. > > YOU HAVE BEEN WARNED. Not taking your Prozac again I see. Perry From nobody at cicada.berkeley.edu Tue Oct 19 06:42:26 1993 From: nobody at cicada.berkeley.edu (nobody at cicada.berkeley.edu) Date: Tue, 19 Oct 93 06:42:26 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) Message-ID: <9310191332.AA16145@cicada.berkeley.edu> > From: peb at procase.com (Paul Baclace) > > >Go to you local copier store. Pay cash. No one will care. > > I'm talking about buying the color *copier* itself. In all the > copier businesses I've seen, none of them allowed one to make > color copies unattended. Is this because they are complicated > or expensive per copy or because of some kind of technology > restriction (e.g., high quality color copies cannot simultaneously > be anonymous and private). I've got friends who've had unlimited, unsupervised access to color copiers at their schools or offices (art students, designers). It's not such a big deal. I have even color-xeroxed currency several times (mainly for a zine I used to edit, wherein we encouraged people to deface money). The reactions of the employees of the copy shops ranged from complete indifference to "you know, this is illegal," but I never had anyone refuse. -Mr. Funn From nowhere at bsu-cs.bsu.edu Tue Oct 19 07:07:29 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Tue, 19 Oct 93 07:07:29 PDT Subject: ISS Message-ID: <9310191404.AA06184@bsu-cs.bsu.edu> Can someone point me in the direction of this ISS program? BTW, Is this a DOS or UNIX binary? Is it in source or already compiled? Thanks in advance... From jrk at sys.uea.ac.uk Tue Oct 19 07:22:23 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Tue, 19 Oct 93 07:22:23 PDT Subject: META: Re: jrk@sys.uea.ac.uk (Richard Kennaway) Message-ID: <6715.9310191424@s5.sys.uea.ac.uk> It's all very flattering to see my name in lights, but could everyone responding to this thread on color copiers please change to a more informative title? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From mnemonic at eff.org Tue Oct 19 07:37:28 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 19 Oct 93 07:37:28 PDT Subject: "True Names" and "Ender's Game" (was: Cypherwaffle...) In-Reply-To: <9310190052.AA16863@dink.foretune.co.jp> Message-ID: <199310191436.AA25823@eff.org> Robert Woodhead writes: > Tim May writes: > >Anyway, I strongly recommend both "True Names" and "Ender's Game." > > A very strong second for True Names. Read it and find out who really > invented "Cyberspace" (It wasn't Gibson). Elvis didn't invent rock 'n' roll, either. --Mike From nate at VIS.ColoState.EDU Tue Oct 19 07:37:34 1993 From: nate at VIS.ColoState.EDU (nate at VIS.ColoState.EDU) Date: Tue, 19 Oct 93 07:37:34 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310190112.AA17160@dink.foretune.co.jp> Message-ID: <9310191433.AA02530@seurat.VIS.ColoState.EDU> writes Robert J. Woodhead: > >Paul writes: > >However, I think the deeper question is worth considering: what is the >justification for anonymous bank accounts? > >Avoiding taxes just doesn't cut it for me; much as I hate to pay them, >I recognise the need to do so. > A while back someone posted a message about being immune to having property, etc taken in law suits. Imagine if all your money (or nearly all) was tied up in anonymous accounts and that all your property was owned by digital pseudonyms (from whom you rented the property). This would be a nice defense if you were scared that the government (in protecting National Security, of course) would take all your posessions and make life a living hell for you and your family. -nate -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From cvoid at netcom.com Tue Oct 19 07:42:23 1993 From: cvoid at netcom.com (Christian Void) Date: Tue, 19 Oct 93 07:42:23 PDT Subject: Remailer for DOS/Waffle... Message-ID: Just so as not to re-invent the wheel, has anyone coded/kludged together a remailer for Waffle1.65 or DOS? Christian Void /T71 | "I don't like it, and I'm sorry I | VMResearch, Inc. cvoid at netcom.COM | ever had anything to do with it." | P.O. Box 170213 Tel. 1+415-807-5491 | -Erwin Schrodinger (1887-1961) | SF, CA 94117 * PGP v2.3a Public Key Available Via Finger * From trebor at foretune.co.jp Tue Oct 19 07:52:24 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 19 Oct 93 07:52:24 PDT Subject: S Boxx blathering In-Reply-To: <9310190753.AA08212@anon.penet.fi> Message-ID: <9310191447.AA26058@dink.foretune.co.jp> I've figured it out. He's a Borg. From doug at netcom.com Tue Oct 19 07:57:29 1993 From: doug at netcom.com (Doug Merritt) Date: Tue, 19 Oct 93 07:57:29 PDT Subject: backing? In-Reply-To: Message-ID: <9310191453.AA03155@netcom6.netcom.com> pmetzger at lehman.com said: >Average inflation between the elimination of gold drawing rights and >the banning of gold ownership by private citizens and 1970 were higher >than in the immediate period before that. [...] >Seems to be a pattern to me, buddy boy. [...] >we should follow the historical models. Gold cannot be printed, is >cheap to store, and is widely recognized as having value. Just in case I was unclear: my point was that it makes sense to have digital currency that is backed by gold, not just the other forms which are not thereby backed. I expect that lots of folks will support their own idiosyncratic forms of digital currency in the future, somewhat similarly to the way that banks used to issue their own paper currency, and that therefore there will not be just a single kind of digital currency. Doug From nate at VIS.ColoState.EDU Tue Oct 19 07:57:34 1993 From: nate at VIS.ColoState.EDU (nate at VIS.ColoState.EDU) Date: Tue, 19 Oct 93 07:57:34 PDT Subject: POISONOUS CYPHERPUNK TRAITORS Message-ID: <9310191452.AA02600@seurat.VIS.ColoState.EDU> writes S. Boxx: > THE CYPHERPUNKS HAVE BEEN POISONED WITH LIES AND HIGH TREACHERY. THOSE > WHO DO NOT CONFESS WILL BE EXPOSED. THE FRAUDS AND THE POSEURS WILL BE > RUTHLESSLY PUNISHED. IF NECESSARY, ON TALK.POLITICS.CRYPTO OR IN THE > MAINSTREAM MEDIA. > > YOU HAVE BEEN WARNED. Yikes, I'll be sure to run and hide. Get a grip, you stupid fuck. -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From mnemonic at eff.org Tue Oct 19 08:07:28 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 19 Oct 93 08:07:28 PDT Subject: Shockwave Rider ( True Names, Enders Game, Islands In The Net) In-Reply-To: <9310190303.AA07520@netcom.netcom.com> Message-ID: <199310191507.AA26726@eff.org> Jamie writes: > Brunner's _The Shockwave Rider_ is also recommended readings, especially > for those most concerned with nyms, access rights/abilities and the net. Cypherpunks may be interested in a course I'm teaching later this fall in NYC at the School of Visual Arts: Course Description: Law, Society, and the Electronic Frontier Instructor: Mike Godwin, Legal Services Counsel, Electronic Frontier Foundation The purpose of this class is to give students familiarity with a range of social and legal issues that arise when computers become a medium for communication, an instrumentality of crime, and a new kind of community. The class is designed to give students a sense of what kinds of social and cultural challenges we will have to face as we enter the networked world of the 21st century. Students will read, on average, one book for each meeting, plus occasional handout materials. Class meetings will be devoted to a short lecture, followed by a discussion period. There will be one short research or writing assignment. This class will meet over six Saturdays from October 30 to December 18 (November 6 and Thanksgiving recess excluded). I will be available for phone conferences from my office or home in Washington, DC: (Office) 202-347-5400, ex. 204 (Home) 301-270-1703. Please contact me if you have any questions. Book list: THE HACKER CRACKDOWN, Bruce Sterling CYBERPUNK, Katie Hafner and John Markoff HACKERS, Steven Levy GIRLS LEAN BACK EVERYWHERE, Edward de Grazia THE SHOCKWAVE RIDER, John Brunner NEUROMANCER, William Gibson (optional) BURNING CHROME, William Gibson TRUE NAMES, Vernor Vinge There may also be some photocopied handouts distributed in class. From pat at tstc.edu Tue Oct 19 08:22:23 1993 From: pat at tstc.edu (Patrick E. Hykkonen) Date: Tue, 19 Oct 93 08:22:23 PDT Subject: ITAR to West Indies Message-ID: <9310191519.AA09826@tstc.edu> HELP! I'm looking to find out about the ITAR regulations on export of crypto to the West Indies. A company that I do consulting for sends out demos that contain some database crypto stuff and they are concerned now that they have a request from outside the United States. Any pointers to where I can find information on this would be extremely helpful. Thanks. -- Pat Hykkonen ** N5NPL ** pat at tstc.edu ** CNSA -- (817) 867-4831 Disclaimer: This product may cause irritability in some users. In cases of allergic reaction, delete and consult a physician immediately. From trebor at foretune.co.jp Tue Oct 19 08:37:29 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 19 Oct 93 08:37:29 PDT Subject: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310191433.AA02530@seurat.VIS.ColoState.EDU> Message-ID: <9310191532.AA26534@dink.foretune.co.jp> Nate writes: >A while back someone posted a message about being immune to having >property, etc taken in law suits. Imagine if all your money (or nearly >all) was tied up in anonymous accounts and that all your property was >owned by digital pseudonyms (from whom you rented the property). This >would be a nice defense if you were scared that the government (in >protecting National Security, of course) would take all your >posessions and make life a living hell for you and your family. I think you are being dangerously naive if you think that such actions would prevent someone (not necessarily the government, btw) from making your life a living hell. If you are a parent, for example, think what an accusation of child abuse might do. Do not be so quick to assume that these wonderful and interesting techniques we discuss will solve long-standing problems. Most likely, they will merely solve new problems (ie: the increased ability of third parties to intercept communications) that are created by the very technologies that make the solutions possible. Best R From ferguson at icm1.icp.net Tue Oct 19 10:02:23 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Tue, 19 Oct 93 10:02:23 PDT Subject: (fwd) ViaCrypt CW Announcement Message-ID: <9310191804.AA03822@icm1.icp.net> >From the "For What It's Worth" department - Forwarded message: > From: warlock at ACM.ORG > Newsgroups: sci.crypt,talk.politics.crypto,comp.org.eff.talk > Subject: ViaCrypt CW Announcement > Date: 19 Oct 1993 13:46:36 GMT > Organization: ACM Network Services > Lines: 29 > Distribution: inet > Message-ID: <2a0r3s$ahh at hopper.acm.org> > Reply-To: warlock at ACM.ORG > NNTP-Posting-Host: acm.org > Xref: news.sprintlink.net sci.crypt:20523 talk.politics.crypto:874 comp.org.eff.talk:21553 > > } > In spite of the uproar over Phil and Grady, its apparently busi > ness as usual at ViaCrypt as evidenced by their software product > announcement under "New Products" on page 39 of the Oct. ll, > 1993 issue of Computerworld: > > > ViaCrypt has announced ViaCrypt PGP, a high-security public key > > message encryption program designed to protect electronic-mail > > and data files. Transmitted messages or exchanged files are > > secured against unauthorized readers, and the program provides > > digital signature, data compression and key management. Cost: > >> $199.95 for a DOS single-user license, $599 for a five-user > > license and $1,649.95 for a 20-user license. ViaCrypt, Phoenix > > (602) 944-0773..... > > A company rep contacted by phone indicated that their offering > was licensed by RSA/PKP and that an export licence -- if needed > -- was "easy" to obtain provided the licensee was "at least a > "51%" American company". > > > Bill Wilson > > ################################################################## > > "Even a blind pig finds an acorn once in a while" Southern > Appalachian saying. > > ################################################################### > _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From ferguson at icm1.icp.net Tue Oct 19 10:07:31 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Tue, 19 Oct 93 10:07:31 PDT Subject: (fwd) Australians dump DES (from RISKS) Message-ID: <9310191808.AA03841@icm1.icp.net> Can anyone provide ant detailed information on 'Seneca'? Forwarded message: > From: darrell at cse.ucsc.edu (Darrell Long) > Newsgroups: sci.crypt > Subject: Australians dump DES (from RISKS) > Date: 19 Oct 1993 03:11:34 GMT > Organization: University of California, Santa Cruz (CE/CIS Boards) > Lines: 32 > Distribution: world > Message-ID: <29vlt6$82c at darkstar.UCSC.EDU> > NNTP-Posting-Host: sequoia.cse.ucsc.edu > > Date: Mon, 18 Oct 1993 17:14:08 +1000 > From: zaph at torps.apana.org.au (Kevin Burfitt) > Subject: Australian government to replace DES > > Here is something I found in an Australian computer magazine, which > sounded like something for the Risks Forum... > > Quoted from "PCWEEK October 20, 1993" > > The Australian Government has secretly developed its own data > encryption firmware and algorithm, killing its dependence on the > US DES (Data Encryption Standard) Algorithm. > > Called Seneca, the firmware element was developed as a joint project > of the Defence Science and Technology Organisation (DSTO) in Adelaide > and the Defense Signals Directorate (DSD) in Canberra. > > [...] > > "It is a symmetric encryption technology like DES, but can operate > at very high speeds" said the source. Seneca's original specifications > included a throughput of 2Mbps, but testing had achieved rates of > 20Mbps. > > Isn't part of the security with DES its slowness, which implies that this > new encryption method will be inherently risky because of its speed ? > > Kevin Burfitt > > zaph at torps.apana.org.au (Kevin Burfitt) Compuserve: 100240,2002 > Torps Productions: torps.apana.org.au BBS +61-3-818-0986 FidoNet: > 3:635/574 > _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From peb at PROCASE.COM Tue Oct 19 10:32:23 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Tue, 19 Oct 93 10:32:23 PDT Subject: Color Copiers/Re: jrk@sys.uea.ac.uk (Richard Kennaway) Message-ID: <9310191728.AA03541@banff.procase.com> Well, I'm glad to hear that use of color copiers isn't highly restricted, although there seems to be a good amount of misinformation (probably intentional from the SS). This is an example of a technology that cannot be controlled so the government uses warnings and threats. Similarly, (non-escrow) crypto could end up like this: penalties could be applied if it is used for illegal activity. If such a law were proposed, it would be difficult to oppose it on the basis of freedom of expression. Paul E. Baclace peb at procase.com From 72114.1712 at CompuServe.COM Tue Oct 19 10:42:22 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Tue, 19 Oct 93 10:42:22 PDT Subject: JUDGMENT PROOFING Message-ID: <931019173503_72114.1712_FHF72-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Robert J. Woodhead quoted Nate who wrote, in part: Imagine if all your money . . . was tied up in anonymous accounts and that all your property was owned by digital pseudonyms (from whom you rented the property). To which Robert responded: . . . Do not be so quick to assume that these wonderful and interesting techniques we discuss will solve long-standing problems. . . . No assumption necessary, Robert. Non-digital variations of these techniques have been used successfully for generations. The rich and politically savvy have always seen to it that exposure to litigation and the burden of taxes fell only on the middle class. Computers, the nets and crypto technology just make it easier for the rest of us to get in on the same deal. Once critical mass is reached, governments can't survive. The end, not with a bang, but a whimper. As for all the other nasty things governments can do to you: Remember, they have to see you as a threat or a juicy victim before they can focus in on you. If you use traditional and electronic privacy techniques, there is very little likelihood that you will come to their attention. Low Profile = Minimal Hassle S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From peb at PROCASE.COM Tue Oct 19 10:47:31 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Tue, 19 Oct 93 10:47:31 PDT Subject: Canon copier engine Message-ID: <9310191742.AA03546@banff.procase.com> > The worrisome item was the statement that the copiers would add > some sort of unspecified marking to each copy made, allowing copies > to be traced back to their source. Steganographic signatures. Similarly, signatures are being put into explosives (although they are somewhat traceable already) by using various mixtures of trace elements. Paul E. Baclace peb at procase.com From owen at autodesk.com Tue Oct 19 10:57:31 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Tue, 19 Oct 93 10:57:31 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing Message-ID: <9310191747.AA26703@lux.YP.acad> > D. Owen Rowley () writes: > > I want privacy too, and I want as much free-wheeling as possible in the > > matrix. Personally I think that accountability is going to be required > > as the price for reasonably secure encryption, reasonably open access, > > and reasonably secure privacy of data. > Why should it be? Reasonably secure encryption, reasonably > open access, and reasonably secure privacy of data can all be > implemented without accountability. Yes, of course they can be implemented. > (I refer you to Public Key > cryptography, DC/Mix nets, and secret sharing) Perhaps in practice, > the majority of people will refuse to participate in such a network but > that does not stop crackers/pirates from using one. Crackers routinely > dick each other over because of lack of accountability, but the trade off > (getting free software/phone access) is better than (getting busted) Fine, spend your time in a network of this character. But I'm trying to inject some real world values into this issue. Heres a clue, when your just playing games, this scenario is fine, when its bigtime finance, industrial secrets and intellectual property with high value, and the process of managing these things, you will find that reliabile security will be the number one requirement. In my opinion, Accountability will win over anonymity if it comes down to a choice. > Do you think I am accountable? If I didn't put my real name in my > sig you'd never be able figure out who I really am. Not even gnu, who > graciously allows me use of their machines, has my real address or phone. > The annex port that I log in on is set up incorectly allowing me to > telnet anywhere without needing to use my student account (and thus not > linking rjc@ to my college where my really private info resides) I'm sure you are quite clever, there are lots of clever people around. > rjc@ is simply my pseudonym. I could be Bill Clinton and you > wouldn't know, so why worry about it? What keeps me in line in the > reputation linked to rjc@ which I have spent a long time building up. > Acting like an asshole and choosing a new account name would waste a lot > energy that I put into posting these years. This is all fine and good in regard to the narrow focus you take on where this technology is going, and what business needs from it. > > IMNSHO, it is unreasonable to expect an anarcho-libertarian outcome to > > these issues. If you can prove me wrong I will be thrilled. > You made the assertion, the proof is up to you. Sigh.. IMNSHO is an acronym for *In my NOT so humble opinion*. LUX ./. owen From tcmay at netcom.com Tue Oct 19 11:07:30 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 19 Oct 93 11:07:30 PDT Subject: Color Copier, Scanners, and Countereiting In-Reply-To: <9310191728.AA03541@banff.procase.com> Message-ID: <9310191806.AA03926@netcom5.netcom.com> Paul Baclace writes: > Well, I'm glad to hear that use of color copiers isn't highly restricted, > although there seems to be a good amount of misinformation (probably > intentional from the SS). > > This is an example of a technology that cannot be controlled so the > government uses warnings and threats. Similarly, (non-escrow) crypto > could end up like this: penalties could be applied if it is used > for illegal activity. If such a law were proposed, it would be difficult > to oppose it on the basis of freedom of expression. There was a very good PBS show, probably on "Nova," about modern counterfeiting methods and what various countries are doing about it (embedded fibers, special papers, holograms, etc.). High-res color scanners (600 dpi minimum) are used to forge paychecks, traveller's checks, and currency. The scanner allows the forger to use packages like Photoshop to adjust serial numbers, payee names, etc. Minor touch-ups, etc. Pretty hard to control availability of these systems, and pretty hard to force "hidden messages" to be (somehow) embedded in the final output. My personal guess is that these problems will accelerate the conversion to government-mandated "digital money," albeit not of a Chaumian sort and certainly not of the sort many of us favor. A way to handle transfer payments (AFDC, SS, veterans, etc.), to reduce fraud and theft, etc. Perhaps merged with the "National ID smartcard" being talked about for the new national health care system? We've debated this a couple of times (I'm not saying don't debate it now, just letting folks know the history...). Duncan Frissell has argued persuasively that the many advantages of cash will keep it common. Maybe. In any case, something to think about. --Tim May (according to Dettweiler, "List TRAITOR YYY" :-} ) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From m5 at vail.tivoli.com Tue Oct 19 11:12:24 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Tue, 19 Oct 93 11:12:24 PDT Subject: Color Copiers/Re: jrk@sys.uea.ac.uk (Richard Kennaway) In-Reply-To: <9310191728.AA03541@banff.procase.com> Message-ID: <9310191811.AA03045@vail.tivoli.com> Paul Baclace writes: > Well, I'm glad to hear that use of color copiers isn't highly restricted, > although there seems to be a good amount of misinformation (probably > intentional from the SS). Well, a prime-time newsmagazine recently reported on this, and the Canon copier with the copier ID imprinting technology (or hoax) was explicitly discussed. I think that it's always important to keep in mind that manufacturers of things like copiers & printers are primarily (almost exclusively!) interested in one thing: profit. If they detect heat from the Secret Service, they call the legal department to get an estimate on how much it will cost in direct expenditures and lost opportunity to fight regulations in court, and simultaneously call the engineering department to find out how much it'll cost to do what the Feds want. The smaller number wins. Though it might remain legal for you to build your own color copier or dye sublimation printer in your garage, the Feds would have been pretty much successful. Seriously: how many Fortune 1000 companies will refuse to buy a Canon copier because of the serial number thing? A few might have some reservations, but since so much material will be identifiable as belonging to the company anyway it doesn't seem like a big deal. Canon might even be able to sell it as a quality control feature. -- Mike McNally From peb at PROCASE.COM Tue Oct 19 11:22:25 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Tue, 19 Oct 93 11:22:25 PDT Subject: backing? Message-ID: <9310191819.AA03556@banff.procase.com> >From: pmetzger at lehman.com >In every time and place that [gold backing] was eliminated, the currency >eventually collapsed Non-gold backed currency is reputation based. The debasement of a reputation based currency looks a lot like the game theory strategy of "tit for tat, but if you can get away with tricking them, go for it"; the tit for tat is needed to keep the reputation and works both ways: (1) if a currency issuer debases value relative to another currency issuer, people will switch money to the better currency (switching to a better reputation issuer, if possible), (2) counterfeiters are tracked down and stopped to uphold the reputation. The "if you can get away with tricking them, go for it" can be easily be performed when major currency issuers work together to debase all at the same time. Luckily, this kind of collusion doesn't hold together well (like OPEC). So we already have reputation based currency as represented by hard to reproduce paper. Similarly, a reputation based digital deposit could be built that is based on ordinary currency. (I view anonymous transaction as being completely orthogonal to this.) Paul E. Baclace peb at procase.com From owen at autodesk.com Tue Oct 19 11:22:31 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Tue, 19 Oct 93 11:22:31 PDT Subject: Crypto Anarchy (jrk@...) Message-ID: <9310191753.AA26732@lux.YP.acad> > Undoubtedly we could launch into a discussion of why it is anybody > with a pocket full of change can walk up to a payphone and leave a > variety of threats at the whitehouse switchboard - the phone > company need not fear having its equipment seized, while a computer > used in forwarding mail containing the same threats will probably be > taken along with anything else the SS feels like taking. Did you forget that the phone companies have a long history of co-operation with federal authorities ? > >Quick -- how many remailers have the support of the university? How many > >boards of trustees -- at state universities, often linked to the government > >-- will back them, if the Secret Service ``requests'' that they be shut > >down. > Gee, I don't know. Does the phone company have any government deals, > say to manufacture products using a government designed chip, that may > be at risk if its found out that phone company equipment is constantly > being used for threats?? The phone companies have agreements with law enforcement that amount to the same thing! The reason that Law enforcement wants chip level intervention capability is that they fear loosing capabilities they already have! LUX ./. owen From cme at ellisun.sw.stratus.com Tue Oct 19 11:27:32 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Tue, 19 Oct 93 11:27:32 PDT Subject: Uniqueness and "is-a-person" credentials Message-ID: <9310191824.AA24220@ellisun.sw.stratus.com> >From: tcmay at netcom.com (Timothy C. May) >Message-Id: <9310181717.AA24067 at netcom5.netcom.com> >Subject: Uniqueness and "is-a-person" credentials >Date: Mon, 18 Oct 93 10:17:35 PDT >I don't like the idea of state-run registries of "legal persons." >Better to live with the occasional vagaries of digital pseuodonyms >than to ban them. Amen. I kept trying to point out on pem-dev, until it became obvious that I was speaking a foreign language, that the identity *is* a person's public key. It's already unique and has a firm definition -- all the definition you need. It means: "the person or people who have access to the matching private key". That's all you need. Everything else comes from relationships and relationships are established by message transmissions and files of history. The flesh and blood body doesn't matter in cyberspace unless/until you start mixing the two worlds (eg., using money, trying to arrest someone, pairing up for a sexual fling, ...). - Carl From mech at eff.org Tue Oct 19 11:57:32 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 19 Oct 93 11:57:32 PDT Subject: Crypto Anarchy (jrk@...) In-Reply-To: <9310190102.AA12700@mail.netcom.com> Message-ID: <199310191852.AA14096@eff.org> > smb at research.att.com wrote: > > >Do you want an example? Here's how to shut down an anonymous remailer. > >First, find a name for a host that no longer exists. Send a note through [...] > >send a message through the remailer to president at whitehouse.gov, threatening > >the president. Poof -- the Secret Service *will* come investigating [...] > Well, this apocraphyl scene is easily avoided - remailers can be > configured to refuse remailing to whitehouse.gov. I don't think that's quite the point. The point that's just one instance. This is part of the problem of our current govt. and current law being obsolete. The recent child porn BBS busts are another good example. The law is clear on kiddie porn. If you have it, and don't know it it doesn't matter. All someone has to do is upload a child porno file to your BBS in the middle of the night and immediately call the cops and report you, to get you arrested and quite possibly convicted. All I have to do to shut down your remailer, or your anything, is *tell* the SS that you want to kill the president. By policy, they treat all threats as real, so you WILL probably get a visit from them (as I understand SS operating procedures, anyway). > But then this is the Secret Service. Are they more likely to > a) seize all equipment peripherally related and a bunch that isn't > b) inquire about having anonymous mail blocked Given the SJG case, I think they'd be much more cautious and thorough in their preparations, and would not repeat the mistakes that would lead to supposing outcome a). I don't think the SS would even understand what b). is. The NSA, on the other hand... >:) > Undoubtedly we could launch into a discussion of why it is anybody > with a pocket full of change can walk up to a payphone and leave a > variety of threats at the whitehouse switchboard - the phone > company need not fear having its equipment seized, while a computer > used in forwarding mail containing the same threats will probably be > taken along with anything else the SS feels like taking. Probably because the phone service is regulated, national, well established, while BBSs or Internet sites are not. This does not mean that the lack of common carrier status is just, by any means, but I think this is the rationale that would come into play, like it or not. > The point is we are in a research & development stage (if you will) > with anonymous remailers, reputations, filters, digital cash, dc-nets, > etc. It is very likely that the projected reality, desired reality, > and actual reality will be quite different; nevertheless, > experimentation continues. Count on it. Things are moving much too slowly on "our" side. Entities like AT&T, Warner, etc. stand a good chance of controlling much of what becomes "the net" in the future, if much of this technology is not: 1) in place and functional 2) easy to use by the clueless and lazy as well as techies 3) accepted for use within the network, indeed considered *part of* the network both as "flavour" and technical specifications 4) impossible to remove - no govt/corporate turning back of the tide VERY soon. In addition the populace has to become aware of: 1) the fact that computers are not to be feared, but are an empowering tool 2) the fact that a computer that cost $2000 10 years ago costs $200 now. 3) what networking is, what it is good for, and how they can get in on it 4) HOW to do all of this - easy "newbie" software is needed - plug-n-play 5) that privacy is possible. Most have forgotten this. 6) what good privacy and control over their electronic acitivies is for them 7) that it's easy 8) that the govt/corps/media do not like it and are not to be trusted to look after one's own rights. They need to see that it is exactly this misplaced trust that has yielded wiretapping, work place monitoring, TRW, the ment to use SSN for almost everything, non-secure purchasing (credit cards, etc.) Media falsehood, inaccuracy, and ignorance of important topics, even deliberate ignoring of relevant facts, in media "service" that is one-way, dictated, censored, and unexpandable. 9) what alternatives exist 10) what they can do about it. There's a lot of work to do. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From mech at eff.org Tue Oct 19 12:32:24 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 19 Oct 93 12:32:24 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310190105.AA23713@lux.YP.acad> Message-ID: <199310191929.AA14743@eff.org> > Considering that human nature allows for pathological behavior in some > individuals, and that anonymity seemingly decreases the potential for > being held acountable for pathological behavior, I think it follows that > it would be unwise NOT to be concerned. [...] > You may also find that such gentile methodology as attempting to sway > opinion or unfairly weight ones opinion in order to alter the > flow of disscussion are the least you can expect. > I bet that clever sociopaths will find ways to leverage anonymity > schemes to accomplish mayhem of magnitude well beyond these sort of things. > believe me, you don't want to find out by being subjected to such mayhem, > and if it happens you will be much harder pressed to come up with ways > to patch things than if you take time to try and deal with it now. I think one thing this argument forgets is that we are not talking about a herd of poor sheep vicimized by the big bad wolves. This technology is available to EVERYONE. If you don't like being hassled by someone anonymously, then be anonymous yourself. Also, lets keep in mind that we are talking about email here. What are these sociopaths supposed to do? >Bonk!< you? Bug you to death with CTRL-Gs? What sort of "mayhem"? Clever pyramid scheme or credit card fraud scams? Oh horrors. Anyone idiotic enough to fall for ANY such scheme deserves what they get. Right now, I see the main real problem of anon mail to be spamming, and the main imaginary one (i.e. the main one people bring up when discussing anon vs no anon, but of which there are no example cases, just lots of what if'ing) to be liability for libel/slander. I can't really see this changing anytime soon. Perhaps in a world like that in _True_Names_, but we don't have that right now. By the time it becomes possible, all sorts of checks and balances will be in place (credentialling, digicash, proof of personhood, etc etc) that are only gleams in our eyes right now. > How about *credentials* that certify the capabilities or flag the > potential dangers of a binary object. > Aren't there schemes out there that hold promise for that sort of > *trustworthiness* stamp of approval? > Aren't such schemes prone to the potential of cliquish abuse? Sounds very much like [True?] brand names too me, in practice. In fact I cannot see the viability of an "It's ok" credential if used by anyone other than a trusted author/company and from trusted reviewers/users. > what are you credentialing? that someone *should* know what they are > talking about? even so it would not preclude being burned, psychopaths > tend to be very clever? This aversion to net.psychos seems very much like the fear of net.pedophiles that's been evidenced by a few journalists. Please point me to some psychopaths. Where are these folks. I have a strong suspicion that psychopaths are generally dysfunctional enough that they will not do well in a medium like this. And if there were a lot of them around, we'd already be seen decidedly psychopathic abuse of the net; instead we get immature spam, and other wastes of bandwidth but nothing particularly serious. I think we need to draw some distinctions between what is a possible threat or problem and was is a likely threat or problem. > > (Of course, this could lead occasionally to a Dr. Jekyll who makes > > sensible and weighty posts under his own name, while under his Mr. Hyde > > pseudonym he rants and raves. But hopefully this would not happen too > > often.) > > Oh, I don't know anybody who does that sort of thing! :-) > do you ? I certainly side with you on this one. I know quite a few people who do this, both on "the" net, and in BBS-based networks (as if there's much difference these days.) > > Other credentials could be related to some of the other points Detweiler > > raised, such as list membership > some number of months. The point would > > be that these credentials are voluntary, used to get past people's filters, > > and that they retain poster anonymity while giving readers useful information > > about the poster. > > I want privacy too, and I want as much free-wheeling as possible in the > matrix. Personally I think that accountability is going to be required > as the price for reasonably secure encryption, reasonably open access, > and reasonably secure privacy of data. What is "reasonably secure"? I can't think of any "reasonable" definition of that. Something secure from YOU, with your 386 or Mac, that is NOT secure from the US govt. is not reasonably secure to me. In fact it is woefully insecure, IMNERHO. > IMNSHO, it is unreasonable to expect an anarcho-libertarian outcome to > these issues. If you can prove me wrong I will be thrilled. Only time will tell. I think it'd be utterly silly to expect things to come out as any of us plan, 100%. That is no reason to not work toward whatever goals we have, as individuals, as "the Cypherpunks" or whatever. > I also see very little regarding potential for breaking the mind machine > link, or biologic interfaces? There are other lists and groups for that, particularly alt.cyber* -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From bal at martigny.ai.mit.edu Tue Oct 19 12:37:31 1993 From: bal at martigny.ai.mit.edu (Brian A. LaMacchia) Date: Tue, 19 Oct 93 12:37:31 PDT Subject: Knapsack Cryptosystems Message-ID: <9310191935.AA17292@toad.com> From: smb at research.att.com To: an41418 at anon.penet.fi Cc: cypherpunks at toad.com Date: Tue, 19 Oct 93 04:34:58 EDT For a good survey paper of knapsack cryptosystems, see [1]. Third -- and this is what sunk the knapsack problem -- you need a cryptosystem that exploits the full NP-complete problem, as opposed to just a simple case. (The knapsack problem was solvable by someone who knew the key because it wasn't a general knapsack, but a super- increasing sequence -- each number in it was greater than the sum of all of its predecessors. (This was the simplest version; there were, I believe, some others.)) Even knapsack cryptosystems that exploit the full NP-complete problem may still be susceptible to general attacks, depending on their density (a property of the weights of the knapsack problem). If the weights $a_i$ are too large, you get a "low-density knapsack" (i.e. you're sending lots of bits of cyphertext to hide few bits of plaintext). Brickell [2] and Lagarias and Odlyzko [3] showed that there are general attacks against subset-sum problems with density < 0.6463... In [4] we showed that this bound can be improved to about 0.9408... Joux and Stern came up with essentially the same result at about the same time [5]. (Note that if your density is > 1, then you have the possibility of two different plaintexts encrypting to the same ciphertext. Without more information, the encryption can be ambiguous.) We combined our two techniques in a joint paper -- you can get it via anon. FTP from martigny.ai.mit.edu in pub/bal/sumcc.ps, if you're interested. --bal References: [1] A. M. Odlyzko, The rise and fall of knapsack cryptosystems, {\it Cryptology and Computational Number Theory}, C. Pomerance, ed., Am. Math. Soc., Proc. Symp. Appl. Math. {\bf 42} (1990), 75-88. [2] E. F. Brickell, Solving low density knapsacks, {\it Advances in Cryptology, Proceedings of Crypto '83}, Plenum Press, New York (1984), 25-37. [3] J. C. Lagarias and A. M. Odlyzko, Solving low-density subset sum problems, {\it J. Assoc. Comp. Mach.\/} {\bf 32(1)} (January 1985), 229-246. [4] M. J. Coster, B. A. LaMacchia, A. M. Odlyzko and C. P. Schnorr, An improved low-density subset sum algorithm, {\it Advances in Cryptology: Proceedings of Eurocrypt '91}, D. Davies, ed., to appear. [5] A. Joux and J. Stern, Improving the critical density of the Lagarias-Odlyzko attack against subset sum problems, to be published. From mech at eff.org Tue Oct 19 12:42:23 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 19 Oct 93 12:42:23 PDT Subject: why anon bank acct? In-Reply-To: <9310190112.AA17160@dink.foretune.co.jp> Message-ID: <199310191941.AA14999@eff.org> > However, I think the deeper question is worth considering: what is the > justification for anonymous bank accounts? How about: it's no one's damn business what my acct. number is, that I have one at all, what bank I use, how much money I have, etc. > Avoiding taxes just doesn't cut it for me; much as I hate to pay them, > I recognise the need to do so. Need? Need to keep from being arrested or fined, yeah I can see that. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From tcmay at netcom.com Tue Oct 19 12:42:32 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 19 Oct 93 12:42:32 PDT Subject: "Is-a-person" Credentials, Fiat-Shamir paper Message-ID: <9310191939.AA16837@netcom5.netcom.com> I have here the Fiat-Shamir paper, "How to Prove Yourself: Practical Solutions to Identification and Signature Problems," from the 1986 CRYPTO Conference Proceedings. This is of course the defining paper of the Fiat-Shamir algorithm, which I understand was patented (no idea of patent number, or countries). And I hear from Chaum that Rupert Murdoch's publishing outfit (including Sky Channel, a satellite system) bought the rights to Fiat-Shamir. (Speaking of Chaum and patents, Chaum has also filed for patents and reportedly has already gotten some. We spend a lot of time talking about the RSA/PKP patents and when they'll run out (1998-2002), but patents on digital money may be just as constraining.) Anyway, if there's sufficient interest (contact me via e-mail), I can scan and OCR as much of the paper as is feasible (the equations and Greek symbols are always problematic). I suspect serious students of this stuff have access to the CRYPTO Proceedings at large university libraries, and the Fiat-Shamir paper is definitely a nice little intro, so I'm not sure it's worth the couple of hours it may take to get a good clean copy suitable for uploading to the list. The schemes for "is-a-person" credentialling should be of interest to us for several reasons: 1. The non-PGP "models" that rely on centralized credentialling agencies, be they private companies like Apple or RSA Data Security, or be they government agencies like DMV or National Health Offices. Carl Ellison noted this in connection with the PEM model. (One of the most impoortant innovations of PGP, in my opinion, was the "distributed trust" model used. Let's demand this of other packages we may use.) 2. Key escrow schemes could ultimately involve a tie-in to "is-a-person" databases. Someone wrote yesterday about an FCC-like ruling that would demand that all messages sent over the Net(s) be digitally signed with a signature associatable (sp?) with a True Name. (I can't see how this would be enforced, and can think of many ways around it. But it's important we think about what may be coming, the better to head it off early.) 3. As I have speculated before, I see the talk of a National Health Care Card--possibly a SmartCard of some sort--as naturally associated with a National ID Card. The immigration "problem" is causing many to call for such a card. "Your papers, please! Schnell!" (I hope I did not trivialize my point by bringing Nazis in.) Cypherpunks need to worry about more than just the government snooping on their messages--that's just one facet of the picture. The "dossier society" aspects are just as important. Ditto for other areas. So, let me know if there's real interest in this paper. And I have several of these Proceedings, with access to all the rest of the CRYPTO and EUROCRYPT Proceedings over at the UC Santa Cruz Science Library. I can't scan them all in, for obvious and compelling reasons (even with the "assistance" of the Information Liberation Front :-} ), but this is a resource that is available. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From tcmay at netcom.com Tue Oct 19 12:52:24 1993 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 19 Oct 93 12:52:24 PDT Subject: "Is-a-person" Credentials, Fiat-Shamir paper Message-ID: <9310191949.AA18452@netcom5.netcom.com> A minor correction to my post: "...this stuff have access to the CRYPTO Proceedings at large university libraries, and the Fiat-Shamir paper is definitely a nice little ^^^^^^^^^^^^^^^^^^^^^^^^ intro, so I'm not sure it's worth the couple of hours it may take to get a good clean copy suitable for uploading to the list." I left out a "not, " which alters the meaning. What I meant to say is that the Fiat-Shamir paper is definitely *not* a nice little inro. It's an academic paperr, not a primer on is-a-person credentialling. Few primers on advanced cryptology exist, as I'm sure you've all noticed. I'll be interested to see Bruce Schneier's new book, "Practical Cryptography," to see if it covers any of these newer ideas. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From capek at watson.ibm.com Tue Oct 19 12:57:31 1993 From: capek at watson.ibm.com (Peter Capek (TL-863-6721)) Date: Tue, 19 Oct 93 12:57:31 PDT Subject: Color Copiers Message-ID: <9310191955.AA17646@toad.com> I suspect the desire to have color copiers "attended" is more a matter of controlling cost than anything else. I heard some years ago that the Secret Service had asked manufacturers who were working on color copiers to "strut their stuff" and demonstrate the best copies they could make of US currency. The SS was aghast at the results, and I believe these results were at least part of the motivation for the anti-counterfeiting measures recently introduced, such as the microprinting on $50 and $100 bills. There is also alleged to have been an effort by the government to degrade the quality the machines could deliver, or to make "equal size" copying unavailable (and provide only 5% reduction/increase at a minimum). Apparently Xerox said something to the effect of "Nothing doing; we worked for years to get it this good and aren't going to degrade it to solve your problem." Amen. Peter Capek From pdn at dwroll.dw.att.com Tue Oct 19 13:02:24 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Tue, 19 Oct 93 13:02:24 PDT Subject: Article on Cashless Society Message-ID: <9310191959.AA17717@toad.com> Hello, all! There is an article in Information Week's October 11 issue titled "The Cashless Society" that discusses debit cards, smart cards, etc. This magazine is a management-type trade publication that bills itself as "The newsmagazine for information management." A fair-sized article; it may be of interest. Over the years, I've found this mag to be a fairly good place to watch for trends; they carry the sort of articles that our brass photocopies and gives us with notes like "Can we do this?" attached. FYI. ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From rb at hprrb.rose.hp.com Tue Oct 19 13:32:24 1993 From: rb at hprrb.rose.hp.com (Robert Brooks) Date: Tue, 19 Oct 93 13:32:24 PDT Subject: backing? In-Reply-To: <9310190450.AA03867@netcom5.netcom.com> Message-ID: <9310192031.AA08752@hprrb.rose.hp.com> > > * The role of *gold* is tangential and secondary. Any stable currency > would suffice, and in fact gold bullion would be no more desirable > than yen or Deutschmarks. > ... > .......................................................................... > Timothy C. May | Crypto Anarchy: encryption, digital money, > tcmay at netcom.com | anonymous networks, digital pseudonyms, zero > 408-688-5409 | knowledge, reputations, information markets, > W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. ^^^^^^^^^^^^^^^^^^^^^^^ Cognitive dissonance. Care to explain? I agree with Perry and Doug on this one--if not gold as backing, then perhaps virtual-world resources instead, such as information, or storage space, or CPU time. But not existing, government-backed currencies, at least in the long run. Robert From roc at gasco.com Tue Oct 19 13:47:36 1993 From: roc at gasco.com (Ron Christian x1545) Date: Tue, 19 Oct 93 13:47:36 PDT Subject: why anon bank acct? In-Reply-To: Message-ID: } > However, I think the deeper question is worth considering: what is the } > justification for anonymous bank accounts? } } How about: it's no one's damn business what my acct. number is, that I } have one at all, what bank I use, how much money I have, etc. Indeed. I think I reached critical mass when I discovered that my personal information and demographics were being sold for profit. } > Avoiding taxes just doesn't cut it for me; much as I hate to pay them, } > I recognise the need to do so. } } Need? Need to keep from being arrested or fined, yeah I can see that. True, but avoiding taxes isn't really the point. The point is preserving privacy. You don't have to be contemplating illegal acts to want to keep your affairs private. You may just want to be left the hell alone. Ron -- - "Don't rush a miracle man. You rush a miracle man, you get rotten miracles." From jamie at netcom.com Tue Oct 19 14:22:25 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Tue, 19 Oct 93 14:22:25 PDT Subject: S Boxx blathering Message-ID: <9310192119.AA02004@netcom.netcom.com> >I've figured it out. He's a Borg. Seems there's more to the story. Borg do exhibit collective intelligence. Punksters, it's such a feeling of raw power over lesser intelligences From mg5n+ at andrew.cmu.edu Tue Oct 19 14:52:25 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 19 Oct 93 14:52:25 PDT Subject: Photocopying money In-Reply-To: Message-ID: Edward J OConnell wrote: > I work at a graphic arts service bureau, and someone told me that > they had seen a canon representative, with a straight face, say at a > trade show that there was a chip in these machines that detected > the pattern created by currency, and blocked out the image. > > Easy to test. Of course, not true--at least, not the canon clc 300 I run. > > The control panel of the canon has a list of things you are not > supposed to copy. That is the extent of the restriction. For some > obscure reason I follow these rules. I'm not sure why. > > The chip thing made me laugh. What is amazing to me is that > canon would try to create this easily disprovable myth. Has > anyone else heard this story? My friend was adamant that he > had heard this spiel (and not a friend of his) but I suppose > this could itself be an urban myth. > > I suppose I could call canon...but attracting that kind of > attention to myself seems really stupid... It's true. Canon did indeed create such a chip. It's the same chip that's used in vending machines to scan dollar bills. They built a prototype copier which prevented copying money, but I don't know if they actually decided to install the chip in all their assembly-line production copiers or not tho. From eb at srlr14.sr.hp.com Tue Oct 19 14:57:36 1993 From: eb at srlr14.sr.hp.com (Eric Blossom) Date: Tue, 19 Oct 93 14:57:36 PDT Subject: Canon copier engine In-Reply-To: <9310191742.AA03546@banff.procase.com> Message-ID: <9310192154.AA22886@srlr14.sr.hp.com> > Steganographic signatures. Similarly, signatures are being put into > explosives (although they are somewhat traceable already) by using > various mixtures of trace elements. I believe that they also use small (microscopic) color coded chips of plastic. There is an OTA report on this topic with a name something like "Taggants in Explosives". I believe that the report is about 10 years old. From owen at autodesk.com Tue Oct 19 15:27:36 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Tue, 19 Oct 93 15:27:36 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing Message-ID: <9310192205.AA00919@lux.YP.acad> > From: m5 at vail.tivoli.com (Mike McNally) > D. Owen Rowley writes: > > Personally I think that accountability is going to be required as the > > price for reasonably secure encryption, reasonably open access, and > > reasonably secure privacy of data. IMNSHO, it is unreasonable to > > expect an anarcho-libertarian outcome to these issues. If you can > > prove me wrong I will be thrilled. > By whom is accountability going to be required? How will it (or how > can it) be implemented? What sort of mechanisms can be expected to > reliably and universally evolve in the decentralized anarchic network > we know today that will make "paying the price" a meaningful concept? > I con't prove you wrong because I cannot understand what you predict. The comercial use of internet is growing at a very fast rate, and it is predicted to overtake other uses in scope eventually. wide scale networks provide capabilitys which are very attractive to a variety of business enterprises. I suspect that a first pass will be made to try and use internet and the current suite of protocols and services as they are now. I also suspect that such attempts will flush out a whole raft of problems and deficiencies along with those who exploit such things. Hopefully new protocols and services can be developed which will minimise vulnerability and maximise protection for bussiness assets while allowing us as much freedom as possible. Nobody really knows what those things will be, and it is sorta problematic to make public laundrey lists of vulnerabilitys without some sort of idea how to deal with cleaning up the mess. We are going to have to learn by example. My main point though is that eventually business will find decentralised anarchic networks to be hostile territory, and will move on to less vulnerable, more reliable networks where user authentication, and accountable security are provided. It may be that there will be barriers between the anarchic networks and the business-place networks,that require users to provide proof of identity before they can pass. >>It seems to me that multimedia extensions have an *unfolding of the lotus >>like effect upon the issues involved. > Explain: is it because of the medium itself or because of the nature > of information that'll be available with multimedia delivery systems? yes. :-) seriously.. note that you asked "because of the medium itself". It's multiMedia, thats jargon for multiple mediums interacting with each other, and presenting data interactively on multiple fronts. It means an unfolding from two dimensional thinking ( text) to three dimensional thinking ( virtual reality ). > > I also see very little regarding potential for breaking the mind machine > > link, or biologic interfaces? > Uhhhh, OK. perhaps you are unaware of some of the more starling things that are being done with biofeedback interfaces. but even more simply than that.. lets take something mundane and achievable like hand gestures sensed by the data-glove. you want to get a privileged message to a colleague. If you can both access a data-space in real time and view an interactive simulation of each other in a prileged manner that insures no one else can capture and render either view, all you need to do is communicate via ASL or even a proprietary sign language, via the dataglove interface. this is very doable.. right now. let the Intelligence analysts chew on that! BTW, that scenario was suggested to me by an individual of my aquaintance who lives on the other side of the --uh-- tracks. he was very keen to be able to have such privileged communication, and cost is no factor to him, he pays in cash. (I should point out that I turned down the offer to contract the application) we are about to enter into an era of computing that provides quite a bit of potential to evade surveilance just because of the sheer multitude of possibilities. This is what is really driving those who want to do surveilance mad. Don't be surprsed if the ultimate result is draconian restriction in order to reduce the odds that are currently in our favor. Don't be surprised if you see your decentralised anarchic net go away and never return. LUX ./. owen From GAR4026 at ritvax.isc.rit.edu Tue Oct 19 16:12:24 1993 From: GAR4026 at ritvax.isc.rit.edu (NAME GARY) Date: Tue, 19 Oct 93 16:12:24 PDT Subject: request for Pgp Message-ID: <01H4B2CQVO3MA740EC@ritvax.isc.rit.edu> I'm new at this, and i don't want to ask any favors (i've seen what can happen to others that do) but i just need someone to tell me where i can find the pgp program so i can start to learn for myselt. all you have to do is give me the ftp site, and i don't care how much i get flamed because it'll be worth it. From catalyst at netcom.com Tue Oct 19 16:17:37 1993 From: catalyst at netcom.com (Scott Collins) Date: Tue, 19 Oct 93 16:17:37 PDT Subject: Photocopying money Message-ID: <9310192316.AA26432@newton.apple.com> >It's the same chip that's used in vending machines to scan dollar bills. To my knowledge, vending machines don't do optical recognition. They have a pair of photo-sensors, it's true, but these are used in conjunction with tractors only to measure the bill. Another sensor decodes the magnetic ink to determine validity and denomination. I saw this demonstrated recently on a PBS science program. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com From MJMISKI at macc.wisc.edu Tue Oct 19 16:37:37 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Tue, 19 Oct 93 16:37:37 PDT Subject: Backing Message-ID: <23101918363654@vms2.macc.wisc.edu> The problem with using a concrete anfd finite source to back ypour currency is that it is just that...finite. This causes many economic problems for the social/economic system founded on it. I was barely a pup when the world first discovered this... er...that is when everyone in the mainstream allowed economists to be heard. Remember the Gold Standard? --Matt ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From pmetzger at lehman.com Tue Oct 19 17:42:29 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 19 Oct 93 17:42:29 PDT Subject: Backing In-Reply-To: <23101918363654@vms2.macc.wisc.edu> Message-ID: <9310200036.AA10637@snark.lehman.com> This has nothing to do with crypto. Hit your delete button now... Matthew J Miszewski says: > The problem with using a concrete anfd finite source to back > ypour currency is that it is just that...finite. This causes > many economic problems for the social/economic system founded > on it. I was barely a pup when the world first discovered this.. It causes no problems whatsoever, other than preventing unrestrained printing of currency, which governments always detest. The money supply in a fractional reserve banking system with note issue is not limited, because this is a fractional reserve, and not 100% reserve, system. In fact, this system functions far better than a central bank, because of a planning problem that should be familiar to free market economists. The problem is this: central planning of the money supply leads to shortages and surpluses of money, which produces giant artificial swings in the economy. I can most easily explain this by analogy to the problem of production in a socialist vs. a capitalist society. In a centrally planned economy, virtually all goods exist in large surpluses or shortages because they are produced by a plan that lacks market information and priced without regard to market information. In a capitalist economy, the law of supply and demand keep the market in line, efficiently allocating the goods within the economy. The Fed has to try to control the money supply with very poor measurements of economic activity and blunt instruments like open market purchases of treasury instruments. This is very much like the problem of socialist production planning. On the other hand, in a free banking system, there are none of the problems of the business cycle artificially induced by central banking because the money supply will always be controlled in a distributed manner by the market, and will rise and fall naturally with the demand the market produces. Increased economic activity will produce natural rises in interest rates precisely tuned to the needs of the economy by the invisible hand -- similarly, decreases in economic activity will lower rates in the same manner. The money supply itself will self regulate because of the excess clearing rule that free banks issuing notes must follow. Its all very elegant, very simple, and its remarkable that people didn't realize how important an idea this was until fairly recently. If you want to read up on this, I suggest George Selgin's "The Theory of Free Banking". It was his PhD thesis at NYU. > Remember the Gold Standard? Yes. Fondly. However, the Gold Standard I fondly remember was the one from the days when bank notes weren't taxed and banks were free to issue them at will. Perry From trebor at foretune.co.jp Tue Oct 19 19:42:29 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 19 Oct 93 19:42:29 PDT Subject: why anon bank acct? In-Reply-To: <199310191941.AA14999@eff.org> Message-ID: <9310200241.AA01659@dink.foretune.co.jp> Stanton writes: >> Avoiding taxes just doesn't cut it for me; much as I hate to pay them, >> I recognise the need to do so. >Need? Need to keep from being arrested or fined, yeah I can see that. Not at all. I recognise that, however inefficient, taxes pay to maintain the legal and physical environment that makes my life more comfortable. There are many oppressive things about governments, but _by_and_large_ the US government is one of the least oppressive, and the vast majority of the people who work in it are honest and well-intentioned. What I hope comes out of groups like cypherpunks are ways to make the government better and more responsive to the needs of the citizenry (in other words, some good checks and balances), rather than petty ways to avoid a few bucks in taxes. Rather than aspire to join the alleged clique of rich and powerful tax evaders, might it not be better to aspire to develop techniques that both maintain privacy but guaran- tee that they have to pay their share of the load. Hint: develop something that makes it worth their while. From trebor at foretune.co.jp Tue Oct 19 19:52:38 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 19 Oct 93 19:52:38 PDT Subject: Photocopying money In-Reply-To: <9310192316.AA26432@newton.apple.com> Message-ID: <9310200250.AA01843@dink.foretune.co.jp> Scott writes: >To my knowledge, vending machines don't do optical recognition. In Japan they do. Some banks recently got scammed by people putting photocopied Y10,000 ($100) bills into changers at the banks (getting 10 Y1,000 in return). They've now done a ROM upgrade on the machines. A cultural point: Japan is a very cash-oriented society, so nobody blinked twice when someone went up to the changing machine and plunked 10 or 20 bills into it. From rjc at gnu.ai.mit.edu Tue Oct 19 19:57:38 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Tue, 19 Oct 93 19:57:38 PDT Subject: why anon bank acct? In-Reply-To: <9310200241.AA01659@dink.foretune.co.jp> Message-ID: <9310200256.AA06017@geech.gnu.ai.mit.edu> Robert J. Woodhead () writes: > >Need? Need to keep from being arrested or fined, yeah I can see that. > > Not at all. I recognise that, however inefficient, taxes pay to maintain > the legal and physical environment that makes my life more comfortable. [...] > ways to avoid a few bucks in taxes. Rather than aspire to join the > alleged clique of rich and powerful tax evaders, might it not be better > to aspire to develop techniques that both maintain privacy but guaran- > tee that they have to pay their share of the load. Hint: develop > something that makes it worth their while. Simple. Privatize those parts of government so they can chose the services they want to buy. Rather than confiscate their money for whatever subjective "share" is in vogue. (I've never seen this share defined objectively. Just rants "they must pay more!!! wah!!" Even in other countries with much higher rates than our 36%, people are still demanding more. ) -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From mg5n+ at andrew.cmu.edu Tue Oct 19 20:12:29 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 19 Oct 93 20:12:29 PDT Subject: request for Pgp In-Reply-To: <01H4B2CQVO3MA740EC@ritvax.isc.rit.edu> Message-ID: GAR4026 at ritvax.isc.rit.edu writes: > I'm new at this, and i don't want to ask any favors >(i've seen what can happen to others that do) >but i just need someone to tell me where i can find >the pgp program so i can start to learn for myselt. >all you have to do is give me the ftp site, and i >don't care how much i get flamed because it'll be >worth it. Oh, you're looking to get flamed huh? Well, in that case... hehehe I got my copy from ftp.demon.co.uk From mg5n+ at andrew.cmu.edu Tue Oct 19 20:32:30 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 19 Oct 93 20:32:30 PDT Subject: Photocopying money In-Reply-To: <9310200250.AA01843@dink.foretune.co.jp> Message-ID: "Robert J. Woodhead" wrote: In Japan they do. Some banks recently got scammed by people putting photocopied Y10,000 ($100) bills into changers at the banks (getting 10 Y1,000 in return). They've now done a ROM upgrade on the machines. Hmm... I wonder how many free cokes I could get with that method... hehe :) There used to be a vending machine here where you could push 2 different buttons at the same time and get two sodas for the price of one. When I lived in California, there was a pay phone where you could dial an 800 number and then dial another number and it would charge you as if you were still connected to the 800 number (free calls!!!) Oh man... some vending machine companies overlook the most obvious things... I guess it can happen to anybody (remember identify #9 and get 1000000 ep? :) Hmm... what does this have to do with cryptography? From mg5n+ at andrew.cmu.edu Tue Oct 19 21:17:39 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 19 Oct 93 21:17:39 PDT Subject: Unfactorable Polynomial Modulus PKC In-Reply-To: <9310181535.AA27722@great-gray.owlnet.rice.edu> Message-ID: Karl Lui Barrus wrote: > I beleive the equation leaks information. When you expand the > equation symbolically, it is easy to solve for the constants by > matching the coefficients of the highest powers and working backwards. > If the constants can be negative as well as positive, the signs of > some of the terms will reflect this. You're right. You know that the x^2 term is (c/2 + 3/8)x^2 so you can just solve for c from there. Once you have c, you can solve for c2. So, if I could prevent you from finding c, then you couldn't solve it. How can I do this? By adding another constant. So far, I have just added a constant after each term. This leaves open the possibility that I could also add one at the beginning. (I'll call the constants A, B and C for simplicity). Therefore I'd have something like the following: F(G(H(x))) where: F(x) = (1/2)x^2 + (1/2)x + C G(x) = (1/2)x^2 + (1/2)x + B H(x) = x + A Expanding this, we have something which begins: (1/8)x^4 + ((A+1/2)/2)x^3 + ((3/2)a^2+(3/2)a+b+3/4) + ... So you can still solve for A, which lets you solve for B, which lets you break my cipher and find my private key. But consider the following: Up to now, I have simply added a constant before and after each nested term. I (or you) can easily reverse this process by subtracting the constant, and then inverting the functions. I can add an additional layer of security by multiplying the result of the function by an odd number and taking the modulus. As long as I multiply by an odd number and take the modulus of a power of 2, the process can be reversed. Now if I do this at the beginning and after each of the functions I get: F(G(H(x))) where: F(x) = (F/2)x^2 + (F/2)x + C G(x) = (E/2)x^2 + (E/2)x + B H(x) = Dx + A Expanding this, I get: (1/8)fe^2d^4x^4 + ((a+1/2)/2)fe^2d^3x^3 + (1/2)((3/2)ea^2+(3/2)ae+b+e/4+1/2)fed^2x^2 + (1/2)(ea^3+(3/2)ea^2+ea/2+2ab+b+a+1/2)fedx + fe^2a^4/8+fe^2a^3/4+fea^2b/2+fe^2a^2/8+feab/2+fb^2/2+fea^2/4+fea/4+fb/2+c Picking some random values for A, B, and C, and picking some random odd numbers for D, E, and F, plugging them into the equation, and then taking mod 256, I came up with the following: 136.375x^4 + 139.25x^3 + 33.625x^2 + 110.75x + 179 So what values for A,B,C,D,E,& F did I use? Have fun factoring! :) From mg5n+ at andrew.cmu.edu Tue Oct 19 21:22:30 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Tue, 19 Oct 93 21:22:30 PDT Subject: crypto technique In-Reply-To: <9310181535.AA27722@great-gray.owlnet.rice.edu> Message-ID: Karl Lui Barrus wrote: > We know the magnitude of the constants must be less than P, which is > public. But can they be negative - will the decoding process still > work? Or, will you obtain the correct decoding for the correct choice > and an incorrect decoding for the incorrect choice? If it turns out > that either choice will decode a number to the same value, or if the > decoding won't work with negative numbers, then this method is too > easy to invert. > > If the constants can't be negative, or if they can be but it doesn't > make a difference in the decoding, then taking the modulus doesn't > obscure anything at all. Moduli are always positive. It is interesting to note that since x^2 mod y = (-x)^2 mod y, then x^2 mod y = (y-x)^2 mod y. So whenever you have a square root modulus, you have at least two numbers in the domain which will produce the same outcome. From trebor at foretune.co.jp Tue Oct 19 21:47:39 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 19 Oct 93 21:47:39 PDT Subject: JUDGMENT PROOFING In-Reply-To: <931019173503_72114.1712_FHF72-1@CompuServe.COM> Message-ID: <9310200229.AA01472@dink.foretune.co.jp> You write: > Low Profile = Minimal Hassle Bingo. However, please note that one difference between the past and the present is that the reason "hard" encryption is needed is because electronic communication is so inherently insecure. In the past, communications tended to be hard to intercept but easy to read, today the opposite is becoming true. Thus, the difference is that today, it's much harder to be discreet -- the encryption is a red flag. "What's he hiding?" And as any intelligence analyst can tell you, even traffic analysis can tell you a _lot_. Suggested Reading: The Spycatcher's Encyclopaedia of Espionage, by Peter Wright. VERY entertaining. From hfinney at shell.portal.com Tue Oct 19 22:47:40 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Tue, 19 Oct 93 22:47:40 PDT Subject: JUDGMENT PROOFING Message-ID: <9310200543.AA22959@jobe.shell.portal.com.shell.portal.com> [Something in the way of a test post, to see if I can get through to toad.com yet...] From: "Robert J. Woodhead" > Thus, the difference is that today, it's much harder to be > discreet -- the encryption is a red flag. "What's he hiding?" > And as any intelligence analyst can tell you, even traffic analysis > can tell you a _lot_. This is exactly what anonymous remailers are for - to defeat traffic analysis. The goal is a situation where you, and everyone else, receives and sends out a bunch of encrypted traffic every day. There will be no way a snooper can find out exactly what you are reading, what you are writing, or whom you are communicating with. That's what I call private. Hal Finney hfinney at shell.portal.com From 72114.1712 at CompuServe.COM Tue Oct 19 23:07:40 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Tue, 19 Oct 93 23:07:40 PDT Subject: ANNONYMOUS BANK ACCOUNTS Message-ID: <931020053601_72114.1712_FHF42-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Robert J. Woodhead suggested: . . . Rather than aspire to join the alleged clique of rich and powerful tax evaders, might it not be better to aspire to develop techniques that both maintain privacy but guarantee that they have to pay their share of the load. . . . Oh Robert, the clique is hardly alleged. Their there whether you like the idea or not. Strong crypto can do far more than merely maintain privacy while we try--in vain--to fairly share the load. It can help us *reduce and ultimately eliminate* the load for rich and poor alike. If you want to submit to taxes to buy piece, go right ahead. I'll put my faith in crypto anarchy. Mr. Woodhead went on in another post: . . . the difference is that today, it's much harder to be discreet -- the encryption is a red flag. "What's he hiding?" And as any intelligence analyst can tell you, even traffic analysis can tell you a _lot_. . . . Nope, where message volume is high, encryption is lost in the noise. When encryption is wide-spread, it's not a read flag. If steganography is used, there is no flag at all. Remailers make traffic analysis extremely difficult or impossible. Finally, the traditional methods are still just as effective as always. I'll say it again: We have already won. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From ld231782 at longs.lance.colostate.edu Wed Oct 20 00:17:42 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Wed, 20 Oct 93 00:17:42 PDT Subject: pseudospoofed out Message-ID: <9310200713.AA28851@longs.lance.colostate.edu> Cypherpunks, I use the internet for a lot of serious activities, and it deeply troubles me to think that I have been vicitimized by pseudospoofers in areas outside of merely the cypherpunks list such as in the numerous FAQs I edit (a very time consuming endeavor) or in my other favorite mailing lists. I feel like my blood has been drained by parasites that suck my prose and passions. Since there is absolutely no support for any `True Names' here whatsoever, I volunteer to drop the subject. And of course I am just another blip on this list, so my ideas for its improvement mean nothing, and I will not *ever* make a proposition again here regarding the subject. however, A PERSONAL REQUEST I humbly request that ANYONE SENDING ME PERSONAL MAIL have the decency to do so under their `True Name' or `obviously anonymously' under the same identity. Do not deceive me for perverted sport. Do not try to build up trust merely so that you can betray it. Do not manipulate me simply because you have the capability or because I am a basically trusting person. This sentiment is equivalent to something like `if a woman doesn't carry a gun then it's OK to rape her' and it is one of the most alarming aspects of what I have seen promoted here and in the general `hacker' community. `nothing is wrong if you can get away with it.' I believe that there is no such thing as a `consequentless action'. Please, do not drag *me* into the gutter because you like to wallow there. If anyone has deceived me in manipulating me with multiple pseudonyms in my personal email, please inform me *now*. I believe this is the absolute least that *anyone* could ask on the internet. Another point to make is that Usenet & current mailing lists are far from the future models. I fundamentally believe that `true name' systems are entirely socially desirable and can be erected without invading privacy. Anyone who claims that `true names' and `privacy' are fundamentally incompatible is simply mistaken. Does `absolute privacy' mean that no one *ever* knows who *anyone* is? It seems to me the ability to differentiate identities or reject their input based on `true names' is a basic right of the listener. You do not have a right to bludgeon me with identical opinions from an unrepresentative arsenal of imaginary identities. I suspect some of the people advocating `absolute privacy' are themselves currently using powerful tools to detect pseudospoofing others do not possess. Is that the cypherpunk Utopian ideal? A place where you can manipulate people without them knowing it? let others drown in mud while you trample atop their backs? Also, please do not deceive the press. T.C. May has recently satirically suggested that some of the Wired pictures are of hired actors. I don't find this funny. If the `cypherpunks' are really something other than that which they claim, it will eventually and inevitably come back to haunt the `movement,' whatever it is (algorithms or ideology? I no longer care). History and society is far more shrewd than that. If pseudospoofing is really the #1 cypherpunk agenda, please make that clear. `We want to fool everyone with brainwashing techniques so they are at the mercy of our whim.' One of my attractions to cyberspace was the promise of making online friends, and I have made many over many months. But the idea that some psychopaths are sending me email just to leech my strong emotions and play with my passions, like a cat does a captured mouse, perhaps even with the support of a large and complex software `arsenal' designed specifically to promote camouflage and manipulation, perhaps on a very widespread scale involving multiple lists, I find reprehensible and inherently evil. Please, choose another lab rat victim. My whole `cyberspatial reality' has been cast into doubt. Who's real? Who's fake? I used to really look forward to reading and responding to my mail, but now I approach it with dread, horror, and nausea. I don't even know if who I am talking to on the phone is who they say they are anymore, or if I really have any true cyberspatial friendships, because of all the pseudospoofing in my mailbox. There are some among you who say `welcome to the real world'. Are you people saying that man's natural state is confusion, desperation, and paranoia? I am not opposed to `pseudonymity' and multiple reputations of couse. But the strong sentiments on this list that I should be kept *guessing* I find abhorrent. What is most disturbing is the possibility of a single entity attempting to stick someone's psyche in a vice by systematic and concerted assaults from multiple supposedly `unique' identities in private email. This is like dealing with a tentacled octopus-monster. What could be more depraved? This is nothing but vicious interrogation and brainwashing. I'm simply in favor of truth in advertising, and I think this list has been misrepresented as a `forum' when it's nothing but a hotbed of pseudospoofing, possibly even aided by automatic software tools. Someone tell me, how long have I been arguing with AI programs anyway? Trully, I never would have subscribed if I had realized the `practice' of pseudospoofing was epidemic. I mean, I suspected there were isolated cases, but now it appears a large part of traffic is manufactured flames and froth. Does anyone have any idea how much time has been wasted wading or even arguing with opinions that were nothing but mirages? I'm deeply disillusioned. But of course, who cares? Certainly not the leadership or the followers. I'm not sure that some of the `identities' I've been dealing with over the past few months really have any basic morality. I suspect there are some demagogues that tout `privacy' while really subtly and insideously promoting dishonesty, sociopathism, treachery, and barbarianism. An example: I am on another mailing list where I posted a long article as a `gift' to the subscribers. I got some favorable comments, except from the moderator who said that `people are shocked at what you did.' I asked him. What people? What did they say? He backed down. But imagine that someone slandered me with a worthless pseudonym? and, in fact, even if they mailed *me* would I be able to tell that they didn't care about the reputation of that pseudonym? It seems to me that there is a basic idea of reputation and postings. To a degree, if you haven't earned a reputation in some subject, you should be disqualified from pontificating on it, irrelevant of your arsenal of pseudonyms. Filters based on reputations may help make this a reality. (I would personally like to ban my mailbox of all opinionated pseudonyms who have not read more than 2 of my posts.) I remember E.H. once announcing to the list that J. Markoff had unsubscribed. Who's really in favor of privacy? Is everybody here really interested in `privacy' as an `offensive weapon'? `Privacy' as a way of evading taxes? `privacy' as a way of manipulating or betraying the gullible and trusting for perverted pleasure? `privacy' as destroying social order and promoting anarchy? Really, nevermind. please, don't send me any more blistering flames. These are rhetorical questions. In fact, this is a rhetorical essay. From jrk at sys.uea.ac.uk Wed Oct 20 01:37:41 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Wed, 20 Oct 93 01:37:41 PDT Subject: pseudospoofed out Message-ID: <5805.9310200836@s5.sys.uea.ac.uk> L. Detweiler writes: >I'm simply in favor of truth in advertising, and I think this list has >been misrepresented as a `forum' when it's nothing but a hotbed of >pseudospoofing, possibly even aided by automatic software tools. ... >I'm not sure that some of the `identities' I've been dealing with over >the past few months really have any basic morality. I suspect there are >some demagogues that tout `privacy' while really subtly and insideously >promoting dishonesty, sociopathism, treachery, and barbarianism. I note that "S.Boxx" is saying much the same. Who is pseudospoofing whom? >I would personally >like to ban my mailbox of all opinionated pseudonyms who have not read >more than 2 of my posts. Well, go ahead. Mail readers that support kill files exist already. -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From trebor at foretune.co.jp Wed Oct 20 02:42:30 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Wed, 20 Oct 93 02:42:30 PDT Subject: why anon bank acct? In-Reply-To: <9310200256.AA06017@geech.gnu.ai.mit.edu> Message-ID: <9310200938.AA07858@dink.foretune.co.jp> Ray writes: > Simple. Privatize those parts of government so they can chose >the services they want to buy. An admirable solution, but it does not take into account the vested interests involved. The only way to deal with them is to design a new system that is sufficiently more efficient (and/or wealth generating) that they are better off supporting it than opposing it. The U.S. Government has been under construction for over 200 years; you are not going to break it apart so easily. From trebor at foretune.co.jp Wed Oct 20 02:52:30 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Wed, 20 Oct 93 02:52:30 PDT Subject: Photocopying money In-Reply-To: Message-ID: <9310200948.AA07977@dink.foretune.co.jp> (This is nostalgiaware - skip past it if you're only into messages about encryption) Matthew writes: >Oh man... some >vending machine companies overlook the most obvious things... I guess >it can happen to anybody (remember identify #9 and get 1000000 ep? :) This is a reference to my game, Wizardry, an RPG that allowed each character to have 8 items in inventory. Alas, the code that checked for valid keypresses in the "identify item" section had an error: IF (ch>='1') _or_ (ch<='8') then id_item(player,ord(ch)-ord('0')); This allowed any key to be pressed, and ended up twiddling bits in the data structure. Pressing 9 gave you extra experience points. Someone once sent me a list of what _all_ the keys on an Apple II did. We deliberately left this bug in the PC version of the game as it had become part of the legend of the game. Not much to do with encryption, but Wizardry encrypted it's game strings with a simple system that nobody broke (I guess tracing p-code was too much trouble). It added X*the character position and Y*the line number+Z*the previous character, as I recall... From m5 at vail.tivoli.com Wed Oct 20 06:17:42 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 20 Oct 93 06:17:42 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing In-Reply-To: <9310192205.AA00919@lux.YP.acad> Message-ID: <9310201314.AA03597@vail.tivoli.com> D. Owen Rowley writes: > The comercial use of internet is growing at a very fast rate... Agreed. > wide scale networks provide capabilitys which are very attractive to > a variety of business enterprises. Clearly; *right now* businesses are spending real money on it. > I suspect that a first pass will be made to try and use internet and the > current suite of protocols and services as they are now. Uhhh, it's already happening. > I also suspect that such attempts will flush out a whole raft of problems and > deficiencies along with those who exploit such things. > Hopefully new protocols and services can be developed which will minimise > vulnerability and maximise protection for bussiness assets while allowing > us as much freedom as possible. Why does this preclude continuation of net services as they exist today? You seem to feel that there can only be one mode of use for network resources. If businesses want to use the net only under the aegis of some authentication/credentialing scheme, fine! That means I may or may not choose too participate, or that I may choose to participate as "myself" while still maintaining other digital alter-egos for other purposes. > Nobody really knows what those things will be, and it is sorta problematic to > make public laundrey lists of vulnerabilitys without some sort of idea > how to deal with cleaning up the mess. We are going to have to learn by > example. Why are you so stuck on the idea of "cleaning up a mess"? The network is a resource. It can be used concurrently in lots of different ways. You're free to start up your own set of authenticated services this afternoon if you like. > My main point though is that eventually business will find decentralised > anarchic networks to be hostile territory, and will move on to less > vulnerable, more reliable networks where user authentication, and > accountable security are provided. Really? So the presence of paying customers on the anarchic networks won't be attractive? We've had experience with lots of nasty problems on the Internet already, and yet companies are all the time paying for things like T1 channels for better service. Of course, businesses are free as they've always been to implement whatever communications systems they want. This is old news. > It may be that there will be barriers between the anarchic networks and > the business-place networks,that require users to provide proof of identity > before they can pass. Ok, fine. So I pass if I want to and not if I don't. What's the point? What does this have to do with being able to interact on other net forums under different rules? > seriously.. note that you asked "because of the medium itself". > It's multiMedia, thats jargon for multiple mediums interacting with each > other, and presenting data interactively on multiple fronts. Yes, I'm vaguely familiar with the concept :-) > It means an unfolding from two dimensional thinking ( text) to three > dimensional thinking ( virtual reality ). I think you're selling text short, but that's another discussion. > perhaps you are unaware of some of the more starling things that are being > done with biofeedback interfaces. I'm aware of plenty of hype and pipe-dreams, but little reality. Sure, it'd be neat though. What does it have to do with authentication and accountability? > lets take something mundane and achievable like hand gestures sensed by > the data-glove... [data glove communication deleted] That'd be nice, I guess, but what's the point? Are you suggesting that someone tapping the communication line wouldn't be able to (1) figure out what you were "saying" and (2) spoof the system? (If neither, then what does this technology have to do with authentication?) > BTW, that scenario was suggested to me by an individual of my > aquaintance who lives on the other side of the --uh-- tracks. > he was very keen to be able to have such privileged communication, > and cost is no factor to him, he pays in cash. Have you sent him PGP? Seems a heck of a lot better and a heck of a lot easier to implement. > Don't be surprised... I'm losing track of what this has to do with "need" for accountability. -- Mike McNally From m5 at vail.tivoli.com Wed Oct 20 06:22:42 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 20 Oct 93 06:22:42 PDT Subject: pseudospoofed out In-Reply-To: <9310200713.AA28851@longs.lance.colostate.edu> Message-ID: <9310201322.AA03608@vail.tivoli.com> "L. Detweiler" writes: > I feel like my blood has been drained by > parasites that suck my prose and passions. I hereby claim this as a .signature for at least one of my identities. -- Mike McNally From m5 at vail.tivoli.com Wed Oct 20 06:32:30 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 20 Oct 93 06:32:30 PDT Subject: pseudospoofed out In-Reply-To: <9310200713.AA28851@longs.lance.colostate.edu> Message-ID: <9310201330.AA03617@vail.tivoli.com> "L. Detweiler" writes: > [ the funniest thing I've read on the net in years. ] Thank you, thank you, thank you *all* for making this possible. The hours of cleaning crud from my INBOX are *easily* worth this kind of entertainment. I am literally in tears, irritating my officemate with incessant laughter. Mr. Detweiler (if that really *is* your name), thank you especially. You write well, kinda, even if I utterly disagree with you. I think I'll print this out and paste it into my big unabridged next to "hyperbole". -- Mike McNally From cme at ellisun.sw.stratus.com Wed Oct 20 07:07:42 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Wed, 20 Oct 93 07:07:42 PDT Subject: defeating traffic analysis Message-ID: <9310201404.AA26853@ellisun.sw.stratus.com> >Date: Tue, 19 Oct 93 22:43:46 PDT >From: hfinney at shell.portal.com (Hal Finney) >Message-Id: <9310200543.AA22959 at jobe.shell.portal.com.shell.portal.com> >Subject: Re: JUDGMENT PROOFING >This is exactly what anonymous remailers are for - to defeat traffic >analysis. The goal is a situation where you, and everyone else, receives >and sends out a bunch of encrypted traffic every day. There will be >no way a snooper can find out exactly what you are reading, what you >are writing, or whom you are communicating with. That's what I call >private. To really defeat traffic analysis you also have to remove any information from volume of traffic. If I don't know any message routing but I do know that cme sent 10 MB of traffic and you received 10 MB of traffic and the other 30 people on the anon subnet dealt with only 100B each, .... So: have everyone send and receive exactly the same size message to/from the same sites at the same time every day. - Carl From an42035 at anon.penet.fi Wed Oct 20 07:22:33 1993 From: an42035 at anon.penet.fi (the Surgeon) Date: Wed, 20 Oct 93 07:22:33 PDT Subject: crypto anarchy Message-ID: <9310201421.AB11672@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- >Count on it. Things are moving much too slowly on "our" side. Entities >like AT&T, Warner, etc. stand a good chance of controlling much of what >becomes "the net" in the future, if much of this technology is not: >1) in place and functional >2) easy to use by the clueless and lazy as well as techies >3) accepted for use within the network, indeed considered *part of* the > network both as "flavour" and technical specifications >4) impossible to remove - no govt/corporate turning back of the tide >VERY soon. In addition the populace has to become aware of: >4) HOW to do all of this - easy "newbie" software is needed - plug-n-play >5) that privacy is possible. Most have forgotten this. If we need this stuff out VERY soon, then there is a serious problem: Time-Warner, AT&T, etc. can afford to spend major $$$ on implementing technology, including having employees work on these projects full time, while the cypherpunks work that goes on is largely on a part time basis by otherwise employed professionals, or students. Not to insult anybody; each contribution in anonymous mail, digital cash, dc-nets, crypto software, etc. is GREATLY appreciated. However, the progress that has been made still has a fun oriented research and development slant. But all the same, if what you are saying is that these volunteer/hacker types have to battle for the future of the net, there's no way. I mean, look at all the stuff Phil Zimmerman went through to put out one crypto program. Can you expect anybody else to do the same? Many volunteers have spent countless man-hours working on PGP, and by no stretch of anybody's imagination is it "plug-n-play" ready. I can't tell you how many announcements of upcoming Windows PGP front-ends I've seen. I'm sure many hobbyists are working on it as much as they can, and I'm glad, but these people can't be expected to compete with real software development efforts. A software company that wants to make "plug-and-play" easy to use crypto software which meets #1 and #2 - including integration into popular mail software - will bury PGP or RIPEM by sheer numbers. Most people fall into the "clueless and/or lazy" category. >There's a lot of work to do. The Wired article may have called cypherpunks "millionaire hackers", but I don't think the majority of this list can afford to work on cypherpunks stuff full time like it probably needs to be worked on. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQBVAgUBLMRcPcOOfkF1iwTdAQE7ygH+OixoYSJBqiH5HbLj4TSjnEaUJINZlndk /zBYfigU0hFYB12rEpI1MBsqep9DNSzR4aOqyQMz4WQ45ayBCp4ekw== =kQBw -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From doug at lm.net Wed Oct 20 07:27:42 1993 From: doug at lm.net (Doug Luce) Date: Wed, 20 Oct 93 07:27:42 PDT Subject: pseudospoofed out In-Reply-To: Message-ID: to the individual with difficulties of a spoofing sort: the answer is procmail. my inbox script strips all recipiant header information. it also chops off signatures. it puts in a bogus From: line with a sequence number. it even parses the text for items like "My name is Joe Hoop," replacing them with "My name is XXXX." if i can't figure out who it is by the context, the sender loses. my outbox script matches the sequence number up with the proper recipient and ships my response out. rarely is the reply "I don't know who you are." dug From holland at CS.ColoState.EDU Wed Oct 20 08:22:32 1993 From: holland at CS.ColoState.EDU (douglas craig holland) Date: Wed, 20 Oct 93 08:22:32 PDT Subject: Explosives tracers In-Reply-To: <9310192154.AA22886@srlr14.sr.hp.com> Message-ID: <9310201519.AA12207@beethoven> > > > Steganographic signatures. Similarly, signatures are being put into > > explosives (although they are somewhat traceable already) by using > > various mixtures of trace elements. > > I believe that they also use small (microscopic) color coded chips of > plastic. There is an OTA report on this topic with a name something > like "Taggants in Explosives". I believe that the report is about 10 > years old. > > I remember hearing about how one congress member removed the taggants from a sample of gunpowder using tweezers during a terrorism hearing. Taggants can't really be relied upon. Doug From mech at eff.org Wed Oct 20 08:47:44 1993 From: mech at eff.org (Stanton McCandlish) Date: Wed, 20 Oct 93 08:47:44 PDT Subject: crypto anarchy In-Reply-To: <9310201421.AB11672@anon.penet.fi> Message-ID: <199310201547.AA06620@eff.org> > If we need this stuff out VERY soon, then there is a serious problem: > Time-Warner, AT&T, etc. can afford to spend major $$$ on implementing > technology, including having employees work on these projects full > time, while the cypherpunks work that goes on is largely on a part > time basis by otherwise employed professionals, or students. Hadn't meant to sound alarmist. By "VERY soon" I mean, within the next couple of years. > Many volunteers have spent countless man-hours working on PGP, and by > no stretch of anybody's imagination is it "plug-n-play" ready. I > can't tell you how many announcements of upcoming Windows PGP > front-ends I've seen. I'm sure many hobbyists are working on it as > much as they can, and I'm glad, but these people can't be expected to > compete with real software development efforts. > A software company that wants to make "plug-and-play" easy to use > crypto software which meets #1 and #2 - including integration into > popular mail software - will bury PGP or RIPEM by sheer numbers. Most > people fall into the "clueless and/or lazy" category. Yes, this is so. The problem however is not just that PGP is difficult. The entire UseNet/Internet experience is too difficult for the average person, who probably doesn't even know which end of a diskette to insert first. The media conglomerates will bring a filtered and [surprise!] TV-like version of the net to households and offices, that will be simple and easy, point and shoot. Useless, censored, commercialized to the point of saturation. I don't see any room for privacy in a network like that. *That's* what we're up against. Sure, no one can afford to write cypherpunks code full time, but what can be done should be done, and hopefully people will collaborate more. Every tool that makes it easier to integrate is a step in the right direction. The various scripts and utils that people have come up with for PGP use on "the" net, GenMSG for Fido mail, the menu/shell programs, it's all a step in the right direction. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From anagld!decode!system at uunet.UU.NET Wed Oct 20 09:22:34 1993 From: anagld!decode!system at uunet.UU.NET (System Operator) Date: Wed, 20 Oct 93 09:22:34 PDT Subject: PRIVACY: Shredded trash doesn't cut it Message-ID: <6N1PBc2w165w@decode.UUCP> Fellow Cypherpunks, As if there was any doubt, the following will show that even shredded trash is not safe: >From _Search and Seizure Bulletin_, Vol 30, No. 9, September 1993 Shredded Documents - No Privacy Interest in Public Trash Massachusetts United States v. Scott, 975 F.2d 927 (1992) The Internal Revenue Service (IRS) suspected Scott of filing false income tax returns. IRS agent's searched Scott's garbage bags which were left in front of his house for collection and found shredded documents. The agents pieced the papers together and were able to establish probable cause to request search warrants based on the evidence revealed in the whole documents. The IRS presented a 47-count indictment against Scott. Scott moved to suppress the evidence, claiming the search of his garbage violated his privacy interests. His motion was granted and the United States appealed. DECISION: Reversed and sent back to the lower court. The Constitution does not prohibit the warrantless seizure of shredded documents found in public trash. Scott relinquished his reasonable expectation of privacy in the garbage once he abandoned it outside his house to be collected or destroyed by a third party. That he may have desired secrecy by shredding the documents does not change the fact he left the garbage in the public domain, and the police were free to use their resources to collect the evidence. A legitimate expectation of privacy is measured not by the individual's desire to maintain secrecy, but by whether the government's action violates constitutionally recognized privacy rights. Because Scott had no constitutionally protected privacy interest in this trash, the appeals court decided his motion to suppress should have been denied. California v. Greenwood, 486 U.S. 35, 108 S.Ct. 1625, 100 L.Ed.2d 30 (1988) United States v. Mustone, 469 F.2d 970 (1972) Dan uunet!anagld!decode!dan -- system at decode.UUCP (System Operator) Cryptography, Security, Privacy BBS +1 410 730 6734 Data/FAX From hfinney at shell.portal.com Wed Oct 20 09:27:46 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Wed, 20 Oct 93 09:27:46 PDT Subject: pseudospoofed out Message-ID: <9310201623.AA21602@jobe.shell.portal.com.shell.portal.com> Dug writes that he intentionally strips out all identifying information from his incoming mail that would show who it is from. Truly this is a radical solution to the problem of spoofing. A basic principle of discourse is that the validity of an idea is independent of its source (which is why ad hominem attacks are considered invalid). Yet this principle is not widely followed (which is why ad hominem attacks are considered effective). Dug's solution enforces the discipline of judging each piece of mail on its own merits. Maybe more people should consider this approach. Hal Finney hfinney at shell.portal.com From ferguson at icm1.icp.net Wed Oct 20 09:27:50 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Wed, 20 Oct 93 09:27:50 PDT Subject: (fwd) Re: Error in RFC1 321 (MD5)? Message-ID: <9310201725.AA14954@icm1.icp.net> I thought (perhaps) this may be of interest - Forwarded message: > Newsgroups: sci.crypt > Subject: Re: Error in RFC1 321 (MD5) ? > Date: 18 Oct 93 09:10:29 > Organization: RSA Data Security, Inc. > Lines: 27 > Distribution: world > Message-ID: > References: <29u8jqINNn0s at umbc7.umbc.edu> > NNTP-Posting-Host: chirality.rsa.com > In-reply-to: olson at umbc.edu's message of 18 Oct 1993 10:18:34 -0400 > > In article <29u8jqINNn0s at umbc7.umbc.edu> olson at umbc.edu (Bryan G. Olson) writes: > > I just ftp'd RFC 1321 ( MD5 Message-Digest Algorithm ) from > rsa.com, and I believe there is a minor error in the > specification of the algorithm. > > On page 5, the four operations used in the four rounds are > defined, and the operations for round 3 and 4 seem to have > mis-matched parameter names. Specifically from page 5: > > [...] > >> /* Round 3. */ > >> /* Let [abcd k s t] denote the operation > >> a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ > >> /* Do the following 16 operations. */ > [...] > >> /* Round 4. */ > >> /* Let [abcd k s t] denote the operation > >> a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ > >> /* Do the following 16 operations. */ > [...] > > Yes, the 't' should be an 'i'. Not a major source of confusion, but > something that should be noted and corrected. > > -- Burt Kaliski > RSA Laboratories > _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From koontzd at lrcs.loral.com Wed Oct 20 09:47:45 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Wed, 20 Oct 93 09:47:45 PDT Subject: PRIVACY: Shredded trash doesn't cut it Message-ID: <9310201644.AA11884@nebula.lrcs.loral.com> Ah, the infamous Shred Scott decision. From nobody at alumni.cco.caltech.edu Wed Oct 20 10:12:35 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Wed, 20 Oct 93 10:12:35 PDT Subject: pseudospoofed out Message-ID: <9310201704.AA02218@alumni.cco.caltech.edu> on Wed, 20 Oct 93 09:23:03 PDT, hfinney at shell.portal.com (Hal Finney) writes: < A basic principle of < discourse is that the validity of an idea is independent of its source < (which is why ad hominem attacks are considered invalid). Yet this < principle is not widely followed (which is why ad hominem attacks are < considered effective). i believe the reason this principle is not often followed is because so much context is gained from knowing who a person is. not just the message history, but knowing what a person's experience and profession are can be extremely helpful in understanding the intent of the communication. removing the sender's identity also removes a substantial amount of semantic information. computers might be able to send billions of bits per second over a network, but it's up to us humans to remove the degrees of freedom and figure out what is really meant. < Dug's solution enforces the discipline of judging < each piece of mail on its own merits. Maybe more people should consider < this approach. i don't think that's what he meant. Doug Luce says: < if i can't figure out who it is by the context, the sender loses. which means to me, doug is still using contextual information gained by his knowledge of the sender. as an example, i often find mr. detweiler's posts to this list difficult to interpret, since i don't know him personally. is he playing devil's advocate? is he just trying to be entertaining? is he deliberately behaving in a schizophrenic manner, or is he just a victim of MPD? i can't tell from his posts alone. which is why i believe that honest humans for the most part will have no good reason to spoof. trusted communication just won't work without reputation. both the sender and receiver rely on context provided by reputation to send comprehensible messages. ---- i liked the point made recently that e-mailing lists are often like discussions at a coffee house, and are not formal environments for objective culling of opinion. From kone at COURIER1.SHA.CORNELL.EDU Wed Oct 20 10:17:45 1993 From: kone at COURIER1.SHA.CORNELL.EDU (kone at COURIER1.SHA.CORNELL.EDU) Date: Wed, 20 Oct 93 10:17:45 PDT Subject: taggnets Message-ID: <2CC59AF1@COURIER1.SHA.CORNELL.EDU> Taggnets are also found in the main components of "home-made" bombs. At least as early as '85. (call it a childhood indiscretion.) Components like high nitrogen fertilizer and heating oil #5. This alows the investigator to narrow down about when and where the components were bought. (I had bought a large quanty with my fathers card.) Most cases are solved because the "mad-bomber" is follish. i.e. keeps on buying more components or explosives, after the first bombing. Or, like me, bought in large quantys with no real reason too. Just something to think about. Kone. (yes it is a real name.) From pmetzger at lehman.com Wed Oct 20 10:22:35 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 20 Oct 93 10:22:35 PDT Subject: why anon bank acct? In-Reply-To: <9310200938.AA07858@dink.foretune.co.jp> Message-ID: <9310201718.AA16248@snark.lehman.com> "Robert J. Woodhead" says: > Ray writes: > > > Simple. Privatize those parts of government so they can chose > >the services they want to buy. > > An admirable solution, but it does not take into account the vested > interests involved. The only way to deal with them is to design a > new system that is sufficiently more efficient (and/or wealth > generating) that they are better off supporting it than opposing > it. The U.S. Government has been under construction for over 200 > years; you are not going to break it apart so easily. Who needs to break it? At the current rate, it will have destroyed itself within a decade. "Stability" in our fair land is an illusion. The government cannot possibly pay for all the services it pretends it can. The deficit is going to rise another $1 Trillion in the next four years under Bill Clinton's very optimistic projections -- my suspicion is that the slowdown in economic activity he is creating will make it rise more like $2 Trillion or more. At some point, the bond buyers stop buying, and thats the end of the game. The Clinton Administration is currently pretending to itself that it can add the most expensive government program of all time, a trillion dollar socialized medicine program, while all this is happening. Well, let them dream. Raising taxes at this point will only DECREASE revenue. They cannot raise more money than they already consume. They can only lower the deficit by cutbacks, and they are pressing ahead with more new spending each year in spite of the claims. (When you hear them say "budget cuts", that means "we are going to spend less than we wanted to, not less than we spent last year".) There are also trillions of dollars in off-books unfunded debt, such as federal obligations to federal retirees, the invisible "social security trust fund" (hah!), federal obligations associated with loan guarantees, banking insurance schemes, etc. The party will be over soon enough. Humpty Dumpty doesn't need to be pushed. Perry From klbarrus at owlnet.rice.edu Wed Oct 20 10:32:34 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 20 Oct 93 10:32:34 PDT Subject: crypto technique Message-ID: <9310201728.AA13517@screech.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- >So, if I could prevent you from finding c, then you couldn't solve it. >How can I do this? By adding another constant. [...] >136.375x^4 + 139.25x^3 + 33.625x^2 + 110.75x + 179 >So what values for A,B,C,D,E,& F did I use? Have fun factoring! :) Sure, I'll give it a whirl as soon as my exams are over. Offhand, it looks like you get five equations in six unknowns, which is under-specified. So possibly one parameter can take on any value (or maybe any odd value), and the rest are then solved in terms of the fixed variable. The variable paramter can only take on values less than P (maybe only odd values under P), the number of unknows is then 2*(nestings) - 1; everything still looks linear. However, I haven't actually tried yet, so we'll see! This isn't meant as a flame (in fact, this method is very interesting), but you've posted two or three methods and declared them all impossible to break. Are you yourself trying to break these schemes? The very first method posted would have fallen under scrutiny. Also, mail any additional info to me directly; I'm behind on list mail. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMV1CIOA7OpLWtYzAQGQRAP8CT79JpMKxVb/R//GVUfmCJ2ybtf8ASGY BZa8bsL1VG49sxpoe7LsnQH2mJVAv3GloJhnuVN0d/MbTmohN6mgtGXbrQxvTdyn r0eaTYcrXI0hiR5ahPp5SdfAHGuQ9LeQDermiiU+DK8I6lc+K6tzG0ZOUvs4r80n cF4K9aXSaLQ= =wMas -----END PGP SIGNATURE----- From F_GRIFFITH at CCSVAX.SFASU.EDU Wed Oct 20 10:57:45 1993 From: F_GRIFFITH at CCSVAX.SFASU.EDU (F_GRIFFITH at CCSVAX.SFASU.EDU) Date: Wed, 20 Oct 93 10:57:45 PDT Subject: backing Message-ID: <931020125339.22e1cf04@CCSVAX.SFASU.EDU> From: CCSVAX::F_GRIFFITH 19-OCT-1993 16:06:40.42 To: SMTP%"owner-cypherpunks at toad.com" CC: F_GRIFFITH Subj: Re: backing? peb:if a currency loses reputation (value) people will switch to a better reputation (value) currency (paraphrase) Greshams law: "bad money drives out good" i.e. where people have a choice (e.g. gold vs greenbacks post Civil War), in making payments, they will use the lesser value money and keep the higher value. Thus, the lesser value money will circulate, the higher value money will not. From strick at osc.versant.com Wed Oct 20 11:17:45 1993 From: strick at osc.versant.com (henry strickland) Date: Wed, 20 Oct 93 11:17:45 PDT Subject: [TECH] defeating traffic analysis In-Reply-To: <9310201404.AA26853@ellisun.sw.stratus.com> Message-ID: <9310201810.AA27001@osc.versant.com> # From: cme at ellisun.sw.stratus.com (Carl Ellison) # # So: have everyone send and receive exactly the same size message to/from the # same sites at the same time every day. That seems so unfortunate that the "average utilizaton" and the "peak throughput" [I use quotes because I may have the wrong technical buzzwords, but you know what I mean] have to be one and the same. I've been trying to think of ways around that. Am I wasting my time? I've thought of trying to find probabilistic ways of letting you vary how much your read/write to the net each day, maintaining some constant statisics (average amount you read/write, standard deviation, ...), that allows you one day to read a lot more than the average, when you need to, without giving away that it was useful information instead of padding. But I'm afraid it still gives away partial bits of information -- it is still likely that the hungriest readers and the most verbose writers match up. This becomes more on my mind, as I work on DCNet protocols. References? Advice? strick From nobody at rosebud.ee.uh.edu Wed Oct 20 11:27:45 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Wed, 20 Oct 93 11:27:45 PDT Subject: Paper Shredders Message-ID: <9310201824.AA10107@toad.com> Does anyone know of an AFFORDABLE shredder that really destroys documents by cutting them into confetti, rather than the easy-to-reassemble strips that the typical shredder does? From owen at autodesk.com Wed Oct 20 11:42:34 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Wed, 20 Oct 93 11:42:34 PDT Subject: why anon bank acct? Message-ID: <9310201823.AA04755@lux.YP.acad> > From: "Robert J. Woodhead" > Not at all. I recognise that, however inefficient, taxes pay to maintain > the legal and physical environment that makes my life more comfortable. > There are many oppressive things about governments, but _by_and_large_ > the US government is one of the least oppressive, and the vast majority > of the people who work in it are honest and well-intentioned. I don't know if I'd go so far as to say that myself. But the reality is that no matter how much some of us would like to replace the current government with a more libertarian one, or how much we would like to see the current government back off from its current course, its not gonna happen. > What I hope comes out of groups like cypherpunks are ways to make the > government better and more responsive to the needs of the citizenry > (in other words, some good checks and balances), rather than petty > ways to avoid a few bucks in taxes. Rather than aspire to join the > alleged clique of rich and powerful tax evaders, might it not be better > to aspire to develop techniques that both maintain privacy but guaran- > tee that they have to pay their share of the load. Hint: develop > something that makes it worth their while. exactly, this is exactly what I have been getting at. LUX ./. owen From holland at CS.ColoState.EDU Wed Oct 20 12:22:37 1993 From: holland at CS.ColoState.EDU (douglas craig holland) Date: Wed, 20 Oct 93 12:22:37 PDT Subject: crypto anarchy In-Reply-To: <199310201547.AA06620@eff.org> Message-ID: <9310201917.AA20166@beethoven> > > Yes, this is so. The problem however is not just that PGP is difficult. > The entire UseNet/Internet experience is too difficult for the average > person, who probably doesn't even know which end of a diskette to insert > first. The media conglomerates will bring a filtered and [surprise!] > TV-like version of the net to households and offices, that will be simple > and easy, point and shoot. Useless, censored, commercialized to the > point of saturation. I don't see any room for privacy in a network > like that. *That's* what we're up against. > The candy-like "family oriented" overcommercialized network is already here, known as Prodigy. Those guys will bounce your email if you say "I have a bridge in Brooklyn for sale" (implying gullibility) for posting commercially. My subscription to those losers didn't last two months. Last that I heard, Prodigy was losing money, hope they go broke. > Sure, no one can afford to write cypherpunks code full time, but what can > be done should be done, and hopefully people will collaborate more. Every > tool that makes it easier to integrate is a step in the right direction. > The various scripts and utils that people have come up with for PGP use > on "the" net, GenMSG for Fido mail, the menu/shell programs, it's all a > step in the right direction. > Agreed. So far as I know, there are a few commercial services that don't censor their customers and aren't afraid to let them have full access to the Internet, such as the WELL and Colorado Supernet. Doug | Doug Holland | Proud member of: | holland at beethoven.cs.colostate.edu | Mathematicians Against Drunk Deriving | Finger for PGP 2.2 key | From banisar at washofc.cpsr.org Wed Oct 20 13:12:38 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Wed, 20 Oct 93 13:12:38 PDT Subject: US Privacy Council Seminar Message-ID: <00541.2833976342.141@washofc.cpsr.org> US Privacy Council Seminar 10/22 *********************************************************** [please post] US Privacy Council Brown Bag Lunch Seminar Series "Privacy and the National Informational Infrastructure" Patricia Faley US Office of Consumer Affairs CPSR Washington Office Friday, October 22, 1993 12:00 - 2:00 pm Pat Faley is Acting Director of the United States Office of Consumer Affairs and Chair of the Working Group on Privacy, Information Policy Committee, Information Infrastructure Task Force. She will discuss the Clinton Administration's privacy proposals for the NII for the NII and for the health care reform program. Following Ms. Faley's talk, there will be a general meeting of the US Privacy Council to discuss the agenda for the Clinton administration on privacy issues such as health care, the SSN, the Clipper Chip, and amendments to the Fair Credit Reporting Act. CPSR Washington Office 666 Pennsylvania Ave., SE Suite 303 Washington, DC 202/544-9240 (one block from the Eastern Market metro) In cooperation with Computer Professionals for Social Responsibility. For more information on the US Privacy Council, please contact Evan Hendricks at 202-829-3660. [if you would like to be notified of future USPC Seminars, please send a note with e-mail address to banisar at washofc.cpsr.org] *********************************************************** From owen at autodesk.com Wed Oct 20 13:42:39 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Wed, 20 Oct 93 13:42:39 PDT Subject: your mail Re: on anonymity, identity, reputation, and spoofing Message-ID: <9310201857.AA04886@lux.YP.acad> > From: m5 at vail.tivoli.com (Mike McNally) >>I also suspect that such attempts will flush out a whole raft problems and >>deficiencies along with those who exploit such things. >>Hopefully new protocols and services can be developed which will minimise >>vulnerability and maximise protection for bussiness assets while allowing >>us as much freedom as possible. > Why does this preclude continuation of net services as they exist > today? You seem to feel that there can only be one mode of use for > network resources. No, I have quite a bit of experience in network management. It certainly does not preclude continuation of current services. I am trying to get people to expand their scope of thinking beyond the mere technical capabilitys and into the practical realities and political/social consequences of said technology. I am not championing any particular set of these, i am championing efforts to get us as much freedom and as much privacy as possible. I find that the limited scope of individuals who are *living in science fiction* scenarios to be kinda short sighted however. > If businesses want to use the net only under the > aegis of some authentication/credentialing scheme, fine! That means I > may or may not choose too participate, or that I may choose to > participate as "myself" while still maintaining other digital > alter-egos for other purposes. of course, I am not saying otherwise! >>Nobody really knows what those things will be,and it is sorta problematic to > > make public laundrey lists of vulnerabilitys without some sort of idea > > how to deal with cleaning up the mess. We are going to have to learn by > > example. > Why are you so stuck on the idea of "cleaning up a mess"? The network > is a resource. It can be used concurrently in lots of different ways. > You're free to start up your own set of authenticated services this > afternoon if you like. I and some others are indeed working on just that. I hope you are too. Surely you are aware that many of the currently used network services are woefully insecure and prone to abuse? > > My main point though is that eventually business will find decentralised > > anarchic networks to be hostile territory, and will move on to less > > vulnerable, more reliable networks where user authentication, and > > accountable security are provided. > Really? So the presence of paying customers on the anarchic networks > won't be attractive? We've had experience with lots of nasty problems > on the Internet already, and yet companies are all the time paying for > things like T1 channels for better service. yup, all you say here is true. but thats for now. I am predicting that there will be trouble in paradise, and that when it gets to the point where business is loosing more than they are gaining there will be hell to pay. You are under no obloigation to agree or to even pay any attention to me. But I warn you now, I'm a terrible *I-told-you-so*. > > It means an unfolding from two dimensional thinking ( text) to three > > dimensional thinking ( virtual reality ). > I think you're selling text short, but that's another discussion. I am trying to put it in perspective, that doesn't mean I discount its value. >>perhaps you are unaware of some of the more starling things that are being >>done with biofeedback interfaces. > I'm aware of plenty of hype and pipe-dreams, but little reality. > Sure, it'd be neat though. What does it have to do with > authentication and accountability? Since you seem to believe these things to be mere hype, I'll leave it to your imagination. > I'm losing track of what this has to do with "need" for > accountability. you manged to mix up a great deal of what I was saying. I don't have time or energy to untangle it for you. but put simply.. accountability will be driven by the desire for it. Those who *need* it .. will have it.. LUX ./. owen From sameer at netcom.com Wed Oct 20 13:52:40 1993 From: sameer at netcom.com (Sameer Parekh) Date: Wed, 20 Oct 93 13:52:40 PDT Subject: why anon bank acct? In-Reply-To: <9310200938.AA07858@dink.foretune.co.jp> Message-ID: <9310202047.AA07231@netcom.netcom.com> Robert J. Woodhead said: > > Ray writes: > > > Simple. Privatize those parts of government so they can chose > >the services they want to buy. > > An admirable solution, but it does not take into account the vested > interests involved. The only way to deal with them is to design a > new system that is sufficiently more efficient (and/or wealth > generating) that they are better off supporting it than opposing > it. The U.S. Government has been under construction for over 200 > years; you are not going to break it apart so easily. > > I'd suggest that the politics discussion be taken to another forum? -- Sameer sameer at netcom.com From peb at PROCASE.COM Wed Oct 20 14:07:50 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Wed, 20 Oct 93 14:07:50 PDT Subject: backing Message-ID: <9310202105.AA03884@banff.procase.com> >Greshams law: "bad money drives out good" Yes, but the money changers in Moscow are fairly busy converting bad money to good. Certainly, people will spend the bad money as soon as they get it, so it circulates more, but for long term storage (which in Russia could mean a few weeks at the rate of inflation they have (was in the quadrillions annually a few months ago)), the higher quality money is used. Paul E. Baclace peb at procase.com From klbarrus at owlnet.rice.edu Wed Oct 20 14:32:48 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 20 Oct 93 14:32:48 PDT Subject: crypto technique Message-ID: <9310202130.AA09601@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- One question before I work on this more at a later date. Can you still decode properly if you take the modulus of each coefficient? I ask since if you can't, the modulus makes is harder to find the constants, but as a side effect it also destroys the message. Say I use f = 29/2 x + 40 g = 135/2 f^2 + 135/2 f + 75 I get g = 110775 + 317155/4 x + 113535/8 x^2 This is easy to solve, so Matt takes the modulus of each coefficient (some power of 2, I pick 32 here to keep it simple). results in g' = 23 + 99/4 x + 127/8 x^2 Say I encode my message x = 5 g(5) = 6895725/8 mod 32 = 109/8 g'(5) = 4349/8 mod 32 = 253/8 Notice that these two results aren't equal at all! Am I misunderstanding the encoding (and decoding) process? Aren't these two results supposed to be equal? I'm not getting the expected result when each coefficient is reduced mod 32. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMWsI4OA7OpLWtYzAQHdMQP+Jy7gdjgyhg9vrwi8K+KkrVSDbciOy6Sb BJQ1/zMg8inqmILbahO9SG3yTTh7+/k+OdUhiyxHYaaC5Jhv5n+QIvFTizHDA3VY /M5uXpt883bBLBaCp3ICDsPJEtgzMePxySP3n+qKG+nZ9MUDQ7msLq7SDCqM6eUU BXHHmjNjr+A= =kjVG -----END PGP SIGNATURE----- -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From klbarrus at owlnet.rice.edu Wed Oct 20 14:42:50 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 20 Oct 93 14:42:50 PDT Subject: crypto technique - error Message-ID: <9310202142.AA05100@great-gray.owlnet.rice.edu> Argh! I made a math error reducing one of the terms. g and g' do yield the same answer. Whew, I thought something was messed up :-) Karl From mech at eff.org Wed Oct 20 15:02:38 1993 From: mech at eff.org (Stanton McCandlish) Date: Wed, 20 Oct 93 15:02:38 PDT Subject: Paper Shredders In-Reply-To: <9310201824.AA10107@toad.com> Message-ID: <199310202046.AA10197@eff.org> > Does anyone know of an AFFORDABLE shredder that really destroys documents > by cutting them into confetti, rather than the easy-to-reassemble strips > that the typical shredder does? Yeah, it's called fire. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From mg5n+ at andrew.cmu.edu Wed Oct 20 15:12:39 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Wed, 20 Oct 93 15:12:39 PDT Subject: Wizardry crypto In-Reply-To: <9310200948.AA07977@dink.foretune.co.jp> Message-ID: <4glPONa00VpLIvm0ZH@andrew.cmu.edu> "Robert J. Woodhead" wrote: > Not much to do with encryption, but Wizardry encrypted it's > game strings with a simple system that nobody broke (I guess > tracing p-code was too much trouble). It added X*the character > position and Y*the line number+Z*the previous character, as I recall... Yeah, that worked pretty well, considering that most people just looked for text by scanning it with a sector editor. Encrypting the text made it undistinguishable from the program code. Tracing the program code would have been difficult, considering that it was written in the original Apple pascal, which used a token compiler (I think). But, alas, the character files were in plaintext, and numerous people figured out how to edit them. So were the items and monsters. One day when I was very bored, I managed to decipher the maze data, and was then able to build a map of the 10th level where dumapic didn't work. As I recall, it was just 2 bits to define each section of wall, arranged in four groups of data defining each of the four directions, followed by another block of data which used nybbles to define what was found in the blocks created by the intersections of the walls. One thing that I was able to break was the code book that was the copy-protection for Return of Werdna. As I recall, it was calculated in base 9 (or some sort of nine number system which used the digits 1-9 but excluded zero). Once I realized that, breaking the code was just a matter of simple arithmetic. It was an interesting excercise in code-breaking tho, and I did it without disassembling the program. I must say that this was preferrable to the copy-protection in the original Wizardry, in which my master disk eventually wore out from overuse and developed bad sectors. Gee...All this nostalgia has made me want to play again. It's a fun game, and the 3-D system was pretty innovative for the time. Does Sir-Tech still replace bad disks (from the Apple II version)? From pmetzger at lehman.com Wed Oct 20 15:17:49 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 20 Oct 93 15:17:49 PDT Subject: why anon bank acct? In-Reply-To: <9310202047.AA07231@netcom.netcom.com> Message-ID: <9310202215.AA16533@snark.lehman.com> Sameer Parekh says: > I'd suggest that the politics discussion be taken to another > forum? Agreed. I'm partially responsible for continuing it, but I agree that its irrelevant, no matter how interesting. Perry From baumbach at atmel.com Wed Oct 20 15:32:38 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Wed, 20 Oct 93 15:32:38 PDT Subject: Backing Message-ID: <9310202203.AA23988@bass.chp.atmel.com> Isn't a finite source of backing a problem since it rewards those who hoard it? Also If neither Alice or Bob have a backed currency, does that mean they cannot trade? It has always frustrated me to see poor people stay poor, because they believe they have to get their wealth from someone else. People can create their own wealth. A currency that ignores this possibillity seams bad to me. Has anyone invented a workable "barter currency"? Can I.O.U.'s be created such that they work like money? Peter Baumbach baumbach at atmel.com From pmetzger at lehman.com Wed Oct 20 15:32:49 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 20 Oct 93 15:32:49 PDT Subject: Paper Shredders In-Reply-To: <199310202046.AA10197@eff.org> Message-ID: <9310202230.AA16605@snark.lehman.com> Stanton McCandlish says: > > Does anyone know of an AFFORDABLE shredder that really destroys documents > > by cutting them into confetti, rather than the easy-to-reassemble strips > > that the typical shredder does? > > Yeah, it's called fire. Fire is, of course, an optimal solution, and those of us who live or work in a building with a fireplace or incinerator would do well to use it. However, its hard to spend every day burning things, and besides that, many of us live and work in urban areas where fireplaces and other places you can burn large numbers of papers are rare. The question is thus not out of place. By the way, the standard method for destroying embassy documents in case of siezure (not done during the Iran hostage crisis) is reportedly Thermit grenades. (Thermit would likely reduce a filing cabinet to slag in moments.) Perry From klbarrus at owlnet.rice.edu Wed Oct 20 16:07:52 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 20 Oct 93 16:07:52 PDT Subject: crypto technique Message-ID: <9310202303.AA20766@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- Well, I couldn't resist trying to find A, B, C, D, E, F. You may be on to something, Matt. The equations are underspecified, and have many solutions - here are some I generated (any of them match what you picked? :-) > 103 110 10 1 51 139 > 103 156 251 1 151 19 > 103 169 254 1 157 43 > 103 72 17 1 191 195 > 103 111 5 1 209 99 > 103 1 18 1 237 203 > 103 202 16 1 251 187 > 5 237 10 5 43 139 > 5 201 4 5 99 91 > 5 64 3 5 113 83 > 5 200 23 5 129 243 > 5 62 8 5 173 123 > 5 164 21 5 185 227 > 5 198 12 5 189 155 Maybe you could look at what these alternate solutions are - it could turn out that the mod operation creates extra valid solutions, which would be quite undesirable. But then, without the mod, the equation may be too easy to pick apart. Or maybe there is some other attack I haven't thought of or don't know about. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMXDk4OA7OpLWtYzAQH/YwP/aTP4NwJ257A7GT1iWk7uhCYNEyJGTnkK UrEm0Pw2n1yq3bMwzEem2EPbK+XOIzP1ql0VdgpLOyQ+7quMGWl1+IKY9Ht7wd2J cy0ynJm8N1BZiJjJ2GHza+jAlqsOeVOICyT7f6Jxf/RU79/KSGQ/Jb0j52sHgrEi LfIBPXZueUc= =nzmt -----END PGP SIGNATURE----- From pmetzger at lehman.com Wed Oct 20 16:22:38 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 20 Oct 93 16:22:38 PDT Subject: Backing In-Reply-To: <9310202203.AA23988@bass.chp.atmel.com> Message-ID: <9310202317.AA16647@snark.lehman.com> Not a cryptography message -- sorry but I thought I had to discuss it... Peter Baumbach says: > Isn't a finite source of backing a problem since it rewards those who > hoard it? No. It punishes those who hoard it -- they don't get interest on their money. > If neither Alice or Bob have a backed currency, does that mean they > cannot trade? Depends if they consider what the other has to be of value. Its all up to them. > Has anyone invented a workable "barter currency"? I don't see what the point would be. Why not just deal in a medium of exchange? > Can I.O.U.'s be created such that they work like money? Sure. Thats what banknotes are. Perry From yerazunis at aidev.enet.dec.com Wed Oct 20 16:27:50 1993 From: yerazunis at aidev.enet.dec.com (I still don't know your name, stranger. 20-Oct-1993 1925) Date: Wed, 20 Oct 93 16:27:50 PDT Subject: Photocopying money Message-ID: <9310202325.AA05280@enet-gw.pa.dec.com> >It's true. Canon did indeed create such a chip. It's the same chip >that's used in vending machines to scan dollar bills. They built a >prototype copier which prevented copying money, but I don't know if they >actually decided to install the chip in all their assembly-line >production copiers or not tho. Nope. There is no "chip" that scans dollar bills. Dollar bill scanning is based on the magnetic ink in a few simple stripes, the presence (actually, absence) of UV fluorescent inks, and not on optical recognition per se, and besides, we all know how "reliable" such machines are. NOT! Besides, even if a pattern-match chip existed that could do it fast enough, simply turning the bill a few degrees (say, 45 degrees, across the glass) would render the problem intractable... And how about adding a background of stripes... something to really confuse the chip.... Sorry, no. -Bill From koontzd at lrcs.loral.com Wed Oct 20 16:52:50 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Wed, 20 Oct 93 16:52:50 PDT Subject: Paper Shredders Message-ID: <9310202349.AA12430@nebula.lrcs.loral.com> Having been an AFSC 30670 (Electronic and Cryptographic Equipment Systems Technician), and been assigned in hazardous areas you use document destroyers on paper stuff - glass vials with grenade fuses). Equipment destroyers were 35 lb thermite charges, designed to sit on top of a standard piece of equipment in a 19 inch relay rack. I had orders to Iran but got diverted when the Shah fell. The liquid in the document destroyers was clear, and we got to set one off for demo purposes twice a year (never did get to set off thermite, though). Had a one acre room half filled with crypto, thermite would have brought the roof and lots of airconditioners down. All the key cards were treated with lead acetate, they would burn without leaving anything but a greasy wisp of ash. From klbarrus at owlnet.rice.edu Wed Oct 20 16:57:49 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 20 Oct 93 16:57:49 PDT Subject: crypto technique Message-ID: <9310202355.AA25861@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- I think the modulus operation destroys uniqueness. I don't have a proof, but after working symbolically for a while, I tried an example: f = a x + b g = c f^2 + c f + d where I picked a = 11/2, b = 8, c = 25/2, d = 3. I also pick P = 16 to keep it small. So g = 903 + 4675/4 x + 3025/8 x^2 mod 16 and if I reduce each coefficient mod 16, I get g' = 7 + 3/4 x + 81/8 x^2 mod 16 Great so far. (And I checked to see that g and g' are equal). So let's look at all possible messages and their encryption: x g'(x) x g'(x) - - ----- - ----- 1 15/8 9 15/8 2 1 10 3 3 35/8 11 67/8 4 12 12 2 5 63/8 13 127/8 6 8 14 2 7 99/8 15 67/8 8 5 16 3 There is a serious problem in the above: the messages 10 and 16 encrypt to the same ciphertext; 11 and 15 also; and 12 and 14. The ciphertext 3 decodes to 10 or 16, 67/8 decodes to 11 or 15, 2 decodes to 12 or 14. That's 6 out of 16 messages, a sizeable 37.5%. This behavior may have uses in fair coin flipping or some sort of oblivious transfer (I am not claiming this in the general case, just in the example above!), but not as encryption. Besides, the fact that even messages encrypt to integers and odd messages encrypt to fractions probably isn't good. So Matt, with the numbers you used to generate the challenge problem, see if any messages encrypt to the same ciphertext, just as a check. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMXPfIOA7OpLWtYzAQFoowP/XLN/poS5kB49IdCBxDe5lVUK05XZYNh+ 0vlBCjDwczqeER5SZMRPagyKSP4qbJb+BFPCNIcw0fcDrSlGCrYejzpgnn5N8vsM KmxlUE+1+8SSIsyyz6ctj7tLFp7wArxgVlOjjxQ7Yj92CIX81IShpvqWPu7rdqWN 1cCpphAwzHI= =d0rL -----END PGP SIGNATURE----- From kgw at blkbox.COM Wed Oct 20 17:07:50 1993 From: kgw at blkbox.COM (Gregory W. Kamen) Date: Wed, 20 Oct 93 17:07:50 PDT Subject: subscribe Message-ID: <9310201904.aa14163@blkbox.COM> subscribe From owen at autodesk.com Wed Oct 20 17:32:39 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Wed, 20 Oct 93 17:32:39 PDT Subject: Paper Shredders Message-ID: <9310210024.AA06006@lux.YP.acad> > Stanton McCandlish says: > > > Does anyone know of an AFFORDABLE shredder that really destroys documents > > > by cutting them into confetti, rather than the easy-to-reassemble strips > > > that the typical shredder does? > > > > Yeah, it's called fire. > Fire is, of course, an optimal solution, and those of us who live or > work in a building with a fireplace or incinerator would do well to > use it. However, its hard to spend every day burning things, and > besides that, many of us live and work in urban areas where fireplaces > and other places you can burn large numbers of papers are rare. The > question is thus not out of place. brings back ugly memorys of burn detail, back when I was stationed at a SAC command and control post up in the mountains near Westover AFB. Every scrap of paper that was discarded had to be incinerated, and we rotated through a schedule that made sure everybody got their chance to share the experience. > By the way, the standard method for destroying embassy documents in > case of siezure (not done during the Iran hostage crisis) is > reportedly Thermit grenades. (Thermit would likely reduce a filing > cabinet to slag in moments.) Sounds to me like an enterprising pyro could have a nice little operation, contracting with individuals to burn or blow up their sealed bags of trash. I understand that Beavis and Butthead might be looking for a new job, hey the little weinerheads might amount to something after all! :-) LUX ./. owen From klbarrus at owlnet.rice.edu Wed Oct 20 17:42:39 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 20 Oct 93 17:42:39 PDT Subject: crypto technique Message-ID: <9310210038.AA00465@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- Another possible problem with the technique is that the multiple solutions are all valid. For example, with two nestings and a = 11/2, b = 8, c = 25/2, d = 3, P = 16 I obtain g = 903 + 4675/4 x + 3025/8 x^2 mod 16 g' = 7 + 3/4 x + 81/8 x^2 mod 16 where the g' is obtained from g by reducing the coefficients mod 16. Solving the resulting equations yields two solutions: a = 11/2, b = 8, c = 25/2, d = 3 (what I chose) a = 31/2, b = 6, c = 17/2, d = 2 Plugging in the second solution: h = 359 + 6851/4 x + 16337/8 x^2 mod 16 h' = 7 + 3/4 x + 81/8 x^2 mod 16 Notice that h' equals g'! So the other solution can be used to form the same polynomial (which we already saw doesn't encrypt uniquely). Can this other solution be used for decryption as well? I'd check but I've REALLY got to go study now :-) -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMXZsYOA7OpLWtYzAQFjMAP/Si1RuZjfnBNjLauB20rXaUXQMQqyiWBU n/ur7ckXSEmWnADYQqZqCy1tb/+vf5zThQD2IpbF5IH8roxYG99nZQBvvtZAQfEO 3EdbM1esMTS/I0DwcLqkuG26GNNWYGZWi8MQ/0+eXfMa9BXZvkDTuuVBzzHBSXxW 84CVKvitZ68= =FeJW -----END PGP SIGNATURE----- From rjc at gnu.ai.mit.edu Wed Oct 20 18:17:53 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Wed, 20 Oct 93 18:17:53 PDT Subject: crypto anarchy In-Reply-To: <9310201917.AA20166@beethoven> Message-ID: <9310210113.AA17741@geech.gnu.ai.mit.edu> douglas craig holland () writes: > Agreed. So far as I know, there are a few commercial services that don't > censor their customers and aren't afraid to let them have full access to > the Internet, such as the WELL and Colorado Supernet. Panix and Digex doesn't censor either and they allow full access. I would bet that netcom doesn't care either. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From mlshew at netcom.com Wed Oct 20 18:52:51 1993 From: mlshew at netcom.com (Mark Shewmaker) Date: Wed, 20 Oct 93 18:52:51 PDT Subject: Clipper Chip report on 700 Club today (Wednesday) Message-ID: <9310210149.AA23653@netcom6.netcom.com> I hear there will be a report on the Clipper chip on today's (Wednesday, October 20) 700 Club. Sorry for the very late notice. (The 700 Club, for those without benifit of a handy TV schedule, will be on at 10:00 pm eastern on the Family Channel, and then at 2:00 am Thursday morning. I don't know if there are different feeds for the different time zones, so your milage might not vary.) From trebor at foretune.co.jp Wed Oct 20 19:32:38 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Wed, 20 Oct 93 19:32:38 PDT Subject: Wizardry's Encryption Message-ID: <9310210229.AA14642@dink.foretune.co.jp> Matthew writes (about how Wizardry was encrypted): > But, alas, the character files were in plaintext, and > numerous people figured out how to edit them. They were that way for two reasons: performance (they were always being read and written) and reality (it was a known plaintext situation, since the user could change his character in any manner of methods, like simply trading gold around between the characters, and thus map out the database) Encryption in those days wasn't intended to be strong; it was intended to be strong enough to hold off the pirates for the crucial first few months of sales. Given that we were pushing the machines to the limit of their performance envelopes, we couldn't take too much of a hit (time or code-wise) for strong encryption. And I think Sir-tech still replaces Apple II discs, but I am no longer involved in the company, so you'll have to call and ask them. ;^) From trebor at foretune.co.jp Wed Oct 20 19:32:51 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Wed, 20 Oct 93 19:32:51 PDT Subject: Anon Bank Accounts / Imminent Demise of US Govt (Conclusion) Message-ID: <9310210229.AA14636@dink.foretune.co.jp> Stanton McCandlish asks: > If the govt is oppressive at all, why support this? Perry E. Metzger posits: > Who needs to break it [government]? At the current rate, > it will have destroyed itself within a decade. My answer is simple: the alternative is worse. Anarchy is usually very uncomfortable, unless you have more guns and money than anyone else. Also, the current US government is, at it's core, based on sound principles. If it crashes and burns, what is it more likely to be replaced by? Whether you like it or not, you live in and are supported by a society, in a myriad of ways. The maintenance and improve- ment of that society, and the betterment of your fellow human beings, ought to be a primary goal. It is for me. And finally, Sameer Parekh opines: > I'd suggest that the politics discussion be taken to another > forum? A good suggestion. I've made my point, and perhaps infected a few people with a meme or two. Time to shut up. Best, R From pmetzger at lehman.com Wed Oct 20 20:02:39 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 20 Oct 93 20:02:39 PDT Subject: Anon Bank Accounts / Imminent Demise of US Govt (Conclusion) In-Reply-To: <9310210229.AA14636@dink.foretune.co.jp> Message-ID: <9310210258.AA16901@snark.lehman.com> This is not cypherpunks related. I feel obligated to reply one last time, but I won't discuss it further here -- I will gladly discuss it with people in private email. Robert J Woodhead says: > > Stanton McCandlish asks: > > If the govt is oppressive at all, why support this? > > Perry E. Metzger posits: > > Who needs to break it [government]? At the current rate, > > it will have destroyed itself within a decade. > > My answer is simple: the alternative is worse. Anarchy is > usually very uncomfortable, unless you have more guns and > money than anyone else. I would quite strongly disagree -- the evidence I have is that anarchy can be far more comfortable for individuals of limited resources than our current society. Don't believe the propaganda -- just because you haven't seen certain functions you associate with government run by the private sector does not mean they cannot be so run. > Also, the current US government is, at it's core, based on sound > principles. I would strongly disagree. Democracy is a poor way to run things. Imagine if people had to vote on what computer to use and there was only one kind of computer available in a given year. Far better, I think, to allow people the freedom to choose what they want in a free market. Voting isn't, in and of itself, a good way to make decisions -- it averages the intelligence of the voters rather than summing their intelligence. > If it crashes and burns, what is it more likely to be replaced by? That I do not know. I can tell you what it COULD be replaced with, but it is hard to know what it would actually be replaced with. Given the pathetic state of education in our country, I'd say that a populist dictatorship is a real possibility. > Whether you like it or not, you live in and are supported by > a society, in a myriad of ways. The maintenance and improve- > ment of that society, and the betterment of your fellow human > beings, ought to be a primary goal. It is for me. I am not supported by society, and the betterment of Perry Metzger, not my fellow man, is my primary goal. However, I would quite strongly argue that if you truly want to better your fellow man, redistributive methods like paying for services via taxation almost inevitably lead to worse conditions for those with limited resources than they would otherwise experience, which is exactly the opposite of wwhat most redistributionists intend. All around the world, you can see example upon example of countries, even democratic ones like India, that are grotesquely impoverished because of the attempt to make things "fair" and to "encourage development" and have an "industrial policy" and all the other stigmata of statism. You can also find countries that are developing nicely and have few regulations and low taxation (in spite of claims by members of the media who never visit the places -- I'm perpetually amused by reports in the media about how South Korea shows why we need an industrial policy, when its a country that doesn't even have welfare, social security or unemployment benefits and until recently was known for the ease with which even the common man could commit tax fraud. As for their "industrial policy", its rather weak and can be argued to have held them back in the few areas where it is strong. But I digress) Perry ps Repeating: This is not cypherpunks related. I feel obligated to reply one last time, but I won't discuss it further here -- I will gladly discuss it with people in private email. From pdn at dwroll.dw.att.com Wed Oct 20 20:22:59 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Wed, 20 Oct 93 20:22:59 PDT Subject: Destroying data Message-ID: <9310210322.AA17451@toad.com> Hello, data-killers! After reading recent posts about how to keep data (and PC disk drives) out of others' hands (shredders, double-layer encryption schemes for 'revealing' a bogus plaintext while keeping the real data hidden, etc), I had an evil thought.... >:) Thermit grenades are pretty simple; all they do is provide a means of initiating the "thermite reaction." (Look it up in a chemistry text.) Equal parts aluminum powder and iron oxide (rust), finely ground and ignited by (say) a burning magnesium strip, produce the same effect and would quite satisfactorily destroy a disk drive in a matter of seconds. Likewise the PC, desk, floor - quite possibly setting the whole building on fire - "collateral damage," I guess. Don't screw around with this stuff in your basement, people - it is a _very_ fast, _very_ hot reaction that produces a slug of superheated molten metal. For the truly paranoid among you, however, it might be a viable last-ditch ploy to foil the Gestapo. Do be careful. ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From rjc at gnu.ai.mit.edu Wed Oct 20 20:52:38 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Wed, 20 Oct 93 20:52:38 PDT Subject: Anon Bank Accounts / Imminent Demise of US Govt (Conclusion) In-Reply-To: <9310210229.AA14636@dink.foretune.co.jp> Message-ID: <9310210328.AA18849@geech.gnu.ai.mit.edu> Robert J Woodhead () writes: [...] > Whether you like it or not, you live in and are supported by > a society, in a myriad of ways. The maintenance and improve- > ment of that society, and the betterment of your fellow human > beings, ought to be a primary goal. It is for me. We are Robert J Woodhead of Borg. You will be assimilated. You will adapt to service us and other borgs. Do not worry about the sacrifices you will make for the collective. After you are dead from your life of service, you can take pleasure in knowing that the collective has survived to enslave others like you. Resistance is futile, brother. We are Designation 8672, subgroup 3f7 From mlshew at netcom.com Wed Oct 20 21:32:38 1993 From: mlshew at netcom.com (Mark Shewmaker) Date: Wed, 20 Oct 93 21:32:38 PDT Subject: Clipper Chip report on 700 Club today (Wednesday) Message-ID: <9310210429.AA09194@netcom6.netcom.com> I was asked in private mail how the show went. I'll write up a proper summary later, but for now, rest assured that it was a most excellent report. There were a few technical inaccuracies here and there, (~"Clipper is the most secure encryption device they've come up with yet"), but for the most part, if you were out to give a ten minute explanation of the facts of life in regards to encryption to people who would never read _Wired_, and actually spread useful and non-hostile memes, you'd have a hard time outdoing that segment of the 700 club. They interviewed a number of people, including a spokesman from NIST, EFF, and Dorothy Denning herself. The guy summarizing the situation at the end mentioned how the government claims these regulations are just for child molestors, terrorists, and criminals, but that after any regulatory sytem is in place, there's nothing to keep them from redefining who the criminals are, and so monitor anyone they like. I'll write up a better summary in a few days. (Remember: 10pm and 2am on the Family Channel. I'd recommend watching it if you still can.) -Mark Shewmaker From jkyser at netcom.com Wed Oct 20 21:42:38 1993 From: jkyser at netcom.com (Jeff Kyser) Date: Wed, 20 Oct 93 21:42:38 PDT Subject: crypto anarchy In-Reply-To: <9310210113.AA17741@geech.gnu.ai.mit.edu> Message-ID: <9310210442.AA15571@netcom2.netcom.com> Thus didst Ray rise up and spake forth: > > Panix and Digex doesn't censor either and they allow full access. I would bet > that netcom doesn't care either. Don't be so sure. I heard that a netcom user was thrown off for posting cat torture messages in rec.pets.cats, among other things. >-- Ray Cromwell | Engineering is the implementation of science; -- >-- EE/Math Student | politics is the implementation of faith. -- >-- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- -- Jeff Kyser PGP 2.3 public key available via finger jkyser at netcom.com "Here we are now, entertain us." - Nirvana From doug at netcom.com Wed Oct 20 21:52:39 1993 From: doug at netcom.com (Doug Merritt) Date: Wed, 20 Oct 93 21:52:39 PDT Subject: backing Message-ID: <9310210452.AA27343@netcom5.netcom.com> F_GRIFFITH at CCSVAX.SFASU.EDU said: >Greshams law: "bad money drives out good" >i.e. where people have a choice (e.g. gold vs greenbacks post Civil >War), in making payments, they will use the lesser value money and >keep the higher value. Thus, the lesser value money will circulate, >the higher value money will not. So in essence you're saying that poorly-backed digital currency will win out over e.g. U.S. dollars? That's an interesting concept. (I mean the above literally, not sarcastically; I don't care to take either one side or the other of this question right this instant, although I will say that there must be some extra caveats to add.) Doug From tcmay at netcom.com Wed Oct 20 21:52:52 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 20 Oct 93 21:52:52 PDT Subject: Something Silly, Something Serious In-Reply-To: <9310210322.AA17451@toad.com> Message-ID: <9310210451.AA27317@netcom5.netcom.com> SOMETHING SILLY: A pseudospoofer who claims to be Philippe D. Nave (right!) sez: > Don't screw around with this stuff in your basement, people - it is a > _very_ fast, _very_ hot reaction that produces a slug of superheated > molten metal. For the truly paranoid among you, however, it might be ^^^^^^^^^^^^^^ > a viable last-ditch ploy to foil the Gestapo. Do be careful. Can I USE THIS to stop the PSEUDOSPOOFERS and TRAITORS who are parasitically sucking the lifeblood out of my postings? If I put this "termite" stuff on my terminal, can I stop the MIND-GNAWING TERMITES AND RODENTS which are devouring my brilliance and sapping my PRECIOUS BODILY FLUIDS? Cypherpunk Mindmucking lives! They are coming to take me away, ha ha, coming to take me away, hee hee. Death to Traitors! (This paranoid brought to you by the alleged pseuodospoofer Tim May, in the hopes this will ease your S. Boxx-withdrawal symptoms.) SOMETHING SERIOUS: Seriously, I understand L. Dettweiler has asked to be unsubscribed. For the record, I did not send him any e-mail these past several weeks, either under my normal name or under any other names. I rarely pseudonyms, and have never--that I recall right now--ever used them in 2-way communication. And never for the purposed Dettweiller/Boxx alleged. I _have_ used remailers for several "demonstrations," which in most cases I've later acknowledged. For example, the F-117 Stealth items six or so months back, some "Information Liberation Front" articles (I won't say which one, which provides me with enough "plausible deniability"...after all, anybody can join the ILF merely by _acting_ like a member), and some links to the "BlackNet" pieces (though, ironically, someone other than me forwarded the main item to this list). In other words, I do not use pseudonyms very often, and then never for political debates, for taking "sides," etc. I also did not write the short story "Master Key." Dettweiler wrote to me and claimed I was being sly. I told him I did not write it, nor another piece--a political piece that was quite good--that he claimed he "knew" I had written. Then, after I publically indicated enjoyment with the story, despite some weaknesses, he started ranting at me that I was using pseudonyms and was congratulating myself. But the cake was taken when he claimed I had invented the nym "Jamie Dinkelacker," whom many of you know personally, to slant arguments! Done humorously, as several of us have done recently, such a claim would be funny (no offense meant, Jamie). But LD showed no awareness of the absurdity of his claim. With his florid hyperbole--or should I say "extremely and poisonously florid hyperbole"-- and his paranoid rants, I chose to have nothing more to do with him, and told him this in my last e-mail message to him several weeks ago. (One of the messages he chose to quote in his "introspective" message to the List...."thank you for sharing that, Lance") He went ballistic when I--rather politely, I thought--averred on this list that the EFF/Shari Steele advisory was not quite the Gestapo pounding at the door. In e-mail, he called me "poison," "a traitor," "a lackey of Eric Hughes," and so on. I just shook my head and chose not to respond. Paranoia can be fun to play with. I myself listen avidly to "conspiracy theory" radio broadcasts (keywords: Inslaw, Wackenhut, Iran-Contra, NSA, trapdoors, Casolaro, P-2 Lodge, Gehlen, MK-ULTRA, and hundreds of others...) and I get a kick out of Robert Ludlum novels. But becoming so isolated and perhaps even schizophrenic is not a good thing. (As an aside, I'll again urge folks to form local groups. It helps to see actual faces and get to know folks. The surge in activity in Austin is very encouraging. Ironically, some months back when Lance/Larry (will we ever learn which was preferred?) was soliciting my advice in e-mail--before I was seen to be the Puppetmaster's Helper--he asked me how he could do things so far away from the Bay Area. I pointed out to him the rich environment of the Denver-Colorado Springs-Boulder-etc. corridor, and the presence of His PGPness Himself in the area! Which he of course knew. Others, too. I can think of at least a couple of others, Nate Sammons and Phillipe Nave, and maybe others, who could form a nucleus of a group. I drive 60 miles north to the Cypherpunks meetings, and Sandy Sandfort and Eric Blossom drive about the same distance south, so that's 120 miles of range, about the length of the urban corridor in Colorado. And a group can grow, of course.) And I *do* think there's a "Cypherpunks cause," loosely speaking. We all know we have roughly similar goals, although our politics range across the spectrum. But it's probably best that we nor formalize our goals and our principles too much, for obvious reasons. But getting so worked up in "the Cause" is not healthy. Especially when anyone who deviates from one's own views is seen as a traitor, a lackey, a stooge of the NSA, and so on. What we're doing is demonstrably important, but there's no need to demonize our opponents (in fact, that weakens us), to look for traitors to the cause, and to take it all so _seriously_. As someone says in their .sig, it's not as thought we're gonna get out of this alive. Cypherpunks write code. Cyperpunks write essays. Cypherpunks make puns and jokes and even spoofs. Cypherpunks have fun. Cheers, --Tim May (his True Name) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From karn at qualcomm.com Wed Oct 20 23:17:52 1993 From: karn at qualcomm.com (Phil Karn) Date: Wed, 20 Oct 93 23:17:52 PDT Subject: Clipper Chip report on 700 Club today (Wednesday) In-Reply-To: <9310210429.AA09194@netcom6.netcom.com> Message-ID: <9310210615.AA19919@servo> Thanks to the heads-up note here, I caught the whole thing on tape when it repeated here on the West Coast at 10pm PDT. (I see there are some advantages to living out here!) If I hadn't seen the show with my own eyes, I never would have believed it. The Religious Right, so ready to mind everyone else's personal business and to reshape the government in its own image, opposes something that would make it easier for the government to control the private lives of its citizens. This cryptography stuff sure makes some strange bedfellows. Wow. Of course, the Religious Right is at odds with the current government, what with talk of using the federal racketeering laws against anti-abortion demonstrators. So perhaps they can be forgiven for their current anti-government stance. Their tune might well change if they ever succeed in overturning Roe V Wade. Imagine their glee turning to horror when they discover that those satanic pro-choice people are using encryption to coordinate *their* protests and perhaps even to coordinate travel by women seeking abortions to places where it is still legal. :-) And there's supreme irony in the right to encryption and the right to abortion both being founded in the same basic concept: personal privacy. It all depends on whose ox is being gored, I guess. Phil From MIKEINGLE at delphi.com Wed Oct 20 23:27:53 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Wed, 20 Oct 93 23:27:53 PDT Subject: Russian LanCrypto info Message-ID: <01H4CRMYP3MW938S5H@delphi.com> Here is some information about LanCrypto, a Russian public-key encryption program. This one sounds interesting. From: IN%"alex at crypto.msk.su" 20-OCT-1993 14:36:24.72 CRYPTO BANK System of programms of encryption (decryption) of files To work all users must have the files: afina.exe - programm for generation of new public and secret keys afinall.exe - programm for creation of a common list of public keys vesta.exe - programm for encryption/decryption of file NNNNN.pbl - file contains a new public key,NNNNN is a number of user secret.new - file contains a new secret key secret.key - file contains an old secret key FIRST stage. Generation of new secret and public keys by user User runs prigramm: afina.exe A message apears on the screen: Press any keys User begins to strike rand set of keys.A new secret key writes to floppy diskette A to file sekret.new. A public key writes to the current directory in the file NNNNNN.pbl (NNNNNN is a number of user). If you want to write your secret key on hard disk in current directory you run: afina.exe /k Then all users of sistem exchange their public keys(files NNNNNN.pbl.).We recommend thate users organise a CENTER .(The CENTER collects all public keys,creates a common list of public keys and sends it to users.) SECOND stage. Creation and sending a list of public keys. After exchanging of the files NNNNNN.pbl, user( CENTER ) has the files, received from his partners: N1.pbl N2.pbl ... NM.pbl To create common list of public keys , user( CENTER ) runs the programm afinall.exe . (dot in the end) if files * .pbl lokate in current directory afinall.exe [path] if files *.pbl lokate in other directory. Programm creates a common list and writes it to the file publall.key. THIRD stage. Encrypting of a file. If user number NNNNN encrypts file for user number LLLLL ,user number NNNNN runs : vesta.exe [path\]file_name LLLLLL [\k] (1) (\k is a parametre, the programm vesta.exe finds a secret key in a current directory, ;if you run vesta.exe [path\]file_name LLLLLL ,the programm vesta.exe finds a secret key in floppy diskette ) During the process of its work vesta.exe takes the secret key of user number NNNNN (from current directory(if you use \k) or from ffloppy diskette), takes the public key of user LLLLL (from file publall.key).Useing a secret key of user NNNNN and a public key of user LLLLL vesta.exe creats a common secret key.Then vesta.exe generates a rand session key,useing it and the comman secret key vesta.exe creats a secret session key and encrypts the file. The rand session key is not secret ant it is added to the file. FORTH stage. Decrypting of a file Encrypted file may be decrypted by two ways: 1. by user NNNNN, if he repeats programm (1); 2. by user LLLLL, if he runs : vesta.exe [path\]file_name NNNNN [\k] EXAMPLE 1 ( We have user 000(CENTER) and user 001): User 001 runs afina.exe \k.User 001 has files secret.new and 001.pbl in the current directory. User 001 sends 001.pbl to user 000(CENTR). User 000 runs afina.exe \k.User 000 has files secret.new and 000.pbl .User 000 receivs a file 001.pbl.He has: afinall.exe 000.pbl 001.pbl User 000 runs afinall.exe . (dot in the end ).He has: afinall.exe 000.pbl 001.pbl publall.key The file publall.key user 000(CENTER) sends to user 001. User 000 has : ! User 001 has : ! vesta.exe ! vesta.exe publall.key ! publall.key 000.pbl ! 001.pbl secret.key ! secret.key secret.new ! secret.new test0.txt User 000 encrypts file test.txt for user 001 .He runs : vesta.exe test0.txt 001 /k User 001 receivs test0.txt and decrypts it : vesta.exe test0.txt 000 /k User 001 encrypts file test1.txt for user 000.He runs : vesta.exe test.txt1 000 /k User 000 receivs test1.txt and decrypts it: vesta.exe test1.txt 001 /k SIGNING AND CHECKING OF ELECTRONIC MESSAGE To sign a message you must do: sign.exe file To check yoy must do: notary.exe file NOTALL.EXE makes men.cat(list of all public keys of signatures ) A F I N A PUBLIC KEY GENERATION SYSTEM AFINA is a unique package of programs for automatic generation of a common private key for a specific commynication session between two users. AFINA canbe used in any data transmission system with cryptographical protection. It rules out the need for a prior distribution of private keys to users. AFINA uses the best methods of public key generation between two users that have been tested and widely aookied by Western governments and commercial ventyres. Oyr original algorithm and programs have a four-fold increase in the speed of generating a public key compared to the best known standards while also improving data protection 100-fold. Having purchased the AFINA program, you will become fully independent of any key supplying service. AFINA automatically generates common private key for communication sessions with any user in several seconds. You can choose the key length. It will take two users less than 3 seconds to generate a common private key of 256 bits useng an AT 286 pc operating at 16 MHg. AFINA uses the disk operating system MS DOS 3.30 + and needs 32K of RAM memory. Any CGA, EGA or VGA graphic adapter can be used. A hard disk is desirable to speed up processing. Delivery: AFINA software on 5.25 DS/DD or installation by LAN-Ctypto. LAN-Cryoto provides guides and after-sales (warranty and post-warranty) service of the installed products as well as uodated versions and supplies them on favourable terms. V E S T A File encryption system VESTA is a package of programs providing the encryption of files on a user's disk. VESTA employs the most secure methods of cryptographic data protection such as the Data Encryption Standart (DES), a universally recognized system endrosed by Western goverments and commercial institutions, GOST 28147-89, national data encryption standards in computer networks as well as two LAN-Crypto algorithms for data encryption providing processing speed of 200 Kbyte/sec. on AT-286 (12 Mhz) PC. This is a record time for encryption programs. VESTA will allow you to assure your PC's data integrity, provide raw a "transparent" mode of exchange with a hard disk without delaying data processing. By choosing the appropriate VESTA encryption algorithm, you will be able to have secure exchange of information with most encryption programm users in this country and abroad. Encryption key input can be carried out both from magnetic mediums or keyboard. The number of keys of VESTA for cryptographic algorithms: 18 - DES 10 77 - GOST 28147-89 10 77 - VESTA 1 10 77 - VESTA 2 10 The low boundary of the encryption security is determined by the DES algoritm. For users of IBM PC , and compatibles, VESTA provides man-machine communicatin through the Disk Operating System MS DOS 3.30+. Program size of VESTA package: DES - 6 Kb GOST 28146-89 - 2 Kb VESTA 1 - 2 Kb VESTA 2 - 2 Kb VESTA provides friendly interface and detailed help. DELIVERY: VESTA software on 5.25 DS/DD or installation by LAN-Crypto, guides. LAN-Crypto provides after-sales (warranty and post-warranty) service of the installed products and information on updated versions of programms and makes them available on favourable terms. The extrended reference services. NOTARY SECURE ELECTRONIC SIGNATURE SYSTEM NOTARY is a system for generating electronic signature for PC files assuring their integrity and providing the ability to verify the identy of the author of the data auhor. You can use Notarius while storing information distributing floppy disks, or transmitting information throw public communication chanel. "Digital (electronic) signature" is a full analogue of a handwritten signature. The NOTARY " digital signature " employs two algorithms: one which produces the signature is kept secret, while the other, which verifies the identity of the author, is disseminated to recipients of of the signed documents. The NOTARY "digital signature" procedure employs the program "SIGNATUR" to "sign" a document file and creates a signature file which impossible to forge. The NOTARY checking programm analysizes the contents of document file and quickly and securely checks that the signature is authentic. NOTARY allows you to quickly and effectively introduce paperless processing into offices, local networks, banking systems, exchanges system, data communication networks, etc. NOTARY employs more advanced method of "electronic signature" than widely recognized RSA Digital Signature, which has been endorsed by commercial and goverment institotions in the United States. NOTARY's original algorithms and programm solutions allow the user to speed up the operation of signing documents four-fold compared with best known standarts. NOTARY employs the Disk Operating System MS DOS 3.30+ on IBM PC, and compatibles with the graphic adapter EGA (VGA). NOTARY needs 15 KB of RAM and offers a friendly interface and detalied help. Delivery: NOTARY software comes on 5.25 DS/DD or can be installed by "LAN Crypto", stuff we also provide documentation. "LAN Crytpo" provides warranty and post-warranty service of the installation products and information on updated versions of programs when avaiilable offers them on favourable terms to current users. Best regards. Alex Smirnov From edgar at spectrx.Saigon.COM Wed Oct 20 23:42:40 1993 From: edgar at spectrx.Saigon.COM (Edgar W. Swank) Date: Wed, 20 Oct 93 23:42:40 PDT Subject: Entrapment Defense Message-ID: Carl Ellison posted here: If all you're worried about is entrapment, you need only ask the person in question if s/he works for any law enforcement or surveillance agency. If they lie, then anything after that is entrapment. I'm not a lawyer but I learned this from my masseuse in SLC UT, where mixed-gender massage is considered a "sex act for hire" and she was constantly subject to entrapment. I'm not at all sure if the above is true. This came up on this list a few months ago when I was suggesting that people might put a statement, "I am/am not a Law Enforcement Officer or Agent" as part of a "certificate of identity" they could mail to verify their PGP public key. At that time I think the concensus was that a LE officer could sign (the negative form of) the statement and still observe crimes and give testimony. One example given was undercover narcotics officers who could not answer affirmatively without jeopardizing their lives. One defense attorney on another net told me that the entrapment defense is rarely used anymore; "it's easier just to plead your client guilty." Apparently all the prosecuton has to show is that the defendant had a "pre-existing disposition" to commit the crime. Duncan Frissel, can you shed more light on this??? -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From edgar at spectrx.Saigon.COM Wed Oct 20 23:42:52 1993 From: edgar at spectrx.Saigon.COM (Edgar W. Swank) Date: Wed, 20 Oct 93 23:42:52 PDT Subject: TEMPEST: Re: Monitor radiation overlooking./DES weakness Message-ID: Victor Borisov posted the following on Oct 15: I read about overlooking of monitor radiation. Introder can scan the electron-beam radiation from electron-gun. He simple transmit this radiation to self electron-gun and sinchronize frequance. This method work with b/w monitor. The overlooking of color-monitor more dificult - introder will see 4 gradation of gray (all guns off, work one, two, three guns). But we can select spesial colors (red-blue or blue-green) and allways will work only one (or two) guns. In this way introder will see dark (or light) gray screen without any information!!! Is it corect? Do now present more improve overlooking system? We in the USA refer to this technology as TEMPEST, which is an acronym for Transient ElectroMagnetic Pulse Emanation STandard or Transient Electromagnetic Pulse Surveillance Technology. Victor, I have a long (58K) document about this which I'll be glad to send you, just ask. I think I got it from this list last August maybe. I haven't seen Victor's idea of adjusting screen colors before. I suspect that it would take some balancing of the colors so the combo for foreground/background would be the same strength to a close tolerance. Certainly I wouldn't trust it without confirmation from an experiment that a state-of-the-art TEMPEST device couldn't resolve any information. Victor, could your friend in the KGB arrange for such an experiment?? TEMPEST defenses considered here involve using metal cabinets and other shielding. One relatively inexpensive approach uses metallic wallpaper! Here are some references: From: szebra!novavax.nova.edu!yanek (Yanek Martinson) Subject: INFO: TEMPEST companies To: toad.com!cypherpunks Date: Wed, 16 Dec 92 20:33:10 EDT X-Mailer: Elm [version 2.1 PL1] Lindgren RF Enclosures 400 Gigh Grove Blvd. Glendale Heights, IL 60139 Contact: Wayne Martin 708-307-7200 FAX: 708-307-7571 "LT" Series Shielding System is a complete line of modular enclosures, equipment cabinets and custom enclosures available in virtually all shielding materials. The system features exclusive Double Electrically Isolated construction for maximum attenuation. All enclosures are fully tested and guaranteed. Aplication assistance available. Secure Systems & Services Div. of The R/H Factor Corp. 13990 Goldmark Dr., Ste.401 Dallas, TX 75240 Contact: Ray Helsop 214-907-9288 FAX: 214-669-9160 TEMPEST Products, Systems & Services are for Military/Industrial firms concerned with threat of information security and protection by [sic] electronic eavesdroppoing; also commercial EMI/RFI, reduced emissions products. We provide TEMPEST service and support, data encryption, F.I.S.A. Facility Information Security Assessment Studies, site planning, installation design, facility upgrades, etc. International Paper Co. Longmeadow Rd. Tuxedo, NU 10987 Contact: Larry Fahy 914-577-7247 SAF'N SHIELDED (tm) International Paper provides a unique wallcovering that prevents electromagnetic interference (EMI), wireless electronic espionage, and other forms of electromagnetic eavesdropping. The new wallcovering, a composite structure that incorporates a nonwoven mat of metallic fibers, has been TEMPEST-tested by the U.S. government and can achieve attenuation levels over 100dB. The material, which eliminates the added costs of "hardening" or adding protective shielding to individual pieces of electronic equipment, is being used both in primary applications and to upgrade facilities to higher levels of protection. It also provides a way to plug EMI leaks quickly and effectively. Unlike woven or sheet metal, which typically require gutting entire rooms, this flexible, lightweight material goes up as quickly as wallpaper. No special tools are needed, and downtime is minimal. Transaction Security, Inc. 21 Industrial Ave. Upper Saddle River, NJ 07458 Contact: O. Mark Hastings 201-573-1150 Steel TEMPEST-type enclosures for any size computer hardware. Subject: New number for Secure Systems & Services The new number for SS&S is (214) 907-9288 Also, Lindgren RF Enclosures informed me that they now have exclusive license to market International Paper Company's SAF'N SHIELDED; and they give free samples ;-)) JPW ==================================================================== Date: Mon, 28 Dec 92 11:57:49 PDT From: szebra!jplpost.Jpl.Nasa.Gov!wendtj (Jeffrey P Wendt) To: toad.com!cypherpunks Subject: TEMPEST companies I have recieved information from Veratec re: the product Safe`n'Shield, and I have to say that for an inf0 packet, they have done a great job. The folder comes with 2 sample squares of the Safe`n' Shield material, and the specs for their product are as follows: >----------------------------------------------------------- > Shielding Effectiveness of SAFE`N'SHIELDED (R) >(in dB Attenuation) >___________________________________________________________ >SAF`N'40 tm 10' x 20' x 8' Room >___________________________________________________________ > 10KHz 1MHz 50MHz 400MHz 1GHz >----------------------------------------------------------- > >100 76 53 57 62 >___________________________________________________________ >___________________________________________________________ >SAF`N'60 tm 8' x 8' x 8' Room >___________________________________________________________ > 10KHz 1MHz 50MHz 400MHz 1GHz >----------------------------------------------------------- > >100 N/T* 67 72 87 >___________________________________________________________ >___________________________________________________________ >SAF`N'80 tm 8' x 8' x 8' Room >___________________________________________________________ > 10KHz 1MHz 50MHz 400MHz 1GHz >----------------------------------------------------------- > >100 >81 100 90 90 >___________________________________________________________ In addition to some general notes and a customer list, they provide a 25 page booklet on construction techniques; both new and existing. The material is very thin, about the same weight and feel as good bond paper. The manufacturer states that this material meets the NSA 65-6 spec using this nonwoven material as the priamary shield. The material is applied just like wall paper, with comercial wallpaper glue, and from a construction point of view this stuff looks like you could do an 8x8x8 romm in a few hours. Alas, I did not recieve a price list on the material, but I am sure it will be a hell-of-a-lot cheaper that buying TEMPEST certified computers, and best of all...you don't have to register a damn thing ;-)). The address is: Veretec Long Meadow Road Tuxedo, New York 10987 (919) 577-7447 Victor Continues: Some words about DES - I spoke with one cryptoanalisyst from KGB and he sow, that for number crypto algotitm c(key, text) (key is keyLength tall) present f(key, text), that for all key1 and key2 present key with length keyLength, that c(key2, c(key1, text))==f(key, text). He also say, that now present f() for c()=des(), more f() wery like des(). That`s why for decrypting of des(k1, des(k2, ... des(kN, text) ... )) we must try 2^56 keys with spetial function. Victor seems to be saying that his friend is saying that DES is a "group" (if I remember my terms correctly), which somebody was supposed to have proven wasn't the case. Although, strictly speaking, a "group" was supposed to be f=des, where Victor just says it's "very like DES." But multiple encryptions as Victor describes are not used. Rather alternating encryptions and DEcryptions. For example triple DES dese(k1, desd(k2, dese(k3, plaintext))) where "dese" is DES encryption and "desd" is DES decryption. What does your friend in the KGB have to say about that, Victor? If triple-DES reduces to any reasonable transformation of (some) 56-bit key then it's almost as easy to break as single-DES which we now know only requires 3 hours on a $1 million specialized machine. Of more interest here, Victor, is what your KGB friend says about the IDEA cipher, RSA Public Key encryption, and the MD5 message digest, all of which are used in PGP. We would also like to know if the KGB has found any weaknesses in PGP or if they've even had occasion to try to find any. -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From charliemerritt at BIX.com Wed Oct 20 23:47:53 1993 From: charliemerritt at BIX.com (charliemerritt at BIX.com) Date: Wed, 20 Oct 93 23:47:53 PDT Subject: Photo copy money Message-ID: <9310202326.memo.70789@BIX.com> Everyone seems to say, no, no pattern recognition in Cannon copiers. This pattern recognition is more than urban legend! I saw it demonstrated on evening news Dollar in Black out. If this is false it is a well orchestrated lie. From jamie at netcom.com Wed Oct 20 23:47:55 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Wed, 20 Oct 93 23:47:55 PDT Subject: Something Silly, Something Serious Message-ID: <9310210643.AA27104@netcom.netcom.com> Tim May writes (and then Jamie takes a bend toward CypherRapture): >SOMETHING SERIOUS: > >Seriously, I understand L. Dettweiler has asked to be unsubscribed. > >For the record, I did not send him any e-mail these past several >weeks, either under my normal name or under any other names. I rarely >pseudonyms, and have never--that I recall right now--ever used them in >2-way communication. And never for the purposed Dettweiller/Boxx alleged. > > >But the cake was taken when he claimed I had invented the nym "Jamie >Dinkelacker," whom many of you know personally, to slant arguments! >Done humorously, as several of us have done recently, such a claim >would be funny (no offense meant, Jamie). But LD showed no awareness >of the absurdity of his claim. ^^^^^^^^^^^^^^^^^^^^^^ Tim's got a point. Why would Tim create the nym Jamie Dinkelacker? With so many names to pick from, why pick one that is already in use and is fairly visible in other networks (e.g., extropians, nano)? Perhaps LD didn't check them, but others on the list are aware. Isn't it interesting that when a writer doesn't know that two persons are different individuals, it's easy to presume that when they agree in print or simply discuss similar topics, that this implies nym-hood? Fascinating: This isn't a surface event. The issue here is a root failing of LD's cognizance and scope to simply check things out. Readers in the Bay Area or LA may have seen stuff Jamie Dinkelacker has written in _Microtimes_, or in the _Foresight Update_, or if you read the academic communication and mass media literature, there as well. Plus, I'm a fairly voluble fellow speaking at conferences, trade shows, some local discussion groups and the like. No, Jamie isn't an AI, nor does he play one on the net. (Maybe someday...) I've not used net nym. What struck me about LD's vacuous pleas and S.Boxx's vapid rants was the essential disturbed and juvenile nature they projected, hoping to ensure a cause of CypherRapture (following CryptoAnarchy, natch) warranting true names without ever any spoofing or deception. I have made a standing offer to take S.Boxx to lunch (provided s/he eats with a fork and isn't already out to lunch). But spoofing and deception are not the same: more importantly, neither is an emergent element of pseudonymity, anonymous remailers, or cypherjocks. I found Blacknet to be entertaining. It seemed natural this has been going on for years. As far as deception, it's a matter of degree. It's common in nature, sports, business, ... . I'm not advocating it -- but I accept it as a fact of living in modern times. This has been a good experience for me, and has raised many issues in the big Venn of CryptoAnarchy: who owns their name, for how long, does it matter? ... Who can tell the difference? Which John Smith is that? ... Tim continues ... > >Cypherpunks write code. Cyperpunks write essays. Cypherpunks make puns >and jokes and even spoofs. Cypherpunks have fun. > I don't know if there is a Cypherpunk's cause. I doubt there's a movement, but that's separate from my holding a belief that crypto and nyms and digital cash and privacy and emergent social structures are crucial to a preferable form of human survival. With the net, we have a wonderous tool and opportunity. But the world isn't a safe place. Every time I put a finger or toe into the lovely pacific ocean I'm keenly aware of quickly entering the food chain at a much lower point. These are times of challenge, to develop new tools and fresh perspectives. But many elements of human nature remain the same. I thank the Cypherpunks for writing code. I don't (anymore): I write words, make videos and build organizations. We do need the code. We also need to push at the edges of our understanding of social dynamics. And S.Boxx clearly illustrated that puerile visciousness, wounded animal frenzy, and pathetic behavior are also here in this new world. One of the brave ones, s/he isn't. And Cypherpunks' creations even protect the likes of S.Boxx. Reminiscent of Voltaire, yes? Thanks for the bandwidth. If anyone would like to continue this, perhaps moving it to the Extropians list would be reasonable. James Dinkelacker (True name) -- ................................ Jamie Dinkelacker Palo Alto CA (almost a true name) Jamie at netcom.com 415.941.4782 From moormajb at vuse.vanderbilt.edu Thu Oct 21 00:27:54 1993 From: moormajb at vuse.vanderbilt.edu (Joseph Moorman) Date: Thu, 21 Oct 93 00:27:54 PDT Subject: politics Message-ID: <9310210722.AA20629@necs.vuse> It has been suggested that the politcis discussion be taken to another forum, which I am somewhat in agreement with (though I've enjoyed reading all the messages). I, however, want to take issue with a point made by Robert J. Woodhead: > The maintenance and improvement of [that] society, and the betterment > of your fellow human beings, ought to be a primary goal. Maybe it's your primary goal; it's certainly the goal of every Marxist/ Communist/Fascist regime that has every existed. I'm not accusing you of being any of these, but I wanted to point out that these ideologies all support the idea that one's self-interest is somehow evil and that only actions done for the benefit of society or "fellow human beings" are worthwhile and moral. I contend that one's self-interest should be one's primary goal (it is that one's choice however). This self-interest when combined with honesty and integrity is completely moral. It implies a recognition of others' right to be motivated by their own self-interests. Governments are established in order to make sure that self-interests do not conflict (e.g. my self-interest in having the money in your pocket and your self-interest in keeping it for yourself). The U.S. Government may have initially served such a purpose, but it comes nowhere near that today. I'm not saying there are any better places either; hopefully there will be soon. ---------------------------------------------------------------- | | | Joe Moorman | | | | To achieve Liberty in my time, | | Ready to relocate to Oceania... | | | ---------------------------------------------------------------- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAizFpXwAAAEEAMSgDF2B19fKu9tjmKPQ8wxmzUFLNLvgHy6UAff6V3zr17g5 Qsg9iE9NPTzhzCmKDPb1r1NcpkcSK+K7K8pVwYU6fqTw+/q81yMZ6Ori305Gbyxt QthNQ+JS5ixqCfzuxZ3h5cqtKXLM/XKTkVRMQGMN7z7+oBdV5AXMccsZHPSxAAUR tCpKb2UgTW9vcm1hbiA8bW9vcm1hamJAdnVzZS52YW5kZXJiaWx0LmVkdT4= =iu34 -----END PGP PUBLIC KEY BLOCK----- From karn at qualcomm.com Thu Oct 21 01:07:54 1993 From: karn at qualcomm.com (Phil Karn) Date: Thu, 21 Oct 93 01:07:54 PDT Subject: TEMPEST: Re: Monitor radiation overlooking./DES weakness In-Reply-To: Message-ID: <9310210805.AA23859@servo> >From my own (admittedly limited) experience, it's not the electron beam in the CRT that radiates, it's the electronics all around it. I verified this years ago with an early Korean clone of the original IBM PC monochome monitor. It was easy to demonstrate: when I turned down the brightness control until the screen went completely dark, the radio interference audible on a HF amateur rig was unchanged. When I instead turned down the *contrast* control until the screen went dark, however, the noise just about disappeared. Why? In this particular monitor, the brightness control simply controlled the DC bias on a CRT grid. It stopped the electron beam, but did not change the RF noise level. That proved conclusively that the noise wasn't coming from the electron beam. Why not, given that the CRT contains the highest video signal levels found in a monitor? Well, if you look at the back of a typical CRT, you will notice that the sides are all coated, inside and out, by conductive paints. These two painted surfaces -- ground on the outside, B+ on the inside -- with the glass between them, form a capacitor that filters the high voltage applied to the tube. (It is vitally important to discharge this capacitor before you poke around inside a monitor or TV!) The inside of the screen must also be conductive, since the electrons hitting it have to go somewhere. So in effect, a CRT already comes with its own RF shielding. On the other hand, the contrast knob was essentially a "video volume control" just ahead of the (relatively high powered) video output amplifier mounted on a daughter board plugged into the base of the CRT, driving its cathode. The radiation came from the unshielded +70V power supply lead into this daughter board. Replacing that one wire with shielded coax and bypassing both ends with capacitors reduced the noise dramatically. I got rid of what little noise was left by adding extra shielding to the monitor's drive cable. I had already tediously painted the inside of the cabinet with conductive paint, but that turned out to be largely a waste of time; the noise level didn't seem to depend much on whether the cabinet was on or off. The bottom line: brute force shielding of an entire monitor is often not required. It pays to figure out exactly where the radiation is coming from, and work directly on the cause. Caveat: this particular monitor, being very old, had no RFI mitigation at all. Almost all newer monitors have much better RFI shielding. Open them up and it will be obvious -- metal shields everywhere, ferrite beads around cables, etc. Simply upgrading to a newer monitor may fix the problem. Phil From an41418 at anon.penet.fi Thu Oct 21 01:57:54 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 21 Oct 93 01:57:54 PDT Subject: Paper Shredders Message-ID: <9310210856.AA22927@anon.penet.fi> What about just burning the paper? ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an41418 at anon.penet.fi Thu Oct 21 02:22:41 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 21 Oct 93 02:22:41 PDT Subject: double encryption keys Message-ID: <9310210920.AA26347@anon.penet.fi> I would suggest that you use two different hash functions on the pass phrase, and take however many bits you need of what's left over. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From blaster at rd.relcom.msk.su Thu Oct 21 02:22:55 1993 From: blaster at rd.relcom.msk.su (Victor A. Borisov) Date: Thu, 21 Oct 93 02:22:55 PDT Subject: TEMPEST and Public key programs Message-ID: > Electromagnetic Pulse Surveillance Technology. Victor, I have a long > (58K) document about this which I'll be glad to send you, just ask. Please, send this paper direct to me. > any information. Victor, could your friend in the KGB arrange for such > an experiment?? Exuse me please, but I don`t see this man about two week! I also can`t ask this man about all (I like fredom :( ). As security men saw: "if smaller know then better sleep". > Victor seems to be saying that his friend is saying that DES is a > "group" (if I remember my terms correctly), which somebody was > supposed to have proven wasn't the case. Although, strictly speaking, > a "group" was supposed to be f=des, where Victor just says it's "very > like DES." DES is`t group - f() only like to DES (I think, that computing dificult of f() like des() one). > But multiple encryptions as Victor describes are not used. Rather > alternating encryptions and DEcryptions. For example triple DES > dese(k1, desd(k2, dese(k3, plaintext))) where "dese" is DES > encryption and "desd" is DES decryption. What does your friend in > the KGB have to say about that, Victor? If triple-DES reduces to > any reasonable transformation of (some) 56-bit key then it's almost > as easy to break as single-DES which we now know only requires 3 hours > on a $1 million specialized machine. I`ll ask he about this. > Of more interest here, Victor, is what your KGB friend says about the > IDEA cipher, RSA Public Key encryption, and the MD5 message digest, > all of which are used in PGP. We would also like to know if the KGB > has found any weaknesses in PGP or if they've even had occasion to try > to find any. He made same program (LanCrypto). That why, I hear only bad words from he. :) You can read about this program in cypherpunks. >From other KGB-men, I hear, that prophesor Sidelnicov (the well known cryptoanalisist from Russia) saw, that PGP has some weak places: - random number is`t "good" random number. - md5 has hole (but here man lapse into salence:( ). - PGP for DOS don`t have any anti-overloking tools. BTW: LanCrypto play on last weakness: thay wrote litle resident DOS program. This program crack PGP and than pgp sign (and check) only part of message. LanCrypto public this resalt in buziness newspaper and show program on the big computer-show. I think this is rough market, but it work well (as all, that KGB made:))!!! Now I know 3 powerful public-key Russian programs. All wrote by exKGB man: - "LanCrypto" has vary fast algorithm, litle sign and several tools for anti- intruding. - "Exelence" has number of anti-intruding tools and powerful cryptographic algorithms. This pakage also has inteligance hardware keys for prevent introding. - "Blitc". The central bank try to use this program, but boys from LanCrypto find rough hole in hash function of this program and compromite this firm. Now I contact with LanCrypto and Elias (autors of "Exelence"). I hope to use thouse programs in my Computer Security Center. If you want I try to write about this programs. --- Victor A. Borisov aka blaster; Relcom R&D; Email: blaster at rd.relcom.msk.su; Phone: +7(095)-943-4735; +7(095)-198-9510; === Don`t panic! === From an41418 at anon.penet.fi Thu Oct 21 02:27:55 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 21 Oct 93 02:27:55 PDT Subject: double encryption keys Message-ID: <9310210927.AA27497@anon.penet.fi> Oops, please excuse that post, it went to the wrong mailing list. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From jfarmer at cap.gwu.edu Thu Oct 21 03:42:40 1993 From: jfarmer at cap.gwu.edu (John Farmer) Date: Thu, 21 Oct 93 03:42:40 PDT Subject: No Subject Message-ID: signoff cypherpunks From gg at well.sf.ca.us Thu Oct 21 03:52:41 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Thu, 21 Oct 93 03:52:41 PDT Subject: PRIVACY: Shredded trash doesn't cut it Message-ID: <93Oct21.035142pdt.14604-1@well.sf.ca.us> Re shredding documents: the best thing I ever found was to tear papers into strips about an inch wide and feed them to an ordinary household blender which is about 3/4 full of water. Turns the paper into mush. Flush the mush and that's that. NOt recommended for hiding evidence of crimes; the perfect crime is an illusion fostered by the media. -gg From gg at well.sf.ca.us Thu Oct 21 04:17:56 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Thu, 21 Oct 93 04:17:56 PDT Subject: Paper Shredders Message-ID: <93Oct21.041413pdt.13829-1@well.sf.ca.us> RE fire: you can still read ashes, it's commonly done. Now as an addendum to my previous about the use of blenders: for larger amounts, the kitchen sink disposall with lots of water running... for really large amounts, soak in a large container full of water for a few days to let it get soft, then mush it up with either an electric cement mixer or a 1/2" electric drill with paint mixing attachment. The key to these operations is lots of water so the paper will essentially be a suspended solid that easily tumbles and shreds. Too much paper in the mix will lead to a soggy mat that won't break up easily. -gg From trebor at foretune.co.jp Thu Oct 21 05:27:56 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Thu, 21 Oct 93 05:27:56 PDT Subject: politics In-Reply-To: <9310210722.AA20629@necs.vuse> Message-ID: <9310211226.AA20850@dink.foretune.co.jp> Joseph Moorman writes: >Maybe it's your primary goal; it's certainly the goal of every Marxist/ >Communist/Fascist regime that has every existed. >I contend that one's self-interest should be one's primary goal (it is >that one's choice however). I agree. I am motivated by self-interest. My self-interest, however, is not just providing for myself now, but also improving my environment for the future. You will note that I didn't say "people should be forced to do things my way." I said "I think this is a worthwhile goal for people." THere is a big difference. From rees at cs.bu.edu Thu Oct 21 06:22:44 1993 From: rees at cs.bu.edu (David Rees) Date: Thu, 21 Oct 93 06:22:44 PDT Subject: Photocopying mnoney Message-ID: <9310211318.AA09059@csa.bu.edu> Hi. Could anyone tell me an Online source of information that explains stuff about how money is scanned by machines, etc? Please send e-mail. Thaks. ---Dave (rees at cs.bu.edu) From awestrop at nyx.cs.du.edu Thu Oct 21 07:32:44 1993 From: awestrop at nyx.cs.du.edu (Alan Westrope) Date: Thu, 21 Oct 93 07:32:44 PDT Subject: Something Silly, Something Serious In-Reply-To: <9310210451.AA27317@netcom5.netcom.com> Message-ID: <9310211432.AA29427@nyx.cs.du.edu> In <9310210451.AA27317 at netcom5.netcom.com> tcmay at netcom.com (Timothy C. May) writes: >I pointed out to him the rich environment of the Denver-Colorado >Springs-Boulder-etc. corridor, and the presence of His PGPness Himself >in the area! Which he of course knew. Others, too. Yes, and Phil Z. is scheduled to speak to the Front Range Unix Users Group on Nov. 18. The meeting is at 4:30 in room 123 of the Univ. of Colo. Academic Computing Center. A rare opportunity to hear The Man in person...highly recommended. Putatively yours, -- Alan Westrope PGP fingerprint: D6 89 74 03 77 C8 2D 43 7C CA 6D 57 29 25 69 23 finger for public key -- "These nomads chart their courses by strange stars, which might be luminous clusters of data in cyberspace..." -- Hakim Bey From trebor at foretune.co.jp Thu Oct 21 07:47:56 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Thu, 21 Oct 93 07:47:56 PDT Subject: What is the maximum # of bits a key could ever need to be? Message-ID: <9310211444.AA21786@dink.foretune.co.jp> This occurred to me this morning in the inner sanctum of inspired cogitation, aka the shower. "What is the maximum # of bit a public-key would ever need to be, given no breakthroughs in factoring?" I came up with an answer, but it depends on some numbers that I don't have handy; perhaps other people on the list can fill in the blanks. First, we need an equation that tell us how difficult it is, in # of operations, to factor a number of N bits. eg: N_ops(N) = # of operations it will take. Then all we need to do is find the N for which N_ops(N) is greater than U_Duration * U_Particles * (1 / P_time) Where U_Duration is the expected duration of the universe, U_Particles is the number of particles in the universe (I am assuming that every particle can be used as a processor; the programming I leave as an exercise to the alert reader), and P_Time is the Planck time (damned if I can remember it) in seconds, which ought to be a good upper bound for clock speed on the Universal CPU. A most likely useless number, but it would be interesting to know what it comes out to. Best, R From nate at VIS.ColoState.EDU Thu Oct 21 08:02:43 1993 From: nate at VIS.ColoState.EDU (nate at VIS.ColoState.EDU) Date: Thu, 21 Oct 93 08:02:43 PDT Subject: Clipper Chip report on 700 Club today (Wednesday) In-Reply-To: <9310210615.AA19919@servo> Message-ID: <9310211458.AA05063@seurat.VIS.ColoState.EDU> writes Phil Karn: > >Of course, the Religious Right is at odds with the current government, >what with talk of using the federal racketeering laws against >anti-abortion demonstrators. So perhaps they can be forgiven for >their current anti-government stance. Their tune might well change if >they ever succeed in overturning Roe V Wade. Imagine their glee >turning to horror when they discover that those satanic pro-choice >people are using encryption to coordinate *their* protests and perhaps >even to coordinate travel by women seeking abortions to places where >it is still legal. :-) > I wonder if they know that the idea was developed during a republican administration? >And there's supreme irony in the right to encryption and the right to >abortion both being founded in the same basic concept: personal >privacy. It all depends on whose ox is being gored, I guess. > > >Phil > > -nate -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From nate at VIS.ColoState.EDU Thu Oct 21 08:02:55 1993 From: nate at VIS.ColoState.EDU (nate at VIS.ColoState.EDU) Date: Thu, 21 Oct 93 08:02:55 PDT Subject: Something Silly, Something Serious Message-ID: <9310211455.AA05053@seurat.VIS.ColoState.EDU> writes Jamie Dinkelacker: > >... Tim continues ... >> >>Cypherpunks write code. Cyperpunks write essays. Cypherpunks make puns >>and jokes and even spoofs. Cypherpunks have fun. >> > >I don't know if there is a Cypherpunk's cause. I doubt there's a movement, >but that's separate from my holding a belief that crypto and nyms and >digital cash and privacy and emergent social structures are crucial to a >preferable form of human survival. > I would have to disagree somewhat with this statement. I think that there are a loose set of opinions and goals shared between most of us. We may have out paranoids (personally, I always got a kick out of LD's rants... some of them even put us back "on track" when we were straying (as have many of Tim's posts)). Most of us share ideas, mostly relating to wanting widespread use and acceptance of strong cryptography. There are many differing opinions here, but this reflects the fact that we are not some kind of genetic experiment gone bad ;-) writes Jamie Dinkelacker: > >With the net, we have a wonderous tool and opportunity. But the world isn't >a safe place. Every time I put a finger or toe into the lovely pacific >ocean I'm keenly aware of quickly entering the food chain at a much lower >point. These are times of challenge, to develop new tools and fresh >perspectives. But many elements of human nature remain the same. > Very true. writes Jamie Dinkelacker: > >I thank the Cypherpunks for writing code. I don't (anymore): I write words, >make videos and build organizations. We do need the code. We also need to >push at the edges of our understanding of social dynamics. > I agree... Code is good, but one of the most important resources we have are people who can explain just what it is that we are doing here to the "outside" world, and to reaise the level of the public's awarness, if not understanding. writes Jamie Dinkelacker: > >And S.Boxx >clearly illustrated that puerile visciousness, wounded animal frenzy, and >pathetic behavior are also here in this new world. One of the brave ones, >s/he isn't. And Cypherpunks' creations even protect the likes of S.Boxx. >Reminiscent of Voltaire, yes? > Strangely ironic, we hate what we protect. I think it's important to note that there will always be people like S.Boxx out there... lunatic ravings and patheticly malformed logic. There are also a great deal of good things that have come out of the remailers and spoofing (not so much spoofing, but posts to places like alt.whistlblowing, et al. through the remailers and anon.penet.fi) I think that the good outweighs the bad in this instance, at least. > >James Dinkelacker (True name) >-- >................................ >Jamie Dinkelacker Palo Alto CA (almost a true name) >Jamie at netcom.com 415.941.4782 > > Truly, -nate -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From hfinney at shell.portal.com Thu Oct 21 08:32:45 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Thu, 21 Oct 93 08:32:45 PDT Subject: Mail delivery question Message-ID: <9310211532.AA05517@jobe.shell.portal.com.shell.portal.com> I have a somewhat dumb question about mail delivery. This has a CP connection because it relates to a remailer enhancement I am working on. When I receive mail from cypherpunks, this is a typical set of headers for an incoming message: From owner-cypherpunks at toad.com Wed Oct 20 23:57:11 1993 Received: from nova.unix.portal.com by jobe.shell.portal.com (4.1/1.34) id AA14713; Wed, 20 Oct 93 23:57:11 PDT Received: by nova.unix.portal.com (5.65b/4.1 1.505) id AA18779; Wed, 20 Oct 93 23:57:09 -0700 Received: by toad.com id AA20355; Wed, 20 Oct 93 23:47:55 PDT Received: by toad.com id AA20115; Wed, 20 Oct 93 23:43:21 PDT Return-Path: Received: from netcom.netcom.com ([192.100.81.100]) by toad.com id AA20111; Wed, 20 Oct 93 23:43:19 PDT Received: from netcom3.netcom.com by netcom.netcom.com (5.65/SMI-4.1/Netcom) id AA27104; Wed, 20 Oct 93 23:43:51 -0700 Date: Wed, 20 Oct 93 23:43:51 -0700 Message-Id: <9310210643.AA27104 at netcom.netcom.com> X-Mailer: Eudora To: cypherpunks at toad.com From: jamie at netcom.com (Jamie Dinkelacker) Subject: Re: Something Silly, Something Serious Status: RO  Now, my question is, when this mail is delivered to the Unix system which I use, how does the local software know to deliver it to hfinney? My name does not seem to appear in the header at all. In particular, the "To:" address is not hfinney at shell.portal.com, as I would have expected, but rather cypherpunks at toad.com. I suppose there is some other information that is passed along with the message when it is delivered to portal.com, information which tells my user name. It would be nice if this information were available to scripts which would process the incoming mail. Could someone explain how this delivery process works? Thanks - Hal Finney hfinney at shell.portal.com From pmetzger at lehman.com Thu Oct 21 08:47:56 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 08:47:56 PDT Subject: backing In-Reply-To: <9310210452.AA27343@netcom5.netcom.com> Message-ID: <9310211543.AA22017@snark.lehman.com> Doug Merritt says: > F_GRIFFITH at CCSVAX.SFASU.EDU said: > >Greshams law: "bad money drives out good" > >i.e. where people have a choice (e.g. gold vs greenbacks post Civil > >War), in making payments, they will use the lesser value money and > >keep the higher value. Thus, the lesser value money will circulate, > >the higher value money will not. > > So in essence you're saying that poorly-backed digital currency will > win out over e.g. U.S. dollars? > > That's an interesting concept. A digital currency can be backed by gold held in some secure location like the Zurich Free Transit Warehouse. U.S. Dollars are backed by absolutely nothing other than blind faith in the U.S. Governement. Who's kidding whom? In any case, Gresham's Law applies to situations in which two coins of differing metalic content are both made legal tender -- it doesn't really apply in a general case. Perry From huntting at advtech.uswest.com Thu Oct 21 09:02:47 1993 From: huntting at advtech.uswest.com (Brad Huntting) Date: Thu, 21 Oct 93 09:02:47 PDT Subject: PGP vs PEM discussion Message-ID: <9310211601.AA01949@futureworld.advtech.uswest.com> Perhaps someone on cypherpunks can help with this... To: pem-dev at tis.com Subject: Articulation of PGP point of view? From: "Robert W. Shirey" Date: Thu, 21 Oct 1993 10:54:43 -0500 Is there anyone who has, or is able to, articulate the PGP point of view for public key management and compentently contrast it to the PEM point of view? Is there, perhaps, someone who has written on this subject or spoken publicly in an organized fashion? I am seeking such a person for a presentation and panel discussion at an international conference. I need names ASAP! Please feel free to forward this message to appropriate newsgroups. Regards, -Rob- SHIREY at MITRE.ORG * tel 703.883.7210 * fax 703.883.1397 Robert W. Shirey, The MITRE Corporation, Mail Stop Z202 7525 Colshire Drive, McLean, Virginia 22102-3481 USA From jim at bilbo.suite.com Thu Oct 21 09:12:49 1993 From: jim at bilbo.suite.com (Jim Miller) Date: Thu, 21 Oct 93 09:12:49 PDT Subject: Please add me to mailing list Message-ID: <9310211608.AA28079@bilbo.suite.com> I would like to be added to the cypherpunks mailing list. Thanks, Jim_Miller at suie.com [Sorry for broadcasting this to the entire mailing list, but I don't know of any other address to use.] From pmetzger at lehman.com Thu Oct 21 09:12:57 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 09:12:57 PDT Subject: Mail delivery question In-Reply-To: <9310211532.AA05517@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310211607.AA22056@snark.lehman.com> Hal Finney says: > Now, my question is, when this mail is delivered to the Unix system which > I use, how does the local software know to deliver it to hfinney? My name > does not seem to appear in the header at all. In particular, the "To:" > address is not hfinney at shell.portal.com, as I would have expected, but rather > cypherpunks at toad.com. All mail has two sets of "To" addresses. There is the ENVELOPE address, which you do not see, and the HEADER address, which is mere window dressing. I could have the headers say "To: That Lousy Schmuck" and the mail would still arrive. The envelope and header addresses have to be kept seperated for all sorts of very sound reasons that I could explain happily in private mail. The envelope address is passed around using the "RCPT" command in SMTP and is never contained in the mail message itself. Perry From mg5n+ at andrew.cmu.edu Thu Oct 21 09:32:49 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 21 Oct 93 09:32:49 PDT Subject: crypto technique In-Reply-To: <9310202355.AA25861@flammulated.owlnet.rice.edu> Message-ID: I may have made a math error; I'll double-check it. From mg5n+ at andrew.cmu.edu Thu Oct 21 09:32:56 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 21 Oct 93 09:32:56 PDT Subject: Paper Shredders In-Reply-To: <9310202230.AA16605@snark.lehman.com> Message-ID: <4glfVrG00awJEWsVlT@andrew.cmu.edu> "Perry E. Metzger" : >By the way, the standard method for destroying embassy documents in >case of siezure (not done during the Iran hostage crisis) is >reportedly Thermit grenades. (Thermit would likely reduce a filing >cabinet to slag in moments.) Yup. Actually you don't even need the gernade, you could just store some thermit in the filing cabinet and then ignite it when necessary. It's very stable and very unlikely to ignite by accident. In fact, just dropping a burning match on it usually won't ignite it, usually you need some sort of accelerator to make it explode. Plus, it's easy to make (Iron oxide (rust) + aluminum). From pcw at access.digex.net Thu Oct 21 10:02:48 1993 From: pcw at access.digex.net (Peter Wayner) Date: Thu, 21 Oct 93 10:02:48 PDT Subject: Gold in them thar Bills... Message-ID: <199310211701.AA05024@access.digex.net> Now, I realize that there is something romantic about Swiss bankaccounts, but lets not fool ourselves. Gold in the Zurich Free Transit Warehouse depends on the good graces of the Swiss government. After WWII, the Swiss ended up with a real pile of Nazi gold in their vaults because they had been remaining neutral during all of these years. The US demanded the gold because it won the war. Here is an account from Paul Erdman's _The Swiss Account_, a docudrama about the time period. It is a work of fiction, but the true parts are as true as any history book. He gives footnotes. Where that gold was concerned, even before the war ended, the Allies threatened to maintain an economic boycott on Switzerland unless it was turned over to them. The Swiss government agreed and also promised to relinquish all other German assets in Switzerland, such as bank accounts, once it was determined how much was involved. So no embargo was imposed. This promise was subsequentally reaffirmed in a formal agreement signed in Washington after which the Swiss simply stonewalled. There was no proof, they claimed, that they had received any looted gold from Germany. And as to the Nazi bank deposits, there was no way under Swiss law that private property could be seized. They insisted that the netire matter be turned over to an international court of arbitration... which would have taken years. In the end, the Allies caved in. On August 28, 1952, in return for a lump sum settlement of ninety million dollars, the Allies concented to declare all of the claims against Switzerland arising out of World War II as satisfied. That amount represented no more than five cents on the dollar. The rest was simply kept by the Swiss, although a small amount was eventually given to the Red Cross. Now, as it stands, I really don't think that gold in a Swiss vault is , without question, better than US paper money. I can pay my US taxes in US currency, but I can't eat gold. It's just shiny and neat. It's great if you need to make gold chains and rings, but it's not that great for anything other than electronics. In my computer, the silicon is worth more than the gold. -Pete r From mg5n+ at andrew.cmu.edu Thu Oct 21 10:12:48 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Thu, 21 Oct 93 10:12:48 PDT Subject: Mail delivery question In-Reply-To: <9310211532.AA05517@jobe.shell.portal.com.shell.portal.com> Message-ID: I was pondering the same question awhile ago. After poking around in the system and reading the temporary scratch files that the system created by the mailer, I noticed that the mail was being preceeded by a seperate header packet which was not included in the message. Sending mail to myself caused the system to create two temporary files in the process. One of them was called "SF" and the other was "QF". I don't know what the letters stand for, and this is probably just how CMU does it, other sites may be different. Anyway, in my test mail to myself, the SF file contained: #From || #To |mg5n+ at andrew.cmu.edu| #Auth |26634;andrew.cmu.edu;Matthew J Ghio| and the QF file contained the actual text of the message plus the headers that you see. So the email is actually sent as two seperate packets of data, the headers you see are just there for looks, the actual delivery info is hidden behind-the-scenes. Does anyone else have any description of "standard" methods of handling internet e-mail? From pmetzger at lehman.com Thu Oct 21 10:22:48 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 10:22:48 PDT Subject: Gold in them thar Bills... In-Reply-To: <199310211701.AA05024@access.digex.net> Message-ID: <9310211721.AA22131@snark.lehman.com> Peter Wayner says: > Now, as it stands, I really don't think that gold in a Swiss vault is > , without question, better than US paper money. I can pay my US taxes > in US currency, but I can't eat gold. It's just shiny and neat. It's great > if you need to make gold chains and rings, but it's not that great for > anything other than electronics. In my computer, the silicon is worth > more than the gold. As for "I can't eat gold", you can't eat U.S. Dollars, either. If you need U.S. Dollars, Marks, Pounds, Yen, or anything else, and you have gold, you can simply sell some gold. If you need food, you can buy it with currency purchased with the gold, or can purchase it with the gold directly. As for "in my book, silicon is worth more than gold", I'll happily trade you 100 kilos of silicon for 100 kilos of gold any day you like. Assuming you aren't fibbing, you should take the trade, since the silicon is worth more to you. Of course, you'd be a fool. Silicon is plentiful, and costs pennies the kilo. Gold is not plentiful -- the market value is around $10,000 the kilo. Perry From klbarrus at owlnet.rice.edu Thu Oct 21 10:27:56 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 21 Oct 93 10:27:56 PDT Subject: MATH: factoring, # of bits Message-ID: <9310211724.AA10107@arcadien.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- >First, we need an equation that tell us how difficult it is, in # of >operations, to factor a number of N bits. eg: N_ops(N) = # of >operations it will take. I think the fastest method that anyone admits to, by Odzyklo (spelling?), has an order of magnitude defined by: e^(sqrt(ln(x) ln(ln(x)))) I've been dusting off my Mathematica skills working on the crypto techniques Matt posts :-) so it looks like this in Mathematica: f[x_] := N[Exp[Sqrt[Log[x] Log[Log[x]]]]] x in bits difficulty 200 2.27 E11 384 5.54 E16 <- PGP casual 512 6.69 E19 <- PGP commercial 664 1.18 E23 1000 1.75 E29 1024 4.42 E29 <- PGP military 1500 8.11 E36 2000 3.11 E43 3000 5.49 E54 4000 2.44 E64 6000 7.06 E80 8000 8.99 E94 I don't know how many seconds until the end of the universe, but I think you'll be covered using an 8000 bit key :-) -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMbFXYOA7OpLWtYzAQEwrwP9G60hCktxcj7MwkOV2H7QPQ1+i+j5ceTK DEcj74ZFZdsp1vouMxtsN+zvqkdy1+DTzNUuXusWKhogDLFEPTuASZD3tcFgkoUT Uk0B805mJi/gfiBa7+CBWHgjF0T7NSZe1lTjqfru1u+XeU/7iAq+erU0ojydL/xi tqBAZZg3gEs= =wkBt -----END PGP SIGNATURE----- From pmetzger at lehman.com Thu Oct 21 10:28:00 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 10:28:00 PDT Subject: why an envelope Message-ID: <9310211724.AA02906@kublai.lehman.com> Enough people have asked that I'll explain why envelopes are seperated from headers in mail. Lets say I'm sending mail with the following header To: foo, bar, baz Mail gets stored and forwarded many times during its delivery process on a large internet. If at every stage the only hint the mailer had for delivery was the header address, every mailer along the way would have to generate three copies of the mail in order to guarantee delivery. Kind of nutty, eh? Thats why there is a seperate envelope. When you generate the mail, three seperate copies will be produced with seperate envelopes indicating the mail whould be sent to "foo", "bar", and "baz", and the mailers in between don't look at the headers at all. This is a slight simplification because envelopes can contain multiple addresses -- but thats when you are sending one message to many people via a common path -- the mailer at the last step where the mail can take a common path is expected to break the envelope up before sending it further along. Perry From honey at citi.umich.edu Thu Oct 21 10:42:48 1993 From: honey at citi.umich.edu (peter honeyman) Date: Thu, 21 Oct 93 10:42:48 PDT Subject: Mail delivery question Message-ID: <9310211739.AA29665@toad.com> i think you want to check out rfc 821, which describes smtp. peter From ferguson at icm1.icp.net Thu Oct 21 10:57:56 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Thu, 21 Oct 93 10:57:56 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310211721.AA22131@snark.lehman.com> Message-ID: <9310211858.AA00917@icm1.icp.net> > As for "in my book, silicon is worth more than gold", I'll happily > trade you 100 kilos of silicon for 100 kilos of gold any day you like. > Assuming you aren't fibbing, you should take the trade, since the > silicon is worth more to you. > > Of course, you'd be a fool. Silicon is plentiful, and costs pennies > the kilo. Gold is not plentiful -- the market value is around $10,000 > the kilo. Perry, I think its foolish to refute it simply on a literal basis, but then again, that's just lil' ole me. One could reasonably argue that you simply can't walk into the corner 7-Eleven with a pound of gold and purchase 475 Big Gulps (tm), but then again, there's an advocate for each point of view (ie, Sternlight). I personally like the gold/silicon comparison, if taken from a philosophical viewpoint. Information is arguably the gold of the future, and strong crypto helps broaden the spectrum for each and every one of us. Cheers, _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From mccoy at ccwf.cc.utexas.edu Thu Oct 21 11:17:56 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Thu, 21 Oct 93 11:17:56 PDT Subject: Gold in them thar Bills... In-Reply-To: <199310211701.AA05024@access.digex.net> Message-ID: <199310211813.AA02031@flubber.cc.utexas.edu> Peter Wayner writes: [...] > Now, as it stands, I really don't think that gold in a Swiss vault is > , without question, better than US paper money. Money will always be just paper, but gold will always be gold... jim From tcmay at netcom.com Thu Oct 21 11:18:00 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 21 Oct 93 11:18:00 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310211721.AA22131@snark.lehman.com> Message-ID: <9310211817.AA06108@netcom5.netcom.com> Perry Metzger writes: > As for "in my book, silicon is worth more than gold", I'll happily > trade you 100 kilos of silicon for 100 kilos of gold any day you like. > Assuming you aren't fibbing, you should take the trade, since the > silicon is worth more to you. > > Of course, you'd be a fool. Silicon is plentiful, and costs pennies > the kilo. Gold is not plentiful -- the market value is around $10,000 > the kilo. I suspect what Peter Wayner was referring to was either pure silicon, which is indeed expensive (dollars per gram no longer in my memory bank, alas), or silicon that has been processed into SuperSPARCS, Pentia, and the like. Not raw-out-of-ground silicon (from beach sand and even rice hulls...no lie). A tiny sliver of silicon is much more valuable gram fro gram than gold is. Even a blank wafer of ultrapure silicon may be...I'd have to do some calculations and get some current prices. Be this as it may, electronic money depends on _reputation_, on the expectation that a depositor or payee will get what he thinks he will, whether in gold, in dollars, in francs, in Safeway discount coupons, or in Get Out of Jail Free cards. The stability of the final currency, inflation rates, etc., are orthogonal to the issues of expectation and reputation. That is, when one opens a bank account in dollars or rupees, one worries about the bank returning the dollars or rupees, not the "meta" (and important, but at a different level and time horizon) issues of the ultimate fate of the rupee. In any case, free banking means accounts can be denominated in whatever the market wants...chunks of silicon, gold coins, Xeroxed Slovenian currency, or whatever. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From kinney at ucsu.Colorado.EDU Thu Oct 21 11:22:48 1993 From: kinney at ucsu.Colorado.EDU (W. Kinney) Date: Thu, 21 Oct 93 11:22:48 PDT Subject: Colorado Cypherpunks Message-ID: <199310211818.AA24207@ucsu.Colorado.EDU> Count another Colorado 'punk, Boulder. Writing code (slowly) for the Mac. That pesky thesis keeps getting in the way... -- Will From F_GRIFFITH at CCSVAX.SFASU.EDU Thu Oct 21 11:47:58 1993 From: F_GRIFFITH at CCSVAX.SFASU.EDU (F_GRIFFITH at CCSVAX.SFASU.EDU) Date: Thu, 21 Oct 93 11:47:58 PDT Subject: backing Message-ID: <931021134500.22e25c67@CCSVAX.SFASU.EDU> >workable barter currency? Aug/Sept 93 Mother Earth News has an article "The Ultimate Barter" about "A currency based on time-hours is a boon to a rural community." >poorly-backed digital currency will win out over e.g. U.S. dollars? Depends on legal tender status (see post by Perry). Note too his point that digital currency needn't be poorly backed. However, also note that government issued dollars would circulate in preference to gold backed digital currency issued by someone else according to Greshams law (which was stated in reference to metal coins, but applies to other forms as well). Solution might be to denominate digital currency in something other than $ (e.g. gold grams) & have parallel monetary system develop. From cman at IO.COM Thu Oct 21 12:02:48 1993 From: cman at IO.COM (Douglas Barnes) Date: Thu, 21 Oct 93 12:02:48 PDT Subject: backing In-Reply-To: <9310211543.AA22017@snark.lehman.com> Message-ID: <9310211855.AA09792@illuminati.IO.COM> > > A digital currency can be backed by gold held in some secure location > like the Zurich Free Transit Warehouse. U.S. Dollars are backed by > absolutely nothing other than blind faith in the U.S. Governement. > Who's kidding whom? > Actually, there is still an element of trust involved, that (as a previous poster pointed out) the entity who actually holds your gold won't run off with the gold, or give it to someone else, etc. Still (in the best of all worlds) rather have more solidly-backed currency, but you still have to trust someone at some point. I'd rather have US dollars than gold-backed currency from an even less trustworthy gov't. The important freedom is being able to choose whom and what you trust, without having to slide into a pure barter economy. Also note that I can draw numerous (albeit somewhat outlandish) scenaria involving the depreciation of gold; while it's very, very unlikely, it might pay to be at least moderately diversified. Note what happened to the value of gold and silver in the 16th c. Doug -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From pmetzger at lehman.com Thu Oct 21 12:07:58 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 12:07:58 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310211858.AA00917@icm1.icp.net> Message-ID: <9310211906.AA04954@kublai.lehman.com> Paul Ferguson x2044 says: > One could reasonably argue that you simply can't walk into the > corner 7-Eleven with a pound of gold and purchase 475 Big Gulps (tm), > but then again, there's an advocate for each point of view (ie, > Sternlight). I can take the pound of gold to MTB down the block and have dollars, yen, or anything else I like, within 15 minutes. I can then take those to buy Big Gulps. Perry From nate at rodin.VIS.ColoState.EDU Thu Oct 21 12:12:47 1993 From: nate at rodin.VIS.ColoState.EDU (nate at rodin.VIS.ColoState.EDU) Date: Thu, 21 Oct 93 12:12:47 PDT Subject: Calling all Colorado CypherPunks Message-ID: <9310211907.AA10673@rodin.VIS.ColoState.EDU> I am planning (if it hasn't been done) to start the Colorado branch of the CypherPunks. If you are a CypherPunk interested in this (and live in the vicinity), please send me email, I'll start thinking of things to do, and we can work out where to meet and how often. -nate -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From pmetzger at lehman.com Thu Oct 21 12:12:57 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 12:12:57 PDT Subject: backing In-Reply-To: <931021134500.22e25c67@CCSVAX.SFASU.EDU> Message-ID: <9310211911.AA22179@snark.lehman.com> F_GRIFFITH at ccsvax.sfasu.edu says: > point that digital currency needn't be poorly backed. However, also note > that government issued dollars would circulate in preference to gold > backed digital currency issued by someone else according to Greshams > law (which was stated in reference to metal coins, but applies to > other forms as well). This is not what Gresham's Law says. Gresham's Law is that if there are two kinds of coins that are stated by law to have equal value, the one thats actually worth less because of metal content will be the one that you spend first. It doesn't apply in this instance at all. Perry From Carl_Ellison at vos.stratus.com Thu Oct 21 12:32:48 1993 From: Carl_Ellison at vos.stratus.com (Carl_Ellison at vos.stratus.com) Date: Thu, 21 Oct 93 12:32:48 PDT Subject: (fwd) Articulation of PGP point of view? Message-ID: <199310211931.PAA05363@transfer.stratus.com> >Date: Thu, 21 Oct 1993 10:54:43 -0500 >From: "Robert W. Shirey" >Subject: Articulation of PGP point of view? >Is there anyone who has, or is able to, articulate >the PGP point of view for public key management and >compentently contrast it to the PEM point of view? >Is there, perhaps, someone who has written on this >subject or spoken publicly in an organized fashion? >I am seeking such a person for a presentation and >panel discussion at an international conference. >I need names ASAP! >Please feel free to forward this message to >appropriate newsgroups. >Regards, -Rob- >SHIREY at MITRE.ORG * tel 703.883.7210 * fax 703.883.1397 >Robert W. Shirey, The MITRE Corporation, Mail Stop Z202 >7525 Colshire Drive, McLean, Virginia 22102-3481 USA From chrome at jhunix.hcf.jhu.edu Thu Oct 21 12:38:07 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Thu, 21 Oct 93 12:38:07 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310211817.AA06108@netcom5.netcom.com> Message-ID: > Be this as it may, electronic money depends on _reputation_, on the > expectation that a depositor or payee will get what he thinks he will, > whether in gold, in dollars, in francs, in Safeway discount coupons, > or in Get Out of Jail Free cards. Since the topic of backing seems to go towards gold, what about the purity of the bullion and who (which government) presses it? Gold pressed by the Canadian government at .999 troy oz might not be worth a whole lot as backing if that government collapses tommorow. What's to say it isn't iron pyrite or any similar looking material if the government isn't there to back it? Anything to say on this, Perry? -Alex Reynolds From chrome at jhunix.hcf.jhu.edu Thu Oct 21 12:42:48 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Thu, 21 Oct 93 12:42:48 PDT Subject: backing In-Reply-To: <9310211911.AA22179@snark.lehman.com> Message-ID: > This is not what Gresham's Law says. > > Gresham's Law is that if there are two kinds of coins that are stated > by law to have equal value, the one thats actually worth less because > of metal content will be the one that you spend first. It doesn't > apply in this instance at all. > > Perry I think Gresham's Law applies to authority-influenced currency. I'm trying to get a hold on this quote so hold on. -Alex From strick at osc.versant.com Thu Oct 21 12:42:58 1993 From: strick at osc.versant.com (henry strickland) Date: Thu, 21 Oct 93 12:42:58 PDT Subject: pem-dev requests "Articulation of PGP point of view?" Message-ID: <9310211941.AA04134@osc.versant.com> If someone wants to answer this, it may help the people on the Privacy Enhanced Mailer Developer list add the capability for the web-of-trust model of key distribution. I think this is a chance to preach to the unconverted-but-convertable. Notice one wants a speaker, one merely a posting. Who's articulate? strick Forwarded message: # From pem-dev-request at magellan.TIS.COM Thu Oct 21 08:40:42 1993 # Message-Id: <9310211453.AA22593 at smiley.mitre.org.sit> # X-Sender: shirey at 128.29.140.20 # Mime-Version: 1.0 # Content-Type: text/plain; charset="us-ascii" # Date: Thu, 21 Oct 1993 10:54:43 -0500 # To: pem-dev at tis.com # From: "Robert W. Shirey" # Subject: Articulation of PGP point of view? # # Is there anyone who has, or is able to, articulate # the PGP point of view for public key management and # compentently contrast it to the PEM point of view? # # Is there, perhaps, someone who has written on this # subject or spoken publicly in an organized fashion? # # I am seeking such a person for a presentation and # panel discussion at an international conference. # # I need names ASAP! # # Please feel free to forward this message to # appropriate newsgroups. # # # Regards, -Rob- # SHIREY at MITRE.ORG * tel 703.883.7210 * fax 703.883.1397 # Robert W. Shirey, The MITRE Corporation, Mail Stop Z202 # 7525 Colshire Drive, McLean, Virginia 22102-3481 USA # Forwarded message: # From pem-dev-request at magellan.TIS.COM Thu Oct 21 09:41:29 1993 # Date: Thu, 21 Oct 93 16:27:16 +0100 # From: Ruediger Grimm # Message-Id: <9310211527.AA19289 at ipsi.darmstadt.gmd.de> # To: shirey at mitre.org # Subject: Re: Articulation of PGP point of view? # Cc: pem-dev at tis.com # # > Date: Thu, 21 Oct 1993 10:54:43 -0500 # > To: pem-dev at tis.com # > From: "Robert W. Shirey" # > Subject: Articulation of PGP point of view? # > # > Is there anyone who has, or is able to, articulate # > the PGP point of view for public key management and # > compentently contrast it to the PEM point of view? # > # # How much I would like to read the output of this! # Does such a statement exist? This list is certainly # a thankful forum of interested readers. # # Ruediger # From pmetzger at lehman.com Thu Oct 21 12:47:59 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 12:47:59 PDT Subject: backing In-Reply-To: Message-ID: <9310211942.AA22217@snark.lehman.com> Alexander Reynolds says: > > This is not what Gresham's Law says. > > > > Gresham's Law is that if there are two kinds of coins that are stated > > by law to have equal value, the one thats actually worth less because > > of metal content will be the one that you spend first. It doesn't > > apply in this instance at all. > > > > Perry > > I think Gresham's Law applies to authority-influenced currency. Precisely what I said -- coinage stated BY LAW to ahve a certain value. Perry From hfinney at shell.portal.com Thu Oct 21 12:52:48 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Thu, 21 Oct 93 12:52:48 PDT Subject: backing Message-ID: <9310211952.AA19206@jobe.shell.portal.com.shell.portal.com> Perry wrote: > > A digital currency can be backed by gold held in some secure location > > like the Zurich Free Transit Warehouse. U.S. Dollars are backed by > > absolutely nothing other than blind faith in the U.S. Governement. > > Who's kidding whom? Banks are contractually obligated to turn over mortgage notes in exchange for U.S. dollars. These contracts are valid over approximately 30 years, and provide unencumbered title to valuable property. These and similar contracts may be said to give value to dollars independent of government promises. Hal From tcmay at netcom.com Thu Oct 21 12:52:59 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 21 Oct 93 12:52:59 PDT Subject: CRYPTO + REPUTATIONS = A NEW ERA In-Reply-To: <9310211855.AA09792@illuminati.IO.COM> Message-ID: <9310211950.AA19355@netcom5.netcom.com> Doug Barnes wrote: > Actually, there is still an element of trust involved, that (as a > previous poster pointed out) the entity who actually holds your gold > won't run off with the gold, or give it to someone else, etc. Still > (in the best of all worlds) rather have more solidly-backed currency, > but you still have to trust someone at some point. I'd rather have > US dollars than gold-backed currency from an even less trustworthy gov't. > > The important freedom is being able to choose whom and what you trust, > without having to slide into a pure barter economy. There is _always_ some element of trust involved. Crypto changes this in a subtle way I'll get to later. The Swiss bank that holds "your" gold (or whatever) can in theory tell you "But, Herr Barnes, you of course withdrew your holdings yesterday!" Likewise, your local bookie can refuse to pay you what he owes you (I guess you can threaten to break _his_ legs!), or can claim he already paid "you" the day before. Such "burnings" have always been possible, and yet these systems work and are actually quite stable. That these "trust" systems work is related to tit-for-tat strategies in the iterated Prisoner's Dilemma problem, in expectation of future business, and in the whole related area of _reputations_. Your local bookie pays up because to not pay up would eventually have repercussions for his future business...and he deems his _real_ business is making book, not burning any one customer. Emergent behavior. Spontaneous order. Secret accounts and crypto make the equation even more interesting. Anyone depositing money (dollars, gold, who cares, really) into an account and getting back some form of digital money can: - test the system by redeeming small amounts of the money - actually be a service which makes deposits and then redeems the digital money as a "testing service" (issuing a signed report, for a fee, which reprots on the reliability of banks...all privately done, of course) Digital money is a kind of shell game (with no insult intended to either shell games or digital money). $10,000 converted into, say, 100 separate pieces of digital money issued by many different banks, circulating around and being redeemed and reissued....well, it would be apparent pretty quickly--and word would spread--if the money was not being redeemed. Some percentage of all the digital money "in circulation" will actually be primarily "pinging" money, designed to ping (test) the system. (After a while, expect this to go down.) The beauty is that the untraceability means a bank doesn't know it's being tested by a "pinger" or by another bank, or if the money belows to some "Little Guy" who might otherwise be fair game for a rip-off (putatively, although "Little Guys" are not ripped-off by banks in the current system, either). I've said this before: CRYPTO + DIGITAL REPUTATIONS = A NEW ERA. Crypto researchers like Chaum seem mostly oblivious to the nature of reputations, of escrow services (untraceable, too). and of this whole very natural aspect of transactions. Many of the currently "unsolved" problems with digital money fade away--I contend, and will discuss if there's interest--when the elements of reputation and reputation capital are included. (I can understand the reason cryptologists have for purely mathematical or formal proofs, but the problems now stymieing them with digital coins (e.g., the lack thereof) and the like are solvable by injecting local reptutation considerations.) The ecology of these banks, transfer channels, etc., will be quite interesting to study. I expect fairly robust feedback mechanism will evolve naturally be market forces. Crypto makes a lot of interesting things possible. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From QBOSWT at grace.tstc.edu Thu Oct 21 13:17:58 1993 From: QBOSWT at grace.tstc.edu (QBOSWT at grace.tstc.edu) Date: Thu, 21 Oct 93 13:17:58 PDT Subject: cyphrs Message-ID: <49C90C594D@grace.tstc.edu> Longing to be free. Send info encrypting gov't from privacy. Who r cypherpunks? Why a toad? From pmetzger at lehman.com Thu Oct 21 13:18:01 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 13:18:01 PDT Subject: Gold in them thar Bills... In-Reply-To: Message-ID: <9310212015.AA22256@snark.lehman.com> Alexander Reynolds says: > Since the topic of backing seems to go towards gold, what about > the purity of the bullion and who (which government) presses it? Gold > pressed by the Canadian government at .999 troy oz might not be worth a > whole lot as backing if that government collapses tommorow. Pardon, but what does the purity of the gold have to do with who mints it? > What's to say it isn't iron pyrite or any similar looking > material if the government isn't there to back it? Have you ever heard of doing an assay? Perry From pmetzger at lehman.com Thu Oct 21 13:22:49 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 13:22:49 PDT Subject: backing In-Reply-To: <9310211952.AA19206@jobe.shell.portal.com.shell.portal.com> Message-ID: <9310212018.AA22264@snark.lehman.com> Hal Finney says: > Perry wrote: > > > A digital currency can be backed by gold held in some secure location > > > like the Zurich Free Transit Warehouse. U.S. Dollars are backed by > > > absolutely nothing other than blind faith in the U.S. Governement. > > > Who's kidding whom? > > Banks are contractually obligated to turn over mortgage notes in exchange > for U.S. dollars. These contracts are valid over approximately 30 > years, and provide unencumbered title to valuable property. These and > similar contracts may be said to give value to dollars independent of > government promises. The mortgage contracts are not equivalent to the property -- in particular, the property can rise rapidly in dollar denominated value while the mortgage notes become worthless in a hyperinflation situation. Perry From ptrei at bistromath.mitre.org Thu Oct 21 13:32:48 1993 From: ptrei at bistromath.mitre.org (Peter G. Trei) Date: Thu, 21 Oct 93 13:32:48 PDT Subject: Articulation of PGP point of view? Message-ID: <9310212029.AA12164@bistromath.mitre.org> Robert W. Shirey writes: >Date: Thu, 21 Oct 1993 10:54:43 -0500 >From: "Robert W. Shirey" >Is there anyone who has, or is able to, articulate the PGP point of >view for public key management and compentently contrast it to the PEM >point of view? >Is there, perhaps, someone who has written on this subject or spoken >publicly in an organized fashion? >I am seeking such a person for a presentation and panel discussion at >an international conference. >I need names ASAP! >Please feel free to forward this message to appropriate newsgroups. >Regards, -Rob- >SHIREY at MITRE.ORG * tel 703.883.7210 * fax 703.883.1397 >Robert W. Shirey, The MITRE Corporation, Mail Stop Z202 >7525 Colshire Drive, McLean, Virginia 22102-3481 USA I talked to Rob about this. What he's really looking for is not really so much a spokesman for the PGP vs "Big Brother" type of discussion, but rather someone who can discuss PGP key management issues from a technical standpoint. He'd really like to find someone who has dealt with managing a PGP key-server, thoroughly understands the "web of trust" model used in PGP (contrasting it to the certification authority hierarchy used in PEM) and is a good and articulate public speaker. Being partisan for PGP is fine, but you'd better be able to argue from a technical standpoint, not just an ideological one. Peter Trei ptrei at mitre.org From hsuutala at fmdmfg2.intel.com Thu Oct 21 13:37:58 1993 From: hsuutala at fmdmfg2.intel.com (Howard Suutala - ICD) Date: Thu, 21 Oct 93 13:37:58 PDT Subject: Gold in them thar Bills... Message-ID: <9310212036.AA25191@tdws22> writes pmetzger at lehman.com (Perry E. Metzger) >I can take the pound of gold to MTB down the block and have dollars, >yen, or anything else I like, within 15 minutes. I can then take those >to buy Big Gulps. >Perry Yes, as long it was been minted in a recognized form i.e. a gold eagle, a panda, or gold peso. A gob of yellow shinny stuff is just that until it has been assayed, and then it is only as good as the backing or reputation of the assayer. Howard My opinion and mine alone, not the companies.........not by a long shot. Howard Suutala | Intel Connectivity Division Intel Corporation | m/s fm4-26 | 1900 Prarie City Road | Folsom | CA | 95630 [v] 916.356.4412 | [f] 916.356.3455 | [email] hsuutala at fmdmfg2.intel.com From mccoy at ccwf.cc.utexas.edu Thu Oct 21 13:47:58 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Thu, 21 Oct 93 13:47:58 PDT Subject: Gold in them thar Bills... In-Reply-To: Message-ID: <199310212043.AA02256@flubber.cc.utexas.edu> Alexander Reynolds writes > > Since the topic of backing seems to go towards gold, what about > the purity of the bullion and who (which government) presses it? Gold > pressed by the Canadian government at .999 troy oz might not be worth a > whole lot as backing if that government collapses tommorow. Gold is gold. As a jewelers son I can assure you that it is quite easy with a touchstone and a few chemicals to assay the gold. This is what makes gold such an easily convertable currency, you can easily determine the purity and weight of the bullion. I have seen coins pressed by the 17th century spanish empire (from the Atocha, mostly silver, but a few of the gold ones as well) that one could still negotiate today. The value of the coin or bullion is not that it has the backing of a particular government, it comes from the material used. This very fact is what distinguishes gold and other scare materials from paper currency. If the U.S. government collapses your dollars are going to be just paper, but your gold coins will always be gold and can always be used for negotiation. This is why gold increases in value as governments and economies become unstable (e.g. the recent problems in Russia caused a slight increase in the price of gold as more people bought it, just in case...) because it will always have a value regardless of which government happened to package it. In fact, it need not even be packaged/minted by a government; I could just as easily melt down some jewelry and package it as bullion myself and anyone else who I wish to negotiate my gold with could easily verify the weight and purity of the gold themselves. jim From nowhere at bsu-cs.bsu.edu Thu Oct 21 13:57:59 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Thu, 21 Oct 93 13:57:59 PDT Subject: Eavedropping techniques revealed! Message-ID: <9310212059.AA08477@bsu-cs.bsu.edu> Darn! They publicized a great spoof! excerpted: CA-93:15 CERT Advisory October 21, 1993 /usr/lib/sendmail, /bin/tar, and /dev/audio Vulnerabilities The CERT Coordination Center has learned of several vulnerabilities affecting Sun Microsystems, Inc. (Sun) operating systems. Three separate vulnerabilities are described in this advisory. The first and third vulnerabilities affect all versions of SunOS 4.1.x and all versions of Solaris 2.x. The second affects all systems running any version of Solaris 2.x (but does not affect SunOS 4.1.x systems). Patches can be obtained from local Sun Answer Centers worldwide as well as through anonymous FTP from the ftp.uu.net (192.48.96.9) system in the /systems/sun/sun-dist directory. In Europe, these patches are available from ftp.eu.net in the /sun/fixes directory. Information concerning specific patches is outlined below. Please note that Sun sometimes updates patch files. If you find that the checksum is different, please contact Sun. [...] III. /dev/audio Vulnerability This vulnerability affects all Sun systems with microphones. This includes all versions of SunOS 4.1.x including 4.1.1, 4.1.2, 4.1.3, 4.1.3c, and all versions of Solaris 2.x including Solaris 2.1 (SunOS 5.1) and Solaris 2.2 (SunOS 5.2). Sun is addressing this problem in Solaris 2.3. A. Description /dev/audio is set to a default mode of 666. There is also no indication to the user of the system that the microphone is on. B. Impact Any user with access to the system can eavesdrop on conversations held in the vicinity of the microphone. C. Solution To prevent unauthorized listening with the microphone, the permissions of the audio data device (/dev/audio) should allow only the user logged in on the console of the machine to read /dev/audio. To prevent unauthorized changes in playback and record settings, the permissions on /dev/audioctl should be similarly changed. *** Any site seriously concerned about the security risks associated with the microphone should either switch off the microphone, or unplug the microphone to prevent unauthorized listening. *** 1. Restricting access on 4.x systems Use fbtab(5) to restrict the access to these devices. See the man page for more information about this procedure. 2. Restricting access on Solaris 2.x systems To restrict access to these devices to a specific users, the permissions on the device files must be manually changed. As root: # chmod 600 /dev/audio # chown . /dev/audio # chmod 600 /dev/audioctl # chown . /dev/audio From chrome at jhunix.hcf.jhu.edu Thu Oct 21 14:18:00 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Thu, 21 Oct 93 14:18:00 PDT Subject: backing In-Reply-To: <9310211942.AA22217@snark.lehman.com> Message-ID: > Precisely what I said -- coinage stated BY LAW to ahve a certain value. Ok, fine. I'm listing the quote to add further detail to the topic: "Gresham's Law, like most of the 'laws' taught in State-supported public schools, is not quite true (at least, not in the form in which it is usually taught). 'Bad money drives out good' holds only in authoritarian societies, not in libertarian societies. (Gresham was clear-minded enough to state explicitly that he was only describing authoritarian societies; his formulation of his own 'Law' begins with the words 'If the king issueth two moneys . . .,' thereby implying that the State must exist if the 'Law' is to operate.)" -The Illuminatus! Trilogy Leviathan, pg. 766 Shea and Wilson -Alex From F_GRIFFITH at CCSVAX.SFASU.EDU Thu Oct 21 14:22:49 1993 From: F_GRIFFITH at CCSVAX.SFASU.EDU (F_GRIFFITH at CCSVAX.SFASU.EDU) Date: Thu, 21 Oct 93 14:22:49 PDT Subject: 700 Club etc. Message-ID: <931021162143.22e266bc@CCSVAX.SFASU.EDU> This is another thread only slightly related to cypherpunks. I find the paranoid reaction to the "Religious Right" strange. Perhaps it is based on relying on the establishment media for a picture of it. Would you rely on such media to give you an accurate picture of what the government is doing with cryptography or of teh need for gun control? The media picture of the Religious Right is just as distorted. The right to encryption and the "right" to abortion don't have the same basis - encryption kills no one. From chrome at jhunix.hcf.jhu.edu Thu Oct 21 14:22:59 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Thu, 21 Oct 93 14:22:59 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310212015.AA22256@snark.lehman.com> Message-ID: > > Since the topic of backing seems to go towards gold, what about > > the purity of the bullion and who (which government) presses it? Gold > > pressed by the Canadian government at .999 troy oz might not be worth a > > whole lot as backing if that government collapses tommorow. > > Pardon, but what does the purity of the gold have to do with who mints it? My parents used to live in Canada and purchased some gold there; I was using Canada merely as an example. But the question of how the reputation of a country might effect the reputation of its gold reserves stands. > > What's to say it isn't iron pyrite or any similar looking > > material if the government isn't there to back it? > > Have you ever heard of doing an assay? Yes, but that would be at the expense of the owner, and if it looks like gold, feels heavy in the hand like gold, and if it has the word Canada and the number .999 stamped on it, then people (bankers) might take it at face value (or might not, depending on the stability of that country). From tcmay at netcom.com Thu Oct 21 14:27:59 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 21 Oct 93 14:27:59 PDT Subject: Voice Escrow System In-Reply-To: <9310212059.AA08477@bsu-cs.bsu.edu> Message-ID: <9310212124.AA05911@netcom5.netcom.com> > Darn! They publicized a great spoof! No, what CERT did was to illegally reveal a technique developed by law enforcement, for the "LEAF" field (Law Enforcement Audio Field): > The CERT Coordination Center has learned of several vulnerabilities > affecting Sun Microsystems, Inc. (Sun) operating systems. Three ... > III. /dev/audio Vulnerability > > This vulnerability affects all Sun systems with microphones. This > includes all versions of SunOS 4.1.x including 4.1.1, 4.1.2, 4.1.3, ... > A. Description > > /dev/audio is set to a default mode of 666. There is also no > indication to the user of the system that the microphone is on. > > B. Impact > > Any user with access to the system can eavesdrop on conversations > held in the vicinity of the microphone. This was all built-in to SunOS as part of the "Voice Escrow System." RCA developed the special "Nipper" chip for the audio portion, DEC handle the file transfer part with the "Pipper" chip, The Navy did their part with the "Flipper" chip, and the whole thing was overseen oby the Reagan Administration as the "Gipper Program." Currently the "Data Superhighway" version is being supervised by Al Gore and his wife, hence the "Tipper" chip. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From m5 at vail.tivoli.com Thu Oct 21 14:48:00 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Thu, 21 Oct 93 14:48:00 PDT Subject: 700 Club etc. In-Reply-To: <931021162143.22e266bc@CCSVAX.SFASU.EDU> Message-ID: <9310212146.AA05688@vail.tivoli.com> F_GRIFFITH at CCSVAX.SFASU.EDU writes: > The right to encryption and the "right" to abortion don't have the same > basis - encryption kills no one. Yahooo!!!!! An abortion debate on cypherpunks! Thank Allah it isn't one of those gun nuts or somebody idiotic enough to deny the obvious truth of Velikovsky's work :-) -- Mike McNally From lefty at apple.com Thu Oct 21 14:52:48 1993 From: lefty at apple.com (Lefty) Date: Thu, 21 Oct 93 14:52:48 PDT Subject: Gold in them thar Bills... Message-ID: <9310212144.AA18923@internal.apple.com> >> Have you ever heard of doing an assay? > >Yes, but that would be at the expense of the owner, and if it looks like >gold, feels heavy in the hand like gold, and if it has the word Canada and >the number .999 stamped on it, then people (bankers) might take it at face >value (or might not, depending on the stability of that country). The "expense" of doing an assay is minimal. As another poster has pointed out, assaying is essentially trivial, given the right materials. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From plaz at netcom.com Thu Oct 21 15:12:52 1993 From: plaz at netcom.com (Geoff Dale) Date: Thu, 21 Oct 93 15:12:52 PDT Subject: Metaverse info (was: Introducing digital cash in a MOO) Message-ID: <9310212212.AA00583@netcom.netcom.com> >can you send me info on how to gain access to metaverse? I've had a couple of requests to this effect. I originally tried to keep it off the list, but have decided that by sending business thier way I was actually contributing to one of the few digital cash startups in existance. Illuminatus wizards feel free to correct any mistakes. you can access the metaverse via: 'telnet metaverse.io.com 7777' That is domain name: metaverse.io.com port: 7777. To login, type as instructed: 'connect guest' At this point you can browse around with one of the pre-made characters. To get your own character, you'll have to sign up for an account @io.com. You can do this by: 'telnet io.com' ...and following instructions. Have a credit card ready. The base fees are $10/month for telnet access only. Other structures are available. Once you have an account, send mail to mentor at io.com from your io.com account with character name and password. You can find me in the 'verse as PlasticBeethoven. I am currently setting up a branch office of the Extropians Institute (Freegate Virtual Branch). Feel free to drop by and offer encouragement/suggestions/criticisms. ('go to ExI' will get you there.) Forward, upward, outward, onward, and every which way but loose! _______________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- plaz at netcom.com "We are the shock troops of reality." - Voice of the Friends (Wild Palms) From peb at PROCASE.COM Thu Oct 21 15:18:05 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Thu, 21 Oct 93 15:18:05 PDT Subject: Eavedropping techniques revealed! Message-ID: <9310212214.AA04188@banff.procase.com> >/dev/audio is set to a default mode of 666 NeXT had the same problem; a few years ago users eavesdropped over the Internet. The next release of the NeXT OS plugged the hole by limiting access to whoever was logged into the console. Paul E. Baclace peb at procase.com From djw at eff.org Thu Oct 21 15:22:54 1993 From: djw at eff.org (Daniel J. Weitzner) Date: Thu, 21 Oct 93 15:22:54 PDT Subject: 700 Club etc. Message-ID: <199310212221.AA27169@eff.org> At 4:21 PM 10/21/93 -0500, F_GRIFFITH at CCSVAX.SFASU.EDU wrote: >The right to encryption and the "right" to abortion don't have the same >basis - encryption kills no one. I'm not sure that the FBI would agree with the second half of your statement... ................................................................... Daniel J. Weitzner, Senior Staff Counsel Electronic Frontier Foundation 1001 G St, NW Suite 950 East Washington, DC 20001 202-347-5400 (v) 202-393-5509 (f) From mimir at u.washington.edu Thu Oct 21 15:32:53 1993 From: mimir at u.washington.edu (Grendel Grettisson) Date: Thu, 21 Oct 93 15:32:53 PDT Subject: 700 Club etc. In-Reply-To: <931021162143.22e266bc@CCSVAX.SFASU.EDU> Message-ID: On Thu, 21 Oct 1993 F_GRIFFITH at CCSVAX.SFASU.EDU wrote: > I find the paranoid reaction to the "Religious Right" strange. Perhaps > it is based on relying on the establishment media for a picture of it. > Would you rely on such media to give you an accurate picture of what > the government is doing with cryptography or of teh need for gun control? > The media picture of the Religious Right is just as distorted. > > The right to encryption and the "right" to abortion don't have the same > basis - encryption kills no one. They are both based on the right of the individual to choose. From pmetzger at lehman.com Thu Oct 21 15:33:04 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Thu, 21 Oct 93 15:33:04 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310212036.AA25191@tdws22> Message-ID: <9310212228.AA22319@snark.lehman.com> Howard Suutala - ICD says: > > writes pmetzger at lehman.com (Perry E. Metzger) > > >I can take the pound of gold to MTB down the block and have dollars, > >yen, or anything else I like, within 15 minutes. I can then take those > >to buy Big Gulps. > > >Perry > > Yes, as long it was been minted in a recognized form i.e. a gold eagle, > a panda, or gold peso. Of course. I will point out, by the way, that a Credit Suisse ingot will do just as well for you. Its also fairly easy to determine if you are dealing with nearly pure gold or not. Perry From chrome at jhunix.hcf.jhu.edu Thu Oct 21 15:42:53 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Thu, 21 Oct 93 15:42:53 PDT Subject: 700 Club etc. In-Reply-To: <931021162143.22e266bc@CCSVAX.SFASU.EDU> Message-ID: > This is another thread only slightly related to cypherpunks. Well go to some other forum, we don't need your kind around here. > I find the paranoid reaction to the "Religious Right" strange. Perhaps > it is based on relying on the establishment media for a picture of it. Someone against the "religious right" would probably say they (those in that group) are brainwashed. Those in the "religious right" would say they (anti-religion) are possessed. (other readers: please don't try to debate this, ok? I lived in a very religious town in Texas, so I know how they feel.) > Would you rely on such media to give you an accurate picture of what > the government is doing with cryptography or of the need for gun control? > The media picture of the Religious Right is just as distorted. The axiom of Mass Media follows: "Print, Show, Or Speak What Will Bring In The Money." Most folks get kicks out of watching cults like the RR getting the bum rush, like most folks enjoy watching the accident scene. The Media plays no ideological favorites, it just gives the hungry masses what they want. > The right to encryption and the "right" to abortion don't have the same > basis - encryption kills no one. I disagree here (a lot is done in the name of national security/encryption which threatens innocent lives), but even I won't diverge this far from the intent of the cypherpunks forum to debate this. If you do want to carry this further, please drop me a line directly. -Alex Reynolds (chrome at jhunix.hcf.jhu.edu) From XXCLARK at indst.indstate.edu Thu Oct 21 15:43:04 1993 From: XXCLARK at indst.indstate.edu (XXCLARK at indst.indstate.edu) Date: Thu, 21 Oct 93 15:43:04 PDT Subject: Canon copiers Message-ID: <9310212239.AA04736@toad.com> Called a Canon copier dealer today. Here's what he said regarding the copying of currency [only after my convincing him I was not inter- ested in a career in funny money]: All Canon color copiers have _always_ marked their output with the serial number of the machine on which they were produced. [I failed to ask about non-color copiers.] He mentioned, specifically, currency, photographs and food stamps as examples of copied items from which the serial number could be recovered by Canon. Canon color laser copiers CL-300 and CL-500, not currently being produced, but still available, do _not_ have the anti-currency device included. They _do_, he said, place the machine serial number in copies made. Canon color laser copiers CL-350 and CL-550 _do_ have the anti- currency device included, which he said is a black box to local repair- men. He continued to say that not only would these models, when given currency to copy, produce only a black rectangle, but also: - store a copy of what one had attempted to copy in memory, and; - lock the machine in such a manner that only someone from the Canon factory "might" be able to render the machine useable. These machines also place the machine serial number in copies it allows to be made, he said. Only on the last item did his answer seem uncertain. His first response was that "the machine would be virtually destroyed." Anyone want to test this for us? He _did_ suggest which Canon copier would do a good job copying currency. I still haven't found the trade mag in which I originally read this...  From kone at COURIER1.SHA.CORNELL.EDU Thu Oct 21 16:08:04 1993 From: kone at COURIER1.SHA.CORNELL.EDU (kone at COURIER1.SHA.CORNELL.EDU) Date: Thu, 21 Oct 93 16:08:04 PDT Subject: Digital cash Message-ID: <2CC73FD0@COURIER1.SHA.CORNELL.EDU> While looking for a copy of Gresham's law, I ran accross William Brough's book "Open mints and Free Banking". On page 35 he writes "The more efficent money will always drive from circulation the less efficient if the individuals who handel money are left free to act in their own interest. It is only when bad money is endorsed by the State with the proprty of legal tender that it can drive good money from circulation." I think that as a few of the bugs are worked out of digital cash, in a free market, it would quickly drive out paper. Kone at courier1.sha.cornell.edu From peb at PROCASE.COM Thu Oct 21 16:28:05 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Thu, 21 Oct 93 16:28:05 PDT Subject: Canon copiers Message-ID: <9310212323.AA04196@banff.procase.com> > response was that "the machine would be virtually destroyed." > Anyone want to test this for us? Stand back, the thermite grenade in the black box could be hot. ;^) I'd like to know how they put the serial number into the copy. Paul E. Baclace peb at procase.com From msattler at netcom.com Thu Oct 21 16:42:54 1993 From: msattler at netcom.com (Michael Sattler) Date: Thu, 21 Oct 93 16:42:54 PDT Subject: Gold in them thar Bills... Message-ID: <9310212340.AA13692@netcom.netcom.com> >writes pmetzger at lehman.com (Perry E. Metzger) > >>I can take the pound of gold to MTB down the block and have dollars, >>yen, or anything else I like, within 15 minutes. I can then take those >>to buy Big Gulps. > >writes hsuutala at fmdmfg2.intel.com (Howard Suutala - ICD) > >Yes, as long it was been minted in a recognized form i.e. a gold eagle, >a panda, or gold peso. A gob of yellow shinny stuff is just that until >it has been assayed, and then it is only as good as the backing or >reputation of the assayer. Isn't that just part of the recognition process, like "is this bill a real one, let me look..." ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 621-2903 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From sswift at falcon.lhup.edu Thu Oct 21 16:52:53 1993 From: sswift at falcon.lhup.edu (Sean M. Swift) Date: Thu, 21 Oct 93 16:52:53 PDT Subject: Regarding serializing photo copies..... Message-ID: <9310212351.AA46885@falcon.lhup.edu> Why do they not just watermark every sheet of paper in a specific way that identifies it with which lot, from which manufacturer that it came from? Might as well take paranoia to an extreme..... Sean Swift sswift at falcon.lhup.edu From grand-central!amix!chip Thu Oct 21 16:53:06 1993 From: grand-central!amix!chip (Chip Morningstar -- "Software Without Moving Parts") Date: Thu, 21 Oct 93 16:53:06 PDT Subject: CRYPTO + REPUTATIONS = A NEW ERA Message-ID: <9310212319.AA10591@amix> Tim May wrote: >Some percentage of all the digital money "in circulation" will >actually be primarily "pinging" money, designed to ping (test) the >system. (After a while, expect this to go down.) The beauty is that Maybe this is what my mom was talking about when she told me she was saving her ping money. Or something like that. -- ------------------------------------------------------------------------------- | Chip Morningstar |"Going into VR is like | | Electric Communities | wearing a pair of rented | | 3339 Kipling, Palo Alto, CA 94306 | bowling shoes on your face." | | 415-856-1130 | -- Doug Crockford | | chip at netcom.com or chip at amix.com | | ------------------------------------------------------------------------------ From kinney at ucsu.Colorado.EDU Thu Oct 21 17:02:53 1993 From: kinney at ucsu.Colorado.EDU (W. Kinney) Date: Thu, 21 Oct 93 17:02:53 PDT Subject: !#??@%&&!!!! it! Message-ID: <199310212359.AA14673@ucsu.Colorado.EDU> ...and if somebody can kindly inform me how I can get my name in the "From" line on my postings instead of "To cypherpunks at ..." I'll name my firstborn child "Diffie-Hellmann Kinney". (I use elm). -- Will From lefty at apple.com Thu Oct 21 17:13:10 1993 From: lefty at apple.com (Lefty) Date: Thu, 21 Oct 93 17:13:10 PDT Subject: Regarding serializing photo copies..... Message-ID: <9310220012.AA21631@internal.apple.com> Sean Swift suggests: > >Why do they not just watermark every sheet of paper in a specific way that >identifies it with which lot, from which manufacturer that it came from? First off, who are "they"? Second, how are "they" going to make people buy paper _with_ watermarks that's twice as expensive? Third, how will "they" keep paper manufacturers from producing cheaper paper without watermarks to satisfy demand? >Might as well take paranoia to an extreme..... Taking _something_ to an extreme, anyway. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From trebor at foretune.co.jp Thu Oct 21 18:58:04 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Thu, 21 Oct 93 18:58:04 PDT Subject: Canon copiers In-Reply-To: <9310212323.AA04196@banff.procase.com> Message-ID: <9310220156.AA27328@dink.foretune.co.jp> Paul writes: >I'd like to know how they put the serial number into the copy. Most likely by modulating the Least Significant Bit of the color intensity in some (or all) color-filled areas of the image. A set of sync-bits, serial number, and some more sync bits. Repeat every line, shifted by 1 bit, and you'll get a pattern that is hard to differentiate from the background unless you _know_ what to look for. I wouldn't be surprised if there isn't a time and date stamp as well, plus batch # info. From an41418 at anon.penet.fi Thu Oct 21 19:02:53 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 21 Oct 93 19:02:53 PDT Subject: Sharing a secret Message-ID: <9310220202.AA19936@anon.penet.fi> I posed a newbie question a while ago that resulted in a great summary of how detecting double spending in Chaum's paper works. Not only do I understand it now, but I'vee seen that explanation distributed on other mailing lists at my institution by others who read cypherpunks. Here's another question that most of you know the answer to, but the rest of us would greatly benefit from a simple, detailed expanation. In fact, if we get some more great summaries that are simplified the way the digital cash solution was simplified, we could produce an excellent FAQ. I am keeping these with plans to make such a document available (though a FAQ is probably not the form it will take). I know that there is a way to have a key, K, divided into n parts such that any i of them are needed to recunstruct K. The property holds that no i-1 parts are sufficient, and ANY i parts will do. How does this work exactly? Is it really the case that no i-1 parts give information? Is there a way to cheat? A good explanation would be great. BTW, many of you are exposing your anonymous ID's to me when you reply to my posts. If you are concerned with keeping your anonymous identity, you have to be careful. One more thing - I posted something yesterday that took about 12 hours from the time I posted it to Finland until it appeared on Cypherpunks. I think this is because Julf's remailer is a bit overloaded. Due to this, my post (about burning instead of shredding) arrived after 3 other people had posted the same idea. Please pardon such posts. The delay would make it appear that one is not following the list, but I can think of no way around it. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From dsinclai at acs.ucalgary.ca Thu Oct 21 20:02:53 1993 From: dsinclai at acs.ucalgary.ca (Douglas Sinclair) Date: Thu, 21 Oct 93 20:02:53 PDT Subject: DC-nets Message-ID: <9310220259.AA31438@acs1.acs.ucalgary.ca> Can anyone point me to a detailed description of the dining cryptographers' protocol? I've had some thoughts on how to modify it, and I want to know if I'm just re-inventing the wheel. Please reply via e-mail. Thanks. -- PGP 2.3a Key by finger From tcmay at netcom.com Thu Oct 21 21:32:53 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 21 Oct 93 21:32:53 PDT Subject: An Intro to DC-Nets Message-ID: <9310220432.AA18653@netcom.netcom.com> Douglas Sinclair asks about DC-Nets. I'm not sure if he's read the Chaum paper yet, but in any case there are probably others who would profit from seeing some introductory material on DC-Nets. Several folks are looking into this, including Henry Strickland (Strick) and several folks in the Austin group. Several others have tried to get something going in the past (Yanek Martinson, Marc Ringuette, etc.), but so far no one has produced a working DC-Net. I don't know if even Chaum has, and the several papers (Jurgen Bos, Pfaltzman, etc.) indicate the theory needs more work (especially on disruption by malicious attackers). Anyway, here's what Doug asked: >Can anyone point me to a detailed description >of the dining cryptographers' protocol? I've >had some thoughts on how to modify it, and I >want to know if I'm just re-inventing the >wheel. Please reply via e-mail. Thanks. >-- >PGP 2.3a Key by finger So here's an essay, a rather informal essay, I've posted a couple of times. As the essay notes, a full copy of the 1988 paper by David Chaum was also posted to the list by The Information Liberation Front. If there's interest in DC-Nets this time around, perhaps one of us who kept copies of it can post it again. Enjoy it! It is truly an astounding concept. Simple, too, once you get the idea. -Tim Date: Tue, 23 Feb 93 10:08:34 -0800 To: cypherpunks at toad.com From: tcmay at netcom.com (Timothy C. May) Subject: Dining Cryptographers Nets--An Introduction Nickey MacDonald writes: >Also, I have seen a number of references to DC nets... I must confess I >have never heard of the term before... can someone enlighten me? Here's a summary of the "dining cryptographers net" I wrote back in the pre-Cypherpunks days (which I later posted to the nascent Cypherpunks list). I'm posting it here because of the question just asked, thinking that others may be similary confused. (A "Glossary" also exists, and is in the "soda" archive site.) (I could apologize for the volume, but cyherpunks ought to be able to handle a few measly kilobytes of stuff. Besides, at least this won't go out multiple times to the list!) Understand that DC-Nets are further off in the future than the Cypherpunks-PAX-PENET-style remailers being discussed these last few months. Chaum-style mixes, based on his 1981 CACM letter, have yet to be implemented, let alone the more advanced DC-Net-style systems. Hal Finney, Marc Ringuette, and Yanek Martinson are some of the folks on this list who are interested in working on DC-Nets....Yanek even claims to have a primitive one running on his local machine and is interested in volunteers to test it on a larger basis. The "Information Liberation Front" also posted Chaum's entire 1988 paper, "The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability." I suppose you could ask them to repost the article or forward it to you. Hope the newcomers enjoy this. To: Extropians at gnu.ai.mit.edu From: uunet!netcom.com!tcmay (Timothy C. May) Subject: Dining Cryptographers Date: Tue, 18 Aug 92 15:45:34 PDT Reply-To: uunet!gnu.ai.mit.edu!Extropians Marc R. has opened the door for me to get into some really exciting stuff: > > Tim May mentioned a new method from Chaum for defeating traffic analysis: > > > Chaum has since improved the tamper-responding "mix" by going to a pure > > software scheme which he calls "the Dining Cryptographers Protocol." It's > > described in Vol. 1, Number 1 of "Journal of Cryptology," 1988. If there's > > interest, I'll summarize it. > > Yes, please, Tim! > > > M. Complexity Warning: This stuff (I'm being informal) is easy once you get the basic idea. But getting the basic idea usually involves reading several articles on what RSA, digital signatures, etc., are all about, working out some examples, thinking about it, drawing pictures with other folks, and finally having an "Aha!" experience (in Werner Erhard's terms, you "get it"). The ASCII nature of the Net is not conducive to learning this stuff, despite the excellent summaries of crypto by Marc R. and Perry M. The almost-latest "Scientific American," August, has an article by David Chaum on digital money, and the latest "Spectrum," available at selected newstands, has several articles on security and cryptography. Also, there are lots of books. Look 'em up in a university library or flip through them at a large technical bookstore and pick the one you like the most. (I like a slim Springer-Verlag paperback, "Modern Cryptology," by Gilles Brassard, 1988, as a good intro to "modern"--as opposed to "classical"--crypto.) If the stuff in this posting, and on crypto in general, is beyond your current understanding, either ignore it, skim it and try to get the gist, or dig into the articles and books. Anyway, back to "The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability," David Chaum, Journal of Cryptology, I, 1, 1988. Since this journal is hard to get, I'll discuss the article in some detail. (The techniques have major implications for anarchocapitalism and for Extropian ideas.) Abstract: "Keeping confidential who sends which messages, in a world where any physical transmission can be traced to its origin, seems impossible. The solution presented here is unconditionally or cryptographically secure, depending on whether it is based on one-time-use keys or on public keys. respectively. It can be adapted to address efficiently a wide variety of practical considerations." A word on terminology: "Unconditionally secure" means what it says: no computer will ever crack it. One-time pads are unconditionally secure...no code or cipher is involved, except the one-time pad, so the message is secure as long as the pad has not been compromised. "Cryptographically secure" means secure so long as various crypto ciphers are secure, which may be for a very, very long time (e.g., with very large primes, in RSA). Chaum describes some "dining cryptographers," which I will playfully change to "dining Extropians." (The term is of course a variant of the seminal "dining logicians problem" in computer science) Three Extropians are having dinner, perhaps in New York City. Their waiter tells them that their bill has already been paid, either by the NSA or by one of them. The waiter won't say more. The Extropians wish to know whether one of them paid, or the NSA paid. But they don't want to be impolite and force the Extropina payer to 'fess up, so they carry out this protocol (or procedure): Each Extropian flips a fair coin behind a menu placed upright between himself and the Extropian on his right. The coin is visible to himself AND to the Extropian on his left. Each Extropian can see his own coin and the coin to his right. STOP RIGHT HERE! Please take the time to make a sketch of the situation I've described. If you lost it here, all that follows will be a blur. I'm sparing you folks my attempt at an ASCII drawing! Each Extropians then states out loud whether the two coins he can see are the SAME or are DIFFERENT, e.g., "Heads-Tails" means DIFFERENT, and so forth. For now, assume the Extropians are truthful. A little bit of thinking shows that the total number of "DIFFERENCES" must be either 0 (the coins all came up the same), or 2. Odd parity is impossible. Now the Extropians agree that if one of them paid, he or she will SAY THE OPPOSITE of what they actually see. Remember, they don't announce what their coin turned up as, only whether it was the same or different as their neighbor. Suppose none of them paid, i.e., the NSA paid. Then they all report the truth and the parity is even (either 0 or 2 differences). They then know the NSA paid. Suppose one of them paid the bill. He reports the opposite of what he actually sees, and the parity is suddenly odd. That is, there is 1 difference reported. The Extropians now know that one of them paid. But can they determine which one? Suppose you are one of the Extropians and you know you didn't pay. One of the other two did. You either reported SAME or DIFFERENT, based on what your neighbor to the right (whose coin you can see) had. But you can't tell which of the other two is lying! (You can see you right-hand neighbor's coin, but you can't see the coin he sees to his right!) This all generalizes to any number of people. If none of them paid, the parity is even. If one of them paid, the parity is odd. But which one of them paid cannot be deduced. And it should be clear that each round can transmit a bit, e.g., "I paid" is a "1". The message "Attack at dawn" could thus be "sent" untraceably with multiple rounds of the protocol. The Crypto Ouija Board: I explain this to people as a kind of ouija board. A message, like "I paid" or a more interesting "Transfer funds from.....," just "emerges" out of the group, with no means of knowing where it came from. Truly astounding. Now there are many interesting wrinkles and elaborations to this protocol. I'll note just a few. 1. Collusion. Obviously the Extropians can collude to deduce the payer. This is best dealt with by creating multiple subcircuits (groups doing the protocol amongst themselves). Lots more stuff here. Chaum devotes most of the paper to these kind of issues and their solutions. 2. With each round of this protocol, a single bit is transmitted. Sending a long message means many coin flips. Instead of coins and menus, the neighbors would exchange lists of random numbers (with the right partners, as per the protocol above, of course. Details are easy to figure out.) 3. Since the lists are essentially one-time pads, the protocol is unconditionally secure, i.e., no assumptions are made about the difficulty of factoring large numbers or any other crypto assumptions. 4. Participants in such a "DC-Net" (and here we are coming to the heart of the "crypto anarchy" I have mentioned several times, and which is perhaps foolishly advertised in my .sig) could exchange CD-ROMs or DATs, giving them enough "coin flips" for zillions of messages, all untraceable! The logistics are not simple, but one can imagine personal devices, like smart card or Apple "Newtons," that can handle these protocols (early applications may be for untraceable brainstorming comments, secure voting in corportate settings, etc.) 5. The lists of random numbers (coin flips) can be generated with standard cryptographic methods, requiring only a key to be exchanged between the appropriate participants. This eliminates the need for the one-time pad, but means the method is now only cryptographically secure, which is often sufficient. (Don't think "only cryptographically secure" means insecure....the messages may remain encrypted for the next billion years) 6. Collisions occur when multiple messages are sent at the same time. Various schemes can be devised to handle this, like backing off when you detect another sender (when even parity is seen instead of odd parity). In large systems this is likely to be a problem. Solutions are left as an exercise. 7. Noise. Some participants may try to flood the circuit with spurious messages, to defeat the system or for whatever other reasons. This is still an issue. (If there's anything to take away from crypto, it's that nothing is as simple as it looks, that there are always devious ways to spoof, jam, and forge. I expect you've seen this from some of the debate on digital voting schemes.) What Can "DC-Net" Be Used For?: * Untraceable mail. Useful for avoiding censorship, for avoiding lawsuits, and for all kinds of crypto anarchy things. * Fully anonymous bulletin boards, with no traceability of postings or responses. Illegal materials can be offered for sale (my 1987 canonical example, which freaked out a few people: "Stealth bomber blueprints for sale. Post highest offer and include public key."). Think for a few minutes about this and you'll see the profound implications. * Decentralized nexus of activity. Since messages "emerge" (a la the ouija board metaphor), there is no central posting area. Nothing for the government to shut down, complete deniability by the participants. * Only you know who your a partners are....in any given circuit. And you can be in as many circuits as you wish. (Payments can be made to others, to create a profit motive. I won't deal with this issue, or with the issue of how reputations are handled, in this posting.) * The tamper-responding "digital mixes" can still be useful, and may supplement this purely software-based approach. * Digital money gets involved, too, both for payments in this system, and in terms of "alternative currencies." I'm not an economist, so I'll leave this for others to go into in more detail. Enough for now. Chaum's work is just the start. These systems can initially be set up for "innocuous" purposes like research into crypto techniques (not yet banned in the U.S.), role-playing games, religions, and the like. Once they get going, it'll be too late to stop the other things. Hope you liked this summary. Please read the articles...there's just no way my posting can do justice to them (though I admit I've concentrated my efforts on the political aspects, which "respectable" crypto researchers rarely mention, so perhaps the flavor here is a bit more Extropian than you'll find elsewhere.) --Tim (part of the "Too Many Tims!" Conspiracy) -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | RSA MailSafe Public Key: by arrangement From klbarrus at owlnet.rice.edu Thu Oct 21 21:58:07 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 21 Oct 93 21:58:07 PDT Subject: Subliminal Channels Message-ID: <9310220454.AA24592@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- A while ago I sent a post on subliminal channels - I had a chance to work a larger example. A subliminal channel is a communication channel that cannot be read by those for whom it is not intended. The problem is sometimes phrased as a prisoner's dilemma: two prisoners are allowed to communicate with each other by exchanging messages. They are able to digitally sign the messages to protect against spoofing. However, the warden will not allow the messages to be encrypted - only plaintext and the digital signature will be passed. All parties agree to these conditions and communication begins. Unknown to the warden, the prisoners are still able to coordinate their plans by using a subliminal channel to communicate, in full view of the warden! Essentially, the prisoners use some piece of shared knowledge to hide their real communication in the digital signature of an innocuous message. The warden sees the innocent message, checks that the signature is valid, and passes it along. The prisoner checks the signature to see if the warden didn't alter the message, and then extracts the real message from the digital signature. This topic came up when previously on the list, people were discussing the fact that encrypted communication over HAM radio is illegal - only authentication codes may be transmitted. I mentioned that actually, this restraint can be sidestepped by embedding encrypted communication a la subliminal channel style. YES, I KNOW THIS IS ILLEGAL AND I'M NOT SUGGESTING ANYBODY DO IT! I just pointed it out. What may be more important is that a subliminal channel may lurk in the digital signature standard (DSS). In turn, this is important because from time to time proposals are made concerning national id cards, national health cards, etc. If some agency is going to authenticate or otherwise digitally sign an identification card, they may also embed information into the signature. The DSS has been described as "very hospitable to subliminal channels." Imagine what records could be kept on you if various information were embedded in the digital signature of documents you own. First, a description and example of El Gamal authentication, and then of the subliminal channel based on El Gamal. El Gamal authentication: The sender picks a prime p, primitive element g, and random integer r. The public information is the triple (K,g,p), where K = g^r mod p To authenticate a message M, the sender picks another random integer r' such that gcd(r',p-1) = 1, and computes X = g^r' mod p Then, the sender solves for Y in the equation M = r X + r' Y mod p-1 The triple (M,X,Y) is the message and the signature - this is what is transmitted to the receiver. r and r' are kept secret. The receiver computes A = K^X X^Y mod p and accepts the message as authentic if A = g^M mod p El Gamal Example: p = 224737, r = 5135, g = 2 K = 2^5135 mod 224737 = 136800 The triple (136800, 2, 224737) is public. To send the message M = 12345, the sender picks r' = 89321 gcd(89321,224736) = 1 so r' is ok. Now compute X = 2^89321 mod 224737 = 87880 Solve for Y in: 12345 = 5135 87880 + 89321 Y mod 224736 ==> 18433 = 89321 Y mod 224736 ==> Y = 207929 The triple (12345, 87880, 207929) is the message and the signature. The receiver gets (12345, 87880, 207929) and knows (136800, 2, 224737). A = 136800^87880 87880^207929 mod 224737 = 160740 g^M mod p = 2^12345 mod 224737 = 160740 These are equal and the message is accepted as authentic. El Gamal Subliminal Channel: Now the interesting part is the subliminal channel. The sender and receiver must share the knowledge of random number r. To send the subliminal message M, where gcd(M,p) = 1, using a cryptogram C, the sender calculates X = g^M mod p and solves for Y in C = r X + M Y mod p-1 The triple (C,X,Y) is transmitted to the receiver. The receiver computes A = (g^r)^X X^Y mod p and accepts the message as authentic if A = g^C mod p To extract the subliminal message, the receiver calculates M = Y^-1 (C - r X) mod p-1 El Gamal Subliminal Channel Example: Suppose the sender and receiver share the knowledge r = 5135 The sender wants to send M = 11111 using the innocent message C = 12345. The sender calculates X = 2^11111 mod 224737 = 20944 and solves for Y in : 12345 = 5135 20944 + 11111 Y mod 224736 ==> Y = 194447 The triple sent to the receiver is (12345, 20944, 194447). The warden can check this if he wants, to very the signature: A = 136800^20944 20944^194447 mod 224737 = 160740 g^C mod p = 2^12345 mod 224737 = 160740 so the warden verifies the signatures. Convinced nothing fishy is going on here, he passes on the message. The receiver checks authenticity and is successful. However, now the subliminal message is extracted: M = 194447^-1 (12345 - 5135 20944) mod 224736 = 11111 The subliminal message is successfully extraced, and the prisoners have passed information right by the warden. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMdlZoOA7OpLWtYzAQGLnAP/a21A7r4baW8I3PZiV50+mu8M7p+Xgcwj kx2pLkB0l+YHfonQDDIsqHdtEVASvcFeviFnKMkV9eGK/PPDI4DnfIdK/N0lDKq3 whyHZy91lCpnCCMKhoJ0UZ3Ss1JPogWNqdiKjPtWJhw+iZA86AQjrJ2bmwyWnCvP d+ZSgxeVhP8= =hqum -----END PGP SIGNATURE----- From mench at cs.unr.edu Thu Oct 21 22:58:07 1993 From: mench at cs.unr.edu (Peter J Menchetti) Date: Thu, 21 Oct 93 22:58:07 PDT Subject: hi/. . Message-ID: <9310220557.AA00394@pyramid> hey, send me info on your movement! pete From baumbach at atmel.com Thu Oct 21 23:32:54 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Thu, 21 Oct 93 23:32:54 PDT Subject: Backing Message-ID: <9310220047.AA29472@bass.chp.atmel.com> "Perry E. Metzger" says: > Not a cryptography message -- sorry but I thought I had to discuss it... But it is, if digital cash is your interest. There may be more than one way to think about money. > > Peter Baumbach says: > > Isn't a finite source of backing a problem since it rewards those who > > hoard it? > > No. It punishes those who hoard it -- they don't get interest on their > money. Where does this interest come from. If you have a 100% backed currency with a finite supply, those who hoard it can't lose. If there is a total of 20,000 tons of gold in the world, and you own 1 ton, then don't you own 1/20,000 of the worlds wealth. As long as the total wealth of the world increases, doesn't your wealth increase along with it? > > > If neither Alice or Bob have a backed currency, does that mean they > > cannot trade? > > Depends if they consider what the other has to be of value. Its all up > to them. If Alice needs her street cleaned and Bob can do it, and if Bob needs some food prepared and Alice can prepare it, a currency is unneeded for their trade. > > > Has anyone invented a workable "barter currency"? > > I don't see what the point would be. Why not just deal in a medium of > exchange? Continuing with Alice and Bob, let's add Carl. If Carl needs his freezer repaired and Bob can repair it, and Bob wants some vegetables and Carl can supply them, a currency is still unneeded. Suppose, however, Alice wants the vegetables, but has nothing to offer Carl, a "barter currency" would solve her need. Alice pays Carl for the vegetables. Carl pays Bob for repairing his freezer. Alice pays Bob for cleaning her street. Bob pays Alice once for the vegetables, and once for her to prepare them to his liking. A small economy becomes facilitated. Useful stuff has been done without dealing with any outside parties. Why should some of these people own gold before their economy can function? If Alice kicks over a stone and finds a nugget of gold, why should she be any richer. She hasn't done anything for anyone, except maybe devalue the gold that everyone else already owns. Gold makes a good currency because it be can't be created by those who have done nothing of value for anyone else. (A government ;-) Gold makes a poor currency when it prevents the economy I describe above from existing since none of the participants have any. What medium of exchange can Alice, Bob, and Carl use? The answer to that, I would call a "barter currency" > > > Can I.O.U.'s be created such that they work like money? > > Sure. Thats what banknotes are. Your method requires another participant to the transaction. Everyone must trust that the bank doesn't print more banknotes than it can honor. Also, what is the banknote an I.O.U. for? Gold? An I.O.U. for particular services or goods are hard to use as a currency since you may wish to trade with someone who does not know the person whos name is on the I.O.U.. Carl might give Bob an I.O.U. for fixing his freezer: "I Carl owe the holder of this I.O.U. two bushels of carrots." It would be hard to give this in payment to someone who does not know the quality of the carrots or the trustworthyness of Carl. > > Perry > > I have just been learning about call and put options on stocks. If I sell a call option, I am agreeing to sell a certain amount of stock at a certain price at any time in the future until the option expires. These options behave something like the "barter currency" that I wish to have invented. People trade these options instead of trading in the stocks. Now if only my broker would accept an I.O.U. for two bushels of carrots in payment for ... Peter Baumbach baumbach at atmel.com From mench at cs.unr.edu Thu Oct 21 23:38:07 1993 From: mench at cs.unr.edu (Peter J Menchetti) Date: Thu, 21 Oct 93 23:38:07 PDT Subject: hi/. . In-Reply-To: Message-ID: <9310220634.AA00850@pyramid> > > hey, send me info on your movement! > > pete > > > > Well, this morning I was a bit constipated, so I ate four bran muffins, > and by late afternoon I succeeded in producing quite a decent bowl > movement. All in all I'd have to say I'm feeling much better now. Thanks > very much for asking. > > l8r, thug > Oh, thanks very much for the smartass reply. I take it this is a list? so do I send to Cypherpunks-request at toad.com? Also, I'd like to get a hold of Chris Odhner. Chris! email me! pete From nobody at rebma.rebma.mn.org Fri Oct 22 02:52:54 1993 From: nobody at rebma.rebma.mn.org (nobody at rebma.rebma.mn.org) Date: Fri, 22 Oct 93 02:52:54 PDT Subject: No Subject Message-ID: Subject: spam ignore this is a test "To be responsive at this time, though I will simply say, and therefore this is a repeat of what I said previously, that which I am unable to offer in response is based on information available to make no such statement." From habs at panix.com Fri Oct 22 04:38:13 1993 From: habs at panix.com (Harry Shapiro) Date: Fri, 22 Oct 93 04:38:13 PDT Subject: Canon copiers In-Reply-To: <9310212239.AA04736@toad.com> Message-ID: <199310221135.AA28283@panix.com> Since the copiers in question have a digi interface and when connected to Raster Image Processor (RIP) can act (for example) like a postscript printer, one should have to scan in a dollar on a 600 dpi scanner, and print is through the copier as a postscript file. The question is would the black box catch that? It is true about the Anti-Copy device, but I doubt it disables the machine, probally just doesn't copy. These machines are $50,000+ and up in price. /hawk a conscious being, XXCLARK at indst.indstate.edu wrote: > > > > Called a Canon copier dealer today. Here's what he said regarding > the copying of currency [only after my convincing him I was not inter- > ested in a career in funny money]: > > All Canon color copiers have _always_ marked their output with > the serial number of the machine on which they were produced. [I failed > to ask about non-color copiers.] He mentioned, specifically, currency, > photographs and food stamps as examples of copied items from which the > serial number could be recovered by Canon. > > Canon color laser copiers CL-300 and CL-500, not currently being > produced, but still available, do _not_ have the anti-currency device > included. They _do_, he said, place the machine serial number in copies > made. > > Canon color laser copiers CL-350 and CL-550 _do_ have the anti- > currency device included, which he said is a black box to local repair- > men. He continued to say that not only would these models, when given > currency to copy, produce only a black rectangle, but also: > > - store a copy of what one had attempted to copy in memory, and; > - lock the machine in such a manner that only someone from the > Canon factory "might" be able to render the machine useable. > > These machines also place the machine serial number in copies > it allows to be made, he said. > > Only on the last item did his answer seem uncertain. His first > response was that "the machine would be virtually destroyed." > > Anyone want to test this for us? > > He _did_ suggest which Canon copier would do a good job copying > currency. > > I still haven't found the trade mag in which I originally read > this... >  > -- Harry S. Hawk habs at extropy.org Electronic Communications Officer, Extropy Institute Inc. The Extropians Mailing List, Since 1991 EXTROPY -- A measure of intelligence, information, energy, vitality, experience, diversity, opportunity, and growth. EXTROPIANISM -- The philosophy that seeks to increase extropy. From ferguson at icm1.icp.net Fri Oct 22 04:48:14 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Fri, 22 Oct 93 04:48:14 PDT Subject: respond to: cypherpunks-request@toad.com In-Reply-To: <9310220634.AA00850@pyramid> Message-ID: <9310221247.AA11685@icm1.icp.net> > > l8r, thug > > > Oh, thanks very much for the smartass reply. I take it this is a > list? so do I send to Cypherpunks-request at toad.com? > > pete > > Pay no attention to the thug-man, he seems to get a little irritable when he hasn't had his daily enima. For all new subscribers, send a message to . Cheers. From root at satelnet.org Fri Oct 22 06:02:54 1993 From: root at satelnet.org (SatelNet SysAdmin) Date: Fri, 22 Oct 93 06:02:54 PDT Subject: dc-nets Message-ID: <9310221315.AA24868@satelnet.org> > Marc Ringuette, and Yanek Martinson are some of the folks on this list who > are interested in working on DC-Nets....Yanek even claims to have a > primitive one running on his local machine and is interested in volunteers > to test it on a larger basis. I did write a dc-net system in perl that uses e-mail as the transport mechanism. It worked quite well when all the "participants" were on the same machine, and with immediat emessage delivery, no batching or queuing. As soon as I attempted to run it with a few people over the net, there were severe synchronization problems. E-mail messages are not guaranteed to arrive in the same order as they were sent, or to arrive to all the addressees within the same time frame. DC-nets work only if all the participants see the same set of messages in the same sequence. I have since decided that e-mail is not a very good transport mechanism for a dc-net and am experimenting with tcp/socket connections instead. That seems to be working pretty well, but has quite a high load on the network. If someone does want to work on some sort of a synchronisation protocol for the e-mail based dc-net, let me know and I will send you the perl code. The tcp version is not ready enough to give to anyone, and I have been quite busy with a few other (only marginally cypherpunks-related) projects and can't spend very much time on the dc-net system. From pmetzger at lehman.com Fri Oct 22 06:03:14 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Fri, 22 Oct 93 06:03:14 PDT Subject: Backing In-Reply-To: <9310220047.AA29472@bass.chp.atmel.com> Message-ID: <9310221258.AA27061@snark.lehman.com> Peter Baumbach says: > "Perry E. Metzger" says: > > > Isn't a finite source of backing a problem since it rewards those who > > > hoard it? > > > > No. It punishes those who hoard it -- they don't get interest on their > > money. > > Where does this interest come from. If you have a 100% backed currency > with a finite supply, those who hoard it can't lose. Traditionally, banknotes have NOT been 100% backed. Even if you chose to have your digital cash itself fully backed, presumably few people would place their money in checkable accounts (that is, counts upon which drafts may be drawn) that were not at the very least invested SOMEHOW. 100% reserve accounts might be available, with negative interest to pay expenses, but I doubt many would use them for much other than things like escrow accounts. Certainly whenever a bank loaned you money or invested money it would do so with fractional reserve instruments, as banks traditionally have. > If there is a > total of 20,000 tons of gold in the world, and you own 1 ton, then don't > you own 1/20,000 of the worlds wealth. As long as the total wealth of > the world increases, doesn't your wealth increase along with it? If you own 1 ton, you just own one ton of gold. The medium of exchange isn't a special commodity. There isn't one dollar bill out there somewhere for every dollar of value in property in the U.S. -- not even one dollar bill for every hundred dollars in value! (I might be slightly wrong on this exact figure, but the order of magnitude is right.) Imagine I owned 1/20,000 of the dollar bills in the country and kept them under my mattress. Would I own 1/20,000 of the wealth of the U.S.? Would my "investment" grow in value as the U.S. economy grew? Of course not, and of course not, but thats precisely what you were implying. > > > If neither Alice or Bob have a backed currency, does that mean they > > > cannot trade? > > > > Depends if they consider what the other has to be of value. Its all up > > to them. > > If Alice needs her street cleaned and Bob can do it, and if Bob needs > some food prepared and Alice can prepare it, a currency is unneeded > for their trade. Thats correct. On the other hand, most people don't want to trade directly for services, because that would generate great inefficiencies. Lets say you were a programmer -- not everyone you would want to trade with would want or need your skills. How would you buy bread, say? A medium of exchange is a wonderful way to securitize barter -- thats basically what it is, you know. > > > Has anyone invented a workable "barter currency"? > > > > I don't see what the point would be. Why not just deal in a medium of > > exchange? > > Continuing with Alice and Bob, let's add Carl. If Carl needs his freezer > repaired and Bob can repair it, and Bob wants some vegetables and Carl > can supply them, a currency is still unneeded. Suppose, however, Alice > wants the vegetables, but has nothing to offer Carl, a "barter currency" Why not just have people use a normal currency? Seems like you have some bizarre idea that the poor won't be able to afford the real currency, which is silly. > If Alice kicks over a stone and finds a nugget of gold, why should she > be any richer. She hasn't done anything for anyone, except maybe > devalue the gold that everyone else already owns. Untrue. She's done work. Replace "gold" with "diamond", which she sells to a jeweler. You have this strange view that the medium of exchange is somehow different from any other commodity. It isn't. Get that idea out of your head. > Gold makes a good currency because it be can't be created by those who > have done nothing of value for anyone else. (A government ;-) Gold makes > a poor currency when it prevents the economy I describe above from existing > since none of the participants have any. It doesn't prevent anything at all. If gold is expensive in terms of human labor, than all the players involved will use small amounts of gold for their transactions. IF gold is cheap, they will use large amounts. In neither case, however, will they notice any difference in outcome at all. In other words, you are thinking as though the medium of exchange in and of itself mattered, which it doesn't. Replace "gold" with "dollars" in your exposition and see how silly it now sounds. > > > Can I.O.U.'s be created such that they work like money? > > > > Sure. Thats what banknotes are. > > Your method requires another participant to the transaction. Everyone > must trust that the bank doesn't print more banknotes than it can honor. Actually, that part is very easy -- the excess clearings rule means that the bank would go belly up within days or (in the modern world of electronic banking) hours if it did that -- all the other banks it was clearing with would notice massive outflow of the backing commodity from the bank's accounts. Its very hard to cheat in this sort of system. Thanks to computers, its easier than ever for people to check on what banknotes (or their electronic equivalent) are good. > Also, what is the banknote an I.O.U. for? Gold? Or whatever. It really doesn't matter what the backing commodity is. > An I.O.U. for particular services or goods are hard to use as a currency > since you may wish to trade with someone who does not know the person > whos name is on the I.O.U.. Carl might give Bob an I.O.U. for fixing > his freezer: "I Carl owe the holder of this I.O.U. two bushels of carrots." > It would be hard to give this in payment to someone who does not know > the quality of the carrots or the trustworthyness of Carl. I think you've just discovered why it is that people use a medium of exchange and not some strange barter system. Fungibility is an issue, and the use of a standard medium of exchange means that you can securitize barter. > I have just been learning about call and put options on stocks. If I sell > a call option, I am agreeing to sell a certain amount of stock at a certain > price at any time in the future until the option expires. These options > behave something like the "barter currency" that I wish to have invented. Not at all. Puts and calls are bets -- they have behaviors very much unlike trading in the underlying stocks. Of course, you can build "synthetics", which behave like the underlying stock, but the options themselves are rarely used that way because the market is efficient and thus you can't make money that way. > People trade these options instead of trading in the stocks. More accurately, they use options as a means of increasing leverage. I suggest learning more about how banking and economics works before discussing this further -- there are some basic assumptions we are both making that are very different. Perry From koontzd at lrcs.loral.com Fri Oct 22 07:22:55 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Fri, 22 Oct 93 07:22:55 PDT Subject: Sharing a secret Message-ID: <9310221418.AA13432@nebula.lrcs.loral.com> >I know that there is a way to have a key, K, divided into >n parts such that any i of them are needed to recunstruct >K. The property holds that no i-1 parts are sufficient, >and ANY i parts will do. How does this work exactly? Is >it really the case that no i-1 parts give information? >Is there a way to cheat? With a key K of size j (goddamn fortran anyway), i parties can share the secret with a threshold of i (requiring all i parties key part) by generating i parts P such that K = Pi XOR Pi-1 XOR ... P1. All the parts P are the same size as K, which keeps the effort of guessing a missing part equal to j, or the size of the key k itself. Such a scheme is not ideal for keys K that have a deterministic characteristic. From mech at eff.org Fri Oct 22 07:23:16 1993 From: mech at eff.org (Stanton McCandlish) Date: Fri, 22 Oct 93 07:23:16 PDT Subject: Clipper chip stuff (fwd) Message-ID: <199310221419.AA02752@eff.org> Forwarded message: > Could you forward this to cypherpunks for me? Walter is a technoid and > happened to be one of the plaintiffs in Steve Jackson Games (e-mail user on > Illuminati). I'm hoping one of the 'punks might be able to comment to him > on his theory -- it sounds interesting to me, but I'm not technical enough > to know if its got any merit. Thanks. > > >Date: Thu, 21 Oct 93 18:05 EDT > >From: Walter Milliken > >Subject: Clipper chip stuff > >To: ssteele at eff.org > > > >Hi Shari -- it's been a while.... > > > >I know you're probably not the right person to talk to about Clipper > >chip stuff, but I figured you could forward this and tell me who is. > > > >Basically, I think I see NSA's backdoor in the whole scheme. Probably > >other people have noticed this too, but in case they haven't (and I > >haven't seen any comment on these lines on comp.org.eff.talk), I figured > >I'd point it out. > > > >The trick isn't necessarily in the algorithm (which I don't know, of > >course). I think it's in the key generation process. I read Dorothy > >Denning's description as posted to comp.org.eff.talk the other day, and > >decided it sounded fishy. Why are the secret per-chip keys generated > >from the chip serial number (which is observable by anyone with the > >law-enforcement key)? To escrow keys, all you need is to 1) associate a chip > >serial number with a secret key and 2) split the secret key into two, > >unusuable parts for the escrow agents. I can't see any reason why the > >secret key isn't just a random number (or rather the XOR of two random > >numbers, one for each escrow agent). > > > >Instead, we've got this complex algorithm for converting the chip serial > >number into the chip secret key. Thus, if you know the chip serial > >number, the key generating algorithm, and the initialization states for > >the key generator (provided by the two escrow agents) *you can compute > >the chip secret key*! (Or so it appears on a very superficial reading.) > > > >I suspect you could dispense with knowing the initialization states, if > >you were NSA and could obtain any chip from the same batch -- you open > >the chip up (I'm sure *they* know how to do that), extract its secret > >key, and reverse-engineer the initialization data. (This last step is > >non-trivial, but I'd be surprised if NSA couldn't do it -- it's a > >variant of known-plaintext attack.) It's also possible that NSA may > >*supply* the initialization states, or an algorithm for generating them, > >or at least advice on how to pick them. After all, it's their game, > >they get to make the rules.... > > > >In any case, I can see no way that using the *observable* chip serial > >number to help generate the chip secret key can in *any* way improve the > >security of the system. You'd be much better off just sticking any old > >random number into the chip as a secret key, and just noting it down > >with the associated chip serial number in the escrow files. Personally, > >I think I'd use a non-algorithmic mechanism for generating random keys > >-- perhaps a truly random number source, such as atomic decay processes. > >There's only one of these things -- it can afford to get fancy. > > > > > >Disclaimer: I'm not a cryptography expert, so it's possible I'm missing > >something here. Possibly factoring in the chip serial number makes it > >harder to crack secret keys if you somehow manage to obtain a few chips > >from the same batch and open them. But it certainly seems suspicious to > >me.... > > > >---Walter -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From exabyte!smtplink!mikej at uunet.UU.NET Fri Oct 22 07:42:55 1993 From: exabyte!smtplink!mikej at uunet.UU.NET (Mike Johnson) Date: Fri, 22 Oct 93 07:42:55 PDT Subject: 700 club Message-ID: <9309227513.AA751302845@smtplink.exabyte.com> > The right to encryption and the "right" to abortion don't have the same > basis - encryption kills no one. Amen! But encryption IS regulated as a munition. In military applications, weak crypto could (and has) cost some people their lives. Strong crypto reduces the power of governments or other entities to oppress people of differing views. Strong crypto is a powerful influence to resist oppression of one group by another, just as Freedom of the Press, Freedom of Speech, and the Right to Bear Arms do. I don't see strong crypto as a threat to Christians. Strong crypto is a major threat to totalitarian governments, spies, and criminals. Strong crypto is a minor inconvenience for certain law enforcement agencies in some circumstances. Three out of four isn't ideal, but life just isn't that simple. By the way, if you think 700 Club support for strong crypto without key escrow is strange -- call my BBS for some amusement. You will find Bible search software, church management tools, and two file areas devoted to cryptography. Not everyone on this list is an athiest, anarchist, or whatever. Mike Johnson mpj at csn.org BBS 303-938-9654 From hfinney at shell.portal.com Fri Oct 22 09:12:56 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Fri, 22 Oct 93 09:12:56 PDT Subject: Subliminal Channels Message-ID: <9310221610.AA00302@jobe.shell.portal.com> Steganography, the art of hiding a secret message inside of an openly readable one, can be thought of as a subliminal channel. In the prisoner example, the prisoners could have pre-arranged that, say, every 10th character in the typed messages they exchange would be used to spell out a secret message. Or perhaps word or sentence lengths or spacings could send a message. In general, in any system where there is ambiguity, more than one way of expressing a valid message, there is a subliminal channel. Since DSS signatures are apparently not unique for a given message (unlike, say, RSA signatures as specified in the PKCS standards), they have such a channel. Hal From hfinney at shell.portal.com Fri Oct 22 09:18:17 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Fri, 22 Oct 93 09:18:17 PDT Subject: Canon copiers Message-ID: <9310221617.AA00624@jobe.shell.portal.com> The thing that makes me skeptical about this copier story is this: the money could have any orientation and position on the page. It would take a large amount of computing power to look at an image and deteri\\ determine whether there is a certain bitmap anywhere on it. Look at how poorly optical-character-reader technology does now, and that is when it knows how the letters are oriented. Adding random orientations would make the problem far worse. And, will it look at the whole dollar bill, or just pieces of it? It has to respond to all the different denominations, too. Plus, if it makes a mistake and permanently locks up the customer's machine, the manufacturer is going to have a big problem. In short, I'm pretty sure that there is a lot of disinformation going around designed to scare people away from trying it. However, there is another possibility, which is to look at hte color of the bills. This does not take so much processing power, although bills may vary somewhat in color. Years ago, I'd read that these machines would not accurately reproduce the color of money. Perhaps today they will turn that color to black. Hal From hughes at ah.com Fri Oct 22 09:28:17 1993 From: hughes at ah.com (Eric Hughes) Date: Fri, 22 Oct 93 09:28:17 PDT Subject: Backing In-Reply-To: <9310221258.AA27061@snark.lehman.com> Message-ID: <9310221621.AA01088@ah.com> I have only one small quibble with Perry's recent comments. >Why not just have people use a normal currency? Seems like you have >some bizarre idea that the poor won't be able to afford the real >currency, which is silly. The question is not a bald one of access or no access, but one of quantity obtainable in aggregate and timeliness of such accrual. Experiments with LETS systems have shown that local economic activity does improve in depressed cities when a barter currency is introduced to supplement a paucity of the nominal national currency. The city I seem to remember is Manchester, England. LETS (I forget the acronym expansion) is a barter system with a virtual fiat currency. Originally it used just a ledger; later, PC's were used to keep the books. The currency was zero-sum; all accounts added to zero. Reputation was provided by making all aggregate balances public to the members of the system; you could decide not to provide services to anybody, particularly if they had a large negative balance. Another example of how a dearth of transfer instruments affects an economy was 16th/17th century Venice. Coin hoarding did become somewhat of a problem, and it affected the speed at which business could be done. This era was that of the rise of 'book-gold', or in modern parlance, fractional reserves. Perry is certainly correct that any commodity can be used as a backing. Recall, however, that promises are a commodity like any other. This is the unification of fiat currencies and gold currencies. It is also a basis for understanding that multiply backed currencies can and do coexist stably. Promises are not as fungible as gold is of course, which is one reason that LETS systems do not scale well, since the characteristic effort and communication needed to evaluate the worth of such a promise (even an averaged promise as in a LETS system) is far greater. One can understand the rise of options markets as an effort to increase the fungibility of the option promise, given that these markets are not merely communications systems but also have some capacities as guarantors and insurers (broadly construed). Digital money has two characteristics that pertain to these issues: denomination size and access. The smallest denominable amount is not limited in any virtual system (bank books included), whereas when in a strict commodity system the unit of transactability may be too high and cannot be infinitely subdivided. For example, gold Spanish doubloons (from which the English 'dollar' is a corruption) were too large for many transactions, so people made them small by cutting them into eight 'bits', whence the equation of 'two bits' with a quarter. But gold is not infinitely subdivisible, but representations are. The question of access arises as well. Just as a LETS system is a very econopunk system, digital money can be issued by any one person or any group. If no other backing is available, they can back it with their own time and talent. When these currencies can be easily traded with other currencies, the problem of access to a more dominant currency is alleviated. These promises, being limited to a particular geographic locale, are not fungible, but then lack of fungibility does not so much prevent exchange as present some market-priced impediment to it. Eric From hfinney at shell.portal.com Fri Oct 22 09:38:17 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Fri, 22 Oct 93 09:38:17 PDT Subject: Sharing a secret Message-ID: <9310221637.AA01633@jobe.shell.portal.com> I will give a simple example of Shamir secret sharing. Suppose you have some data D which you want to split up into n pieces such that any 2 of them are sufficient to reconstruct D. Shamir solves the problem for any k of them being sufficient, but the case k=2 is especially simple. Pick a random number m which will be the slope of a line. Take the equation y = mx + D, and substitute x = 1, x = 2, ... x = n. Pass out the y's for each value of x as the secret shares. For example, if D=12, pick random m = 4, and pass out (1,16), (2,20), (3,24), (4,28), and so on. Now, suppose an enemy gets hold of one of these - say (2,20). What does this tell him about the value of D? Nothing! D could be anything, depending on the value of m. But suppose we have two of these values - say (1,16) and (2,20). From these it is easy to calculate m=4, and from that it is easy to see that D=12. Two points determine a line. In the actual Shamir scheme, integers mod a prime p are used, where p>D. The math is basically the same. For k=3, a parabola is used instead of a line, so that 3 points are needed; for k=4, a third-degree polynomial is used, and for general k, a (k-1)-degree polynomial is used. In each case, knowing k-1 points tells you nothing, because there will be a (k-1)-degree polynomial that would pass through any possible value of D. Hal From abootch at sfsuvax1.sfsu.edu Fri Oct 22 10:22:56 1993 From: abootch at sfsuvax1.sfsu.edu (Dog Face) Date: Fri, 22 Oct 93 10:22:56 PDT Subject: cellular Message-ID: <9310221720.AA21055@sfsuvax1.sfsu.edu> Hey Cypherites, While taking a *study* break last night I caught the last couple of minutes of a report on the cellular phone hacking on Prime Time Live - KABC(?) west coast. Someone, presumably, from one of the cellular phone co's came up with a security scheme that would stop people from hacking into other people's accounts - using digital signatures! When asked how long this *technology*'s been around he answered its been out for awhile, only it has been implemented yet because no one was willing to pay for it. I wonder.... Also, they mentioned something about 400 people being caught by the S.S. so far this year(?) on cellular hacking charges. Is this correct? I didn't catch the whole show and am not sure if I ingested what was being said properly (I was too tired to chew) so if anyone caught the whole piece or knows more please post. Thanks. From tcmay at netcom.com Fri Oct 22 10:52:56 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 22 Oct 93 10:52:56 PDT Subject: Message to Extropians...others ignore! Message-ID: <9310221751.AA27149@netcom5.netcom.com> (Sorry to send a message this way, but you'll see why.) The Extropians list has been down for several days as a result of the security incident involving Panix, the systems off of which the Extropians list is run. (The security incident is being discussed in several of the *.security groups.) Perry Metzger mentioned this a few days ago here, but I am still getting several messages a day asking what happened to the List, hence this message to you all. By the way, a conclusion I draw from this is that an alternative way to signal list members should exist, even if it's just a very long list to send mail to from an unaffected system. Sort of an "Emergency Broadcast System." Harry Shapiro says Panix is back up and the Extropians list should be restored sometime today, probably. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From tcmay at netcom.com Fri Oct 22 11:08:17 1993 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 22 Oct 93 11:08:17 PDT Subject: Bidzos (RSA) on "Primetime Live" (was: cellular) In-Reply-To: <9310221720.AA21055@sfsuvax1.sfsu.edu> Message-ID: <9310221808.AA28681@netcom5.netcom.com> Dog Face writes: > While taking a *study* break last night I caught the last couple of minutes > of a report on the cellular phone hacking on Prime Time Live - KABC(?) west > coast. Someone, presumably, from one of the cellular phone co's came up > with a security scheme that would stop people from hacking into other > people's accounts - using digital signatures! When asked how long this > *technology*'s been around he answered its been out for awhile, only it > has been implemented yet because no one was willing to pay for it. I > wonder.... > > Also, they mentioned something about 400 people being caught by the S.S. > so far this year(?) on cellular hacking charges. Is this correct? > > I didn't catch the whole show and am not sure if I ingested what was > being said properly (I was too tired to chew) so if anyone caught the > whole piece or knows more please post. Indeed, the whole piece was an obvious attempt to "scare" users of illegal services into compliance, just as we saw some years back when a lot of folks were "illegally" receiving cable. Many immmigrant communities (Aremenians, Columbians, etc.) are using these cellular phones in huge quantities. What can or will be done? A kind of "digital postage" of the sort we often discuss here would be ideal: the various service providers (satellites, relays, etc.) only carry the signal if payment is attached. With anonymous systems this would be like using a payphone. In fact, RSA's Jim Bidzos was intereviewed very briefly...no more than 20 seconds...and he alluded to the RSA products as being ideal. (I sent him an e-mail message last night asking if he was implying some form of digital money/postage...most likely not). Unfortunately, the next topic in the segment was how audio conversations (what about data?) might have unique voice ID patterns encoded in them to foil rip-off artists. A voice registry? A scary notion, and one we should be on the lookout for. (I don't think it would work, as it would be even more unwieldy and problematic than key escrow. And easy to alter voices, etc.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From norm at netcom.com Fri Oct 22 11:12:56 1993 From: norm at netcom.com (Norman Hardy) Date: Fri, 22 Oct 93 11:12:56 PDT Subject: Paper Shredders Message-ID: <9310221811.AA25405@netcom4.netcom.com> The garbage disposal in a kitchen sink is very effective. From huggins at eecs.umich.edu Fri Oct 22 11:38:17 1993 From: huggins at eecs.umich.edu (James K. Huggins) Date: Fri, 22 Oct 93 11:38:17 PDT Subject: Clipper Chip report on 700 Club today (Wednesday) Message-ID: <199310221834.AA27149@quip.eecs.umich.edu> Phil Karn (karn at qualcomm.com) writes: > If I hadn't seen the show with my own eyes, I never would have > believed it. The Religious Right, so ready to mind everyone else's > personal business and to reshape the government in its own image, > opposes something that would make it easier for the government to > control the private lives of its citizens. Let's be honest, though ... the "Non-Religious Left" is interested in the same thing (though in different ways). Just about everybody in politics wants to change something or other. > Of course, the Religious Right is at odds with the current government, > what with talk of using the federal racketeering laws against > anti-abortion demonstrators. So perhaps they can be forgiven for > their current anti-government stance. It ain't just governments that oppose the religious right. There are a lot of moves on college campuses lately to kick conservative religious groups off campus because they aren't PC. I can easily see a time when having cryptography might be very useful to me if the administration at my university starts grepping my e-mail to see if my group meets the latest PC test. Sure, the US government tends to like Christian folks right now. But there are lots of governments around that don't -- ask people who live in Muslim countries where being a Christian is illegal, punishable by death as heresy. Any applications for cryptography there? > And there's supreme irony in the right to encryption and the right to > abortion both being founded in the same basic concept: personal > privacy. It all depends on whose ox is being gored, I guess. The problem ain't with privacy ... it's with what do you with privacy. Should we all have microphones installed in our homes because the privacy of my house out in the country means that I can beat my wife and no-one will hear her scream? The problem isn't that my house is private ... the problem is that I'm a jerk. So make being a jerk illegal and forget the microphones. Disclaimer: I don't have a house or a wife, and 4 out of 5 officemates don't think I'm a jerk ... Jim Huggins (huggins at eecs.umich.edu) From mg5n+ at andrew.cmu.edu Fri Oct 22 11:42:56 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 22 Oct 93 11:42:56 PDT Subject: Gold in them thar Bills... In-Reply-To: <9310212036.AA25191@tdws22> Message-ID: <0gm2_=q00awU86Y18a@andrew.cmu.edu> > Yes, as long it was been minted in a recognized form i.e. a gold eagle, > a panda, or gold peso. A gob of yellow shinny stuff is just that until > it has been assayed, and then it is only as good as the backing or > reputation of the assayer. I can easily determine with reasonable precision weather or not a lump of yellow stuff is gold or not. All I need is: 1) A glass of water and a balance scale to use Archimedes method (which is reasonably accurate since there are very few metals heavier than gold. If I remember correctly, they are platinum, iridium, osmium, and uranium..there might be one or two more. They are all rare metals which are nearly equal or greater in value than gold, except for uranium which I could rule out pretty easily on the basis of its radioactivity) or 2) A drop of nitric acid. Nitric acid, (and several other acids as well) will not react with gold, but will quickly oxidize iron pyrite, bronze alloys, etc. In fact, some companies like Edmund Scientific sell chemical tests to check gold. From mg5n+ at andrew.cmu.edu Fri Oct 22 12:02:55 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 22 Oct 93 12:02:55 PDT Subject: Canon copiers In-Reply-To: <9310221617.AA00624@jobe.shell.portal.com> Message-ID: I really doubt that they would make it lock up the machine. If that were true, I could just walk up to the copier, slap down a $1 bill, hit the button and walk away. Poof - I've just created weeks of downtime and a hefty repair bill. Gee sounds like fun. Now, how many businesses do you know of that would be willing to take that kind of risk in buying a copier? From cman at IO.COM Fri Oct 22 12:08:18 1993 From: cman at IO.COM (Douglas Barnes) Date: Fri, 22 Oct 93 12:08:18 PDT Subject: 700 Club etc. In-Reply-To: <9310212146.AA05688@vail.tivoli.com> Message-ID: <9310221904.AA24299@illuminati.IO.COM> > > > F_GRIFFITH at CCSVAX.SFASU.EDU writes: > > The right to encryption and the "right" to abortion don't have the same > > basis - encryption kills no one. > > Yahooo!!!!! An abortion debate on cypherpunks! Thank Allah it isn't > one of those gun nuts or somebody idiotic enough to deny the obvious > truth of Velikovsky's work :-) > Now if someone just mentions 'Hitler' we've covered all the bases... (oops, I guess I just did.) -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From capek at watson.ibm.com Fri Oct 22 12:18:18 1993 From: capek at watson.ibm.com (Peter Capek (TL-863-6721)) Date: Fri, 22 Oct 93 12:18:18 PDT Subject: 10/28 - Crypto Day at IBM Research, Yorktown Heights, NY Message-ID: <9310221915.AA15826@toad.com> *********************************************************** Cryptography Day at IBM Yorktown October 28, 1993 Thomas J. Watson Research Center, Yorktown Heights New York *********************************************************** Once the province of diplomats and spies, cryptography is assuming a central role in civil applications, including digital telephony, electronic mail, database access, software copy protection, funds transfer and contract negotiation. As these services become more powerful and globally integrated, cryptographic techniques provide the chief means of reconciling the conflicting goals of privacy and accessibility. This day-long symposium will explore the emerging intersection of cryptographic algorithms, devices, applications, and policy that is shaping the future of information services. Topics to be covered include + A survey of cryptography and related techniques + The role of cryptography in information distribution and licensing + Electronic privacy + Smart cards + Evolution of the regulatory framework and international standards Speakers include Richard Barth Council on Competitiveness, Washington, DC Gilles Brassard Universite de Montreal, Canada Whitfield Diffie Sun Microsystems, Sunnyvale, CA Charles Hartman IBM Personal Systems Multimedia, Mountain View, CA Jean-Jacques Quisquater Universite Catholique, Louvain, Belgium The symposium will involve no proprietary or confidential information. There will be no registration fee, but ADVANCE REGISTRATION IS REQUIRED. To register or to obtain further information, contact Phyllis Helms by electronic mail (easiest for us), fax, or phone, at the addresses below. email: PHELMS at watson.ibm.com fax: (914) 945-4001 phone: (914) 945-1681 Organizing Committee Nabil M. Amer NABIL at watson.ibm.com Charles H. Bennett BENNETC at watson.ibm.com Neil Gershenfeld NEILG at media-lab.mit.edu From pdn at dwroll.dw.att.com Fri Oct 22 12:42:57 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Fri, 22 Oct 93 12:42:57 PDT Subject: Emergency Broadcast System In-Reply-To: <9310221751.AA27149@netcom5.netcom.com> Message-ID: <9310221941.AA16004@toad.com> Tim May writes: > > By the way, a conclusion I draw from this is that an alternative way > to signal list members should exist, even if it's just a very long > list to send mail to from an unaffected system. Sort of an "Emergency > Broadcast System." > Excellent idea! Here's a first blush at a specification for an EBS: 1) Mailing list data should be distributed to "N" sites where "N" is a magic number that minimizes the chance of losing all the copies. (Mathematicians, sharpen your pencils!) 2) The list data should be encrypted somehow to address these concerns: A) The keepers of the EBS list can't screw around with its contents B) The exposure of the list itself is limited C) Duplicate copies of the list can be verified for authenticity 3) Some sort of signalling protocol should exist for activating the EBS, testing, etc. This protocol might also involve authentication (key swaps, signatures, whatever) that would require a minimum of "X" participants to accumulate enough data to unseal the encrypted copies of the list. 4) Implementation of the EBS site function should not require involved systems programming tasks- a member should be able to recieve and store the encrypted EBS data and follow fairly simple procedures to activate and test the system without being a [your favorite language here] guru. I would guess that many cypherpunks are reluctant to go to their systems people and say, "Hey, can you give me unlimited access so I can develop an emergency broadcast system for the cypherpunks?" Enough for now- I'll refill my coffee cup, sit back, and watch you pick this apart. 'Cypherpunks write code.' Well, here's your chance to implement a system that has wide appeal, would be fun to play with, and incorporates distributed data encryption. ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From frissell at panix.com Fri Oct 22 13:08:18 1993 From: frissell at panix.com (Duncan Frissell) Date: Fri, 22 Oct 93 13:08:18 PDT Subject: Net Regulation Message-ID: <199310222007.AA07683@panix.com> I know that this was a long time ago but I've been cut off from cyberspace for *days* (months in net time) while PANIX was down. S >From: smb at research.att.com S >Or -- envision, if you will, an ukase that the FCC will regulate the S >Internet, and that anyone who wants to connect will have to agree to an S >acceptable use policy that includes the requirement that all mail be S >digitally signed, both by the individual and by the site, and that S >mailers enforce this requirement. Can't happen? Since the Internet is an international entity, it is probably not subject to FCC regulation. Even if domestic accounts are somehow regulated, it is no problem to telenet from my regulated account, (or make a long distance phone call) to Demon Internet Services in London and access my account there automatically downloading encrypted mail and news files. As most of the comments on the Bell Atlantic/TCI merger suggest, there is little appetite even in the Clinton Administration for telecommunications reregulation. Such a move would seem to run counter to the domestic and international trends in telecoms policy. If the Bundesposte has had to surrender *its* monopoly, I doubt if mere US regulatory authorities can prevail in the winds that are blowing now. Further, such rules do not now govern private networks and setting up a secure, encrypted "enterprise network" is simple and cheap these days. The regulators will have enough on their plate trying to chase down all those people downloading porno from Zimbabwae and setting up their very own private "virtual" phone companies to compete with the licensed monopolies. Each node on a network can be a network of its own as large or larger than the network of which it is a part. S >Nor do I think that ``offshore data havens'' will help. Apart from S >the fact that most major governments are basically in accord on the S >question of who makes the rules (them, not the people -- or did you S >see any governments denouncing Clipper? I saw lots of endorsements), S >there is a potent weapon that can be used: mandatory disconnection S >from the net for any country that doesn't co-operate enough. The Feds can't even keep *me* off the nets (without arresting me), how can they keep a whole country off the nets. Shutting off the nets would be the equivalent of shutting down the phone system (since those will both soon be the same thing). You couldn't do that to one of the OECD countries at this point. It would be an Act of War. It would also cause a total financial panic since everyone would worry about other shutoffs and investors involved in the shutoff country would engage in a run to cash. Global liquidity depends on a microsecond by microsecond flow of data. This flow is bound to increase as time goes on. There is not even an international authority capable of imposing that sort of ban. It would also be technically difficult since the nets are topologically complex. S >Wanna place any bets on creating a whole new S >anonymity structure?) For that matter, international bandwidth is a S >matter for diplomats as well as technicians; permission to create new S >circuits will simply be withheld. If you doubt me, try placing a S >call to Cuba, or to the former USSR. After your Nth ``circuits busy" S >message, don't bother asking why the long distance carriers haven't S >installed more trunks, when there's obviously a demand for them. That was then. This is now. There is a guy in Havana right now selling satellite dishes. Thousands of Russian computers a month are joining Internet since the links were opened up a few months ago. With all of the dark fiber now going into the ground/ocean and data compression and multiplexing continuing to improve, I doubt that the regulators will have much effect on bandwidth allocation which is a child of scarcity. When lines are expensive, you can support expensive central switching and large monopolies. When virtual "lines" are nearly free, even force majure can't cope with 5 billion people shopping 'till they drop for cheap telecoms. S >Cryptographic technology is an enabling mechanism for various social S >changes. It by no means makes them inevitable. Don't delude S >yourself on that; the political will to do something is more important S >when various alternatives exist. I've always considered the "action at a distance" capabilities of the nets to be more important than encryption per se. Since governments are geographically-based entities, technologies which enable us to weaken the bonds of place reduce the ability of states to exact a "monopoly rent" based on their control of certain land areas. S >And throughout the centuries, governments have had no trouble stripping S >hated minority groups of their assets, without any need for computers. True. Computers, and jet travel, and other things don't make the government enormously more powerful than it's ever been but they *do* make us vastly more powerful than *we've* ever been. Louis XIV and Slick Willy could both destroy a village "so that no stone was standing upon a stone" but we are not bound to the soil like the peasants of 18th century France. S >If you want a Brave New Digital World, it isn't sufficient to build S >the tools. You also have to convince people that it's a good idea. S >Oh, the online world is coming; no doubt about that. But people have S >to be convinced that privacy and the like is in their interests, that S >it will solve problems that *they* will have. I think that a 30% to 50% increase in income via elimination of effective tax liability is quite an inducement. The artificial profitability of untaxed over taxed income has been enough to support thousands of offshore financial subsidiaries of all the world's banks for years now. This when they have had to pay substantial costs associated with offshore operations. When the Bank of the Internet brings offshore banking as close as your terminal, such "arbitrage" between taxed and untaxed transactions will grow explosively. S >Equally important, they have to be convinced that it will not create S >new problems, to their perception (and the perception may have little S >to do with reality. 500 -- nay, 500,000 -- channels of digital S >information to the home will do nothing to educate those who prefer to S >learn about the world from McData Services, or from S >CBS/NBC/ABC/Fox/AP/UPI. What's this got to do with the price of Yak butter in Ulan Bator? What does it matter what other people think in the fibersphere (thanks George) in which everyone who wants to controls their own switching capabilities. In which there is no effective central control and no way to prevent communication between or among any individuals or groups that want to communicate. "Early adopters" such as ourselves will develop the fibersphere and lots of others will follow. As soon as they discover that they can make "free" LD video calls anywhere on earth, see any pictures, play any games, find work, "sex", and all things imaginable and unimaginable many more will come. What they will find is freedom. They will not be convinced by a close reading of "Human Action," they will *live* it. Freedom is what you get when human interactions cannot be blocked. And don't tell me that we still have to live in the physical world. If 90% of the GWP (including *almost all* the money) consists of non-physical goods and services on the nets, government control over the remaining 10% is not statistically significant. Since "unbundling" of services from physical goods is already going on and will be accelerated as people discover the tax consequences of non-physical services performed on the nets, large chunks of the GWP are bound to transfer to the nets. Look at the explosion in the forex market on the nets (tripled in size since 1986) once it "slipped the surly bonds of earth." S > --Steve Bellovin Duncan Frissell "Prediction -- The global information/communications phenomenon as highlighted by this week's Bell Atlantic-TCI merger will be at least as big in its impact on human society as the Industrial Revolution. You heard it here first." -- John McLaughlin "The McLaughlin Group" NBC Sunday 17 October 1993 --- WinQwk 2.0b#1165 From cme at ellisun.sw.stratus.com Fri Oct 22 13:12:57 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 22 Oct 93 13:12:57 PDT Subject: Emergency Broadcast System Message-ID: <9310222011.AA01502@ellisun.sw.stratus.com> >Subject: Emergency Broadcast System >Date: Fri, 22 Oct 1993 13:36:33 -0600 (MDT) >From: "Philippe_D_Nave" > 1) Mailing list data should be distributed to "N" sites where "N" is a > magic number that minimizes the chance of losing all the copies. > (Mathematicians, sharpen your pencils!) I've done the math, if anyone is interested. (part of the job here at a producer of fault tolerant machines.) BTW, we also have solutions for tolerating death of servers which I should write up and post one of these days.... It's such second nature here at Stratus that I don't pay much attention to the fact that not everyone has seen the various solutions. - Carl - <> - Carl Ellison cme at sw.stratus.com - Stratus Computer Inc. M3-2-BKW TEL: (508)460-2783 - 55 Fairbanks Boulevard ; Marlborough MA 01752-1298 FAX: (508)624-7488 From an41418 at anon.penet.fi Fri Oct 22 13:32:57 1993 From: an41418 at anon.penet.fi (wonderer) Date: Fri, 22 Oct 93 13:32:57 PDT Subject: Warning about exposing anon id Message-ID: <9310222029.AA28647@anon.penet.fi> I am a strong believer in the importance of being able to have an anonymous identity with a reputation. As such, let me post a warning about the most common way people are revealing their identities to me. If you see a post to cypherpunks from an anonymous user of the Finish remailer. That is, an####@anon.penet.fi, and you reply to cypherpunks and to that person, then the article that appears on cypherpunks will have your real name and e-mail address, but the message received by the original poster will be from your anonymous id. It's easy to put the two together and establish a list of who is who. Personally, I am ignoring it when this happens, but if I wanted to, I could have a list of about 15 of you by now. It's important to understand how an anonymous service works if you want to rely on it. Also realize, that even if you don't think you are using the service, it is allocating an id for you when you reply to an anonymous poster. You will receive a message about this auomatically from the remailer. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From mg5n+ at andrew.cmu.edu Fri Oct 22 13:33:18 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 22 Oct 93 13:33:18 PDT Subject: Sharing a secret In-Reply-To: <9310221637.AA01633@jobe.shell.portal.com> Message-ID: David Koontz writes: > With a key K of size j (goddamn fortran anyway), i parties can share > the secret with a threshold of i (requiring all i parties key part) > by generating i parts P such that K = Pi XOR Pi-1 XOR ... P1. All > the parts P are the same size as K, which keeps the effort of guessing > a missing part equal to j, or the size of the key k itself. > > Such a scheme is not ideal for keys K that have a deterministic > characteristic. I might be missing something, but I don't see how this could be made to work when you're missing more than one key. For example, suppose you create a system with 5 keys. Take each of the five keys and XOR them to create a known constant. Now, if you have four keys, you can easily find the fifth by xoring them with the known constant, and unlock the cipher. But, what if you wanted to have three of the five keys be able to unlock the cipher. There isn't any way to do this. I worked with this system many years ago, trying to create an insurance against data loss. If you have some blocks of data, you take each byte in each block and xor it with the same byte position in all of the other blocks, and then save this new block that you created. If you then lose one of the blocks, you can recreate it from the remaining blocks. But if you lost two blocks, there is no way to recreate it. I gave up on the idea and never wrote the program. I like the line/polynomial idea that Hal Finney posted tho... From an41418 at anon.penet.fi Fri Oct 22 13:42:58 1993 From: an41418 at anon.penet.fi (wonderer) Date: Fri, 22 Oct 93 13:42:58 PDT Subject: Subliminal Channels Message-ID: <9310222041.AA00922@anon.penet.fi> Is there any published work on hiding subliminal messages in pictures? It seems like that would be really easy. The warden, so to speak, sees an innocent illustration of a house and a garden, but the prisoners hide information in the arrangement of the bricks and the flowers. In video images, wouldn't it be very difficult to detect that there was some encrypted data in the image? This would be good for deniability. Big brother comes and tells you that you are not allowed to encrypt anything, and you say that you used a random number generator for this new form of art that appears to be total oblivion, but really represents a new way of looking at the meaning of life. Meanwhile, your pal on the other hand runs it through a processor and decrypts the message. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From catalyst at netcom.com Fri Oct 22 13:58:19 1993 From: catalyst at netcom.com (Scott Collins) Date: Fri, 22 Oct 93 13:58:19 PDT Subject: Warning about exposing anon id Message-ID: <9310222055.AA23514@newton.apple.com> Wonderer says: >[direct replies to an anon id reveal _your_ anon id] To avoid this, instead of replying to e.g., an41418 at anon.penet.fi, reverse the first two letters (mnemonic 'not anonymous') and thus reply instead to na41418 at anon.penet.fi. It will go to the same person, but your reply will not by anonymized, and thus your identity will not be revealed. Hope this helps, Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com From freeman at MasPar.COM Fri Oct 22 14:18:19 1993 From: freeman at MasPar.COM (Jay R. Freeman) Date: Fri, 22 Oct 93 14:18:19 PDT Subject: Warning about exposing anon id Message-ID: <9310222118.AA17944@cleo.MasPar.Com> A very interesting warning, and an interesting conceptual loophole, if I understand it correctly. What I think I understand is, that if I reply to an anonymous message, the remailer will create and maintain an anonymous ID for me, of the form "an12345", which it will use for all subsequent messages that I send through it. If so, then the gotcha is this: Suppose I am not interested in anonymity. I read a message that looks interesting, and reply to it -- both to the originator and to the newsgroup. The remailer gives me an "anonymous" ID which is promptly compromised because the same text went out both with my name on it and with the anonymous ID attached. But who cares -- as I stipulated, at the time I was not interested in anonymity, and may not even have realized that the message I was replying to was posted via an anonymous remailer. BUT suppose that six months from now I suddenly turn paranoid (or realist -- which term you choose depends on your world view), and decide I would like to use the anonymous mailer. Now I send messages to and through it, but the mailer already has an "anonymous" ID for me -- the one long since compromised -- so it keeps using it. Sounds to me like an interesting way for a user to compromise anonymity without it really being anybody's fault. I hope this problem is explained in the remailer documentation (which I haven't sent for -- at the moment I am not interested in anonymity), and that there is an easy way for a user to request a new anonymous ID. A fair fraction of the readers of this list will probably be saying "caveat emptor" or words to that effect, but I suggest that it would be a desirable property of a service offering any kind of anonymity, to lead users -- especially novices -- away from trivial beginner's mistakes. -- Jay Freeman From bill at twwells.com Fri Oct 22 15:03:01 1993 From: bill at twwells.com (T. William Wells) Date: Fri, 22 Oct 93 15:03:01 PDT Subject: Mail delivery question In-Reply-To: <9310211739.AA29665@toad.com> Message-ID: In article <9310211739.AA29665 at toad.com>, peter honeyman wrote: : i think you want to check out rfc 821, which describes smtp. I'll make a stronger statement. Do not run a remailer or other network service unless you have read and understood the relevant RFCs. Furthermore, don't start anything up for general use unless you are a mail/Usenet/networking guru or you have checked with someone that is. Finally, when you do first start your service watch it carefully and continuously. Lose sleep until you're _sure_ it is working according to your expectations. Though the Internet is relatively robust, it is far from completely so. And various parts of the net are not the Internet. Things don't always work the way you would expect and only people who have been around for awhile have much of a clue as to what really is going on. Reading the references and checking with knowledgable people is essential if you aren't to do something stupid that will get people pissed and might get you ostracized. And when, as most likely will happen sooner or later, something you do does blow up in your face, you'll only be being a pain in the ass instead of an ignorant and willful pain in the ass. :-) Believe me, it will make a big difference in dealing with your faux pas if you have made the attempt to do the right thing. From cme at ellisun.sw.stratus.com Fri Oct 22 15:28:20 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 22 Oct 93 15:28:20 PDT Subject: Subliminal Channels Message-ID: <9310222227.AA01747@ellisun.sw.stratus.com> >Message-Id: <9310222041.AA00922 at anon.penet.fi> >From: an41418 at anon.penet.fi (wonderer) >Date: Fri, 22 Oct 1993 20:41:37 UTC >Subject: Re: Subliminal Channels >Big brother comes and tells you that you are not allowed >to encrypt anything, and you say that you used a random >number generator for this new form of art that appears >to be total oblivion, but really represents a new way of >looking at the meaning of life. Have you seen random dot stereo pictures? (cross-eye stereo) There are 5 or 6 repetitions of a seemingly random dot field -- but the first repetition really is random (I believe). A friend of a friend has S/W for generating these. I remember looking at it once and it's not hard at all. However, that was years ago. - Carl From klbarrus at owlnet.rice.edu Fri Oct 22 15:43:00 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Fri, 22 Oct 93 15:43:00 PDT Subject: ANON: revealing penet id Message-ID: <9310222238.AA15930@flammulated.owlnet.rice.edu> Hm... this topic seems to come up every few months - just today I was reading the newest Risks digest and an32153 (or something like that) was announcing the "risk" of using penet. I mailed off a submission describing how to avoid this. I think people don't know about this because it isn't published anywhere. Or is it? Maybe somebody could help Julf out and offer to write a new help file that specifically mentions the an/na trick. Last time I looked at the penet help file, this wasn't mentioned. It only takes a bit of work to avoid blowing your id - you just can't hit 'r' and reply to the addressee; instead you must type in the address manually (and be sure to type na#### instead of an####). Last week I responded to some email from a penet user. I was careful to respond to na####, or penet would have allocated me an id for klbarrus at owlnet.rice.edu (since I don't have one for this account) and thus someone would have been able to correlate my penet id and this account. As a matter of fact, I think that I revealed the penet id for an old account of mine (elee9sf at menudo.uh.edu) this exact way, although this was before the an/na functionality. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From klbarrus at owlnet.rice.edu Fri Oct 22 16:03:00 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Fri, 22 Oct 93 16:03:00 PDT Subject: Subliminal Channels In-Reply-To: <9310222041.AA00922@anon.penet.fi> Message-ID: <9310222300.AA17989@flammulated.owlnet.rice.edu> wonderer wrote: >Is there any published work on hiding subliminal messages >in pictures? It seems like that would be really easy. Someone did write a program which embeds information in a JPEG, but I don't have any other info (like where to get it, who wrote it, etc. :-) Actually though, embedding a message in a picture leans toward steganography. Subliminal channels, covert channels, and steganography are related to one another, and seem to overlap. I don't have precise definitions (does anybody else?). From reading, here is what I think these three methods are: Covert channel: you and I agree that if I mail you a letter with the stamp affixed sideways, that messageA is communicated. Or, we agree that a post sent to alt.test with the subject "el mariachi" conveys messageA. Or that my running a process and killing before 9:30 p.m. conveys messageA. Subliminal channel: you and I share a secret and convey our message in the digital signature of innocent message we pass to one another. Steganography: I write an innocent message, and I change the spacing between words, to convey messageA. Or, I embed the message in the low order bits of a picture or a sound file. So, it looks like that in subliminal channels and steganography, the actual message is passed, while covert channels don't (it's like winking at a friend - no message but lots of information). Also, it seems that steganography alters the innocent message itself, while a subliminal channel doesn't. Obviously, there is great room for hair-splitting. These are the differences as I understand them! Any other input? -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From arthurc at crl.com Fri Oct 22 16:28:19 1993 From: arthurc at crl.com (Arthur Chandler) Date: Fri, 22 Oct 93 16:28:19 PDT Subject: Anonymity versus Responsibility In-Reply-To: <9310210643.AA27104@netcom.netcom.com> Message-ID: It still seems to me that the spoofing issue has been oversimplified: "Hey, it's a fact of life. Accept it." "We're cypherpunks. We have a little fun once in a while. Lighten up!" "Spoofing and deception are not the same." Then Boxx gets dinged for using spoofs, and Detweiler gets dinged for objecting to them. Then May comes out with a G-rated spoof, and everyone (almost) has a chuckle. But I think the issue is too sticky to pass off with flames and grins. As I see it, the spoofing touches on one of the basic opportunities/dilemmas of the NET: anonymity versus responsibility. We can say things behind the cover of ascii that we wouldn't dare try IRL. So some folks do it. You can explore gender bending, being an asshole, etc. -- and no one has to know. Good therapy? Food for the exploring mind? Yeah, maybe. But also -- Good for undermining credibility. Someone spoofs in a letter from William Gibson during a heated discussion of Cyberpunk. It LOOKS plausible. No one on the list knows Gibson personally. Do you take it at face value, or pass it off as a possible spoof? Folks, that ain't spoofing: it's impersonation. It's a form of lying. No harm done? Ask Gibson if he thinks so. Ask yourself if you would. Situation #2: someone writes in a bunch of outrageous opinions and puts YOUR name in the sender slot and fires the mess of to the cypherpunks list. What are you going to do about it? Quickly post a denial, no doubt. But tell me you wouldn't feel furious. Someone has used anonymity to misrepresent you. In essence, to lie about you in an ingenious way made possible by a combo of human nature and the structure of the NET. So: You want to post/pose as *HeAvYd00d* -- hey, go right ahead. That's your biz, and I can use a laugh (the whole scheme of building up an anonymous rep seems like juvenile fantasy or disguised cowardice, but chacun a son gout). You want to pose as William Gibson? I've got a problem with that -- and so do you, if the real WG finds out. You want to pose as someone else on this list? Well, do YOU have a problem with that? From ebrandt at jarthur.Claremont.EDU Fri Oct 22 17:38:21 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Fri, 22 Oct 93 17:38:21 PDT Subject: Anonymity versus Responsibility In-Reply-To: Message-ID: <9310230035.AA18944@toad.com> > It still seems to me that the spoofing issue has been oversimplified: [...] > "Spoofing and deception are not the same." What's overly simple about this? > Then Boxx gets dinged for using spoofs, I don't think anyone cared that "S. Boxx" posted pseudonymously. [ Example of someone impersonating William Gibson ] [ Example of someone impersonation *you* ] > tell me you wouldn't feel furious. Someone has used anonymity to > misrepresent you. In essence, to lie about you in an ingenious way made > possible by a combo of human nature and the structure of the NET. Anonymity has nothing to do with this. Nor does pseudonymity. This is a simple case of exploiting technical loopholes the size of Neptune. Unfortunately, many people give more credence than they should to the From: line, perhaps not realizing that present protocols were never designed for security. An easy way of making reality conform to expectations is to spread the use of digital signatures. Your examples of "harmful spoofing" are problems, but they are old problems having nothing to do with the use of nyms. You can't, for example, post to alt.cyberpunk as an47351 at anon.penet.fi (William Gibson) and expect to fool anybody. Yes, forgery is obnoxious. But this putative offense of "pseudospoofing", of having multiple names, is very from forgery. Eli ebrandt at jarthur.claremont.edu From plaz at netcom.com Fri Oct 22 17:43:00 1993 From: plaz at netcom.com (Geoff Dale) Date: Fri, 22 Oct 93 17:43:00 PDT Subject: Subliminal Channels (jsteg) Message-ID: <9310230040.AA29444@netcom.netcom.com> replying to: Karl Lui Barrus >Someone did write a program which embeds information in a JPEG, but I >don't have any other info (like where to get it, who wrote it, etc. >:-) I saw jsteg on soda.berkeley.edu from the cypherpunks area (/pub/cypherpunks/applications/jsteg). I haven't actually tried it, mind you, but that's where I saw it. It's actually in the form of jpeg source and a diff file to turn it into jsteg. Forward, upward, outward, onward, and every which way but loose! _______________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- plaz at netcom.com "We are the shock troops of reality." - Voice of the Friends (Wild Palms) From hughes at ah.com Fri Oct 22 18:32:59 1993 From: hughes at ah.com (Eric Hughes) Date: Fri, 22 Oct 93 18:32:59 PDT Subject: crypto technique Message-ID: <9310230129.AA01896@ah.com> I've looked at Matthew Ghio's encryption technique and have some comments. First let me summarize the system. private key: a sequence of polynomial functions f_1, f_2 ... f_n of the form a_i x (x+1)/2 + b_i, where a_i is odd. public key: the composition of these functions f(x) = f_1 ( f_2 ( ... f_n(x))) and a modulus P = 2^k plaintext: a value 't' ciphertext: the value u = f(t) decryption: finding t such that f(t)=u, by using of the f_i Matthew has repeatedly claimed that it can't be broken. Now one of the first rules of cipher design is don't claim that unless you have some good reason to believe that it can't be broken. Merely saying "I can't figure out how" is NOT sufficient. No flame intended, Matthew, this is probably the single most common failing of people interested in crypto. In particular, Matthew has made the claim that one must find the coefficients of the f_i in order to decrypt and claims that finding such coefficients is difficult. He calls this operation factoring; properly speaking this is a 'decomposition', since the operation used to make f(x) is not multiplication by composition (called iteration when all the functions are the same). As I suspected and Karl has demonstrated, these decompositions are not unique. Since the plaintext, ciphertext pair does not depend on the representation of the function, only upon the coefficients of the polynomial function which is the public key, any such decomposition will suffice for decryption. In other words, you don't have to find how the function was created in order to decode. All you need is some way of inverting the polynomial function f(x). Note that I am using the phrase polynomial function here, and not just the word polynomial. There is a big difference. Polynomial functions are real functions with a domain and range. Polynomials are elements of a ring created by adjoining an indeterminate 'x' to some ring. Polynomials can be 'evaluated' as polynomial functions under some circumstances, but not always. A side note. The function Matthew picks, 1/2 x(x+1) is not, properly speaking, a function with coefficients in Z/2^k (integers mod 2^k). It is, however, a coefficient in Z/2^{k+1} There's one significant difference for the purposes of this proposed cipher: polynomials have arbitrarily large degree, but every polynomial function over a finite ring (such as integers mod N) is equal to some polynomial function of finite degree. One can see this easily be recalling Fermat's little theorem a^N == a (mod N). Thus x^N == x (mod N) for polynomial functions, which limits the degree. Matthew has proposed that arbitrarily many compositions will give a function which can't be inverted. This is certainly not the case if N = 2^k as he proposes. The following relation holds for all integers n > 0 and for all integers t: 2^{2^n - 1} | \Product_{i=0}^{2^n - 1} ( t + i ) What this means is that as the 2^k grows larger, the maximum degree of the polynomial functions grows as 'k', not as 2^k. In other words, the degree grows as the logarithm of the modulus, or linearly in the number of bits in the modulus, if you prefer. This is certainly not a good sign. Recommendation: don't use N=2^k. It's a general rule of cryptosystems that if you use 2^k moduli to speed your encryption, you will also speed the attack, and not just from increased speed, but from algebraic properties of these moduli. There have been some spectacular failures in this regard, notably a chip which was built to do modular exponention for a particular 2^k which was later found to be totally insecure. Another property which decreases the security of the scheme is that polynomials over Z/2^k don't have unique factorization. Therefore the polynomial functions don't have unique representations. For example (x+1)(x+3) = (x+5)(x+7) (mod 8) (x+2)(x+4) = x (x+6) (mod 8) x (x+1)(x+2)(x+3) = 0 (mod 8) (from the expression above) This makes it all the easier to invert the polynomial. The reason that you don't have unique factorization is that Z/2^k has zero divisors: 2 x 4 = 0 (mod 8), so two divides zero. The presence of zero divisors means that you don't get unique factorization. There is, however, a twist. If you don't even see the zero-divisors, you can pretend they aren't there. This is exactly what RSA does, since if you find a multiple of one of the factors of the modulus, you've broken the system. But if you use a modulus of the form pq, you're basically using RSA! RSA picks a particularly easy polynomial function to invert, namely f(x) = x^e. Other polynomials would work as well, and, in fact, appear in the patent application, albeit without examples. Now if you pick a prime modulus, you don't have a public key system anymore. This is the Hellman-Pohlig patent, which uses x^e (mod p) as its encryption. In this scheme 'p' is kept secret, since otherwise the exponentiation could be reversed. In short, I don't think Matthew's scheme can be made to work. There is an open question about how the base field increases with each composition because of the presence of the 1/2, but I don't think currently that this makes it work. For a specific reference, see the collection _Cryptology and Computational Number Theory_ which contains an essay by Kevin McCurley "Odds and Ends from Computational Number Theory." Section 3 of this essay discusses the breaking of some similar schemes by some non-obvious means. I quote: "Moreover, it holds a valuable lesson for those who tend to believe that a computational problem is difficult just because the only apparent solution is difficult." Eric From cme at ellisun.sw.stratus.com Fri Oct 22 18:48:21 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Fri, 22 Oct 93 18:48:21 PDT Subject: random dot stereo Message-ID: <9310230144.AA03721@ellisun.sw.stratus.com> My friend's code is still around. I don't have permission to post it but if there's interest I'll ask. Each picture generated requires up to 2^17 random bits to seed the process. - Carl From XXCLARK at indst.indstate.edu Fri Oct 22 18:58:21 1993 From: XXCLARK at indst.indstate.edu (XXCLARK at indst.indstate.edu) Date: Fri, 22 Oct 93 18:58:21 PDT Subject: Conon redux Message-ID: <9310230156.AA19479@toad.com> wrote: >Most likely by modulating the Least Significant Bit of the color Thank you. Never would have thunk it. Attempted an off-list reply, but can't find the damn gateway. ec From anonymous at extropia.wimsey.com Fri Oct 22 20:03:00 1993 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Fri, 22 Oct 93 20:03:00 PDT Subject: No Subject Message-ID: <199310230247.AA03638@xtropia> > Maybe somebody could help Julf out and offer to write a new help file > that specifically mentions the an/na trick. Last time I looked at the > penet help file, this wasn't mentioned. Yes, and while he's at it, how about instructions for changing passwords and nicknames? From judic at netcom.com Fri Oct 22 20:28:21 1993 From: judic at netcom.com (Judi Clark) Date: Fri, 22 Oct 93 20:28:21 PDT Subject: FYI - NSA going public (fwd) Message-ID: <9310230328.AA13171@netcom3.netcom.com> > >Date: Fri, 22 Oct 93 11:34:51 -0700 > >Subject: NSA call for proposals > > > >NSA is offering to support unclassified research in certain security- > >related areas. > >A description of the program is with Joyce. > >There is a deadline of Nov. 8 for a letter of interest > >(email to dld at tycho.ncsc.mil is apparently sufficient) > > > >They will send you an RFP in December if you reply by 11/8. > > ---jdu > > Thought you'd be interested. -- judi From MIKEINGLE at delphi.com Sat Oct 23 00:23:01 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sat, 23 Oct 93 00:23:01 PDT Subject: Applied Steganography Message-ID: <01H4FR1PIQ4291WDW2@delphi.com> Here is an interesting application of steganography from Eric Isaacson's A86 assembler. This method would be low-bandwidth but hard to detect. 6. A86 takes advantage of situations in which more than one set of opcodes can be generated for the same instruction. (For example, MOV AX,BX can be generated using either an 89 or 8B opcode, by reversing fields in the following ModRM byte. Both forms are absolutely identical in functionality and execution speed.) A86 adopts an unusual mix of choices in such situations. This creates a code-generation "footprint" that occupies no space in your program file, but will enable me to tell, and to demonstrate in a court of law, if a non-trivial object file has been produced by A86. The specification for this "footprint" is sufficiently obscure and complicated that it would be impossible to duplicate by accident. I claim exclusive rights to the particular "footprint" I have chosen, and prohibit anyone from duplicating it. This has at least two specific implications: a. Any assembler that duplicates the "footprint" is mine. If it is not identified as mine and issued under these terms, then those who sell or distribute the assembler will be subject to prosecution. b. Any program marked with the "footprint" has been produced by my assembler. It is subject to condition 5 above. From barrett at daisy.ee.und.ac.za Sat Oct 23 07:48:25 1993 From: barrett at daisy.ee.und.ac.za (Alan Barrett) Date: Sat, 23 Oct 93 07:48:25 PDT Subject: Warning about exposing anon id In-Reply-To: <9310222055.AA23514@newton.apple.com> Message-ID: Scott Collins says: > Wonderer says: > >[direct replies to an anon id reveal _your_ anon id] > > To avoid this, instead of replying to e.g., an41418 at anon.penet.fi, reverse > the first two letters (mnemonic 'not anonymous') and thus reply instead to > na41418 at anon.penet.fi. I believe that, according to the principle of least astonishment, replies to anonymous IDs should, by default, not be double-blinded; and deliberate action should have to be taken to request the double-blinding that currently happens by default. Perhaps the anon admins could be persuaded to modify their systems accordingly; They would just need to put na#### instead of an#### in the FROM address, and educate their users. Several months ago, I tried to persuade one of the anon admins to do this, but I was not successful, and that server has since shut down. --apb Alan Barrett, Dept. of Electronic Eng., Univ. of Natal, Durban, South Africa RFC822: barrett at ee.und.ac.za From damiano at wyvern.wyvern.com Sat Oct 23 10:13:04 1993 From: damiano at wyvern.wyvern.com (Christian O'dell) Date: Sat, 23 Oct 93 10:13:04 PDT Subject: mailing Message-ID: Would you please add me to your mailing list...thanks -- Damiano From swc at uc1.ucsu.edu Sat Oct 23 10:13:26 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sat, 23 Oct 93 10:13:26 PDT Subject: Bidzos (RSA) on "Primetime Live" (was: cellular) Message-ID: <9310231713.AA00766@uc1.ucsu.edu> Voice registry is far easier than you imagine. I am in defense contracting and have seen demos here at Rome Laboratory. I will NEVER feel secure on the phone again. They can easily identify speakers, languages, keywords and gists of conversations. Now they are working on dialiects. ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From bill at twwells.com Sat Oct 23 10:13:31 1993 From: bill at twwells.com (T. William Wells) Date: Sat, 23 Oct 93 10:13:31 PDT Subject: Net Regulation In-Reply-To: <199310222007.AA07683@panix.com> Message-ID: [Many things I'll not take a stand on one way or another, right now.] In article <199310222007.AA07683 at panix.com>, Duncan Frissell wrote: : And don't tell me that we still have to live in the physical world. If : 90% of the GWP (including *almost all* the money) consists of non-physical : goods and services on the nets, government control over the remaining 10% : is not statistically significant. All too often, people look at one thing and imagine that the numbers somehow outweigh reality. It ain't like that, folks. Reality is complexly, intimately, and inseparately interconnected. No matter what you do with the bits, physical reality cannot be discounted. "No matter how subtle the wizard, a knife in the back will always cramp his style." So, please, stop with the simplistic answers! (What *did* happen at Panix, eh? I rest my case.) From hughes at ah.com Sat Oct 23 10:43:06 1993 From: hughes at ah.com (Eric Hughes) Date: Sat, 23 Oct 93 10:43:06 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310231738.AA02831@ah.com> Cypherpunks is an experiment in anarchy whose participants share overlapping concerns with respect to privacy and cryptography. One of the commonly shared goals of the participants in this group is to change the technical context of the political debate about cryptography. This goal has not been reached, nor even has very close approach been made as yet. I believe that we have been successful in inculcating, at least in ourselves, a set of values and attitudes toward encryption . Unfortunately this mental presence has not blossomed into actual culture and practice, although we have attempted and practiced. Not all systems are self-organizing, and ours is not dissipative in the right way. Therefore in true micro-Keynesian fashion, I am considering creating an artificial inducement toward cryptography on this list. You will be, of course, free not to participate. The rule I am considering is the following: Digitally sign your articles or their transmission will be delayed. In terms of email privacy, we have not yet even reached the level where content encryption is standard. Since software to make digital signatures is almost always the same software needed for encryption, and likewise for signature verification and decryption, an inducement to sign one's posts will be also an inducement to encrypt. At the very least it requires some change in the status quo of one's own email system. The hampering above will not be outright rejection, since the cost of rejection creates a step function to participation, an insurmountable hurdle for most of us. Rather I am considering hampering posts by delaying their transmission, by destroying some of their timeliness. Timeliness, as I analyze it, will be one of the few things that have economic worth in a post-copyright environment. Delaying unsigned posts does not prevent people from participating, merely from getting very close the topicality of discussion. If you are debating delayed against an undelayed correspondent, you will be at a disadvantage, as your points may be immediately responded to, but the other's points will stand unopposed for longer. Truth, in other words what _you_ believe, might triumph eventually, but practical epistemology is more a matter of rhetoric than of validity. Nor does it prevent occasional use of the forum by lurkers and learners. The first article on any new subject has very little time value, rhetorically, but the question still gets asked. Furthermore, it will tend to slow down debate, at least for a while. My initial thoughts are that the delay should be about six hours, which would limit the number of salient responses of the unverifiable to about one per topic per day. As more and more people begin to sign their posts, that delay would be increased. I have considered more sophisticated schemes, such as allowing automatic delayed moderation, which sends you back a ticket that allows immediate posting, but after some number of hours, or perhaps longer delays for unsigned repsonses to signed articles, but I think that a simpler system will work better, certainly at the outset where people are coming to grips with delay's effect on the discussion. I invite discussion of this proposal on the list itself. If you only wish to express approval or disapproval, that is, to "vote", please do so only in private e-mail to me. I welcome further analysis of this idea as well as evaluations of its desirability or odiousness in your own value system. Unsigned, Eric From hfinney at shell.portal.com Sat Oct 23 10:53:06 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Sat, 23 Oct 93 10:53:06 PDT Subject: Warning about exposing anon id Message-ID: <9310231752.AA11323@jobe.shell.portal.com> I agree with Alan's position that anonymization not be done automatically on reply to mailers, but in fairness Julf has argued that the "least astonishment" position goes the other way. Apparently for several years anonymous/pseudonymous servers have operated on the talk groups which do the automatic anonymization. People there have come to expect that when they reply to an anonymous message their own identity will be protected. Providing an anonymous server for which this established behavior does not occur will no doubt astonish many experienced users of these services. Still, I think the current behavior is wrong, and IMO the sooner people learn a new way of using anonymous servers, the better. When we do deploy anonymous servers which allow replies, it will be important to include disclaimers which remind people that their replies will not be anonymous. Unfortunately, some or most newsreaders do not show header fields, and I dislike sticking disclaimers into the message body itself. Hal From mab at crypto.com Sat Oct 23 11:43:06 1993 From: mab at crypto.com (Matt Blaze) Date: Sat, 23 Oct 93 11:43:06 PDT Subject: Warning about exposing anon id In-Reply-To: <9310231752.AA11323@jobe.shell.portal.com> Message-ID: <9310231826.AA08908@crypto.com> It seems that an anonymous remailer can operate in one of three ways - it can reveal your psuedonym, it can reveal your identity, or it can reveal nothing and simply give you a generaic "anonymous" identity. Unfortunately each mode of operation is inapproprate as a default behavior: - If it reveals your psuedonym, you could inadvertently expose map your name to your psuedonym if you reply to a remailed message and include your real identity. - If it reveals your real identity, this could lead all sorts of obvious problems with people who don't expect this behavior. - If it simply strips out all identifying information and calls you some generic anonymous name, this could lead to problems for people who expect a reply to their messages. I think the best solution is to require any message sent through a remailer to include explicit instructions as to how it should be handled. For example, require something like an "X-Identify:" field that would be used to select the return address behavior, with options like "real-id", "psuedonym", or "anonymous". Messages that don't include the field should bounce, probably with some instructions as to how to fix the message to make it go through properly. -matt From mab at crypto.com Sat Oct 23 11:43:26 1993 From: mab at crypto.com (Matt Blaze) Date: Sat, 23 Oct 93 11:43:26 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310231835.AA09172@crypto.com> Oops, forgot to cc this to the list: While I'm all for encouraging the use of digital signatures, I think this is a bad idea. The fact is there is not yet a truely generally available method for digitally signing messages, and there are two competing standards from which to choose as it is. Just how should messages be signed? PEM? PGP? What consititues a valid certificate? (Actually, this question when applied to your proposal underscores the inadequacy of both systems in processing heterogeneous signatures - pgp imposes too little structure and pem imposes too much. But that's another story). Then there's the practical problem that some people simply can't use a particular signature technique with exisiting software and systems. These people include: - People outside the US and Canada, who can't legally use any PEM implementation of which I'm aware because of restrictions on RSAREF. - People in the US who can't use PGP because they're afraid to. - People in the US who want to use PGP but can't because the people who own/operate the computers they use won't let them. Some people on public access and university systems and many people in lawsuit-conscious large companies with deep pockets are included here. - People who would love to use PGP or PEM but don't see the point because they don't fully trust the system on which they would sign their messages. Anyone who uses anything but a private, single-user workstation SHOULD be in this category. - People who would love to use PGP or PEM but can't because they don't have a working implementation of their secure mailer of choice for their particular machine/OS. Do we really want to exclude these people from full participation? If so, I suspect this would eliminate a few of the most valuable contributors to the list. Again, I don't thing this CONCEPT is a bad one, only that this particular IMPLEMENTATION is premature in the absence of better and more ubiquitous signature tools. -matt (also unsigned, also known as mab at research.att.com) From honey at citi.umich.edu Sat Oct 23 11:53:06 1993 From: honey at citi.umich.edu (peter honeyman) Date: Sat, 23 Oct 93 11:53:06 PDT Subject: Mail delivery question Message-ID: <9310231851.AA25213@toad.com> well, i think bill overstates the case. but then, i'm from the slash/hack, no risk/no gain school of computer programming. peter From mccoy at ccwf.cc.utexas.edu Sat Oct 23 11:53:26 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Sat, 23 Oct 93 11:53:26 PDT Subject: Warning about exposing anon id In-Reply-To: Message-ID: <199310231848.AA06534@tigger.cc.utexas.edu> Alan Barrett writes: > Scott Collins says: > > To avoid this [direct replies to an anon id reveal _your_ anon id], > > instead of replying to e.g., an41418 at anon.penet.fi, reverse > > the > > first two letters (mnemonic 'not anonymous') and thus reply instead to > > na41418 at anon.penet.fi. > > I believe that, [...] replies to anonymous IDs should, by default, not be > double-blinded [...] Perhaps the anon admins could [...] put na#### > instead of an#### in the FROM address, and educate their users. A better method might perhaps be to set the Reply-To field to automatically be the na#### address. This makes it easier for people with smart mailers and doesn't mess around with who the message is actually from... jim From julf at penet.fi Sat Oct 23 12:08:26 1993 From: julf at penet.fi (Johan Helsingius) Date: Sat, 23 Oct 93 12:08:26 PDT Subject: Warning about exposing anon id In-Reply-To: <9310231826.AA08908@crypto.com> Message-ID: <199310231907.AA11705@mail.eunet.fi> > It seems that an anonymous remailer can operate in one of three ways - > it can reveal your psuedonym, it can reveal your identity, or it can > reveal nothing and simply give you a generaic "anonymous" identity. There is one more option - use two separate sets of anon id's. This is the way anon.penet.fi Mk II is going to operate. > - If it simply strips out all identifying information and calls you some > generic anonymous name, this could lead to problems for people who expect > a reply to their messages. Yeah. This problem is solved by the aforementioned "double" id approach... > I think the best solution is to require any message sent through a remailer > to include explicit instructions as to how it should be handled. For example > , > require something like an "X-Identify:" field that would be used to select th > e > return address behavior, with options like "real-id", "psuedonym", or > "anonymous". Messages that don't include the field should bounce, probably > with some instructions as to how to fix the message to make it go through > properly. No way. 75% of my users just can't deal with the extra headers. I frequently get messages like: "Dear Sir. I not understand you help. I not read English. I chinese. Send chinese help." Julf From barrett at daisy.ee.und.ac.za Sat Oct 23 12:18:26 1993 From: barrett at daisy.ee.und.ac.za (Alan Barrett) Date: Sat, 23 Oct 93 12:18:26 PDT Subject: Warning about exposing anon id In-Reply-To: <9310231826.AA08908@crypto.com> Message-ID: Matt Blaze says: > I think the best solution is to require any message sent through a > remailer to include explicit instructions as to how it should be > handled. [...] Messages that don't include the field should bounce, > probably with some instructions as to how to fix the message to make > it go through properly. For messages that are deliberately sent through remailers, I agree that the sender should provide explicit instructions to direct the operation of the remailer. However, I would note that the mere act of deliberately using a particular remailer can constitute an explicit instruction for the remailer to perform its "standard" processing. Messages that are inadvertantly sent through remailers by innocent folk who simply reply to a (pseudonymous) message that they have received, or simply write to an address that they have seen advertised, are different. I think that such messages should function as much like ordinary (non-anonymous) mail as possible, consistent with the goal of protecting the recipient's identity, to avoid surprising the innocent sender. Servers like the present implementation of anon.penet.fi do not satisfy this requirement. --apb (Alan Barrett) From mab at crypto.com Sat Oct 23 12:28:26 1993 From: mab at crypto.com (Matt Blaze) Date: Sat, 23 Oct 93 12:28:26 PDT Subject: Warning about exposing anon id In-Reply-To: <199310231907.AA11705@mail.eunet.fi> Message-ID: <9310231917.AA09665@crypto.com> Julf writes: >There is one more option - use two separate sets of anon id's. This is the >way anon.penet.fi Mk II is going to operate. How will this work? Will you have a separate name space of "heavyweight" anonymous IDs for messages that explicitly ask for a psuedonym (like with a password) and those that don't? If so, that sounds like a nice solution. -matt From dsinclai at acs.ucalgary.ca Sat Oct 23 12:33:06 1993 From: dsinclai at acs.ucalgary.ca (Douglas Sinclair) Date: Sat, 23 Oct 93 12:33:06 PDT Subject: DC-nets Message-ID: <9310231931.AA56549@acs1.acs.ucalgary.ca> My thanks to Tim Newsham and Tim May for sending me information on DC-networks. It appears the modifications that I had been thinking about were not discussed by Chaum in his original paper, which gives me some hope I may have stumbled across something new. Chaum proposes the use of public key cryptography for secure communication between vertices in a DC-net. This leads to the problem of secure key exchange, and the possibility that the public key algorithm is not sound. Instead, the interference properties of a DC-net may be used to give unconditional security. Say Alice wishes to send a message M to Bob. 1. Alice computes the hash of M, and appends it to M to produce a packet P of p bits. 2. Alice transmits on the net "Message of p bits for Bob" 3. Bob receives this message, and prepares a packet R composed of p random bits. 4. Alice transmits packet P. Simultaniously, Bob transmits packet R. The output of the DC�net is now X, where X = P XOR R 5. Bob, computes P = X XOR R. He verifies that the last bits of P are a valid hash for the first portion. If so, he has succesfully recieved M and the transfer is over. If not, there must have been interference from another party. He would then transmit "Alice, resend message", and the procedure would be repeated. All that Carol, another vertex in the net, can see is X. She cannot derive P from X as it has been encrypted with the equivalent of a one-time pad. Thus, P is unconditionally secure. Alice and Bob need no nothing about each other for this transfer to work. Indeed, Alice and Bob may well be pseudonyms. The worst that can happen is that two sites respond to the pseudonym of Bob, and the transfer suffers from interference. Hence the built in hash. Note that only Bob can see the valid hash, and only then if the transfer has worked perfectly. Thus, the hash need not be secure. I have not looked at the efffects of collusion on this protocol. My gut feeling is that sufficient collusion would bring it down in flames. However, this is also true of the basic operation of a DC-net. I cannot claim that I came up with this protocol alone. It was concieved this summer at a seminar I taught on cryptography. After sitting around a table and flipping coins to prove that it actually did work, we started looking at the problems of un-intentional interference. This is the result of half an hour of me trying to remember what little I had read of DC-nets and the students making me look like a fool for not having studied as much as I should have. So, my first question to you is, does it work? The next question is has it been thought of before? And finally, is it useful? -- PGP 2.3a Key by finger From chrome at jhunix.hcf.jhu.edu Sat Oct 23 12:48:26 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 23 Oct 93 12:48:26 PDT Subject: Subliminal Channels In-Reply-To: <9310222041.AA00922@anon.penet.fi> Message-ID: > Is there any published work on hiding subliminal messages > in pictures? It seems like that would be really easy. Read R. Key's _The Clam-Plate Orgy_ for information on how advertising companies (cigarette ana alcohol companies especially) add little airbrushed renditions of subliminally pleasing sex scenes, with intent to stimulate purchase of the product. Its been done for almost 50 years now, and started with the tachistoscope used in movie theatres to get people to consume popcorn and Coca-Cola(tm) in great quantities. Sales went up by 60%. > Big brother comes and tells you that you are not allowed > to encrypt anything, and you say that you used a random > number generator for this new form of art that appears > to be total oblivion, but really represents a new way of > looking at the meaning of life. Meanwhile, your pal on > the other hand runs it through a processor and decrypts > the message. If you tried to sell the idea that your random number generator is random, then the government would come back and say that there is no way to determine random numbers, and if there was, they'd ask you why you would be able to run it through a processor and decrypt it. But then again, laws on subliminal information are practically null, and those that do exist are never enforced, thanks to Big Business influence-peddling. Alex Reynolds From ferguson at icm1.icp.net Sat Oct 23 12:58:26 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Sat, 23 Oct 93 12:58:26 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310231738.AA02831@ah.com> Message-ID: <9310232100.AA00553@icm1.icp.net> > > Digitally sign your articles or their transmission will be delayed. > Then the messages that I compose on this host will simply have to be delayed, as I still refuse to keep my private key on an "open" system. In fact, the _only_ time in which I attach a digital signature to any of my messages is from my PC at home. Call me a prude, but this is a fact of life I'm sure you will encounter with other folks as well. Cheers. _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From panzer at drown.slip.andrew.cmu.edu Sat Oct 23 13:58:26 1993 From: panzer at drown.slip.andrew.cmu.edu (Panzer Boy) Date: Sat, 23 Oct 93 13:58:26 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310231738.AA02831@ah.com> Message-ID: The problem that I see with this policy is that how are you going to verify that the signature at the bottom is valid? Anyone can generate PGP keys pointing to anything. Are you going to collect keys from subscribers? What about spoofing keys so that they apear valid, yet aren't? I'm just curious to how this is going to be achieved. I assume you don't want to moderate the list (reading and approving everything). -Matt (panzer at drown.slip.andrew.cmu.edu) (I would have signed this, but I lost the message on how to get pgp to sign and leave the message in plaintext) -------------Included Message--------------------- On Sat, 23 Oct 1993, Eric Hughes wrote: > You will be, of course, free not to participate. The > rule I am considering is the following: > > Digitally sign your articles or their transmission will be delayed. > From ebrandt at jarthur.Claremont.EDU Sat Oct 23 14:03:06 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sat, 23 Oct 93 14:03:06 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310231738.AA02831@ah.com> Message-ID: <9310232101.AA26050@toad.com> > Digitally sign your articles or their transmission will be delayed. Under such a policy, I would be strongly tempted to move my PGP use to jarthur (a public Unix box) rather than write software to snarf text across a serial line, encrypt it, and spit it back. As I'm loath to give up my secret key in this way, I guess I'd just take the delay. While an incentive plan is a nice idea, I think most people on the list would like to sign their messages. Those who are prevented from doing so are probably not going to be pushed the other way by a delay of a few hours. Eli ebrandt at jarthur.claremont.edu From ebrandt at jarthur.Claremont.EDU Sat Oct 23 14:18:27 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sat, 23 Oct 93 14:18:27 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310232117.AA26214@toad.com> This is hardly germane to the list, but... > Its been done for almost 50 years now, and started with the >tachistoscope used in movie theatres to get people to consume popcorn > and Coca-Cola(tm) in great quantities. Sales went up by 60%. Repeat this on alt.folklore.urban and watch the fun. I believe this particular legend was promulgated by a guy who was selling tachistoscope equipment. Gotta watch those Small Businessmen. His results were not replicable, and his company folded. > Alex Reynolds Eli ebrandt at jarthur.claremont.edu From hughes at ah.com Sat Oct 23 14:18:29 1993 From: hughes at ah.com (Eric Hughes) Date: Sat, 23 Oct 93 14:18:29 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310232111.AA03150@ah.com> So far I have received six comments on the proposed sign-or-delay system, two in public, four in private. All have been supportive of concept, but there have been specific technical issues with it. -- security of keys at machines owned by someone other than the key owner. -- standardization and legality of software What I left out of my first posting was the particular algorithm used at the server to verify signatures. I was certainly going to accept both PGP and PEM formats. However, I had toyed with not using actual crypto at all, but just recognizing message formats. Given the objections I've received, I now amend my proposal from "sign your messages, or else" to "make something that looks like a signature, or else". This has several consequences that I particularly like. The real goal of this plan is to change the software infrastructure so that crypto can easily be inserted. Certainly some software module will be the only good way to create signed-format messages, and this software, whatever it actually is, fits in exactly the same place that real crypto does. If, for some reason, a user does not use real crypto but a replacement, their own system still supports crypto when it is feasible or available or legal or whatever. This modified plan addresses the legal issues, since a crypto-format is not cryptographic. In fact, it is exportable, since it is not crypto. There are no patent issues, since a crypto-format does not use RSA. It also addresses the key security issue, since there need be no key involved. It also implies no particular policy of key distribution or verification, sticky issues that plague both PEM and PGP. Ironically, allowing pseudo-signatures _increases_ the real use of cryptography, since no longer will there be the presumption that because the message looks signed that it is actually signed by the claimed signer. The whole point of digital signatures is to allow a verification mechanism, but using a permissive format creates the need to use that mechanism. Since no verification will be done at the server, any verification desired will have to be done at the receiving end. There is the opportunity for a great rhetorical coup here. Assume that pseudosignature software exists. Now there can be made the argument to David Sternlight, who is nominally in favor of crypto but who picks the least crypto-favorable interpretation of anything, to show his support for crypto in theory but not in practice. Comments? Eric From panzer at drown.slip.andrew.cmu.edu Sat Oct 23 14:23:06 1993 From: panzer at drown.slip.andrew.cmu.edu (Panzer Boy) Date: Sat, 23 Oct 93 14:23:06 PDT Subject: Paper Shredders Message-ID: Awhile back someone asked about the cost of shredders. Since I do some work for a company that sells Mita copiers/fax/shredders, I talk to the sales people and asked. They sell a shredder that takes up to 5 sheets a paper at a time and turns it into 1/8" x 7/8" particles. This is considered low volume, and will run you around $800.00 USD. This is not suggested price, this is the standard "good" discount that the sales people can give. I wasn't able to find out the price of the next step up. But the sales brochure says that NSA and DOD standard is 1/32" x 7/16" particles. Standards for what classification of paper, I don't know. -Matt (panzer at drown.slip.andrew.cmu.edu) "That which can never be enforced should not be prohibited." From MJMISKI at macc.wisc.edu Sat Oct 23 14:23:27 1993 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Sat, 23 Oct 93 14:23:27 PDT Subject: Sign this! Message-ID: <23102316200504@vms2.macc.wisc.edu> All due respect Eric, ...but requiring signatures could hinder this lists performance for several reasons. 1. New members of the list may have little knowledge of signing and may become frustrated at the delay that results thus minimizing the income of fresh talent to the list. 2. Those with aversion to open system storage will have a harder time signing their messages and thus security minded people will have their comments delayed. 3. A false sense of security may actually result in this forum since there is no _real_ compelling reason for me to check...lets say... L. Detweiller's signature everytime he posts. In a corporate contractual situation there is an economically compelling reason to check. ...and with regard to 3. I would _suggest_ that for all 'sensitive' or 'meant to be relied upon' information be signed by the author. For example I value Eric's vast knowledge of mathematical theory, and if 'he' published an article to the list on some new breakthrough algorithm I would be compelled to check his sig. But, If he is just flaming the hell out of LD, it is irrelevant to me if it is him or anyone else. --Matt ______________________________________________________________________________ "This new technology (the printing press) threatened the Crown, which shuddered at the thought of widespread dissemination of works advocating religious heresy and political upheaval. The Crown's solution to the problem was a system of regulation designed to control this "dangerous" art." -From my Copyright Law Text (refrencing the Statute of Anne - the first Copyright Statute) (c)1993 ______________________/___________________________________mjmiski at macc.wisc.edu From ebrandt at jarthur.Claremont.EDU Sat Oct 23 14:38:27 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sat, 23 Oct 93 14:38:27 PDT Subject: Warning about exposing anon id In-Reply-To: <9310231826.AA08908@crypto.com> Message-ID: <9310232135.AA26409@toad.com> > From: Matt Blaze > - If it simply strips out all identifying information and calls you some > generic anonymous name, this could lead to problems for people who expect > a reply to their messages. One option I was thinking about was to separate the namespace into "pseudonyms" and "anonyms". The former would be persistent, the equivalent of the present anXXXX addresses, and IMHO should have some sort of human-readable `handle', even if it has to be randomly generated from a dictionary. When a non-user replies to a pseudonymous post (or a user does not specify the pseudonym to use, if this is applicable), an anonym will be allocated, consisting mostly of a largish random number. To keep the database size under control, anonyms should probably be deleted after a certain period of disuse. If someone later decides to create a `real' pseudonym, this system ensures that they will not be unpleasantly surprised by finding that they already *had* one, and put their signature under it. Eli ebrandt at jarthur.claremont.edu From mab at crypto.com Sat Oct 23 15:13:08 1993 From: mab at crypto.com (Matt Blaze) Date: Sat, 23 Oct 93 15:13:08 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310232111.AA03150@ah.com> Message-ID: <9310232156.AA11711@crypto.com> >So far I have received six comments on the proposed sign-or-delay >system, two in public, four in private. All have been supportive of >concept, but there have been specific technical issues with it. > Perhaps I wasn't clear. The concept I support is encouraging signatures, not some "sign or delay" scheme. I think such schemes don't really help encourage the use of signatures as much as they exclude people who live in the wrong place or who don't have the right computers. And a "make it look signed or delay" scheme is even worse. It just encourages people to either give up on the list and go back to some place where the rules make more sense or, even worse, waste their valuable time writing code that produces funny "psuedosignatures" that serve no valuable purpose. A much better way to spread cryptography is to work on developing new and transparent mechanisms that help regular people securely integrate signatures and encryption into their routine work without having to do anything special or different. Trying to make life more inconvinient for people who already identify themselves as "cypherpunks" but who for whatever reason don't have easy access to the right tools seems not the way to do it. -matt From rjc at gnu.ai.mit.edu Sat Oct 23 15:28:28 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 23 Oct 93 15:28:28 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310232111.AA03150@ah.com> Message-ID: <9310232227.AA18531@geech.gnu.ai.mit.edu> Why not create a new key on one's multiuser public unix box specifically for cypherpunks? Then you can sign as many messages on your box as you want and not care if anyone gets the secret key since the key will not be trusted by anyone else. Messages posted by you will be understood to be signed by you with the possibility that someone snooped your private key and is pseudospoofing. Is the security of this any less than we currently have? Not really, pseudospoofing can be done by a unix novice user. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From cme at ellisun.sw.stratus.com Sat Oct 23 15:58:28 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Sat, 23 Oct 93 15:58:28 PDT Subject: Emergency Broadcast System Message-ID: <9310232257.AA04098@ellisun.sw.stratus.com> >Message-Id: <9310221941.AA16004 at toad.com> >Subject: Emergency Broadcast System >Date: Fri, 22 Oct 1993 13:36:33 -0600 (MDT) >From: "Philippe_D_Nave" > 1) Mailing list data should be distributed to "N" sites where "N" is a > magic number that minimizes the chance of losing all the copies. > (Mathematicians, sharpen your pencils!) I found the equations I mentioned earlier. The following is a latex file giving some. The trend should be obvious. You don't need many nodes, if you can repair broken ones quickly enough. [This is why Stratus has such a large FedEx bill. When one of our machines gets a broken component, it phones home automatically, reports the failure and a new part is FedEx'ed immediately. If the report comes in by midnight, the new part is on the customer's desk for him/her to replace by 9am. (Our current machines have N=2, K=1). We prefer high speed mailaing of parts (from a warehouse at FedEx's central sorting airport) over normal mail in order to maximize $\mu$.] ------------------------------------------------------------------------------ \documentstyle[12pt]{article} \begin{document} \title{MTTF of Various Systems} \author{Carl M. Ellison \thanks{Stratus Computer Inc., 55 Fairbanks Blvd., Marlborough MA 01752. Email address: {\tt cme at sw.stratus.com}.}} \date{June 18, 1993} \maketitle \begin{abstract} Equations are presented for the Mean Time To Failure (MTTF) of various systems, as a function of the number of nodes in the system, N, and the minimum number of nodes in a working system, K. Failure of a system is defined as having fewer than K working nodes. \end{abstract} \section{Equations} Here are some equations for the Mean Time To Failure (MTTF) of various systems, as a function of the number of nodes in the system, N, and the minimum number of nodes in a working system, K. Failure of a system is defined as having fewer than K working nodes. Typically, K=1 and each node has a complete copy of each database. However, sometimes the data can be kept on multple nodes (as in a RAID-5 disk array) which will tolerate some failures, down to a given threshold. It is assumed that as soon as a failure occurs, a repair cycle will be started. There is then a race to see if the repair can be completed before enough additional nodes fail to drop the working number below K. If that race is lost, it is assumed that information has been lost, in the worst case, but at least that the service represented by the N nodes is not available. These equations do not give system availability (probability that a service is available) but rather MTTF. Availability equations can be found in several good textbooks. See, for example, Trivedi's text on Statistics. MTTF is more difficult to compute. The equations below were each a symbolic solution to a custom Markov chain, built to model the choice of N and K. N: number of nodes in a full system K: number of nodes in a minimally functional system $\lambda$: rate of failures (e.g., number of node failures per year) $\mu$: rate of node repair (in the same units as $\lambda$) Each fraction below is the MTTF of the whole system: the mean time until a system drops to only (K-1) working nodes. N = 3 ; K = 2 \begin{equation} \frac{ 5\lambda + \mu }{ 6\lambda^2 } \end{equation} N = 4 ; K = 2 \begin{equation} \frac{ 26\lambda^2 + 6\lambda\mu + \mu^2 }{ 24\lambda^3 } \end{equation} N = 4 ; K = 3 \begin{equation} \frac{ 7\lambda + \mu }{ 12\lambda^2 } \end{equation} N = 5 ; K = 2 \begin{equation} \frac{ 154\lambda^3 + 36\lambda^2\mu + 7\lambda\mu^2 + \mu^3 }{ 120\lambda^4 } \end{equation} N = 5 ; K = 3 \begin{equation} \frac{ 47\lambda^2 + 8\lambda\mu + \mu^2 }{ 60\lambda^3 } \end{equation} N = 5 ; K = 4 \begin{equation} \frac{ 9\lambda + \mu }{ 20\lambda^2 } \end{equation} N = 6 ; K = 2 \begin{equation} \frac{ 1044\lambda^4 + 240\lambda^3\mu + 48\lambda^2\mu^2 + 8\lambda\mu^3 + \mu^4 }{ 720\lambda^5 } \end{equation} N = 6 ; K = 3 \begin{equation} \frac{ 342\lambda^3 + 60\lambda^2\mu + 9\lambda\mu^2 + \mu^3 }{ 360\lambda^4 } \end{equation} N = 6 ; K = 4 \begin{equation} \frac{ 74\lambda^2 + 10\lambda\mu + \mu^2 }{ 120\lambda^3 } \end{equation} N = 6 ; K = 5 \begin{equation} \frac{ 11\lambda + \mu }{ 30\lambda^2 } \end{equation} N = 7 ; K = 2 \begin{equation} \frac{ 8028\lambda^5 + 1800\lambda^4\mu + 360\lambda^3\mu^2 + 62\lambda^2\mu^3 + 9\lambda\mu^4 + \mu^5 }{ 5040\lambda^6 } \end{equation} N = 7 ; K = 3 \begin{equation} \frac{ 2754\lambda^4 + 480\lambda^3\mu + 75\lambda^2\mu^2 + 10\lambda\mu^3 + \mu^4 }{ 2520\lambda^5 } \end{equation} N = 7 ; K = 4 \begin{equation} \frac{ 638\lambda^3 + 90\lambda^2\mu + 11\lambda\mu^2 + \mu^3 }{ 840\lambda^4 } \end{equation} N = 7 ; K = 5 \begin{equation} \frac{ 107\lambda^2 + 12\lambda\mu + \mu^2 }{ 210\lambda^3 } \end{equation} N = 7 ; K = 6 \begin{equation} \frac{ 13\lambda + \mu }{ 42\lambda^2 } \end{equation} N = 8 ; K = 2 \begin{equation} \frac{ 69264\lambda^6 + 15120\lambda^5\mu + 3000\lambda^4\mu^2 + 520\lambda^3\mu^3 + 78\lambda^2\mu^4 + 10\lambda\mu^5 + \mu^6 }{ 40320\lambda^7 } \end{equation} N = 8 ; K = 3 \begin{equation} \frac{ 24552\lambda^5 + 4200\lambda^4\mu + 660\lambda^3\mu^2 + 92\lambda^2\mu^3 + 11\lambda\mu^4 + \mu^5 }{ 20160\lambda^6 } \end{equation} N = 8 ; K = 4 \begin{equation} \frac{ 5944\lambda^4 + 840\lambda^3\mu + 108\lambda^2\mu^2 + 12\lambda\mu^3 + \mu^4 }{ 6720\lambda^5 } \end{equation} N = 8 ; K = 5 \begin{equation} \frac{ 1066\lambda^3 + 126\lambda^2\mu + 13\lambda\mu^2 + \mu^3 }{ 1680\lambda^4 } \end{equation} N = 8 ; K = 6 \begin{equation} \frac{ 146\lambda^2 + 14\lambda\mu + \mu^2 }{ 336\lambda^3 } \end{equation} N = 8 ; K = 7 \begin{equation} \frac{ 15\lambda + \mu }{ 56\lambda^2 } \end{equation} N = 9 ; K = 3 \begin{equation} \frac{ 241128\lambda^6 + 40320\lambda^5\mu + 6300\lambda^4\mu^2 + 888\lambda^3\mu^3 + 111\lambda^2\mu^4 + 12\lambda\mu^5 + \mu^6 }{ 181440\lambda^7 } \end{equation} N = 9 ; K = 4 \begin{equation} \frac{ 60216\lambda^5 + 8400\lambda^4\mu + 1092\lambda^3\mu^2 + 128\lambda^2\mu^3 + 13\lambda\mu^4 + \mu^5 }{ 60480\lambda^6 } \end{equation} N = 9 ; K = 5 \begin{equation} \frac{ 11274\lambda^4 + 1344\lambda^3\mu + 147\lambda^2\mu^2 + 14\lambda\mu^3 + \mu^4 }{ 15120\lambda^5 } \end{equation} N = 9 ; K = 6 \begin{equation} \frac{ 1650\lambda^3 + 168\lambda^2\mu + 15\lambda\mu^2 + \mu^3 }{ 3024\lambda^4 } \end{equation} N = 9 ; K = 7 \begin{equation} \frac{ 191\lambda^2 + 16\lambda\mu + \mu^2 }{ 504\lambda^3 } \end{equation} N = 9 ; K = 8 \begin{equation} \frac{ 17\lambda + \mu }{ 72\lambda^2 } \end{equation} N = 10 ; K = 4 \begin{equation} \frac{ 662640\lambda^6 + 90720\lambda^5\mu + 11760\lambda^4\mu^2 + 1400\lambda^3\mu^3 + 150\lambda^2\mu^4 + 14\lambda\mu^5 + \mu^6 }{ 604800\lambda^7 } \end{equation} N = 10 ; K = 5 \begin{equation} \frac{ 127860\lambda^5 + 15120\lambda^4\mu + 1680\lambda^3\mu^2 + 170\lambda^2\mu^3 + 15\lambda\mu^4 + \mu^5 }{ 151200\lambda^6 } \end{equation} N = 10 ; K = 6 \begin{equation} \frac{ 19524\lambda^4 + 2016\lambda^3\mu + 192\lambda^2\mu^2 + 16\lambda\mu^3 + \mu^4 }{ 30240\lambda^5 } \end{equation} N = 10 ; K = 7 \begin{equation} \frac{ 2414\lambda^3 + 216\lambda^2\mu + 17\lambda\mu^2 + \mu^3 }{ 5040\lambda^4 } \end{equation} N = 10 ; K = 8 \begin{equation} \frac{ 242\lambda^2 + 18\lambda\mu + \mu^2 }{ 720\lambda^3 } \end{equation} N = 10 ; K = 9 \begin{equation} \frac{ 19\lambda + \mu }{ 90\lambda^2 } \end{equation} \end{document} From klbarrus at owlnet.rice.edu Sat Oct 23 16:03:28 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sat, 23 Oct 93 16:03:28 PDT Subject: ADMIN: proposed new policy Message-ID: <9310232303.AA26424@flammulated.owlnet.rice.edu> -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 2001,MIC-CLEAR Originator-Name: klbarrus at owlnet.rice.edu Originator-Key-Asymmetric: MFkwCgYEVQgBAQICAgADSwAwSAJBAM7KsFv7Dch7fCAN7eOwlL+AEL9XpkiLjf8x buBLdKhVttUO5OeycOBNOcJPCqwb1/GYKXwrni6+eck4kmImV7kCAwEAAQ== MIC-Info: RSA-MD5,RSA, vEhLgb41mGdbMVTerMqViYmrSV7GwytHvfR1Iu9mrjBIUaxdpS6PypMitxiciJWC hOThe6DXSTfUU6aQ4CTAMA== I like the idea of encouraging people to digitally sign messages. I also decided to try out ripem to see what its signed documents look like. I can't decide whether not people who don't should be "punished" by having messages delayed... it is an inducement, but not too drastic. We have an infrastructure problem: some crypto portions are in place, some aren't, some are being developed. Matt asked why he would want to check the signatures on some posts... in the future, you won't have to do anything extra since your mail software will do it for you. Of course, this will also help to screen anonymous mail - a person could build a reputation for a pseudonym and your mail software will report who signed it rather than where it came from. So for some, it's convenient to sign posts, for other it isn't. Maybe unsigned posts could reflect out of toad.com with a header - something like "X-Signed: not authenticated". Rather than delay them, that is. Also, another Matt asked how to use PGP to sign documents: pgp -sat +clearsig=on file You can specify this in config.txt also. If you are using RIPEM: ripem -e -m mic-clear < file > file.sign Ray's solution for people fearing having their secret keys on a public machine is perfect! Just create another, for signing cypherpunk postings. -----END PRIVACY-ENHANCED MESSAGE----- From cme at ellisun.sw.stratus.com Sat Oct 23 16:43:07 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Sat, 23 Oct 93 16:43:07 PDT Subject: MTTF expressions for K = 1 Message-ID: <9310232341.AA04130@ellisun.sw.stratus.com> Sorry -- I left out the K=1 expressions from that paper. They're a little more mundane (for Stratus) but of obvious interest here. These are the most likely to be interesting to us. Consider, for example, \lambda = 0.5 failures/year and \mu = 52 repairs/year for the kind of machines we're talking about (as opposed to Stratus machines). The resulting MTTF would be in years. - Carl ==================================================================== N = 2 ; K = 1 \begin{equation} \frac { 3\lambda + 1\mu }{ 2\lambda^2 } \end{equation} N = 3 ; K = 1 \begin{equation} \frac { 11\lambda^2 + 4\lambda\mu + 1\mu^2 }{ 6\lambda^3 } \end{equation} N = 4 ; K = 1 \begin{equation} \frac { 50\lambda^3 + 18\lambda^2\mu + 5\lambda\mu^2 + 1\mu^3 }{ 24\lambda^4 } \end{equation} From greg at ideath.goldenbear.com Sat Oct 23 18:33:29 1993 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Sat, 23 Oct 93 18:33:29 PDT Subject: Digital signatures to be required? Message-ID: <36FwBc2w164w@ideath.goldenbear.com> My C-punks feed comes over a UUCP connection, and I only poll once or twice per day, under normal circumstances. I'd likely never notice a 6-hour delay, and hence wouldn't give a shit one way or the other. Delaying message posting seems likely to exacerbate the "ask a question, get the same answer 8 times" problem. If we're going to reward some behaviors and punish others, I'd prefer to see something that'd create exponentially increasing delays for > 1 post per person per 24 hours; of course, remailers make that impractical. Imposing a digital signature requirement strikes me as an arbitrary exercise of authority which would be largely without benefit. I doubt that people interested in the C-punks list are the folks who need to be dragged kicking & screaming into the 21st century; at least not in terms of personal use of technology. :) Count mine as a "NO" vote; let's talk about the delay thing again when we come up with a filter that can spot "what is [anarchy|libertarianism] anyway?" or bogus pseudo-economic jibberish. -- Greg Broiles greg at goldenbear.com Baked, not fried. From trebor at foretune.co.jp Sat Oct 23 18:38:29 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Sat, 23 Oct 93 18:38:29 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240134.AA14181@dink.foretune.co.jp> Alexander writes: >Read R. Key's _The Clam-Plate Orgy_ for information on how advertising >companies (cigarette ana alcohol companies especially) add little >airbrushed renditions of subliminally pleasing sex scenes, with intent to >stimulate purchase of the product. Its been done for almost 50 years now, >and started with the tachistoscope used in movie theatres to get people to >consume popcorn and Coca-Cola(tm) in great quantities. Sales went up by 60%. Alas, almost every study that has been done on "Subliminal Seduction" has generated negative results. The famous Movie theatre experiment, for example, was totally uncontrolled -- and did Key mention that it was done during a heatwave, with broken air-conditioning in the theatre? Moreover, tests of the "embedded sex objects" hypothesis don't pan out. It turns out that (a) people don't notice them unless they have been predisposed to (ie:"find the penis in the photo") and (b) whether or not there is an embed in the photo has no meaningful effect on the viewer. Basically, human beings are pattern recognition machines. We _love_ patterns so much that we tend to see them even when they aren't there For example, "The line I am in is always the slowest." This is because you don't remember the times you were in a fast line, because it isn't a big stimulus to you. So guys like Key, who are looking for patterns, will find them everywhere. Deliberate embeds in advertising are almost without exception artists jokes. And most perceived embeds are simply random things about the image that our minds are organizing for us. From trebor at foretune.co.jp Sat Oct 23 18:48:29 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Sat, 23 Oct 93 18:48:29 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310232111.AA03150@ah.com> Message-ID: <9310240145.AA14242@dink.foretune.co.jp> You write: >So far I have received six comments on the proposed sign-or-delay >system, two in public, four in private. All have been supportive of >concept, but there have been specific technical issues with it. I think you are reading those replies through rose-colored glasses. They were politely telling you "no way." >The real goal of this plan is to change the software infrastructure so >that crypto can easily be inserted. Please keep in mind that it is impolite to _impose_ your beliefs on others, and to punish people that don't believe as you do. That's what certain governments that people on the list are concerned about do. People don't respond well when forced. All you will do is alienate them. I suggest you offer an incentive for signature use rather than a penalty for non-use. For example, the "Quarterly Cookie Quota" (QCQ), a pledge to send a package of cookies (good ones, too) to a signer picked at random. This will cost you $100 a year, less than the time/$ cost of modifying the mail list software. Bottom line: Use Carrots, not Sticks. Using sticks is counterproductive, especially when you try and use them on ornery jerks like the membership of this list (humble correspondent included in that characterization). From chrome at jhunix.hcf.jhu.edu Sat Oct 23 19:03:08 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 23 Oct 93 19:03:08 PDT Subject: Subliminal Channels In-Reply-To: <9310240134.AA14181@dink.foretune.co.jp> Message-ID: > Alas, almost every study that has been done on "Subliminal Seduction" > has generated negative results. The famous Movie theatre experiment, for > example, was totally uncontrolled -- and did Key mention that it was > done during a heatwave, with broken air-conditioning in the theatre? That wouldn't explain the rise in sales of popcorn, a hot food. > Moreover, tests of the "embedded sex objects" hypothesis don't pan out. > It turns out that (a) people don't notice them unless they have been > predisposed to (ie:"find the penis in the photo") and (b) whether or > not there is an embed in the photo has no meaningful effect on the > viewer. Advertisers have found that such "artists jokes" as you call them are profit makers. Explain why almost 90-95% of all hard liquor ads show a glass filled with ice. Ice is a subliminal artist's wet dream; there is much to be airbrushed inside a piece of ice. Explain why advertisers will spend millions on an ad campaign in a magazine, where people only spend 1-2 sec MAXIMUM on that ad. These guys who run the businesses know what to spend the money on and where. > Basically, human beings are pattern recognition machines. We _love_ > patterns so much that we tend to see them even when they aren't there The idea of subliminallity is that you _don't_ see it when it _is_ there. > a big stimulus to you. So guys like Key, who are looking for patterns, > will find them everywhere. Key tried to go on Canadian TV awhile back with a program about his research. It was pulled after direct intervention from advertisers threatening to pull their ads if the show went on; the TV execs behaved predictibily. Why were they so scared of something which you see as a joke? > Deliberate embeds in advertising are almost without exception artists > jokes. That's right, advertising companies pay commercial artists dollars in lost profit to play jokes. > And most perceived embeds are simply random things about the > image that our minds are organizing for us. Yes, but on a conscious level organization takes place. Subconscious thought is different. Alex Reynolds From rjc at gnu.ai.mit.edu Sat Oct 23 19:13:08 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 23 Oct 93 19:13:08 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240211.AA19639@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > > > Is there any published work on hiding subliminal messages > > in pictures? It seems like that would be really easy. > > Read R. Key's _The Clam-Plate Orgy_ for information on how advertising > companies (cigarette ana alcohol companies especially) add little > airbrushed renditions of subliminally pleasing sex scenes, with intent to > stimulate purchase of the product. Its been done for almost 50 years now, > and started with the tachistoscope used in movie theatres to get people to > consume popcorn and Coca-Cola(tm) in great quantities. Sales went up by 60%. Balderdash. Key is just another Freudian conspiracy theorist. I found some of the descriptions in his book laughable to absurd. His theories don't pan out if you talk to anyone in the advertising business. Hidden messages are noise compared to other dominate factors like humor and flashy graphics. _Clam-Plate Orgy_ is an example of Key's imaginative and vulgar mind, not science. (was anyone aroused by this image? Even after he drew in the little outlines, I still had trouble seeing anything worth a hormonal response. I also hate clams.) The subliminal movie images story is bunk, urban legend. I hope you didn't buy any of those $39.95 subliminal tapes from infomercials. > But then again, laws on subliminal information are practically null, and > those that do exist are never enforced, thanks to Big Business > influence-peddling. Could it be that subliminal information effects have been found to be practically null also? I guess Key's asburd claims fit right into the psychology of a leftist conspiracy theorist. I wonder if the Bilderburgers are involved? -Ray HELP, I'm being put into a _psychological vice_ by pseudospoofers! My urine is being sapped out of my bladder by viscious anonymous abusers! And now, I am being controlled by advertisements containing assorted penile and vaginal shapes! -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From chrome at jhunix.hcf.jhu.edu Sat Oct 23 19:33:29 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 23 Oct 93 19:33:29 PDT Subject: Subliminal Channels In-Reply-To: <9310240211.AA19639@geech.gnu.ai.mit.edu> Message-ID: > Balderdash. Key is just another Freudian conspiracy theorist. I found some > of the descriptions in his book laughable to absurd. His theories don't > pan out if you talk to anyone in the advertising business. And exactly why should they be honest? It doesn't profit to be honest. > Hidden messages are noise compared to other dominate factors like humor > and flashy graphics. Yes, I agree, but to the _conscious_ level it is noise! > _Clam-Plate Orgy_ is an example of Key's imaginative > and vulgar mind, not science. (was anyone aroused by this image? Even after > he drew in the little outlines, I still had trouble seeing anything > worth a hormonal response. I also hate clams.) If you don't want to accept something before first glance, you won't. > The subliminal movie images story is bunk, urban legend. No, actually it is very true and scary as hell. > I hope you didn't buy any of those $39.95 subliminal tapes from > infomercials. I'm not needing to quit anything addictive. > Could it be that subliminal information effects have been found to be > practically null also? Could be, but the tachiscope experiment left me feeling that there is a lot left unexplained, and much of it at our expense. > I guess Key's asburd claims fit right into the > psychology of a leftist conspiracy theorist. I wonder if the Bilderburgers > are involved? They fit into any ideological conspiracy you choose to frame it in, but what happened then is what is happening now because it makes money, and people like money. > And now, I am being controlled by advertisements containing assorted > penile and vaginal shapes! You put too much faith in man's ability to control himself, you should read up on Milgram's experiments as well as some Skinner and Pavlov. > -- Ray Cromwell | Engineering is the implementation of science; -- > -- EE/Math Student | politics is the implementation of faith. -- > -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- Science is the faith in believing the universe is explainable, don't deceive yourself thinking otherwise. -Alex Reynolds From rjc at gnu.ai.mit.edu Sat Oct 23 19:33:33 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 23 Oct 93 19:33:33 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240228.AA19696@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > > > Alas, almost every study that has been done on "Subliminal Seduction" > > has generated negative results. The famous Movie theatre experiment, for > > example, was totally uncontrolled -- and did Key mention that it was > > done during a heatwave, with broken air-conditioning in the theatre? > > That wouldn't explain the rise in sales of popcorn, a hot food. It's easily explainable by the fact that it wasn't a scientifically valid test. > Advertisers have found that such "artists jokes" as you call them are > profit makers. Explain why almost 90-95% of all hard liquor ads show a > glass filled with ice. Ice is a subliminal artist's wet dream; there is Possibly because you don't drink hard liquor warm? The ice examples from Key's book are even more idiotic. He might have had a genuine article with that cologne add which showed a penis about to be cut off with a knife (along with numerous images of dead animals), but the ice images were so-convoluted even conciously looking at them I couldn't make out anything. > much to be airbrushed inside a piece of ice. Explain why advertisers will > spend millions on an ad campaign in a magazine, where people only spend > 1-2 sec MAXIMUM on that ad. These guys who run the businesses know what You do not understand how advertising works. The key word is CAMPAIGN, repeated exposure over a long period, to a large group of people who are in your target audience. Statistically, a certain percentage of people will stop to read your ad after repeated exposure. They spend millions because even if a _fraction_ of the target audience responds to the ad, they make many more millions. > > a big stimulus to you. So guys like Key, who are looking for patterns, > > will find them everywhere. > > Key tried to go on Canadian TV awhile back with a program about his > research. It was pulled after direct intervention from advertisers > threatening to pull their ads if the show went on; the TV execs behaved > predictibily. Why were they so scared of something which you see as a joke? The key to recognizing a conspiracy crackpot is the presence of a censoring authority. Thus the oil companies conspiring to prevent the 200 mpg carburetor from being used, the Bilderburger's preventing all of the media from revealing that they forclosed on the US Govt 50 years ago, UFO data being censored by people "above top secret", etc. Tim May can probably elaborate since he is a much better fan of conspiracy theories than I am. I stopped reading alt.conspiracy after the JFK thread was brought up for the 100th time. I suggest you take this thread to sci.skeptic if you dare. Try your anecdotal evidence there to see if it works. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From chrome at jhunix.hcf.jhu.edu Sat Oct 23 19:53:08 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 23 Oct 93 19:53:08 PDT Subject: Subliminal Channels In-Reply-To: <9310240228.AA19696@geech.gnu.ai.mit.edu> Message-ID: > > That wouldn't explain the rise in sales of popcorn, a hot food. > > It's easily explainable by the fact that it wasn't a scientifically valid > test. Why? Because you don't want to accept the fact that if you're out to make money, you'll exploit any angle you can, including the dominance of the subconcious over what the conscious perceives? I also remember you saying in your last message that this was a hoax. Why a sudden change in tune? I think it was a scientifically valid test (within reason) because the control was a normal, non-tach show versus a tach/stimulus show. This was done repeatedly, and the results were conclusive, a 60% rise in popcorn sales. Other "tests" were done, changing "you want popcorn" to "do you want popcorn?" It was shown that adding the question provoked a stronger stimulation to consume that without the question. > Possibly because you don't drink hard liquor warm? The ice examples > from Key's book are even more idiotic. He might have had a genuine article > with that cologne add which showed a penis about to be cut off with a knife > (along with numerous images of dead animals), but the ice images were > so-convoluted even conciously looking at them I couldn't make out anything. Again: You will see what you want to see, and likewise you will not see what you do not want to see. > You do not understand how advertising works. The key word is CAMPAIGN, No, the key word is SALES. Anything else is secondary to that goal. > repeated exposure over a long period, to a large group of people who > are in your target audience. Statistically, a certain percentage of > people will stop to read your ad after repeated exposure. They spend > millions because even if a _fraction_ of the target audience responds to > the ad, they make many more millions. The profit would certainly be lost to recover revenue without subliminal stimuli and with your statisical exposure. > > Key tried to go on Canadian TV awhile back with a program about his > > research. It was pulled after direct intervention from advertisers > > threatening to pull their ads if the show went on; the TV execs behaved > > predictibily. Why were they so scared of something which you see as a joke? > > The key to recognizing a conspiracy crackpot is the presence of a censoring > authority. Thus the oil companies conspiring to prevent the 200 mpg carburetor > from being used, the Bilderburger's preventing all of the media from > revealing that they forclosed on the US Govt 50 years ago, UFO data > being censored by people "above top secret", etc. But the govt. and the like deny all charges when they are faced with them. Ad companies pull their ads; they don't respond, they don't deny. And that is the difference between reality and hoax. > Tim May can probably elaborate since he is a much better fan of conspiracy > theories than I am. I stopped reading alt.conspiracy after the JFK thread > was brought up for the 100th time. Tim: Any input? > I suggest you take this thread to sci.skeptic if you dare. Try your > anecdotal evidence there to see if it works. Well, my anecdotal evidence and experience includes readings from noted behaviorologists other than Key. So maybe this is a little more scientific than first glance appears? Maybe, maybe... Your e-mail address says you are from MIT, so act like the scientist you're pretending to be and read a little behavioral science first. -Alex Reynolds From rjc at gnu.ai.mit.edu Sat Oct 23 20:03:08 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 23 Oct 93 20:03:08 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240300.AA19882@geech.gnu.ai.mit.edu> [I know this shouldn't be here, but I can't resist one more response. According to Skinner, I have no choice anyway. This is the last, I promise.] Alexander Reynolds () writes: > > pan out if you talk to anyone in the advertising business. > And exactly why should they be honest? It doesn't profit to be honest. Look, I know people who work in the advertising business. Not bosses, but workers. People whose's money isn't on the line. People who haven't signed non-disclosure agreements, people who are my friends. The idea that out of tens of thousands of artists in the advertising business, NOT ONE would come out and openly state what they do is as ludicrous as UFO conspiracies which require thousands of people to keep their mouth shut. > > Hidden messages are noise compared to other dominate factors like humor > > and flashy graphics. > > Yes, I agree, but to the _conscious_ level it is noise! Let me explain a simple concept. Humans send subliminal signals to each other. It's called BODY LANGUAGE. And the visual system seems to be particulary adapted to recognizing facial expressions, not penises or vaginas (things which we do not look at as often). Ads are dominated by people laughing, smiling, and other positive images. They are also dominated by humor. These psychological mechanisms are known to work. Advertisers would much rather put their money in traditional proven techniques of appealing to people than Freudian crackpot theories which have been shown to have no effect by many studies. Do you think many of those subliminal tapes have been removed from commercial sale by the govnernment because they work too well, or because they never worked and people got ripped off? > > _Clam-Plate Orgy_ is an example of Key's imaginative > > and vulgar mind, not science. (was anyone aroused by this image? Even after > > he drew in the little outlines, I still had trouble seeing anything > > worth a hormonal response. I also hate clams.) > > If you don't want to accept something before first glance, you won't. I don't accept it because it's bunk. I studied _Clam-Plate Orgy_ very carefully in challenge to another crackpot who bet me to read it. Now your argument resorts to religious tactics "if you don't believe in it, you don't want to believe. Blah blah." On the other hand, you are too accepting. You accept theories which are published no where else, which are not accepted by the scientific community, and which lack scientific control. > > The subliminal movie images story is bunk, urban legend. > No, actually it is very true and scary as hell. It wasn't a scientifically valid experiment. There are much more simpler and credible explanations of why advertising works, and Occam's Razor tells us to deposit Key in file #13. > > -- Ray Cromwell | Engineering is the implementation of science; > > -- EE/Math Student | politics is the implementation of faith. > > -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries > Science is the faith in believing the universe is explainable, don't > deceive yourself thinking otherwise. This is the second time you have attacked my signature. It is generally acknowledged in net-culture that the attack of someone's sig represents the loss of an argument. Should I be surprised that your attack on science is nothing more than the simplistic "science is a religion" argument, that you are succeptable to memes from non-scientific crackpots like Key, and in the same message you reference Skinner and social-science which is at best dismal. I bet you are a great follower of his Chomsky-ness too. -Ray P.S. I am taking this arguement off cypherpunks. I will probably repost my respones to sci.skeptic tommorow, perhaps Alex will have the guts to debate it there. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From nobody at soda.berkeley.edu Sat Oct 23 20:03:29 1993 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Sat, 23 Oct 93 20:03:29 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310240302.AA29510@soda.berkeley.edu> -----BEGIN PGP SIGNED MESSAGE----- I don't think the security problems of Eric's proposal are as bad as some have suggested. People could create a separate, "lower security," public key for use on multi-user systems, with a different pass phrase than for their "high security" key. Perhaps the key could have an appropriately small size of about 400 bits. It would still be far more work to break the security of such a system than to forge mail across the network (which is easy). So such a system does enhance security over the existing system of unsigned messages. As for the argument that people don't have access to signature systems - PGP illegal in the U.S., PEM/RIPEM unavailable outside the U.S. - just turn these around: PGP legal and available outside the U.S., PEM/RIPEM legal and available inside the U.S. Everyone has access to legal encryption and signature software. One problem I see with Eric's suggestion is that it is couched in terms which suggest our main business here is debate. Eric suggests that a delay in having your message appear is to your disadvantage because your opponent's arguments will stand unrefuted for a time. Recently the list has been pretty contentious, but historically there has been much less debate here than on many other lists, and I would hope that we could return to that approach. It would be better if we could exchange information, ideas, approaches for reaching the goals we share. In such an environment a delay in the posting of a good idea is to everyone's detriment and does not particularly harm the person whose ideas were slow to appear. Still, I support Eric's basic goal of encouraging more use of the technologies we talk so much about. I will remind people that I make an encrypted version of the cypherpunks list available to anyone who has a PGP public key which includes their address. There are only a few sub- scribers now but if you'd like to try it send me your PGP public key and I'll add you to the list. I'd suggest trying it for a few days before cancelling your regular CP subscription to make sure you can handle the encrypted traffic. Ironically, our anonymous posters, who have generated so much controversy of late, are at least using the technology. Maybe if we do implement some form of Eric's idea we should give the preferential treatment to anonymous posters as well as signed messages. People can post anonymously without having to expose any secret information, which should address the security concerns mentioned above. I'm sending this message with the following headers, which direct replies back to my address. This reduces the biggest inconvenience with using remailers, the inability to get replies: :: Request-Remailing-To: cypherpunks at toad.com ## Reply-To: hfinney at shell.portal.com One more point. I was the one who initially implemented the clear-sign feature in PGP. I copied the idea from PEM, but put the signature info at the end. (I still think that putting it at the beginning was a silly idea.) When I wrote it I didn't have the blank lines around the ----- separators. Branko added those and also add the Version: line (which is ignored by the software). I still like my format better, as I think the signatures should add as little as possible. But have you seen what these PEM signatures look like? I've seen a couple on sci.crypt and I almost fell out of the chair laughing. First, the guy had to _manually_move_ the signature from the beginning to the end to get it out of the way. But, worse, the signature is like thirty or forty lines long! I kid you not. The guy posts a message of about a (24-line) screenful then it has like two screenfuls of signature information. It looks ludicrous. No wonder he had to move the signature to the end - otherwise people would have given up before they even got to his message. (In fairness, these PEM signatures are self-checking; PGP signatures require you to get the key on your own. I'm not sure if a non-self-checking PEM signature mode exists.) Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMnCI6gTA69YIUw3AQHs2AP5Ae64wUfiNa4/yborffvMry1MAt9chF05 9Bdz3NupXkWU1GNbmniFKDnU+GdGR+Tuu3HgwwV7N55EjLY7SclOaLBxKXySD25X sAlwlH1yDZO/ly5UxKakdaPKR4nzIZZjPZ8ZoCkDszoNcxERj/nF7l7zLYP3eXF+ GG+YBHenSL4= =/09p -----END PGP SIGNATURE----- From ebrandt at jarthur.Claremont.EDU Sat Oct 23 20:18:29 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sat, 23 Oct 93 20:18:29 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240318.AA28051@toad.com> > > The subliminal movie images story is bunk, urban legend. > > No, actually it is very true and scary as hell. If this were a.f.u I would cry "MOTTO" at this point. > > Could it be that subliminal information effects have been found to be > > practically null also? > > Could be, but the tachiscope experiment left me feeling that there is a > lot left unexplained, and much of it at our expense. Heh. We are dealing with a single `experiment' (not, like, published or peer-reviewed or anything) in an undisclosed location, performed by a market researcher trying to sell the "subliminal projector" in question. Contrast this with follow-up experiments -- which *were* conducted in a scientific fashion -- which found that the effect of the stimulus varied with its perceptibility, and under no conditions had the fabled mind-control effect. Yes, the popcorn story is nifty, but it's totally bogus. I know, I know, all of the psychologists who got negative results were bribed by General Motors... Really, post your views on subliminal advertising to alt.folklore.urban, with a cross-post to sci.skeptic for good measure. I dare you. ;-) Eli ebrandt at jarthur.claremont.edu From rjc at gnu.ai.mit.edu Sat Oct 23 20:48:30 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sat, 23 Oct 93 20:48:30 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240343.AA20076@geech.gnu.ai.mit.edu> Alexander Reynolds () writes: > > repeated exposure over a long period, to a large group of people who > > are in your target audience. Statistically, a certain percentage of > > people will stop to read your ad after repeated exposure. They spend > > millions because even if a _fraction_ of the target audience responds to > > the ad, they make many more millions. > > The profit would certainly be lost to recover revenue without > subliminal stimuli and with your statisical exposure. Bull, prove it. Here's a real world example. Let an ad in Wired cost $2000 (which I believe it does), and let Wired have between 10,000 and 100,000 subscribers (which I think it does), and let the product you'll be selling cost $10. 2*$2000/$10=400 customers required for 100% profit. 400/100,000 subscribers=0.4% of viewing audience, or 4 in 1000 people must read and respond to your add. So we need 4 atypical people who take the time to carefully read ads. You can apply the same analysis to million dollar campaigns and get the same result. Iterated campaigns with repeated exposure increase my argument even more. Key's explaination of print advertising is simply bullshit. Academic philosophers have little to no credibility when it comes to talking about things in the real world. > Your e-mail address says you are from MIT, so act like the scientist > you're pretending to be and read a little behavioral science first. How typical. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From chrome at jhunix.hcf.jhu.edu Sat Oct 23 20:48:34 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Sat, 23 Oct 93 20:48:34 PDT Subject: Subliminal Channels In-Reply-To: <9310240300.AA19882@geech.gnu.ai.mit.edu> Message-ID: > [I know this shouldn't be here, but I can't resist one more response. According > to Skinner, I have no choice anyway. This is the last, I promise.] Ego is such a strong influence. > Look, I know people who work in the advertising business. Not bosses, > but workers. People whose's money isn't on the line. People who haven't > signed non-disclosure agreements, people who are my friends. The idea > that out of tens of thousands of artists in the advertising business, NOT ONE > would come out and openly state what they do is as ludicrous as UFO > conspiracies which require thousands of people to keep their mouth shut. Funny how you keep trying to mention subliminal ads and UFOs in one breath. You don't have anything stronger going for your argument than your relation between subliminal ads and flying saucers? > > Yes, I agree, but to the _conscious_ level it is noise! > > Let me explain a simple concept. Humans send subliminal signals to each > other. It's called BODY LANGUAGE. Boy, you are really ignorant or you're really confused! If body language were subliminal, we wouldn't respond to it on a conscious level. When someone shakes, or their palms are sweaty, we consciously connect that behavior with nervousness (or at least I do). The Japanese culture rely almost exclusively on body language to communicate; if it were subliminal they'd be clueless on what to do next!!! > Ads are dominated by people laughing, > smiling, and other positive images. They are also dominated by humor. > These psychological mechanisms are known to work. Of course, but to quote youself, "that is all noise." Subliminal stimulus is much stronger than all three as a profit maker. > Advertisers would > much rather put their money in traditional proven techniques of appealing > to people than Freudian crackpot theories which have been shown to have > no effect by many studies. On the contrary, it has been _them_ doing the studies, and them spending the ad money, *because* *it* *works*. > Do you think many of those subliminal tapes have > been removed from commercial sale by the govnernment because they work too > well, or because they never worked and people got ripped off? I have seen subliminal tapes for sale in Edmund Scientific in N.J. > > If you don't want to accept something before first glance, you won't. > > I don't accept it because it's bunk. I studied _Clam-Plate Orgy_ very > carefully in challenge to another crackpot who bet me to read it. Now > your argument resorts to religious tactics "if you don't believe in it, > you don't want to believe. Blah blah." Science uses the same tactics. Actually you should know that I'm an atheist before you rant and rave on how religious I am. I didn't mention that before, because I didn't figure it as any of your damn business, but I am sick of hearing this "oh, another religious freak again bullshit." > On the other hand, you are > too accepting. You accept theories which are published no where else, > which are not accepted by the scientific community, and which lack scientific > control. On the contrary, I accept and reject theories which are obscure and little known as much as I accept and reject theories which are well-known in history. The difference between you and I is that I seem to be a little more open-minded. The fact is that we are discussing a topic which is little-studied (as I mentioned before) so it is little surprise that you call this "unscientific," etc. etc. > No, actually it is very true and scary as hell. > > It wasn't a scientifically valid experiment. There are much more > simpler and credible explanations of why advertising works, and Occam's > Razor tells us to deposit Key in file #13. > > > > -- Ray Cromwell | Engineering is the implementation of science; > > > -- EE/Math Student | politics is the implementation of faith. > > > -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries > > Science is the faith in believing the universe is explainable, don't > > deceive yourself thinking otherwise. > > This is the second time you have attacked my signature. It is generally > acknowledged in net-culture that the attack of someone's sig represents > the loss of an argument. I'm not a part of your bloody net-culture. I don't choose to be. I attacked you and your elitist "rationalist-scientific" attitude, not your signature, not your argument. > Should I be surprised that your attack on science > is nothing more than the simplistic "science is a religion" argument, that > you are succeptable to memes from non-scientific crackpots like Key, Hmm...read a little Dawson I see... Don't make me quote Dawson on this one, you are totally clueless as to what mnemes are. > and > in the same message you reference Skinner and social-science which is at > best dismal. Ah, I believe we are talking about behavior control theory right? So Skinner and Co. are excellent tie-ins to this discussion. If you would like a bibliography, just ask, dude. > I bet you are a great follower of his Chomsky-ness too. Sure. You betcha. I've heard of him before, is he involved with conspiracies and that b.s.? > P.S. I am taking this arguement off cypherpunks. I will probably repost > my respones to sci.skeptic tommorow, perhaps Alex will have the guts to > debate it there. You tell me how and we'll duke 'em out, dude. > -- Ray Cromwell | Engineering is the implementation of science; > -- EE/Math Student | politics is the implementation of faith. -- > -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- Remember Tacoma Bridge? What a piece of engineering faith that was! I started to laugh at my physics teacher when he told us how it took thousands of hours to figure out why a bridge suddenly started to twist. -Alex Reynolds "A scientist is a priest with more cool looking potions." -my sceptical chem teacher. From gwt at eskimo.com Sat Oct 23 22:03:30 1993 From: gwt at eskimo.com (George Taylor) Date: Sat, 23 Oct 93 22:03:30 PDT Subject: Proposed policy: look like sig Message-ID: <199310240504.AA15243@eskimo.com> Eric said, >Given the objections I've received, I now amend my proposal from "sign >your messages, or else" to "make something that looks like a >signature, or else". This has several consequences that I >particularly like. Wouldn't it "look like a signature" if I just copied at the end of an article the actual signature of some other, signed, article? That would be a true signature, just not mine and not for this article. It sounds as though it would meet the suggested requirement, but I don't see how it would accomplish the goals. I could do it with a macro, or maybe use a special .sig for posts to this list. It wouldn't add anything to my software. What am I missing? -George From pmetzger at lehman.com Sat Oct 23 22:13:09 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 23 Oct 93 22:13:09 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240508.AA03859@snark.lehman.com> Alexander Reynolds says: > > Moreover, tests of the "embedded sex objects" hypothesis don't pan out. > > It turns out that (a) people don't notice them unless they have been > > predisposed to (ie:"find the penis in the photo") and (b) whether or > > not there is an embed in the photo has no meaningful effect on the > > viewer. > > Advertisers have found that such "artists jokes" as you call them are > profit makers. My friend Harry S. Hawk, who runs the Extropians list, works for an ad agency. I remember his reaction once to a news report about the nose on Joe Camel being a penis. He said, more or less... "yeah, I can see it now. The big guys are all in a meeting in the conference room, and they call in the artist and tell him 'It looks good, but frankly, it needs to be more, well, penis shaped. The nose, that is.'" No credible studies have ever shown that people notice subliminal messages. No credible studies have ever shown any of these "embedded images", either. If you believe they are there, it should be easy to find them. Take a scanner, scan in any newspaper image. Display only small subsets of the grey levels at once and your supposed subliminal messages should pop right out -- only you won't see a thing because they aren't there. Sure, sex sells -- look at any beer ad. But that is a different question. The notion that advertisers are going around deliberately incorporating hidden sexual imagery in an effort to boost sales has as much credibility as "The Protocols of the Elders of Zion". Perry PS By the way, none of this paranoia has anything to do with cryptography. From pmetzger at lehman.com Sat Oct 23 22:18:31 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sat, 23 Oct 93 22:18:31 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240513.AA03867@snark.lehman.com> Alexander Reynolds says: > > Balderdash. Key is just another Freudian conspiracy theorist. I found som e > > of the descriptions in his book laughable to absurd. His theories don't > > pan out if you talk to anyone in the advertising business. > > And exactly why should they be honest? It doesn't profit to be honest. Yup. All those tens of thousands of people (including unpaid summer interns) working in the Ad business have all been sworn to secrecy. Yeah, thats the ticket. And none of them ever talked, because ad people are like the mafia, and will kill each other for talking, which is why all those ad men end up floating in the East River all the time. Yeah, thats the ticket. By the way, I've got some swampland in Florida to sell you. Along with some subscriptions to some Lyndon Larouche publications that will give you incontravertable proof that the Queen of England is the worlds biggest drug trafficer. Perry From nate at VIS.ColoState.EDU Sat Oct 23 22:23:09 1993 From: nate at VIS.ColoState.EDU (nate at VIS.ColoState.EDU) Date: Sat, 23 Oct 93 22:23:09 PDT Subject: Viallage Voice article, etc Message-ID: <9310240520.AA02860@seurat.VIS.ColoState.EDU> Does anyone have a copy of the Viallage Voice article from the 3rd of August 1993? I don't want to type it in, and I know I saw it on the list a while back. Also, I am compiling a list of articles that explain what we are all about (I know, there is no CypherPunks agenda per se, but there are common goals here), to be given out to the public. If you are in posession of such an article (or know of one, I'll type it in) send it to me, please. Thanks, -nate -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | #include Guerrilla Cryptographer | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Always remember "Brazil" From trebor at foretune.co.jp Sat Oct 23 23:33:08 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Sat, 23 Oct 93 23:33:08 PDT Subject: Subliminal Channels In-Reply-To: Message-ID: <9310240630.AA15265@dink.foretune.co.jp> This will be my final note on this subject, as it is inappropriate for the list. Alex writes in support of subliminal seduction: Alex, there have been numerous studies on the subject, which I summarized in my previous email (and you ignored). Go look it up for yourself if you don't believe me. My degree is in psych, perceptual psych. I know whereof I speak. Subliminal seduction does not have a statistically significant effect. If you are predisposed to see penises and breasts, you see them. There are ice-cubes in booze ads because (surprise!) you put ice-cubes in booze! Artists jokes appear in work all the time. Apple's Newton has several of them. Most of the anime films I subtitle have them in them. It is human nature, and part of the creative process, which is why it is tolerated. "SS" is a powerful myth, but tons of studies have shown that it has the same validity as "Gerbilling." I'm not saying it hasn't been tried, it most surely has. What I am saying is that most people in the Ad industry know it's bullshit. A much more powerful effect, if you're going to airbrush, would be to correct images so they present the right cues to the reader. An example would be making sure that that smiling girl is presenting Duchenne's marker (a subtle difference typified by involuntary contraction of the pars lateralis eye muscle that signifies a true happy smile, as opposed to a fake or a social smile). See SCIENCE, Vol 262, Pg 336 for a fascinating report on this -- learning how to contract this muscle and smile true happy smiles can actually make you feel happy! From ld231782 at longs.lance.colostate.edu Sun Oct 24 01:38:31 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 24 Oct 93 01:38:31 PDT Subject: pseudospoofing survey Message-ID: <9310240835.AA08908@longs.lance.colostate.edu> punks: The following is an essay followed by a survey on pseudospoofing. If you are interested in participating in the survey please reply in email to me under your `true name' only. I will post a summary to the list if there is sufficient data and I'm convinced it isn't strewn with manufactured lies from phantom identities (please do not waste my precious time, pollute my mailbox, or disrupt this survey with any). * * * First, let's review. From my perspective a person can have cyberspatial identities in about 5 basic categories. Under these definitions an `identity' is what appears in the `from' line of a message or other very obvious identifying characteristics of the message, for example, a line at the beginning saying `This is [x], I couldn't post under my regular account but ...', a signature at the end of the message, etc. Under these definitions I'm leaving out the distinctions of `reply capability' associated with anonymous servers etc. 1. `True Name' -- for our purposes let this be defined as the name on your birth certificate, your legal identity. 2. `unique name' or `cyberspatial name' -- this would be a name you associate with all your activities in cyberspace in postings to mailing lists, email, etc. That is, I'm making a distinction about people possibly using the net always under a single pseudonym. 3. `obviously anonymous' -- identifying characteristics in the message (such as origination from an anonymous server, etc.) make it obvious that *anyone* could have posted it. Sometimes called `hit and run'. 4. `pseudonymous' -- a variation of (3) where arbitrary identification is used to build up a reputation under a presumed name, but characteristics of the message make clear that the identity is an *alias* for someone's *unique* identities under (1) or (2). The nicknames associated with the Helsingius server ID's would be an example. 5. `pseudoanonymous' or `pseudospoofed' -- the message could either be someone's `true name' or an invented alias, but *no* characteristics of the message (including the message by the author) can discriminate exactly *which*. This is something like `identity camouflage'. It is a new category of identification that transcends (1) - (4) because it encompasses all of them. * * * Now, I've written a lot on `anonymity' and am a strong supporter and proponent of categories (2), (3), and (4), where the *receiver* of a message is *informed* and *aware* that it can be from *anyone*. However, I believe extreme restrictions should be placed on the use of (5) in a civilized cyberspatial society (such as that which mailing lists and Usenet groups attempt to represent, IMHO). Contrary to all the flames on the list and in my mail box, I continue to believe that this is not incompatible with privacy -- in fact, I believe it *promotes* it. Very serious abuses of (5) can lead to insideous deception and treachery, particularly in the interplay between public and private messages, and I'm absolutely aghast to see the capability for (5) championed as `privacy' here and in my mailbox by many people (or phantoms, I'm in total confusion) I used to respect. But this is all another essay. Above all, I'm *extremely* disturbed and alarmed to perceive what appears to be a systematic propaganda and disinformation campaign on this list and elsewhere in obfuscating the *obvious* and *incontrovertable* distinction between (3) and (4) on one hand (`anonymous' and `pseudonymous') and (5) on the other (`pseudoanonymous' or `pseudospoofed'), ironically perhaps largely via abuse of the lack of protective mechanisms against it here. In (3) and (4), the reciever *knows* that the message can be from *anyone*. In (5), the receiver does *not* know, and may even be *misled* into believing that a message is in categories (1) or (2) when it is in fact in fact `anonymous'. IMHO this is *very* dangerous. To further emphasize this distinction, in some sense categories (1) - (2) are *attributable* to *unique* identities. When I see messages in categories (1) or (2) on a mailing list, in my mailbox, or in Usenet postings, FTP articles, whatever, I can attribute them to unique people by definition. We also might call (1) `accountable', and if an online account under (2) can be traced to a legal identity, it would be also. Categories (3) and (4) are *not* attributable to unique identities. A single person could post anonymously multiple times or pseudonymously under multiple identities. If a person has only one pseudonym, let's say that's `quasi- or semi- accountable'. But not only is (5) *not* attributable to *identities*, it is not `attributable' to any of the previous *categories*! Hence, let's call messages in the categories (1) - (2) `attributable', (3) - (4) `nonattributable', (1) - (4) `uncamouflaged', `white', `open' or `unsurreptitious', and (5) `nonattributable' and `camouflaged', `black', or `surreptitious'. (I leave it to subsequent debate to stabilize on the most descriptive and memorable terms.) This *camouflage* that various cypherpunks promote, apparently up to the highest levels of `leadership', is IMHO inherently subversive. Because no one here seems to be afraid of subversion and anarchy, and even embraces it, let me go further and say it is *destructive* not only to societies but to *any* social interaction, even interpersonal. IMHO It is not just a recipe for anarchy, it is a recipe for chaos and barbarianism, *particularly* when associated with personal mail (including mailing lists). This was all a topic of discussion many months ago, and I paid scant attention at the time because I didn't think it was the interest of the majority of cypherpunks, part of the agenda, generally feasible, or in widespread practice. Recent events suggest to me I am *utterly* mistaken on all counts. In fact, apparently not only are `some' cypherpunks in favor of `black' postings, they are in favor of *concealing* the very existence of the capability, so as to potentially manipulate and brainwash others in an undetected concerted conspiracy! I think I will define this as `evil blackness'. Again, lots of specific examples, anecdotes, and horror stories are another essay. Perhaps some would like to expand on this point (please email me if you treat this in a comprehensive and thorough manner). For now, I just want to make the distinctions clear for the survey, which follows. The survey will help me determine the extent of `blackness' and `evil blackness'. Please try to be as complete as possible in your responses. I will read and be influenced by independent opinions in my mailbox, but again request that you use your True Name only in any correspondence with me. And anyone who flames that this survey is an invasion of privacy, get lost. Let anyone reply under their own free will. I will keep all responses strictly confidential. However, I would like to collect some opinions under true names I can quote later. Please put the key `N/A' (not for attribution) in front of any response you wish me to leave unattributed or in front of the entire message like `message N/A'. Also, I will try to start email conversations with anyone who is particularly knowledgable. * * * 1. What is your `true name'? 2. Do you have a unique online identity other than your true name? 3. How long have you been on the internet? 4. How many mailing lists are you on? 5. Are `black' / `camouflaged' identities feasible or possible on the internet today? If so, how in particular? Comment on public access and UUCP sites if possible. 6. To what extent do you think `camouflaged' identities exist on the internet currently? Where are they used? What mailing lists or newsgroups are particularly dense with `black' postings? Have you ever received any in email? 7. Have you ever posted under a `camouflaged' identity? if so, where? How often? 8. Are you aware of any potential `abuses' of `black' messages? Has it turned into a big problem anywhere? Do you have any horror stories? Are there any `cabals' or `silent conspiracies'? have any debates or projects been `poisoned' or `sabotaged'? 9. Are you neutral on the capability of `black'/`camouflaged' messages, or do you strongly promote/support or condemn it? Is it harmless or dangerous? 10. Is society aware of `black messages'? if not, what would `they' think in general? if so, what is the consensus on the practice? 11. Is it fundamentally technically impossible to prevent *widespread* black messages if there was an incentive or consensus to do so? Or is it feasible with technology? 12. What are internet policies in general on `black' messages? What should they be? Should they be restricted and prevented? allowed? Keep in mind the distinctions of posts to mailing lists, Usenet posts, and personal mail. 13. Please list any resources on this subject: email addresses of specialists, pointers to papers, etc. From jkreznar at ininx.com Sun Oct 24 02:53:12 1993 From: jkreznar at ininx.com (John E. Kreznar) Date: Sun, 24 Oct 93 02:53:12 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310232111.AA03150@ah.com> Message-ID: <9310240951.AA14727@ininx> I support your signature proposal in either iteration. Don't be swayed by armchair cypherpunks whining about how they might be inconvenienced by such a policy. And I say these things even though I am myself not yet fully positioned to sign my messages (though I'm close). John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. From rjc at gnu.ai.mit.edu Sun Oct 24 03:13:13 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Sun, 24 Oct 93 03:13:13 PDT Subject: pseudospoofing survey In-Reply-To: <9310240835.AA08908@longs.lance.colostate.edu> Message-ID: <9310241008.AA26937@kropotkin.gnu.ai.mit.edu> L. Detweiler writes: > 5. `pseudoanonymous' or `pseudospoofed' -- the message could either be > someone's `true name' or an invented alias, but *no* characteristics of > the message (including the message by the author) can discriminate > exactly *which*. This is something like `identity camouflage'. It is a > new category of identification that transcends (1) - (4) because it > encompasses all of them. So don't give credit to any pseudoanonymous messages which aren't signed by a trusted public key. It's as easy as that. > * * * > > Now, I've written a lot on `anonymity' and am a strong supporter and > proponent of categories (2), (3), and (4), where the *receiver* of a > message is *informed* and *aware* that it can be from *anyone*. All five categories can be spoofed easily. Even birth certificates. If the hardest (true names) can be spoofed, what kind of person would reason that (5) can't be from anyone? > However, I believe extreme restrictions should be placed on the use of > (5) in a civilized cyberspatial society (such as that which mailing > lists and Usenet groups attempt to represent, IMHO). Contrary to all Who is going to place these restrictions? The FCC? > Very serious abuses of (5) can lead to insideous deception and > treachery, particularly in the interplay between public and private The same case can be made for free speech. Allowing hate speech mongers the protection of free speech could lead to negative public opinion about the first amendment. So what? With every technology there comes the capability for both abuse and benefit. Live with it, and adapt. Crypto gives people the ability to post anonymously, it also gives you a more concrete way to authenticate (digital signatures, zero knowledge proofs, etc) which are in many ways, better than hand written signature and photo-id. > Above all, I'm *extremely* disturbed and alarmed to perceive what > appears to be a systematic propaganda and disinformation campaign on > this list and elsewhere in obfuscating the *obvious* and > *incontrovertable* distinction between (3) and (4) on one hand > (`anonymous' and `pseudonymous') and (5) on the other > (`pseudoanonymous' or `pseudospoofed'), ironically perhaps largely via > abuse of the lack of protective mechanisms against it here. There is no campaign, you are paranoid. There is no difference between 3,4 and 5 except your imagination. In 1-4 I can just as easily spoof. If someone is aware that 1-4 can be spoofed by anyone and they can't extend their pea-brain to reason that (5) can also be spoofed then they deserve the fate they get! > In (3) and (4), the reciever *knows* that the message can be from > *anyone*. In (5), the receiver does *not* know, and may even be > *misled* into believing that a message is in categories (1) or (2) when > it is in fact in fact `anonymous'. IMHO this is *very* dangerous. Caveat emptor. After they are pseudospoofed for the first time, they won't be so trusting of net.con-men anymore and will demand better proof of identification. > This *camouflage* that various cypherpunks promote, apparently up to > the highest levels of `leadership', is IMHO inherently subversive. > Because no one here seems to be afraid of subversion and anarchy, and > even embraces it, let me go further and say it is *destructive* not > only to societies but to *any* social interaction, even interpersonal. > IMHO It is not just a recipe for anarchy, it is a recipe for chaos and > barbarianism, *particularly* when associated with personal mail > (including mailing lists). Perhaps I'm just not that excitable, but I don't see what all the fireworks are for. This already is the status quo. Mail fraud, con-jobs, fake-ids, these already exist outside cyberspace. If anything, you should be more distrusting of net.pseudonyms than the three-card monte dealer. > In fact, apparently not only are `some' cypherpunks in favor of `black' > postings, they are in favor of *concealing* the very existence of the > capability, so as to potentially manipulate and brainwash others in an > undetected concerted conspiracy! I think I will define this as `evil blackness'. Bogus. You just went off the deep-end. If you're so concerned about this capability, why don't you go liberate the net.universe and tell them this amazing fact: you can forge identities on the net. Postings, mail, accounts, even whole domains. -Ray NEWSFLASH: Great Cypherpunk Conspiracy Revealed! A california based group of cryptography fans conspire to cover up pseudoanonymous capabilities so they can continue their reign of abuse, exploitation, psychological combat, and the sapping of precious bodily fluids from net.novices. p.s. all this reminds me of the great mud gender identity debates. Many young males were extremely disturbed that the female MUD users they were practicing cybersex with were actually other males. As a result, most mud users are no longer as gullible. Evolution and natural selection at its best. p.p.s you will find that many of us aren't trying to cover pseudoanonymous capability up -- It is just that _we don't care_ I certainly don't care, and I don't think of myself of "the great protector of the ignorant" as you seem to do either. The facts are, short of demanding digital signatures or passwords for posting to this list, there is nothing you can do to prevent me from forging "From" lines, I could probably forge Received: lines too if I had a well-positioned machine. One feature of my Extropian's list software is that it only allows people who are on the list to post to it, and a user can turn on a "password" feature that only allows his address to post if a password is supplied. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From catalyst at netcom.com Sun Oct 24 03:18:35 1993 From: catalyst at netcom.com (Scott Collins) Date: Sun, 24 Oct 93 03:18:35 PDT Subject: impersonation Message-ID: <9310241011.AA28640@newton.apple.com> -----BEGIN PGP SIGNED MESSAGE----- I have recently read many arguments here which can be summarized: "Cypherpunks technology makes impersonation easy, abuses unpunishable, and communication untrustable." This is not true. There are two major thrusts to the tech discussed on this list. a) anonymity, i.e., stripping communication of provable identity; b) authentication, i.e., demonstrable proof of identity. Impersonation based on the technology of the former, can have no more, and likely much less, credibility than without. Neither does this technology afford any additional mechanism by which a user bent on forgery can illicitly claim another's identity. The technology of the latter category (e.g., digital signatures) is, in fact, meant to be a significant obstacle to this very act. My identity is my own. An impersonation of me is an unpermitted use of my private property: identity and reputation. It is as reprehensible as any other theft, and -- at least to me -- is as deep an invasion of my privacy as rape. I'm pretty damn pleased that cryptography has provided me a weapon against it: a weapon advocated by cypherpunks; a weapon wielded frequently on this list; a weapon we are all armed with, in the bodies of PGP and PEM. With the honey, often come the bees, and vice versa. The same people who advocate a technology you fear, offer with it a solution far better than unenforceable prohibition (even if we _had_ been the ones to let the genie out of the bottle, we couldn't put it back in: dissemination of information is non-ergodic). Anonymity software adds no affordances to the already considerable array of techniques for deceiving people, simply more reliable 'track covering', and conversely, less credibility. Digital signatures, on the other hand, provide a simple, tested, workable protection. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMph2CmBKTQiZpaHAQEjZQP/ef4gBVSIy9+FFHkPyth9ktIjsqQu0W7S ccY4BZGcJGOzA1QmqMKugHM1wQh8jNNtTLxmgSNcB5wUpAuGJaEFOhnKqRUGO4BB oyR8AXXQ5uUDmBQ7krYaqk6xPLWe/K4ZPzcv/AVOZocxVlUGCLPg5z5+IXkyOb/2 FCwscFEBGcs= =hAS8 -----END PGP SIGNATURE----- From rjc at pseudospoofer.exploit.org Sun Oct 24 03:28:35 1993 From: rjc at pseudospoofer.exploit.org (Timothy C. May) Date: Sun, 24 Oct 93 03:28:35 PDT Subject: pseudoanonymous correction Message-ID: <9310241026.AA16632@albert.gnu.ai.mit.edu> rjc at gnu.ai.mit.edu writes: > > Very serious abuses of (5) can lead to insideous deception and > > treachery, particularly in the interplay between public and private [opps, a paragraph got cut out somehow, oh well] > The same case can be made for free speech. Allowing hate speech > mongers the protection of free speech could lead to negative public --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From ld231782 at longs.lance.colostate.edu Sun Oct 24 04:53:12 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 24 Oct 93 04:53:12 PDT Subject: pseudospoofing survey In-Reply-To: <9310241008.AA26937@kropotkin.gnu.ai.mit.edu> Message-ID: <9310241148.AA20398@longs.lance.colostate.edu> You justify all your arguments in favor of pseudospoofing by pointing at existing criminal behavior. Interesting point of view, eh? > Bogus. You just went off the deep-end. If you're so concerned about this >capability, why don't you go liberate the net.universe and tell them this >amazing fact: you can forge identities on the net. Postings, mail, accounts, >even whole domains. I just did. >NEWSFLASH: Great Cypherpunk Conspiracy Revealed! A california based group >of cryptography fans conspire to cover up pseudoanonymous capabilities so >they can continue their reign of abuse, exploitation, psychological combat, >and the sapping of precious bodily fluids from net.novices. yep. hope you don't mind. >p.s. all this reminds me of the great mud gender identity debates. Many >young males were extremely disturbed that the female MUD users they were >practicing cybersex with were actually other males. As a result, most >mud users are no longer as gullible. Evolution and natural selection at its >best. MUDs are games. Mailing lists, Usenet, and the Internet are not. >p.p.s you will find that many of us aren't trying to cover pseudoanonymous >capability up -- It is just that _we don't care_ I certainly don't care, and >I don't think of myself of "the great protector of the ignorant" as you >seem to do either. so? >The facts are, short of demanding digital signatures or >passwords for posting to this list, there is nothing you can do to prevent >me from forging "From" lines, I could probably forge Received: lines too >if I had a well-positioned machine. you are mistaking the form of the present internet with future cyberspace. >One feature of my Extropian's list >software is that it only allows people who are on the list to post to it, and >a user can turn on a "password" feature that only allows his address to post >if a password is supplied. it's a start. ltr. From rjc at gnu.ai.mit.edu Sun Oct 24 05:58:34 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sun, 24 Oct 93 05:58:34 PDT Subject: impersonation In-Reply-To: <9310241011.AA28640@newton.apple.com> Message-ID: <9310241254.AA12447@churchy.gnu.ai.mit.edu> Scott Collins () writes: > > This is not true. [...] > There are two major thrusts to the tech discussed on this list. > > a) anonymity, i.e., stripping communication of provable identity; > b) authentication, i.e., demonstrable proof of identity. [...] > illicitly claim another's identity. The technology of the latter category > (e.g., digital signatures) is, in fact, meant to be a significant obstacle > to this very act. [...] > as rape. I'm pretty damn pleased that cryptography has provided me a > weapon against it: a weapon advocated by cypherpunks; a weapon wielded > frequently on this list; a weapon we are all armed with, in the bodies of > PGP and PEM. [...] > 'track covering', and conversely, less credibility. Digital signatures, on > the other hand, provide a simple, tested, workable protection. Thank you. I've been trying to drum this into people for a while, especially Detweiler. I don't know how much more he can want, but Digital Sigs must not be acceptable because he rejected my "private password for posting" which is almost equivalent to a digital signature scheme except that the password checking is done at the distribution site, not the home site (which is preferable to some people who don't have great boxes at home) With MD5+digital sigs, a real moderated newsgroup could work without the capability of someone forging control messages. Simply have the news software reject articles which aren't signed by the moderator. The same could go for "non-spoofing" secure groups. The technology is already here, all it takes is a few mods to existing readers. There is no need for a future draconet or data super-(fcc controlled and censored)-highway. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From frissell at panix.com Sun Oct 24 07:03:34 1993 From: frissell at panix.com (Duncan Frissell) Date: Sun, 24 Oct 93 07:03:34 PDT Subject: Net Regulation Message-ID: <199310241403.AA06468@panix.com> To: cypherpunks at toad.com B >Duncan Frissell wrote: B >:And don't tell me that we still have to live in the physical world. B >:If 90% of the GWP (including *almost all* the money) consists of B >:non-physical goods and services on the nets, government control over B >:the remaining 10% is not statistically significant. B > B >All too often, people look at one thing and imagine that the B >numbers somehow outweigh reality. It ain't like that, folks. B >Reality is complexly, intimately, and inseparately interconnected. B >No matter what you do with the bits, physical reality cannot be B >discounted. You also can't disount the physical realities confronting the state. It is enormously difficult to control workers who can live anywhere on earth and work anywhere else. The US government may think that it can control Americans but it can't control the rest of the world's population most of whom live in countries that don't even claim to try and tax income earned by their expats. Everyone on the nets is an expat. I believe that the percentage of GWP controlled by the world's states peaked at some point since WWII and has started a decline. With the growth of informal markets, tax evasion, non-national economic activity (offshore), and the privitization of the economies of the SU and China. If this trend continues, the relative power of states will decline as their control of economic activity declines. B >"No matter how subtle the wizard, a knife in the back will always B >cramp his style." But who is more vulnerable to the knife. Millions of "Permanent Tourists" living and working in cyberspace or a large nation state incapable of moving, hiding, or getting an honest job when markets turn against it. B >So, please, stop with the simplistic answers! B > B >(What *did* happen at Panix, eh? I rest my case.) Panix was down but my three other connections to the nets were up. Panix had a security intrusion. Duncan Frissell --- WinQwk 2.0b#1165 From hiscdcj at lux.latrobe.edu.au Sun Oct 24 07:43:09 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Sun, 24 Oct 93 07:43:09 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310231738.AA02831@ah.com> Message-ID: <9310241441.AA22293@lux.latrobe.edu.au> Hi, re the proposed policy: I read mail offline, usually. The mailer I use, an ms-dos mailer, doesn't support signing mail. It has some allowance for a .sig file, but I can't get it to work. I sometimes reply online, a I am doing now. If I reply online, I can sign messages, I think, using elm. Although I have no idea at all how to do this, but I'm sure I can find out. However, if I use my offline mailer, my mail will be delayed. Normally, this wouldn't be a problem, but what if I came across something urgent, wrote a reply, and uploaded it immediately? Anyone else in this situation? Dwayne. Who is going to get in touch with the author of this mailer Real Soon Now, he thinks.... (Dwayne Jones-Evans IRC: ddraig ) ( SCA: Cynon Yscolan ap Myrddin, Stormhold, Lochac, West) PGP public key available. finger me. be gentle. internet---> hiscdcj at lux.latrobe.edu.au From nobody at alumni.cco.caltech.edu Sun Oct 24 07:58:35 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Sun, 24 Oct 93 07:58:35 PDT Subject: pirate radio Message-ID: <9310241451.AA12876@alumni.cco.caltech.edu> -----BEGIN PGP SIGNED MESSAGE----- There's an article on this morning's front page of the New York Times (10/24/93) about a guy in Berkeley who runs a pirate station and gives seminars on how to do likewise on the cheap. Better get judgement proof first, though - FCC is trying to fine him $20,000. Eternal!Optimist at anon.penet.fi (copyright 1993, Eternal Optimist [Ha Ha Ha]) 0) 0) =:()]-< -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMpc04jvfLxJbYYtAQEtuAP9FRirBlZXmVzHXXqgFyQklDkqPfJtxSl7 Kz4Qn5aL/sghgM68w7OLTw6AYpeNMc2Te0aABRorEATlJISnAOHiUJnP/7+IH9oS XmwY1xJ5NfKWAHu2BzKoTd6eDKrZsPZ60ECLZ5ODEVDb8kmCuUPZo7rOFEzABmFK YBGOpH0I1Pg= =peuY -----END PGP SIGNATURE----- From kinney at ucsu.Colorado.EDU Sun Oct 24 10:33:10 1993 From: kinney at ucsu.Colorado.EDU (W. Kinney) Date: Sun, 24 Oct 93 10:33:10 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <199310241732.AA23689@ucsu.Colorado.EDU> -----BEGIN PGP SIGNED MESSAGE----- What's the point of resorting to contrived inducements to include signatures? If there's a real reason to do it, people will, and if not, they won't. Perhaps we could just all by-and-large agree to sign posts? I'll start with this one... -- Will -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMpmVvfv4TpIg2PxAQHrlAP5AaRssrPAO/sNsBkPVGKcJbn5z9exBlqd JqG9nfx5HuinNFANovpGO5+zDp0fDtnQ4c1e86vsONQ3wSklXZx30IYG/h7cX4T9 rXNpxZVsT26lIHIrAxEXKBCRwhtlaO19+G1nN5DLChXF/DlnQiTRsmjxhPI1NI5r 9WyyI02GEDk= =xy8S -----END PGP SIGNATURE----- From bill at twwells.com Sun Oct 24 11:58:42 1993 From: bill at twwells.com (T. William Wells) Date: Sun, 24 Oct 93 11:58:42 PDT Subject: the principle of least astonishment Message-ID: For my service, given what it is for, the presumption should be anonymity. For the personals groups, perhaps the presumption should be the other way around. There is, almost certainly, no one right answer. Those who attempt to support their arguments by reference to "least astonishment" are doing nothing more than attempting to pretend that their subjective judgements are universal and unarguable. Either the perpetrators are so intellectually lacking that they do not see what they are doing or they are so intellectually dishonest that they do. In either case, I am utterly disgusted. From an41418 at anon.penet.fi Sun Oct 24 12:03:10 1993 From: an41418 at anon.penet.fi (wonderer) Date: Sun, 24 Oct 93 12:03:10 PDT Subject: pseudospoofing survey Message-ID: <9310241902.AA23167@anon.penet.fi> I don't know the value of such a survey. I am not inclined to answer these questions to someone who I don't really know over a communication system that is inherently untrustworthy. I agree that this information would be valuable could it be collected, but I figure since I don't feel like revealing this information, especially not under my true identity, then others, (who may even be malicious at times) will be less likely to. What is your intention in posting such questions? Do you really expect to learn anything from the responses? Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From swc at uc1.ucsu.edu Sun Oct 24 12:23:10 1993 From: swc at uc1.ucsu.edu (Stuart W. Card) Date: Sun, 24 Oct 93 12:23:10 PDT Subject: bye for now... Message-ID: <9310241923.AA00527@uc1.ucsu.edu> The last couple of weeks have been interesting and fun (and have provided me with useful information upoin which I will act shortly), but I can't keep up with the volume. Thanks, and see you later (when I have more time). I will remain on the -announce list and will still be available via direct e-mail. bye for now... ------------------------------------------------------------------------ Stuart W. Card, Consultant, Card & Associates -- Research & Development Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 swc at uc1.ucsu.edu or cards at top.cis.syr.edu "Who is John Galt?" From an5877 at anon.penet.fi Sun Oct 24 12:53:36 1993 From: an5877 at anon.penet.fi (deadbeat) Date: Sun, 24 Oct 93 12:53:36 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310241952.AA28774@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- I am among those "generally supportive" of E. Hughes' suggestion that signed messages be encouraged in some way. It wouldn't bother me a bit if that led to a decline in CypherPunks mailing list membership; with luck, the quality of the list would improve. Furthermore, class consciousness is a good thing (?), so let's create classes of CypherPunks and try generally to elevate consciousness. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBFAgUBLMrasPFZTpBW/B35AQH+RAF/dmbj+wmAt/BT4Btrwm8EgfCSLwP0kMb9 gqPOPYXPP0IXdL+J/+u3sZRNoza10MOG =cAa8 -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From bill at twwells.com Sun Oct 24 12:58:36 1993 From: bill at twwells.com (T. William Wells) Date: Sun, 24 Oct 93 12:58:36 PDT Subject: Mail delivery question In-Reply-To: <9310231851.AA25213@toad.com> Message-ID: In article <9310231851.AA25213 at toad.com>, peter honeyman wrote: : To: toad.com!cypherpunks : In-Reply-To: bill's message of Thu, 21 Oct 1993 22:05:48 +0000. : : well, i think bill overstates the case. but then, i'm from the : slash/hack, no risk/no gain school of computer programming. I believe in minimizing those risks that can be easily minimized. RTFMing and asking for other opinions certainly fall into the easy to do/high gain category of risk minimizing. As an operator of an anonymous service, I'm constantly amazed at the things that supposedly worthwhile net.citizens will do, without even the slightest thought for the consequences. And consequences there have been, sometimes potentially tragic ones. Perhaps I should tell some of my horror stories. From bill at twwells.com Sun Oct 24 13:08:36 1993 From: bill at twwells.com (T. William Wells) Date: Sun, 24 Oct 93 13:08:36 PDT Subject: Net Regulation In-Reply-To: <199310241403.AA06468@panix.com> Message-ID: In article <199310241403.AA06468 at panix.com>, Duncan Frissell wrote: : B >Duncan Frissell wrote: : B >:And don't tell me that we still have to live in the physical world. : B >:If 90% of the GWP (including *almost all* the money) consists of : B >:non-physical goods and services on the nets, government control over : B >:the remaining 10% is not statistically significant. : B > : B >All too often, people look at one thing and imagine that the : B >numbers somehow outweigh reality. It ain't like that, folks. : B >Reality is complexly, intimately, and inseparately interconnected. : B >No matter what you do with the bits, physical reality cannot be : B >discounted. : : You also can't disount the physical realities confronting the state. Oh, I don't disagree with your main thesis which, if I understand it aright, amounts to that the state is pretty much obsolete and is only taking its time realizing this. :-) I'm just trying to point out that it is simply dangerous to imagine that bandying about numbers that purport to show its insignificance will actually make it so. Or, to put it another way, I mostly agree with your statements and wish you wouldn't weaken them with worthless supporting claims. : It : is enormously difficult to control workers who can live anywhere on earth : and work anywhere else. Really? I'll tell you what: I'll give you 100% control over all communications starting tomorrow and I'll take 100% control over all food and water at the same time. I win. You *die*. Simplistic and impossible, true, but the point remains. There is always a physical reality and no matter who "insignificant" it is, it can still kill you. : B >"No matter how subtle the wizard, a knife in the back will always : B >cramp his style." : : But who is more vulnerable to the knife. Millions of "Permanent Tourists" : living and working in cyberspace or a large nation state incapable of : moving, hiding, or getting an honest job when markets turn against it. The permanent tourists, of course. The state is, when all is boiled down, an instrument of force and it functions most "effectively" when it limits itself to that. I guarantee you that if the US wanted to crack down on this stuff that it would be gone. This year, a third of the prison population is from drug-related "crimes"; if they got a bee in their bonnets, you and I and a whole lot of other people could take their places. (Not, mind you, that I think this'll happen. But it *could*.) Yes, that could be prevented, but it won't be prevented by what the cypherpunks are doing. Sooner or later, the bodies would have to meet the bullets. That's the way of the world, alas. : B >So, please, stop with the simplistic answers! : B > : B >(What *did* happen at Panix, eh? I rest my case.) : : Panix was down but my three other connections to the nets were up. Panix : had a security intrusion. You missed the point. The net is embedded in the rest of reality and that reality, in this case, *people*, had significant deleterious effects on many others' ability to use the net. This isn't going to change any time soon. Maybe in a couple of decades, less if people stop pretending the real world is an irrelevancy. From an5877 at anon.penet.fi Sun Oct 24 13:13:11 1993 From: an5877 at anon.penet.fi (deadbeat) Date: Sun, 24 Oct 93 13:13:11 PDT Subject: impersonation Message-ID: <9310242012.AA01583@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- Scott, I'm not sure what you mean by dissemination of information not being ergodic -- could you please elaborate. Well, not elaborate, because your style is already quite elaborate, and I can't make heads or tails out of your note. The comparison of Email forgery to rape ("or any other invasion of privacy" -- excuse me, but forcibly shoving your penis into my vagina is not an invasion of my privacy, it is a violent crime on my body, for which you will pay) so enrages me, it makes calm discussion impossible. DEADBEAT -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBFAgUBLMrfAPFZTpBW/B35AQHTvAGAnV21LCA7m5AeD05EoAUbjuLAHTZK9lHM Y1C/1B2n6wmYAivNaCAbvk+YJHza5Hv5 =wh4r -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From XXCLARK at indst.indstate.edu Sun Oct 24 13:38:36 1993 From: XXCLARK at indst.indstate.edu (XXCLARK at indst.indstate.edu) Date: Sun, 24 Oct 93 13:38:36 PDT Subject: pgp inforequest Message-ID: <9310242035.AA07381@toad.com> The PGP23a DOC_2 file says: "Info-pgp is moderated by Hugh Miller, and you may subscribe to it by writing him a letter at info-pgp-request at lucpul.it.luc.edu. Include your name and Internet address. If you want to know where to get PGP, Hugh can send you a list of Internet FTP sites and BBS phone numbers. Hugh may also be reached at hmiller at lucpul.it.luc.edu." As I presently have no newsgroup access, I attempted to mail to the request add above and the message bounced. Can anyone tell me if this address is still valid... or correct? From an41418 at anon.penet.fi Sun Oct 24 13:43:14 1993 From: an41418 at anon.penet.fi (wonderer) Date: Sun, 24 Oct 93 13:43:14 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310242036.AA05082@anon.penet.fi> I don't think restricting participation to signed messages is a good idea until we have some way of verifying a signature automatically before allowing it to be posted. Here's one: How do you verify a signature for an anonymous, first time poster? I am not opposed to the concept, just I don't think there's a practical way of doing it. How about this: Require cypherpunks users to register a key and an identity, real or pseudonymous. Then, they can sign with the corresponding private key and nobody else can. The software then filters out bad posts. How do we prevent people from registering a key in someone else's name??? It's beyond me. Wonderer ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From ebrandt at jarthur.Claremont.EDU Sun Oct 24 15:13:26 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sun, 24 Oct 93 15:13:26 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310242036.AA05082@anon.penet.fi> Message-ID: <9310242209.AA08710@toad.com> > Here's one: How do you verify a signature for an anonymous, > first time poster? You don't try -- what would it mean? You accept the provided public key, and use it to check the continuity of the pseudonym. > How do we prevent people from registering a key in > someone else's name??? It's beyond me. The list, to check signatures, has to have a trusted key from each nym. But there are different sorts of trust. One might certify that a given key belongs to a known real-world meat machine. Or one might certify only that it corresponds to the legitimate user of a given net address. In theory, one could even certify that the key holder was not forced to hand a copy over the the NSA, or make whatever other guarantees one chooses. I think the trusting of keys should be left to individuals, who may have different ideas of what it means for them to accept a given signature. In PGP's "web of trust" model, is there a general consensus on what it means to sign someone's key? > Wonderer Eli ebrandt at jarthur.claremont.edu From ebrandt at jarthur.Claremont.EDU Sun Oct 24 15:23:16 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sun, 24 Oct 93 15:23:16 PDT Subject: the principle of least astonishment In-Reply-To: Message-ID: <9310242219.AA08866@toad.com> > From: bill at twwells.com (T. William Wells) > For my service, given what it is for, the presumption should be > anonymity. For the personals groups, perhaps the presumption > should be the other way around. There is, almost certainly, no > one right answer. What are your thoughts on solutions which do not do either of these alternatives? For example, several people have discussed systems involving two sets of addresses. These avoid both problems (unexpectedly failing to anonymize / unexpectedly anonymizing a message with a sig), at the cost of some complexity. > Either the perpetrators are so intellectually lacking that they > do not see what they are doing or they are so intellectually > dishonest that they do. In either case, I am utterly disgusted. Aren't you detweiling a bit here? I don't think the situation really warrants "utter disgust"... Eli ebrandt at jarthur.claremont.edu From larry at owrlakh.wl.aecl.ca Sun Oct 24 15:33:21 1993 From: larry at owrlakh.wl.aecl.ca (Larry Gadallah) Date: Sun, 24 Oct 93 15:33:21 PDT Subject: Coffee, anyone? Message-ID: <9310241931.AA17244@owrlakh.wl.aecl.ca> > > Hello, _real_ people and cypher-crypto-pseudo-spoofs! > > I almost fell out of my chair laughing at the recent post > revealing the TRUE identities of half the people (I use that > term guardedly these days) in the mail group. It did me a > world of good. > > Try this on for a quick reality check- this is how I view the > issue of anonymity, trust, reputation, validity, etc. in the > Cypherpunk forum: I see the list as a coffee house, buried in > the bowels of a machine at Berkeley. People wander in and out, > some to chat, others to listen. There is no implied social > contract in place among the participants, really, just some > common interests. For the price of a cup of coffee (my time > and my connection to Internet), I can enjoy stimulating > conversation and shoot the breeze. When people present their > ideas, I take their identities at face value (asking for ID's > before making small talk seems a bit gauche). Every now and > then, a message in a bottle comes sailing through the (open) > door- the waiter pulls the message out and reads an anonymous > posting. Those so motivated can put replies in the bottle and > sling it back outside, where the anonymous poster picks it > up. Truly obnoxious messages can be answered by Molotov > cocktails in the same manner . > > My point is this: we're in a coffee house, not a courtroom. > If I meet someone in a coffee house and want to do serious > business like buying a car, co-publishing a paper, or betting > my career on a set of equations, I (we) would adjourn to a > somewhat more formal setting and follow entirely different > rules for establishing trust and reputation. In the same vein, > I might listen to a chorus of voices spouting political > agendas while sipping my coffee, but I wouldn't expect the > applause and the catcalls to be tabulated and published as > election results. I agree entirely with Detweiler about the > importance of being able to validate people electronically, > but I think it would be a shame to close the door to the > coffee house, take attendance, and charge admission. > .............................................................. > .......... Philippe D. Nave, Jr. | The person who does not > use message encryption pdn at dwroll.dw.att.com | will soon be > at the mercy of those who DO... Denver, Colorado USA | PGP > public key: by arrangement. > Hear! hear! I really _like_ my coffee, and I'd hate to see all the interesting people and discussions frightened off by excessive officiousness in the coffee shop. --- --------------------------------------------------------------------- Larry Gadallah Amateur Radio VE4TCP Lac Du Bonnet, Manitoba, Canada IP: [44.135.114.9] SMTP: larry at owrlakh.wl.aecl.ca AX25: VE4TCP at VE4PIN.#PIN.MB.CAN.NA --------------------------------------------------------------------- From nowhere at bsu-cs.bsu.edu Sun Oct 24 16:18:46 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Sun, 24 Oct 93 16:18:46 PDT Subject: Interesting reading Message-ID: <9310242316.AA16018@bsu-cs.bsu.edu> From: ld231782 at LANCE.ColoState.Edu (L. Detweiler) Subject: on the CYPHERPUNKS, PSEUDOSPOOFING, and POISON Sender: news at yuma.ACNS.ColoState.EDU (News Account) Message-ID: Date: Sun, 24 Oct 1993 11:36:41 GMT Nntp-Posting-Host: jenkins.lance.colostate.edu Organization: Colorado State University, Fort Collins, CO 80523 Lines: 999 Recent extremely unpleasant personal experiences in cyberspace have given me, at the same time, deep scars and deep epiphanies. Following are some messages from the Cypherpunks mailing list generally on the subject of `pseudospoofing' -- the possibility that some people are posting or emailing under *different* `identities' from multiple sites, specifically with the intention of camouflage and deception. I have watched the development of anonymity on the internet with a high degree of personal interest, advocacy, and commitment. But this recent realization of the potentials and extent of `pseudospoofing' has deeply disturbed me. The most shocking realization is not just that it is technically feasible but is possibly *widespread* in certain quarters of the Internet. It alarms me that some are championing pseudospoofing (and what I have been calling `black' posts and email) as `liberating' and `refreshing' under the guise of `privacy' or `true/pure anonymity'. > I suspect the > result will be a more honest dialog, a more productive conversation > freed from posturing and, ironically, from the concealment of threatening > truth. I hope we will observe the resulting new forms of good and evil > with Zen patience and allow this quite interesting experiment to > continue. > It's interesting to see the different mental models that people hold > of the net. To me, this equation that one truename means one persona > is not realistic or reasonable. People spawn personas (-ae?) for > many reasons, including psychological exploration, sociological > experiments, sexual thrills, or just for practice at maintaining > personas. I know of several instances in which one person patted > himself on the back circularly, or took half a dozen sides in a > discussion -- and can surmise about others. This sort of thing may > well happen routinely, [...] > [...] the privacy technology `we' espouse can only promote > this. There is no way to maintain this one-to-one equation when > working with pseudonyms, when the human "dongle on the keyboard" is no > longer a viable identifier. I think the Usenet motto, "Live with it", > applies. > Perhaps "support" is better measured by how many people are motivated > enough to go to the effort to make multiple but individually unique, > reputable posts in favor of a proposition, rather than by > simple numerical polls that abstract away knowledge and > motivation, or by how many True Names position themselves > with I'm-on-your-side posts. The idea of `spawning identities' for `psychological exploration, sociological experiments or sexual thrills' repulses me. It sounds to me like advocation of perversions and multiple personality disorders. And much to my shock, horror and disgust it appears to be a major component of the Cypherpunk philosophy. (I even wonder if the mainstream media has been misled about the true cypherpunk agenda, and so far have not been comforted by anyone `real'.) And the idea that `support' for projects be measured by `how many people are motivated enough to go to the effort to make multiple but individually unique, reputable posts in favor of a proposition' is absolutely bizarre. I have been publicly and privately assaulted and ridiculed so thoroughly, searingly, and viciously in both public and private flames by so many apologists and moral relativists on this subject that it has encouraged a certain degree of personal paranoia. In fact, I cannot count a single strong supporter so far. The whole black affair has opened my eyes to the extraordinary potential for grotesque evils such as manipulation, treachery, conspiracies, and brainwashing possible by combining the openess of electronic forums and `pseudospoofing', particularly in private email. I think that anyone who subscribes to this public internet mailing list should be warned that it may be a bizarre `experiment' in pseudospoofing and brainwashing on unsuspecting or unwilling participants. I certainly would never have subscribed if `I knew then what I knew now'. Its deeply upsetting that I may have been trying to cultivate friendships with nothing but phantoms, parasites, and betrayers on the list and in my personal mail or that this has polluted my other online activities. The bizarre perversions found in my personal mail far surpass everything I have posted here, and have quite traumatized me -- something like virginity violated by a rapist. The evasive, blase, flippant, and cavalier attitude by top `leadership' in the group on the subject horrifies me. (One eminent contributor to the list even suggested to me in email that a secret `elite' list existed or was in the works, presumably free of this reprehensible toxic waste.) Many respondents have taken the position that prohibitions against `pseudospoofing' are equivalent to invasion of privacy and government oppression. One very prominent poster suggested, as an insult, that `state run registries of legal persons' were reminiscent of `key escrow' systems like Clipper! I find this quite ironic, given that such a system already exists, called `birth certificates'! Even more upsetting to me the possibility that this practice of pseudospoofing may be infecting and corrupting mail lists devoted to serious project development of Internet technologies. I fear the openess and freedom of these forums is being subtly and insideously poisoned by increasing pseudospoofing -- perhaps a systematic and concerted campaign. It seems to me that resolution of the issues of identification and authentication are absolutely crucial for future internet development, and that some minor sacrifices in current `freedoms' will be the profound investments required for a harmonious future atmosphere. I will have more to say in various forums on the subject in the future. This is an introduction and background. I hope that eminent Usenet contributors will address the multitudes of issues this raises. I have spent valuable reputation capital in pursuing this matter, and have made many new enemies over the past few weeks, and am sure I will be branded as the new premier cyberlunatic by many, but if I am branded a `paranoid ranter' by terrorists and criminals it will only upset me if they're not in jail. I believe this issue of identification has paramount importance to everyone currently involved in `cyberspace' and its future development, perhaps even the #1 issue that must be resolved for basic progress -- how much authentication and identification is to be required? Note1: see talk.politics.crypto for a `user survey' on the subject and possible future postings. Note2: these postings have been edited slightly. ===cut=here=== To: cypherpunks at toad.com Subject: on anonymity, identity, reputation, and spoofing Date: Mon, 18 Oct 93 00:05:56 -0600 From: "L. Detweiler" H. Finney >After going to enormous efforts to create a network of anonymous remailers, >we are hoist by our own petard, as our list receives strange, irrelevant, >and argumentative posts through our own anonymous remailers. (Not all >anonymous posts are like this, but there have been quite a few in the last >few weeks which fall into these categories.) I've been thinking about this a lot lately. I think a large part of the problem as you indicate is associated with reputation. How does one build up a reputation and identity in cyberspace in general? Part of the problem IMHO is that this list software & the internet in general is extremely vulnerable to a lot of different kinds of spoofing. People are very sensitive to the perception of a `consensus' -- they are deeply influenced by what they perceive to be the `majority opinion'. What if that `opinion' was not an accurate representation of reality? what if a few people were creating the illusion that some different kind of consensus existed? what if that `agenda' were actually something inherently wicked like lawlessness or anarchy? what if a conspiracy created the impression that some project or progress was underway when it really wasn't? or that some person was loudly favored or condemned by the `group'? this could be especially problematic if any kind of intimidation were happening `behind the scenes' in email. who would ever know? unless the dissatisfaction reached the list, how would we find out? another problem is that, at the same time being strongly influenced by a lot of flames, people just delete them out of sheer distaste and they may not be around later for inspection. what really is our assurance that all these email addresses actually exist and represent *unique* people? there really is very little currently. I think newsgroups are far less vulnerable to this kind of spoofing, but unfortunately mailing lists are *extremely* vulnerable. (Keep in mind, there are a whole set of other benefits and detriments in *other* categories which I'm not talking about here.) In the former we have thousands of subscribers all checking on each other's honesty. If a suspicious address or opinion pops up, there is some probability someone will notice, and cases of spoofing would probably be noise drowned out in the representative opinion. Also, distribution is centralized, so that `message blocking' is not very feasible. In the latter case, i.e. mailing lists such as this one, there is a much closer knit community that is geographically isolated. Individuals on the list are far more susceptible to spoofing. People are more likely to see *every* message including the `spoofed' ones. There are far fewer people to `check up' and those that are there may not have the technical expertise. What's worse, the list is not `distributed' in a certain sense. If someone wants to get out the message that `something wrong is going on' it could be censored because of the centralization of the distribution. This wouldn't work with Usenet because the distribution of the messages (e.g. NNTP servers) is generally cleaved from the people with strong self-interests in the traffic (e.g. people who post to group [x]). This cyberspace stuff can be a *very* powerful influence on many. It is an electronic community, and peer pressure is *extremely* powerful. Many people do not have an extremely strong internal `moral compass' and could be influenced by this kind of corrupt magnetism associated with a `conspiracy of spoofing'. Note that reputations are crucial in not only persuading us to listen attentively to those we respect, but to `tune out' the lunatics and criminals. * * * Spoofing Regarding the what also gets my vote as `strangest posting of the year' by `S. Boxx', Philippe D. Nave, Jr. (based on my email, a loyal cypherpunk and fellow Denverite!) wrote: >[...] it seems that the point of the message is that there is a lot >of smoke coming from people who use aliases or anonymous remailer >services to post to the cypherpunks list. Does this posting contribute >to that problem, or have I missed something? [...] >What the hell ?!? I've either missed something significant (and would >appreciate enlightenment) or this is a candidate for 'strangest post >of the year'. If 'S. Boxx' really exists and is the author of this >posting, I apologize- if not, then come out from behind your damn >remailer and quit contributing to the problem. As for monitoring the >list for traitors, go ahead- I post under my own name, and I don't >give a shit what you do with the text. If I was concerned about lurkers >building 'traitor files', I'd encrypt my messages and happily watch you >choke on them. I think I speak for many here in saying that I weigh anonymous postings very little, but don't consider the capability a serious problem. They have very significant purposes in e.g. `whistleblowing' `within the system' that I've always been attracted to. On the other hand, I think there is an implicit assumption by virtually everyone here that addresses on public posts and private email that are not specifically anonymous represent *unique* people. That is, if some people were taking advantage of the loose, free, and open atmosphere here to influence opinion or perception of reputations by posting messages under different presumably `real' identities (defined as anything that is not obviously tagged as anonymous), I and probably everyone else would feel very `upset' in the least and `violated' at the most. It would seem like a very serious breach of community trust, and might even have the effect of derailing positive contributions to the `cypherpunk cause' (whether algorithmic or political, the two chief schools of thought). I recall discussions of this related to the Extropians list, which specifically bars this practice. * * * List suggestions The fact that this `uniqueness of real identities' has always been something of an implicit assumption here bothers me. I think anything this delicate and important should be made formal and explicit. We should not simply assume that `everone is honest and no one would be depraved enough to do this.' I think the following guidelines are very reasonable, and might be part of a list charter agreed to by new members: 1) list members are allowed *one* anonymous identity if any. They are required to associate some name with all anonymous posts via that identity. 2) *no one* is allowed multiple `real' identities and in fact any violation of this is considered an extremely serious breach of netiquette & honesty. 3) completely anonymous posts from `outside' the list are allowed; if no pseudoidentity is given they are assumed to come from `outside'. and if anyone has been posting under multiple `real' identies, I think they owe it to everyone here to `come clean'. I don't see why anyone would go to the trouble but if someone was just unstable or obsessive enough to equate reputation with posting traffic, s/he might go off the deep end. The practice amounts to `spoofing' and any patriotic cypherpunk with some integrity ought to recognize that immediately and condemn it, technical capabilities regardless. I would equate this practice with `lying to one's colleagues'. spoofing is probably the #1 crime against cypherpunk ideology. * * * Reputations As for reputations, what can we do about this? I think that there are a lot of solutions to be experimented with in software. One of the best is just to have archives that are searchable by ID. But archives are very disk-consuming. I have some various other ideas that wouldn't require much beyond the current database maintenance of email addresses. Suppose that along with everyone's name, the following statistics were presented: 1) how long they have been on the list in days, 0 if none at all 2) how many postings they have posted here 3) maybe a posting/age ratio -- some people seem to be very sensitive or tune out people with a high one. 4) another idea: tracking the number of responses a given poster has, average, per original post, measured by `re: [x]' subject tracking. now, look what we get with all these. They are all simple to implement. They all can tremendously help us weigh the various opinions that are out there. They can set up a positive feedback system whereby `good' posters potentially really are quantitatively identified. Regarding (4), one way to `punish' a poster for irrelevant postings is to simply not respond, and they will not get any `credit' in this statistic. The problem with this is that from my experience, sometimes my most authoritative and finely-crafted postings generate the least response. But note the point of all these things: they don't necessarily require any digital signatures to implement. Authentication of postings `allowed' to the group really seems like a separate problem to me. Another simple idea is to have a voting system in response to postings. People's `credit' associated with their postings could be listed in headers too. This of course is far more ambitious, and the generally complex problem of authentication rears its ugly head. In addition to all this, I would like to see protocols that guarantee honesty on the part of the list maintainer. When databases like this are maintained, a little unilateral tweaking here and there can be extremely deleterious to community integrity, honesty, and reputations. Date: Sun, 17 Oct 93 23:58:08 -0700 From: hughes at ah.com (Eric Hughes) To: cypherpunks at toad.com Subject: Re: on anonymity, identity, reputation, and spoofing [...] That which can never be enforced should not be prohibited. The claim that a person should have only one pseudonym per forum indicates profound misunderstanding. If someone wants to have multiple cryptographically protected pseudonyms, they will be able to; that is one of the main goals of cypherpunks software. The situations you despise will occur. This is reality. Change your own psychology or change your own software. You will not be able to change the other person. Eric From: tcmay at netcom.com (Timothy C. May) Subject: Uniqueness and "is-a-person" credentials To: cypherpunks at toad.com Date: Mon, 18 Oct 93 10:17:35 PDT [...] I don't like the idea of state-run registries of "legal persons." Better to live with the occasional vagaries of digital pseuodonyms than to ban them. (And multiple identies can have many uses, some good, some not. Welcome to the future.) Since it may touch on our "cypherpunks agenda," I plan to read up on some of these proposals for "is-a-person" credentialling and see how they might relate to schemes for centralized key registration or escrow. Any suggestion besides the "Crypto" proceedings? --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. Subject: Re: on anonymity, identity, reputation, and spoofing To: cypherpunks list Date: Mon, 18 Oct 93 3:44:35 PDT From: Eli Brandt > From: "L. Detweiler" > On the other hand, I think there is an implicit assumption by virtually > everyone here that addresses on public posts and private email that are > not specifically anonymous represent *unique* people. [...] > 1) list members are allowed *one* anonymous identity if any. They are > required to associate some name with all anonymous posts via that identity. > 2) *no one* is allowed multiple `real' identities and in fact any > violation of this is considered an extremely serious breach of netiquette & honesty. [...] > deep end. The practice amounts to `spoofing' and any patriotic > cypherpunk with some integrity ought to recognize that immediately and [...] > crime against cypherpunk ideology. [...] It's interesting to see the different mental models that people hold of the net. To me, this equation that one truename means one persona is not realistic or reasonable. People spawn personas (-ae?) for many reasons, including psychological exploration, sociological experiments, sexual thrills, or just for practice at maintaining personas. I know of several instances in which one person patted himself on the back circularly, or took half a dozen sides in a discussion -- and can surmise about others. This sort of thing may well happen routinely, particularly in the low-rent areas of Altnet, where participation is a kind of game. What's more, the privacy technology `we' espouse can only promote this. There is no way to maintain this one-to-one equation when working with pseudonyms, when the human "dongle on the keyboard" is no longer a viable identifier. I think the Usenet motto, "Live with it", applies. Eli ebrandt at jarthur.claremont.edu From: szabo at netcom.com (Nick Szabo) Subject: Re: on anonymity, identity, reputation, and spoofing To: jamie at netcom.com (Jamie Dinkelacker) Date: Mon, 18 Oct 93 3:29:08 PDT Cc: cypherpunks at toad.com [...] In my limited experience creating Internet pseudonyms, I've been quite distracted by the continual need to avoid leaving pointers to my True Name lying around -- excess mail to/from my True Name, shared files, common peculiarities (eg misspellings in written text), traceable logins, etc. The penet.fi site explicitly maintains a list of pointers to the original address. All kinds of security controls -- crypto, access, information, inference -- have to be continually on my mind when using pseudonymous accounts. The hazards are everywhere. With our current tools it's practically impossible to maintain an active pseudonym for a long period of time against a sufficiently determined opponent, and quite a hassle to maintain even a modicum of decent security. Pointers to info and/or tools to enable the establishment and maintenance of a net.nym, beyond the standard cypherpunks PGP/remailer fare with which I'm now familiar, greatly appreciated. Especially nice would be a list of commercial net providers that allow pseudonymous accounts. [...] I hope that we stick to experimenting with pure anonymity in many venues. I suggest we'll find out that purely anonymous posts are not so bad, overall. Some of the recent stuff has been weird or rude, but so have been a lot of True Name flames that have passed thru this list. We find True Name posts easier to deal with because it's what we're used to. Many are comforted by the thought that as a last resort, if a flame is just too evil, the poster can be tracked down and made to pay for his sins. The WELL was so threatened by the thought of anonymity that they required all pseudonyms to be traceable to the True Name, as an explicit policy right from the start of the system. Pure anonymity in all its manifestations is a strange, threatening, fascinating beast in our panoptic social-welfare world. Even those of us at the forefront of harnessing this monster shrink back in fear when it whinnies. [...] Pure anonymity provide voice for a wide variety of new kinds of expression that up until now have been suppressed. Some kinds are good (whistleblowing), some bad (slander). Most are good or bad depending on the situation (asking embarrassing newbie questions, expressing politically incorrect opinions, discussing illegal activities, etc.) I hope we continue experimenting with pure anonymity for a while longer, as well as experimenting with reputation-based pseudonymous systems. Some of what comes out might look very strange, something like tapping into previously concealed areas of our social psyche. I suspect the result will be a more honest dialog, a more productive conversation freed from posturing and, ironically, from the concealment of threatening truth. I hope we will observe the resulting new forms of good and evil with Zen patience and allow this quite interesting experiment to continue. Nick Szabo szabo at netcom.com To: cypherpunks at toad.com Subject: PSEUDOSPOOFING Date: Mon, 18 Oct 93 03:41:03 -0600 From: "L. Detweiler" I'm absolutely *horrified* and *nauseated* that eminent cypherpunk leader `ZZZ' has come out in total support of what I have been calling `spoofing' or using pseudo-real addresses to post to the list. (It isn't `really' spoofing in the exact sense because as I noted there has only been an *implicit assumption* by all of us here that opinions from unique addresses were themselves unique. so, lets call it) PSEUDOSPOOFING the activity of misleading people into thinking that an identity is unique when it really isn't! i.e. posting behind `real' addresses not specifically noted as anonymous! I consider pseudospoofing a *detestable* and *reprehensible* activity if it exists. Am I the only one who finds this absolutely *repulsive* and *abhorrent*? How long has this been going on? who has been doing it? am I the first to suspect it is happening? how many debates have been affected? how many people have been *harassed* or *intimidated* or *burned* to a *crisp* by pseudospoofers? is this going on in *private email* too? how many debates have been skewed? how many people here DON'T EXIST? Are the other founders T.C.May and J.Gilmore in favor of this too? how much have you guys been doing this? is this really part of the cypherpunk agenda? who here supports this, anyway? does this have anything to do with the bizarre conspiracy theories posts of `S.Boxx'?! is this why `everyone' is opposed to a newsgroup or other change in the `status quo'?! Is this why *I* get *flamed* so much? is this polluting other mailing lists?! E.H. >The claim that a person should have only one pseudonym per forum >indicates profound misunderstanding. If someone wants to have >multiple cryptographically protected pseudonyms, they will be able to; >that is one of the main goals of cypherpunks software. IMHO, this itself represents a `profound misunderstanding' under what actually constitutes an OPEN FORUM. If we are merely conducting some depraved experiment on the psychology of pseudonymity and pseudospoofing on unwilling participants, please say so! I for one never saw *that* announcement when I signed up! calling `pseudospoofing' `one of the `main goals' of cypherpunks software' sounds *criminal* to me. Or maybe I'm missing the point! I guess this is what anarchy really *is* all about! * * * speaking of OPEN FORUMS, `Jamie Dinkelacker' objects to my other proposals for reputation tracking statistics: >> >>1) how long they have been on the list in days, 0 if none at all >>2) how many postings they have posted here >>3) maybe a posting/age ratio -- some people seem to be very sensitive >>or tune out people with a high one. >>4) another idea: tracking the number of responses a given poster has, >>average, per original post, measured by `re: [x]' subject tracking. >> > >Each of these suggestions call for data that may contribute to identifying >individuals, tracking their behavior or providing information useful to >decypher some messages. This has a very NSA feel to it. A very ``NSA FEEL''?! all of these statistics could be generated by *anyone* who subscribes to the list! is this an OPEN FORUM or not?! How could *anyone* object to anything so innocuous? A *true* forum would be *representative*. For example, I already have the impression that no one here supports my suggestions whatsoever on list modifications & protocol from E.H.'s comments and jamie at netcom.com. Now, humor me, and take the hypothetical situation that these are the same person! how can this be a `forum' if an opinion is not *representative*? what if a single person just `ganged up' on someone they didn't like by overwhelming them with pseudospoofs? what if there was *truly* support for some project but a pseudospoofer ganged up on the proponents and clobbered them with flames? does this sound anything like what has happened on this list in the past? doesn't it throw every `conversation' on this list into spectacularly *grotesque* doubt? wouldn't that be a lot like intimidation at best and *extortion* at worst? would it look like a `clique'? what if this was happening *routinely*? what if people were being *influenced* by what they perceived was the *majority opinion* or the *views of their peers* that were really nothing but DECEPTION AND LIES? what if it was *thwarting progress*? I would consider this nothing but TREACHERY and HIGH TREASON. is all this really one of the `main goals' of the cypherpunk agenda? if so, SIGN ME OFF. Regardless of whether anyone believes in democracy (a `lot' of people here said they didn't a while ago, but now I have my doubts!) the idea of `one man one vote' is SACRED. it means in essence, one man shall not have UNFAIR INFLUENCE. anything less is just the `Golden Rule: He who Has the Most Gold Makes the Rules'. or, `you can be here as long as I always have more *power* than you do and you don't complain!' it is *anti egalitarian*. it is a recipe for anarchy, dischord and chaos. Or perhaps I'm MISSING THE POINT?! maybe that's what somebody *wants*. is *this* what the Cypherpunks really stand for? UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. Date: 18 Oct 93 14:18:10 EDT From: Sandy <72114.1712 at CompuServe.COM> To: Subject: DETWEILER ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Lance Detweiler finished his most recent rant thusly: . . . is *this* what the Cypherpunks really stand for? UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. Lance, stop frothing at the mouth and get a life. S a n d y (aka Tim May, Eric Hughes, Nick Szabo, Perry Metzger, Duncan Frissell, Mao Tse-tung, George Herbert Walker Bush and a cast of thousands) >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 18 Oct 1993 11:55:46 -0800 To: cypherpunks at toad.com From: lefty at apple.com (Lefty) Subject: Re: PSEUDOSPOOFING >what if people were being *influenced* by what >they perceived was the *majority opinion* or the *views of their peers* >that were really nothing but DECEPTION AND LIES? what if it was >*thwarting progress*? I would consider this nothing but TREACHERY and >HIGH TREASON. is all this really one of the `main goals' of the >cypherpunk agenda? if so, SIGN ME OFF. Works for me. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From: tcmay at netcom.com (Timothy C. May) Subject: Time for me to come clean... To: cypherpunks at toad.com Date: Mon, 18 Oct 93 12:46:40 PDT My experiment has gone far enough. One of you has claimed that the Net entity "tcmay" (Timothy C. May, putatively) is actually "jamie" (Jamie Dinkelacker, putatively). This person has at other times claimed that perhaps Eric Hughes and Jamie are the same person, and that the Net entity "tcmay" is the "lackey of Eric Hughes." It is all getting so confusing! Allow me to clarify. I entered this list under a variety of pseudonyms, with the intent of compiling information on all of you. I have been posting under the identities of Tim May (who has actually never existed....the man behind the mask on the cover of "Wired" was a hired actor, as were the stand-ins for the personnas of Eric Hughes and John Gilmore), Sandy Sandfort, Jamie Dinkelacker, and many others. I disavow any connection to the paranoid "S. Boxx," however. In fact, I think there are only five actual biological entities on the list. Makes for some good conspiracy theories for the paranoids. Finally, I also write under the nym de guerre of "Dorothy Denning." The real Dorothy Denning is too busy grading papers for her freshman crypto class to post, so I fill in. My real name should be apparent to you all. I knew if I used it, the other four of you would not take me seriously. But now the secret's out. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb From: cman at IO.COM (Douglas Barnes) Subject: Re: PSEUDOSPOOFING (lions and tigers and bears, oh my!) To: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 1993 11:21:22 -40962758 (CDT) L. Det writes: > I for one > never saw *that* announcement when I signed up! calling > `pseudospoofing' `one of the `main goals' of cypherpunks software' > sounds *criminal* to me. Or maybe I'm missing the point! I guess this > is what anarchy really *is* all about! It was one of the main reasons *I* signed up... we were working on a TV show about cyberspace, and Paco Nathan explained public key encryption, digital money, and nyms with reputations in his inimitably cheerful and energetic fashion for our cameras. The part he was most excited about (a part that still fascinates me no end) is the possibility of spawning new identities that can acquire reputations, property, prestige, ignominity, whatever, without the need to appeal to a government bureaucracy for validation. Furthermore, the whole notion that there is some kind of implied contract when you join a free mailing list completely absurd, second only to your notion that we are all pushing for the same political agenda (or should be) because we put our names in the same hat at toad.com. It just ain't so, and no amount of wishing will make it so. And, to cap it all off, I have had more external validation of the physical existence of the key members of *this* data space than any other international data space I participate in; in addition to numerous pictures, I've met a number of the folks, who have, in turn, met a number of the folks... cypherpunks is one of the meetingest mailing lists I've ever seen or heard of. Doug PS: the show never got edited, because Steve and I decided to set up io.com. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From: szabo at netcom.com (Nick Szabo) Subject: SILLY FLAMES: pseudospoofing To: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 93 5:25:22 PDT Cc: cypherpunks at toad.com L. Detweiler -- shocked, simply shocked, at the realization that multiple pseudonyms are possible on the net -- explodes: > ....how can this be a `forum' if an opinion > is not *representative*? Perhaps there are differences between a forum and a voting booth? > what if a single person just `ganged up' on > someone they didn't like by overwhelming them with pseudospoofs? what > if there was *truly* support for some project but a pseudospoofer > ganged up on the proponents and clobbered them with flames? Perhaps "support" is better measured by how many people are motivated enough to go to the effort to make multiple but individually unique, reputable posts in favor of a proposition, rather than by simple numerical polls that abstract away knowledge and motivation, or by how many True Names position themselves with I'm-on-your-side posts. On cypherpunks' better days, "support" is measured by what kind of code gets written, not by who flames whom how often under how many names. Of course we all know that writing code does not constitute *true* support, since only Democracy is The One True Way. > doesn't > it throw every `conversation' on this list into spectacularly > *grotesque* doubt? Welcome to the Internet, Detweiler. Perhaps you might get together some physical meetings in Colorado, talk to more cypherpunks on the phone, look at the pictures in Wired magazine (perhaps also faked?), etc. if you are so concerned about being ganged up on by unknown numbers of strangers. (Is it better to be ganged up on by known numbers of strangers? Why of course, that's called Democracy). > the idea > of `one man one vote' is SACRED. Hallelujah! Praise the Lord & pass the card punch! Let's vote ourselves bigger paychecks & unlimited medical care. Let's take a vote on which cypherpunks tools we will implement. Those who vote with the minority get to do the programming work, those in the majority get to tell the minority what to write. I nominate L. Detweiler President of the Cypherpunks. All in favor say "aye" and bow down to His Holiness of the Veiled Booth! > it is > *anti egaltarian*. it is a recipe for anarchy God forbid! Quick, Detweiler, get out your garlic, raise up your cross and abjure these crypto-anarchists before we spread any further! Next thing you know we'll get some elitist, anti-democratic development like untraceable digital cash. Some people will accumulate more digicash than others, and Detweiler won't even know who they are. Horrors! Quick Detweiler, write your electronic leveling tax protocols before its too late. Better yet, get the majority to vote on making us evil crypto-anarchists -- only a small cypherpunk minority once our pseudonyms are unmasked, of course -- make us write them for you. After all, egalitarian software is a basic human right! > UNFAIR INFLUENCE. ABUSE > OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. >... Isn't it just dreadful? Nick Szabo szabo at netcom.com Date: Mon, 18 Oct 93 08:02:16 CDT From: m5 at vail.tivoli.com (Mike McNally) To: "L. Detweiler" Cc: cypherpunks at toad.com Subject: PSEUDOSPOOFING "L. Detweiler" writes: > I'm absolutely *horrified* and *nauseated* ... If digicash were a reality, I'd send you some with the proviso that you only spend it on clues. Repeat this chant until you attain enlightenment: Pseudospoofing cannot be prevented Pseudospoofing is a reality of online existance No amount of fear and loathing will make it go away If it weren't for fundamentally new concepts like the ability to pseudospoof (that's a lousy term, by the way), the net would not be the quantum change in human communication and human thought it is. > p.s. if anyone doesn't hear from me for awhile, assume I've been > `liquidated' and this isn't really an `open forum' ... No, I'll assume the ELF-2 running your pseudomind blew a fuse. -- Mike McNally To: cypherpunks at toad.com Subject: pseudospoofed out Date: Wed, 20 Oct 93 01:13:18 -0600 From: "L. Detweiler" Cypherpunks, I use the internet for a lot of serious activities, and it deeply troubles me to think that I have been vicitimized by pseudospoofers in areas outside of merely the cypherpunks list such as in the numerous FAQs I edit (a very time consuming endeavor) or in my other favorite mailing lists. I feel like my blood has been drained by parasites that suck my prose and passions. Since there is absolutely no support for any `True Names' here whatsoever, I volunteer to drop the subject. And of course I am just another blip on this list, so my ideas for its improvement mean nothing, and I will not *ever* make a proposition again here regarding the subject. however, A PERSONAL REQUEST I humbly request that ANYONE SENDING ME PERSONAL MAIL have the decency to do so under their `True Name' or `obviously anonymously' under the same identity. Do not deceive me for perverted sport. Do not try to build up trust merely so that you can betray it. Do not manipulate me simply because you have the capability or because I am a basically trusting person. This sentiment is equivalent to something like `if a woman doesn't carry a gun then it's OK to rape her' and it is one of the most alarming aspects of what I have seen promoted here and in the general `hacker' community. `nothing is wrong if you can get away with it.' I believe that there is no such thing as a `consequentless action'. Please, do not drag *me* into the gutter because you like to wallow there. If anyone has deceived me in manipulating me with multiple pseudonyms in my personal email, please inform me *now*. I believe this is the absolute least that *anyone* could ask on the internet. Another point to make is that Usenet & current mailing lists are far from the future models. I fundamentally believe that `true name' systems are entirely socially desirable and can be erected without invading privacy. Anyone who claims that `true names' and `privacy' are fundamentally incompatible is simply mistaken. Does `absolute privacy' mean that no one *ever* knows who *anyone* is? It seems to me the ability to differentiate identities or reject their input based on `true names' is a basic right of the listener. You do not have a right to bludgeon me with identical opinions from an unrepresentative arsenal of imaginary identities. I suspect some of the people advocating `absolute privacy' are themselves currently using powerful tools to detect pseudospoofing others do not possess. Is that the cypherpunk Utopian ideal? A place where you can manipulate people without them knowing it? let others drown in mud while you trample atop their backs? Also, please do not deceive the press. T.C. May has recently satirically suggested that some of the Wired pictures are of hired actors. I don't find this funny. If the `cypherpunks' are really something other than that which they claim, it will eventually and inevitably come back to haunt the `movement,' whatever it is (algorithms or ideology? I no longer care). History and society is far more shrewd than that. If pseudospoofing is really the #1 cypherpunk agenda, please make that clear. `We want to fool everyone with brainwashing techniques so they are at the mercy of our whim.' One of my attractions to cyberspace was the promise of making online friends, and I have made many over many months. But the idea that some psychopaths are sending me email just to leech my strong emotions and play with my passions, like a cat does a captured mouse, perhaps even with the support of a large and complex software `arsenal' designed specifically to promote camouflage and manipulation, perhaps on a very widespread scale involving multiple lists, I find reprehensible and inherently evil. Please, choose another lab rat victim. My whole `cyberspatial reality' has been cast into doubt. Who's real? Who's fake? I used to really look forward to reading and responding to my mail, but now I approach it with dread, horror, and nausea. I don't even know if who I am talking to on the phone is who they say they are anymore, or if I really have any true cyberspatial friendships, because of all the pseudospoofing in my mailbox. There are some among you who say `welcome to the real world'. Are you people saying that man's natural state is confusion, desperation, and paranoia? I am not opposed to `pseudonymity' and multiple reputations of course. But the strong sentiments on this list that I should be kept *guessing* I find abhorrent. What is most disturbing is the possibility of a single entity attempting to stick someone's psyche in a vice by systematic and concerted assaults from multiple supposedly `unique' identities in private email. This is like dealing with a tentacled octopus-monster. What could be more depraved? This is nothing but vicious interrogation and brainwashing. I'm simply in favor of truth in advertising, and I think this list has been misrepresented as a `forum' when it's nothing but a hotbed of pseudospoofing, possibly even aided by automatic software tools. Someone tell me, how long have I been arguing with AI programs anyway? Trully, I never would have subscribed if I had realized the `practice' of pseudospoofing was epidemic. I mean, I suspected there were isolated cases, but now it appears a large part of traffic is manufactured flames and froth. Does anyone have any idea how much time has been wasted wading or even arguing with opinions that were nothing but mirages? I'm deeply disillusioned. But of course, who cares? Certainly not the leadership or the followers. I'm not sure that some of the `identities' I've been dealing with over the past few months really have any basic morality. I suspect there are some demagogues that tout `privacy' while really subtly and insideously promoting dishonesty, sociopathism, treachery, and barbarianism. An example: I am on another mailing list where I posted a long article as a `gift' to the subscribers. I got some favorable comments, except from the moderator who said that `people are shocked at what you did.' I asked him. What people? What did they say? He backed down. But imagine that someone slandered me with a worthless pseudonym? and, in fact, even if they mailed *me* would I be able to tell that they didn't care about the reputation of that pseudonym? It seems to me that there is a basic idea of reputation and postings. To a degree, if you haven't earned a reputation in some subject, you should be disqualified from pontificating on it, irrelevant of your arsenal of pseudonyms. Filters based on reputations may help make this a reality. (I would personally like to ban my mailbox of all opinionated pseudonyms who have not read more than 2 of my posts.) I remember `ZZZ' once announcing to the list that J. Markoff had unsubscribed. Who's really in favor of privacy? Is everybody here really interested in `privacy' as an `offensive weapon'? `Privacy' as a way of evading taxes? `privacy' as a way of manipulating or betraying the gullible and trusting for perverted pleasure? `privacy' as destroying social order and promoting anarchy? Really, nevermind. please, don't send me any more blistering flames. These are rhetorical questions. In fact, this is a rhetorical essay. Date: Wed, 20 Oct 93 08:30:42 CDT From: m5 at vail.tivoli.com (Mike McNally) To: cypherpunks at toad.com Subject: Re: pseudospoofed out "L. Detweiler" writes: > [ the funniest thing I've read on the net in years. ] Thank you, thank you, thank you *all* for making this possible. The hours of cleaning crud from my INBOX are *easily* worth this kind of entertainment. I am literally in tears, irritating my officemate with incessant laughter. Mr. Detweiler (if that really *is* your name), thank you especially. You write well, kinda, even if I utterly disagree with you. I think I'll print this out and paste it into my big unabridged next to "hyperbole". -- Mike McNally Date: Wed, 20 Oct 93 08:22:25 CDT From: m5 at vail.tivoli.com (Mike McNally) To: cypherpunks at toad.com Subject: pseudospoofed out "L. Detweiler" writes: > I feel like my blood has been drained by > parasites that suck my prose and passions. I hereby claim this as a .signature for at least one of my identities. -- Mike McNally -- ld231782 at longs.LANCE.ColoState.EDU From rjc at gnu.ai.mit.edu Sun Oct 24 16:28:47 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Sun, 24 Oct 93 16:28:47 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <9310241952.AA28774@anon.penet.fi> Message-ID: <9310242328.AA28745@kropotkin.gnu.ai.mit.edu> I think the major benefit of requiring signatures on the cypherpunks list is not the authentication it will give, but the new software which cypherpunks will be forced to develop to make adding signatures with mail readers automatic. After the user interface work has evolved enough to make signatures ubiquitous, we can then switch to some kind of trusted-key system and really authenticate list members if we want. I think the most important and needed software is yet to be developed: Offline mail readers which work from home over the serial port and which incorporate PGP abilities. I know there are lots of POP readers, but we need one which is in ANSI C, portable, and easily extendable to serve as a base for incorporation of crypto. Preferably, it should use curses, or an abstracted window model so it can be easily ported to Mac, Windows, AmigaDOS, X-Windows with little change. -Ray -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From msattler at netcom.com Sun Oct 24 17:03:24 1993 From: msattler at netcom.com (Michael Sattler) Date: Sun, 24 Oct 93 17:03:24 PDT Subject: Subliminal Channels Message-ID: <9310242358.AA18280@netcom.netcom.com> I can barely believe *I* am saying this, given my penchant for nibbling on topics only somewhat near crypt, but IMHO it's time for y'all to take this elsewhere. Since it seems to have degenerated into a "is not, is too" exchange between chrome at jhunix.hcf.jhu.edu and rjc at gnu.ai.mit.edu, I suggest you two continue via email. And *no* using subliminal ascii.... ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 621-2903 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From jamie at netcom.com Sun Oct 24 18:08:45 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Sun, 24 Oct 93 18:08:45 PDT Subject: Content vanquishes PSEUDOSPOOFING Message-ID: <9310250105.AA24314@netcom.netcom.com> Members of the True Cause and Final Movement: Someplace in all this 'pseudospoofing' bandwidth, maybe once in a while, it's worth looking at the _content_ of a message. Some mail I read, some I don't; but when I do, I attend to the content. If it's interesting, or new, or informative, or funny, or sometimes pathetic, I pay attention. I don't care who/what wrote it. I'll make my own decisions whether it's news or entertainment, science or fiction. To quote Whitehead, "Ideas have consequences." (So does behavior.) -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From bill at twwells.com Sun Oct 24 18:13:11 1993 From: bill at twwells.com (T. William Wells) Date: Sun, 24 Oct 93 18:13:11 PDT Subject: the principle of least astonishment In-Reply-To: <9310242219.AA08866@toad.com> Message-ID: In article <9310242219.AA08866 at toad.com>, Eli Brandt wrote: : > From: bill at twwells.com (T. William Wells) : > For my service, given what it is for, the presumption should be : > anonymity. For the personals groups, perhaps the presumption : > should be the other way around. There is, almost certainly, no : > one right answer. : : What are your thoughts on solutions which do not do either of these : alternatives? For example, several people have discussed systems : involving two sets of addresses. These avoid both problems : (unexpectedly failing to anonymize / unexpectedly anonymizing a : message with a sig), at the cost of some complexity. I haven't really given this much thought because it hasn't been relevant to my server. There are a number of problems that I think fall into the same category of inadvertent disclosure. All of them are "operator error" in a sense. All of the anonymous e-mail services are hacks added onto the existing e-mail services and require significant attention to detail if one is to not inadvertently give away one's real identity. It's as if you had to type in the RFC822 headers yourself for each message; even though they're quite simple, you're going to mess up reasonably frequently. And just once is sufficient to destroy one's anonymity. The multiple address thing doesn't address this at all so I don't think it will help. Alas, I really don't have the spare time to work up my thoughts on where the e-mail system ought to go. All I can really say for sure is that the whole thing should be rethought from the ground up. : > Either the perpetrators are so intellectually lacking that they : > do not see what they are doing or they are so intellectually : > dishonest that they do. In either case, I am utterly disgusted. : : Aren't you detweiling a bit here? I don't think so. Detweiler and those like him simply react; they do not examine where they are coming from nor are they willing to do so. Their fault is not that they reach strong moral conclusions nor that they express them but that they so lack respect for others that they will not examine the positions of others nor attempt to determine where the line of "it isn't my business to tell them what to do" should be drawn. (BTW, cypherpunks wins big when it loses Detweilers; just look at Objectivism's reputation for why.) : I don't think the situation really : warrants "utter disgust"... Technical problems can often be solved by "try it and see" but systemic people problems rarely can or should be. A wrong solution is often just too costly; ask the folks in the ex-USSR what they think of that "try it and see". People problems require careful thought if the results of one's actions are not to lead to misery and death. When people resort to rather obviously flawed modes of reasoning, disgust is quite appropriate, except when stronger responses are warrented. From plaz at netcom.com Sun Oct 24 18:33:11 1993 From: plaz at netcom.com (Geoff Dale) Date: Sun, 24 Oct 93 18:33:11 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310250133.AA26931@netcom.netcom.com> -----BEGIN UNSIGNED MESSAGE----- >I don't think restricting participation to signed messages >is a good idea until we have some way of verifying a >signature automatically before allowing it to be posted. Actually, Eric wasn't suggesting restricting participation, just putting a delay on it. But you're right. This proposed policy is pointless. I would probably end up copying and pasting a bogus signature (not bogus for somebody else's message, but bogus for mine) into my message to avoid the delay. The policy, as it stands is rediculously easy to circumvent. I suspect that this would be even less effective than the national 55 mph speed limit. >How do we prevent people from registering a key in >someone else's name??? It's beyond me. You can't. There is simply no way to kill pseudo-spoofing without coming down on the whole internet with a massively intrusive security system. It certainly isn't worth it to me, to hand the net over to big brother to avoid people posting under various aliases. You'd almost certainly end up losing anonymous posting as well. PS - Eric you can take this as a vote "NO". -----END UNSIGNED MESSAGE----- _______________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- plaz at netcom.com "We are the shock troops of reality." - Voice of the Friends (Wild Palms) From pmetzger at lehman.com Sun Oct 24 18:58:39 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 24 Oct 93 18:58:39 PDT Subject: Net Regulation In-Reply-To: Message-ID: <9310250152.AA09786@snark.lehman.com> T. William Wells says: > : It > : is enormously difficult to control workers who can live anywhere on earth > : and work anywhere else. > > Really? I'll tell you what: I'll give you 100% control over all > communications starting tomorrow and I'll take 100% control over > all food and water at the same time. I win. You *die*. How will you take control? If Napoleon and Hitler couldn't manage it, I doubt any of the mediocre dictators we have around these days could. You can't forget that that the state can't violate the laws of physics or economics. They can't extract more resources out of a country than that country has, and they can't be everywhere at once. Admittedly, if someone could put a *loyal* armed soldier over everyone's shoulder on earth they could control everyone. How, though, could they manage to do this? > Simplistic and impossible, true, but the point remains. There is > always a physical reality and no matter who "insignificant" it > is, it can still kill you. I think you are the one who is ignoring this. The state is just as subject to the problems of physical reality as anyone else. Perry From trebor at foretune.co.jp Sun Oct 24 19:03:12 1993 From: trebor at foretune.co.jp (Robert J Woodhead) Date: Sun, 24 Oct 93 19:03:12 PDT Subject: Totally Anonymous Remailing Message-ID: <9310250201.AA21182@dink.foretune.co.jp> Just toying around with some ideas, and came up with this: Totally Anonymous Remailing (V1.0) An "TAR" goes active on the net at site anon.com. It publishes a Public Key. 1) Creating an anonymous ID. A User sends message to create-id at anon.com, encrypted with the TAR's Public key. The message contains four elements: A Public Key generated by the User. A Proposed Pseudonym (ie: "Artful-Dodger") The Proposed Pseudonym encrypted by the User's Private Key. At this point, the TAR can verify that the new user isn't spoofing by giving someone else's public key. It does not reply to the email message, nor does it store the source (which in any case could be another anonymous remailer). If the new Pseudo isn't in use, it gets allocated. If it is, it does not. 2) Sending mail to an anonymous ID Works the same as sending mail to anyone else. However, on receipt it is immediately encrypted with the recipients Public key and placed in a Mail queue. It is _not_ automatically forwarded. 3) Using an anonymous ID. The User sends a message to use-id at anon.com, encrypted with the TAR's Public key. The message contains the following: The User's Pseudonym (ie: "Artful-Dodger at anon.com") Command Command Specific Parameters The Command and Parameters are encrypted with the User's private Key. This has several nice features that will become apparent later. If the command contains errors, or does not decrypt properly, the anon mailer places an error message into the Pseudonym's mail queue, but does not otherwise reply. Commands would be typical: MAIL { CC } { BCC } { SUBJECT } Sends using psuedonym. ought to be encrypted. POST SUBJECT Posts using psuedonym. You could verify your pseudo was accepted by posting to a worldwide test group. SEND Sends accumulated mail, in a batch, to the email address specified. So you can log on to any account, even a guest, and get your mail. and so on. Might be nice to make it a shell on top of something like MH, and allow you to manage your mailbox remotely and anonymously. BTW, none of this double-blind crap. If someone wants to reply anonymously, they ought to create their own pseudo. Anon-net: Note that use-id@ has a nice property. Assume there is another anon server, noname.com, which gets a message, encrypted with it's public key, that is a command for Artful-Dodger at anon.com. It can simply re-encrypt the message with anon.com's public key and pass it on, never having seen the command because it is encrypted - and only anon.com knows Artful-Dodger's public key, because Artful only sent it to anon once, encrypted with anon's key. The extension - several anon sites passing mail back and forth regularly (all encrypted batches containing several real and fake messages) - is obvious and makes traffic analysis more difficult (especially as the number of sites goes up). There could also be a facility for one-shot "bounces," the ability to use the anon site to bounce an email to a restricted number of addresses (typically, other anon sites). So you could email to noname (using noname's key) and have the message bounced to anon. So you could have an account on anon and yet never directly send email to anon -- it would never at any time have any clue as to your identity. Of course, you'd have to trust the software. And some work needs to be done to ensure the net stays viable even if some of the sites have been subverted. This is only a first draft, probably many mistakes. Comments? From sameer at infinity.hip.berkeley.edu Sun Oct 24 19:13:12 1993 From: sameer at infinity.hip.berkeley.edu (Sameer) Date: Sun, 24 Oct 93 19:13:12 PDT Subject: Off-shore banking and Steve Roberts' flotilla Message-ID: <199310250205.AA06191@infinity.hip.berkeley.edu> I could have the name wrong here. If so, my utmost apologies. Are people here familiar with Steve Roberts, the guy who had a bike called "BEHEMOTH" which he rode around the country, while connected to the networks? He's temporarily settled down now, and planning his next project, a technomadic flotilla which would be a bunch of technomadic folk who would like to live outside the boundaries of any national jurisdiction, touring the world, and earning a living while doing it. One potential income for these people I think, would be an off-shore internet bank implementing digital cash. It might be a good idea for some cypherpunks (Sandy? You said you found an investor, right?) to get in touch with the flotilla-folk and see if something could be arranged. (I'm sorry, I don't have any email addresses on hand.) From frissell at panix.com Sun Oct 24 19:18:39 1993 From: frissell at panix.com (Duncan Frissell) Date: Sun, 24 Oct 93 19:18:39 PDT Subject: Net Regulation Message-ID: <199310250215.AA03602@panix.com> B >From: bill at twwells.com (T. William Wells) B >I mostly agree B >with your statements and wish you wouldn't weaken them with B >worthless supporting claims. I'm glad. B >The permanent tourists, of course. The state is, when all is B >boiled down, an instrument of force and it functions most B >"effectively" when it limits itself to that. I guarantee you that B >if the US wanted to crack down on this stuff that it would be B >gone. This year, a third of the prison population is from B >drug-related "crimes"; if they got a bee in their bonnets, you B >and I and a whole lot of other people could take their places. B >(Not, mind you, that I think this'll happen. But it *could*.) Permanent Tourists are outside US jurisdiction. You could grab a very few but only a few. You couldn't affect the non-US persons earning their dough on the nets at all. That's the point of the nets that "foreigners" can be Americans and Americans can be "foreigners" without any loss of income. Once developed, the ability to work from anywhere to anywhere is powerful. It makes one much harder to control. Consider, small cash-intensive businesses located *in* the US report less than half of their income to the government (according to IRS studies). That is among people completely subject to US jurisdiction. B >Yes, that could be prevented, but it won't be prevented by what B >the cypherpunks are doing. Sooner or later, the bodies would have B >to meet the bullets. That's the way of the world, alas. Actually, such problems are rare in the OECD countries. Most enforcement here is indirect. People obey because of fear not direct application of force. Reduce the fear and you reduce the obedience. The threat we represent is a bit to abstract to sell the government on an all-out campaign against us that would be difficult and expensive. I don't think the Feds would "go to the mattresses" to fight us. Duncan Frissell If the KGB and the Stasi couldn't prevail against the winds of institutional "rightsizing", what chance does one aging dyke have? --- WinQwk 2.0b#1165 From 72114.1712 at CompuServe.COM Sun Oct 24 19:28:39 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Sun, 24 Oct 93 19:28:39 PDT Subject: A MODEST PROPOSAL Message-ID: <931025021235_72114.1712_FHF61-1@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, I'm tired of playing with L. Detweiler's head on the Cypherpunks list. Let's up the ante. I think we (in northern California, at least) should play with his head in person! I hereby pledge $20, and ask for sufficient matching pledges, to buy Lance, Larry or whatever his REAL name is, a ticket, etc. to come to our next meeting. The offer, though, comes with certain . . . conditions. To take advantage of this offer, Detweiler must agree first post a list of Bay Area Cypherpunks he thinks are fictitious. If we can't produce those people with "official" IDs, we pay him $100 over his round trip air fare, we put him up in a nice hotel and we get him laid. If everyone is "real" we don't pay him squat, and we get to "pants" him on the lawn in front of Cygnus. To quote one of my many avatars, "Works for me." Right, Tim? >"Right, Sandy!" Right, Nick? >"Right you are, Sandy!" Right, Perry! >"You're right as rain, Sandy!" Okay, Alvin? . . . Okay, Alvin? . . . ALVIN!!!!! >"O-kaaaaaay!" S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From ld231782 at longs.lance.colostate.edu Sun Oct 24 21:58:48 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Sun, 24 Oct 93 21:58:48 PDT Subject: on the term `signature' Message-ID: <9310250455.AA06984@longs.lance.colostate.edu> Consider the term `signature' in the conventional connotation of a handwritten scrawl. What are the *critical* properties of a handwritten signature of a person [x]? 1) no person [y] can `forge' the signature of [x] 2) the signature of [x] is unique to [x] Look closely at (2). What value would `signatures' have in our society if they could not be traced to unique individuals? Virtually everyone here will probably say `no problem' but this aspect is a very critical aspect of the legal basis for signatures as a certificate of identity. If a person cannot be traced based on their digital signatures, where is the accountability? What if a person signs a document with a `digital signature' and *breaks* that contract? you have no recourse unless the identity is ultimately identifiable and you can take `that body' to court. This `two way street' is the crucial ingredient for the legal value of handwritten signatures. A person can indicate they consent to an agreement or certify something as genuine originating from themselves (one way). But on the other hand, if the agreement is broken or there is some question of authenticity *independent* of the signature (i.e., suppose someone has broken the signature security) there is recourse in retracing the path back to the original signer (the other way). Many here are championing that the loss of (2) with `digital signatures' and completely untracable identities is `liberating'. But there is a price to pay, perhaps very great. It is simply an unworkable system anywhere serious accountability is required (such as related to a job, etc.) Sure, if all people want to do is get into twisted debate contests, the absence of (2) certainly encourages it (speaking from experience). Because digital signatures alone are not really strictly analogous to written signatures because of the lack of property (2) above, perhaps a better term would be `identification tag'. Adding the guarantee that a given signature can be traced back to a human entity, with the use of a database or otherwise, makes them truly `digital signatures'. please cc: me in any replies. From hfinney at shell.portal.com Sun Oct 24 22:28:40 1993 From: hfinney at shell.portal.com (Hal Finney) Date: Sun, 24 Oct 93 22:28:40 PDT Subject: A favor re Detweiler Message-ID: <9310250526.AA08546@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- I'd like to expend some "reputation capital" here and ask people for a favor. I am worried about Larry Detweiler's obvious mental anguish. We tend to forget that we are dealing with real people on the net, flesh and blood human beings. Larry is obviously going through genuine difficulties here. As a member of our virtual community, I ask that we show him some compassion and consideration. Larry believes that people have been communicating with him in private mail under multiple identities in order to confuse and mislead him. Specifically, he has suggested that Jamie Dinkelacker is a pseudonym employed by Tim May. I gather that he has received email from both names. He also suggests that others have employed these practices. Since I do not live in the Bay area, I have never met Jamie Dinkelacker, although I had the opportunity to meet Tim once when he visited southern California. So I am not in a position personally to assure Larry that Jamie is a real person separate from Tim. But I know many list members are in northern California and I assume several of you have met both Jamie and Tim. I ask those of you who can vouch for Jamie's separate identity to send me private email saying so, which I will forward to Larry. If enough people can do this, perhaps a PGP-style "web of trust" can be established which will reduce Larry's concerns about this particular case at least. (I have considered the possibility that Jamie actually is a pseudonym employed by Tim. This is certainly not inherently impossible, given the structure of the net. As I told Larry, I myself have occasionally posted under apparently-legitimate pseudonyms in other times and places, although never on this list. I certainly don't attach the moral significance to the practice that Larry does. Nevertheless, in this particular case, the situation is so obviously causing mental suffering that I assume that if Larry's charges were true that Tim would have confessed in order to spare Larry this pain.) I know that it's easy to just write people off on the net, the various marginal or fanatical personalities whom one runs into now and then. That is why I am asking this as a personal favor. If you have read and appreciated my essays on digital cash, or on the various legal issues involving crypto exports; if you have used the remailer code I worked on, or PGP for that matter on which I spent hundreds of hours of personal time, then I ask that you help me out with this request. Do it as a favor to me regardless of your feelings for Larry, and I will just hope that my efforts will bring him some peace of mind. Thank you. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMr+6KgTA69YIUw3AQHCawQApGA27Q+lmrzsN9qpG3Af9DfJLfdHTlWG Ic6FQKNqjfliLHR/z/iVSDTGKIiRRuZm4ZBqARQAvp4jaOBymcWcd5y1/jCPDQto PZjlq6ksvvdpgsQsV2DiwAlRxS9wdo7E+gvmDWJ8tXBApRloATWv4ZQ9AFUwF1Nx jp56uZsaTxs= =91Uh -----END PGP SIGNATURE----- From mench at cs.unr.edu Sun Oct 24 22:33:12 1993 From: mench at cs.unr.edu (Peter J Menchetti) Date: Sun, 24 Oct 93 22:33:12 PDT Subject: Chris Odhner? Message-ID: <9310250532.AA19665@pyramid> please send me mail, chris, this is Pete, the guy who made all those goddamn big brother insdie stickers for you. pete From tcmay at netcom.com Sun Oct 24 22:48:41 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 24 Oct 93 22:48:41 PDT Subject: ADMIN: Shall we sign? In-Reply-To: <9310232303.AA26424@flammulated.owlnet.rice.edu> Message-ID: <9310250546.AA02480@netcom5.netcom.com> -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From rjc at gnu.ai.mit.edu Sun Oct 24 22:53:12 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Sun, 24 Oct 93 22:53:12 PDT Subject: on the term `signature' In-Reply-To: <9310250455.AA06984@longs.lance.colostate.edu> Message-ID: <9310250549.AA17848@churchy.gnu.ai.mit.edu> L. Detweiler () writes: > > Consider the term `signature' in the conventional connotation of a > handwritten scrawl. What are the *critical* properties of a handwritten > signature of a person [x]? > > 1) no person [y] can `forge' the signature of [x] > 2) the signature of [x] is unique to [x] Well (2) is untrue since I know people who can forge signatures with great precision (even my own). Since we're going for an ideal Brave New Cyberspace where forging ids is impossible, I've got some suggestions. These should make you very happy: 1) Phase out handwritten signatures in society and switch to finger prints, retinal scan, and DNA codes. Whenever you sign anything, the store/business/ govt office will require a blood test (for DNA), retina scan, and finger print. With today's technologies, these can be made painless and quick. 2) Require everyone to have a global positioning tracker installed under the skin so they are "accountable" at all times. This worked great in demolition man. 3) Mandatory caller-id, video-id for everyone. No one should be able to make calls without the other person knowing who you really are. Payphones should have finger print/retinal scanners for verification. 4) all new computers should come equipped with finger print recognizing keyboards. No more spoofed messages posted on people who leave their terminals accidently logged in (in the computer lab) 5) get rid of cash! we can't have unaccountable transactions taking place in the economy. Banish the free market. Nationalize all businesses under NSA control. > If a person cannot be traced based on their digital signatures, where > is the accountability? What if a person signs a document with a > `digital signature' and *breaks* that contract? you have no recourse > unless the identity is ultimately identifiable and you can take `that > body' to court. Get a clue for god's sake. Digital signatures won't exist in a vacuum. No one is going to accept the validity of a signature unless it is signed by some trusted/certified authority and that authority would be liable for the person's true name or actions. This is exactly how Apple's new DSA system works. I'm starting to think someone is pseudospoofing you because your posts have become so idiotic it reads like a satire. Are you really the same person who wrote the anonymity faq? -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From bill at twwells.com Sun Oct 24 23:03:12 1993 From: bill at twwells.com (T. William Wells) Date: Sun, 24 Oct 93 23:03:12 PDT Subject: Net Regulation In-Reply-To: <9310250152.AA09786@snark.lehman.com> Message-ID: In article <9310250152.AA09786 at snark.lehman.com>, Perry E. Metzger wrote: : [irrelevancy] I watched you arguing with Detweiler and thought that you were an idiot. However, I figured that Detweiler was sufficient provocation to bring out the idiot in just about anyone so I ignored that. But here you have proven that you really don't understand. This I don't intend to ignore. Welcome to my killfile. When you figure out why, you may be worthy of being removed from it. From tcmay at netcom.com Sun Oct 24 23:08:41 1993 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 24 Oct 93 23:08:41 PDT Subject: ADMIN: Shall we sign? Message-ID: <9310250606.AA04356@netcom5.netcom.com> ********************************************************************* *******THIS MESSAGE HAS BEEN SIGNED BY "TIM'S REALLY NEAT SYSTEM"**** ********************************************************************* I see some problems, for me at least: 1. I run MacPGP home machine, and using it is a boring and time-consuming prcess. Many of you know about this. (Ironically, it's more secure for me to run it on my home machine, instead of on Netcom, but it means a lot more work.) 2. I also have plain old PGP running on one of my DOS laptops, and I sometimes use RSADSI's "MailSafe" on this, even to sign. (But not often, that's for sure.) 3. For quick responses, where response time is more important anyway, I cannot see jumping through all these hoops. Ironic, isn't i? 4. If the signatures are not to be verified, or even to be looked at very closely, then the situation presented at the beginning of this message will flourish: phony sigs to beat the delay. 5. Eric alluded to such proliferation being a Good Thing. I think not, as it will trivialize real sigs and will in some sense turn digital sigs into a kind of running joke on the list. Not a good thing, in my view. 6. The sitiuation with L. Dettweiler and S. Boxx, tragicomic as it was, would not have been materially affected. Both would have "signed" their messages in some way and what would then have been accomplished? (In some sense, both _were_ signed: Dettweiler by the origin of his message and the hard-to-spoof "an12070" (or whatever) that S. Boxx used.) While I'm not sure if the LD/S.Boxx situation, and the general claims of "pseudospoofing" are motivating Eric's idea, I certainly don't see a system of "weak" digital sigs (weak meaning no real checking) doing anything. 7. Finally, I have yet to see any serious evidence that this so-called pseudospoofing is going on, that is, that people are pretending to be others. I know Dettweiler _thinks_ that I am using the nyms of Jamie Dinkleacker, Nick Szabo, and others, but this is arrant nonsense. (And to repeat the obvious, as noted above, if I _were_ using other identities in this way, digitally signing the messages would be trivial and would in fact create a false sense of security, as others have also noted.). I've never seen anyone else claim to be me, at least not seriously, nor have I ever suspected such pseudospoofing is actually going on. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From bill at twwells.com Sun Oct 24 23:08:46 1993 From: bill at twwells.com (T. William Wells) Date: Sun, 24 Oct 93 23:08:46 PDT Subject: Net Regulation In-Reply-To: <199310250215.AA03602@panix.com> Message-ID: In article <199310250215.AA03602 at panix.com>, Duncan Frissell wrote: : Permanent Tourists are outside US jurisdiction. I think that's where we're disagreeing. Let me illustrate by taking myself as an example. I'm reasonably well connected networkwise and knowledgeable. I could decide to become one of these Permanent Tourists. But where would I go? What will be my concerns? Obviously, money will be one of them. But so also will be climate, people, activities I might not be willing to do without, and on and on. Furthermore, other governments are, almost without exception, more repressive than the one I have. The bottom line is that I would probably not physically move if I were to take my economic activities out of the awareness of the US government. And even if I were to, odds are I would be less safe than I am now. So I think that most Permanent Tourists would likely stay right where they are, more or less. Certainly they'd stay in the developed world, where most governments are willing to cooperate to some extent in the attempt to collect revenues. It is a sad fact that governments collectively possess the means to physically regulate all of the desirable real-estate and most are more willing than ours to use physical force to pursue their ends. So Permanent Tourist or not, one can't really escape them. Sooner or later, of course, this won't matter but, as I've said, at least for the short term, it _does_. : B >Yes, that could be prevented, but it won't be prevented by what : B >the cypherpunks are doing. Sooner or later, the bodies would have : B >to meet the bullets. That's the way of the world, alas. : : Actually, such problems are rare in the OECD countries. Most enforcement : here is indirect. People obey because of fear not direct application of : force. Reduce the fear and you reduce the obedience. Actually, I don't think that's true in the relatively civilized countries. My understanding is that most people obey out of a recognition of the legitimacy of government. But that's another topic and not really germane to this list.... : The threat we : represent is a bit to abstract to sell the government on an all-out : campaign against us that would be difficult and expensive. I don't think : the Feds would "go to the mattresses" to fight us. Not this year or even the next. But what happens when the printing-press equivalents cease to stave off bankruptcy? Movement of a sufficient fraction of economic activities outside their ability to tax would certainly change the equation and give them lots of incentive to start that all-out campaign.... : If the KGB and the Stasi couldn't prevail against the winds of : institutional "rightsizing", what chance does one aging dyke have? Lots. Because people never do seem to learn the lessons of history, sigh. Not, mind you, that I think they'd "win" for long. They, too, prefer to ignore history. But while they're attempting to prevent the working of the laws of nature, a lot of people will suffer. *More* will suffer if we don't pay attention to this reality. From greg at ideath.goldenbear.com Sun Oct 24 23:23:12 1993 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Sun, 24 Oct 93 23:23:12 PDT Subject: Apple, AOCE, and key pair security Message-ID: -----BEGIN PGP SIGNED MESSAGE----- A few months ago, I posted an excerpt from a MacWeek article re AOCE (Apple Open Collaboration Environment), a collection of services to be integrated into the Mac OS to facilitate groupware apps. The MacWeek article said that users would receive their public keys (to be used for digital signatures on documents) from RSADSI, instead of generating them themselves. Scott Collins wrote to disagree, saying that the AOCE software he'd seen didn't work that way. I E-mailed the author of the original article, who stood by what he wrote, saying that "very good sources" said that the keys would be provided to users by outside, allegedly trustworthy, sources. According to the 11/93 Macworld, users will not, in most cases, generate their own key pairs: "When you receive a signed digital document, how do you know that the signature is legitimate and that it isn't from a pretender? In many ways, your digital signature is similar to a credit card; it is issued by a known authority, it has an expiration date, and you can verify its validity. To get your own digital signature from RSA, you take a form to a notary public, who verifies your identity, notarizes the information on the form, and then mails the form to RSA. Based on the notary public's authority to say you are who you claim to be, you eventually receive a disk in the mail with your personal electronic signature. Your electronic signature has a two-year expiration date, and includes some verification information. If someone wants to make sure your signature is valid, he or she contacts the issuing authority listed in the certificate. There will be issuing authorities other than RSA. For example, Apple Computer's security department plans to issue signatures to all Apple employees with employee badges." "AOCE, Apple's plan for groupware", Macworld, 11/93, p. 167. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMtl4X3YhjZY3fMNAQHyFwQAgz42oEoWb3okT1pZt/buyIhpPls8hMFT WzvhVYSxQnaYzRz5jHRl0YdLUivW71dgHWTKffasZhMAd05Bn3t6m3LTz8zPc4sx LfgN4yvFTl/foepVegzMZPPoDnhb5Sp46cAC0O3+fgaCrmasZaoHIWNBRKsz0wnv hh07sCIsswM= =6i+9 -----END PGP SIGNATURE----- -- Greg Broiles greg at goldenbear.com Baked, not fried. From nobody at shell.portal.com Sun Oct 24 23:38:40 1993 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Sun, 24 Oct 93 23:38:40 PDT Subject: S.Box and LD SAME??? Message-ID: <9310250638.AA13946@jobe.shell.portal.com> Subject says it all... I think these 2 are the same person... bloody idiots sam hill ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From panzer at drown.slip.andrew.cmu.edu Sun Oct 24 23:38:46 1993 From: panzer at drown.slip.andrew.cmu.edu (Panzer Boy) Date: Sun, 24 Oct 93 23:38:46 PDT Subject: Signing Messages & Other Ramblings Message-ID: -----BEGIN PGP SIGNED MESSAGE----- First, I would like to make sure that Eric Hughes knows that by his simple little push he has gotten someone (me) to install some code for Emacs to auto-sign messages. This, with external editing capabilities of Pine, allow me to sign all my outgoing mail extremely easily. If anyone would like help on this, just send me mail, and I can explain how to do it. L Detweilers obvious disliking towards people not being who they say they are. This is an obvious problem with the net. The net is based on a model of people trusting everyone else. Nothing that is posted or or sent out from net machines has verification on it. Currently this implies that the users need to do their own verification. Creating software that automatically handles signatures in and out, handles the fact that every machine but your own is not to be trusted. Assuming that people are going to be truthful and nice to you all the time is a nice fantasy, yet it rarely happens. It does happen more often on the Net than it does is "Real-Life" though. I have spoofed mail before, mostly as a joke among friends. All of my "targets" were told sooner or later about the joke. Because this information is not new to me, I don't expect all mail to me to be originating from the person it says it's from. You must judge incoming mail, and posts, on their content. If you have questions about the content than demand some sort of proof of who they say they are. People have said they feel "RAPED" when they discover they are talking to people who aren't who they say they are. "Raped" is a harsh word, but chosen obviously for it's violent connotations, even if these connotations are a bit wrong. Being the target of "spoofed" mail is like being conned, obviously no one likes be show that s/he is ignorant. It hurts, but at the same time, you shouldn't expect everyone to play by the "honor-system". When I read mail from people I usually assume it is from the person in the "From:" line. But if the mail is something absurd, or controversial, then I don't automatically assume this. If for example there was a post from Hal Finney about the great new digi-cash system that he had implemented and that it had financial banking from a rich middle eastern country. I would probably check the signature, and then even after that I would probably still wait and see if it was a "black-net" post. Well, this post has gotten to the length were many people will probably not read it, so I will stop here, and continue with some other comments about the new anon-remailer tomorrow. -Matt | Use the normal means to extract my (panzer at drown.slip.andrew.cmu.edu) | public key for proof of this message "That which can never be enforced should not be prohibited." -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMs3K+aKxB8nktcBAQHabQP/d7yhWgpGZBIoIqII8cY9nG55HYHgvtox PkXyfYKnOlzsIjp2toust1Q5A3/n54PBKrUDN9tHVzui6XaCZmKH68fOWYYySKAz 6hanC0R3seYNhUYhoJViCcCG3Ch466q9EKUuDulTU6OLsilzmRvQJn0EJhzd4pht sRjLQr4iVVM= =9wqs -----END PGP SIGNATURE----- From ebrandt at jarthur.Claremont.EDU Sun Oct 24 23:48:41 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Sun, 24 Oct 93 23:48:41 PDT Subject: ADMIN: Shall we sign? In-Reply-To: <9310250606.AA04356@netcom5.netcom.com> Message-ID: <9310250646.AA14091@toad.com> > While I'm not sure if the LD/S.Boxx situation, and the general claims > of "pseudospoofing" are motivating Eric's idea, I certainly don't see > a system of "weak" digital sigs (weak meaning no real checking) doing > anything. > > 7. Finally, I have yet to see any serious evidence that this so-called > pseudospoofing is going on, that is, that people are pretending to be > others. Several people have inferred or assumed that Eric's suggestion was in response to this "pseudospoofing" circus. As I read his original message, he simply hoped to provide an incentive for the use of digital signatures, and to encourage the writing of software to make this easier. After all, digital signatures don't prevent the establishment of pseudonyms -- in fact, they indirectly promote it by preventing "claim-jumping" on an established nym. > I've never seen anyone else claim to be me, at least not seriously, I am you. Seriously. > --Tim Eli ebrandt at jarthur.claremont.edu From jamie at netcom.com Sun Oct 24 23:58:40 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Sun, 24 Oct 93 23:58:40 PDT Subject: A favor re Detweiler (ha ha ha) Message-ID: <9310250655.AA25136@netcom.netcom.com> Hal Finney says: > >Since I do not live in the Bay area, I have never met Jamie Dinkelacker, >although I had the opportunity to meet Tim once when he visited southern >California. So I am not in a position personally to assure Larry that >Jamie is a real person separate from Tim. > Hello, world. Here's a novel thought: let's cut to the chase. My phone number is in my .sig block. Tim's in his. Call each of us back-to-back and have a 3 minute conversation with each. If the caller can't tell that we are different individuals, well ... . Do we sound the same? Are there accents? What about our speech speed and rhythm? Word choice? Sentence structure? If this is an issue to Detweiler, why hasn't he put his suppositions to the test by picking up the phone and, like a responsible adult, identifying himself for a conversation. Instead, we get net.waste.bandwidth. The only person to resolve this is Detweiler (unless Sniveling.Boxx takes me up on my lunch offer and could then vouch for the distinctions between me and Tim). If Detweiler really wanted to know the answer, he could find out for himself. Why should others support his "learned helplessness?" The only reason Detweiler has not executed this test is that he avoids truth. Is Detweiler aka Sternlight? Is that what's really being hidden? Is this all a deception distracting us from the NSA/Straumli perversion? I don't care about his anguish because I personally believe he's fabricated it to toy with us and distract us. But, I must admit, if I'm to be associated with anybody, Tim's not a bad choice: he's brilliant, articulate, wealthy, independent, good-looking and has great taste in music and friends. Not bad things to be nymed with. Hal, I invite your call. Call me mid-mornings PDT. As you know by private email I've sent you, I truly appreciate your posts and learn from them. Call me for a chat. Find out for yourself. C'mon Detweiler, cut to the chase and face the truth. Sheeesh, how can we miss you if you don't go away? ... (sigh). -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From ld231782 at longs.lance.colostate.edu Mon Oct 25 00:28:47 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 00:28:47 PDT Subject: the Joy of Pseudospoofing Message-ID: <9310250728.AA09485@longs.lance.colostate.edu> Not a single person has said they understand what I have been talking about in describing the evils of pseudospoofing. Let me be more specific. I hope anyone with additional comments can send me email. First, I've been talking about `pseudospoofing' as if what it connotes is obvious, but let me be absolutely thorough. Suppose a person created an entire fake identity. Jim Riverman, a software engineer, working in CA. Subscriber to the cypherpunks. Expert in number theory and NSA arcania. Posts very authoritatively to the list, and when he does its short and sweet, and a keeper. Even has a phone number. Has a nice signature complete with a cute quote: `death is the ultimate form of censorship' along with his phone number (work). Signed up on a public access Internet system that requires no authentication of identity. Address jr at netcom.com. Perhaps he has even described his troublesome toils in software development projects with a large company. Cultivated personal relationships with people in email. But JR does not exist. He is the figment of somebody's imagination, let's call her Medusa. The phone number reaches her. When she gets a call on the `JR' phone she speaks in a deep voice and talks about software development. It's rather rare that anyone calls anyway, and she rather loathes it when it happens and does not encourage anyone to do so. She's very guarded in phone conversations, and often takes the offensive stance by asking questions. `What are you calling about?' `Why should this be important?' etc. She never volunteers personal information under the JR voice for obvious reasons. She uses the jr at netcom.com account in a very systematic way. When she has interesting information she is very careful about presenting it in a way that maximizes her posting reputation under the JR pseudonym. If the information is related to his personality, she posts it under his identity in a characteristic way, perhaps even with consistent mispellings and a certain style. She never posts uncharacteristically under JR, such as talking about some other arbitrary subject she's knowledgable on but would be a bit surprising if JR said anything about it. Okay, let's stop and take note of this. Is any `deception' going on here? Absolutely. Should this be permitted? I don't think so, but perhaps others do. (Certainly many have contacted me to say so.) Many are saying `you can't prevent this' etc. `it's harmless and her cyberspatial right to build up her reputation under a digital pseudonym.' So, let's go further and explore this. Suppose Medusa also has an account snake at netcom.com. She cultivates another personality and reputation from that address, as an authority on mail forgery, guerilla warfare, and sabotage. Again, she is careful to never post on `uncharacteristic' subjects, *particularly* those that would overlap with JR, because that would cast suspicion on the uniqueness of the two identities. Is all this still OK with everyone? * * * But let's now look at the interplay of postings on a mailing list. The whole point is that a *dialogue* is in action, right? That's the draw. The mailing list is not just a endless series of contextless messages existing independently (quite contrary to what a lot of `pseudothinkers' have been telling me lately). People respond to each other, carry on conversations, quote each other, flame, criticize, comment, contradict, rebut, reject, congratulate, even lauch private email conversations from public postings. (And these private dialogues can be highly rewarding, in many ways more than reading the list itself, which tends to be `noisy'.) And, in fact, all this feedback is actually the *basis* of the best reputations. When someone posts something that is extremely relevant to the conversation at hand, their reputation in the eyes of their colleagues increases. When they rebut an argument with a stellar comeback, their own esteem is raised in the eyes of the group just as the victim's is lowered. When they post something that is authoritative on a given subject, again they are admired. `posting is reputation'. Finally, there can even be an interplay *behind the scenes* of the mailing list. People might organize meetings or go to parties with people they have met on the list. For some, this is sort of the holy grail of online interaction, and gives it true meaning. The interplay of reputations between this and a mailing list is complex. Someone's reputation might be raised or lowered because of their `realspace' vs. `cyberspace' personas. And the possibilities of outside project development can be extremely important, especially if a mailing list is designated to discuss some endeavor, say PEM software standards or whatever. * * * But the problem with all this is that in a regular social setting, there are some very ancient, venerable, and sophisticated rules involving propriety and courtesy of communication that break down dangerously on any online `forum' when a single person has multiple pseudonyms, and these `subversive uses' are what I will expand on. For example, many people become annoyed when someone talks too much, roughly analogous in cyberspace to postings that are too long or too frequent. In fact, this repulsion may be so strong as to cause people to reject messages simply because of it and irrespective of content (which might nevertheless have consistently high or at least above-average quality). Moreover, many people are highly annoyed by others who are constantly stroking their own fragile egos. `I am great because I did this.' It's quite nauseating at times with some! People often tune out or reject comments like this with something like `mental filters'. Reputations can be affected in extreme cases. `Oh, that JR is so quiet.' `Oh, that Medusa is so vain.' Also, some people turn out to be control freaks, and various degrees of clever euphemisms can be used to hide their inherent dominative tendencies. `You do this because I say so.' `That is the wrong way to do what you want to do.' `*work* with me!' `you are being uncooperative'. The final and most important aspect of group communication psychology is that of *consensus* and *peer pressure*. This can be an extraordinarily powerful force. Many people are `lurkers' and are most influenced by what they perceive to be other's opinion on various subjects, or the general group feelings as gauged through multiple postings. They are unlikely to question what they read. * * * Now let's look at how some of these proprieties can be thwarted to the detriment of community by use of pseudospoofing, in the case of Medusa and JR. First, notice that a single person could get away with far more postings if they all successfully matched the online personas. In fact, this could become quite a problem with traffic on the list at very high levels with everyone actually trying to *break apart* their posts into different identities to maximize the reputations associated with each -- a rather bizarre disincentive. A sort of anti-respect might develop for people who take the time to write long postings. They would look atypical in the forum. They might even be perceived as being egotistical and simply trying to assuage their own reputation through a lot of concerted effort under a single identity. Have you ever met anyone who hated you the more you accomplished and the more successful you were? This translates very directly into the cyberspatial realm. This leads directly into the ego case. What about people who are simply out to assuage their own ego? Suppose Medusa wishes to do this. She could `stage' very clever situations where jr at netcom.com says `I heard that Medusa knows a lot about industrial sabotage, and am always fascinated by her posts.' Medusa pops up a few messages later under snake at netcom.com and says `Thanks Jim, I really respect your knowledge of number theory too, and I hope you can provide some more updates on it' and launches into an amazingly relevant post, considering what Jim asked about. So, cypherpunks, what do you think of that? This strikes me as rather perverted. In reality, if Jim and Medusa were different entities, this would generate significant respect for both. But if they were the same entity, this would just be a twisted deception. And anyone who found out about it might feel very misled and disillusioned. Someone had created the false impression of reputation that was nothing but a sham. Of course, this all seems very implausible. Why would anyone go through *so much trouble* to do this? the problem is that we can ask this problem about a lot of `criminal' behaviors, and the situation is that every perversion known to man has been practiced at some time or another, *especially* when circumstances permit it. If there are certain people who are so consumed by reverence for online reputation, multiple personality fantasies from e.g. fiction, and getting away with clever deceptions, they would be *drawn* to an environment where this is possible. A person with a very fragile ego would be drawn into defending all of `its' identities with the different online personas. If someone attacked snake at netcom.com, a message from jr at netcom.com might pop up saying that `Medusa is my best friend, and you're a paranoid ranter.' This is like having `someone else' do the dirty work for you, and with great irony that `someone else' is yourself. In very extreme cases, suppose that Medusa has a cherished belief, for example, in the basic propriety of multiple personality disorder. If that was ever questioned on the list by anyone, perhaps she would be so upset as to engage *both* jr at netcom.com and snake at netcom.com. Let's now look at the penultimate case, where someone is a control freak. Suppose they wished to create support for a project or inhibit others working on a project not within their agenda. Whenever someone pops up, they are flamed. `Medusa knows what she is talking about. I heard that she has done all these things. Don't do anything until you have talked to her.' `Thank you! That's quite correct! Anyone involved with this should contact me personally, or wait until we are finished. It's definitely in the works.' Finally, let's look at how peer pressure can be influenced by these pseudonymous postings of Medusa's. Obviously, she has created the illusion of support or rejection of something that is not consistent with reality. It is a deception. People may have lowered or raised their opinion of something merely because they saw multiple posts criticizing the same thing, when they all came ultimately from Medusa. In the absolute worst case they would alter their *real space* activities or perceptions, perhaps thinking that someone else is a jerk and avoiding meeting them in person, or giving up work on a particular project because someone else was apparently farther along. By this time it should be clear that Medusa does not really have any ethics or morality, if she is going to deceive and manipulate people like this. She might even create imaginary `realspace' illusions to augment her elaborate cyberspatial fantasies. She might make up progress reports on various projects, and have various details confirmed by JR. If someone pops up on the list saying `I haven't seen anything going on with this' JR would pop up and say `don't worry, you can be sure that it's happening.' These fantasies would totally pollute and poison any trust in an online community. It could be compared to brainwashing. * * * Let's add some new dimensions to our little thought experiment. Suppose that the possibility of *private* email is added to all these areas, and that *very many* pseudonyms could be maintained with a minimum of effort. First, again, the `talk too much' case. If someone is posting too often, Medusa would not like that because it detracts from her own arsenal of pseudonymous identities. She would flame from her array of identities in public postings. If the person persists, she could assault him with private email, especially in the one-two form `I really admire and respect what you've done, but you've really got to be quieter.' The first half of the sentence generates respect, and the second half manipulates the listener. And if someone got this flame from *both* JR and Medusa in private email, they might be quite intimidated. `gosh, these cypherpunk members seem to know what they are talking about, and they say I'm out of line, so I better cut it out.' Even if the person had never `met' these identities before, they could be manipulated. In fact, totally arbitrary new identities could be created and still influence some people. `this person is responding to my public posting, so s/he obviously is a contributing member and his opinion counts. If they are telling me to shut up, I'd better be quiet. Especially if JR, a software engineer who I have a great deal of personal respect for says so.' Even if other cypherpunks would be aghast to find out there were behind-the-scenes flames going on, they might never know. Some people, while at the same time just deleting flames, can be very upset by them. Note that in all these cases, if any of this was going on in `real world meetings' it would be considered shocking depravity. In the online realm, some are championing it all as `newly liberating freedoms from true anonymity'. Note that if these messages were sent *anonymously* there would not be much of a problem. People would realize they could be coming from anyone, including the known powermongers on the list, and dismiss them without too much value. Now let's look again at the `ego' case. This can be *extremely* compelling when orchestrated via multiple identities and private email. Imagine a person criticizes Medusa on the list, and gets a barrage of public and private flames. `You are really way out of line here. Medusa has done all of these things for the cypherpunks.' There could be all kinds of `damage control' where different pseudonymous entities try to clean up the holes, each one addressing a different aspect of the criticism. All this could be done without snake at netcom.com ever sending *anything*! An entire illusion of respect for an entity could be manufactured. It might look something like an `elite clique' to anyone who didn't know there was a single entity behind the postings. Again, the case of the control freak. Obviously the ability to create the illusion of consensus in public postings and private mail would be extremely dangerous but very enticing for Medusa, who has no compunctions about deceit and treachery. A megalomaniac would be quite drawn to the capability. They would even be interested in developing powerful software to keep track of all the identities to prevent any `crossings' (a leak of information that reveals a link between identities). What's to prevent them? Certainly not a personal conscience. With all of this, quite a barrage of misinformation could be orchestrated, a sort of mental invasion campaign. Medusa could systematically `break down' any resistance to her evil plans for world domination `behind the scenes' without anyone ever knowing it. If anyone said something, they would be accused of harboring bizarre conspiracy theories and violating the trust of personal email. Finally, what about the idea of consensus and peer pressure under this system? I think it has become clear that an entire *movement* could be faked with this system. A mailing list could turn into a sort of international brainwashing machine for Medusa's evil agenda. Combine the possibility that there is more than one Medusa -- perhaps she has several sisters. They are all conspiring behind the scenes to break down resistance, confuse and obfuscate their opponent's arguments with psychological mind-bombs, and promote it all under something like Liberation of the Universe. An ingenous tactic would be to litter the mailing list with pseudospoofed posts that attack irrelevant points and obscure the original messages of real people. Who would ever know? What would prevent it? What is our protection? After all, creating multiple identities and pseudospoofing is a fundamental right of cyberspace, right? With it, the liberation of the world is at hand! Another astonishing possiblity is that Medusa is actually present on *multiple* mailing lists and newsgroups. She could assault people in all kinds of ways. She might see that someone she hates has posted to some arbitrary list, and try to strike up a new conversation with them with a unique tentacle. The person would be *wholly* unsuspecting because of the `distance' of the body and the tentacle. He might let strategic information slip to Medusa that compromises his protection and privacy based on this empty trust. Obviously, all this would be *extremely* difficult to detect, especially if no one had the capability to trace even pseudonymous identities to unique people. There would be various suspicious signs, however. If `newbies' consistently popped up out of nowhere to ask seemingly staged questions, provide setups, or comment on issues they would presumably have little knowledge to do so (such as the general list quality, the `movement', etc.) it would look very suspicious. Let's say that Medusa was extremely sensitive about `newbie flames' because she had been accused in the past of being hostile to newcomers. She might stage a routine where she helps out a `newbie' just to deflect the criticism and `prove' that she is actually very gracious. She would post to reaffirm that. `Why, I just helped out that newbie with the book reference.' If anyone who was confronted about the possibility of personally pseudospoofing instead deflected concern with satire and no specific denials, it would also be suspicious. * * * The very final possibility of pseudospoofing I would like to describe , perhaps the most treacherous and evil, is the following. Suppose Medusa not only had no ethics and morality, but was actually Satan in disguise. Suppose that she liked to torment and `punish' people with her `tentacles' whenever they `misbehaved', measured by their resistance to her oppression. She could be quite unpleasant, don't you think? She could consistently flame their arguments from different tentacles even if the posts were intelligent, just out of spite. She might bait them and say `I have some information for you' and when they reply in a query, snatch it from their fingers. She might have all her sisters try to work on the person in particular and break them down. `You are not going to have any friends if you keep this up. Why are you such a troublemaker, anyway? You are rude and have no manners. You need to grow up and stop thinking that everyone is out to get you. That path leads to madness.' Or, if the person has recognized the brainwashing and is amidst flight, she could try to lead him back to darkness. `Oh, I so enjoyed your posts, please reconsider.' This from a tentacle the victim has never heard from before. Now imagine the most fantastic possibility of all, that Medusa is so interested in tormenting a certain (from her view) `uncooperative' individual that she no longer even cares about converting him. Let's call him Luke Skywalker. Even the arguments like `I am your father, join the dark side, and together we can rule the universe' from many other tentacles have failed. In utter desperation she might still endeavor to build up another situation to simply gain his trust, say, with even a respectable Jim Riverman tentacle. `Luke -- I saw your post on lightsaber techniques, and I'm really impressed.' She could try to cultivate the trust over a long series of posts by responding to questions and revealing some simple information she knows would interest him. `yes, there seems to be some kind of clique or conspiracy going on'. Then she would slip in things like `what do you know about it?' `what do you think of Medusa, anyway?' Or, if she already knew that Luke thought she was evil, she might say `Luke -- that bastard Medusa has really gotten to me too. You should see my newbie posts she flamed me over! I don't know what to do. What are you going to do?' If Luke were naive, gullible, trusting, open, and honest, he might let very serious strategic information leak, partly in the hopes that Jim Riverman could help him personally, and together they could choke the monster. But Luke would just be betrayed by yet another tentacle. What a pity. * * * But perhaps you think otherwise! Ah, the Joy of Psuedospoofing. Let Medusa and Her head of snakes thrive in Cyberspace, and let's all bathe in the beauty of Her radiance! Weekly virgin sacrifices on the altar of the Death Star! A person said to me, `I think the Usenet credo, `live with it', applies.' another said, `that which cannot be enforced should not be prohibited.' another said, `if I were to prevent you from posting to the list, that would not be censorship.' another said, `bowel movement?' another said, `the assertion that [T.C.May] is Jamie Dinkelacker is just too bizarre to be believed.' another said `on that path lies madness'. -- ``Death is the ultimate form of censorship.'' (author unknown) Jim Riverman Software Engineer jr at netcom.com (415) 941-4782 [work] From remail at tamsun.tamu.edu Mon Oct 25 00:38:41 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Mon, 25 Oct 93 00:38:41 PDT Subject: LD and Spoofing Message-ID: <9310250733.AA24962@tamsun.tamu.edu> I/We have been laughing so hard I/We have almost been crying, LD has really gone and lost it... Come on Brace up LD... you were such a fervent defender of privacy and anonymity such a short time ago too... Sam From nobody at shell.portal.com Mon Oct 25 00:53:12 1993 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Mon, 25 Oct 93 00:53:12 PDT Subject: LD's Latest RANT!! Message-ID: <9310250749.AA19335@jobe.shell.portal.com> LD is starting to sound more like the NSA AI DS all the time... From remail at tamsun.tamu.edu Mon Oct 25 00:58:41 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Mon, 25 Oct 93 00:58:41 PDT Subject: Multiple Digital Personnas Message-ID: <9310250754.AA25358@tamsun.tamu.edu> Gee LD some of us participate in Multiple Digital Personnas by choice: ... some of these are composite consisting of several people ... some of theses are individual and multiple by one person ... what do you find so wrong with it... Sam Hill( An intentional Composite Personna ) From thomas.hughes at chrysalis.org Mon Oct 25 01:03:13 1993 From: thomas.hughes at chrysalis.org (thomas.hughes at chrysalis.org) Date: Mon, 25 Oct 93 01:03:13 PDT Subject: Q Message-ID: <9310250013.A6273wk@chrysalis.org> --> Note: Forwarded (from: DFW) Originally from Bryny (1:124/4109.0) Original dated: Oct 23 '93, 18:36 The EPCA applies to Common Carriers. Thus it applies to Compuserve, MCI Mail, etc. It does not apply to bulletin boards unless they issue mail contracts. ----8<---- what are the actual legal requirements for claiming status as a Common Carrier?? (other than being in the USA ...) signed written agreements? (this is the best "place" i could think of to ask this question...) From pierre at shell.portal.com Mon Oct 25 01:03:41 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Mon, 25 Oct 93 01:03:41 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310250802.AA19739@jobe.shell.portal.com> -----BEGIN PGP UNSIGNED MESSAGE----- I'll vote yes to the amended policy proposal > "make something that looks like a signature, or else". While I tend to agree with the general argument presented in favor, I'll also agree that there are several problems with it: - Yes, it's too easy to circumvent the policy by cutting and pasting something that looks like a signature (more or less :-) - Even then, the 6 hour delay is not that much trouble when you are actually building a discussion, and not flaming... So it would be more like "if you want to flame, you better spoof"... hmmm :-( So, all in all, there is not that much incentive added to using signatures. I think any is better than even less, so I'll still vote "yes"... at least as an experiment... But here are some more ideas: 1) have the mailing list relay insert disclaimers according to what it recognized: > remailer: This message wholly un-authenticated. The identity info > presented in this message could have been faked by a 6 year old. > Use digital signatures. or, > remailer: This message digitally signed. The pseudonymous identity > used may have no relation with any Real Life Person. or, > remailer: This message digitally signed. Signature checked to match > previous uses on this list by this pseudonym. or, > remailer: This message's digital signature does not match previous > uses on this list by this pseudonym. This will be -version 2- of this > pseudonym. 2) Campaign so that users of this list include "security disclaimers" whenever they post or email on the net. That could be a sig or a header line, such as "The identity info in this post could have been forged by a six year old. Do not trust it. Use digital signatures." 3) To make it more obvious that the From: field can say just about anything, use the "National Enquirer" headline generator that was posted on the net to replace the incoming header: >From: Diform Flying Saucer Throws Giant Tomato on the Pope Maybe then, people will take that header less seriously... Pierre (who?) pierre at shell.portal.com -----BEGIN PGP UNSIGNATURE----- Version: 2.4 iQBFThIsMayHAVEBEEnarealsiGNatUre, IFi onlYHaDEvERYthiNginPlace toCheCKINcOmINGSigsTOO. :-) =Bof -----END PGP UNSIGNATURE----- From remail at tamsun.tamu.edu Mon Oct 25 01:08:41 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Mon, 25 Oct 93 01:08:41 PDT Subject: New Project: Lets ALL create Multiple Digital Personalities Message-ID: <9310250804.AA25552@tamsun.tamu.edu> In Honor of LD I/We propose we execute Operation MEDUSA. Since PseudoNyms bother LD so much, I/We propose that all begin to use them. Sam From remailer at dis.org Mon Oct 25 01:33:14 1993 From: remailer at dis.org (remailer bogus account) Date: Mon, 25 Oct 93 01:33:14 PDT Subject: Pseudonyms... and LD Message-ID: <9310250812.AA13483@merde.dis.org> Anonymous Digital Kiosks With all the talk of reputations, digital cash, anonymous remailers/posters/DC nets, Data havens Grey Markets one quickly comes to the the conclusion that the future is here now. Sufficient protective technology is currently available to create a "greymarket" anonymous digital kiosk. This ADK could be located literally anyplace with net-connections in real space, and using Public Key Encryption Technology and Cypherpunks Remailers as well as newly emergent Digital Cash systems with say a "friendly" Lichenstein Account be able to vend ANY kind of service and collect payments for same regardless of the prevailing laws in the real space location of the ADK. This indeed is what is most likely frightens the goverment, code from projects like DOD/SBIR A90-217 "Electronic Countermeasure: Computer Virus" and other more "black" projects could be spirited out of projects and sold to possible clients with relatively little fear of reprisal. Solicitation for grey market information and responses to same are relatively safe and untraceable making current civil intrusion by the state impossible in the case of net.citizens choosing to employ this technology. And composite entities and persona will become popular such as this one... Sam Hill is actually several people... :)(sorry about that LD) Sam From ld231782 at longs.lance.colostate.edu Mon Oct 25 01:38:42 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 01:38:42 PDT Subject: A favor re Detweiler In-Reply-To: <9310250526.AA08546@jobe.shell.portal.com> Message-ID: <9310250834.AA10487@longs.lance.colostate.edu> Mr. Finney makes many references to private mail correspondence of mine and many presumptions of my thoughts, many of which are incorrect and none of which I have given him permission to do so. No one would be doing me any favor by contacting me personally over the `Dinkelacker matter'. Please do not do so. I am very shocked that Mr. Finney would have made any such request publicly without first consulting with me. The style of this request reminds me of Mr. May's public letter of some time ago to M.Landry over a `safe and fun environment', the latter individual telling me he was shocked over Mr. May's public address on his own private matter. >Nevertheless, in this >particular case, the situation is so obviously causing mental suffering >that I assume that if Larry's charges were true that Tim would have >confessed in order to spare Larry this pain.) The situation you describe has nothing to do with me personally. I assume that if there were no merit to the `charges' Mr. May or Mr. Hughes would have long ago posted a message specifically denying them instead of obfuscating the issue with satire, evasions, and propaganda. Mr. Hughes and Mr. May are unresponsive to my personal email. And because of his complicity in the evasion and rather uncharacteristic message (with many striking irregularities) I now doubt the existence of H. Finney. I have tried in total desperation to find someone I respect to condemn pseudospoofing for the evil it is. No one has done so. My respect for many individuals has dropped accordingly. My respect for many black phantoms has dropped accordingly. (I wish I could tell the difference.) My respect for the cypherpunk group as a whole has dropped accordingly. `Their' respect for me has dropped accordingly. (There is a lot of `reputation capital' being transacted at the moment.) I have resigned my role and unsubscribed from another list I have been long committed to that is cross-pollinated (or should we say, `contaminated', `tainted', and `poisoned') by some cypherpunks, over the same issue of pseudospoofing. I fear I have lended valuable time and `reputation capital' to a cause, that has become apparent to me through many public and private letters by many people, to be devoid of integrity. I blame certain individuals for this treacherous misrepresentation of basic cypherpunk goals. And as for `being assaulted in email' there is absolutely no doubt this has happened to me. Whether by phantoms or real people, I have no idea. I find it reprehensible that no one can give me any assurance. I encourage any other `cypherpunks' who find this practice of pseudospoofing reprehensible to unsubscribe from the list in protest, and carry out further debate on the `agenda' in newsgroups. If any systematic and concerted illusions or deceptions relating to cypherpunks are being promoted by anyone, I will be no party to it. I will quite to the contrary work to pierce the balloon of deceit with the sharp needle of truth. Perhaps even from the inside of the balloon. I suspect that `the Dinkelacker matter' is merely one square inch on the entire black balloon. The only service that will aid my `mental anguish' and cause me to reconsider my involvement with this `group' is a post in the following from: Newsgroups: talk.politics.crypto,alt.wired From: tcmay at netcom.com Subject: Multiple Personality Disorder I have never posted or emailed under the account jamie at netcom.com. Jamie Dinkelacker is a distinct human individual from myself. Eric Hughes and I condemn the poisonous practice of pseudospoofing. It is not a goal of the cypherpunks. We do not practice it. In fact, we are investigating ways to prevent it on the list, starting with database of everyone who has promised not to. Furthermore, a rumor that actors were used in Wired article photographs is simply false. To my knowledge anyone ever pictured in a photograph of any `cypherpunk' group member in the mainstream media was at least a list subscriber. ``Oh what a tangled web we weave; when first we practice to deceive.'' --``Shakespeare'' From mdiehl at triton.unm.edu Mon Oct 25 02:03:47 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Mon, 25 Oct 93 02:03:47 PDT Subject: New Project: Lets ALL create Multiple Digital Personalities In-Reply-To: <9310250804.AA25552@tamsun.tamu.edu> Message-ID: <9310250903.AA12368@triton.unm.edu> According to remail at tamsun.tamu.edu: > > In Honor of LD I/We propose we execute Operation MEDUSA. > Since PseudoNyms bother LD so much, I/We propose > that all begin to use them. This is getting childish. Please take this discussion to rec.talk.moronic. Then, please grow up. And now back your regularly scheduled program.... I hope! J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From jamie at netcom.com Mon Oct 25 01:15:13 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Mon, 25 Oct 93 02:15:13 -0600 Subject: Thanks for the exposure Message-ID: <9310250815.AA29913@netcom.netcom.com> Still posting my phone number, asshole? Are you really trying to pick a fight? Do you truly want to see how I can squash a bug like thee? Better start looking over your shoulder. Don't forget, gutless wonder, I CONTROL YOU. You will never forget me. You can't touch a keyboard without thinking of me. I control you. And always will. You no longer have any independent thought. I lead my life of wonder; filled with friends and play. You are insignificant, and don't cross my mind until someone tells me of your posts. But you have no choice but to sit and think of me. I control you. Everytime you see the word "cypherpunks" you'll know I control you. And I always will. Everytime you hear a modem or see an ethernet cable, you'll know I control you. Soon, you'll be able to think of nothing but me, and then the control will be complete. Get a life, asshole. ------- End of Forwarded Message From mccoy at ccwf.cc.utexas.edu Mon Oct 25 02:28:57 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 25 Oct 93 02:28:57 PDT Subject: A favor re Detweiler In-Reply-To: <9310250834.AA10487@longs.lance.colostate.edu> Message-ID: <199310250926.AA20883@tramp.cc.utexas.edu> "L. Detweiler" writes: [...] > > I have tried in total desperation to find someone I respect to condemn > pseudospoofing for the evil it is. No one has done so. My respect for > many individuals has dropped accordingly. My respect for many black > phantoms has dropped accordingly. [...] > I encourage any other `cypherpunks' who find this practice of > pseudospoofing reprehensible to unsubscribe from the list in protest, > and carry out further debate on the `agenda' in newsgroups. After reading this message, along with several others you have recently sent to the list (and broadcasted in comp.org.eff.talk) I think that I am not alone in bringing to your attention the fact that "you just don't get it." Identity as most people know it, and as you are attempting to tightly cling to, is dead. Gone. History. Stick a fork in it 'cause it's done. It has no equivalent on the electronic frontier. Complaining about it and bemoaning whatever loss you may feel will do nothing to change this fact. I know this must be difficult for some people to understand; I routinely get strange looks from people when I reveal that some of my closest friends are people who I have never "met" in the traditional sense, and that I regularly play games, exchange messages, and discuss whatever is on my mind with people from across the globe who have no more physical substance to me than wisps of phosphor on a crt. This is a fundemental paradigm shift that you have not made yet. It is one that few have. If anything, it is shared conceptual memes such as this subject of identity in a world without substance that is the true cypherpunk cause. > ``Oh what a tangled web we weave; when first we practice to deceive.'' > --``Shakespeare'' Sorry, by this was not written by Shakespeare. It was penned by Sir Walter Scott. jim ``In a false quarrel there is no true valour'' --Shakespeare From bart at netcom.com Mon Oct 25 02:33:14 1993 From: bart at netcom.com (Harry Bartholomew) Date: Mon, 25 Oct 93 02:33:14 PDT Subject: seconded suspicion In-Reply-To: <9310250655.AA25136@netcom.netcom.com> Message-ID: <9310250931.AA17503@netcom5.netcom.com> > > Is Detweiler aka Sternlight? Is that what's really being hidden? Is this > all a deception distracting us from the NSA/Straumli perversion? I don't > care about his anguish because I personally believe he's fabricated it to > toy with us and distract us. > ................................ > Jamie Dinkelacker Palo Alto CA I was going to make this very suggestion myself when I saw LD's 1033 line post "Interesting Reading". He, like the notorious Sternlight seems to have infinite time to spend on churning out text. From gg at well.sf.ca.us Mon Oct 25 02:49:00 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Mon, 25 Oct 93 02:49:00 PDT Subject: Subliminal Channels Message-ID: <93Oct25.024352pdt.14124-3@well.sf.ca.us> One last point on subliminal advertising... (yeah this is a digress but anyway)... Subliminal stimuli can be considered an induction procedure for an individual behavior change. Nondrug inductions of every kind (i.e. meditation, hypnosis, lucid dream techniques, concentration and memory techniques, progressive relaxation, biofeedback training, etc....) produce variable results on a population sample; typically the results fall along a normal curve wherein some people are strongly affected, some are moderately affected, and some are affected very little if at all. The relevance to advertising is, if a technique can reach perhaps 5% of your readership and then cause 5% of those to alter their behavior favorably toward your product, you've got a quarter of a percent of the market who at least try your product once. In the world of mass marketing, that small number adds up. If you were an ad executive, would you voluntarily give up a tool that can add market share...? Also, the heaviest users of certain categories of products, notably alcohol, are also people who are notoriously suggestible, in the sense that they are already over-reacting to their environment and are using large amounts of alcohol in part to self-medicate against that. Heavy users of any product are usually seeking to fulfill some psychological need, a secondary need which can be manipulated far more easily than can the simpler needs of the average consumers. This increases the effectiveness of any psychologically-loaded selling technique. I believe Key goes overboard in his own writings, but on the other hand I've discovered so many examples of this kind of thing that there's no denying it's going on. Some of these are so blatant I can show the picture to an untrained observer and say "what do you think of this?" and s/he immediately spots the embedded item. On the other hand, these days there are other techniques, some far less subtle; for instance, the ads (particularly billboards) for beverages which show them spurting ejaculatorily from very phallic bottles... advertisers use anything which works, and that leaves a whole lot to choose from. anyway, back to our regular channel... -gg From mdiehl at triton.unm.edu Mon Oct 25 01:57:09 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Mon, 25 Oct 93 02:57:09 -0600 Subject: the Joy of Pseudospoofing In-Reply-To: <9310250728.AA09485@longs.lance.colostate.edu> Message-ID: <9310250857.AA12299@triton.unm.edu> According to L. Detweiler: > > Not a single person has said they understand what I have been talking > about in describing the evils of pseudospoofing. Let me be more > specific. I hope anyone with additional comments can send me email. Well, I think I know what you are talking about. People who don't have the balls to express their opinions without the use of a pseudonym agrivate me also. Now if they were saying something "dangerous," that would be another story. Just my thoughts on the matter. You can quote me if the flames get to hot for you. ;^) J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From gg at well.sf.ca.us Mon Oct 25 02:59:16 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Mon, 25 Oct 93 02:59:16 PDT Subject: Subliminal Channels Message-ID: <93Oct25.025749pdt.14124-1@well.sf.ca.us> Okay, one last post from me on this subject.... An academic text was published in the late 70s or early 80s on this, the title was _Subliminal Stimulation_ if I remember correctly. Most decent university psych libraries should have a copy. I don't recall the author or editor's name, though I did read it while an undergrad. The gist of it was that there *is* an effect but it's *fairly small* in terms of the subject population. As I said before, any induction procedure will work for some segment of the population, so it's not surprising. I have to put myself in the middle on this arguement. On one hand I think Key went overboard; it would seem that what happened was he spent his professional life doing advertising and then someone pointed out something that was going on, and he over-reacted in the manner of anyone who suddenly finds he's unwittingly been violating his own morals. I would suggest that some of the stuff he's trying to point to is valid, but a lot of it is improbable to the point where I think a clinically trained observer might see signs of paranoia. Now on the other hand, I've found too many really blatant examples of psychologically devious advertising techniques to write this stuff off entirely. The point isn't whether Key is a great whistle-blower or a raving loonie; it isn't even whether there are forests of hidden genitals growing in ad illustrations... the point is whether the effect of saturation in psychologically-loaded high-production media aimed toward promoting passive consumerism is healthy for a culture or for the free will and dignity of its members. And I would say it certainly is not. -gg From dinkelacker at cypherpunks.org Mon Oct 25 03:03:24 1993 From: dinkelacker at cypherpunks.org (Sam Will - aka rjc - aka Tim - Hal) Date: Mon, 25 Oct 93 03:03:24 PDT Subject: TRAITORS to the CAUSE Message-ID: <9310251002.AA19146@churchy.gnu.ai.mit.edu> The latest LD rant talks about the great cypherpunk cause, to which he has lent his time, and how it has been "contaminated", "tainted", and "poisoned" by EVIL TREACHEROUS individuals on this group. These individuals have misrepresented "basic cypherpunk goals" Finally, he demands reparation for his "mental anguish" from Tim May to be posted to talk.politics.crypto. I have a sudden urge to say "Get a Life" for some reason. I think Detweiler was operating under some kind of delusion when he joined this list which is responsible for his anguish. From my analysis, it seems LD was under the impression that he was joining some great social activist movement similar to all the other fringe groups out there, and that the cypherpunks had some noble cause of liberation/crypto-ethics. However, when I first subscribed to the list (roughly a few weeks after it was set up), I was told the purpose of this group was to simply discuss crypto, implications of it, and coordination of crypto-projects like remailers, digicash systems, pgp, etc. Could it be that Lance is looking for ethics on a mailing list whose motto is "cypherpunks write code" (with no limitations on what kind of code that will be, including even pseudospoofing software) [ All of LD's points are technically incorrect anyway because crypto can be used for both authenication and privacy. (e.g. digital signatures being "accoutable" legally to the authority which certified/signed them. Contrary to his rants, digi-sig nyms can be as tracable as real signatures, even more so depending on how strict you are on your trust model)] We've been accused of being conspirators, evil traitors, exploiters, abusers, and who knows what else, and I'm getting annoyed by it. So I'm making a proposal. Let's implement Detweiler's philosophy of having everyone accountable. Using the Extropian's list software, this list could prevent anyone who isn't voice validated from posting to the list. And as a first step to improving S/N ratio, I recommend we use the list software's filtering features to outright censor Detweiler, and any other idiot ranters (plus all anonymous posters) from the list. I also recommend a list justice code similar to the Extropian's list where anyone can be PUNISHED for not obeying the Great and Holy Cypherpunk's cause. As a requirement of the NEW ORDER (under the new software), all new subscribers will be required to take a pledge of denouncing pseudospoofing in talk.politics.crypto before their posting priveleges are turned on. Sam Will The Cypherpunks Pledge: "I hereby proclaim that pseudospoofers are the most vile and disgusting criminals on the face of the earth. As a cypherpunk, I pledge to fight for a world where children go to sleep at night secure in the knowledge that anyone they meet will be who they claim they are." From julf at penet.fi Mon Oct 25 03:55:18 1993 From: julf at penet.fi (Johan Helsingius) Date: Mon, 25 Oct 93 03:55:18 PDT Subject: The Anonymous service needs your help. Message-ID: <199310251050.AA25618@mail.eunet.fi> Sorry to interrupt the Detweiler thread, but... As of last week, my server has been sending the following message to active users of my anonymous service. I am turning to you, fellow cypherpunks, not for monetary support (albeit that is of course welcome, too) but to ask for ideas on how to arrange the payment mechanism - and to avoid taxes, currency export problems etc. Maybe I should seek the help of a non-profit organisation such as EFF to handle the transfers? Julf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Subject: The Anonymous service needs your help. Hi! You have just used the anonymous server at anon.penet.fi. When I set it up, almost a year ago, I definitely could not foresee how popular it would become. It now has something like 45.000 registered users, wuth maybe 10.000 active users. Thousands of mesages are handled each day. Unfortunately, the popularity of the server might also be it's downfall. At the start, it was easy to handle all the problems and the queries, and to pay for the network connection. But now I spend 4-5 hours every day trying to answer questions, fix problems and deal with abusers - but I keep getting further and further behind on my mailbox. And the traffic is overloading the 64K international connection - I already had to cut out the binary postings. It now costs me something close to USD 1500/month just to keep the machine connected. I'm afraid I can't afford the time and the money much longer. And unless there suddenly turns up some benevolent big sponsor, the only hope for survival for the service is contributions from individual users. If all the 10.000 active users would each contribute $5, it would pay for the costs of running the service for a full year, as well as allowing me to employ one or two part-time students to reply to mail queries, improve the service, and report abuse - allowing me to concentrate on improving the software and dealing with the abuse cases. So I'm asking you - how much would you be willing to contribute? Use of the server will always be free, but continuing the service needs soem funds. At this stage, I only need to know how much you are willing to contribute - $1, $5, $25, $100? The replies will determine the need to set up some kind of money transfer system. Please send your replies to donations at penet.fi. Julf From szabo at netcom.com Mon Oct 25 04:24:49 1993 From: szabo at netcom.com (Nick Szabo) Date: Mon, 25 Oct 93 04:24:49 PDT Subject: A favor re Detweiler (ha ha ha) In-Reply-To: <9310250655.AA25136@netcom.netcom.com> Message-ID: <9310251120.AA21774@netcom5.netcom.com> Jamie Dinkelacker: >[wonders why Detweiler hasn't phoned himself or Tim May] > The only reason Detweiler has not executed this test is that he avoids truth. Harsh, but insightful. Detweiler seems to have a world-view in which people are and should be marching morons who make up their minds via peer pressure, perceived majority, consensus, etc. rather than by listening or reading for content, thinking, or taking action for themselves. A phenomenon which disrupts this cherished "democratic" state of affairs is "utterly perverted" and "evil". S(he) who promotes such a change, either specifically or as a side effect of trying to return a modicum of privacy to the panoptic, permanently recorded net, is a "traitor" who should be "thrown in jail", no less. Detweiler's emotional vision of making every poster "accountable" to mob rule is the most convincing argument I've heard yet for privacy on the net, the stronger the better, the sooner the better. I wonder how long it will take Detweiler's rhetoric of "perversion" to spread and color other cypherpunks activities. If maintaining 'nyms indicates a multiple personality disorder, then perhaps posting anonymously suggests an inferiority complex, having something to hide is the sign of a sociopath, etc. If it's a new and different cultural phenomenon with nuances that take time to learn, it might well be easier to defame it as a psychological abnormality, and brand its practioners as "criminals", than to learn about it, adapt to it, and/or convert it locally to better suit one's own tastes. BTW, "Medusa" probably won't last very long after doubling up with her other 'nym to flame people, having her 'nyms praise each other, etc. This isn't theoretical stuff -- a wide variety of these kinds of things have been tried on BBS's for years. There's a big track record out there we can look at. Making a mistake that unmasks your 'nym is very easy: between leaving these pointers lying around, the extreme difficulty of maintaining a distinct style or personality for an extensive amount of quality posted material, and the "treachery" of aquaintences (who can use anon remailers if need be to umask the 'nym). Thus, I find Detweiler's speculation of massive political manipulation by net "pseudo-spoofers" (isn't that redundant)? to be paranoid and fantastic. I wonder if Detweiler is as worried about the small "clique" of newswrire writers, quoted almost verbatim by most print media, and without much more than stylistic changes by TV and radio news, a few dozen people communicating anonymously and via mouthpieces like Dan Rather to hundreds of millions of people in the English-speaking world? This "manipulation" of perceived consensus and majority opinion is something a few dozen net "pseudospoofers" on smart drugs posting under a thousand 'nyms could never hope to match. The closest the net comes to political spoofing is probably voting for Usenet newsgroups -- completely insecure, there may have been some close votes swayed by spoofers, but the world doesn't revolve around the results. Mostly folks don't care enough about newsgroup voting to bother to spoof it. We have two options for electronic voting -- we can make it more secure, and we can make it less important by changing majority-driven insitutions with market-driven institutions. I'm all in favor of making e-voting more secure, but I don't think it's worth sacrificing our privacy or civil rights to do so. I don't find majority rule to be the only, "SACRED" way to get important things done in cyberspace. Right now voting plays practically no role in cyberspace, and that's also what the forseeable future looks like. I've seen 'nym unmasking happen extensively both on BBS's and Usenet. For example, there was a "Holocaust Revisionist" spoofer who posted under a series of nyms to Usenenet, the old silly argument about only 1 million Jews were killed not 6 million, the Nazis really intended to facilitate emigration of Jews to Palestine and instead the Allied bombing trapped them en route in the camps, ad nauseum. Professing such opinions can make you "accountable" really quick, in many lasting ways. In this case, the spoofer was booted off of techbook.com, the BanishedCPU BBS newsfeed was cut off when he signed up there, etc. None of this spoofer's 'nyms lasted long; the style was too similar (consistent differences via purposeful mispelling, different usage of capital letters, etc., overdone regional jargon, etc. are easily recognized for what they are). Perhaps it's selection effect, but I've never seen a 'nym actively maintained for more than a year without unmasking or changing over to another name to avoid that 'nym. In anon posts of significant length I've recognized many style pointers right off the bat. Eg, many of us independtly made the L.Detweiler/S.Boxx link, I've readily recognized the origin of several of Tim May's anon posts, etc. If we can recognize links from just one or two posts, how much more difficult to maintain the ongoing politically persuasive rhetoric suggested by Detweiler. Not saying it's not possible, just that it would take an extreme amount of careful effort. This isn't evidence of "criminality" or "perversion", it's evidence that the "spoofer" cares enough to go to those lengths, much as Detweiler cares enough to go to great lengths to fill up my mailbox with name-calling and elaborate scenarios. Anybody know what the world record is for 'nym maintence? Really important votes, market interactions, etc. should be made quite a bit more secure than Usenet voting, but at least in the case of markets, does not require physical identity to be tied to 'nym. (Cf. for example Chaum's work and per-organziation pseudonyms and credentials that can be transferred between these 'nyms, the ongoing discussion of reputation-building, etc.) Nick Szabo szabo at netcom.com From dmandl at lehman.com Mon Oct 25 06:20:05 1993 From: dmandl at lehman.com (David Mandl) Date: Mon, 25 Oct 93 06:20:05 PDT Subject: A favor re Detweiler Message-ID: <9310251306.AA13940@disvnm2.lehman.com> > From: hfinney at shell.portal.com (Hal Finney) > > I'd like to expend some "reputation capital" here and ask people for a > favor. I am worried about Larry Detweiler's obvious mental anguish. We > tend to forget that we are dealing with real people on the net, flesh > and blood human beings. Larry is obviously going through genuine > difficulties here. As a member of our virtual community, I ask that we > show him some compassion and consideration. I agree. I was just about to post a message saying the same thing. At this point, some of the anti-L.D. posts are becoming downright cruel, and in my eyes amount to kicking a man when he's down. Why don't you give it (and him) a little rest? --Dave. From paul at poboy.b17c.ingr.com Mon Oct 25 06:39:06 1993 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Mon, 25 Oct 93 06:39:06 PDT Subject: on the term `signature' In-Reply-To: <9310250549.AA17848@churchy.gnu.ai.mit.edu> Message-ID: <199310251322.AA08401@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- In a list message, Ray Cromwell wrote: > Get a clue for god's sake. Digital signatures won't exist in a vacuum. > No one is going to accept the validity of a signature unless it is signed by > some trusted/certified authority and that authority would be liable for the > person's true name or actions. > This is exactly how Apple's new DSA system works. Actually, not. Apple's PowerTalk environment uses persona certificates right now, although entities may buy RSA's Safekeeper boxes ("tamperproof" titanium key generators) to generate actual warranted keys. All a persona certificate says is that key X belongs to person Y. No warranty, express or implied, is granted. If I have a persona certificate, say, from Dun & Bradstreet, all D&B is claiming is that the key on that certificate belongs to *me*. They could potentially be liable if the key actually belonged to someone else, but they wouldn't be liable if I used that key to embezzle $10M from the EFF Digital Credit Union. - -Paul - -- Paul Robichaux, KD4JZG | Caution: cutting edge is sharp. Avoid contact. Intergraph Federal Systems | Be a cryptography user - ask me how. ** Of course I don't speak for Intergraph. ** -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMvSqSA78To+806NAQEiaQQA5GufDI2U3MOLL9r4APbukz8GZeP3rEkQ X8NIuOkihCz3DXbllyneUFaIxKuZ9RJdOFswypDIdQMNPvNACXysYpCv++/dQt5/ Lrn93pv66ksh4AaDo69EfvCHnMJd4CkJWMx37z11sXHfl+JvAIFp5VAKfgNNvmn5 zsY8fpg9dsI= =ohfr -----END PGP SIGNATURE----- From pmetzger at lehman.com Mon Oct 25 06:39:51 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Mon, 25 Oct 93 06:39:51 PDT Subject: Net Regulation In-Reply-To: Message-ID: <9310251326.AA14266@snark.lehman.com> T. William Wells says: > In article <9310250152.AA09786 at snark.lehman.com>, > Perry E. Metzger wrote: > : [irrelevancy] > > I watched you arguing with Detweiler and thought that you were an > idiot. However, I figured that Detweiler was sufficient > provocation to bring out the idiot in just about anyone so I > ignored that. > > But here you have proven that you really don't understand. > > This I don't intend to ignore. Welcome to my killfile. When you > figure out why, you may be worthy of being removed from it. On the contrary -- I am honored to be in your kill file, given the apparent criteria. I hope never to leave it. Perry From keaty at vnet.IBM.COM Mon Oct 25 08:07:48 1993 From: keaty at vnet.IBM.COM (John M. Keaty) Date: Mon, 25 Oct 93 08:07:48 PDT Subject: how to sign on to the cypherpunks listserver Message-ID: <9310251458.AA20483@toad.com> Can you give me instructions on how to sign on to the cypherpunks listserver? Thanks John Keaty keaty at vnet.ibm.com From cme at ellisun.sw.stratus.com Mon Oct 25 08:34:38 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 25 Oct 93 08:34:38 PDT Subject: updated text of the MTTF paper Message-ID: <9310251531.AA05254@ellisun.sw.stratus.com> What I sent out was dashed together last June and never polished. Here's text after one re-write... - Carl (Equations haven't changed...) -------------------------------------------------------------------- \documentstyle[12pt]{article} \begin{document} \title{MTTF of Various Systems} \author{Carl M. Ellison \thanks{Stratus Computer Inc., 55 Fairbanks Blvd., Marlborough MA 01752. Email address: {\tt cme at sw.stratus.com}.}} \date{October 25, 1993} \maketitle \begin{abstract} Expressions are presented for the Mean Time To Failure (MTTF) of various redundant systems, as a function of the number of nodes in the system, N, and the minimum number of nodes in a working system, K. Failure of a system is defined as having fewer than K working nodes. \end{abstract} \section{Expressions} Redundant systems are employed both to increase availability and to achieve preservation of data. Expressions for the availability of a redundant system are to be found in normal probability and statistics texts. [See for example, Kishor S. Trivedi, "Probability and Statistics with Reliability, Queuing, and Computer Science Applications" from Prentice-Hall, 1982.] These assume that once a system has recovered from total failure, it is as usable as it was before the system failure. Mean Time To Failure (MTTF) is concerned with the case that once a system has achieved total failure, something is lost. This might apply to redundant disks, for example. The expressions presented below are for the MTTF of various redundant systems, as a function of the number of nodes in the system, N, and the minimum number of nodes in a working system, K. Failure of a system is defined as having fewer than K working nodes. Often, K=1 and each node has a complete copy of each database. However, sometimes the data can be kept on multple nodes (as in a RAID-5 disk array) which will tolerate some failures, down to a given threshold, K > 1. It is assumed that as soon as a failure occurs, a repair cycle will be started. There is then a race to see if the repair can be completed before enough additional nodes fail to drop the working number below K. The expressions below were derived from custom Markov chains, each built to model a given choice of N and K. It is assumed that both failures and repairs are exponentially distributed random events (so that the Markov chains remain memoryless). This is a reasonable model for failures but not for repairs. Therefore, these expressions are approximations. The expressions also assume that all failure events are independent. For example, a multi-node system in which all nodes are on the same power grid would not have completely independent failure events. N: number of nodes in a full system K: number of nodes in a minimally functional system $\lambda$: rate of failures (e.g., number of node failures per year) $\mu$: rate of node repair (in the same units as $\lambda$) Each fraction below is the MTTF of the whole system: the mean time until a system drops to (K-1) working nodes. N = 2 ; K = 1 \begin{equation} \frac { 3\lambda + 1\mu }{ 2\lambda^2 } \end{equation} N = 3 ; K = 1 \begin{equation} \frac { 11\lambda^2 + 4\lambda\mu + 1\mu^2 }{ 6\lambda^3 } \end{equation} N = 3 ; K = 2 \begin{equation} \frac{ 5\lambda + \mu }{ 6\lambda^2 } \end{equation} N = 4 ; K = 1 \begin{equation} \frac { 50\lambda^3 + 18\lambda^2\mu + 5\lambda\mu^2 + 1\mu^3 }{ 24\lambda^4 } \end{equation} [etc.] \end{document} From koontzd at lrcs.loral.com Mon Oct 25 08:45:16 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Mon, 25 Oct 93 08:45:16 PDT Subject: ADMIN: proposed new policy Message-ID: <9310251542.AA14668@nebula.lrcs.loral.com> >I like the idea of encouraging people to digitally sign messages. I >also decided to try out ripem to see what its signed documents look >like. It seems if transmissions to a list must pass through a server, then the server should be used for authentication. Otherwise, the entire thing is nothing but wasted bandwidth and `visual noise`. (Unless it is meant as make work for a three letter agency). From nate at VIS.ColoState.EDU Mon Oct 25 08:59:10 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Mon, 25 Oct 93 08:59:10 PDT Subject: Stupid childish crap cluttering the list Message-ID: <9310251555.AA13635@vangogh.VIS.ColoState.EDU> -----BEGIN PGP SIGNED MESSAGE----- Hello, out there? The list is getting really badly cluttered with all this "lets rag on LD since he doesn't agree with us" shit. "Operation Medusa" -- come on, it was a little bit funny for a while, but I think that you can find better things to do with your time than dedicate yourself to the annoyance of someone, based on the fact that they hold different views about certain topics near and dear to the hearts of some subscribers. Some of us are here to try and change things - remember that clipper thing that so many (I think it damn near all of us) of us were up in arms about? It's still out there. LD is not the enemy, he's just one of us who holds a different view... So what if he thinks there should be no pseudospoofing.... let's kill him? I think not. I think that most of the list is in agreement with the idea of _not_ requiring signatures on messages. Fine. There, that's it. Done. Some of us, me included, try to sign mail whenever possible. Maybe it's to set an example, maybe it's just to verify that we are who we say we are. I even sign some of the mail that doesn't go to the list, just to get people to ask what the hell it is -- it's raising the public awareness. But, I digress. LD has told me that he is leaving the list. Some of you may cheer, some (the more intelligent of you, IMHO), will mourn the loss. LD could, at times, rant a bit, but he was a contributing member of the list. He had _many_ good things to say, and he is a very dedicated to privacy (read the "Privacy and Anonymity on the Net" FAQ?) and changing things. It _really_ pisses me off to see the little armchair Cypherpunks all gang up when they see someone down. "Oooo, oooo, LD's not in good favor with the rest of the guys, let's lick 'em" Sounds like a bunch of fucking Beevis and Butthead fans (pardon my french). Maybe if you guys were spending more time writing code or making the public more aware of what the problem is and who's here to fix it, you wouldn't have the time to organize campaigns for annoyance. For a while, everyone thought that LD was objecting to people being able to post anonymously (wheather it be through anon.penet.fi or bounced off of a remailer)... that was not (I believe) his point. He objected to people posing as other people (who had established reputations, etc). He wanted to outlaw (in a sense) this act. I disagree with him here, since I cannot think of how to absolutely outlaw it (since saying "don't do that, it's against the law" seldom works), but I can think of how to prevent it. Sign messages. Don't do it if you don't want to, and don't complain when people spoof as you because you don't ever sign the messages. I agree with LD on the idea that posing as someone else with intent to confuse (LD's "evil black posts" as he calls them) is wrong. If you are trying to pursuade someone (or confuse them), you should be smart enough to do it by being anonymous (again, through anon.penet.fi or through a remailer) or by being yourself. You should not need to hide behind someone else's identity. Well, there's my opinion, please get off the subject of ragging on LD, and get back on the track of changing the world. - -nate - -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46 | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Guerrilla Cryptographer Always remember "Brazil" From nate at VIS.ColoState.EDU Mon Oct 25 09:34:21 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Mon, 25 Oct 93 09:34:21 PDT Subject: test, sorry Message-ID: <9310251630.AA14875@vangogh.VIS.ColoState.EDU> -----BEGIN PGP SIGNED MESSAGE----- This is a test. - -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46 | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Guerrilla Cryptographer Always remember "Brazil" From nate at VIS.ColoState.EDU Mon Oct 25 09:39:40 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Mon, 25 Oct 93 09:39:40 PDT Subject: testing, sorry Message-ID: <9310251634.AA14982@vangogh.VIS.ColoState.EDU> This is a test. -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46 | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Guerrilla Cryptographer Always remember "Brazil" From panzer at drown.slip.andrew.cmu.edu Mon Oct 25 09:39:41 1993 From: panzer at drown.slip.andrew.cmu.edu (Panzer Boy) Date: Mon, 25 Oct 93 09:39:41 PDT Subject: the Joy of Pseudospoofing Satan In-Reply-To: <9310250728.AA09485@longs.lance.colostate.edu> Message-ID: On Mon, 25 Oct 1993, L. Detweiler wrote: > The very final possibility of pseudospoofing I would like to describe , > perhaps the most treacherous and evil, is the following. Suppose Medusa > not only had no ethics and morality, but was actually Satan in > disguise. Suppose that she liked to torment and `punish' people with > her `tentacles' whenever they `misbehaved', measured by their > resistance to her oppression. (L Detweiler != S Boxx) Based on articulation capabilities (L Detweiler == Satan) ??? I had to give up here. But when "digital signatures", "rape", and "Satan" can all come up in a single thread, things have gotten out of hand. Ok, after finally reading most of LD's post, I've come to the conclusion that LD doesn't like the fact that people lie. He doesn't like the fact that people mis-represent themselves, etc. I do ask you L Detweiler, what you consider of this case. In "real-life" awhile back there was a womem who was an actor. She didn't like the fact that she needed an agent to get work. So she invented a personality, an became her own agent. She aquired a different personality, different voice patterns, etc, for this agent. She made sure the agent did everything over the phone, never meeting clients in person. Soon after doing this, she started being an agent for other actors also. She obviously spoke well of her actorself when she was in her agentself, and she obviously kept two personalities. Is this wrong? Should this women not have done this? -Matt | Please get my public key if you wish (panzer at drown.slip.andrew.cmu.edu) | to verify that this message is mine. "That which can never be enforced should not be prohibited." From chrome at jhunix.hcf.jhu.edu Mon Oct 25 09:53:30 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Mon, 25 Oct 93 09:53:30 PDT Subject: Subliminal Channels In-Reply-To: <9310240508.AA03859@snark.lehman.com> Message-ID: > PS By the way, none of this paranoia has anything to do with cryptography. Gee, something we do agree on. -Alex From chrome at jhunix.hcf.jhu.edu Mon Oct 25 10:19:08 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Mon, 25 Oct 93 10:19:08 PDT Subject: That's all, folks. In-Reply-To: <199310241623.AA20573@panix.com> Message-ID: This will truly be my final remark, as this subject is hardly pertinent to the forum but has nontheless provoked some interesting discussion. I am repeatedly told that I am a right-wing religious paranoid, have fascist fantasies about government, and that overall I am a moron. While I have difficulty refuting the third claim :), it is unfair to make accusations 1 and 2 about me without any knowledge about who I am and where I stand on societal issues. What has never been mentioned is the fact that none of this subliminal stuff has seriously been studied. People (perry, woodhead, et al.) talk about how unscientific, absurd, etc. this topic is, all the while ignoring their (and my) ignorance about the subject and using studies as scientific proof, which is a contradiction unto itself, as well as unnamed first-hand sources "inside" the industry while not identifying their position. Whereas they would rather let it be buried for ideological reasons, I would prefer the subject to be explored in the open scientific community, opening it the pressure of scientific scrutiny. My reasons as follows: I have read books and seen, first-hand, experiments on the nature of behavior control. Until you have seen people turned into automata you cannot appreciate what the experience gives to you as a human being: perspective. I would not want to be controlled by _any_ power, be it government, sibling, or economy. If there is a chance that there are means by which I can be controlled _without my knowledge_, I want to be aware of the methodry of such attacks. Is that paranoid? Quite possibly. Cautious and intelligent? Perhaps. Perhaps there are those on this forum who would prefer to let sleeping dogs lie and let corporations run free over people instead of the government? But I cannot speak for people, and I would prefer it next time I respond to a message that the response is not a list of those "words put into my mouth," as this discussion turned out to be. You may call me names, you may ignore me, but the fact is the subject remains as it is. The matter has not been closed. -Alex Reynolds ---------------------- Paranoid ranter supreme, eight-ball and nine-ball specialist, and part-time anarchist and computer lab proctor. ---------------------- Chrome at jhunix,jhuvms.hcf.jhu.edu From frissell at panix.com Mon Oct 25 10:29:21 1993 From: frissell at panix.com (Duncan Frissell) Date: Mon, 25 Oct 93 10:29:21 PDT Subject: Net Regulation Message-ID: <199310251724.AA09315@panix.com> B >Let me illustrate by taking myself as an example. I'm reasonably B >well connected networkwise and knowledgeable. I could decide to B >become one of these Permanent Tourists. But where would I go? B > B >What will be my concerns? Obviously, money will be one of them. B >But so also will be climate, people, activities I might not be B >willing to do without, and on and on. Furthermore, other B >governments are, almost without exception, more repressive than B >the one I have. The rest of the world has as wide (or wider) a range of climates as the US. The people you will be interacting with are the same people as you do now on the nets. I know some people have problems with expatting (to coining a term) themselves because of homesickness. Harry Browne couldn't adjust to Switzerland and so moved to Walnut Creek, CA. Not everyone is like that though. And the nets means that you can take your surroundings with you. Particularly once we get a VR interface. Besides, the nets mean that you will be able to *virtually* expat yourself and remain physically in the US if you like while working "overseas." B >than I am now. So I think that most Permanent Tourists would B >likely stay right where they are, more or less. Certainly they'd B >stay in the developed world, where most governments are willing to B >cooperate to some extent in the attempt to collect revenues. Few governments tax the overseas earnings of their own expats. Any Brit who expats himself physically and works via the nets would have *no* UK tax liability to be busted for. If this Brit was physically remaining temporarily in different countries as a Permanent Tourist (even the US) and working on the nets, he would have *no* income tax liability. Just as if I spend 6 months in France "on vacation" while I write my latest novel and negotiate the screen rights to my previous novels over the phone, I may have "earned" $2 million in France but would have *no* French tax liability as well as no right to work in France. That sort of activity is not considered "work in France." The nets mean that more and more people (musicians, surgeons, lawyers etc.) will be able to work as writers have always done -- from anywhere, to anywhere. No tax consequences. B >It is a sad fact that governments collectively possess the means B >to physically regulate all of the desirable real-estate and most B >are more willing than ours to use physical force to pursue their B >ends. So Permanent Tourist or not, one can't really escape them. Governments are more likely to (as indeed they have already done) offer PTs special treatment to encourage them to hang their hat for a temporary basis. This is sort of a reverse auction in which governments offer lower and lower taxes to snag the PTs who can go anywhere. For example, you can't legally have a secret securities account or buy treasury bonds anonymously in the US but foreigners can. A bank can acquire and hold T-Bonds for anonymous foreigners as long as it swears they are not Americans. The Feds did this because they *need* anonymous foreign buyers for their debt instruments. Why don't the Feds nuke any banks that try this. They have the bomb after all? Why, instead, do they explicitly allow this loophole by regulation? They need the money. B >Sooner or later, of course, this won't matter but, as I've said, B >at least for the short term, it _does_. There are already hundreds of thousands of American PTs living overseas. That was done under *old* technology. 61% of expat Americans don't file federal income tax forms even though they are required to do so whether or not they fall under the $70K exemption for overseas earned income. B >Not this year or even the next. But what happens when the B >printing-press equivalents cease to stave off bankruptcy? The Government of the USSR went out of business. B >Lots. Because people never do seem to learn the lessons of B >history, sigh. Not, mind you, that I think they'd "win" for long. B >They, too, prefer to ignore history. But while they're attempting B >to prevent the working of the laws of nature, a lot of people B >will suffer. *More* will suffer if we don't pay attention to this B >reality. I try and pay attention. I just think that some over-romanticize the state by investing it with magic powers that it doesn't have. Depending on your exact place of residence, you are more likely to be mugged by private parties than by the state. The technology doesn't strengthen the state, it weakens it. Duncan Frissell --- WinQwk 2.0b#1165 From arthurc at crl.com Mon Oct 25 10:54:07 1993 From: arthurc at crl.com (Arthur Chandler) Date: Mon, 25 Oct 93 10:54:07 PDT Subject: Stupid childish crap cluttering the list In-Reply-To: <9310251555.AA13635@vangogh.VIS.ColoState.EDU> Message-ID: Cheers for this note of sanity and compassion -- also proposed by Hal Finney. Why can't we just discuss the pros and cons of the spoofing/pseudonymity issue without flaming someone who feels very passionately about the issue? The very vehemence of the discussion clearly indicates that LD hit some nerves, and that fact alone should alert us to try to consider the matter -- and post our replies -- dispassionately. Or, if passion there must be, direct it to the issues, and not the people who disagree with us. From shipley at merde.dis.org Mon Oct 25 11:34:36 1993 From: shipley at merde.dis.org (Peter shipley) Date: Mon, 25 Oct 93 11:34:36 PDT Subject: No Subject Message-ID: <9310251827.AA14837@merde.dis.org> ------- Forwarded Message Return-Path: tpc-rp-request at aarnet.edu.au Return-Path: Message-Id: <9310251638.AA17387 at skigo.graphics.cornell.edu> To: tpc-rp at aarnet.edu.au Subject: Re: My first hole-punching! In-Reply-To: Your message of "Sun, 24 Oct 93 22:13:01 PDT." <9310250513.AA03502 at antigone.com> Date: Mon, 25 Oct 93 12:38:23 -0400 From: Mitch Collinsworth X-Mts: smtp X-Ploder: dailim Precedence: bulk >Anonymous sending throws a new twist on the tpc guidelines which >allow me to lock out a sender... Yes, I think so. I've been thinking about setting up a server, but I think it would only make sense to lock out all *@anon.penet.fi and similar sources. - -Mitch ------- End of Forwarded Message From edgar at spectrx.saigon.com Mon Oct 25 11:34:37 1993 From: edgar at spectrx.saigon.com (Edgar W. Swank) Date: Mon, 25 Oct 93 11:34:37 PDT Subject: TEMPEST Info Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I received several requests for my text file on TEMPEST, which I offered to send to Victor Borisov. I have sent a copy directly to Victor; but rather than try to send copies to all who requested it, I'm going to post it to the list. To save bandwidth, I'll use PGP (compressed) armored form. So you'll know it's from me, I'll sign it, but it won't be encrypted. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMp50t4nNf3ah8DHAQHKzAP+PJ3MlVP3sbRoOCAE8d8Y38slqdicjKfg ECtCp7V/Lb+cdONSLY6AOPczBUd5lJf02wrwlaZVbGUjEEGmXTqwOpKCmg5P6/v5 r/G3q3JM4Bfd3QvGiVzSrcPNChmGwvUp9vm7sjhiS7WpaYx6UW3KnxPFeclbbo1A QtadRkICHMg= =nXsK -----END PGP SIGNATURE----- -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From edgar at spectrx.saigon.com Mon Oct 25 11:39:11 1993 From: edgar at spectrx.saigon.com (Edgar W. Swank) Date: Mon, 25 Oct 93 11:39:11 PDT Subject: TEMPEST File 2/2 Message-ID: <2XLXBc12w165w@spectrx.saigon.com> -----BEGIN PGP MESSAGE, PART 02/02----- 8BjkPHX7ub1KiXcnZxTJg9HEWCUhLHUegDQdo4TQyb1iwHp9ig6KThHNslDNZPRp E9Jnuu9WVH6jmMDJxj2ekMYSgqVWhuaiFSpNozlflsYMrMEZpt4vynDe4trCdXz8 sSUnyv+XvNwqLuZedBzRBROVwaT6CzDjEExu8lqnh0ANGS/a5sXrqh7sZA1eQnQS iii/W+atQrPYAHICkR5EVSnbBQYq5yT34u8/hASCAT3qL1ki1gmJOIde0sWXppY9 YDQ/CGqLLF1m1hWQdBWVwY2fgZhbmy4gojacybe84tSZvzadyhCfo7PTBsQPdBh3 DGLprBHv5wc2ID/npmzXMzZqy1cVJLpj2e8JFLNr7QxUjzWoUEEPQm/enyw3tLV1 0jXuQMFBxIFzkCzxszizmISUqKSCu04Uw3bV7K8zBE0sIupYrdev+3Z9G54L+dgo IUvqvKFno0kLCMo90PK0hE2S+MmCWpC2Yd+POqg8yeJ/nBuiNBxJ1DyoJ4JwixL8 FwH58ZEzWAiKBBXhJhx9LHJabNIfk3tAcafwezPxKbXVE6kUOIu8bXGLvcvd5Hon JWUVBDt85fXvcrQDc46rSTuiAsSAx5GrgMd5CMBvMqR+Nl6Oh4QkrImFmG/mfgxI Vi1FGr1ntUxLgOGTl68C0j2+aTcbc3Z2aPYmZ6/ORub3CzSZZry/t06WCYZIZsG+ iv2CqZsVlf2yibWAsp0X6Be0DpINdTE9RX8MLPXvtlTFEBfbtFm6P+Ln6OBpVkYQ Qw5mzxUexp3l9KU7wAu3/W7/Ae5ZV/rOlKruh6ouZMBj0RvcnfQ3c3JyjJfeGPPq 8EwXYwgAXMGxBhfDWpJM4UafCPsLvDZDiZj3xlz7i9ltv8LsfpvX2DYzZJ2Ou+5X bcbm8/hmvLMw1jUvJ4fhbR6l5nRytrPqG0NY+S+ME3NLV2wEeC0rhrsPjnlyyIDw zebV5FiWnOzvbQSotHXervf3PpGDLRGLT8lGjBqi8NdOBwzKXhTBnXzoWZa6UR4t xRgC2i7FlItQ2jrLtjjS7Ziw7PL65uPVyNz+dmlu/nWDyjXm4zvz7vry8uLjB/7V XP7z0/Xlzc3045Uc4nD/TcDNEjvcf8m2D1T9b8Ahy60y4Xd1lqUkZZIvV+eqoKIE VTLD7R4d+4v97fP19MPl7fX0LRLpb2MzkQs+Pdrfc12NGKpx+HLZFs44YjeKYtb0 G5HnFRjIJPnWOR7Zt3nG0mQjoW62zdfklCC2aTBP0BhKKwB3ih9i+BtF+A+UK7Mi Rbqj/lfK37Qr9W0psio4N5CBnJFbGbeKP53I7IXot8vr6e35r5d4x8fPVxfnt7gI f7Hry08fr29vzN7fEhoCk5ORQche7fempvkFiYtYX2Ut8qZAGYDP5cBYQo8D4C1z NW6on3SoIevNySszvboYm/djdz3Rw5FzUYieQGFP8E2FESE3gMmM20AAf8U232cP OOdboJ6LbF3N64TT7e9Ztgnb9rwGBxmZo5fgyh/fT9/+C0f/x/TydzN5pWlyvL+H XVS1UMwUy1RlTmOA35wHqrQk0Tqv66p2hP2yXEpnVp12/3tksnIyVWh79gZn55E2 1nftQM2O9NsAmuVbrVKiEos35onv7/QrE+MxnEGYdfxqnccDLZCIrOuLVy7wijy6 rt5XkDGkVS2Vk4g9tBSnwBMwPcg6xIl66NTpHr1hFNFxJ17HpH1eoezxLhsrJnPv P88eO8mG21QwvmvEJRiUtTUwEvAntMois8jRX7cLigdQnhaO8PK2XAAPlSmyu0L/ FsLFIvFc6SF1Q7XSIIV6UtilRQF0mJVVu1yZH92PC0a+bbJi8QTfVTU099AaTr4B 6s94ji7g389ZT6zobDePS3NRT68bgIPB3kUYMOcq02pauejY8Fi42ezQBY+vCcei +Okq2hO7XQcKpvWwzk2K2SmhnkElI6HLed2qdJaws/cwd/zl+PjrIOPcVk5SiASE IEL97v1Dck+rihtrxJtTuddZCVazjaqa4ug8KcWAy9S+BUslWyYzTBa2DESy7ulX HmJwW6F8DXIl3pTGySrt/g3K/QX7sX7UQ1LaFoLI54vHXn/vs0xcNAbPyu6hRGRb Imp3JA9wNyO/bvSulGiIgDjPNnIzQ4oAehxPI/p0UFiW6ssJFWU5ahx0q7KK01GL Wp030/XnnuUbZFmLqwi7eVsGPrQviO8U9CWO5jRSC4wKnr96KHEpq3wjlfhdqbVP M9tANING0lEZOtOJsOrDiYHNJA/X8V70XIpYTVN7B+LdjqQ+KFmnCHPzvFPwn+KJ Ej9mbZkxr0Cc2aFmj05rF9dw2q8YNgY2s1XFXLU1y69YIZ4RCl5VaYLhI3wyJEU3 Dk6JoiHL29U7Z1O6tL5F1wrigxf2joXfJvjpL2wQvWCipbCqil3DwS0RbH4RBNa6 Wkg7PDJX3im2aOjPqEPqBUZ8qX5fO9k2xQmIkhRMM+Uukm1C40KdD8bwHCsBiZ18 OT75atWksNE2ifJX5ggIcl42IneUj1XJMpHehs1Voi06owfhJyh+Ik++HL/4KheY eE41N7kQh7AzhUEYEq4zCzX0H1FCjseqP4AuJBQnrW/VmUUi81KILrdMUalCxyou 6jagJZelXIvU3PlSpJy9i8vzfU3Ttp6vaMXsgqjucIPlK2nEAY+ltLnyK9bx68Pi lXs2T9omiMRDlhRb0Bdg55ZyWFHVaUPhJ5UPCa7Uvul7Stgrh3cWxfIEWz23qSJn tjzOgQirepuk3aqUqeqdHbph1/GroM5IBjn7q6AaLDQUlzd3wlGT1TuSYc41iC63 ner+3Xo4kPT3st8l/8i8rwh78m2Rxad/gdM/+2QT2qRY4RkJOdUg/oPouqHTwShj F0E75PAJ3ZZCMD4OnBAhCbjvj67FZC2bPFUujKxQm5T1/jTH6aReT6uj9FZUotqK 9Bb1C00/DL8In6XKQ7SnuVI2elpt06KhckpK3adyE+gIg44g5qOzjzLv1zN1S+kQ 2pWRRvWX45dfWaBh0JaIb8b3KBBXCXO+BV579VWrSOxuZEuaNVbJNyztyPLUlepH S5K4DonRnbs7ixb6ts7daQCiUQVwgv9k4zMUv8iQXaSiWSFJx8M1MXfXGHyz7T8F lab7xsJKLHqVfaLFsCsj4Kvc7jscVaG/ufFzdZhTCBnsAoY73DI4AAi5JhAv066j HT70HNJkjfQTOuelWCfvhhv4cnzKS7oebOVz8jgf9ckC/qI5PUXEZpGVTYbFzriY pf5/cSj4pbmHm5WykixnmCuBBP4zuZp6fXQj+CTit7vcfULaedGKxyWerKdZ4eEK 7ZZ/TWaVuIERhupaAL1Clpcswd/PO8jA94k0reOYCeu2EODRRs7ht0Zb+u4lf6Ez 4rPJ3vF+1BNfsid2ef3MtkNclJ8zREPaI0dacIkZKqZnv/G5ZxpJINeDg53d7SX7 fbB5P2K18GBsv0Vh98yAyCPd5DGhXG9j3Yv7s8wbU0xnZEXF7rtKioXpImdPFbYl +VnrZeDL5DNNO2vsXvaO9nnV99kb88X7tfweyQwSsbvYMxkuX+MuoSGY7Qd72cty JXdJQRyGff+7ygXLVHL5bGJrQeTb1c5imur2LvatQFQVjWvRkmNWs3XDfSjT5EfI T95oCFQBcjfyZvgoc+82Wf/2e3KxedlRtlX2qALLjCI1m3qd/dlt9pcJkBdcDjIm WdbJZiXZJFezG5fa7JFbgonKhHPS1zZfcxcyJmSzuAfudl8irSk5tLPKniU6CgIM Bk24lyxkFMrKTTWMmORHrsJSdvDvHAhA2qbd1MJR/abyE1ox9s5iko/0JFFC83nS DGMlM9QS2A1e7McQ6dXYmKehlTEnoxfxV04VU0bYJ9cUxAb/bTtXMEvMKiPBQp0m 4TiyjWg8HkukBEZRHeTM1WHFLymbkGzem+wzDfmFWKWIMFNmbAsjULFyiVVl5TJN NSMUcKQtWow7c76WAlSA5FUloi1pSLIgb0ry1DRoOYWAKmYtcGgam0AsNAxBHQcO EmYeeOJpBPxwdKREOtxsX05PTBzhQxqtTKPrR0oiwJXDUR/0VQ3Lj+aQHStHx3FO nI31TfnWi0biZr8TBe5VFXZ3512/v5jsWHgQmWRpg694QyIvlStCnPS8vJ63a5pz cxERYwRqsQtzCCyptrqiAy1cgy8MI9SJa3kAHFB4zTA9+W6w7BAeBv/zCg1AiB+i w9b1SB2ubplFIhuqXMgL7QC4Mw8GSYSwGqRhuw1YuAZQ1d+35D2A49KAdkTeZYkv p5kyonvpMQKkxDnTRhYIqXrpFBoDgJxZa0PSsqweHCuhUCBhxi1wQvX09k80MyEK +Tqh9phnIBTe4eRsg3j52mHjpocajoX0OBr4j7V7L6Ms8kW4Ryns3FE0+ZLkJbNk 0RZO2BGc0LW+nXYilR9lWl4U+RwRtIVozDsbn14uin0a25pYAbjwthDJFogh2yYg SFi7GVtiJZQPN1FU1V0YVo5BxdDoWsiYap3PTWZNGVqCHFQb4hKWHDWWuSX8YbrM K/IfgW/9uTwqwT3wkV6SnTEnRNeO12lUCE0KjML+S4OkeOxzszA+zDHhtmaXAT+o HP6X0g7Hd5BVRcudMjSbgmb0dvWA5yJlRt54wNHQaTfUNwdTNW4iXhexF4AEBF67 s/MqCiFHJwUIjXBO1alRftSlOYX3INV5pHU0rO6ybGNxZighW4AummjnwwoftT7D LNhPklabbe8cBnaQH1XURVsUB8J46nYt0YwsYIR8hnt1VxYbWj5N70Epjx9R7Vzj 6rPWoB63q1pNQERsw/MPyYDu2qWXfqTZxbm7Tu5cO11TH5LcZYRdw9uZJl368NIe uN8ld16hqHNhsEGXHbIknvr5x3T6A89eZyQaGTWj2Hm0PxeVguk52m6OMsr/yKJN 4aEPrFQ+YbX0IXda54RWHxDTyOIpHFLmEKUcku+RXF9SoLGnwXBDr8uWSfFGSUpb 17w59WD4hRTVypwcOILYsFdyQrSBaTcZ2bGQijg8ZVfB6LfZfFVWRbUMXm1TO19z jOAlvG65KCNkFbxkLQmVpS0L1HmzO16LtQZVQ7BxGdv8ySNPQQ71kHQ4Nmxw6vVI pQs7sYJ7smHS1twjk3sOtKrSv8h02RyBDruFGikiF3mP863OAnocD6bRe2pxhYLZ zmIU4y0rk/nWObcWb0nzClorKWZdlRg4Xpu1EJF2qXBhlCUaAYUUoKMOAwXr9Pap JVn2SOx9RAtDPV6KdhqsE0ee/abzsjwra91kxb0kOYIuul/U77oRt9YLcbIVAyI3 IFCKUiaSTprFirBo3YZKs4clcAi1VwdTe+dwvo/dtWST3KMBuc3FWKJzyTQ/x7Zk XI2ZWaJ+Hc5eWL0fPaEMhJ4lgH1d8rWctAltFlFgbYttwhArxROJNNqPi7Uv5AlI saRN+HxXpNxKWoE2D8XmUyCrRn2oj5JLXna5WQSDifBs33FRwc6QX9Z32iRYn5g9 2crsYAo2OQ2rAPdlTb4szcAu/MtSEU6xix0kSPsndGK7KdNbtmkmar00Ye2Rbcmy sX5EUDTA89g9SqcFjObOVamWubnuYL4EN+Nt4Ozv0f1jXGOtXZdcecFBZsTqETOx Yl/TaiA0rTaVTA+zix/bEpvv2Av+A3qZr0Z+Figu7ONlgctwDr6Rl0j59wmobXmb idkz8u5FZa4nnZk+TErAZLMH3W4ttHFFZGtoIB/9lrnO67pS7mUd3ufNIPbz1xEY 2Ne067RjOsJySK4XKfpDVq7iYBkeckUzYUKEOVTlrYiwVHdLIWbvqfjrUCF2Nalq oFMevKaJJB6z2/Y8v4mVQJGFfLSkieWTRBlvPpEdor/+CNOpqASpA1U7tvSfrjMy ni3g+aVhMf8Zf0A2/L//Pz8///QOzfC1af7IZnXyH2V1j+L7NuafY6CP/3hMyuzO 7P1L/vggVARH3f/5pxvV5F6b6dW7j6+7nXv3elu9RoySdIzf/cf8cYMut2nLO3yC vMxem98zYLbJS3ORzc3ZkTk6fH18/HpyaC4vbn/+6Z8HH3BbWf3aXBZr8wV1KG3q aDwxn95PvrK63mMALNE4zfU75LzNUax+cnhofs0BuH8VceiX4j5FvH4tCEpxQ79l +Iy0cPrevDycHJ9xrbcV5gxP83vyWGb2oD//9Orw9OD48NXBq6PDQ0Tq/J+vTfer F68m/Oaz97fPzE1WczjdrPJMM/jmsdkCsotZJXWAtoeMLKXi11XaFmBTWbfp0c8/ 9Y1ojs4H2q0Acg5IgGHVP+pNXuTgfV5vMQBRc4KHmm4D6HHYE0ajdXUb3dAik8EC BPANSSij5qJqudilAKh8zsV+/mnaVHSmU9V96lb7B2tpnXzL1yBUyXabla0zNc9R Fv4eUWXkX1iJ7dGOg2Wb1Al6nXSYc/QGa2Vx5qnU1h9OmIn+74YVldmQNuY/Ge37 fM6rvsjvx4yoaDL//Zt5lwgeflvVGyyAuz1DKqCprJP6zlzU4xHgeTY+OZwwB4si QRbc/tO8enF0chhkwTUw4m9Z0VSbn386mpwcnOHCz45OT20O8FcvX54dnE1eyvdc 8qPVArAzt3Y3qzHB5j5wrAEG//e0THG5vCSzyOs1joNgzzFwKNJREbOoXCSzHrx0 DM+ScNfc0WK/NPkcpeFh4Z7UVsiKNyqDCEOr53zx5Yfpf1+/m47QwrBzgr11LoAA u9nY0+Cyfs86gcqdtdFzKUJpsX69HWlLRh7UjxsZsYjXeDq+GZ+PeTU6z6feWW7c Wc4FiEj632xbSmugczlJB0ZZyfH680/oPFtemnzz/9qzut40jij6Hin/YZqHAtVC gRiDbSkSSdwY16aWsVv1qRnYAWMvu2Rn10B+fc+9M7PsYOqHKH6oWiwhDDuf9+uc c02pDVi242nzJVhTSONUNil5z4CKa+y42pUkBv6B4N1FEs9Qc0Og5WtKEDf5WoVJ IIa3otU86nU9h7iQabrBGe7g0UewfqdLSeGAHxr1f6kMxehscHrx8fSjqGaL2j8t XGgmksDUl1yJFU40IZhh6h419Cy+KOxI4qnKYEzqbaWkylOkVGG6WgBHSfGY1mUC pPSSFp2pwAARI7vQrXOTeHfaXeGDgikGcClvLaAOCyWyhK1iUoJR5biTPEHEJakR YQjKrzAupiTE+U6R3bDSdD5GHocpqcXA3RLrTXWbJZyqA5cpgS+TCIEu5AT5DSmr lHtev2Iah4PhaRiuGb63R3AZMLAdDxWx3pAZsgV+H3J605lmCvjmDvxJkau9Ya0+ 5DTq4guLbnMrCn+pXbKcE7HlOco2cOk8oCJg2nI5N5VhDe4/kuoMnwLDdonQZHyi L9aZnXdbjfgOhQuHdAeelqKfEFFmorvkYytJCRhfRfmMQh1D5YMW2NrkITIJRE2n 5nwRSU+3cTQHoDHWwy0AvKnM2A9Ws83LzdJUiYKLz/KMkSIBRvybJslCBwYuTyO1 JuwfoPih6q649r5+5WwDI2Oj+ZKUu2JXmj1vSQGDLQ3BxpaKk1WWJJHTElRI6IHd GxEcc0cW68HCuNaoFP83KDlaTrx0g9ofU45ot0QpCfcfqerckpYqRrA/iuI1LiZF SjgXze5Bp+elhN8aBBMexJlk/I94bTdbSAxv661Wh8sCao2Kti6+WapyjXSdOU0U ppB/yQtXpu9QICxiEXG+GJsgFs/UQ08ms2FcHjn6cUS3VEUBq4ltUdsO6sODArEf WW2Fh4WNe8LE5dHUkOGW0xZdwLdds46KMLxpT14sz/GBAeQG7MXPqycmOAiFz1hn ThViUhK00uKkXqv5pz+/+uP7YGSHVi+JMbZ7Dq22Wsed7vHBkbgitOph6PtlhDSZ Nc6XUWMotWx8Sh5/WAF9Zveieo6AS3GGK9RUfFN7DiYXDrAHXJfPOjCXDpJB2TF8 KnX8rig1T/DEsaWWXNnLc4zkVH2OKwbBGmpsp4XltNwYgxufpQWaYiknMGeww983 ZlCYxNSqnTGAuU/Gjae+OQUuU9z4gAEZ77StPYX+AqTIOZW3a/fmbZf3Wcrx1jk4 V2jH5eepO6pRPz2yifWjZKWPy9+9q3/7y5unRAVOXYaNqUzjSPDr08/DyhYwXNe8 sVVUh/C96G+LnP/7X9/+8ubBPrCNg6bIFqL8ajUrYg06Ru+9irhGOn+R9c1av559 Nate2g+i03QfweTsx9ans68vYyh6A2yw/3cP3S+dt8VDna79cNj+fhfxgiY9fGJS suO6ePsvWXT4881Pznrd4qFu291L919h0d7/Fi0s+q7Xcr9s4xZgpvjwMhYdxMwJ uKhSSUTZEjPk9FSyXK4MeJdWsCGYPtdZ8AQiORotRbuDEjpTIATJQwRchHk9sYWb EsQR9QmTBg9oAdcxel/PGXzuUB7CeACuVLTnpHNze5Cro1z4/TrG4zzVlLAqsPcs SYikkLZgEbiZudCswQoyYlF+4Wc0SADcbWGhSMKiRYejvjjs1A+5NoMEGaY79yYo U0YzXmqngkvmSYZ+7cER5UMzmQICuqdGmqEyoBLmJIEBGYQ3WPvw7sERDjGLckOb DXKSvk1IRWFK+ziHBXYPobN8OhUR7KnN4pskJ3kfQCVMCDf11vgDP1osiAFK3Dnw cpKn2lP3+6xLDUQ4D7kRY3Edt4ZJcSHHIm/JPJI7hokHXudwIVi0n2dGtaamHSnj UT2Z1mU9wsyTO8WHZvON881OO6aAnUUr0NEUba5orDTfBm6v0WjQaYH7Kh6udBAy pV4FERwpQrmI2TNnjNv3mBSBlhJYmutjQeCVekZ7m8buRVqOuLRiDrD0sw8XQg9u /88EDM7KPc8MqR61jmqCRZ8DEn3+Bg== =iTWO -----END PGP MESSAGE, PART 02/02----- -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From edgar at spectrx.saigon.com Mon Oct 25 11:44:13 1993 From: edgar at spectrx.saigon.com (Edgar W. Swank) Date: Mon, 25 Oct 93 11:44:13 PDT Subject: TEMPEST File 1/2 Message-ID: <6wLXBc11w165w@spectrx.saigon.com> -----BEGIN PGP MESSAGE, PART 01/02----- Version: 2.3a owGsWV2IJFlW3lH2ZWQeBNE3vbayU41Zaf9M/9nOYG11dneNXVVNVrXtUJTLzYib mTEdETe8N6Kyc8AHlxVRBGVZBweERfEHBEH0UYVVlGUWQUWUxdUFUfBJ8MUXYVm/ c86NyLiZ2T0zYM0PVZkR957f73znnF/61K9/x6dfGXztvXvffP3Gt/75F7/y1Vde +f73v/Pbe//6N7/2e//42bOv/mX5hUu//cqP/OZf/NfvfGP4zSvf/f6v/MKf/MOX Jj/8+fEPfv2Pf0h/8MGfpT/6V/c/+I23vvanX/7iz7z7rduHP/BHX//ct3/5P773 GzeH33PlX2aX/3ry8K0//9Kb3/e399VbP3fn97/4v//0xjv/9ubd/3z/v3ceffrL T9WvXn/953/rp/9+/OFrf/c/v/v5R19ovrL88MM//Pc/qL+rNkVlfD2sn9efws/+ 3GW+ttXcOHVi8qw0r72avOt/Ilm4Zsj/M2nT+2iS1aWpX3v1tVd3ksvq6p07V1T/ iLeH3Slv/n/+vPbqj5/U2tXqscvKWr1tJ2/hoyOzUI/1zOB39RE/I31hfOpsVWXl TB2XL3mjnhs1yk1SO1voGbTNEjUqdKnrzJb+o66yU3Uvm2W1ztXoZ5usKkxZ/9hH yneKOx/phafX93FVqgcve2dUznJdpor+I3GflFltUgUT1caTc156VeaVSm3SkGiK /tDK2WY2f+lrqdPTetiXFz+PzEznL33tBHYks+ESR6/YC+MuMrPww5cLqebKqCX9 ulCZyvEP/UyUeelrPpuV2TRLdFnnS2WeVzAQ7KKy8qWvkQlL87xWEM5D2uEWEz41 OAVPwl6JbcraLQfdBzNTGsfhMWA1d3fVZLlxQoq0y8qlwpOUKvVclyqZ2yzhF0iG ha6TObyiLB28qepC5zmHyMK6PFVTZ0xqi+HZ1fOPToDoZ/exMz5LDafSvFT3I2/8 pClLky5jI3xu20/8yFWExxMYPM9gRzK7r4xJ5pwTanWjXIk7u5sG6h4001Fu7Wd1 9p5B4OzD2kmWq50jezFU164NgDo3r19W12/sXr/JnvooHDgoxcOIvRwv335joB4Y 62ZGHbuFyXM1tc7UFhbVatrUjYssv4CzyPdpdpGljYYD5jrFYRReCG52O6tYuexC J0s1MYluvFn3oKfkVIUtbWVzqCaZW8NApc3tbMlW8tUS+DSUBJtRspSUpZE8FCTh bR2SC69mtVe+mbwLkTwiwxZqkrl6rmqLwEPE4cwj2z/HloYiGVpXzkKMWs2zwpt8 2imA89yFyeCZEjFKWMORb9xupFf/oZ46C02ZgkSxeQ5xJ0uWeKXTJgAwMpWQhUyb wydeUjMnlGH7Nawq3NS/tH9O737lGjNtcuCAelbaBXwEgdTp6PDx6OT07No5Y9kT T+Wg/fRFJ5EQiACESSHuzug0pLJKA9Sn5oLyWBWa/N8/JyODJaYifGYbKmdgFl+7 JqkFm+AipWBwSCvP53kGSIk1W2T13Da1yGIrxpsLWArmREBekBo4J7EFvi6Nxocw JkrmzMSWPo2DjuDfIE+TTJOpghRZ2eochCel7TTWa2UO+MY60WVlEohSNXgdF1hH H/sq10s8ZSMwbh+DUK7ISuTXtsAwJBn5PnhKSaQohAAHRwPYcRIsoYquZV+okKFE nl0/H4hYoZJyMEjhhTU9Q1dClUTxgZHALmM5s/fI5q08JuIXk9ZRLE1qkfbAkDrK v3nGMkfpE/KrMBofI/y5RsCtlYOfCTq3BGr/gCGDXZ8SBIUBD+zq1l5T0l2XsUNb hFN0JWLnGRVsM51SCUeoddnfiYcjZjpDLEcBFiyyJpfQjtzo1NPxJCLSAH5zTUF6 QrksOgePi6wsbB9/OYtiMGGJs/JCpxu428IyYsJS4fXsncgQ/cNJNtLc16aK/M5u EKDEMZlrD94errpBujoUagJYlWfPyP2wyWwGFiD6coB4mzecQ3FwMK1QPQuxPSCU 09lsXkPqhXZpoGMH/VSMs+tjVO1rw5XP6BJN2JY4Wy4Lsc6p06XPyMjrrFg9bnIf GbvjyRR3ZRpkZN/78IHyhiqU5eI0p6RGmgF9FNPCqEJNt0WycCOlC4pGfsisieV0 mrEQsUVhct0CNeG0KZAULawSDOGIjOsBnR/BPSVPHFM2Md5LqY6sx1dMwVs4Y1qd 7+Lj9urFPEvmMQLyVSEt+pbC7w6HOcJWfAlcaq/aN64GPJl0e/RF/YDq5wmBG84E mvKRECoB8fLZdLmeN20MSBCI8J7rVCrZsKoOoUKu+eFF1YIqeGnL3Q1dulvIqPet C1lAjGAQu9IQO+lE6vAgKtoTQwjLXxRUPsHzFBLcrtXnzsDBwq2J70o1Y2/BR9qb Qc/T7CLPtomw74WpwpmiTvpgf9oJu92J64Hfd6O40IsfHAwP+WCQWme5j7WbIZD6 hUpoXIlOpDGc7CDCumQ+CqhHVjKNQACz/SNToYR7Q7Wvc2NEAvSEEimTJpHcZ57r ospN8M3RyV5ctpIE7QuuhZn9vKlrZmIpMTUky1ONvx7hSPAc6zKIihroofpWmNsM JdP23oqYZxvjfEUoPTW+FDq5TtSla5He2oE7m1Le4wLgTQK6IqfgSZQKxyBCtr4w oAXlLEpuuTljPTtjwURnCZxLsIMXztcazutdvTwiNizBS3SHXJCI4+d2sdIbESAh woU7VuepdojKWo3JJM6wTYQubUPXfaKmWd0EKSFAFOAsCeBQ5PB8Qv8VwLh5nuSN DxFCnRV6ciUxo+Pg5C6FTtgi4ksau1CF2SdtcW816sjHXArvhDk5SAE3y3nUlOsL ZIue5OZuL7G3RlDvNGYNLzyHYibkk0yLVGWRM96vhK2j0hLFXU9mJ5ZIOXqJRUb8 o+VL289B0NI0h/DCpj2CTZHrsnpJglDj2GEnp6fw64+ZVMOPmDGpg6E6ODodPXp0 8GB0tD9SD/ZOH47GB0cPNl474Y6XSh1zMOkUoeiUrMYhIx1SvQCL1tSYLCvjo4na vCmItEStE/6c8ZyFLb/z8Mkh5LmsQrEIlapcL1K991dv74we0bvIhr3QkJa6IEoN cFsOlBwdg26eMTsmoOqk63o2P2jF4IPjF7a2oFmCvFq9T3kZZhqVBpsUCRR33AxL No8QoDDgOKkU8oS6cUmevrrDszfOlZSdcFp3XZT+EqHgxsTLYQDUC0pcyIHHoZid eOOI+cC6tgpqLoyuYs0KVDKKI392gxqxHN2EqozlYiH9sMzZyimNjJIW2czzmiI3 ShqTOPDJQbhKCnMHB4GXSG+WVWc3SUmCfKQa0jJiFXEHF1imTZKmgoZbmlIOhh7f IGaFuJ2hTIEiDaiB8s98SFUburs8jUcw+VLyHdajXG4TnmOGQF6TLSfGlNKPlTJA VWvjxUIn4DocGCfEy4TmyXtcm7qxkjq0MAx17JqdX79oegKQs2hdxY1kUnGiX7mO PALRg8fTuErgzhmXTkdog1aaCwK7hlG/+xKFpNbsYe51ld6S2JBehVEVjzvgvYrb KXBUQrc88/NhiF7y2rReQ7J22N1yxQ1XU6jR7DeANrcHJRXYmCuuvLQCEKoGbblG Y4y3W928nhqg7XSTSIleXYYNwDItMVqOB3SxNhcbh3GShHGV62SNXATyQjmT1dRC tYjS49GBSHBA5IHmblB9D8KXwg3cJYczONBaaOnNNFkQEY+s+Qm7zTcgU3voKkhD VzFpZ20b1BcFNDEbco/NRWifSdNLpzzG58aMqhyPZC3VPCoBXAzjChH3dLqqtCOt PkMDNJMy4YLxp43jeX3jZvhwdxeZDw7EaQ2qQuMPdnERZxJ6iZQauIE8ubSNemZM JerB3Tn1oDWFCYwgIEa/EV3IQCUiuCEurZqKmmp6MEHRQSeRkKLwdGW4E0FlPLQo BmpEXRmoBrHELez2GZqiAacB93ULgm8eHw/40SUvMGShQQNBambhAsIzME5KvyjR aXqOeKApPtlt1UJrNdUXIO8ThnTvGzO8RPsiVpnEkgl8TFQ9UGxWQ8+dt5t8qK7d HKirt27durxGN27A25eGQ1AMII2fK7ZuO7chEZedHVGYyEEwDp5x+HhBZap/GMUc +opUKL5rPEKHahnjAOUKhyBC9MDzyk2aQkAY35rotWEmV6yBvGknNREW1Op+1LVJ OypNsXydY7tuQlfzmf5hZVNMaFxFIbegICLX8eunhMq+c1cofvyMetCg4ZPvIsih SiJrpszRHMnA0nP4TNYbsBecTC46SNesfXPYbU+zSkYcpdorZ7ndPdHPSeqFdWmQ gbtpMZxEOqwRIRa8A5yfkbUZhUPm92acjm3GVWKKEKQnk5zgkQE/0omK+OuUfij3 bV/FVaCr+BySQisvaTBsk9eymmIQ21zz8FYk1Jp5Rn0D3YoCQyGQUADwEs9Q3eZx +6psrBfAMENnIcmw6ulQHR6PxwcnsPph+zvsFj68d7B/enB8tDd+Rx3fj/LieHxP 7R3dU48fjvdORup4fPDg4OiE9mC31c7VO22CbO+WChQp6qCp0LXY3k5OQnlZlTUk gxYWQCO5WKW5FcAu4VryESdMuyjQjlFkxTO4FguHjrlBDMFtgQsDNRGBAix+jFZt rh6s1eK5rpiQw8I8jaHUKLKc25qFBkpKXw6BBdDpe/QxMQfjozPmwBsUT6xFWuuQ jd0UGfB+AeiEtX2/UtIAPqIeWugLsVmNpqxmYmuec0C1lFCZYkIdMOCcvwWjscu1 Ui/bQ0qxefsWFyfrEh4tIBhnGW+BmkrwhZetoAVmfaYq1LqodO0yW8t6RnRaEfp4 VqE+u6T9Yv8cRll09Q3Bj+Z5gJWtbz/E1M6kmV2m8VlJ1XRGQ9GmiuxTLvuX3e0a 0maSodus4VsV7iHZcZxvUzqezs85ikATMu4ixF4SARKhkyxnWkAJjexvqD5QfSsj nLQLVD7UoUrx0qGjYi8Kjt4YkuGq2+dRvwoXOaupB4cwMx5jRY0rUNijg/M04loG bkqT0ehzzqb4QbJC3HDytACNX2G4P+bReXiHchQADfcGJlqQCaZNybvjSK89yuzS FxlXaeQSBWx7uHC/+dJzN8rLlnbKs84xZO3IzL9gHsJXd7wxrN40LkhAwueMuXJZ zLd94xwtHyFo4+EsECZ0Oj0Sq2xTe4ZpSKHJ3WVqF2SxaNYIKDFyTV+/hHqLSeCz vJxdShEIvZ/iV/rnoBgh2hFjecN8oV3igD3j4Fx5hFsyH4Yla2t/XspG/jIZpxtu C7uFzq7rSorNSXK5O57GZdNur1emTdL2Eji11SkrQ/FEzjzPCkqALfx/dQOZboQy LK5ZSPtJOddGgRim6wDiPou+hNa2pDil4mj6lTBERRsUw7Nb5xtJdbQe/estDbON Z0p4G7iwYdCLjPuibZDaGR2OL/OMP6vDx9x3hnHZelNkyElClVMr49e+FfpGYBtx e82jFh8XPAoXs9qWQN6z2+fR7HwVltIFdd15VPI6n4hQrILtx2NhAXJGgCTBAU2u 3ZYwDrfxfM13+7m+PDRJUlXjQAuJ6vTE22jzZVdW8w6WCSiDEH9CrEuoNOd7y6oX 62MQcaOh1cHHCAiJB97kBNOGqdzKwDEZo+6mb2uWkjQsZZrQySoDjb62MToC3Vd9 fxeQvEZ8YdDxSCbuDbuuvXuIyLMP9mSnknwyKJTk7gTc4sZ4EMwt/2FDOyu5hw5Y pYAKC7V1Rtbq353Ztxi3PTTdcIbnEwlTC+AdyfMJ+/9bQ9oaO4/2geL4IQ1Zxg1C EWB8QnOeMenv1VNkOdQf7907OIbLR/un4+Ojg/2TKCFu39m9cxXNIt69eufmtfU+ 8fZQeq82KFTbvSjEE82WZ7wydAWbiiis5FUYxE/Wll9TtDZEqagdlv6ESBGSzvEe B0QbzQzOJBc8ZWjvr5D9uslZKmqso9jlwuilsVZhnts5iDIlq2i/uC191rbW68pz XSAU446LOW3QPUI9V7dNHMKBEDxkcIe1nOAE6rOVYFTe6eM1oDG5N3djFToNQvYF 4b10r9wyat89vjZSCQ+/pNuhUySrpUzIVjjQkcBJud5Ky0PNytkdGgozBr5oY81U YWIiv7X9bkLbL4fiK+V2o0lN7JzDhjlQwen5lNuShMgNfd7uWfrDZM7qSJ5uoiEb 3+7aoGO30ORY7nY+ioiyjePYo3ItJfAzWtipnZ+69wQk3SfOGJp6SGyjj2BlaGSU k8vj0Y8Mbuuzq1fO70YCdTvWNZn0SqzX/SdEjTvCqZBompkouDWvgfhk05ayAV+Z ii+6CqnXcXwcPlSrN/nYdgDPiUKiIpp5RewoACbUV+qEpnRx/wIVSy0zwA49eb5z OL4rZ63gV5YaQULUMLu2LJZbun4Mz5YmkZn0pKk5e1uVAvPjXHUC3rFkl7qbLnER ahzTp5aOyF0y9FMzRyMUlVtbDaSNWiv1SeYSdGNqYmm6NJBE4OBZgA95ATGerhFr r6qceWb4gIhlnBJNRXMdeYsF4WEK/7L6Utg0hRPbFfFmacW0NnOeo2/YDRdp2gWg w3cy+X768OB0pGguSeOWvfG9gwdPDvaOoOHo8ECp/eMjFJVH/cMOR6cPj+8dPzp+ 8I5MXMbH+6N7T8YjmtOoq1eGV2ngcvvG5U2iculs/1zcx0MNihQG2bKLEWHe/RBR PpvRhjPOK+RSTfMlijsaiYERWgKMPs63b4aK5cyuCYcW/cPa2TWNQ0Jey9scDb19 Lp49qAUZW5xhorQlOrWk+Jpu4PieWAeaOpoGu3ZG0dc3au1a+QvmKlxElZlOs4SK A4UPr4Nkf9eKyQXX5NPhcLgXH1ZkTHVxgCHDkwdodecCqQJ6UaxWGWOGCCqjI895 Hy+LCprxJShEvMWhaM5ol0ITZ3UwJbUNyiRH5tmOpA5+v3yu/NLXsQMC3YJ5gJY5 718S64KHWQ7ho7VMHzOqyqrS5G7pmrYloeikwxCGEoAiwIdNmtrhwb55Ttlg2sEm zcEjb4Zxq+8ws1vQZZ2PWydDerQSSL/LnLLlRq8kC43OKsEQIQaYy1A+0FxXd86a 0rif+DiAq9wCqcHg6ozWH1AWRepc1ttEwGeGdh0higacK3PtaNiZrM+FnLHTgRSO xjfcY09MveC9080ru9duXFGHD9/jBRA3ydR7LcMM08V7O+6Hwx6kXV3BvWAVsugw zzuqSSWP9tVoESmZReiIHHXFhw0jTAV9xIXsSic80hSPUMNCbqYZDrWgBhQ8nii0 Cr1x48ru7StXFGlETNvWNWH8KNxFC6TGZfVyoK4TAB4+fnI6GqtHe0+jRgfIdzLa fzI+OH1HjUePj8en6totRr7b6xwbmCjjjpbFSHsmu00rQxaiCgiLhnY1raAdne4f BhcHa4Q1oNcF9UmW+Ei3g+x1UKtjFIH6OMoWxAOizji6PeHpsODo3BY2TFLxraVd F00ZmxLgwnvEs9Pzdc8jJ9CO11yfikrjTFuurI6bN64TtOU6vsj8Wv2jIzhiIgQ+ 5vXvVFQ743gnMlzo1IRRNpKakGNj8Ml26lEWkjdACg1YQ8rB7wz0U+nReUg435As HMGxTpMrUUT3TD3RqMsDeYJzoKlSoSRRHssliifxEsdou0D/OQN5eCUbLEnNwDq1 2h4aqCrNFMo3jmYydUvRckPJ2pMNONjktRA62b+B/VEnFNsM9qGS2L8NV6BjQMjS RicMNhluyLbBGxmNAFDNtjaGHRzx/DFNaWxZirJd6IYz1QW8IZQwbr9WanKnBUBP eZ3XRhoQtaSR/kDmyySWP5cImSw3aixnD0dbyVPjuq38aWvulfDtyUq0ZO9GcIVv XWxrCntReT36gdz3hWxkMm2DsWO44rUNTXx75Q/PBg7xblNQdvTJPYUJVdrBBi+h 47nQUKGdmKhTQp7mtAgIlZ4jGbbgvhbVKktoRBYHLdkHHtybIXYGogH+pbOFrXr6 9tD6uiVkaUdmxGYv3MSZguZXMoSPmyOeI9CsmDgujSW6aWcmA4b1JP0/1ry2t20k y/p7A/0favNhYy9krWU7iZ3gwcIdO92aSZzAdqZnEOQDJVISxxSpJUU77l+/59xb RVaV6HQaeDzoSWJRxapb9+W8FPk8cSxn3Tbb0MZzJSvSb22pGk71ZTIJJNdb0Wt7 5mbnVkB97/OEF80Sdi6diSHTwyqfW5vlM7oodnCzFW3VLGkKlYrdQFVamgGEwWk2 L3DefBGkhdXFLer7Jhha3UjMPA8PM1ymRHZ/mRx9HQ1pWgW1bmVFjnTaYZrmy5xg 0EVYqoKQZyNBRd5EooOhq9Pdh6QrR0Yt/tLTut+XyXEYazsfuVmvDypiJaw3CTMO V6lT0LUMtsgQt1VAayDCHvoDaMgKsXc/XOPFJ8GLf4BeB21Q6BoQXDlfUej8wymU aZsZe3fM9xHvs1B2GohyQg1lrbnemd/r+gnDtQpEEU81wk9tbPOgHwqUFfAsPrCb aSLB11k21H1N59+w/wWLWeyEXijQkhbCgoc121bt7A5YXL/r+FY96iBp1KnzDVGx VInUYYXNsC47/PdEJL8v7hTVHGOIQlKWoKrsxNDjuiM2GQGEjD6+uQkUnjqj5agR EElnRx/+5bHnTF19NYM769q+Twwr8XvrnPoRq8BNpxxE6D5PW/EHQQCaaLr1RM5a QjKhCO/GzzqwCsJVJ6znzJzt0ux36hzy/a1C2u7SXIU5x4ghQ0LdME2y8XIcZOkH bca/JOXdyJx/uLyevj2/Mr+cX/0dePjo0Oydb2ozMUL233T4udHOym/5i711ctuN 8B6k4IfkLjOX1PDTutpsmFyXSUMgdPkNfRq7Sh6b/sX+YnYPeLnZ+0BSe/TSbcO8 BRI3zeYR672WsrVnZFmCV24qJkUwzjq8/+mt+f3y8u+65uSQS77aAfOTcdioMBrm 6N+iigkAVZYicozUXNT/gpxuC3Z7N5Jmj13rDVFvZKv0HwY57dw6AR124AjNpywb qLCS4Rf2VYOL2TGWhZ4XkPbkeSP1dPi8OTioyueNiDDVYvGcLeoX25FjzzPHRabx +zD6RNbGl10kXIOWuUswqL8P1XeyaMS23pF5ccuJ6Ua5yiO8jbIqD2ShHQLEDZSy ATa6BI2jWoaht8wa4EgtUL+qIizpWUgIH9rA2sq6s7pK0pk/WUP80KD8WH2hkQky laD8HMA1H6bvD25uLw5OXiLtwTk/Hr0xv6/QQ4J2YEW4ozhtjzhAsuDZnWeOx/Zv H0F/dPzqqBIhAdG2XWNeFUzGqlYOIenGoo8RmEAKUZzXa0wPbfsNP8zKHm2Y5D4X TULffjNfgZ38EXSii2yBEmaHmN7jTqXObA2OzMXlu8urm0vfATMvT8ze31pMFpTw 8U4Jn+ibCO3MJhfCZGRCafewE0Gqe9bmxZY6v1ykfTj0b8TgxqN7m/xbVjT7qIcl Bt8fanbIgONJ5zWGgz9yrHwSVJ2soDkuhIVvpdhS8yp0+C+KFmC3EaQl0rkk/512 n3AsZfXy0UoP+g8RLxUcpcz4BK0hEWvPdRc0o7y23l0oOHWPmGVbOukNPJeT2E4X F8ttO8vs6bpvhdQGL23m6JA64TTejvfxCrB6gtJeknrgzw0apwBAFU6DQhEbkV+8 r4oteYFdR16C8wr627qHJMLWF1hUc/p8/mLthnlA+oroblbVVowPSdLNJkuY8I1i QXAd2wK86/zlMRwsheJWQANEtTN9GL9EOZ8GweaGfAhmm7mABvPz+nbUn0BnRk8p Gwfo+vz9jgMoP1rLlrZ5XMDjI6zIqYQKAKRF/WWhriIuKRtnD2rU5OFWcvxRPZTo 4Ji5TaaMv1iTFJIuRAhWcJDdk2gdyX0C7GXxntqjHXCyQo8woVjn6RxCtBuOUYES eaMwmw+sAa0fpZut8jozQ56sN8e772vL+LWPjXFaZ7IFnlG7E6sGPVDhX4FeIAzJ yRt6TBUjcnGDZv9GpmCg0hCq0Zvn2/hcmzq/TwDLnUQnidQzR+ao+ksOcEdNb+hn Oh2bz1fT28sLc3N7fnt5E6uc+pRmVsBaR+Y2p9I3nU676v+4LvNZ2+AJpN82cgBT 8xbBQM86x5zGNyZnL0+/TF589WOEboDGtgHnpSz66LIh1qplJJUqHPVus4O59Nqi gQO695L+9XmwUlVjFlvtie/MUo5OPZaci0giVWuCl7LKZ4T+AibC0P4Ae5Sf2756 zbKoHrRUKiqazqgwDXAGsGq+zkwvXKCXBTjD1aJr/ZpJfYOW1scMB3Z4pCjLIVAR CyJcSV7GAS1yqkxYFRNbfWgkq9drZO6wKmn0VCx6Lj7jF7ejeLFwF8DB1Aoz292U KvlTtsm/bVmOkhxJ2D7purDuLiU2EpSus3NMNULGBHHSFJJO76ZABPScRibjEA1N MAuFd5yidSfysWSsP+3oyQBny2xr6UY/0COC1YNdlQT0TSEVDV/qI8OeF8tZGx2O 0p6k18kWoimBXbzL62Y7YnBUTFopRmNC9AvKesFMjwFEcJt8wM78/uQKLsDXH9x8 DSyOYFagfSAGbG0affbzuYI6p2/6MVUYQs6hWbiTZ6GZoutrUgT7lo1b+VB3HIMu XUBQB9mOaIR0SLtYNes45Hz6TXfoYGf6uVRU0+2dOiMtzQbwgj6ohSHVn8RMcktt FQfjRPDzMWsUNhGmFauYqvyTmGk8zstHAgnahW5HdkFborJm2IJUbqJBaxUucTYG 3tFhERP+uKfecroucny9r5SeFXrKtuh3zY6wLTJXVQE2obUJfJllou7klOEl3YTu 2vc45cmultSREsAGX4naSYPtKrFTRuSLgMI4k9BwPnYFu6OeoIW3aMUvJoeH5/jd 3tX525vpB/uLfcEUz75cfnXWY7exeGeAITXpeBflfkL0il1arUWP7+km50uZ1HX1 EMBvtbCxUGZxlwDPnXX4mP8U27HIB+EYdcJD2l8XpSqhplaqGoXkdDKsWfk023of Dj1ySGPxgheL8gmlrSEJ2WYfda1/oMtfzu9G5jISoq97vi6S1T/yNAta80XebApM ULE9X6NQIrnqOm/u/mdkTjpxqzH/2WfG0cszf7E9EahiKvqCOfCpnY3Ne/ztqhqb s8OD4xcTROr0SMDWGFjplWNTRE8BZAoqPEBPrshjfC7U4yGjf5UE7kMSYHLMUCUA 8wX+7+/J9g9zP45B4PHpmfk8vhmb45NXcsKXr/bN3ruqrcNJco71U6ltB6RoY9X3 GTqLSDXYpAdmCbm8LY/3o6C9xI4mp/Lmt4zM0YvJZG+yv5fsf4f0DEVn9GXy6mvv PM65cTKYtkwt2ybaI6SMpI2+F5gCDFhcpkchC/Ntp+NvjgAjFbYDgp5+Nbujp9f0 4gbzyeJ9vXKCMuTPyy+TMyyTMJxhGfq4lV0wL+dFm2bd/qNdS+e5fPvp3DyE+Fpk H/ZJwcU+ZumWDJRIdAqMN0HhB0PyTyz+OJt7jgQUco/2UmRg2mVm9Z/boASTuVp5 zcrJiD0vc6FWacbFCwsSMkfnygqrxKfjL0eHX3f6z3nThXUUBLPZcvphJhTJQ+Ne 3gVgx9RxVIRbiliIFZweqjo1z8LPnoXrCDDqnLSOoqoi5fimyglVkI/hNMO3EDLi q8ot8UYQc1plSvsxvFVGlWMhPilqcBtJwSJl9xOKJ9txS4w9nBhClozxop8AujZC 2TqRK/mOWj4gAO9d3l5+2h+ZVfWQifWEqMySRtGiqWZkODy1D6QdwhyAahIMZXnr jIJx1R1ZBOCppbd8qxnyUYWOpmwBTXjlOkH5FfHksJtM3uNWjyapaF4i6wC/YYTP 5e4wTMS6izRUqgTVvCoaEYUC4IEbJrGRE82ExDQYbETT0RqJuhfMpkKuYRaoO2+r clmLlS1AVzLH1YjfcDQBrt3Fj4gJnqqLUXDt3r3H1z5w71aq8qafiE+9EIHz2O39 gPZht3559ev76c1vTwkf5rJcFknpvMJprDbstO3zULnhzP9yNIllDoHYiiF2GwVQ CwLCafiXZYYJgUIwozm0f0Mzx62cnJ6ad+OjFJs6NntnIDRv85qT9OzVMaa2TD1/ sbICGl0CdCUivaL56uT0iFufIl0R8GzkKBHLdcODWLE66Ho+84/6gJ6cgPgdsYMY yp7CVIa6Y5ACnSQUXsyzpK2T4tmO9yC2WAitZWepiB6dEtnNr6iJR/E+xY5/J4hB q6XLe9POaPrqPm5xyvtc2+Y9OUjyUFUYLy9OD3HO8U272YTOIl2Li7H5WBPznZ7g UrrxHR2DoKOJMUcAyxduIu5AzrNxjzgFcJ4dvDg8HQGYHzrAeXpyavbmVarMDK2z Q1v+SoBdhwevJof75gv7G25kwYgRVnyNXnp0+CRk2y2NeJA+wzlDebbOpMuQmYE3 +HgkiNMzlXJJ6OpsSQ+N3T0pw+sPMZvFa9H2afpOo21FpU+cxnLHzt6jLDR9RyQN UU/AFtbJHUYBUCrauM0QaoGWcKEmykyHZKc7+DGJ7nknxaV/KPDfiNwuPJD/lAln TUl02FkRIhiW5c5ij81WjEztgpUdASLPabWdvDBDhsXt7mI2RCffQem6qeGtiJMG +HZkkbTZKfsnUXpj/b2dZWVRVQK3vBSDUTjfNQMSs1k9NmIpoHE7mYTfHTG4opWC W7BPfuem1vkcVJymAS8ETQ8gmP4t1rnjwY6/dr5314jssk8CTXDhBUGcUthYfuyo DXb4GIsK/TqEkn0Lj4P3xni6ptmVqbp1GjLlbpWYcITc2cYw1GiJC/SubV5bVu1h NKIktD3g+0d9QvTyYNa40frkdVuzxEKyBRp/Q4RPmBQrZs282nSWYoM+gQ3hpk6+ /hDC+MfYvD2/Or+Ynl8NIoy3OHCamBWQC7OvxGXWIj1us03DYhNfzmRB5MK06oIk MIxVIYvmSGixXHLRr3oC7ugkW9VfxhdHRz/eB/n8ZAQeq4RfHg527q/zeic0GA6c pvTFOoKyqIqiehD91PVNK1/ljetHJJg7i20QH3bTVWV89wgU18vdJCL2VmrbWYwq QZM5TTmkR2iy0nJR3+y32m7xZDLQbeVnoM9pxzXNKhHZ1SzbvKDQyGUY8EVGxSQi V/JT5DRMDw6GM5Ozlp5Cu14ntRRPeZ/bmHEsmgVrg0UGSJRlqSrz2fBiWgrEg+vk W75u12+eeOlMXtq/i/8SBLllOo5UWVhj7OKCJEFlEA4vRiUy3uBDZR6zBD2iqr1T 6D9olO5Kjf/1X/8VZfUxubltGgjTXRKrRUEB7isL3CTMI0khf7H7vCp6WcLvGsCk MrTkBpFA8zqzrKubpZMBo+lHy21OxkAAVWFtNz6C9hp1kacwrsXIONd9VWBWPbP9 9Fm8swdxW5KCaMd+Zw0ykNBIEGF+lkmtirnK9vSRoxaliyRdByNWvotMeuT38obo rmP3Emwp//9ts6YH+CCl7OE7uCMsYtRw/7WHpOkLXrV06/O5imZJP6l9DFb00xXM VhkKBbidbL4qrbqGRtHkM5JoEdfstnbbEOB3w1CE+myzlTjjCOxC/j6txIa5wYCi gSRh5BbJPJ6YaTbH7HPZuszkpTYLtjRtNbOQC3roZ7RYCp7w9rfLeLK9/fjhw/Tm ZvrxavT7x+u/T69+NZ/OP11em6uPoBaTw9d84tPnW/wGz32+ucSGj8fHh6KQn8Z0 5ejEFg7yiTmFfGuqHh5FWa17lmxhYRA3hJR2q3UyVseBftp6U6A2d4ojMf8YX4w/ 48EvopJRP4kprUqSuNRvWxEfaKh9da4Z02UNUoIGYjupNUoE7edZke6WQNPWNWm4 Gtt4QVWnKtDR8hAv4mGFpoETWJOvcSagvxhp+zZfJ2SkQH/188ZZ1J1l6B1YPvcc bBwpVGBB/+lnPFRtkSoIazIMKO5KFL2c7U1Q2bwDHHZMjcfjoG3YdPFzxPyVJJnE jsrp9yT/QCfg0BFwlcznIlnItOh6IMKECUVs92JAqHeyuCqmMoCVSiI3Y+kqzbgQ uOe8wAWFykWDttaT3HLbDQmntNDW9cV2fiYA/ns2V2+dkqxYhzBZA3XFyxOJ73qx QmUANDsW3Iuoz+RaoyA92yksGnOSENSZmRWLtrHacABJg2MS9kZa6jqhwcDkl+B5 Xf5Z7yh0u9DbaCwtHbYf7MMoR7wzaZULr3GHhXgFLAX7iGUdg+sIuHZKcHechmdI dShsjZ9YJpIs3DojnojGSp4qJbMSvCbTo39Md8rgvlicxvoAmSSlGjUu5ELknOKr /5Ido2sGqBAZjPeQWuKZIimXrXR9nJ+AzTznXhZtOe+GRtKfIchnmXTPd3Pq8p4t 0OSLbgc9LfGz0TxtZ2Y7fFEkup7xjEzoZiD5iFfibmgBh7OJqi3BlpgnZO3ONpLh H7oaUQ+wVrTlpq7TFcmDhSiViOl1VeinbCUv2Uo+SLKFWX4nG4jZel4gMljzgZaT HqlbklMejSCI9Lu8bgChO5IvQ6ORrpSXnJiCTztlQnblngom2brDIjhFmm2lTQJD rKTTbQBGmhUickMHJx11+99Go0LMi92h7J1LxTiSXSXoRoyObSRwAINIh+WEtQEo ZCFePTptLmnrywVLrNDs3rwitIQUH/FpBHZjf4DbbY2RZsddjSP1SThAexidTDGg lELYfW3Dx1Ewl0tck30tQX3ohAAuo6kJtJZsaQms0Dww9tX9fJcLK7UmJ1OrS4Uw o+VNu6BFsnmbBdbXCkhDVUUU/HBXom5TSOtKGdo5+THjSbzFyKo6qQvkItImwX7S Sn0tCmhNu8CcFE8H20RiWq9piYHSxFuOSGyTE4whvyqreBPM+meRDKZS9ipwcH9E uXjB+B4fTsZHVBbsWOybUlfP8ypVytb5rwhaVYaS4Kp6HS4PnNNl97wqEC28oc6X q+0oQCyk4DJb0bwUjqBA8bQDJ7z7oYkbrsIW3ZMRnVrlrnUqu9KBV+kQ1UwNFvME EHlSWokdYjNfYs1QJVlu13Fb37H6wmN0I0S26J1KJQ7u7wt7p5U4QoyTOKGAooYD lDvGwks6XlfT28sL/Ovm9vz28oZ/uby6vbx6S1iphOQ5gKZ5d3lxeX3+PvjcX+zX z9ML1jSW+HB+9RlPKsQ0e58wTOc5khOb/ZUEonSY/jpL62SxVSsvZsif0Pklr+pH 82uLmSwStnm2HD9DLjC1UHl3ZfWA0sUA3t+PDkc7T6kPsdKMAH5J1QAXOWOdcydG KAGZjNxI3niBjsFw5kRCIVK1YB9hluQHq6oqGiflVy1yt5MUpSKDu6mRYC1dY/vF kRNVDV09Jk9PxdADVhR1Ur63AbMv0pBkc/9KxLHgsqofPQBnhxaAM9kHM1KgaqZw UxtC0IskAela2Y7TNbk30sUs4xuJOgy2VecNw9mgcB6lJQ3DSHEBsm+bomqkNSoZ onSszVyZoNv/WLXXcGdNi3gkVI7arQKQ5UrsmQwbqh4zAaDiUiAZHjnz/A1IqwyJ zp8L0AYk1tx8fP/5FkzrZhf4h3MMB7BQweH2/v1sDRxW7JG7mj23HszmnulaFSEU XtC8YrfIbsXOUsmmOhN6WbdynxpnNKdFW4RQzV/nc1nkd9ZWtiqvg1dbTfucYBEj NbMp5IydEKI5/U/8RU7AOYlNSU7CRN0m9TLb7pgatJFmIXTIam4U7xJ/JpElZmx1 C57TrZ6Y+4Q9oL7Dk5bEJSF0SBochp0QM1rwkSPrbgxIGekhc3FLwKF4nYHo3GC4 d36GVM8biXWRb7eF+lL84koAmPdYfO8q7WErIqeolia1Pt9iPJ9+3cm1qfdK7s// 6lZhDqUqdNmiYLvE1ZBLBg6aDp8cV9ts82WH00XK6epaOIdC4DS/z9MWGRDB3W4B XotMX+FLIvelCkwtUGMzZIiRDXiiDJ1BymuPFHJ2IKFmsasim9PaMthDklAyXlUP EpsUVLBMSSUpVPYcvNufl/RvwGe3iFwASxInLejj9jQjBWcsZzv/NVWWNCIT+mix giqTYkAmYFrxP595ojzVruxQfkRrhqtBO4ACrbGULfGnMLKs3mTYOrCzIlBCEgyj SHqzyWa8jLc5jDOmqtBo/uZUATZs7ryQ86EqV5V/1roKthyIU4S1UbGvp5gfbc23 jdCmw0xYULRjHosvlRIig1MLoep2o1jSFsC2qu7Uag7ifD6YRwwW6Z/jdB2hK1VI KQRURzrnSgCKY3M8+U2u2wCmFwQjghHipsifbbN4jCROYvBcYEpfmHoAK/cT4Qbx 6m4j6F543aNp1pyWtrV03cpejSU6omzOMq87RPIHb7XEPiVtq6eokOXjVDnamspG lOGtVfsjCva6T923GRDOIs/SL0dnXz2iFFOWH6Ae4AOFlRw0GzHdJbGdCoUNHlTs InPZDx9c1EmbArFsqzQJ55L4oPzU+TM+3uulAJGbMT/rVIvojtZCVT6pboXTXoaK bC5oyH0HH+/qxB1CXVPbmYGMpDswjtVkkZxdf5YZJ68Hx6xUUNeTdi3BDkfdSJKn Ssd9kc4x6Chm1jzwuaQjk3L2xuJh/R22VCQOYu5oCnVRaV/msEwKvLjTTUMBya5r 15Qbj2C0clwJi3BetI9FrnwnbbM+5PaAz7HKLC8oxuMj4uiQL6VOglSSkKyZTs3u xqIuoz2v2Ybz3YFZEc/lMnaYeMzFTol7qRLUmDELz18Zad7+jhVrjl0zwwbvchnS zv2L4jxr62VBf8M88PY8uEBNuOzUU3TA0t7UuqL6l5hNVUWyu3RapB66RZKKmI+x tWbDj49wNu6j0/UAX2dW86QT3FfJfe9xRuLxlihDVQ7jq1V1tmQxWE9Boa25On97 M/1gXkwOD8+HbBjFcvJ4Ws1beXmT4XYR563yLO8VBbpi0fRN9urmPLzdIs/YOtJ8 iXwrvAMxGaj5iIXjaRoeuI9uyk8Lq0DiWeahHbm7TdV7X4TNsDYKYWstUhHqso7K uYWCZv8d/8cRlmYXzExL14FiMTbSYgWSqKAXbVWVMW3Ioi/miJGVCX2V8Y3RZC3a onA8ZvcyOkW616u7jqrCdipY94Nud45QRjAymevdu513uribkVh9bZSHVHPsrdb7 iTPtaYRHahpr1m7i7KrKgESCCtjO8JpPoiI70IEsA+3dcvmVNKt80WOHMgQhHRlR 0tGBjTddeupvGHhdw6K4cJ1kg0CgdcgFsSZJEvO5p/b30IKV7sIW0xDySm5cAjlg UlRl9ryJqPOQIOOyUwLO8EoNd4UhoL3SNJNa9Gtwl4ILJ8AlrNtGENlOExv2/T6X oqWYG1U8GbjORdFCllyk2uhE+8hbUfm+E+2rMmwWXleyMOMqUV7urzPtbGRcM/YC GiTIBbd0m81XZVVUS2xh72p6c/vl+PDrvioKzA0Q8YAkLihqWYFFe2PTrWdBX6et aoF20Q9PplK6lfGZIXy5lgfKvbLvTq02hHLjK2dJRLg7zZ+QJr1PHAZPajFndzbD EYrSFOvGX0de3pU0x2GLQe9uuUdFbt/dtt+FEq01vJChTXKXjdw9V2hwj13ysOTk aNz0sEeDLHf3yZ1ZVKedEpBBNxP2VFvpOxSjc2rtdci8tAviKtFJNuw8hFmIsNWO eWehA42JpxfsG0PYe9py9qti3r+tK7Txl+NJIFe8cywv9CnthkSCzMpENSkWaM2l 6l3fUUCwdoWFWpcDb+eDenlkeN0hButb6wHoR3SQXProbpkb85FdTPvpgBtmqDc3 nQPiKpyVn/Pyl4RlBDri5myzTRPdmPaHfDvQUHLy7+l0yqFKTTA2zsCy7jPyCaGA lt2GlIS4cmQ6Q4pjRUquv0jOldoag6IADMH0nuKOA5VMtebQiAt2FfE7yxAPwp0H 98fdAcVXrKE/ukx7cj+K05G/QCy9pfZQ1dJd48MxN/4i35QfH07KDnv8OBI0T1hF xo3RmeSF5IPNpZBxI7SqRBlHLhjtfDvq9sj5Jo1D1I+sl/NlmAfaPFO50zdjKcKN QIuLkanbx40MhC7aO64BReXSWgFSAeyfKnQ4fUlaP0PgR2BH8urOojOQPbbJiiKa yVsaneWBhaX93sNhBhgK1pyJdtzDR5eHnU3MP2sgp6xEyWVZrRZSvLPuBKqx0V62 gjU7w6xKc27AEqwBgB3c5i+PnWLS48141FlkY6oHVR91QiBtt/lB0JcC6NO90JrX YBwCYE22WGQyPdCU7Lulc4bHFGwq70USbXu5JGQXpVVQOj0mom/HhwSaeEletU2h EuMvuKqkDXCFg3syucQwo1LMNhUhCX4fhHZN48JcZCC2WxvT4K2TsRAKawE1PWH3 UkfVX2Rm0aZaehtc+WZF921wHvY36Bw7dS4EbDf4Q4XqnQEwuJhOA950aSEp/7mu UJHSCpjvPlJ8klEFJcs4ThfDtEz6onMO2BdjSaaMpkOIFbzAWWvArRXZPYR4LS2o 4nGkiSogSU5kR5U/54RD3eQUJYbsJ0tq+rdjwSxplBBwqInGhPD9Wxpewi4edLiq UNECjQ5fqgq1FTIM9lyJoXB2R1B4A1YCCGdsnc0zomqBQp4PBtr14brzPHREohGq a7jC8Ih0NLefRPUlBGSDGJFeswjDU9t31mbIxrLT98vx0ddhItHTVoUz/dV7zLa/ =79RM -----END PGP MESSAGE, PART 01/02----- -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From jim at bilbo.suite.com Mon Oct 25 12:34:29 1993 From: jim at bilbo.suite.com (Jim Miller) Date: Mon, 25 Oct 93 12:34:29 PDT Subject: Interesting reading Message-ID: <9310251931.AA03854@bilbo.suite.com> The following is one of the most humorous posts I've read in a long time. It made my day. ----------- From: tcmay at netcom.com (Timothy C. May) Subject: Time for me to come clean... To: cypherpunks at toad.com Date: Mon, 18 Oct 93 12:46:40 PDT My experiment has gone far enough. One of you has claimed that the Net entity "tcmay" (Timothy C. May, putatively) is actually "jamie" (Jamie Dinkelacker, putatively). This person has at other times claimed that perhaps Eric Hughes and Jamie are the same person, and that the Net entity "tcmay" is the "lackey of Eric Hughes." It is all getting so confusing! Allow me to clarify. I entered this list under a variety of pseudonyms, with the intent of compiling information on all of you. I have been posting under the identities of Tim May (who has actually never existed....the man behind the mask on the cover of "Wired" was a hired actor, as were the stand-ins for the personnas of Eric Hughes and John Gilmore), Sandy Sandfort, Jamie Dinkelacker, and many others. I disavow any connection to the paranoid "S. Boxx," however. In fact, I think there are only five actual biological entities on the list. Makes for some good conspiracy theories for the paranoids. Finally, I also write under the nym de guerre of "Dorothy Denning." The real Dorothy Denning is too busy grading papers for her freshman crypto class to post, so I fill in. My real name should be apparent to you all. I knew if I used it, the other four of you would not take me seriously. But now the secret's out. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb -------------- Jim_Miller at suite.com From cdodhner at indirect.com Mon Oct 25 12:49:10 1993 From: cdodhner at indirect.com (Christian D. Odhner) Date: Mon, 25 Oct 93 12:49:10 PDT Subject: S.Box and LD SAME??? In-Reply-To: <9310250638.AA13946@jobe.shell.portal.com> Message-ID: <199310251944.AA03198@indirect.com> > > Subject says it all... I think these 2 are the same person... > bloody idiots > sam hill Without makeing any claims one way or the other, I would like to point out that LD's posts are almost always readable, while S.Boxx's are often as not _very_ difficult for me to understand. No, that doesn't realy mean anything, but just because two posters send messages of approximately the same length about approximately the same subject, doesn't mean they are the same person. Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 From craig at osh3.OSHA.GOV Mon Oct 25 12:54:07 1993 From: craig at osh3.OSHA.GOV (Craig Nordin) Date: Mon, 25 Oct 93 12:54:07 PDT Subject: on the CYPHERPUNKS, PSEUDOSPOOFING, and POISON Message-ID: <9310251548.aa15879@osh3.OSHA.GOV> >Xref: osh3 news.admin.policy:7108 comp.org.eff.talk:15565 comp.admin.policy:3710 >Newsgroups: talk.politics.crypto,alt.privacy,alt.privacy.anon-server,news.admin.policy,comp.org.eff.talk,comp.admin.policy,alt.conspiracy >Path: osh3!uunet!meaddata!ddsw1!library.ucla.edu!agate!ames!purdue!yuma!ld231782 >From: ld231782 at LANCE.ColoState.Edu (L. Detweiler) >Subject: on the CYPHERPUNKS, PSEUDOSPOOFING, and POISON >Sender: news at yuma.ACNS.ColoState.EDU (News Account) >Message-ID: >Date: Sun, 24 Oct 1993 11:36:41 GMT >Nntp-Posting-Host: jenkins.lance.colostate.edu >Organization: Colorado State University, Fort Collins, CO 80523 >Lines: 999 Recent extremely unpleasant personal experiences in cyberspace have given me, at the same time, deep scars and deep epiphanies. Following are some messages from the Cypherpunks mailing list generally on the subject of `pseudospoofing' -- the possibility that some people are posting or emailing under *different* `identities' from multiple sites, specifically with the intention of camouflage and deception. I have watched the development of anonymity on the internet with a high degree of personal interest, advocacy, and commitment. But this recent realization of the potentials and extent of `pseudospoofing' has deeply disturbed me. The most shocking realization is not just that it is technically feasible but is possibly *widespread* in certain quarters of the Internet. It alarms me that some are championing pseudospoofing (and what I have been calling `black' posts and email) as `liberating' and `refreshing' under the guise of `privacy' or `true/pure anonymity'. > I suspect the > result will be a more honest dialog, a more productive conversation > freed from posturing and, ironically, from the concealment of threatening > truth. I hope we will observe the resulting new forms of good and evil > with Zen patience and allow this quite interesting experiment to > continue. > It's interesting to see the different mental models that people hold > of the net. To me, this equation that one truename means one persona > is not realistic or reasonable. People spawn personas (-ae?) for > many reasons, including psychological exploration, sociological > experiments, sexual thrills, or just for practice at maintaining > personas. I know of several instances in which one person patted > himself on the back circularly, or took half a dozen sides in a > discussion -- and can surmise about others. This sort of thing may > well happen routinely, [...] > [...] the privacy technology `we' espouse can only promote > this. There is no way to maintain this one-to-one equation when > working with pseudonyms, when the human "dongle on the keyboard" is no > longer a viable identifier. I think the Usenet motto, "Live with it", > applies. > Perhaps "support" is better measured by how many people are motivated > enough to go to the effort to make multiple but individually unique, > reputable posts in favor of a proposition, rather than by > simple numerical polls that abstract away knowledge and > motivation, or by how many True Names position themselves > with I'm-on-your-side posts. The idea of `spawning identities' for `psychological exploration, sociological experiments or sexual thrills' repulses me. It sounds to me like advocation of perversions and multiple personality disorders. And much to my shock, horror and disgust it appears to be a major component of the Cypherpunk philosophy. (I even wonder if the mainstream media has been misled about the true cypherpunk agenda, and so far have not been comforted by anyone `real'.) And the idea that `support' for projects be measured by `how many people are motivated enough to go to the effort to make multiple but individually unique, reputable posts in favor of a proposition' is absolutely bizarre. I have been publicly and privately assaulted and ridiculed so thoroughly, searingly, and viciously in both public and private flames by so many apologists and moral relativists on this subject that it has encouraged a certain degree of personal paranoia. In fact, I cannot count a single strong supporter so far. The whole black affair has opened my eyes to the extraordinary potential for grotesque evils such as manipulation, treachery, conspiracies, and brainwashing possible by combining the openess of electronic forums and `pseudospoofing', particularly in private email. I think that anyone who subscribes to this public internet mailing list should be warned that it may be a bizarre `experiment' in pseudospoofing and brainwashing on unsuspecting or unwilling participants. I certainly would never have subscribed if `I knew then what I knew now'. Its deeply upsetting that I may have been trying to cultivate friendships with nothing but phantoms, parasites, and betrayers on the list and in my personal mail or that this has polluted my other online activities. The bizarre perversions found in my personal mail far surpass everything I have posted here, and have quite traumatized me -- something like virginity violated by a rapist. The evasive, blase, flippant, and cavalier attitude by top `leadership' in the group on the subject horrifies me. (One eminent contributor to the list even suggested to me in email that a secret `elite' list existed or was in the works, presumably free of this reprehensible toxic waste.) Many respondents have taken the position that prohibitions against `pseudospoofing' are equivalent to invasion of privacy and government oppression. One very prominent poster suggested, as an insult, that `state run registries of legal persons' were reminiscent of `key escrow' systems like Clipper! I find this quite ironic, given that such a system already exists, called `birth certificates'! Even more upsetting to me the possibility that this practice of pseudospoofing may be infecting and corrupting mail lists devoted to serious project development of Internet technologies. I fear the openess and freedom of these forums is being subtly and insideously poisoned by increasing pseudospoofing -- perhaps a systematic and concerted campaign. It seems to me that resolution of the issues of identification and authentication are absolutely crucial for future internet development, and that some minor sacrifices in current `freedoms' will be the profound investments required for a harmonious future atmosphere. I will have more to say in various forums on the subject in the future. This is an introduction and background. I hope that eminent Usenet contributors will address the multitudes of issues this raises. I have spent valuable reputation capital in pursuing this matter, and have made many new enemies over the past few weeks, and am sure I will be branded as the new premier cyberlunatic by many, but if I am branded a `paranoid ranter' by terrorists and criminals it will only upset me if they're not in jail. I believe this issue of identification has paramount importance to everyone currently involved in `cyberspace' and its future development, perhaps even the #1 issue that must be resolved for basic progress -- how much authentication and identification is to be required? Note1: see talk.politics.crypto for a `user survey' on the subject and possible future postings. Note2: these postings have been edited slightly. ===cut=here=== To: cypherpunks at toad.com Subject: on anonymity, identity, reputation, and spoofing Date: Mon, 18 Oct 93 00:05:56 -0600 From: "L. Detweiler" H. Finney >After going to enormous efforts to create a network of anonymous remailers, >we are hoist by our own petard, as our list receives strange, irrelevant, >and argumentative posts through our own anonymous remailers. (Not all >anonymous posts are like this, but there have been quite a few in the last >few weeks which fall into these categories.) I've been thinking about this a lot lately. I think a large part of the problem as you indicate is associated with reputation. How does one build up a reputation and identity in cyberspace in general? Part of the problem IMHO is that this list software & the internet in general is extremely vulnerable to a lot of different kinds of spoofing. People are very sensitive to the perception of a `consensus' -- they are deeply influenced by what they perceive to be the `majority opinion'. What if that `opinion' was not an accurate representation of reality? what if a few people were creating the illusion that some different kind of consensus existed? what if that `agenda' were actually something inherently wicked like lawlessness or anarchy? what if a conspiracy created the impression that some project or progress was underway when it really wasn't? or that some person was loudly favored or condemned by the `group'? this could be especially problematic if any kind of intimidation were happening `behind the scenes' in email. who would ever know? unless the dissatisfaction reached the list, how would we find out? another problem is that, at the same time being strongly influenced by a lot of flames, people just delete them out of sheer distaste and they may not be around later for inspection. what really is our assurance that all these email addresses actually exist and represent *unique* people? there really is very little currently. I think newsgroups are far less vulnerable to this kind of spoofing, but unfortunately mailing lists are *extremely* vulnerable. (Keep in mind, there are a whole set of other benefits and detriments in *other* categories which I'm not talking about here.) In the former we have thousands of subscribers all checking on each other's honesty. If a suspicious address or opinion pops up, there is some probability someone will notice, and cases of spoofing would probably be noise drowned out in the representative opinion. Also, distribution is centralized, so that `message blocking' is not very feasible. In the latter case, i.e. mailing lists such as this one, there is a much closer knit community that is geographically isolated. Individuals on the list are far more susceptible to spoofing. People are more likely to see *every* message including the `spoofed' ones. There are far fewer people to `check up' and those that are there may not have the technical expertise. What's worse, the list is not `distributed' in a certain sense. If someone wants to get out the message that `something wrong is going on' it could be censored because of the centralization of the distribution. This wouldn't work with Usenet because the distribution of the messages (e.g. NNTP servers) is generally cleaved from the people with strong self-interests in the traffic (e.g. people who post to group [x]). This cyberspace stuff can be a *very* powerful influence on many. It is an electronic community, and peer pressure is *extremely* powerful. Many people do not have an extremely strong internal `moral compass' and could be influenced by this kind of corrupt magnetism associated with a `conspiracy of spoofing'. Note that reputations are crucial in not only persuading us to listen attentively to those we respect, but to `tune out' the lunatics and criminals. * * * Spoofing Regarding the what also gets my vote as `strangest posting of the year' by `S. Boxx', Philippe D. Nave, Jr. (based on my email, a loyal cypherpunk and fellow Denverite!) wrote: >[...] it seems that the point of the message is that there is a lot >of smoke coming from people who use aliases or anonymous remailer >services to post to the cypherpunks list. Does this posting contribute >to that problem, or have I missed something? [...] >What the hell ?!? I've either missed something significant (and would >appreciate enlightenment) or this is a candidate for 'strangest post >of the year'. If 'S. Boxx' really exists and is the author of this >posting, I apologize- if not, then come out from behind your damn >remailer and quit contributing to the problem. As for monitoring the >list for traitors, go ahead- I post under my own name, and I don't >give a shit what you do with the text. If I was concerned about lurkers >building 'traitor files', I'd encrypt my messages and happily watch you >choke on them. I think I speak for many here in saying that I weigh anonymous postings very little, but don't consider the capability a serious problem. They have very significant purposes in e.g. `whistleblowing' `within the system' that I've always been attracted to. On the other hand, I think there is an implicit assumption by virtually everyone here that addresses on public posts and private email that are not specifically anonymous represent *unique* people. That is, if some people were taking advantage of the loose, free, and open atmosphere here to influence opinion or perception of reputations by posting messages under different presumably `real' identities (defined as anything that is not obviously tagged as anonymous), I and probably everyone else would feel very `upset' in the least and `violated' at the most. It would seem like a very serious breach of community trust, and might even have the effect of derailing positive contributions to the `cypherpunk cause' (whether algorithmic or political, the two chief schools of thought). I recall discussions of this related to the Extropians list, which specifically bars this practice. * * * List suggestions The fact that this `uniqueness of real identities' has always been something of an implicit assumption here bothers me. I think anything this delicate and important should be made formal and explicit. We should not simply assume that `everone is honest and no one would be depraved enough to do this.' I think the following guidelines are very reasonable, and might be part of a list charter agreed to by new members: 1) list members are allowed *one* anonymous identity if any. They are required to associate some name with all anonymous posts via that identity. 2) *no one* is allowed multiple `real' identities and in fact any violation of this is considered an extremely serious breach of netiquette & honesty. 3) completely anonymous posts from `outside' the list are allowed; if no pseudoidentity is given they are assumed to come from `outside'. and if anyone has been posting under multiple `real' identies, I think they owe it to everyone here to `come clean'. I don't see why anyone would go to the trouble but if someone was just unstable or obsessive enough to equate reputation with posting traffic, s/he might go off the deep end. The practice amounts to `spoofing' and any patriotic cypherpunk with some integrity ought to recognize that immediately and condemn it, technical capabilities regardless. I would equate this practice with `lying to one's colleagues'. spoofing is probably the #1 crime against cypherpunk ideology. * * * Reputations As for reputations, what can we do about this? I think that there are a lot of solutions to be experimented with in software. One of the best is just to have archives that are searchable by ID. But archives are very disk-consuming. I have some various other ideas that wouldn't require much beyond the current database maintenance of email addresses. Suppose that along with everyone's name, the following statistics were presented: 1) how long they have been on the list in days, 0 if none at all 2) how many postings they have posted here 3) maybe a posting/age ratio -- some people seem to be very sensitive or tune out people with a high one. 4) another idea: tracking the number of responses a given poster has, average, per original post, measured by `re: [x]' subject tracking. now, look what we get with all these. They are all simple to implement. They all can tremendously help us weigh the various opinions that are out there. They can set up a positive feedback system whereby `good' posters potentially really are quantitatively identified. Regarding (4), one way to `punish' a poster for irrelevant postings is to simply not respond, and they will not get any `credit' in this statistic. The problem with this is that from my experience, sometimes my most authoritative and finely-crafted postings generate the least response. But note the point of all these things: they don't necessarily require any digital signatures to implement. Authentication of postings `allowed' to the group really seems like a separate problem to me. Another simple idea is to have a voting system in response to postings. People's `credit' associated with their postings could be listed in headers too. This of course is far more ambitious, and the generally complex problem of authentication rears its ugly head. In addition to all this, I would like to see protocols that guarantee honesty on the part of the list maintainer. When databases like this are maintained, a little unilateral tweaking here and there can be extremely deleterious to community integrity, honesty, and reputations. Date: Sun, 17 Oct 93 23:58:08 -0700 From: hughes at ah.com (Eric Hughes) To: cypherpunks at toad.com Subject: Re: on anonymity, identity, reputation, and spoofing [...] That which can never be enforced should not be prohibited. The claim that a person should have only one pseudonym per forum indicates profound misunderstanding. If someone wants to have multiple cryptographically protected pseudonyms, they will be able to; that is one of the main goals of cypherpunks software. The situations you despise will occur. This is reality. Change your own psychology or change your own software. You will not be able to change the other person. Eric From: tcmay at netcom.com (Timothy C. May) Subject: Uniqueness and "is-a-person" credentials To: cypherpunks at toad.com Date: Mon, 18 Oct 93 10:17:35 PDT [...] I don't like the idea of state-run registries of "legal persons." Better to live with the occasional vagaries of digital pseuodonyms than to ban them. (And multiple identies can have many uses, some good, some not. Welcome to the future.) Since it may touch on our "cypherpunks agenda," I plan to read up on some of these proposals for "is-a-person" credentialling and see how they might relate to schemes for centralized key registration or escrow. Any suggestion besides the "Crypto" proceedings? --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. Subject: Re: on anonymity, identity, reputation, and spoofing To: cypherpunks list Date: Mon, 18 Oct 93 3:44:35 PDT From: Eli Brandt > From: "L. Detweiler" > On the other hand, I think there is an implicit assumption by virtually > everyone here that addresses on public posts and private email that are > not specifically anonymous represent *unique* people. [...] > 1) list members are allowed *one* anonymous identity if any. They are > required to associate some name with all anonymous posts via that identity. > 2) *no one* is allowed multiple `real' identities and in fact any > violation of this is considered an extremely serious breach of netiquette & honesty. [...] > deep end. The practice amounts to `spoofing' and any patriotic > cypherpunk with some integrity ought to recognize that immediately and [...] > crime against cypherpunk ideology. [...] It's interesting to see the different mental models that people hold of the net. To me, this equation that one truename means one persona is not realistic or reasonable. People spawn personas (-ae?) for many reasons, including psychological exploration, sociological experiments, sexual thrills, or just for practice at maintaining personas. I know of several instances in which one person patted himself on the back circularly, or took half a dozen sides in a discussion -- and can surmise about others. This sort of thing may well happen routinely, particularly in the low-rent areas of Altnet, where participation is a kind of game. What's more, the privacy technology `we' espouse can only promote this. There is no way to maintain this one-to-one equation when working with pseudonyms, when the human "dongle on the keyboard" is no longer a viable identifier. I think the Usenet motto, "Live with it", applies. Eli ebrandt at jarthur.claremont.edu From: szabo at netcom.com (Nick Szabo) Subject: Re: on anonymity, identity, reputation, and spoofing To: jamie at netcom.com (Jamie Dinkelacker) Date: Mon, 18 Oct 93 3:29:08 PDT Cc: cypherpunks at toad.com [...] In my limited experience creating Internet pseudonyms, I've been quite distracted by the continual need to avoid leaving pointers to my True Name lying around -- excess mail to/from my True Name, shared files, common peculiarities (eg misspellings in written text), traceable logins, etc. The penet.fi site explicitly maintains a list of pointers to the original address. All kinds of security controls -- crypto, access, information, inference -- have to be continually on my mind when using pseudonymous accounts. The hazards are everywhere. With our current tools it's practically impossible to maintain an active pseudonym for a long period of time against a sufficiently determined opponent, and quite a hassle to maintain even a modicum of decent security. Pointers to info and/or tools to enable the establishment and maintenance of a net.nym, beyond the standard cypherpunks PGP/remailer fare with which I'm now familiar, greatly appreciated. Especially nice would be a list of commercial net providers that allow pseudonymous accounts. [...] I hope that we stick to experimenting with pure anonymity in many venues. I suggest we'll find out that purely anonymous posts are not so bad, overall. Some of the recent stuff has been weird or rude, but so have been a lot of True Name flames that have passed thru this list. We find True Name posts easier to deal with because it's what we're used to. Many are comforted by the thought that as a last resort, if a flame is just too evil, the poster can be tracked down and made to pay for his sins. The WELL was so threatened by the thought of anonymity that they required all pseudonyms to be traceable to the True Name, as an explicit policy right from the start of the system. Pure anonymity in all its manifestations is a strange, threatening, fascinating beast in our panoptic social-welfare world. Even those of us at the forefront of harnessing this monster shrink back in fear when it whinnies. [...] Pure anonymity provide voice for a wide variety of new kinds of expression that up until now have been suppressed. Some kinds are good (whistleblowing), some bad (slander). Most are good or bad depending on the situation (asking embarrassing newbie questions, expressing politically incorrect opinions, discussing illegal activities, etc.) I hope we continue experimenting with pure anonymity for a while longer, as well as experimenting with reputation-based pseudonymous systems. Some of what comes out might look very strange, something like tapping into previously concealed areas of our social psyche. I suspect the result will be a more honest dialog, a more productive conversation freed from posturing and, ironically, from the concealment of threatening truth. I hope we will observe the resulting new forms of good and evil with Zen patience and allow this quite interesting experiment to continue. Nick Szabo szabo at netcom.com To: cypherpunks at toad.com Subject: PSEUDOSPOOFING Date: Mon, 18 Oct 93 03:41:03 -0600 From: "L. Detweiler" I'm absolutely *horrified* and *nauseated* that eminent cypherpunk leader `ZZZ' has come out in total support of what I have been calling `spoofing' or using pseudo-real addresses to post to the list. (It isn't `really' spoofing in the exact sense because as I noted there has only been an *implicit assumption* by all of us here that opinions from unique addresses were themselves unique. so, lets call it) PSEUDOSPOOFING the activity of misleading people into thinking that an identity is unique when it really isn't! i.e. posting behind `real' addresses not specifically noted as anonymous! I consider pseudospoofing a *detestable* and *reprehensible* activity if it exists. Am I the only one who finds this absolutely *repulsive* and *abhorrent*? How long has this been going on? who has been doing it? am I the first to suspect it is happening? how many debates have been affected? how many people have been *harassed* or *intimidated* or *burned* to a *crisp* by pseudospoofers? is this going on in *private email* too? how many debates have been skewed? how many people here DON'T EXIST? Are the other founders T.C.May and J.Gilmore in favor of this too? how much have you guys been doing this? is this really part of the cypherpunk agenda? who here supports this, anyway? does this have anything to do with the bizarre conspiracy theories posts of `S.Boxx'?! is this why `everyone' is opposed to a newsgroup or other change in the `status quo'?! Is this why *I* get *flamed* so much? is this polluting other mailing lists?! E.H. >The claim that a person should have only one pseudonym per forum >indicates profound misunderstanding. If someone wants to have >multiple cryptographically protected pseudonyms, they will be able to; >that is one of the main goals of cypherpunks software. IMHO, this itself represents a `profound misunderstanding' under what actually constitutes an OPEN FORUM. If we are merely conducting some depraved experiment on the psychology of pseudonymity and pseudospoofing on unwilling participants, please say so! I for one never saw *that* announcement when I signed up! calling `pseudospoofing' `one of the `main goals' of cypherpunks software' sounds *criminal* to me. Or maybe I'm missing the point! I guess this is what anarchy really *is* all about! * * * speaking of OPEN FORUMS, `Jamie Dinkelacker' objects to my other proposals for reputation tracking statistics: >> >>1) how long they have been on the list in days, 0 if none at all >>2) how many postings they have posted here >>3) maybe a posting/age ratio -- some people seem to be very sensitive >>or tune out people with a high one. >>4) another idea: tracking the number of responses a given poster has, >>average, per original post, measured by `re: [x]' subject tracking. >> > >Each of these suggestions call for data that may contribute to identifying >individuals, tracking their behavior or providing information useful to >decypher some messages. This has a very NSA feel to it. A very ``NSA FEEL''?! all of these statistics could be generated by *anyone* who subscribes to the list! is this an OPEN FORUM or not?! How could *anyone* object to anything so innocuous? A *true* forum would be *representative*. For example, I already have the impression that no one here supports my suggestions whatsoever on list modifications & protocol from E.H.'s comments and jamie at netcom.com. Now, humor me, and take the hypothetical situation that these are the same person! how can this be a `forum' if an opinion is not *representative*? what if a single person just `ganged up' on someone they didn't like by overwhelming them with pseudospoofs? what if there was *truly* support for some project but a pseudospoofer ganged up on the proponents and clobbered them with flames? does this sound anything like what has happened on this list in the past? doesn't it throw every `conversation' on this list into spectacularly *grotesque* doubt? wouldn't that be a lot like intimidation at best and *extortion* at worst? would it look like a `clique'? what if this was happening *routinely*? what if people were being *influenced* by what they perceived was the *majority opinion* or the *views of their peers* that were really nothing but DECEPTION AND LIES? what if it was *thwarting progress*? I would consider this nothing but TREACHERY and HIGH TREASON. is all this really one of the `main goals' of the cypherpunk agenda? if so, SIGN ME OFF. Regardless of whether anyone believes in democracy (a `lot' of people here said they didn't a while ago, but now I have my doubts!) the idea of `one man one vote' is SACRED. it means in essence, one man shall not have UNFAIR INFLUENCE. anything less is just the `Golden Rule: He who Has the Most Gold Makes the Rules'. or, `you can be here as long as I always have more *power* than you do and you don't complain!' it is *anti egalitarian*. it is a recipe for anarchy, dischord and chaos. Or perhaps I'm MISSING THE POINT?! maybe that's what somebody *wants*. is *this* what the Cypherpunks really stand for? UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. Date: 18 Oct 93 14:18:10 EDT From: Sandy <72114.1712 at CompuServe.COM> To: Subject: DETWEILER ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Lance Detweiler finished his most recent rant thusly: . . . is *this* what the Cypherpunks really stand for? UNFAIR INFLUENCE. ABUSE OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. Lance, stop frothing at the mouth and get a life. S a n d y (aka Tim May, Eric Hughes, Nick Szabo, Perry Metzger, Duncan Frissell, Mao Tse-tung, George Herbert Walker Bush and a cast of thousands) >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 18 Oct 1993 11:55:46 -0800 To: cypherpunks at toad.com From: lefty at apple.com (Lefty) Subject: Re: PSEUDOSPOOFING >what if people were being *influenced* by what >they perceived was the *majority opinion* or the *views of their peers* >that were really nothing but DECEPTION AND LIES? what if it was >*thwarting progress*? I would consider this nothing but TREACHERY and >HIGH TREASON. is all this really one of the `main goals' of the >cypherpunk agenda? if so, SIGN ME OFF. Works for me. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From: tcmay at netcom.com (Timothy C. May) Subject: Time for me to come clean... To: cypherpunks at toad.com Date: Mon, 18 Oct 93 12:46:40 PDT My experiment has gone far enough. One of you has claimed that the Net entity "tcmay" (Timothy C. May, putatively) is actually "jamie" (Jamie Dinkelacker, putatively). This person has at other times claimed that perhaps Eric Hughes and Jamie are the same person, and that the Net entity "tcmay" is the "lackey of Eric Hughes." It is all getting so confusing! Allow me to clarify. I entered this list under a variety of pseudonyms, with the intent of compiling information on all of you. I have been posting under the identities of Tim May (who has actually never existed....the man behind the mask on the cover of "Wired" was a hired actor, as were the stand-ins for the personnas of Eric Hughes and John Gilmore), Sandy Sandfort, Jamie Dinkelacker, and many others. I disavow any connection to the paranoid "S. Boxx," however. In fact, I think there are only five actual biological entities on the list. Makes for some good conspiracy theories for the paranoids. Finally, I also write under the nym de guerre of "Dorothy Denning." The real Dorothy Denning is too busy grading papers for her freshman crypto class to post, so I fill in. My real name should be apparent to you all. I knew if I used it, the other four of you would not take me seriously. But now the secret's out. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb From: cman at IO.COM (Douglas Barnes) Subject: Re: PSEUDOSPOOFING (lions and tigers and bears, oh my!) To: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 1993 11:21:22 -40962758 (CDT) L. Det writes: > I for one > never saw *that* announcement when I signed up! calling > `pseudospoofing' `one of the `main goals' of cypherpunks software' > sounds *criminal* to me. Or maybe I'm missing the point! I guess this > is what anarchy really *is* all about! It was one of the main reasons *I* signed up... we were working on a TV show about cyberspace, and Paco Nathan explained public key encryption, digital money, and nyms with reputations in his inimitably cheerful and energetic fashion for our cameras. The part he was most excited about (a part that still fascinates me no end) is the possibility of spawning new identities that can acquire reputations, property, prestige, ignominity, whatever, without the need to appeal to a government bureaucracy for validation. Furthermore, the whole notion that there is some kind of implied contract when you join a free mailing list completely absurd, second only to your notion that we are all pushing for the same political agenda (or should be) because we put our names in the same hat at toad.com. It just ain't so, and no amount of wishing will make it so. And, to cap it all off, I have had more external validation of the physical existence of the key members of *this* data space than any other international data space I participate in; in addition to numerous pictures, I've met a number of the folks, who have, in turn, met a number of the folks... cypherpunks is one of the meetingest mailing lists I've ever seen or heard of. Doug PS: the show never got edited, because Steve and I decided to set up io.com. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From: szabo at netcom.com (Nick Szabo) Subject: SILLY FLAMES: pseudospoofing To: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 18 Oct 93 5:25:22 PDT Cc: cypherpunks at toad.com L. Detweiler -- shocked, simply shocked, at the realization that multiple pseudonyms are possible on the net -- explodes: > ....how can this be a `forum' if an opinion > is not *representative*? Perhaps there are differences between a forum and a voting booth? > what if a single person just `ganged up' on > someone they didn't like by overwhelming them with pseudospoofs? what > if there was *truly* support for some project but a pseudospoofer > ganged up on the proponents and clobbered them with flames? Perhaps "support" is better measured by how many people are motivated enough to go to the effort to make multiple but individually unique, reputable posts in favor of a proposition, rather than by simple numerical polls that abstract away knowledge and motivation, or by how many True Names position themselves with I'm-on-your-side posts. On cypherpunks' better days, "support" is measured by what kind of code gets written, not by who flames whom how often under how many names. Of course we all know that writing code does not constitute *true* support, since only Democracy is The One True Way. > doesn't > it throw every `conversation' on this list into spectacularly > *grotesque* doubt? Welcome to the Internet, Detweiler. Perhaps you might get together some physical meetings in Colorado, talk to more cypherpunks on the phone, look at the pictures in Wired magazine (perhaps also faked?), etc. if you are so concerned about being ganged up on by unknown numbers of strangers. (Is it better to be ganged up on by known numbers of strangers? Why of course, that's called Democracy). > the idea > of `one man one vote' is SACRED. Hallelujah! Praise the Lord & pass the card punch! Let's vote ourselves bigger paychecks & unlimited medical care. Let's take a vote on which cypherpunks tools we will implement. Those who vote with the minority get to do the programming work, those in the majority get to tell the minority what to write. I nominate L. Detweiler President of the Cypherpunks. All in favor say "aye" and bow down to His Holiness of the Veiled Booth! > it is > *anti egaltarian*. it is a recipe for anarchy God forbid! Quick, Detweiler, get out your garlic, raise up your cross and abjure these crypto-anarchists before we spread any further! Next thing you know we'll get some elitist, anti-democratic development like untraceable digital cash. Some people will accumulate more digicash than others, and Detweiler won't even know who they are. Horrors! Quick Detweiler, write your electronic leveling tax protocols before its too late. Better yet, get the majority to vote on making us evil crypto-anarchists -- only a small cypherpunk minority once our pseudonyms are unmasked, of course -- make us write them for you. After all, egalitarian software is a basic human right! > UNFAIR INFLUENCE. ABUSE > OF POWER. MANIPULATION. DECEIT. TREACHERY. EXPLOITATION. SECRET CONSPIRACIES. >... Isn't it just dreadful? Nick Szabo szabo at netcom.com Date: Mon, 18 Oct 93 08:02:16 CDT From: m5 at vail.tivoli.com (Mike McNally) To: "L. Detweiler" Cc: cypherpunks at toad.com Subject: PSEUDOSPOOFING "L. Detweiler" writes: > I'm absolutely *horrified* and *nauseated* ... If digicash were a reality, I'd send you some with the proviso that you only spend it on clues. Repeat this chant until you attain enlightenment: Pseudospoofing cannot be prevented Pseudospoofing is a reality of online existance No amount of fear and loathing will make it go away If it weren't for fundamentally new concepts like the ability to pseudospoof (that's a lousy term, by the way), the net would not be the quantum change in human communication and human thought it is. > p.s. if anyone doesn't hear from me for awhile, assume I've been > `liquidated' and this isn't really an `open forum' ... No, I'll assume the ELF-2 running your pseudomind blew a fuse. -- Mike McNally To: cypherpunks at toad.com Subject: pseudospoofed out Date: Wed, 20 Oct 93 01:13:18 -0600 From: "L. Detweiler" Cypherpunks, I use the internet for a lot of serious activities, and it deeply troubles me to think that I have been vicitimized by pseudospoofers in areas outside of merely the cypherpunks list such as in the numerous FAQs I edit (a very time consuming endeavor) or in my other favorite mailing lists. I feel like my blood has been drained by parasites that suck my prose and passions. Since there is absolutely no support for any `True Names' here whatsoever, I volunteer to drop the subject. And of course I am just another blip on this list, so my ideas for its improvement mean nothing, and I will not *ever* make a proposition again here regarding the subject. however, A PERSONAL REQUEST I humbly request that ANYONE SENDING ME PERSONAL MAIL have the decency to do so under their `True Name' or `obviously anonymously' under the same identity. Do not deceive me for perverted sport. Do not try to build up trust merely so that you can betray it. Do not manipulate me simply because you have the capability or because I am a basically trusting person. This sentiment is equivalent to something like `if a woman doesn't carry a gun then it's OK to rape her' and it is one of the most alarming aspects of what I have seen promoted here and in the general `hacker' community. `nothing is wrong if you can get away with it.' I believe that there is no such thing as a `consequentless action'. Please, do not drag *me* into the gutter because you like to wallow there. If anyone has deceived me in manipulating me with multiple pseudonyms in my personal email, please inform me *now*. I believe this is the absolute least that *anyone* could ask on the internet. Another point to make is that Usenet & current mailing lists are far from the future models. I fundamentally believe that `true name' systems are entirely socially desirable and can be erected without invading privacy. Anyone who claims that `true names' and `privacy' are fundamentally incompatible is simply mistaken. Does `absolute privacy' mean that no one *ever* knows who *anyone* is? It seems to me the ability to differentiate identities or reject their input based on `true names' is a basic right of the listener. You do not have a right to bludgeon me with identical opinions from an unrepresentative arsenal of imaginary identities. I suspect some of the people advocating `absolute privacy' are themselves currently using powerful tools to detect pseudospoofing others do not possess. Is that the cypherpunk Utopian ideal? A place where you can manipulate people without them knowing it? let others drown in mud while you trample atop their backs? Also, please do not deceive the press. T.C. May has recently satirically suggested that some of the Wired pictures are of hired actors. I don't find this funny. If the `cypherpunks' are really something other than that which they claim, it will eventually and inevitably come back to haunt the `movement,' whatever it is (algorithms or ideology? I no longer care). History and society is far more shrewd than that. If pseudospoofing is really the #1 cypherpunk agenda, please make that clear. `We want to fool everyone with brainwashing techniques so they are at the mercy of our whim.' One of my attractions to cyberspace was the promise of making online friends, and I have made many over many months. But the idea that some psychopaths are sending me email just to leech my strong emotions and play with my passions, like a cat does a captured mouse, perhaps even with the support of a large and complex software `arsenal' designed specifically to promote camouflage and manipulation, perhaps on a very widespread scale involving multiple lists, I find reprehensible and inherently evil. Please, choose another lab rat victim. My whole `cyberspatial reality' has been cast into doubt. Who's real? Who's fake? I used to really look forward to reading and responding to my mail, but now I approach it with dread, horror, and nausea. I don't even know if who I am talking to on the phone is who they say they are anymore, or if I really have any true cyberspatial friendships, because of all the pseudospoofing in my mailbox. There are some among you who say `welcome to the real world'. Are you people saying that man's natural state is confusion, desperation, and paranoia? I am not opposed to `pseudonymity' and multiple reputations of course. But the strong sentiments on this list that I should be kept *guessing* I find abhorrent. What is most disturbing is the possibility of a single entity attempting to stick someone's psyche in a vice by systematic and concerted assaults from multiple supposedly `unique' identities in private email. This is like dealing with a tentacled octopus-monster. What could be more depraved? This is nothing but vicious interrogation and brainwashing. I'm simply in favor of truth in advertising, and I think this list has been misrepresented as a `forum' when it's nothing but a hotbed of pseudospoofing, possibly even aided by automatic software tools. Someone tell me, how long have I been arguing with AI programs anyway? Trully, I never would have subscribed if I had realized the `practice' of pseudospoofing was epidemic. I mean, I suspected there were isolated cases, but now it appears a large part of traffic is manufactured flames and froth. Does anyone have any idea how much time has been wasted wading or even arguing with opinions that were nothing but mirages? I'm deeply disillusioned. But of course, who cares? Certainly not the leadership or the followers. I'm not sure that some of the `identities' I've been dealing with over the past few months really have any basic morality. I suspect there are some demagogues that tout `privacy' while really subtly and insideously promoting dishonesty, sociopathism, treachery, and barbarianism. An example: I am on another mailing list where I posted a long article as a `gift' to the subscribers. I got some favorable comments, except from the moderator who said that `people are shocked at what you did.' I asked him. What people? What did they say? He backed down. But imagine that someone slandered me with a worthless pseudonym? and, in fact, even if they mailed *me* would I be able to tell that they didn't care about the reputation of that pseudonym? It seems to me that there is a basic idea of reputation and postings. To a degree, if you haven't earned a reputation in some subject, you should be disqualified from pontificating on it, irrelevant of your arsenal of pseudonyms. Filters based on reputations may help make this a reality. (I would personally like to ban my mailbox of all opinionated pseudonyms who have not read more than 2 of my posts.) I remember `ZZZ' once announcing to the list that J. Markoff had unsubscribed. Who's really in favor of privacy? Is everybody here really interested in `privacy' as an `offensive weapon'? `Privacy' as a way of evading taxes? `privacy' as a way of manipulating or betraying the gullible and trusting for perverted pleasure? `privacy' as destroying social order and promoting anarchy? Really, nevermind. please, don't send me any more blistering flames. These are rhetorical questions. In fact, this is a rhetorical essay. Date: Wed, 20 Oct 93 08:30:42 CDT From: m5 at vail.tivoli.com (Mike McNally) To: cypherpunks at toad.com Subject: Re: pseudospoofed out "L. Detweiler" writes: > [ the funniest thing I've read on the net in years. ] Thank you, thank you, thank you *all* for making this possible. The hours of cleaning crud from my INBOX are *easily* worth this kind of entertainment. I am literally in tears, irritating my officemate with incessant laughter. Mr. Detweiler (if that really *is* your name), thank you especially. You write well, kinda, even if I utterly disagree with you. I think I'll print this out and paste it into my big unabridged next to "hyperbole". -- Mike McNally Date: Wed, 20 Oct 93 08:22:25 CDT From: m5 at vail.tivoli.com (Mike McNally) To: cypherpunks at toad.com Subject: pseudospoofed out "L. Detweiler" writes: > I feel like my blood has been drained by > parasites that suck my prose and passions. I hereby claim this as a .signature for at least one of my identities. -- Mike McNally -- ld231782 at longs.LANCE.ColoState.EDU From mccoy at ccwf.cc.utexas.edu Mon Oct 25 13:24:58 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Mon, 25 Oct 93 13:24:58 PDT Subject: Announcement: dc-nets mailing list Message-ID: <199310252024.AA00699@tramp.cc.utexas.edu> -----BEGIN PGP SIGNED MESSAGE----- Several of us down here in Austin, as well as others on the net are working on various schemes involving the dining cryptographers protocol. To help coordinate efforts to put DC networks into operation and to work out some of the necessary practical details of such an endeavor I have set up a mailing list for people interested in working on such projects. If you wish to subscribe to the list, send a message to the address: listproc at mcfeeley.cc.utexas.edu And include the line: subscribe dc-nets [optional Real Name] in the BODY of the message. For help on using the list processing software for subscription services or to get other information send a message with the BODY consisting of the word "help" or "info" to the listproc address. The address of the list itself is dc-nets at mcfeeley.cc.utexas.edu jim -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMw1qvcwzmW/Wc5xAQES0gP/fJvAJyo6YVCJKWmMaisyFD3JIofG+m4e ppwjVqRqnCdVq8Tn7Tr81PfYvLuZ4IgGKHuS3MeVQqHetHLBbbnzmNUGF8y1i0YB A286GkKopxZQvlj+9Yxb1KGy8Ol7+Fo+m2PgeSHQT1wuYddQtfGeW6Eo0erz4OfM MRifq/UimYU= =3Fku -----END PGP SIGNATURE----- From 72114.1712 at CompuServe.COM Mon Oct 25 13:29:11 1993 From: 72114.1712 at CompuServe.COM (Sandy) Date: Mon, 25 Oct 93 13:29:11 PDT Subject: NET REGULATION Message-ID: <931025174804_72114.1712_FHF124-2@CompuServe.COM> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT Reply to: ssandfort at attmail.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Punksters, Apparently, T. William Wells does not understood the "Permanent Tourist" concept referenced by Duncan Frissell. Mr. Wells wrote: . . . I could decide to become one of these Permanent Tourists. But where would I go? What will be my concerns? Obviously, money will be one of them. But so also will be climate, people, activities I might not be willing to do without, and on and on. You do not have to leave home to become a PT. For the first time in history, the Net provides a to work anywhere while *appearing* to live anywhere else. William added: Furthermore, other governments are, almost without exception, more repressive than the one I have. For those PTs who do choose to live overseas, this simply isn't true. Foreigners with money to spend are almost always treated better than the local captive audience. Sure, there are some repressive regimes out there, but that needn't affect the PT. Some other material mistakes of fact by William: . . . in the developed world, where most governments are willing to cooperate to some extent in the attempt to collect revenues. No they do not. Most only give lip service to cooperating with one another. If Mr. PT moves to country B to avoid taxes in country A, there is no incentive for country B to cooperate with country A. Why? Because Mr. PT is spending his "ill gotten gains" in country B. Why screw with a good thing? It might be argued that there are PTs from country B who are living in country A to avoid country B's taxes. Therefore it would be in the best interests of both countries to cooperate. The theory sounds great, but that's not what happens. For whatever reason, countries rarely cooperate in this way. William went on: It is a sad fact that governments collectively possess the means to physically regulate all of the desirable real-estate and most are more willing than ours to use physical force to pursue their ends. So Permanent Tourist or not, //one can't really escape them//. [Emphasis added.] It is here, William reveals himself. I used to run into this "you just can't win" syndrome when I was involved in libertarian politics. For every answer, William comes up with another objection. As time goes on, the objections depart further and further from reality and reason. There are ways to own real estate anonymously. Force is rarely used indiscriminately and there are ways to lower your risk. As a practical matter, YES, YOU REALLY CAN ESCAPE THEM. Finally, William worries about world governments focusing on us if we become to good at taking the bread out of their mouths: . . . But what happens when the printing-press equivalents cease to stave off bankruptcy? They go bankrupt, William. S a n d y >>>>>> Please send e-mail to: ssandfort at attmail.com <<<<<< ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cme at ellisun.sw.stratus.com Mon Oct 25 13:39:13 1993 From: cme at ellisun.sw.stratus.com (Carl Ellison) Date: Mon, 25 Oct 93 13:39:13 PDT Subject: worked MTTF examples Message-ID: <9310252034.AA05555@ellisun.sw.stratus.com> ..for the end of the MTTF paper document -------- - Carl ====================================================================== \pagebreak \section{Examples} Let $\lambda = 0.5$ failures/year, assuming a node fails on the average once every two years. Let $\mu = 52.0$ repairs/year, assuming a node can be repaired in a week. These assumptions result in the following system MTTF values, in units of years: \begin{tabular}{||r|r||r||} \hline $N$ & $K$ & MTTF \\ \hline 2 & 1 & 107.00 \\ 3 & 1 & 3747.67 \\ 3 & 2 & 36.33 \\ 4 & 1 & 98405.50 \\ 4 & 2 & 955.50 \\ 4 & 3 & 18.50 \\ \hline \end{tabular} If $\lambda = 0.5$ failures/year and $\mu = 350.0$ repairs/year (to follow the Stratus practice) we get the following system MTTF values, in units of years: \begin{tabular}{||r|r||r||} \hline $N$ & $K$ & MTTF \\ \hline 2 & 1 & 703.00 \\ 3 & 1 & 164270.33 \\ 3 & 2 & 235.00 \\ 4 & 1 & 28788554.16 \\ 4 & 2 & 41185.50 \\ 4 & 3 & 117.83 \\ \hline \end{tabular} One could also consider the MTTF of a posting on USENET News. $\lambda$ and $\mu$ might be the same as above, but $N$ is the number of News servers to which the posting has propagated and $K$ is 1. The underlying model is different because it must take account of limited connectivity of News servers, but it is clear that a posting's MTTF becomes effectively infinite once it has left its home node. \end{document} From owen at autodesk.com Mon Oct 25 13:44:09 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Mon, 25 Oct 93 13:44:09 PDT Subject: Net Regulation Message-ID: <9310251903.AA26004@lux.YP.acad> > From: "Perry E. Metzger" > Admittedly, if someone could put a *loyal* armed soldier over > everyone's shoulder on earth they could control everyone. How, though, > could they manage to do this? by getting them dependent on network connectivity for even the most basic communicatiosn between themselves other that face to face communications, and then using AI agents as the soldiers.? just athought! LUX ./. owen From nobody at shell.portal.com Mon Oct 25 14:05:25 1993 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Mon, 25 Oct 93 14:05:25 PDT Subject: TEMPEST Message-ID: <9310252100.AA20550@jobe.shell.portal.com> Well this posting provoked another. ***** FOR SALE ****** Van Eck Radiation Evesdropping Monitors Good for All SCAN Rates. USES: Evesdrop on your bosses CRT, your enemies CRT, your Lovers CRT, Spy on the local Spies, what does your local FBI Agents monitor say about you. Find out for sure, with the proper antenna these monitors will repeat VDTs up to 1 KM distant. RANGE: with proper Antennas 1 KM You are are responsible for checking on whether your National/Provincial/Local laws allow the importation of this device. COST $8,000.00 US Dollars (Supply is Limited) A public key and encrypted remailer block follow to allow you to place your orders. Payment Terms will be sent to you following receipt of a PGP encrypted order. To reply to I/We please use the enclosed public key to encrypt your message back to us. The anonymous remailer encrypted return block may be used for now but if current(known to be good) paths are needed look for the latest in cypherpunks at toad.com. Please encrypt ALL mail sent to us... -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAizMFlcAAAEEALPYHDpT3OhTyO0qfEcqnbwY30pZb3ET6JUP70jfIQPiTrkA i7WJFYnDWv0FBk3aMxfH2DpI0fauCQKLnJJrc0/WHi5AgZVJh7KTwfCyAS+Zr2xM 7xjFZlwd9Q0Ow5k3hLfO4LQpTOW8IBMATV8or1g/+Zv3m87WjLgMmjAEwDypAAUR tDxibGluZHBpcGUgPHVzZSBjdXJyZW50IHJlbWFpbGVyIGJsb2NrIHBvc3RlZCB0 byBjeXBoZXJwdW5rcz4= =IHVG -----END PGP PUBLIC KEY BLOCK----- --------8<--cut here-->8-------- :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.3a hEwClqx1g6tk6KcBAf9Nly0MsbjTHys9iZwvkew2KEls/4T+4uXG+Ri8gtJnA9P0 5NvGZYIU0A40CHeHWttwE+cjwVyREWWcCPUVeMqcpgAAAYWHYP4OYPHDdUFKrs1i FW2F5lMQ1m4pU475xcLJH+NqQUYToSqmTlyH5dlOLmkC0s97n2OMQKJyDkUHkIbZ nqEg42KQkjAWotu85dBuXFjgLyShkACvah/VBXYcKHMsgfO41tCbCQiWVkg022/F TheZmlX5mPj0pgLFlpd+nYYIsGcH2memKLXWuhaY4yThRPYCu5OEYBlQEE1TtQTs glC6926Nu1RHvs4ivD3OabzeLdl2Kh2wZI2IcznUKOIKhH3nsXgI9ZvuHVkrKkmw 5ABXnhj2rgWW6/SxOT6XejUKH6WHu82HBjnEi6dDviB5pnGL8D2ayxw+ySwjNZ94 lJyrGVeq40XVG4HywxUbmrSbM/a6OOvH2f5zmXQAccoj2iwWa0khPJ0kjlndV/I9 FSLeIP8BZZSHU1tA9/genoDd3auQDAregfuzA10KjVr96+TcLdlh/7eM9TfQDaPz VtCrLR+X/n2J083WtmyzbZhpeI2qzjL7YqPXNlRsofenVucl3E1k0A== =WPI/ -----END PGP MESSAGE----- > From: rjc at gnu.ai.mit.edu (Ray) > L. Detweiler () writes: > > Consider the term `signature' in the conventional connotation of a > > handwritten scrawl. What are the *critical* properties of a handwritten > > signature of a person [x]? > > > > 1) no person [y] can `forge' the signature of [x] > > 2) the signature of [x] is unique to [x] > Well (2) is untrue since I know people who can forge signatures with > great precision (even my own). However if they forged your name on one of your checks, you wouldn't take such a blase attitude to it would you? And in such a case you have an opprtunitty to prosecute them for their criminal act of forgery should you be able tpo prove it. Digital signature systems need to include the ability to track and succesfully prosecute criminal forgery, or digital signatures are worthless for transactiuons that require reliable accountability. IMNSHO > Since we're going for an ideal Brave New Cyberspace where forging > ids is impossible, I've got some suggestions. These should make you very > happy: > > 1) Phase out handwritten signatures in society and switch to finger prints, > retinal scan, and DNA codes. Whenever you sign anything, the store/business/ > govt office will require a blood test (for DNA), retina scan, and finger > print. With today's technologies, these can be made painless and quick. > > 2) Require everyone to have a global positioning tracker installed under the > skin so they are "accountable" at all times. This worked great in > demolition man. > > 3) Mandatory caller-id, video-id for everyone. No one should be able to > make calls without the other person knowing who you really are. Payphones > should have finger print/retinal scanners for verification. > > 4) all new computers should come equipped with finger print recognizing > keyboards. No more spoofed messages posted on people who leave their terminals > accidently logged in (in the computer lab) > > 5) get rid of cash! we can't have unaccountable transactions taking place > in the economy. Banish the free market. Nationalize all businesses under > NSA control. What makes you think that the bleak vision of the future reflected in your satire above isn't exactly what the typical power/control-freak government types want to impose? > > If a person cannot be traced based on their digital signatures, where > > is the accountability? What if a person signs a document with a > > `digital signature' and *breaks* that contract? you have no recourse > > unless the identity is ultimately identifiable and you can take `that > > body' to court. > Get a clue for god's sake. Digital signatures won't exist in a vacuum. > No one is going to accept the validity of a signature unless it is signed by > some trusted/certified authority and that authority would be liable for the > person's true name or actions. right, so where are the systems that certify trust and authenticity? and who is designing them , and what are the design criterea, and what happens if the government decides they don't want to, and..... LUX ./. owen From baumbach at atmel.com Mon Oct 25 14:44:12 1993 From: baumbach at atmel.com (Peter Baumbach) Date: Mon, 25 Oct 93 14:44:12 PDT Subject: signed mail + steganography = ? Message-ID: <9310252123.AA19707@bass.chp.atmel.com> What if you couldn't tell when a letter was signed unless you new the public key of the person signing it? How could this be done? Encode the digital signature with steganography. Is this possible when steganography alters the very message you wish to sign? I don't know. The benefit of this is signed and unsigned messages look like each other. People can't be lazy anymore and just assume the signature is yours. Your boss isn't likely going to notice you used pgp to sign your mail. Peter Baumbach baumbach at atmel.com From norm at netcom.com Mon Oct 25 14:53:23 1993 From: norm at netcom.com (Norman Hardy) Date: Mon, 25 Oct 93 14:53:23 PDT Subject: Shamir Sharing Message-ID: <9310252150.AA26406@netcom2.netcom.com> The following code may be useful in applications to share secrets a la Shamir. Beware the warning about pseudo random numbers! #if 0 Shamir Sharing Warning!! We use the stock random number generator. You must replace it if you really want to keep a secret!! 67 is prime and 67^4>2^24. We use the field of integers modulo 67. We want to produce k<67 versions of a secret so that we may reconstruct the message when q (0 and libraries in some systems claiming to be ANSI C! typedef struct{long quot, rem;} ldiv_t; static ldiv_t ldiv(long a, long b) {ldiv_t A; A.quot = a/b; A.rem = a % b; return A;} #endif #define N 67 #include #include #include typedef unsigned long u25 /* 32 bits */; static char mt[N][N], dt[N][N]; static void it(void){int i, j; for(i=0; i= (u25)N*N*N*N) printf("Foul value\n"); if(quor > dis || dis >= N) printf("Committee size must not exceed distribution and " "distribution must be less than N\n"); {ldiv_t A = ldiv(sec, N), B = ldiv(A.quot, N), C = ldiv(B.quot, N); char a[4]; a[3] = A.rem; a[2] = B.rem; a[1] = C.rem; a[0] = C.quot; {int k; for(k = 0; k<4; ++k) {char coef[N-1]; coef[0] = a[k]; {int m; for(m = 1; m=0; --m) q = M(coef[m] + mt[q][n] - N); w[n-1][k] = q;}}}}}} #define C 4 int main(){it(); if (0) {int i, j; for(i=0; i > From: "Perry E. Metzger" > Admittedly, if someone could put a *loyal* armed soldier over > everyone's shoulder on earth they could control everyone. How, though, > could they manage to do this? By getting everyone to obey the "policeman inside" (concept due to Wm. Burroughs, recently quoted by Wm. Gibson in WIRED Sept/Oct). Paul E. Baclace peb at procase.com From catalyst at netcom.com Mon Oct 25 15:13:21 1993 From: catalyst at netcom.com (Scott Collins) Date: Mon, 25 Oct 93 15:13:21 PDT Subject: Apple, AOCE, and key pair security Message-ID: <9310252210.AA06907@newton.apple.com> -----BEGIN PGP SIGNED MESSAGE----- - From the MacWeek article: >validity. To get your own digital signature from RSA, you take a form to >a notary public, who verifies your identity, notarizes the information >on the form, and then mails the form to RSA. The form contains your name, address, etc, and a printout of your public key. >Based on the notary >public's authority to say you are who you claim to be, you eventually >receive a disk in the mail with your personal electronic signature. _Not_. The disk contains a PEM style certificate, authenticating your public key. On your local machine, where you generated your private key, is a file (your private key) called a signer. This file is your private key + software to make it sign things, so the whole thing is a self contained application -- but it refused to function until you bind it to a certificate. >Your >electronic signature has a two-year expiration date, and includes some >verification information. Certificate, not signature, just like RSA has been trying to sell them all along. >If someone wants to make sure your signature >is valid, he or she contacts the issuing authority listed in the >certificate. Wrong again. Validation occurs locally because an entire chain of certificates is provided in the signature >There will be issuing authorities other than RSA. For >example, Apple Computer's security department plans to issue signatures >to all Apple employees with employee badges." Not signatures, certificates. All key generation takes place locally. RSA does not generate the keys. These articles are a woeful misrepresentation by over simplification. I will happily provide clarification to the authors if they call me. If anyone wants, I will demonstrate this software at the next Bay Area cypherpunks meeting. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMw0nSmBKTQiZpaHAQFWOwQAqnD+C7cO0XDzCrbh7hxjzTSDEhbbtxZZ B4+dXNghqSSI24c+T8FZC/gwBIhDq4Q1z0iEml2d84VcFZoHdLJL2Vi803go179E 86uwlggClAPVT+vhqE/LG7NrOC7+r8gTBk5S4gi5fX4hCkMQXdjcNOaWvgQ/slOF XbH+g4vjhF8= =Kn0e -----END PGP SIGNATURE----- Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com From cman at IO.COM Mon Oct 25 15:53:21 1993 From: cman at IO.COM (Douglas Barnes) Date: Mon, 25 Oct 93 15:53:21 PDT Subject: Net Regulation In-Reply-To: <199310251724.AA09315@panix.com> Message-ID: <9310252247.AA01128@illuminati.IO.COM> There are several severe limitations to how big of a movement this could really be: 1) Let's say, just for instance, that all computer programmers in Europe and the US switch places, and become Permanent Tourists. Do you think that anyone would notice? Do you think there might be some sort of action taken at the national government level? Would it be effective? 2) Even in this highly select hypothetical group, I would say that the vast majority still don't even grasp or have access to the basic technology for using even the most simple net tools. Even if we eliminated all of the COBOL programmers, we'd still be looking at a tough row to hoe. 3) One of the persistent problems in solving unemployment problems in both the US and Europe is that folks JUST WON'T MOVE. This is more true in Europe than the US, but we can look at numerous examples where the need for particular skills (or any skills at all) will evaporate in one part of the country while there are shortages elsewhere. Some people will have sufficient gumption to load up the U-Haul and beat it, but most will hang around, going on welfare and engaging in cargo-cult-like behavior waiting for jobs to appear from the sky. Most Americans are hidebound, closed-minded people who couldn't even find the US on an unlabelled map, much less MOVE to another COUNTRY. 4) The inability of most of our fellow citizens to process text and numbers is staggering; it's not clear by any means that they're ready for jobs in their same CITY where they live, if it involves any significant reading or writing skills. How are these people going to fare in your scenario? Remeber, they're still citizens of an alleged democracy and thus have their collective finger on one of the largest coercive apparati in the world. 5) If folks don't move, but try to get cute with where their income is coming from, they will almost certainly be persecuted by the IRS, independent of current law, if their numbers become significant. This is probably true even if foreign nationals are involved, especially if they pose any significant load on government services. Imagine the resentment of, say, a local rancher, tied to physical and taxable goods: "Awww, he's onenna them computer-head tax evaders, think he's so smart. I'm a-gonna point out him out to the tax boys, and they'll fix him but good." It wouldn't take too many "examples" to force whatever tax regime the IRS felt was necessary. The majority of taxpayers in this country are *not* going to be to be PTs for a long, long time, or are employed in professions where it simply won't work (teaching, day-care, nursing, car repair, food service, plumbing, construction, agricultural labor, physical plant maintenance, transportation and delivery, product assembly, live entertainment, etc., and, of course, the government itself). I think that individuals like you, and the others on this list, may slowly leak out of the US economy over the next ten years, but it will probably pass largely unnoticed; if it gains enough momentum, someone *will* notice and take steps to make it sufficiently chancy that most folks will cough up some or all of the required taxes. The vast majority of folks, even the high-tech industry, are unwilling to do anything that would take them out of their cozy home towns or suburban enclaves, force them to ship the enormous quantities of material crud that they've acquired across one ocean or another, or, god forbid, run afoul of the IRS. -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From klbarrus at owlnet.rice.edu Mon Oct 25 15:59:11 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 25 Oct 93 15:59:11 PDT Subject: Digital Signatures Message-ID: <9310252258.AA15045@flammulated.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- Earlier, L. Detwiler posted a message which listed some desirable properties of digital signatures. (I won't comment on the rest of the post since I'm behind in list mail and haven't read up). Signatures (real and digital) ideally have the following properties, and maybe others: 1) Unforgeable. The presence of the signature shows the signer attached it on purpose. Also, the signature should convince another party that the signer signed the document (i.e. the signature can be linked to somebody or a pseudonym or whatever satisfies the recipient). 2) Not transferable. If the signer signs one document, it should be impossible to transfer the signature to another document. (Beware signing random documents - see a previous post on the "Notary Protocol" or Judith Moore's paper on protocol failures). In the digital world, transfering a signature should make it invalid. 3) Can't repudiate. The signer can't claim he/she did not in fact sign a document which bears the signature. 4) Can't alter. A document which is signed can't be altered without invalidating the signature. I don't know if a signed contract with white-out, strike-outs, and various inserted edits is still valid, but a good digital signature should contain information (secure cryptographic hash like md5, md4, snefru, snefru256, etc.) about the text signed. For instance, PGP and RIPEM signatures contain an md5 hash of the message text, so altering the document after it's signed will invalidate the signature. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLMxYWoOA7OpLWtYzAQHARQQAm9m28LRxWWXMeCDN9uNvTc58+4vndkpZ +2VCAGQ5x4EMYOCWCWV81+kJ3qHS6lXZ3crpRONCcXINi58tB4+mr+XWEKsB98Ms 1C5yCS8P+jGMREq4RNiNWf+LNS4oMXtMi/66a0ytEHvNE5v8vYgOsM14FYe5fQ/u wmorJXkuetE= =OSlu -----END PGP SIGNATURE----- From norm at netcom.com Mon Oct 25 16:13:32 1993 From: norm at netcom.com (Norman Hardy) Date: Mon, 25 Oct 93 16:13:32 PDT Subject: Error in Shamir sharing Message-ID: <9310252310.AA06436@netcom2.netcom.com> Please substitute 'rand()' for '22'. '22' was an artifact of debugging! Get the full copy by ftp at netcom.com:pub/Silk/shamir.c From unicorn at access.digex.net Mon Oct 25 16:19:13 1993 From: unicorn at access.digex.net (Dark) Date: Mon, 25 Oct 93 16:19:13 PDT Subject: help/subscribe Message-ID: <199310252317.AA18132@access.digex.net> HELP SUBSCRIBE In the event there is a human on that end, I was a cypherpunk recipiant before I went home (Europe) for the summer. Please sign me back up! -uni- (Dark) From tien at well.sf.ca.us Mon Oct 25 17:20:20 1993 From: tien at well.sf.ca.us (Lee Tien) Date: Mon, 25 Oct 93 17:20:20 PDT Subject: FOIA lawsuit re Clipper Message-ID: <93Oct25.171816pdt.14182-3@well.sf.ca.us> John Gilmore wanted me to let the list know that there will be a hearing this Friday, Oct. 29, at the Federal Courthouse at 450 Golden Gate in SF, around 9:30 am (time is always unclear), in his FOIA suit against the FBI/DOJ re release of documents in the Clipper Chip matter. Very briefly, we have received some mostly uninteresting documents regarding Clipper so far. We moved for an index of the withheld documents and for expedited processing. The gov't response was to move for a stay of proceedings until early 1997. That's not a typo-- almost 4 years! We sent them some discovery as to their FOIA processing, and they then moved for a protective order barring discovery. So basically, what we're going to be arguing about on Friday is whether the case moves forward, or gets put on hold until the FBI gets around to processing John's request. John encourages interested cypherpunks to attend. He will not be there himself. Feel free to e-mail me, Lee Tien, for details. I prefer to be reached at tien at well.sf.ca.us. Lee Tien From mnemonic at eff.org Mon Oct 25 17:49:43 1993 From: mnemonic at eff.org (Mike Godwin) Date: Mon, 25 Oct 93 17:49:43 PDT Subject: Q In-Reply-To: <9310250013.A6273wk@chrysalis.org> Message-ID: <199310260045.AA00356@eff.org> > --> Note: Forwarded (from: DFW) > Originally from Bryny (1:124/4109.0) > Original dated: Oct 23 '93, 18:36 > > The EPCA applies to Common Carriers. Thus it applies to Compuserve, MCI Mail, > etc. It does not apply to bulletin boards unless they issue mail contracts. > > > ----8<---- > > what are the actual legal requirements for claiming status as a Common > Carrier?? (other than being in the USA ...) > > signed written agreements? Just about everything said about common carriers in these postings is wrong. ECPA is not limited to common carriers, for example. And it *does* apply to BBSs. Finally, one doesn't claim common carrier status, absent a legislative or regulatory grant of that status. For a brief period, thanks to some partial research I'd done in the subject, I was under the impression that there is such a thing as a "common-law common carrier," at least potentially. I now know that this is not the case. --Mike From nate at VIS.ColoState.EDU Mon Oct 25 18:10:09 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Mon, 25 Oct 93 18:10:09 PDT Subject: signed mail + steganography = ? In-Reply-To: <9310252123.AA19707@bass.chp.atmel.com> Message-ID: <9310260105.AA21690@vangogh.VIS.ColoState.EDU> -----BEGIN PGP SIGNED MESSAGE----- writes Peter Baumbach: > >What if you couldn't tell when a letter was signed unless you new the >public key of the person signing it? How could this be done? Encode >the digital signature with steganography. Is this possible when >steganography alters the very message you wish to sign? I don't know. > >The benefit of this is signed and unsigned messages look like each other. >People can't be lazy anymore and just assume the signature is yours. >Your boss isn't likely going to notice you used pgp to sign your mail. > >Peter Baumbach >baumbach at atmel.com > > What if you were to use a higher number of bits per character than ascii? Then you could use the highest (or lowest) bit for a signature. This may not be such a good idea for ascii mail, but if there is ever a real "multi-media" (I _hate_ that term) mail, such as 'ol NeXTmail, then I can see how it would be easy to squeeze in a signature. - -nate - -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46 | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Guerrilla Cryptographer Always remember "Brazil" From rjc at gnu.ai.mit.edu Mon Oct 25 18:10:09 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Mon, 25 Oct 93 18:10:09 PDT Subject: on the term `signature' In-Reply-To: <9310251918.AA26068@lux.YP.acad> Message-ID: <9310260106.AA03681@kropotkin.gnu.ai.mit.edu> D. Owen Rowley writes: > > > From: rjc at gnu.ai.mit.edu (Ray) > > > L. Detweiler () writes: > > > Consider the term `signature' in the conventional connotation of a > > > handwritten scrawl. What are the *critical* properties of a handwritten > > > signature of a person [x]? > > > > > > 1) no person [y] can `forge' the signature of [x] > > > 2) the signature of [x] is unique to [x] > > > Well (2) is untrue since I know people who can forge signatures with > > great precision (even my own). > > However if they forged your name on one of your checks, you wouldn't > take such a blase attitude to it would you? First, they'd need to be able to get one of my checks, which if they were digital, would be as hard as getting my private key. If you're going to allow for private keys to be stolen, you may as well forget about crypto. It's like saying "what if someone stole cash out of your wallet, how would you find them and prosecute them." Cash is already relatively untracable so you argument against crypto is irrelevent. (unless you also want to make an argument against coins/dollars) > And in such a case you have an opprtunitty to prosecute them for > their criminal act of forgery should you be able tpo prove it. If someone steals one of your checks and forges a signature, how the hell are you going to catch them anyway? Unless you knew a check was stolen (in which case you'd notify the bank), your situation is hopeless. Likewise, with digital signatures, if someone gets you're private key, you simply issue a cancellation of the key and notify the digibank. The first time someone attempts to forge a signature (on a digicheck) and cash it, the bank nabs them. I make the claim that current checks can be forged by an intelligent criminal more easily than a digital one could. > Digital signature systems need to include the ability to track and > succesfully prosecute criminal > forgery, or digital signatures are worthless for transactiuons > that require reliable accountability. > IMNSHO How do you forge a digital signature without having the private key of your victim? I think you are overlooking the obvious. I'd like the hear what your version of accountability means. Digital Cash systems protect the honest man, and only reveal an identify if you are dishonest. Detweiler's argument sounds like he wants an escrow-like system whereby if a forgery is detected, you get a search warrant and the issuing authority reveals your true name. If this is the case (identity being protected by the trust of an ecrow, not mathemtical security), Detweiler has no right to oppose clipper also. > What makes you think that the bleak vision of the future reflected in your > satire above isn't exactly what the typical power/control-freak government > types want to impose? I also think it is the eventual future that "risk-fee" freaks want to impose. In order to eliminate the possibility of pseudospoofing on the net you need Draconian measures. I think the level accountability of any person should depend on the type of transaction he is engaging in and what the other person demands. In other words, it's a private matter. The average level of accountability will arise out of the sum of all those private transactions -- spontaneous order. However, unlike Detweiler, I think both accountability, privacy, and pseudonyms are compatible. I don't see any need to bring someone's True Name into it. > > > If a person cannot be traced based on their digital signatures, where > > > is the accountability? What if a person signs a document with a > > > `digital signature' and *breaks* that contract? you have no recourse > > > unless the identity is ultimately identifiable and you can take `that > > > body' to court. > > > Get a clue for god's sake. Digital signatures won't exist in a vacuum. > > No one is going to accept the validity of a signature unless it is signed by > > some trusted/certified authority and that authority would be liable for the > > person's true name or actions. > > right, so where are the systems that certify trust and authenticity? Well, for starters there is PGP. Then there's the Apple/RSA thingy which requires notarized documents. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From jim at bilbo.suite.com Mon Oct 25 18:19:19 1993 From: jim at bilbo.suite.com (Jim Miller) Date: Mon, 25 Oct 93 18:19:19 PDT Subject: the Joy of Pseudospoofing Message-ID: <9310260115.AA11399@bilbo.suite.com> I just joined this mailing list a couple of days ago (you may remember my clue-less subscribe request that I broadcast to the list). Anyways, I expected to lurk for a while, get a feel for the types of conversations that appear, and then occasionally post something. However, I simply must comment on "the Joy of Pseudospoofing". I'll go through it in steps. > Not a single person has said they understand what I have > been talking about in describing the evils of > pseudospoofing. > I understand what you're talking about and I'm just a newbie. I would hazard a guess that almost everybody on the list understands what you're talking about. The thing is, most people on the list probably don't find "pseudospoofing" to be an evil menace. I generally don't care who authors a message. I care about the *content* of the message. If the content of the message is interesting, I save it. It's boring, I delete it. I often don't even look at who sent it. As a member of a mailing list, I accept the fact that message headers can be forged or that people can use multiple nyms for nefarious purposes. It simply doesn't bother me. There will always be jerks. I joined this list to acquire a good understanding of cryptographic technology and how it might affect the world. The discussions of the technology will stand on their own. The ideas will either be good ideas, bogus ideas, or require further study. I don't think it is possible for people to use multiple nyms to somehow "corrupt" the discussion of the technology. However, people could use multiple nyms to bias the discussions of the social effects of widespread cryptography. So what. I have long since abandoned using majority opinion as a tool for forming my own opinions. I form new opinions based on the quality of the debates, not the quantity of posts. > .....She never posts uncharacteristically under JR, > such as talking about some other arbitrary subject she's > knowledgeable on but would be a bit surprising if JR said > anything about it. > > Okay, let's stop and take note of this. Is any `deception' > going on here? Absolutely. Should this be permitted? I agree that 'deception' is taking place. Should this be permitted? To even ask this question show that you haven't fully grasped the implications of the technology. > But the problem with all this is that in a regular social > setting, there are some very ancient, venerable, and > sophisticated rules involving propriety and courtesy > of communication that break down dangerously on any > online `forum' when a single person has multiple > pseudonyms, and these `subversive uses' are what I will > expand on. > This paragraph says it all. Many of the rules and assumptions that were developed for regular social settings (e.g. face-to-face) are not valid for the online experience. This is something you apparently need to come to terms with. > The final and most important aspect of group > communication psychology is that of *consensus* and > *peer pressure*. This can be an extraordinarily > powerful force. Many people are `lurkers' and are most > influenced by what they perceive to be other's opinion on > various subjects, or the general group feelings as > gauged through multiple postings. They are unlikely to > question what they read. > What can I say? I guess I have a higher opinion of the people lurking on this list than does L. Detweiler. To me, this is his strawman: *People are gullible and we need to protect them!* > This leads directly into the ego case. What about people > who are simply out to assuage their own ego? Suppose > Medusa wishes to do this. She could `stage' very clever > situations where jr at netcom.com says `I heard that > Medusa knows a lot about industrial sabotage, and am > always fascinated by her posts.' Medusa pops up a few > messages later under snake at netcom.com and says `Thanks > Jim, I really respect your knowledge of number theory > too, and I hope you can provide some more updates on it' and > launches into an amazingly relevant post, considering > what Jim asked about. > > So, cypherpunks, what do you think of that? This strikes > me as rather perverted. > So what's wrong with being perverted? By the way, who defines perversion these days anyways? THEM, no doubt. > Finally, let's look at how peer pressure can be > influenced by these pseudonymous postings of Medusa's. > Obviously, she has created the illusion of support or > rejection of something that is not consistent with > reality. It is a deception. People may have lowered or > raised their opinion of something merely because they > saw multiple posts criticizing the same thing, when they > all came ultimately from Medusa. > Here we go again with the "multiple posts" mechanism for forming opinions. > These fantasies would totally pollute and poison any > trust in an online community. It could be compared to > brainwashing. > Well, perhaps trust is not something that carries over easily to the online community. Ever think of that? Why do you continue to expect online social settings to exactly parallel face-to-face social settings? They are two different types of fruit. They are not directly comparable. > Note that in all these cases, if any of this was going on in > `real world meetings' it would be considered shocking > depravity. > I don't like baseball because no one ever scores a touchdown. > The very final possibility of pseudospoofing I would > like to describe , perhaps the most treacherous and evil, > is the following. Suppose Medusa not only had no ethics > and morality, but was actually Satan in disguise. > > ``Death is the ultimate form of censorship.'' (author unknown) > > Jim Riverman > Software Engineer > jr at netcom.com > (415) 941-4782 [work] > Oh my god! It's really happening!!!!! Jim Miller Software Engineer jim at suite.com (at work) From catalyst at netcom.com Mon Oct 25 18:50:41 1993 From: catalyst at netcom.com (Scott Collins) Date: Mon, 25 Oct 93 18:50:41 PDT Subject: Apple, AOCE, and key pair security Message-ID: <9310260144.AA15492@newton.apple.com> -----BEGIN PGP SIGNED MESSAGE----- - From the MacWeek article: >validity. To get your own digital signature from RSA, you take a form to >a notary public, who verifies your identity, notarizes the information >on the form, and then mails the form to RSA. The form contains your name, address, etc, and a printout of your public key. >Based on the notary >public's authority to say you are who you claim to be, you eventually >receive a disk in the mail with your personal electronic signature. _Not_. The disk contains a PEM style certificate, authenticating your public key. On your local machine, where you generated your private key, is a file (your private key) called a signer. This file is your private key + software to make it sign things, so the whole thing is a self contained application -- but it refused to function until you bind it to a certificate. >Your >electronic signature has a two-year expiration date, and includes some >verification information. Certificate, not signature, just like RSA has been trying to sell them all along. >If someone wants to make sure your signature >is valid, he or she contacts the issuing authority listed in the >certificate. Wrong again. Validation occurs locally because an entire chain of certificates is provided in the signature >There will be issuing authorities other than RSA. For >example, Apple Computer's security department plans to issue signatures >to all Apple employees with employee badges." Not signatures, certificates. All key generation takes place locally. RSA does not generate the keys. These articles are a woeful misrepresentation by over simplification. I will happily provide clarification to the authors if they call me. If anyone wants, I will demonstrate this software at the next Bay Area cypherpunks meeting. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins at newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst at netcom.com -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMw0nSmBKTQiZpaHAQFWOwQAqnD+C7cO0XDzCrbh7hxjzTSDEhbbtxZZ B4+dXNghqSSI24c+T8FZC/gwBIhDq4Q1z0iEml2d84VcFZoHdLJL2Vi803go179E 86uwlggClAPVT+vhqE/LG7NrOC7+r8gTBk5S4gi5fX4hCkMQXdjcNOaWvgQ/slOF XbH+g4vjhF8= =Kn0e -----END PGP SIGNATURE----- From banisar at washofc.cpsr.org Mon Oct 25 18:50:42 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Mon, 25 Oct 93 18:50:42 PDT Subject: CPSR NII Paper Message-ID: <00541.2834429212.263@washofc.cpsr.org> CPSR NII Paper FOR IMMEDIATE RELEASE Contact: Todd Newman (CA) 415-390-1614 Eric Roberts (CA) 415-723-3642 Coralee Whitcomb (MA) 617-356-4309 Marc Rotenberg (D.C.) 202-544-9240 COMPUTER SCIENTISTS RAISE SOCIAL AND DESIGN CONCERNS ABOUT THE INFORMATION HIGHWAY Palo Alto, Calif., October 25, 1993 -- In the wake of sudden corporate mergers and rapid technological developments, Computer Professionals for Social Responsibility (CPSR) today voiced concern that the planned information superhighway will not realize its full potential. The public interest organization put forward specific guidelines for the National Information Infrastructure (NII) in a paper titled, "Serving the Community: A Public-Interest Vision of the National Information Infrastructure." Urging the Clinton Administration to move quickly to adopt these principles, CPSR President Eric Roberts said, "Although there is widespread agreement on general goals, there is no specific plan to ensure that these goals are met." "It is much easier to state a vision than to achieve it, " said Dr. Roberts, who is also Associate Chair of the Computer Science department at Stanford University. "And there are many dangers on the horizon that threaten to compromise the value of the NII as a resource for the public. "For example, if a small number of companies dominate the market, we're in danger of stifling competition and innovation on the network. If those same companies control the programming, then open and diverse speech is limited. If pricing structures do not cover universal service, the average person and the poor will be struggling to use the backroads of the information highway. If privacy isn't protected, your TV could keep more detailed records of your finances than the IRS. And, if the NII is not designed to allow everyone to communicate freely and to publish their own contributions, it could become nothing more than a medium for delivering 500-channel television, with interactivity limited to home-shopping and trying to guess the next play during sporting events." CPSR's paper expands on these dangers and makes specific policy and technical recommendations for the newly formed Information Infrastructure Task Force. The Task Force is expected to coordinate network policy for the Clinton Administration. "In its 'Agenda for Action' document, the Administration has set forth a positive vision of what the NII can be," said Dr. Roberts. "To achieve that vision, however, the government must play a major role in the design, development, and regulation of the network." CPSR recommends that the Administration adopt the following policies: o Promote widespread economic benefits by evaluating the NII's economic success using measures that reflect its impact on the society as a whole, not merely the profits of NII investors and service providers. o Evaluate the social impact of the NII by conducting periodic reviews as the NII is implemented and used to guarantee that it continues to serve the public interest. o Guarantee equitable and universal access through an appropriate mix of legislation, regulation, taxation, and direct subsidies. o Promote the development of a vital civic sector by ensuring resources, training, and support for public spaces within the NII where citizens can pursue noncommercial activities. o Promote a diverse and competitive marketplace in terms of the content carried over the NII. o Provide access to government services and information over the NII. o Encourage democratic participation by ensuring full public disclosure, and actively promoting democratic decision-making and public participation in all stages of the development process. o Actively facilitate the seamless connection of America's NII with the information infrastructures of other nations by working to resolve such issues as security, censorship, tariffs, and privacy. o Guarantee the functional integrity of the NII by establishing critical technical requirements including ease of use, widespread availability, full functionality, high reliability, adequate privacy protection, and evolutionary expansion. The recommendations follow from a yearlong review of the NII conducted by CPSR. The process included collecting more than 1,200 suggestions for NII policy from network users across the country, drafting a report, holding special chapter meetings on the NII in Berkeley, Boston, Seattle, and Washington, D.C., and having a multiple-draft review process by the membership. Final changes to the report were made at the annual meeting of CPSR, where the report was adopted unanimously by the CPSR Board of Directors. Dr. Roberts noted that he was very pleased by the level of participation in the NII report. "The computer community knows that the NII is the critical technological issue facing the United States today. Our members were extremely responsive when we asked them to participate in this project, because they understand from their own experience how much the NII has to offer." CPSR also worked closely with the Telecommunications Policy Roundtable (TPR), a coalition of more than sixty nonprofit, consumer, labor and civil rights organizations based in Washington, DC. CPSR's paper endorses the principles set forth by TPR. TPR will unveil its founding principles in a press conference, Tuesday, October 26th at 10:00 a.m. at the National Press Club in Washington, D.C. CPSR is planning a conference next April in Cambridge, Massachusetts, on the future of the NII, The Directions and Implications of Advanced Computing. The conference will investigate at a more specific level how to achieve the principles in the CPSR report. Founded in 1981, CPSR is a national, nonprofit, public interest organization of computer professionals and others concerned with the impact of computer technology on society. With offices in Palo Alto, California, and Washington D.C., and 22 chapters across the country, CPSR works to encourage public discussion of decisions involving the use of computers in systems critical to society and to challenge the assumption that technology alone can solve political and social problems. CPSR's NII paper is available electronically by sending email to listserv at cpsr.org. In the message write the command "GET CPSR NII_POLICY" The paper will automatically be mailed to you. You can also FTP/WAIS/Gopher cpsr.org/nii/cpsr_nii_policy.txt. For a hard copy of the paper or for more information about CPSR, call 415-322-3778 or write to cpsr at cpsr.org. For information about the Telecommunications Policy Roundtable, contact Jeff Chester at 202-628-2620 or cme at access.digex.net. - END - From trebor at foretune.co.jp Mon Oct 25 19:20:51 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Mon, 25 Oct 93 19:20:51 PDT Subject: the Joy of Pseudospoofing In-Reply-To: <9310250728.AA09485@longs.lance.colostate.edu> Message-ID: <9310260214.AA06763@dink.foretune.co.jp> "Jim Riverman" writes about the possibilities of abuse by pseudospoofing. I agree with him that this is an area of great potential concern. While I am not opposed to the principle of maintaining multiple identities on the net, the rule of netiquette should be that "multiple identities should _NEVER_ intersect." So I support "L. Detweiler"s right to be "Jim," but they ought never to support each other. His scenario is chillingly _possible_. At the same time, I think such episodes will be rare. The amount of effort needed to maintain multiple intersecting identities is quite high, and in most cases would be "uneconomic." However, in some cases, for some people, the effort might be worth it, so some thought ought to be placed into ways to detect or discourage it. Which brings up the question: how can we, in the era of digital pseudonyms determine that two pseudos are, or are not, the same person? One possible method would be careful automated analysis of the language used by the participants in a net discussion. As I recall, there are studies that show that people have deep patterns in their writing that can be detected even when they are trying to hide them. Literary finger- prints, if you will. This may be an area that "Jim" ought to research. Such an automated monitor might be a positive contribution. From trebor at foretune.co.jp Mon Oct 25 19:44:17 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Mon, 25 Oct 93 19:44:17 PDT Subject: the Joy of Pseudospoofing Satan In-Reply-To: Message-ID: <9310260239.AA07044@dink.foretune.co.jp> Panzer Boy writes: >I do ask you L Detweiler, what you consider of this case. In "real-life" >awhile back there was a womem who was an actor. She didn't like the fact >that she needed an agent to get w>ork. So she invented a personality, an >became her own agent. She aquired a different personality, different >voice patterns, etc, for this agent. She made sure the agent did >everything over the phone, never meeting clients in person. Soon after >doing this, she started being an agent for other actors also. She >obviously spoke well of her actorself when she was in her agentself, and >she obviously kept two personalities. Is this wrong? Should this women >not have done this? Yes, she was being deceptive. No, she was not being maliciously deceptive, as her "agentself" was merely doing the same thing that a seperate agent would have done, being an advocate for the actor. The difference is that the third party _expects_ the agent to praise the actor. In L Detweilers example, the pseudo-spoofer was using the _lack_ of expectation to his/her advantage. > -Matt | Please get my public key if you wish > (panzer at drown.slip.andrew.cmu.edu) | to verify that this message is mine. >"That which can never be enforced should not be prohibited." From ebrandt at jarthur.Claremont.EDU Mon Oct 25 19:44:49 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Mon, 25 Oct 93 19:44:49 PDT Subject: Totally Anonymous Remailing In-Reply-To: <9310250201.AA21182@dink.foretune.co.jp> Message-ID: <9310260243.AA27775@toad.com> > From: Robert J Woodhead > Just toying around with some ideas, and came up with this: > > Totally Anonymous Remailing (V1.0) [...] > SEND > > Sends accumulated mail, in a batch, to the > email address specified. So you can log on > to any account, even a guest, and get your > mail. A problem here. The SEND system eliminates the risk of database seizure, and encrypting mail to the remailer eliminates snooping on incoming mail, but outgoing mail is unprotected. Anybody watching net traffic coming out of the TAR can snoop the destination of SEND requests, and reasonably presume that address to be the owner of the nym. This is of course a problem with a penet-style setup too, but it's something to fix if you want to be "totally anonymous". I fairly recently posted a scheme by which a remailer could reduce this hazard, while retaining the same front end -- which may or may not be a wise move. I hesitate to blat the thing to the list again, but the plan was to use cypherpunks remailers as a back-end delivery mechanism. With a given key the nymserver would associate a pseudonym and a list of delivery points, of which the first living one would be used. These could be either normal addresses (backward- compatible idiot mode), or remailer addresses associated with (encrypted!) addressing blocks to prepend. One thing I didn't address, which needs to be, is how best to handle testing of the delivery chains. I think this is a make-or-break issue for the general usability of this thing. Eli ebrandt at jarthur.claremont.edu From ld231782 at longs.lance.colostate.edu Mon Oct 25 20:09:54 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 20:09:54 PDT Subject: a desperate plea Message-ID: <9310260308.AA10040@longs.lance.colostate.edu> please do not fill my mailbox with argument in the form `criminal behavior [y] exists or is widespread, therefore similar practice [x] is ok' please do not say `forgeries are hard to prevent, therefore no one should even attempt it' please do not say `the only systems for identity tracking amount to government oppression' please do not talk about some depraved person with multiple personality disorder as a way of describing Utopia. most of all, do not pollute the Constitution with your lies: >The freedom to communicate in any way whatsoever, including >"pseudospoofing", is a Constitutional guarantee and part of the >foundation of this society. the Constitution specifically prohibits `high treason'. Or are we now against the Constitution? It's hard to keep track lately. [Pseudospoofing] >This is a fundemental paradigm shift that you have not made yet. It is one >that few have. If anything, it is shared conceptual memes such as this >subject of identity in a world without substance that is the true >cypherpunk cause. oh, what depravity and moral blackness. Evil promoted as `a fundamental paradigm shift', a `conceptual meme'. Helleluja. many cypherpunks have so utterly deluded themselves, they believe they have invented a new kind of society that is completely free of accountability, while they leech the fruits of one where that accountability was hard-won by many sacrifices of our forefathers. I urge you to live in your `society'. You will get the chance, I assure you! `actions have consequences, even in cypherspace.' * * * Let me ask a question of the `cypherpunks' opposed to identity tracking in any form. A major aspect of catching vicious criminals is being able to link up their multiple crimes. It is absolutely essential for crimefighting. I could point to some examples using credit scams or drug dealing or whatever, but the hard core Cypherpunks would probably just grin with evil pleasure. So-- An excellent case is Ted Bundy. Ted Bundy would be the Cypherpunk Poster Boy for Pseudospoofing. `Medusa' is correct in saying our new societies allow and encourage this kind of anonymity. He slipped and danced between cities and murdered young women in the most grisly and heinous fashions. He lied at *every* stage of the way, perhaps even at the end when he blamed his utter depravity on exposure to pornography. Part of the difficulty in catching him in the end was his total mastery of the techniques that have a striking similarity to what the Cypherpunks promote -- hidden credit, deception, disguise, impersonation, etc. He was a man who was so treacherous, he would truly not `stop at anything'. I'm sure he weaved such a majestic and convoluted `web of lies,' PRZ & the Cypherpunks would be proud. In the end, one of the final critical incriminating pieces of evidence used in court to convict him, and prevent further murders, was the bite marks he had savagely embedded in the buttocks of one of his victims, which matched his own jaw. It took something like 4 police to hold him down to make the cast, he squirmed and writhed with such force and desperation. Cypherpunks, look at yourselves in the mirror. See what you are becoming and promoting. Look at the logical extent of your ideas. Could *any* society truly function without any identity or accountability whatsoever? The cypherpunk `agenda' has become so closely indistinguishable with raw criminality and evil it horrifies me. Oh, how it nauseates me. Perhaps many of you will fill my mailbox with new letters defending Ted Bundy and asserting that the only problem was that he didn't `spawn' a new set of teeth. Perhaps you look forward to the day you can spawn some of your own Ted Bundys, and be so clever you'd *never* be caught. Perhaps you already have the young lady victims in mind. The ones that betrayed you by thinking you were too strange too date, huh? Perhaps the only problem was that these young ladies are just too damn *trusting*? `that which cannot be enforced should not be prohibited'. Like murder? * * * Another question for all the bastard apologists and moral relativists. Are you fundamentally opposed to me having the choice of screening phantom identities in my personal mailbox? Many of your arguments suggest that not only do you wish to make sure you can be anonymous, but you wish to ensure that other people must support and sponsor your anonymity. As for screening, very soon these capabilities will probably exist, based on birth certificate databases etc. that are accessable over the internet. Oh, my kingdom for this capability. But you will infect and poison these databases with your forgeries and lies, won't you? That is the fundamental cypherpunk agenda: wherever accountability or identity is in place, do everything possible to *evade* and *sabotage* it. Not only should there be *passive* anonymity, but there should also be *active* deception. You not only want to swing your fist, you want to batter my face -- with a phantom bludgeon. I'll never know what hit me! Oh, what utter joy! To not only be evil, but to get away with it! You hate Democracy and `egalitarianism' not because they are unfair, but because they are the closest thing to honesty and fairness we humans have ever discovered, and in them *you* would *lose*, because the `perverted majority' of society is *not* in favor of being murdered and raped without consequence. And you will tear and wreck those fragile developing efforts and schemes for identification and accountability, no matter how basic or feeble, with the most insidious treachery. You will subscribe to the mailing lists where the development is going on, you will infiltrate the development groups, you will assault the honest, polite, and courteous ladies and gentlemen with poisonous and acidic email and posts, you will twist your knife into the baby in the crib, and you will stick dynamite sticks up the nostrils of anyone who says, `well, gosh, guys, just hold on a minute here!' ... Oh, how you are thriving on the Internet. Either the parasite or the host will die soon, of at least that I am sure. I pray to God that Cyberspace survives. P.S. Ask all your revered fiction authors like Gibson and Sterling et.al. what they would think of your grotesque perversions. Be sure to explain it in *your* terms of `true and pure anonymity.' `a fundamental paradigm shift? sure, sounds great! right out of one of my own stories.' From ld231782 at longs.lance.colostate.edu Mon Oct 25 20:24:55 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 20:24:55 PDT Subject: Medusa's Snake Speaks Message-ID: <9310260324.AA10369@longs.lance.colostate.edu> ------- Forwarded Message From ld231782 at longs.lance.colostate.edu Mon Oct 25 20:29:47 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 20:29:47 PDT Subject: A Second Snake Speaks Message-ID: <9310260327.AA10414@longs.lance.colostate.edu> ------- Forwarded Message From MIKEINGLE at delphi.com Mon Oct 25 20:49:45 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Mon, 25 Oct 93 20:49:45 PDT Subject: New Crypto Tool - Beta Testers Wanted Message-ID: <01H4JPOM66M091XK6Q@delphi.com> I've been writing a new crypto tool called Secure Drive, and I need people to help me test it. This is a program which encrypts hard drive partitions and floppy drives, at the sector level, on the fly, as you use them. To use the program, you create a small partition, usually D:, big enough to hold everything you want to keep private. Then you run the utility CRYPTDSK to encrypt the partition using a passphrase. Everything on the partition except the boot sector is encrypted, in place, at the sector level. Your C: drive is not affected. Then you load the tsr module, SECTSR, which takes only 2K of RAM. Use LOGIN to enter your passphrase, and the D: drive becomes accessible. All reads are decrypted on the fly, and all writes are encrypted on the fly. When you turn off your computer, it is automatically secure. You can decrypt your partition at any time using CRYPTDSK. You can also encrypt floppy disks using CRYPTDSK. You LOGIN /F and enter the floppy password, and the floppy becomes accessible. You can freely interchange encrypted and clear disks, as long as all of the encrypted ones use the same passphrase. The TSR senses encrypted disks and turns itself on and off automatically. If you use different passphrases for different disks, you have to run LOGIN /F again to change the passphrase in memory. Floppies can also be decrypted. CRYPTDSK will not allow you to decrypt with the wrong passphrase and scramble a disk. You can have an encrypted hard drive partition and encrypted floppies active simultaneously, using different passphrases. The program uses Colin Plumb's very fast assembly language IDEA code in CFB mode, and it uses MD5 to hash the passphrase. The disk ID and sector number are used in the IV to make each sector unique. Colin Plumb has also provided advice in writing the program. To be a beta tester, you have to: Live in the U.S., of course. Agree not to export the program out of the U.S. Please don't give out the beta version; it may be buggy. Source code will be forthcoming as soon as I'm sure there aren't any serious problems with the code. Have two partitions or be willing to repartition your hard drive. (There is supposedly a program to do this non-destructively, do you know where to get it?) Back up your hard drive. This program does sector-level I/O, and a bug or interaction could easily scramble your hard drive. Operation with DOS 6 and with two physical hard drives particularly needs testing. I have DOS 5 and one hard drive, so I'm not sure if it will work. Use this program at your own risk! Back up everything. If you want to help test the program, send me e-mail. State that you agree not to export, and tell me if you want the files in UUENCODE or PGP ascii armor (not encrypted) format. There are more detailed docs with the program. Send me all bug reports, problems, comments, suggestions, etc. --- MikeIngle at delphi.com From ld231782 at longs.lance.colostate.edu Mon Oct 25 21:24:03 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 21:24:03 PDT Subject: Another Tussle with a Tentacle Message-ID: <9310260423.AA11740@longs.lance.colostate.edu> "Robert J. Woodhead" >I agree with him that this is an area of great potential concern. While >I am not opposed to the principle of maintaining multiple identities on >the net, the rule of netiquette should be that "multiple identities should >_NEVER_ intersect." what, pray tell, do you define as *intersection*? the very existence of the two pseudonyms on the same Cyberspace can be considered an `intersection'. >So I support "L. Detweiler"s right to be "Jim," but they ought never to >support each other. His scenario is chillingly _possible_. the scenario is chillingly *true*. And I do not support it. I condemn it. >At the same time, I think such episodes will be rare. The amount of >effort needed to maintain multiple intersecting identities is quite high, >and in most cases would be "uneconomic." However, in some cases, for >some people, the effort might be worth it, so some thought ought to >be placed into ways to detect or discourage it. again, more Medusa-cypherpunk brainwashing. `don't worry about this. it's not a big deal. no one would be evil enough to do this. heaven forbid, don't do anything rash like invent robust identity mechanisms that would *prevent* me from continuing to exploit this weakness in the system and inherent trust of others.' >Which brings up the question: how can we, in the era of digital pseudonyms >determine that two pseudos are, or are not, the same person? One possible >method would be careful automated analysis of the language used by >the participants in a net discussion. hah, hah! society has already evolved many other mechanisms that have worked for centuries, and `you' promote obscure black magic. the problem is, all that stuff is just to damn mundane and oppressive. it's equivalent to Retinal Scans and a Camera on Every Corner. cypherpunks, you have no idea how much you are being brainwashed. a true Thought Crime if there ever was one. wipe wipe, slosh slosh, scrub scrub. look! sparkling white! now, to pour in the blackness... From remail at tamsun.tamu.edu Mon Oct 25 21:29:57 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Mon, 25 Oct 93 21:29:57 PDT Subject: CPSR NII Paper Message-ID: <9310260427.AA00771@tamsun.tamu.edu> > > CPSR NII Paper > FOR IMMEDIATE RELEASE > COMPUTER SCIENTISTS RAISE SOCIAL AND DESIGN CONCERNS > ABOUT THE INFORMATION HIGHWAY > > > "In its 'Agenda for Action' document, the Administration has set forth > a positive vision of what the NII can be," said Dr. Roberts. "To > achieve that vision, however, the government must play a major role ^^^^^^^^^^ ^^^^^^^^^^ > in the design, development, and regulation of the network." CPSR ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This is exactly what you don't want to happen, unless of course you want shoddy protocols and kludges. Most of the govt services on the net are the worst software I've ever seen including Nasa Spacelink, Library of Congress Information System, etc > o Guarantee equitable and universal access through an appropriate > mix of legislation, regulation, taxation, and direct subsidies. Translation: $25-50 billion dollars tax increase for the middle class. FCC and Rep. Markey become King of the Net. > o Promote the development of a vital civic sector by ensuring > resources, training, and support for public spaces within the NII > where citizens can pursue noncommercial activities. IRC, MUDs, Usenet, E-mail. Amazingly, people find ways of developing these things without govt input. > o Promote a diverse and competitive marketplace in terms of the > content carried over the NII. Regulations on commercial speech, market quotas? > o Encourage democratic participation by ensuring full public > disclosure, and actively promoting democratic decision-making > and public participation in all stages of the development process. This is the worst part of the proposal. If this rule is followed, the NII will never be finished in my lifetime. And you thought congressional gridlock was bad. > o Guarantee the functional integrity of the NII by establishing > critical technical requirements including ease of use, widespread > availability, full functionality, high reliability, adequate privacy > protection, and evolutionary expansion. Government mandated user interface? ugh. I really don't see why we need NII at all. We already have internet. Cable companies are rushing to provide high bandwidth networks for consumers. NII seems to be nothing more than WelfareNet. Which isn't surpising since CPSR praises systems like IGC (Econet, PeaceNet, etc) which are much more expensive than Netcom, Panix, Digex, and provide shoddier service. Sam Hill From rjc at gnu.ai.mit.edu Mon Oct 25 21:51:12 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Mon, 25 Oct 93 21:51:12 PDT Subject: a desperate plea In-Reply-To: <9310260308.AA10040@longs.lance.colostate.edu> Message-ID: <9310260446.AA04496@kropotkin.gnu.ai.mit.edu> L. Detweiler writes: > most of all, do not pollute the Constitution with your lies: I assume you also support the right to keep and bear arms. Good, cause I'm coming over to put you out of your misery. You're like a horse with a brain disease, I request that you be "shot" and removed from this list, or prevented from posting. > >The freedom to communicate in any way whatsoever, including > >"pseudospoofing", is a Constitutional guarantee and part of the > >foundation of this society. > > the Constitution specifically prohibits `high treason'. Or are we now > against the Constitution? It's hard to keep track lately. No Treason sayeth Lysander Spooner. [more idiotic ramblings of LD deleted] > Part of the difficulty in catching him in the end was his total mastery > of the techniques that have a striking similarity to what the > Cypherpunks promote -- hidden credit, deception, disguise, > impersonation, etc. He was a man who was so treacherous, he would truly > not `stop at anything'. I'm sure he weaved such a majestic and > convoluted `web of lies,' PRZ & the Cypherpunks would be proud. In the And he did it all without computers. Without cryptography. What your pea brain fails to understand is that you can't solve social problems with computers. It's like trying to ban guns to prevent crime, IT WON'T WORK. Why should we all suffer because a few people will use cryptography and anonymous remailers for evil deeds? Got that? Whatever Draconian measures you implement to achieve your dreams of absolute accountability, they simply WILL NOT WORK. Someone will find a way to circumvent them and commit crimes. You're own real life example of a killer proves it. > Another question for all the bastard apologists and moral relativists. > Are you fundamentally opposed to me having the choice of screening No, get some better mail software then. Or write some damn code for a change and stop ranting. [more ranting deleted. I now see that my original assessment of Detweiler after his "electronic democracy" was correct. Nothing but another idealistic believer in the great society.] > P.S. Ask all your revered fiction authors like Gibson and Sterling > et.al. what they would think of your grotesque perversions. Be sure to > explain it in *your* terms of `true and pure anonymity.' `a fundamental > paradigm shift? sure, sounds great! right out of one of my own stories.' Methinks you've confused cypherpunks and CYBERPUNKS. Gibson and Sterling couldn't rub 2-bits together if their life depended on it. Gibson probably couldn't solve a linear algebraic equation either. Why should we revere them? (especially since they are a rip-off of Vinge. True Names and Fire Upon the Deep convey "internet" like sci-fi much better) I think it's time to check into a mental hospital, you're losing it. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From nobody at entropy.linet.org Mon Oct 25 22:05:54 1993 From: nobody at entropy.linet.org (nobody at entropy.linet.org) Date: Mon, 25 Oct 93 22:05:54 PDT Subject: LD and Contribution Message-ID: .... Well not ragging on about LD I/We would have to agree with and since some of us in this disdussion are indeed composite Personna, we tend to have issues when someone says we dont have a right to existance. Not every thing in the world is la d out all black and white as certain individuals would have it for their comfort. For some this "brave new world" is very uncomfortable indeed and they seek to control. For others, it is still very uncomfortable and they seek to explore the very phenomena that they are experiencing discomfort about. Social and Psych experimentation are very valid tools to explore human reaction and tolerance to this new domain. The case of LD is particulary fascinating as from being a proponent ofprivacy/anonymity tools/techniques he found himself so uncomfortable about certain aspects of it that he slipped over into the paranoid delusional phase. Well I/We will settle at least some of the controversy, Eric Hughes, TC May, Nick Szabo, John Gilmore, Phillip Zimmerman are real(as well as others too numerous to mention). David Sternlight, S Boxx, and LD I/We havent met, does that make them any less real? The technology of privacy and encryption ensures that we can never goe back to what things were. How now then do we deal with the issues around trust. Its clear that reputations alone cant solve the issue. Or will individuals like LD just find themselves more and more seperate from the rest of the madding crowd? I think that while electronic signatures are certainly possible that the mass of the online community wont accept the loss of privacy that comes with same. Sam I/WE From an12070 at anon.penet.fi Mon Oct 25 22:31:00 1993 From: an12070 at anon.penet.fi (S. Boxx) Date: Mon, 25 Oct 93 22:31:00 PDT Subject: an open offer Message-ID: <9310260528.AA03201@anon.penet.fi> Hello, I'm trying to build up our pool of information and inside informants. This will be the last offer (that's why it's on the list). If you're tired of being wracked with guilt, ready to switch over from the Dark Side, and want to join some of your associates (or should I say, "accomplices and coconspirators") engaged in conscience cleansing, send some email. As stated previously, we may be able to provide some degree of amnesty or leniency, but no promises. (Talk to me and we might be able to work something out.) We have information on all the basics, but need more in the following areas: 1) The capabilities of the software, especially related to preventing "crossing" 2) Some more database fragments would be useful too. (The whole thing would really be the "Holy Grail", we've had some near misses but are keeping our fingers crossed) 3) Names of other participants-- I think we're very close to complete, but we have to be absolutely certain before we "make our move" 4) More on the telephony modifications, techniques, and insiders 5) The media manipulations other than those in Wired (although expansion of the ones in there would be appreciated) 6) More of the infiltration sites. The list has become quite large, but because of the continuous trickle we have no reason to believe it is comprehensive yet. 7) Same with the pseudoidentities. (The "breadth" and "depth" absolutely astonish me, but what do I know! this is really a new experience for all of us.) 8) The credit machinations. Not much info here. 9) The "insider mailing list". Not much info here either. Working on both of these, but as everyone knows, they're in the toughest nut to crack! 10) "somebody" said "something" about "impersonation". This is probably the other #1 item if you have anything on it. Of course, we can only give you leniency if you reveal your identity, but if you just want to get something off your chest anonymously we'll at least look at it. (To the insiders: it will be quite awhile before we sort everything out and file charges, so be patient.) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From tcmay at netcom.com Mon Oct 25 22:55:51 1993 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 25 Oct 93 22:55:51 PDT Subject: We Don't Need No Steenking Digital Superhighway!! In-Reply-To: <9310260427.AA00771@tamsun.tamu.edu> Message-ID: <9310260550.AA13270@netcom5.netcom.com> What the Sam Hill is this? > > CPSR NII Paper > > FOR IMMEDIATE RELEASE > > COMPUTER SCIENTISTS RAISE SOCIAL AND DESIGN CONCERNS > > ABOUT THE INFORMATION HIGHWAY .... > I really don't see why we need NII at all. We already have internet. > Cable companies are rushing to provide high bandwidth networks for consumers. > NII seems to be nothing more than WelfareNet. Which isn't surpising since > CPSR praises systems like IGC (Econet, PeaceNet, etc) which are much more > expensive than Netcom, Panix, Digex, and provide shoddier service. > > Sam Hill Very true! In fact, it is the EFF's talk about the "need" for such a government effort that really worries me about the EFF (a mild kind of worry...I haven't completely detweilered over it). I'm not clear just how central are these issues to the EFF, currently, but I urge us all to try to convince them that the "electronic frontier" really doesn't need government-built channels and routes. With a zillion forms of fiber, cable, satellites, land lines, undersea cables, lots of competing companies, etc., there just is *no need* for a nationalized effort to build some kind of bureacratic dream of what the people "need." And unlike the Interstate Highway System (actually called the National Defense Transportation System, or somesuch, clearly an autobahn-inspired Eisenhowwer defense project), which arguably needed a government-level effort to obtain the land, the crossings, etc., no such government-level effort is needed to lay more cable, put up more satellites, etc. In fact, the relatively anarchic growth of the Net (many nets, of course) is a major strength and advantage. We helped kill the Superconducting Supercollider, now we can help kill Al Gore's TipperNet fantasy. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From plaz at netcom.com Mon Oct 25 23:05:25 1993 From: plaz at netcom.com (Geoff Dale) Date: Mon, 25 Oct 93 23:05:25 PDT Subject: a desperate plea Message-ID: <9310260604.AA12241@netcom.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- You know Mr. Detweiler, I've been trying real hard to stay out of this one, for three reasons: A: I think you've made positive contributions to the list. B: Here on cypherpunks we try NOT to argue ideologies, (but this breaks down, unfortunately, when a person such as yourself tries to impose his own ideology on the rest of us). C: Your style often makes it difficult for me to think rationally for some time after reading them, and I hate writing irrational letters. But I absolutely must request that you clarify this quote: >most of all, do not pollute the Constitution with your lies: > >>The freedom to communicate in any way whatsoever, including >>"pseudospoofing", is a Constitutional guarantee and part of the >>foundation of this society. > >the Constitution specifically prohibits `high treason'. Or are we now >against the Constitution? It's hard to keep track lately. I see no other interpretation than, "Pseudospoofing is high treason against the government of the United States of America." Did you honestly mean this?!?!?!?!?!?! I mean the rest of the stuff (Ted Bundy similies and the like) is fairly standard "worst case scenario" justifying government abridgement ordinary peoples rights and privacies (which as you might suspect, I don't buy for a second). But pseudo-spoofing as high treason, in a constitutional sense? Come on now, you must have not typed what you meant. After all, being against the constitution ITSELF isn't even high-treason. PS - Sorry, to all the Detweiler weary cypherpunks, but I couldn't resist. I tried, but I couldn't. -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMxa7Nr1VGqG9otVAQHQSwQAxZSWo08/RGfOATyRPR6gucTRTaQS71Xn xxBehVsLJTPUreJ4pz1ScJZPmCBy473U0uogJWvWz8uGk9h8tV10u6mMcut1Gmao PTIIblRQNMmcbUaDRUoKcYhK2zGxhtcnuvdIKFS1m5imSQ9EVAp5/diXoual5HDb FVfwQhexZ14= =UjnU -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3 mQCPAix3/dIAAAEEAOEoi3n/Zfq4UtBHzCp+maxnBsLCf7ggxnwg567JQIHFv2wH 9M/VKKlUstWFuKdDcf3qlxP/B803U25ulFZ3G2Uvhe1E4kRkO0DgfHXUC0AdNHnO 1IH7mS8YpqzeDTChCUqCk2iz5GCt+EpOK5rUTDGkYRGyaOBhgtr1VGqG9otVABEB AAG0HEdlb2ZmIERhbGUgPHBsYXpAbmV0Y29tLmNvbT4= =VP4j -----END PGP PUBLIC KEY BLOCK----- _______________________________________________________________________ Geoff Dale -- insert standard disclaimers here -- plaz at netcom.com "We are the shock troops of reality." - Voice of the Friends (Wild Palms) From ld231782 at longs.lance.colostate.edu Mon Oct 25 23:20:12 1993 From: ld231782 at longs.lance.colostate.edu (L. Detweiler) Date: Mon, 25 Oct 93 23:20:12 PDT Subject: a desperate plea In-Reply-To: <9310260446.AA04496@kropotkin.gnu.ai.mit.edu> Message-ID: <9310260618.AA14323@longs.lance.colostate.edu> > I assume you also support the right to keep and bear arms. Good, cause >I'm coming over to put you out of your misery. You're like a horse with >a brain disease, I request that you be "shot" and removed from this list, or >prevented from posting. you're really upsetting me with your references to firearms and veiled threats. this is way uncool. please chill out. At least you seem to understand, `death is the ultimate form of censorship.' >Whatever Draconian measures >you implement to achieve your dreams of absolute accountability, they >simply WILL NOT WORK. Someone will find a way to circumvent them and commit >crimes. You're own real life example of a killer proves it. another argument, existence of criminal behavior [x] supports perversion [y] or lack of total perfection implies lack of necessity. I think I will name these Cromwell Arguments. no YOU don't get it. `we' do NOT have to implement DRACONIAN MEASURES to find some BENEFIT from IDENTIFICATION SYSTEMS. no system is FOOLPROOF and many will be SABOTAGED by CRIMINALS but are ultimately still SOCIALLY USEFUL AND DESIRABLE. [Gibson, Sterling] >Why should we >revere them? (especially since they are a rip-off of Vinge. True Names >and Fire Upon the Deep convey "internet" like sci-fi much better) oh, so you're now criticizing them. well, why don't you ask Mr. Vinge what he thinks of your perversions like `pseudospoofing'? I'm waiting at the edge of my keyboard. Please quote me relevant passages. Show how the Liberation of the Universe is attained with it. Make inferences to current reality from Dystopian Science Fiction. Show how nothing but systematic deception and lies will lead to any functional system other than barbarianism! > I think it's time to check into a mental hospital, you're losing it. yes, because I am willing to attack the #1 Cypherpunk cause, PSEUDOSPOOFING IS SACRED, (which took me the better part of a year to discover in all the obfuscation and brainwashing in black posts), I should be consigned to an asylum for my thought crimes. I now know what a thought crime is! And I know who has committed many! From kinney at ucsu.Colorado.EDU Mon Oct 25 23:39:54 1993 From: kinney at ucsu.Colorado.EDU (W. Kinney) Date: Mon, 25 Oct 93 23:39:54 PDT Subject: POISONOUS TrEaCHeRy Message-ID: <199310260636.AA19460@ucsu.Colorado.EDU> -----BEGIN PGP SIGNED MESSAGE----- Look, everybody's right: (1) Lying is bad. (2) Nothing you can ever hope to do will prevent people from ignoring (1). Jesus. Anybody who's ever had a lover should have learned this one real well by now... -- Will -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMxuF/fv4TpIg2PxAQEH4AP9GCn81EMfdH8BMdo6UATlUAZWx4rNQ/fR FixsjIK1irs3HQuZAbzVIx2RioRNQl83e7DHjRUEjHi93u8q3mN+2W9POB4exljZ 4CQROdOHfAik29NWA5/TDq7FfM2OGAaYdvYOy7uCbjdIWVwYw/xcc4HQ4lcL4TCO qDgZV7P2A9s= =qV8J -----END PGP SIGNATURE----- From rjc at gnu.ai.mit.edu Mon Oct 25 23:50:03 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Mon, 25 Oct 93 23:50:03 PDT Subject: a desperate plea In-Reply-To: <9310260618.AA14323@longs.lance.colostate.edu> Message-ID: <9310260646.AA04776@kropotkin.gnu.ai.mit.edu> L. Detweiler writes: > you're really upsetting me with your references to firearms and veiled > threats. this is way uncool. please chill out. This is why I think you need psychological help. Either you're a hypersensitive wimp, or you've got no life outside the net. Use your intelligence: I am sitting at a terminal a thousand miles away and I jokingly refer to shooting you and you become emotionally upset. No one else is as obsessed with pseudospoofing as you simply because speech over the net doesn't have so much an impact on us as they seem to you. I'm coming to kill your family tommorow with a rusty razor. > >Whatever Draconian measures > >you implement to achieve your dreams of absolute accountability, they > >simply WILL NOT WORK. Someone will find a way to circumvent them and commit > >crimes. You're own real life example of a killer proves it. > > another argument, existence of criminal behavior [x] supports > perversion [y] or lack of total perfection implies lack of necessity. I > think I will name these Cromwell Arguments. > > no YOU don't get it. `we' do NOT have to implement DRACONIAN MEASURES > to find some BENEFIT from IDENTIFICATION SYSTEMS. no system is > FOOLPROOF and many will be SABOTAGED by CRIMINALS but are ultimately > still SOCIALLY USEFUL AND DESIRABLE. So? If the majority of people will use pseudonyms honestly, why should they be punished for the few who are malicious? The same arguments you make against multiple-nyms are the very same arguments that can be made against strong crypto and for CLIPPER. Clipper isn't Draconian either and can argubly benefit society by making it easier for the FBI to catch criminals. What's your idealogical opposition to it then? I dare you to present your "identification system" I want to see the specifications on how it will work, and how you can oppose nyms and reject clipper/skipjack and maintain a consistent philosophy. I don't think you know what the hell you are talking about except for some vague utopian ideals you have. Come on, where are those algorithms? > [Gibson, Sterling] > >Why should we > >revere them? (especially since they are a rip-off of Vinge. True Names > >and Fire Upon the Deep convey "internet" like sci-fi much better) > > oh, so you're now criticizing them. well, why don't you ask Mr. Vinge > what he thinks of your perversions like `pseudospoofing'? I'm waiting > at the edge of my keyboard. Please quote me relevant passages. Show how > the Liberation of the Universe is attained with it. Make inferences to > current reality from Dystopian Science Fiction. Show how nothing but > systematic deception and lies will lead to any functional system other > than barbarianism! Why do you think I am concerned with the liberation of the universe? Actually, I'm concerned with MY liberation. Why do you believe that I care what any fiction author thinks? I make my own decisions and my own opinions and I don't care what Vinge thinks. I like his books, but that doesn't mean I have to agree with his real life philosophy. You're yet another leftist wacko who thinks you can prove theories through fictional story book worlds. Next you're be telling us that Bladerunner is proof of why we shouldn't progress with Biotechnology. > > I think it's time to check into a mental hospital, you're losing it. > yes, because I am willing to attack the #1 Cypherpunk cause, > PSEUDOSPOOFING IS SACRED, (which took me the better part of a year to > discover in all the obfuscation and brainwashing in black posts), I > should be consigned to an asylum for my thought crimes. If it took you a year and you still got it wrong, I think you should be consigned to elementary school. You're obviously a product of our EVIL and TREACHEROUS public school system screwups. -Ray p.s. you're dead, I'm gunning for you now baby! -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From sameer at infinity.hip.berkeley.edu Tue Oct 26 00:09:54 1993 From: sameer at infinity.hip.berkeley.edu (Sameer) Date: Tue, 26 Oct 93 00:09:54 PDT Subject: We Don't Need No Steenking Digital Superhighway!! In-Reply-To: <9310260550.AA13270@netcom5.netcom.com> Message-ID: > We helped kill the Superconducting Supercollider, now we can help kill > Al Gore's TipperNet fantasy. > Eeps. And considering Tipper's penchant for detweilering (Nice coinage) over "material-inappropriate-for-youngsters" we might have to have "porn-filters" on every gateway. From mdiehl at triton.unm.edu Tue Oct 26 00:19:53 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Tue, 26 Oct 93 00:19:53 PDT Subject: a desperate plea In-Reply-To: <9310260646.AA04776@kropotkin.gnu.ai.mit.edu> Message-ID: <9310260714.AA17539@triton.unm.edu> According to rjc at gnu.ai.mit.edu: > > L. Detweiler writes: > > you're really upsetting me with your references to firearms and veiled > > threats. this is way uncool. please chill out. > > This is why I think you need psychological help. Either you're a > hypersensitive wimp, or you've got no life outside the net. Use your > intelligence: I am sitting at a terminal a thousand miles away and > I jokingly refer to shooting you and you become emotionally upset. > No one else is as obsessed with pseudospoofing as you simply because > speech over the net doesn't have so much an impact on us as they seem > to you. I don't blame him at all. > I'm coming to kill your family tommorow with a rusty razor. This is a bit tasteless, don't you think. Come on, grow up. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From rjc at gnu.ai.mit.edu Tue Oct 26 00:43:54 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Tue, 26 Oct 93 00:43:54 PDT Subject: a desperate plea In-Reply-To: <9310260714.AA17539@triton.unm.edu> Message-ID: <9310260743.AA04917@kropotkin.gnu.ai.mit.edu> J. Michael Diehl writes: > According to rjc at gnu.ai.mit.edu: > > I'm coming to kill your family tommorow with a rusty razor. > > This is a bit tasteless, don't you think. Come on, grow up. That was sort of an inside joke directed at Perry. (it's the motd of the Extropian's mail server) However, if it sapped any of LD's bodily fluids, I'm happy. I'd have to be, since I'm an evil, treasonous Benedict Arnold of cypherpunks who should be hung by the neck or deported off the net. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From ebrandt at jarthur.Claremont.EDU Tue Oct 26 01:09:59 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Tue, 26 Oct 93 01:09:59 PDT Subject: We Don't Need No Steenking Digital Superhighway!! In-Reply-To: Message-ID: <9310260807.AA02509@toad.com> > Eeps. And considering Tipper's penchant for detweilering (Nice The Language Police say that "to detweil" is the verb, making "a detweiler" one who detweils -- as you may have observed. Actually, I'm more than a little embarrassed about this particular coinage, because it's not a flattering characterization of its namesake, who is obviously having a hard time with all this. I'd like to suggest, in fact, that it be buried. Eli ebrandt at jarthur.claremont.edu From kotze1 at batis.bis.und.ac.za Tue Oct 26 01:40:05 1993 From: kotze1 at batis.bis.und.ac.za (Christopher Kotze) Date: Tue, 26 Oct 93 01:40:05 PDT Subject: Join kotze1@batis.bis.und.ac.za Message-ID: <9310260838.AA02888@toad.com> Hi, please Add me Chris From an45548 at anon.penet.fi Tue Oct 26 02:20:08 1993 From: an45548 at anon.penet.fi (an45548 at anon.penet.fi) Date: Tue, 26 Oct 93 02:20:08 PDT Subject: No subject Message-ID: <9310260917.AA03312@anon.penet.fi> Any other cypherpunks going to the ACM conference on Computer and Communications Security next week? If so, is there any interest in getting a BOF together? ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From jkreznar at ininx.com Tue Oct 26 02:34:44 1993 From: jkreznar at ininx.com (John E. Kreznar) Date: Tue, 26 Oct 93 02:34:44 PDT Subject: CRYPTO + REPUTATIONS = A NEW ERA In-Reply-To: <9310211950.AA19355@netcom5.netcom.com> Message-ID: <9310260933.AA15937@ininx> tcmay at netcom.com (Timothy C. May) wrote: > Many of the currently "unsolved" > problems with digital money fade away--I contend, and will discuss if > there's interest--when the elements of reputation and reputation > capital are included. I'm surprised that many didn't jump on this offer. Maybe it's their preoccupation with Detweiler's shock at discovering that pseudospoofing can be an effective defense against his cherished tyranny of the majority. I for one would value your discussion. Please. John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. From trebor at foretune.co.jp Tue Oct 26 02:34:51 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 26 Oct 93 02:34:51 PDT Subject: Totally Anonymous Remailing In-Reply-To: <9310260243.AA27775@toad.com> Message-ID: <9310260929.AA13959@dink.foretune.co.jp> Eli writes regarding my Totally Anonymous Mailing scheme: >A problem here. The SEND system eliminates the risk of database >seizure, and encrypting mail to the remailer eliminates snooping on >incoming mail, but outgoing mail is unprotected. Anybody watching >net traffic coming out of the TAR can snoop the destination of SEND >requests, and reasonably presume that address to be the owner of the >nym. This is of course a problem with a penet-style setup too, but >it's something to fix if you want to be "totally anonymous". I don't think this is a problem. The send command is received by the mailing system encrypted by the mailer's public key. An outside observer can't decode the message. When it gets the message, the mailer decrypts the envelope, and gets the sender's pseudonym and an encrypted command (encrypted with the sender's private key). The mailer knows the pseudo's public key, so it can decrypt the command. If it is a spoofed command, the mailer gets junk, and merely sends email into the psuedo's account giving details of the intrusion attempt (which might just be an error on the owner's part). The outgoing mail packet(s) would be encrypted by the pseudo owner's public key, so only he could read them. Some mechanism might have to be added to prevent an irritating "spoof" attack where the attacker records an incoming message and merely duplicates it. This might involve having the server remember the last couple of weeks of command transactions, reject duplicates, and reject any messages more than a week "old." This would require a timestamp in the encrypted part of the message. The part of the proposal that really needs work is methods to make traffic analysis prohibitive. I suspect that a net of cooperative mailers, along with the ability to delay the relay of outgoing mail, might help in that regard. From trebor at foretune.co.jp Tue Oct 26 02:50:56 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Tue, 26 Oct 93 02:50:56 PDT Subject: Another Tussle with a Tentacle In-Reply-To: <9310260423.AA11740@longs.lance.colostate.edu> Message-ID: <9310260944.AA14154@dink.foretune.co.jp> Mr. Detweilers writes: >what, pray tell, do you define as *intersection*? the very existence of >the two pseudonyms on the same Cyberspace can be considered an `intersection'. Pseudo's intersect when they interact. You could have several psuedos here on the list, but so long as they didn't engage in the nasty behavior you abhor, fine by me. You could be the paranoid L. Detweiler and the arch-codemeister "Larry Goodhack" for all I care. Personally, I am getting a little tired of your ranting. I agreed with most of your position and got flamed for it. Thanks a lot. It's chillingly obvious you've read "How to Win Friends and Influence People." If you are willing to do the research and provide solid, verifyable evidence of such nastiness as you are convinced is happening, then do it. If you are willing to discuss the implications of dishonesty in a universe of anonymity, then that is a topic of interest. If all you are willing to do is rant about the boogieman under the bed, then please do your mumbling somewhere else in cyberspace. I _still_ think the issue that concerns you is an important one. I also think you are doing a very good job of ensuring that people don't give it critical thought. Who knows. Maybe that's your goal. Think about that, 'punks. From remail at tamsun.tamu.edu Tue Oct 26 03:52:14 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Tue, 26 Oct 93 03:52:14 PDT Subject: Some possible projects/topics for CypherPunks Message-ID: <9310261048.AA15347@tamsun.tamu.edu> Here's some topics that I've been wanting to bring up with the CypherPunks. I figured it'd be best to just drop one email/post rather than 4. 1. HARDWARE: What about building our own machines? This is the Vinge-ian crypto-anarchy theme ultimately. We should be able to produce our own technology, and not depend on the merchantile/government-mandated economic system/monopolies. I see this as being very important to the oceania/autopia/technomad ideas and projects of creating ocean-going free societies. Or is anyone interested in starting a parallel list of sorts for the hardware-punks? 'ware-punks? :-) or perhaps an even better name would be The Homebrew Computer Club^2. 2. STEGENOGRAPHY: Using the genome project data listings (bionet.molbio.genbank.updates) as a stegenographic source to hide encrypted info in. Similar to the alt.w.a.s.t.e NG, but more public. Of course, it'd be bad if your ecrypted data got credited with curing/causing a genetic disease.... => 3. PUNK-NET: (see HARDWARE above) 4. POLITICS/ANONYMITY: I may have missed this, but has anyone discussed Gibson's "The Republic of Desire" idea of having a network based guerilla organization? Not that we need to be guerilla's yet, but... I think the guerilla cell organization would probably lend itself to using the DC-net protocols, and developing webs-of-trust organizations. Thoughts, comments, etc? sweetly, Ducoyuh Gemugez Tokuzuham Neshotsu From gg at well.sf.ca.us Tue Oct 26 04:15:03 1993 From: gg at well.sf.ca.us (George A. Gleason) Date: Tue, 26 Oct 93 04:15:03 PDT Subject: a desperate plea Message-ID: <93Oct26.041150pdt.14145-1@well.sf.ca.us> Ray, your little rant about Detweiler, with those "I'm going to kill you" things, is really getting on my nerves as well. "wimp" and so on are ad-hominems of the worst kind; in Berkeley we'd take that as a homophobic slur similar to saying, "typical Jewish attitude" or some such. Please stop clogging the mailing list with this bullshit, like NOW. If you have rational points to make in a spirit of good will, please do so. If all you have to say is along the lines of your last posting, then I'd urge you to get the hell off this list, and find somewhere else to play dumb games. -gg From smb at research.att.com Tue Oct 26 04:40:57 1993 From: smb at research.att.com (smb at research.att.com) Date: Tue, 26 Oct 93 04:40:57 PDT Subject: No subject Message-ID: <9310261134.AA05931@toad.com> Any other cypherpunks going to the ACM conference on Computer and Communications Security next week? If so, is there any interest in getting a BOF together? I'll be there -- I'm presenting a paper. But I don't know about BOFs with a bunch of folks wearing masks... --Steve Bellovin From pcw at access.digex.net Tue Oct 26 05:07:42 1993 From: pcw at access.digex.net (Peter Wayner) Date: Tue, 26 Oct 93 05:07:42 PDT Subject: Apple, AOCE, and key pair security Message-ID: <199310261158.AA15118@access.digex.net> Last night, I installed my version of System 7 Pro-- the new version of the Apple Macintosh Operating System with built in Digital Signature capabilities. Here's the details: 1) The package contains two extra pieces of paper. One is a voucher that is good for one free certificate. The second is an address and instructions for just what to do. 2) The installation process is very simple. You click on some icon to get the software running and then you: i) Fill in a form with your name and address. ii) Choose a country from a very long list. iii) Add in an identifying phrase. The manual says that you should "Type a word or phrase you can remember. You may have to provide this phrase if the Approval Authority needs to verify your identity." This may be used if you forget or lose something. I'm not sure. Perhaps it is a random number seed. Perhaps it is transmitted to RSA for the same purposes as the "mother's maiden name" passphrase used by banks. I don't know. iv) Then you type in a password. This is the same password that you type in each time you want to make a signature for a document. It seems to encrypt your private key. Jim Bidzos says that the software is careful enough to do this work only in memory where it is relatively safe. v) You choose a location for your signing icon. At first this will be "unapproved" and it won't work. Eventually, when you get a disk back from RSA, you'll be able to sign a document just by dragging it on to the signing icon. Then a dialog box will open up asking you for password. vi) A "processing" box appears and says that it will need to compute for the next 1 to 10 minutes. It doesn't say that it is looking for a prime, but that is entirely possible. Paranoids will hate this opacity. 3) Now, you get a nice print out of some random characters. The text says that you can just send the paper if you've a printer that is capable of 300 dpi resolution. Apparently, they plan on using OCR to read this in. 4) You take this paper to a Notary Public and present 3 forms of identification. The form asks the Notary to write down all of this and sign it. It also instructs the Notary that this cannot be done in any other way than in person. No Agents, Spouses etc. 5) You mail it off to a PO Box in Belmont CA and wait. 6) When it comes back, you probably get a disk that will allow you to initialize everything. Some Random Observations: *) The Certificates come with a built-in time limit. They're only good for two years. The software comes with a renewal mechanism so I think that people will be mailing checks in a couple of years. *) I'm not sure how complicated this procedure is for large corporate users. The book hints that you may get your signature from a company representative. *) They included a sample signer so you can play with the technology out of the box. I signed a few things and got the software to break by trying to sign the "DigiSign Utility." I.e. itself. *) The signature verification process is very well integrated. You simply open up the little info box that is available for each icon. There will be a extra button with a pen. Push it and the name and address of the signatory pops up. *) The signature is saved as a resource in the resource fork. The address is in the clear including several addresses for RSA. I tried fudging with them for grins and the signature broke. The software reported that it was tampered with. Good show. *) It took about 30 seconds to sign a 200k document on a IIci. Final impressions: Software Ease of Use: A+ Paranoia Avoidance: F (no source code or instructions on how to generate your own signature) RSA Cash Infusion: A (more checks in 2 years) Boost to Public Crypto Usage in short term: A+ Boost to Public Crypto Usage Two Years from now when the Certificates Run Out: INC (Who can remember to re-authorize these things?) From m5 at vail.tivoli.com Tue Oct 26 05:55:26 1993 From: m5 at vail.tivoli.com (Mike McNally) Date: Tue, 26 Oct 93 05:55:26 PDT Subject: a desperate plea In-Reply-To: <9310260618.AA14323@longs.lance.colostate.edu> Message-ID: <9310261249.AA09063@vail.tivoli.com> rjc at gnu.ai.mit.edu [ note: that's someone different from me ] writes: > I'm coming to kill your family tommorow with a rusty razor. I wonder if Mr. Godwin will consider explaining whether making "threats" like the above, serious or not, can possibly result in a period of less-than-pleasant interactions between the author and the FBI. (I'm honestly curious; I really have no idea whether the answer is "yes" or "no".) If Mr. Detweiler were the President, then I would advise "rjc" to rapidly locate a lawyer... -- Mike McNally From honey at citi.umich.edu Tue Oct 26 07:14:53 1993 From: honey at citi.umich.edu (peter honeyman) Date: Tue, 26 Oct 93 07:14:53 PDT Subject: a desperate plea Message-ID: <9310261357.AA07695@toad.com> yeah, and maybe we need mike's opinion as to whether mail forgery is the same as high treason. mutter. this saga has moved me from sympathy to amusement to boredom. irritation follows close on boredom's heels. i wish lance would just go get some prozac or whatever modern drug cures whatever he's got. barring that, i wish he would just go away. peter From dmandl at lehman.com Tue Oct 26 07:14:56 1993 From: dmandl at lehman.com (David Mandl) Date: Tue, 26 Oct 93 07:14:56 PDT Subject: Net Regulation Message-ID: <9310261345.AA07208@disvnm2.lehman.com> > From: peb at procase.com (Paul Baclace) > > > From: "Perry E. Metzger" > > Admittedly, if someone could put a *loyal* armed soldier over > > everyone's shoulder on earth they could control everyone. How, though, > > could they manage to do this? > > By getting everyone to obey the "policeman inside" (concept due to > Wm. Burroughs, recently quoted by Wm. Gibson in WIRED Sept/Oct). Yup, the state has been counting on this for years. It's hard to explain how people put up with the shit they put up with any other way. Wilhelm Reich talked about this many many years ago (concept of "character armor," which is probably where WSB got the idea. To paraphrase WR: "The puzzling thing isn't why 2% of people who are starving steal food, but why the other 98% *don't*." (Forgive my anti-propertarian example, but I think you get the idea.) --Dave. From frissell at panix.com Tue Oct 26 07:40:52 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 26 Oct 93 07:40:52 PDT Subject: Net Regulation Message-ID: <199310261432.AA28581@panix.com> To: cypherpunks at toad.com P >By getting everyone to obey the "policeman inside" (concept due to P >Wm. Burroughs, recently quoted by Wm. Gibson in WIRED Sept/Oct). P > P > P >Paul E. Baclace P >peb at procase.com P > P > If you've looked around much you will have noticed that the "policemn inside" is falling down on the job. Disobedience seems to be increasing. Duncan Frissell --- WinQwk 2.0b#1165 From nate at VIS.ColoState.EDU Tue Oct 26 07:40:55 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Tue, 26 Oct 93 07:40:55 PDT Subject: We Don't Need No Steenking Digital Superhighway!! In-Reply-To: <9310260807.AA02509@toad.com> Message-ID: <9310261431.AA24330@vangogh.VIS.ColoState.EDU> -----BEGIN PGP SIGNED MESSAGE----- [I will make no mention of Detweiler's rants, or the coinage of the phrase "to detweil"] I think that Tim has made a _very_ important point, and several of the others have made posts supporting it. If the government is to build a National Super-Duper Digital Highway system, they are extremely likely to feel the "need" to monitor it. They built the backbones of the Internet, and look at the NSA.... reading your email, perhaps? I had heard that the Gov was going to shell out money, and let private industry build it, I don't know if it's true, or not, but something I really HATE is the abridging of my freedom of speech (not to mention my feelings on personal privacy) I think that this is becoming the second large-scale battle we face, the Clipper/SkipJack/Capstone fiasco being the first. Lets forget about ravers [detweiler] and move on... There's battles to be one, 'm boys! - -nate - -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46 | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Guerrilla Cryptographer Always remember "Brazil" From nate at VIS.ColoState.EDU Tue Oct 26 07:40:55 1993 From: nate at VIS.ColoState.EDU (CVL staff member Nate Sammons) Date: Tue, 26 Oct 93 07:40:55 PDT Subject: CRYPTO + REPUTATIONS = A NEW ERA In-Reply-To: <9310260933.AA15937@ininx> Message-ID: <9310261432.AA24364@vangogh.VIS.ColoState.EDU> -----BEGIN PGP SIGNED MESSAGE----- writes John E. Kreznar: > >tcmay at netcom.com (Timothy C. May) wrote: > >> Many of the currently "unsolved" >> problems with digital money fade away--I contend, and will discuss if >> there's interest--when the elements of reputation and reputation >> capital are included. > >I'm surprised that many didn't jump on this offer. Maybe it's their >preoccupation with Detweiler's shock at discovering that pseudospoofing can be >an effective defense against his cherished tyranny of the majority. I for one >would value your discussion. Please. > > John E. Kreznar | Relations among people to be by > jkreznar at ininx.com | mutual consent, or not at all. > As would I. - -- +-----------------------------------------------------------------------+ | Nate Sammons email: nate at VIS.ColoState.Edu | Colorado State University Computer Visualization Laboratory | Finger nate at monet.VIS.ColoState.Edu for my PGP key | Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46 | Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden +--------+ Guerrilla Cryptographer Always remember "Brazil" From frissell at panix.com Tue Oct 26 07:40:55 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 26 Oct 93 07:40:55 PDT Subject: Net Regulation Message-ID: <199310261432.AA28584@panix.com> To: cypherpunks at toad.com C >Douglas Barnes (cman at illuminati.io.com) writes: C >1) Let's say, just for instance, that all computer programmers in C >Europe and the US switch places, and become Permanent Tourists. Do you C >think that anyone would notice? Jobs that are ripe for virtual expatriation: o software writing (obviously) o all the rest of the software industry o all other kinds of writing o financial services o law o journalism o entertainment (acting, vocals, production, VR, techs, distribution, sales -- the whole chain) o telecommunications (almost all industry segments) o marketing, design, advertising, sales of most products o teaching (in spite of your claim to the contrary) o medicine (large chunks including specialist consultation and psychology). Slick Willie included "virtual medicine" in his AHSA'93 propaganda for God's sake. o gambling o "management" This is just with current technology, once the VR interface gets good enough, we can add prostitutes and surgeons to the list. C >3) One of the persistent problems in solving unemployment problems in C > both the US and Europe is that folks JUST WON'T MOVE. Let's assume that no American moves. What about all the people who are already offshore or in countries that permit easy offshore activities by their residents. With a 30% to 50% tax savings, they can undercut the domestic competition who will have to either relocate or face declines. C >Most Americans are hidebound, closed-minded people who couldn't C >even find the US on an unlabelled map, much less MOVE to another C >COUNTRY. But not a problem for many of the rest of the world's population. Besides, as we grow a society on the nets, any residents of *that* society can move their bodies anywhere without leaving home. And what are the political characteristics of net society? Since coercion is difficult, persuasion (whether reasoned or ranting) is the primary technique. It is a free society. As long as it remains free (and try to imagine the technical difficulties involved in bringing it to heel), many people will be spending a lot of their time in a free society (even the channel surfers downloading their favourite vids). They won't like having to come back to earth to deal with the DMV. C >4) The inability of most of our fellow citizens to process text and C > numbers is staggering; it's not clear by any means that they're C > ready for jobs in their same CITY where they live, if it involves C > any significant reading or writing skills. How are these people Their "point and click" muscles are well-developed. Once the VR interface improves... But seriously, they don't have to do anything to benefit from the technology-driven social revolution we're part of. They benefit from markets or electronics whether they know anything or not. Besides, they play one of the most important roles in the digital revolution -- as *customers*. C >Remember, they're still citizens of an alleged democracy and thus have C >their collective finger on one of the largest coercive apparati in the C >world. With no place to apply the force. A "target lean" environment not because there are so few targets but because they are mixed in with so much other activity. The power of the nation state was based on superior organization and its control of armed muscle, transportation, and communications. Aside from other states, its only opponents were poorly organized peasants or townies "bound to the soil." States no longer control communications or transportation and their opposition is rich and mobile. Their hierarchical organization is expensive, slow, and has few returns to scale in an era where I can pick up the phone and rent a 747 within an hour. It can't cope with very nimble markets that will continue to accumulate a higher and higher proportion of the world's wealth. The organized muscle deployed by states is of limited value with few open targets to fight. It just costs money. C >5) If folks don't move, but try to get cute with where their income C >is coming from, they will almost certainly be persecuted by the IRS, C >independent of current law, if their numbers become significant. Then why haven't they done so yet with tax compliance at an all-time low according to official IRS studies. 10 million non-filers, 10 million fraudulent filers, 52% unreported income by small businesses, 61% non-filers among US expatriates. C >It wouldn't take too many "examples" to force whatever tax regime the C >IRS felt was necessary. So governments are all powerful. They can't fail. The May Day parade in Moscow will be great next year. Tax evasion is impossible. You can't win, you can't break even, you can't get out of the game. Drugs have been banished from the cities; crime has disappeared; all government school pupils are literate, numerate, and well-groomed. I realize that it's sometimes hard to see major institutional change while it is underway. Governments face very grave institutional challenges. Revenue losses off the top will hurt as different factions fight for the remaining dough. Don't think of virtual expatriation as a conscious conversion to a philosophy of self-government, a political movement, or a "business plan" -- think of it as changing channels. Duncan Frissell And I just wanted to thank everyone for helping me write my talk for the First European Conference on Computers, Freedom, and Privacy (or whatever the order is) -- November 20th in London. --- WinQwk 2.0b#1165 From koontzd at lrcs.loral.com Tue Oct 26 07:58:48 1993 From: koontzd at lrcs.loral.com (David Koontz ) Date: Tue, 26 Oct 93 07:58:48 PDT Subject: MEDUSA'S SNAKE SPEAKS In-Reply-To: Message-ID: <9310261450.AA16538@nebula.lrcs.loral.com> Found in my mailbox. I've contacted root at netcom.com. Any suggestions? (the login name has been changed to conceal the guilty, do not attempt to use it. I added the quote at the end for effect. Do you like it?) >Still posting my phone number, asshole? Are you really trying to pick a Ya, change your login/get an aliases for posting, lie fallow, be succinct. If one were to consider your stature in posting to the net as coin or valuata, both parties to the above exchange are passing bad checks. --- produce, consume, die. From mnemonic at eff.org Tue Oct 26 08:05:57 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 26 Oct 93 08:05:57 PDT Subject: We Don't Need No Steenking Digital Superhighway!! In-Reply-To: <9310260550.AA13270@netcom5.netcom.com> Message-ID: <199310261458.AA06967@eff.org> Tim May writes: > Very true! In fact, it is the EFF's talk about the "need" for such a > government effort that really worries me about the EFF (a mild kind of > worry...I haven't completely detweilered over it). I'm not clear just > how central are these issues to the EFF, currently, but I urge us all > to try to convince them that the "electronic frontier" really doesn't > need government-built channels and routes. EFF has been convinced of this since the beginning. The last thing EFF wants is to have the government build the national information infrastructure. Instead, we want to encourage both a variety of information conduits, with a high degree of interoperability, but built by private enterprise. The idea of the Open Platform (see our papers at ftp.eff.org) is for private enterprise to create an environment in which *anyone*--not just a media giant--can become an information provider, and in which any BBS has the potential to become the WELL or CompuServe, or whatever it likes. Since both the telcos and the cable companies already operate under a high degree of regulation, the issue isn't whether government should play no role--it's already playing a pretty serious role. Instead, the issue is how the government can reduce its regulatory role and at the same time increase incentives for the kind of flexible, switched networks that support the many-to-many paradigm rather than the traditional one-to-one paradigm of the telcos or the one-to-many paradigm of the broadcasters. The result should be a highly competitive environment with less need for regulation, whether we're talking about local-loop telephone service or computer-based conferencing systems. > And unlike the Interstate Highway System (actually called the National > Defense Transportation System, or somesuch, clearly an > autobahn-inspired Eisenhowwer defense project), which arguably needed > a government-level effort to obtain the land, the crossings, etc., no > such government-level effort is needed to lay more cable, put up more > satellites, etc. EFF thinks these things will happen anyway, and is not interested in having the government do them. > We helped kill the Superconducting Supercollider, now we can help kill > Al Gore's TipperNet fantasy. The notion of government-funded information superhighways, as originally conceived, is already dead, killed by lack of government money (just as the supercollider was killed). EFF supports NREN, but only as a testbed for what the NII is eventually going to look like--we can learn a lot about how networks run by studying the controlled anarchy and the support of information niches that exists on the Net. It is commonly thought that EFF supports some kind of massive government undertaking to build the information infrastructure. But those who read our position papers at ftp.eff.org know different. --Mike From pmetzger at lehman.com Tue Oct 26 08:18:12 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 26 Oct 93 08:18:12 PDT Subject: a desperate plea In-Reply-To: <9310260308.AA10040@longs.lance.colostate.edu> Message-ID: <9310261509.AA19858@snark.lehman.com> "L. Detweiler" says: > please do not fill my mailbox with[...] > please do not say [...] > please do not say [...] > please do not talk about[...] Why don't you go away? You are filling OUR mailboxes with junk. Perry From pmetzger at lehman.com Tue Oct 26 08:18:14 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 26 Oct 93 08:18:14 PDT Subject: an open offer In-Reply-To: <9310260528.AA03201@anon.penet.fi> Message-ID: <9310261513.AA19866@snark.lehman.com> S. Boxx says: > Hello, I'm trying to build up our pool of information and inside > informants. This will be the last offer (that's why it's on the list). Detweiler, will you please shut up and go away? .pm From mnemonic at eff.org Tue Oct 26 08:18:18 1993 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 26 Oct 93 08:18:18 PDT Subject: a desperate plea In-Reply-To: <9310261249.AA09063@vail.tivoli.com> Message-ID: <199310261513.AA07133@eff.org> Mike McNally writes: > I wonder if Mr. Godwin will consider explaining whether making > "threats" like the above, serious or not, can possibly result in a > period of less-than-pleasant interactions between the author and the > FBI. (I'm honestly curious; I really have no idea whether the answer > is "yes" or "no".) It's more likely that it would draw the attention of state and/or local law enforcement: most states have laws against "terroristic threats." Whether the comment qualifies as a genuine terroristic threat is open to question. (Why threaten with a rusty razor? True terrorists keep their tools sharp.) --Mike From ckd at kei.com Tue Oct 26 08:20:00 1993 From: ckd at kei.com (Christopher Davis) Date: Tue, 26 Oct 93 08:20:00 PDT Subject: We Don't Need No Steenking Digital Superhighway!! In-Reply-To: <9310260427.AA00771@tamsun.tamu.edu> Message-ID: <199310261514.LAA13689@loiosh.kei.com> TCM> == Timothy C May TCM> In fact, it is the EFF's talk about the "need" for such a government TCM> effort that really worries me about the EFF (a mild kind of TCM> worry...I haven't completely detweilered over it). I'm not clear TCM> just how central are these issues to the EFF, currently, but I urge TCM> us all to try to convince them that the "electronic frontier" really TCM> doesn't need government-built channels and routes. Have you read the article in _The New Republic_, titled "Mitch Kapor: Data Highway Guru"? It's been conveniently electronified and is included in O'Reilly's _Global Network Navigator_ hyperzine, even. (Mail info at gnn.com for details.) This quote's well within fair use size, given the size of the article: Kapor supports a nationwide fiber grid, and sees ISDN as a transitional step, not a substitute. Still, he does oppose big government financing for fiber, and this financing did seem a live prospect in January, after Gore's ambitious campaign rhetoric. Gore now says he was misinterpreted and had never envisioned a big government role. In any event, the interest in ISDN stoked by EFF and Markey helped end discussion of any such role. I highly encourage you all to give the article a look; since GNN is free, anyway... -- Christopher Davis * * (was ) * MIME * RIPEM * [CKD1] This netnews posting is presented in the original 80-column aspect ratio. The black bars bordering the headers and .signature are normal for this format. From lefty at apple.com Tue Oct 26 10:35:42 1993 From: lefty at apple.com (Lefty) Date: Tue, 26 Oct 93 10:35:42 PDT Subject: a desperate plea Message-ID: <9310261614.AA16510@internal.apple.com> Ray faovrs us with > >J. Michael Diehl writes: >> According to rjc at gnu.ai.mit.edu: >> > I'm coming to kill your family tommorow with a rusty razor. >> >> This is a bit tasteless, don't you think. Come on, grow up. > > That was sort of an inside joke directed at Perry. (it's the motd >of the Extropian's mail server) However, if it sapped any of LD's bodily >fluids, I'm happy. I'd have to be, since I'm an evil, treasonous >Benedict Arnold of cypherpunks who should be hung by the neck or deported >off the net. No, in point of fact, you're a poorly adjusted infant who finds it amusing to stand at a safe distance and clog up the net with threats which he surely would never dare to make face-to-face. Ray, before you recommend psychological evaluation for others, it might be worth considering looking into some for yourself. You might also want to give Jacoby and Meyers a call and ask them for a quick rundown on the prevailing assault statutes. Please take your cowardly bravado to private email. You're about as impressive as a third-grader sticking out his tongue at the playground bully from behind the safety of his mother's skirt, a situation with which I can't help but feel you have some personal familiarity. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From remail at tamsun.tamu.edu Tue Oct 26 10:35:42 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Tue, 26 Oct 93 10:35:42 PDT Subject: random numbers and human nature Message-ID: <9310261621.AA03592@tamsun.tamu.edu> maybe i'm just stupid, but i haven't seen this discussed yet. has anyone realized that there will be a lot of encrypted data out there when the "general public" starts using encryption regularly? think about it. people will pick passwords/phrases that they *think* they'll remember when they next decide to decrypt the file or whatever. and these are the people that come out of shopping malls and have hard time finding where they parked car. how many times have you had to regen your pub/sec keys? :) sweet & sour, Ducoyuh Tokuzuham Gemugez Neshotsu From bill at twwells.com Tue Oct 26 10:35:42 1993 From: bill at twwells.com (T. William Wells) Date: Tue, 26 Oct 93 10:35:42 PDT Subject: anti-social behavior In-Reply-To: <9310260646.AA04776@kropotkin.gnu.ai.mit.edu> Message-ID: Over on ASAR, we give warning for anger. Consider yourself warned. In article <9310260646.AA04776 at kropotkin.gnu.ai.mit.edu>, wrote: : I'm coming to kill your family tommorow with a rusty razor. I despise Detweiler. I also think he ought to be in a mental hospital. However, this is evil, anti-social behavior. It is abusive beyond any possibility of shrugging it off. Stop it. Don't make excuses. I don't *care* if you think this sort of think is "just a joke". It isn't. OK, you don't understand. That's irrelevant. Just take it from older and wiser heads that it is unacceptable. STOP IT. No, I'll make it stronger. Either you apologize to me, to Detweiler, and to the list, or the list owner removes you from the list, or I go. I will not be associated with a group that tolerates this sort of behavior. (Does anyone want to know why I'm so incensed. Check out ASAR for awhile. Understand that this person's behavior, and excuse making, is indistinguishable from the abuse that makes that newsgroup necessary.) From frissell at panix.com Tue Oct 26 10:35:50 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 26 Oct 93 10:35:50 PDT Subject: an open offer Message-ID: <199310261634.AA20031@panix.com> A >(To the insiders: it will be quite awhile before we sort everything A >out and file charges, so be patient.) Don't wait too long. We might be out of the jurisdiction. DCF Say, is there any way we could knock cypherpunks off the nets for four days? Did the s/n ratio on extropians a world of good. Maybe the extropian list software could incorporate random outages throughout the year. Just a thought... --- WinQwk 2.0b#1165 From an41418 at anon.penet.fi Tue Oct 26 10:40:42 1993 From: an41418 at anon.penet.fi (wonderer) Date: Tue, 26 Oct 93 10:40:42 PDT Subject: No subject Message-ID: <9310261646.AA04673@anon.penet.fi> I'll be there, but I probably won't identify myself without my mask. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From frissell at panix.com Tue Oct 26 10:40:43 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 26 Oct 93 10:40:43 PDT Subject: a desperate plea Message-ID: <199310261634.AA20026@panix.com> L.>the Constitution specifically prohibits `high treason'. Or are we now L.>against the Constitution? It's hard to keep track lately. Little hint for you traitors out there. Only citizens can be convicted of treason. If you renounce your citizenship prior to your treasonous acts, you're home free. L.>The cypherpunk `agenda' has become so closely indistinguishable with L.>raw criminality and evil it horrifies me. [Ted Bundy, etc.] People whose identities are known have murdered more people than people whose identities are unknown. Janet Reno murdered many more people than Ted. Lot of good arguments against democracy in this post. We can use the moral support. Duncan Frissell --- WinQwk 2.0b#1165 From frissell at panix.com Tue Oct 26 10:40:48 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 26 Oct 93 10:40:48 PDT Subject: CPSR NII Paper Message-ID: <199310261634.AA20020@panix.com> To: cypherpunks at toad.com B> COMPUTER SCIENTISTS RAISE SOCIAL AND DESIGN CONCERNS B> ABOUT THE INFORMATION HIGHWAY B>many dangers on the horizon B>small number of companies dominate the market B>companies control the programming B>pricing structures do not cover universal service B>privacy isn't protected B>not designed to allow everyone to communicate freely B>"To achieve that vision, however, the government must play a major role B>in the design, development, and regulation of the network." Commies -- Ya gotta love 'em. Are there any "designs" for the NII that don't include telephones, email, and internetworking connections? Given those, the rest is irrelevent. Anyone who wants to can build their own virtual networks no matter what the "service providers" do. Are these people stupid or just power mad? Networking is and will continue to be nearly free. Who has better network connections with "universal access" Europeans or Amricans? Duncan Frissell "Skim the Cream" "Skim the Cream" "Skim the Cream" -- the next commie that says that to me is sure going to get his cream skimmed. --- WinQwk 2.0b#1165 From lefty at apple.com Tue Oct 26 10:44:26 1993 From: lefty at apple.com (Lefty) Date: Tue, 26 Oct 93 10:44:26 PDT Subject: an open offer Message-ID: <9310261700.AA17003@internal.apple.com> "S. Boxx" tries to scare us by writing: > >(To the insiders: it will be quite awhile before we sort everything out >and file charges, so be patient.) Perhaps as long as several millenia, eh? -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From owner-cypherpunks Tue Oct 26 12:46:30 1993 From: owner-cypherpunks (owner-cypherpunks) Date: Tue, 26 Oct 93 12:46:30 PDT Subject: No Subject Message-ID: <9310261946.AA01746@toad.com> From fnerd at smds.com Tue Oct 26 13:16:25 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Tue, 26 Oct 93 13:16:25 PDT Subject: ADMIN: proposed new policy on the mailing list Message-ID: <9310262009.AA19841@smds.com> I want to publicly support the proposal to delay unsigned messages. Of course, it's easy to fake a signature, so the sigs would have to be verified against some list of public keys--perhaps automatically updatable. This is despite the fact that signing securely would be very tough for people like me. -fnerd at smds.com From unicorn at access.digex.net Tue Oct 26 13:16:25 1993 From: unicorn at access.digex.net (Dark) Date: Tue, 26 Oct 93 13:16:25 PDT Subject: help/subscribe Message-ID: <199310262010.AA09195@access.digex.net> Re: Subscription requests and Bandwidth It seems I perpetrated a vile and offensive error in sending a subscribe request directly to the list. My request of course generated a multitude of angry cypherpunks (Not the type of people you want angry with you I might add) to reply and tell me where to look and where to stick my request (in the most polite possible ways I assure you....) Now allow me to waste more bandwidth and apoligize :) On another note: Has anyone noticed the post regarding U Chicago's computer policy and it's omnious overtones against psuedo and anonymous postings? I believe it was floating around alt.privacy and I was wondering if anyone had any more idea about where it might go from there. Despite the fact that I believe the policy to just be lacking in general and its limitation on privacy in general an oversite, I wonder how much intent was involved. Shall I provide a copy of the offending policy or has it circulated yet...? -uni- (Dark) From lefty at apple.com Tue Oct 26 13:21:25 1993 From: lefty at apple.com (Lefty) Date: Tue, 26 Oct 93 13:21:25 PDT Subject: Anonymous Geeks With Killfiles Message-ID: <9310262010.AA20816@internal.apple.com> Some anonymous geek writes: > >In article <931025174804_72114.1712_FHF124-2 at compuserve.com>, >Sandy <72114.1712 at CompuServe.COM> wrote: >: [who cares?] > >You are a rude and obnoxious individual who believes that an >argument can be answered with ad hominem. What, you mean like calling 'em "rude and obnoxious"? >If you had anything >worth paying attention to, you sabotaged any possibility of my >paying attention to it by your actions. > >Welcome to my killfile. I can imagine the extreme degree of concern that Sandy must be feeling over being placed in the killfile of an unidentified non-entity. -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From mech at eff.org Tue Oct 26 13:31:26 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 26 Oct 93 13:31:26 PDT Subject: pseudospoofing survey In-Reply-To: <9310240835.AA08908@longs.lance.colostate.edu> Message-ID: <199310262026.AA14561@eff.org> > 1. `True Name' -- for our purposes let this be defined as the name on > your birth certificate, your legal identity. That's a bad definintion. The name on *my* b.c. is NOT my legal identity. [2. name one goes by all the time on the net, 3. anonymous] > 4. `pseudonymous' -- a variation of (3) where arbitrary identification > is used to build up a reputation under a presumed name, but > characteristics of the message make clear that the identity is an > *alias* for someone's *unique* identities under (1) or (2). The > nicknames associated with the Helsingius server ID's would be an example. > > 5. `pseudoanonymous' or `pseudospoofed' -- the message could either be > someone's `true name' or an invented alias, but *no* characteristics of > the message (including the message by the author) can discriminate > exactly *which*. I fail to see how, under this definition, it differs from category 2. If I'd ALWAYS posted under the name George P. Schrader, then that is the identity that would be ascribed to me. No one can tell if "Stanton McCandlish" is my true name either. None of you actually know that. I could be a persona of Shari Steele for all anyone really knows. > Very serious abuses of (5) can lead to insideous deception and > treachery, particularly in the interplay between public and private > messages, and I'm absolutely aghast to see the capability for (5) > championed as `privacy' here and in my mailbox by many people (or > phantoms, I'm in total confusion) I used to respect. But this is all another essay. I think you are missing a major point, namely that in the future world of the net, ANYONE can do this. The entire meaning of "identity" is going to change, and the meaning of "person" and "you" and "me", even as it is ALREADY changing. Read up in Hackers Dictionary, as a small example, of how Guy L. Steele still is known as gls (his login ID from 15 years ago) EVEN BY HIS WIFE, in day to day conversation. People become their online personae. If people happen to have more than one, SO WHAT? It is in human nature to have multifaceted personalities, and I for one don't see any real difference between wearing black and being glum one day while wearing colours and being cheerful the next, and using 2 different online pseudos. It may not be CONVENIENT for the reader, but is it really anyone's business if I am who I say I am, and if someone else that they've been conversing with is also me? It is unusual, but it's not evil. It's really no more strange that halloween or a masquerade ball. In the case of forged identities stolen from someone else, yes that could be a problem, but the problem is not the technology that allows it, but the ATTITUDE that allows it. Guns don't kill people, people do. > In (3) and (4), the reciever *knows* that the message can be from > *anyone*. In (5), the receiver does *not* know, and may even be > *misled* into believing that a message is in categories (1) or (2) when > it is in fact in fact `anonymous'. IMHO this is *very* dangerous. This is patently false. I say this on the grounds that in ALL cases of ALL email, people know that the message can be from anyone. Period. End of story. If you do not authenticate the message w/a digital sig, and if the recipient does not verify it, that is NOT the fault of the technology that makes "pseudospoofing" possible, it is the fault of the users, if they believe that mail that says it's from X must perforce necessarily be from X. If people do NOT know this, it is again not the fault of the net or of anonymous services, it is the fault of the clueless. What you advocate seems strikingly like suggesting that we eradicate emacs, because someone somewhere might not RTFM and might cry and whine about not being able to use it right. > To further emphasize this distinction, in some sense categories (1) - > (2) are *attributable* to *unique* identities. When I see messages in > categories (1) or (2) on a mailing list, in my mailbox, or in Usenet > postings, FTP articles, whatever, I can attribute them to unique people > by definition. We also might call (1) `accountable', and if an online > account under (2) can be traced to a legal identity, it would be also. You most assuredly cannot confidently attribute any non-signed (and unverified-by-you) message to any unique person, by the definition of what email consists of and how it is produced. Simply the existence of "pseudospoofing" makes this so. > Categories (3) and (4) are *not* attributable to unique identities. A > single person could post anonymously multiple times or pseudonymously > under multiple identities. If a person has only one pseudonym, let's > say that's `quasi- or semi- accountable'. This also makes no sense to me. How can one be said to be "quasi-accountable", particularly since there is no way for you to acertain that they DO only have one pseudo? To be accountable, someone or something must make you account. > But not only is (5) *not* attributable to *identities*, it is not > `attributable' to any of the previous *categories*! Hence, let's call > messages in the categories (1) - (2) `attributable', (3) - (4) > `nonattributable', (1) - (4) `uncamouflaged', `white', `open' or > `unsurreptitious', and (5) `nonattributable' and `camouflaged', > `black', or `surreptitious'. (I leave it to subsequent debate to > stabilize on the most descriptive and memorable terms.) Not to mention the rather stale (and, someone would say sooner or later, racist) psychology at work here. I don't argue from the "PC" side of things, but "black and white"? Come now. The real world, whether virtual or otherwise is a very very grey place. This Tolkienism is simply impractical. > This *camouflage* that various cypherpunks promote, apparently up to > the highest levels of `leadership', is IMHO inherently subversive. > Because no one here seems to be afraid of subversion and anarchy, and > even embraces it, let me go further and say it is *destructive* not > only to societies but to *any* social interaction, even interpersonal. > IMHO It is not just a recipe for anarchy, it is a recipe for chaos and > barbarianism, *particularly* when associated with personal mail > (including mailing lists). How is this destructive? If I see a man on the street, and later that night go out to a local concert, and am entertained by a "woman" singer that is actually the man I passed that morning, in drag, what damage has been done? Has my life suddenly been shattered, the fabric of society ripped apart, because I've see the same physical person in 2 outfits, and was none the wiser? If I "meet" 2 "individuals" virtually on the net, and they are the same person, how have I, or the net, been harmed? Provided no one is trying to defraud me, what have I lost? What have you lost? And whoever it is behind the multiple idents may actually GAIN, if they are the sort of person that cannot fully express themselves without playing a role (which is a signifcant proportion of the people in the world). Who are YOU to take that away from them? This whole line of argument strongly reminds me of the the one that goes like this: online communication is a bad thing, because people don't behave like their true selves, and misrepresent themselves. We should ban computer mediated communcation, because it is a heartless sham, a cold fraudulent falsehood, and will be misused by the schizoprenic and the sociopathic. > In fact, apparently not only are `some' cypherpunks in favor of `black' > postings, they are in favor of *concealing* the very existence of the > capability, so as to potentially manipulate and brainwash others in an > undetected concerted conspiracy! I think I will define this as `evil blackness'. Puh-leeeeze. I discard this conspiracy theory on the basis that you accuse them of what you would yourself do: keep people from using the capability [whether it's true or not is irrelevant]. > now, I just want to make the distinctions clear for the survey, which > follows. The survey will help me determine the extent of `blackness' > and `evil blackness'. I take that back, this isn't Tolkienish, it's Lovecraftian. I would like to remind you that "evil" is a term from "morals", which are baseless and have no universality outside the closed group. If you wish to discuss whether using pseudonymy in this manner is *ethical* or not, then by all means please do so. > 1. What is your `true name'? Stanton McCandlish > > 2. Do you have a unique online identity other than your true name? Yes. > 3. How long have you been on the internet? a few years (depends on how you wish to define "the internet". > 4. How many mailing lists are you on? At my peak, which I am reaching again, about 25 or more; counting newsgroups, Fido echos, and the like, I follow several 100 online conferences, again at peak. > 5. Are `black' / `camouflaged' identities feasible or possible on the > internet today? If so, how in particular? Comment on public access and > UUCP sites if possible. Certainly. Sign up with Netcom as "John Bigboote" and presto. With UUCP, Fido <-> UUCP gating, or pure Fido or QWK mail, I can generate as many personae as I wish. > 6. To what extent do you think `camouflaged' identities exist on the > internet currently? To a large extent, and growing, though probably less than 1% of personae on the net are fake. > Where are they used? Where are they NOT used? >What mailing lists or > newsgroups are particularly dense with `black' postings? soc.culture.african, soc.culture.african.american, bit.tech.africana, rec.music.afro-latin. > Have you ever > received any in email? To be serious again, who knows? I think it highly likely. > 7. Have you ever posted under a `camouflaged' identity? if so, where? How often? Certainly. Not that often, but it comes in handy. > 8. Are you aware of any potential `abuses' of `black' messages? Has it > turned into a big problem anywhere? Do you have any horror stories? Are > there any `cabals' or `silent conspiracies'? have any debates or > projects been `poisoned' or `sabotaged'? No this is silly. For one thing, all it takes to veryify in the case of fraudulent use of another's name or reputation (i.e. posing a non-existent big-wig at IBM) is a phone call. > 9. Are you neutral on the capability of `black'/`camouflaged' messages, > or do you strongly promote/support or condemn it? Is it harmless or dangerous? I am neutral on it, just as I am neutral on the issue of what anyone does with any tool or capablility. When it is attacked however, I am in support if of (the tool, not the attack). > 10. Is society aware of `black messages'? if not, what would `they' > think in general? if so, what is the consensus on the practice? I think so. I think it is immediately apparent to anyone that uses this medium more than casually and for a short time that all is not as it seems and that forgery of postings is not particularly surprising. > 11. Is it fundamentally technically impossible to prevent *widespread* > black messages if there was an incentive or consensus to do so? Or is > it feasible with technology? Anything is feasible. The question is what price will you pay to remove this capability from the system? (incl. human costs, not just monetary ones.) No one needs you to protect us from ourselves or eachother. > 12. What are internet policies in general on `black' messages? What > should they be? Should they be restricted and prevented? allowed? Keep > in mind the distinctions of posts to mailing lists, Usenet posts, and personal mail. What is an "internet policy in general"? I have yet to see such a thing. There would appear to be no RFCs on the subject if that is what you mean, and netiquette doesn't seem to mind, it THAT's what you mean. I'm not sure the next questions under section 12 have any relevancy to anything. Please define "should". Who get's to decide what "should" be done? It might be better to ask "what is feasible" and "is there any reason NOT to allow psuedonymity in whatever form it takes, provided one does not step on the rights of others?" Thing is I don't think you could stop it, unless you completely restructured the net, at all levels from the mail software to the societal structure. > 13. Please list any resources on this subject: email addresses of > specialists, pointers to papers, etc. Have none for you, probably because it's a non-issue. Sorry to seem like I'm going off on you, but I just don't see the reason in this entire line of rambling and fingerpointing. There are certainly more important things to get excited and active about. -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From bill at twwells.com Tue Oct 26 14:07:47 1993 From: bill at twwells.com (T. William Wells) Date: Tue, 26 Oct 93 14:07:47 PDT Subject: anti-social behavior In-Reply-To: <9310260646.AA04776@kropotkin.gnu.ai.mit.edu> Message-ID: : (Does anyone want to know why I'm so incensed. Check out ASAR for : awhile. Understand that this person's behavior, and excuse : making, is indistinguishable from the abuse that makes that : newsgroup necessary.) ASAR stands for "alt.sexual.abuse.recovery", a newsgroup I run an anonymous server for. This group actually has survivors of all sorts of abuse, including the verbal abuse that rjc perpetrated. From pdn at dwroll.dw.att.com Tue Oct 26 14:32:39 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Tue, 26 Oct 93 14:32:39 PDT Subject: Enough! Message-ID: <9310262132.AA03113@toad.com> Hello, all! The Detweiler-flaming is getting out of hand, folks. Some of you have individual gripes with him, and I recognize your right to carry on conversations via e-mail, but I (for one) am thoroughly sick of looking at this latest wave of gratuitous harassment. There are plenty of arenas that provide this sort of entertainment; if the best you can do with your Internet access is send 'nyah-nyah-nyah' messages, I suggest that you log into some local PC bulletin boards and flame away. (Those of you with multiple personalities and/or avatars can flame yourselves; you'll get better response time that way anyway. ). The death threats are particularly infantile, regardless of whether or not they were meant as some sort of obscure joke. The reason coffee houses don't normally have bouncers is that they normally don't _need_ them; in our case, I hope we can move past this disruptive behavior and keep the coffee house crowd from permanently polarizing into opposing camps. If that happens, I think we'll lose whatever benefit there is to be had from this sort of forum. I appeal to all of us to reconsider the motives that led us to the 'punks to start with - are we 'cypherpunks' who 'write code' and 'have fun,' or are we just 'punks' who try to impress one another with how vicious we can be? There is a big difference. Newbies : If you think that there is stature to be gained by joining in this sorry spectacle, think again. The only place you can gain respect by abusing someone else is a street gang (or the U.S. Congress, perhaps). ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From janzen at idacom.hp.com Tue Oct 26 14:37:47 1993 From: janzen at idacom.hp.com (Martin Janzen) Date: Tue, 26 Oct 93 14:37:47 PDT Subject: Canon copiers In-Reply-To: <9310221617.AA00624@jobe.shell.portal.com> Message-ID: <9310262136.AA04460@loki.idacom.hp.com> Hal Finney writes: >The thing that makes me skeptical about this copier story is this: the >money could have any orientation and position on the page. [...] Yes. But the thing that makes _me_ skeptical is that there are many kinds of currency in the world besides the US dollar. A counterfeiter could simply copy a stack of bills that aren't in the copier's database (eg. one of the new currencies issued by countries that were part of the former Soviet Union), then head on down to the nearest foreign exchange office. >However, there is another possibility, which is to look at hte color of >the bills. This wouldn't do the job either. Our Canadian bills, for instance, come in a different color for each denomination. Bills from New Zealand and Thailand, among others, come in a range of colors _and_ sizes. So your copier would have to have quite the database... And what about changes? The Canadian mint has been altering a number of bills to add better security features. Any color copier owners out there receive mysterious, unsolicited "preventative maintenance" visits lately? >In short, I'm pretty sure that there is a lot of disinformation going around >designed to scare people away from trying it. Agreed. I think we can put an end to _this_ thread, at least! -- Martin Janzen janzen at idacom.hp.com From pmetzger at lehman.com Tue Oct 26 14:47:46 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 26 Oct 93 14:47:46 PDT Subject: anti-social behavior In-Reply-To: Message-ID: <9310262143.AA20264@snark.lehman.com> T. William Wells says: > : (Does anyone want to know why I'm so incensed. Check out ASAR for > : awhile. Understand that this person's behavior, and excuse > : making, is indistinguishable from the abuse that makes that > : newsgroup necessary.) > > ASAR stands for "alt.sexual.abuse.recovery", a newsgroup I run an > anonymous server for. This group actually has survivors of all > sorts of abuse, including the verbal abuse that rjc perpetrated. Ray was being silly and I don't think his message was productive, but anyone who cannot deal with someone making a silly and obviously not-to-be-acted-upon threat is likely to crumple the first time a car honks at them. I would suggest that such individuals are not the ones we build society around -- were we to try to do so, almost all human activity would have to cease. Out in the world there exist people who are so damaged that the sight of a knife makes them go into a fit. (The technical name for this condition is balenophobia I belive, although I am almost sure I have the spelling wrong). We have not as a society decided to eat with chopsticks to keep such people from being confronted with things that scare them. Perry From mech at eff.org Tue Oct 26 15:02:37 1993 From: mech at eff.org (Stanton McCandlish) Date: Tue, 26 Oct 93 15:02:37 PDT Subject: TELECOMMUNICATIONS POLICY ROUNDTABLE -- a cast of billions (fwd) Message-ID: <199310262200.AA16091@eff.org> TELECOMMUNICATIONS POLICY ROUNDTABLE FOR IMMEDIATE RELEASE CONTACT: Jeff Chester OCTOBER 26, 1993 (202) 628-2620 New Coalition Unveils Public Interest Blueprint for America's 21st Century Telecommunications Highway Washington, DC -- A new coalition, the Telecommunications Policy Roundtable, is calling on Americans to make their voices heard on seven vital issues of communications policy. The coalition's goal is the creation of new approaches to building our nation's emerging information infrastructure. The Telecommunications Policy Roundtable is a public interest coalition of more than seventy organizations. Its statement of principles comes less than a month after the Clinton administration released its own blueprint: "National Information Infrastructure: Agenda for Action." The Clinton program envisions a national network linking computer, telephone and television technologies. The statement also follows dramatic developments in the telecommunications industry, including the planned merger of Bell Atlantic and Tele-Communications Incorporated (TCI). The statement, entitled "Renewing the Commitment to a Public Interest Telecommunications Policy," outlines a series of principles, and introduces them with this credo: "We believe that the following principles must guide policymaking in order to ensure that future generations inherit an information infrastructure which enhances the quality of life for everyone." The seven principles are: o Universal access -- In our information age, everyone has a right to affordable news, education and government information. Information that is essential to the functioning of citizens in a democracy should be free. o Freedom to Communicate -- Information is a two way street. The design of the new networks should aid two-way audio and video communication from anyone to any individual, group or network. o Vital civic sector -- The new networks should allow all groups and individuals to freely express their ideas and opinions. The new networks should include a way for us to build communities. o Diverse and competitive marketplace -- No one should ever control both the wire or wires into our home and the content of the programs that go over those wires. o Equitable workplace -- workers must be valued and protected in the new electronic workplace. Nondiscriminatory practices must form the core of the new information marketplace. o Privacy protection -- Privacy should be carefully protected and extended. o Democratic policy making -- Every American deserves to be heard on this complex set of issues. The coalition meets monthly in Washington, DC. A complete list of member organizations is attached. TELECOMMUNICATIONS POLICY ROUNDTABLE Member Organizations List Current Through October 26, 1993 Alliance for Community Media Alliance for Public Technology American Arts Alliance American Association of Law Libraries American Civil Liberties Union American Council of the Blind American Library Association Arts Wire American Speech-Language-Hearing Association Association of America's Public Television Stations Association of Research Libraries The Benton Foundation Boston Computer Society, Public Service Committee Center for Civic Networking Center for Excellence in Education/Advanced Engineering Research & Associates Center for Media Education Center for Policy Alternatives Computer Professionals for Social Responsibility Computer Researching Association Consortium for Citizens with Disabilities Consortium of Social Science Associations Consumer Federation of America Coalition for Networked Information Electronic Frontier Foundation Gallaudet University Government Accountability Project High Performance, an arts magazine The Information Trust Institute for Public Representation Institute for Alternative Journalism Iris Network for Teachers, an on-line system on the MetaNetwork The Legacy Project Libraries for the Future Lowenstein and Associates Media Access Project Medical Library Association Minority Legislative Education Program National Alliance of Media Arts and Culture National Association for the Deaf National Association of Artists Organizations National Capitol Area Public Access Network (CapAccess) National Center for Law and Deafness National Citizens Communications Lobby National Coalition on Black Voter Participation National Coordinating Committee for the Promotion of History National Federation of Community Broadcasters National Learning Foundation National Security Archive National Writers Union (Local 1981 UAW) New York Foundation for the Arts OMB Watch People for the American Way Public Citizen Public Service Telecommunications Corporation Seattle Community Network Self Help for Hard of Hearing People, Inc. SLONET Special Libraries Association Sports Fans United Taxpayer Assets Project The Technology Education Council of Somerville (Massachusetts) Telecommunications for the Deaf, Inc. Telecommunications Committee, National Association for the Deaf Telecommunications Section of the Community Development Society TVFA, Television for All Telluride Institute/InfoZone Unison Institute United Cerebral Palsy Associations, Inc. U.S. Public Policy Committee of the Association for Computing Machinery World Institute on Disability Writers Guild of America, East, Inc. ~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~ For more information about the Telecommunications Policy Roundtable, please contact Jeff Chester at the below address. C E N T E R F O R M E D I A E D U C A T I O N 1511 K Street, NW, Suite 518 Washington, DC 20005 Telephone: (202) 628-2620 Fax: (202) 628-2554 Internet: cme at access.digex.net -- -=> mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX From cman at IO.COM Tue Oct 26 15:07:47 1993 From: cman at IO.COM (Douglas Barnes) Date: Tue, 26 Oct 93 15:07:47 PDT Subject: Net Regulation In-Reply-To: <199310261432.AA28584@panix.com> Message-ID: <9310262201.AA17193@illuminati.IO.COM> Basically, Duncan, I agree with you as to the *desirability* of the outcome you describe, I'm just not as sure of its feasability. Re: Cheating in place Yes, folks cheat on their taxes, especially self-employed ones. But this is widely resented, and brings cries from the vast majority to sock it to those who fail to comply. Look at the blase acceptance by the populace of the draconian measures taken in the War on Drugs. Will similar measures be condoned in the War on Electronic Tax Cheats? We've seen how little is required for a chilling effect to take place vis-a-vis PGP, and how it's undercut its acceptance as a standard; if the FIDO-net folks can't be persuaded to take PGP messages, how are you going to persuade a substantial fraction of information workers to face much more serious criminal penalties? You're much more likely to end up with a sub-critical mass of folks who are periodically victimized by no-knock raids, property confiscation, etc. Re: Moving to cheat Certainly at present information entrepreneurs can slip through the tax laws as they apply to the notion of residence in a foreign country. It's fun, it's legal, and I've done it; I don't see it ever becoming a big trend for all but one or two percent of the population. Maybe big enough to get some governments to collude on grabbing folks and making them cough up taxes, maybe not. Will information technology bring down the government? I'd like to think so, but I don't see it happening in the next 10-20 years. I'm actually more concerned that, misused, it could re-empower the government to stick its nose in places where it doesn't belong. (Note: I use the word 'cheat' despite the fact that I take an extremely dim view of most government activites and taxes, simply because that's how it's going to be reported in the media if it ever becomes significant. It's how the hypothetical 'man on the street' who, say, fixes appliances for a living and has only the vaguest notion of your underlying philosophy, will view your activities.) -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From peb at PROCASE.COM Tue Oct 26 15:12:38 1993 From: peb at PROCASE.COM (Paul Baclace) Date: Tue, 26 Oct 93 15:12:38 PDT Subject: help/subscribe Message-ID: <9310262207.AA05658@banff.procase.com> >It seems I perpetrated a vile and offensive error in sending a subscribe >request directly to the list. I don't get offended, I just save the subscribe/unsubscribe message in a special folder that I will use to train a learning algorithm to recognize these kinds of requests. Then, I will create a program that detects these so that mailing lists everywhere can automatically bounce messages back to the sender with specific message like "please send un/subscribe messages to fubar-request at node.com". In other words, thanks for your example. Anyone who sends me examples will benefit this project. (But don't send examples from cypherpunks--I already get them.) If anyone has suggestions for implementation that maximizes applicability (e.g., I could write a C program that reads stdin or a named file and returns a status code), please let me know. Paul E. Baclace peb at procase.com From arthurc at crl.com Tue Oct 26 15:12:45 1993 From: arthurc at crl.com (Arthur Chandler) Date: Tue, 26 Oct 93 15:12:45 PDT Subject: : a desperate please In-Reply-To: <9310261357.AA07695@toad.com> Message-ID: Can't we be a little nicer, and talk about the ISSUES instead of the posters? Let's agree that spoofing/anonymity is no good if (1) you post as William Gibson and you're NOT William Gibson, or (2) you post as LD, TM, AC, EH, or anyone else on this list if you are not that person. (1) and (2) aren't instances of spoofing: they're instances of impersonation and fraud. Anyone got a problem with all that? OK, on to the next issue: Why would you want to build up a pseudonymous reputation? I ask this question not in a contentious manner, but out of a real desire to turn the discussion into a thread where encryption, privacy, alternate identities, etc. can be talked about in a lively, but not angry fashion. (Hmmm, that sounded kinda pompous; but bear with me!) Isn't it tough enough to build up a rep under our real names? What is the point to using a pseudonym? I can think of some bad reasons; but I can't come up with any good ones, except for "fun" and "just to see what it feels like to put out opinions not my own." I'm sure I'm missing the point; so, before you jump on me as a Clueless Newbie, can you run by the reasons why you want to have alternate personas on the NET? A story to lighten up the atmosphere: On MediaMOO, I have a virtual puppet. I've coded the puppet -- named Apprentice Dragon -- to follow me around; and I can speak or emote through him too. Regulars on MediaMOO know he's my puppet; newbies are amazed at first, but soon learn to identify the puppet with its owner. Now, a couple of weeks ago I was in the middle of a heavy Real Time discussion at MediaMOO. I offered an opinion; then, just for the heck of it, I had the Apprentice Dragon contradict me. And danged if everyone didn't agree with the dragon! Maybe this is a lesson I should apply to pseudonymous identities. Or maybe not. So why try for a pseudonymous rep? All replies cheerfully considered. From frc%bwnmr4 at harvard.harvard.edu Tue Oct 26 15:22:38 1993 From: frc%bwnmr4 at harvard.harvard.edu (Fred Cooper) Date: Tue, 26 Oct 93 15:22:38 PDT Subject: LD Message-ID: <9310262220.AA24358@bwnmr4.harvard.edu> -----BEGIN PGP SIGNED MESSAGE----- Len, Do you want to me start taking you seriously again? (I used to. You posted some great stuff.) Try signing your posts. Prove your identity. Then maybe I'll start believing that the same guy who wrote the anonymity faq is losing his marbles over spoofs. FRC -- -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLM2ikbbAlE4AqlTZAQFV5gP+IZE8VupNW6iJxinLlQreJAV8HWXwXyAz sUOsqLUAcN6T75iFjM+X8fprUVhQFci5Nq1IfpPLWZpOmL9TVdoBmtlSX3EFOpdB nX7aaq3FN2b0v5Rd5PAJlvY3fbSDDWRdEx6n4zI6l7Adc8+8iHeJqdpHUSjy8uak TjNJpZSNYHQ= =npG/ -----END PGP SIGNATURE----- From pierre at shell.portal.com Tue Oct 26 15:37:46 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Tue, 26 Oct 93 15:37:46 PDT Subject: DC-nets, up from the basic concept Message-ID: <9310262234.AA05579@jobe.shell.portal.com> A few pseudonymous questions went astray and landed in my mail box among a few others (without much of a return address too... the problems of anonymity) So I'll volunteer some possible answers, and while doing so will generate more questions :-). Others feel free to elaborate (especially thoses who HAVE read the papers) Still, no mention of detweil(er)ing will be made :-) although I will mention spoofing... 1) "PHYSICAL LAYER" =================== Q: How do you implement the idea that I can see my coin and the coin on the left, but no others? A: You use public key cryptography. You join a "table" by contacting one of the persons already at the "table". He hands you address and public key of (say) his right neighbor, and you hand him your address and your public key. Each time you "toss a coin" you encrypt it and send it to his ex right neighbor (now your right neighbor). You use the same public key protocols to send out to everybody your "different/same" vote, and collect and count everybody elses. It's easy to add and remove individuals, and you can be part of as many "tables" as you want. 2) MORE SPOOFING ================ New question: how do you make sure you are not spoofed to death, and (mis)led to join a "table" of, say, 126 personae of the same three letter entity, and Yourself. In which case, your messages are not very untraceable anymore? Not very satisfying answer: you meet in person your left AND right neighbor at least once to exchange address and keys... Any better answer? 3) GROUP RESPONSIBILITY AND HIGHER LAYERS ========================================= Q: couldn't every member of the group be implicated because they must all participate to produce the bit of information? A: No, when a "table" is established, what you have is a CSMA/CD network in the classical sense (CSMA/CD = Carrier Sense Multiple Access/ Collision Detection) just like Ethernet is one. Your "DC-net physical layer" is now very complicated, and multi-layered itself, but that only affects speed, not much else. You could (maaaybe :-( establish the layering: Coaxial - Ethernet - IP - TCP / Telnet - RFC822 email - PEM - DC-net - IP - TCP / Telnet - RFC822 email - PEM Except that now, your second layer of TCP/IP is untraceable. By the same token (sorry :-), once you have these protocols established for one "table", you can internetwork many "tables" at will. Poof! Inter-DC-net! But, boy, would the above implementations be slow :-) In any case, even though the participants of any network must cooperate for any message to go through (especially true in the case of Usenet, or FIDO, for example), it is hard to hold all the participants responsible for every message just for being part of the infrastructure. It would be different (even with todays networks), if a large proportion of the messages were CLEARLY illegal. Still, even now, it is impossible to tell whether an encrypted message's content is illegal or not (see the previous netnews discussion with respect to FIDO, mail privacy and encryption), and peeking in un-encrypted email is illegal, depending on caller contract. So I would, until contradicted by the legal types among us, consider a DC-net or Inter-DC-net no different legally, than any other cooperative network out there (Usenet, FIDO, internet...), until specifically regulated. Disclaimer: Of course, this is only a technical opinion, legal decisions may or may not consider the technical precedents :-) Reasonable technical arguments have as much weight legally as unreasonable ones (or so it seems at times) (meaning: of course, I'm not a lawuer) Pierre. pierre at shell.portal.com From pierre at shell.portal.com Tue Oct 26 15:52:45 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Tue, 26 Oct 93 15:52:45 PDT Subject: DC-nets, up from the basic concept Message-ID: <9310262252.AA06685@jobe.shell.portal.com> > You could (maaaybe :-( establish the layering: > > Coaxial - Ethernet - IP - TCP / Telnet - RFC822 email - > PEM - DC-net - IP - TCP / Telnet - RFC822 email - PEM Before somebody takes the above tooooo seriously, I'll add that it would take major work to modify TCP/IP to function as the second "TCP/IP" layer in the example above. This is because TCP/IP relies on dialogs between machines/nets instead of broadcasts (at least at the internetwork level), so messages should be traceable back to an inter-DC-net "table", but could not be traced back to a specific host. Pierre pierre at shell.portal.com From fnerd at smds.com Tue Oct 26 16:20:26 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Tue, 26 Oct 93 16:20:26 PDT Subject: h Message-ID: <9310262311.AA20812@smds.com> ------BEGIN PGP SIGNED MASSAGE------ Cpunx-- Sorry for the premature post on signatures in Mush. I looked at the sources to figure out how to use it. If you want to append a multiline signature to your messages without adding the gratuitous "\n--\n", do something like this in your .mushrc: set autosign='\-fnerd\n\ quote me' I'll pass on any other relevant tidbits I receive by email. And thanks to Eric Hughes for getting me off my butt for a bit. -fnerd quote me -----BEGIN PGP SIGNATURE----- Version: 2.3a +aKxB8nktcBAQHabQP/d7yhWgpGZBIoIqII8cY9nG55HYHgvtoxiQCVAgUBLMs3K ui6XaCZmKH68fOWY ySKAzPkXyfYKnOlzsIjp2toust1Q5A3/n54PBKrUDN9tHVz 3Ch466q9EKUuDulTU6OLsilzmRvQJn0EJhzd4pht6hanC0R3seYNhUYhoJViCcCG sRjLQs4iVVM= =9wqs -----END PGP SIGNATURE----- From jim at bilbo.suite.com Tue Oct 26 16:27:45 1993 From: jim at bilbo.suite.com (Jim Miller) Date: Tue, 26 Oct 93 16:27:45 PDT Subject: Enough! Message-ID: <9310262303.AA00802@bilbo.suite.com> "Philippe_D_Nave" writes... > Newbies : If you think that there is stature to be gained by > joining in this sorry spectacle, think again. The only > place you can gain respect by abusing someone else is a > street gang (or the U.S. Congress, perhaps). > Pretty presumptuous of you to attach a motive to my post. I don't think my post was abusive, and I didn't post it in an attempt to "gain stature". Jim_Miller at suite.com From crypt at io.org Tue Oct 26 16:32:38 1993 From: crypt at io.org (Matt Harrop) Date: Tue, 26 Oct 93 16:32:38 PDT Subject: How do I unsub Message-ID: Could some kind person tell me how to get myself off this list. The signal-to-noise ratio has become far to high. From ebrandt at jarthur.Claremont.EDU Tue Oct 26 16:47:47 1993 From: ebrandt at jarthur.Claremont.EDU (Eli Brandt) Date: Tue, 26 Oct 93 16:47:47 PDT Subject: why pseudonyms? In-Reply-To: Message-ID: <9310262347.AA04346@toad.com> > From: Arthur Chandler > Isn't it tough enough to build up a rep under our real names? What is > the point to using a pseudonym? I can think of some bad reasons; but I > can't come up with any good ones, except for "fun" and "just to see what > it feels like to put out opinions not my own." An obvious reason would be that you don't want what you say to be associated with your truename. You might be discussing past sexual abuse, the nefarious behavior of your employer, your relationship problems, or the finer points of heroin use. You may say, "Well, that's just anonymity". It could work that way, but it may be more valuable to be able to carry on a discussion under a fixed pseudonym. Context and continuity are lost if all messages are totally anonymous. It might be wise to conduct even relatively innocuous behavior under a pseudonym, if you're concerned about personal privacy versus a "dossier society". Archives of Usenet news will make a great marketing database some day. Eli ebrandt at jarthur.claremont.edu From chrome at jhunix.hcf.jhu.edu Tue Oct 26 17:32:44 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Tue, 26 Oct 93 17:32:44 PDT Subject: sure... Message-ID: ..I'll do my best to provide you with some literature on behavior control. I've got midterms this and next week, so a more complete bibliography will have to wait for a few. One book which I can say is a good intro to the topic is B. F. Skinner's _Beyond Freedom and Dignity_. It isn't as scientifically rigorous as most psych texts I've seen, but it's a good start if you want to really pursue the topic. Hannah Arendt's _Totalitarianism_ looks a bit into the nature of behavior control from a poli sci view. There are more, and I'll create a list ASAP. Later, Alex From DON_HENSON at delphi.com Tue Oct 26 17:37:47 1993 From: DON_HENSON at delphi.com (DON_HENSON at delphi.com) Date: Tue, 26 Oct 93 17:37:47 PDT Subject: CyberDesk Message-ID: <01H4KXYVPWFS90NUPM@delphi.com> A recent article in CompuServe Magazine concerning encryption made passing mention of a Nan Atwell of CyberCorp and a product called 'CyberDesk' which gives users a single windows interface to multiple e- mail and public information systems and has a seamless hook to third- party encryption programs of the users choice. Unfortunately, the article failed to include any contact info. Does anyone know how I can contact Nan Atwell or CyberCorp? An email address would be ideal but a vox phone number, a USnail address, or even a (Yuck!) fax number would be sincerely appreciated. Please respond via private email (Don_Henson at delphi.com) if you can help me. Don Henson PGP key avail on server or on request From jpp at markv.com Tue Oct 26 18:37:47 1993 From: jpp at markv.com (jpp at markv.com) Date: Tue, 26 Oct 93 18:37:47 PDT Subject: ADMIN: proposed new policy on the mailing list In-Reply-To: <199310241732.AA23689@ucsu.Colorado.EDU> Message-ID: <9310261837.aa19521@hermix.markv.com> I personaly like this non-standard way to sign posts, cut out the lines in the header, wrap them with the apropriate PGP gubbish, and check it as a detached signature. j' -- O I am Jay Prime Positive jpp at markv.com 1250 bit key fingerprint = B8 95 E0 AF 9A A2 CD A5 89 C9 F0 FE B4 3A 2C 3F 524 bit key fingerprint = 8A 7C B9 F2 D5 46 4D ED 66 23 F1 71 DE FF 51 48 Public keys by `finger jpp at markv.com' or mail to pgp-public-keys at pgp.mit.edu Your feedback is welcome, directly or via symbol JPP on hex at sea.east.sun.com From pdn at dwroll.dw.att.com Tue Oct 26 18:52:39 1993 From: pdn at dwroll.dw.att.com (Philippe_D_Nave) Date: Tue, 26 Oct 93 18:52:39 PDT Subject: Enough! In-Reply-To: <9310262303.AA00802@bilbo.suite.com> Message-ID: <9310270151.AA06428@toad.com> > > > "Philippe_D_Nave" writes... > > > Newbies : If you think that there is stature to be gained by > > joining in this sorry spectacle, think again. The only > > place you can gain respect by abusing someone else is a > > street gang (or the U.S. Congress, perhaps). > > Pretty presumptuous of you to attach a motive to my post. I don't think my > post was abusive, and I didn't post it in an attempt to "gain stature". > > Jim_Miller at suite.com > I have replied to several 'please subscribe me' posts over the last few days, explaining how to contact Eric and get on the list. Looking over the free-for-all of the past several days, I could see where newcomers to the list would think this is the norm, rather than (hopefully) a passing phase. Did I attach a motive to your post? No. Did I make any comment about your motives? No. Did I hit a nerve? Looks like it. The 'Enough!' post was intended to point out how inappropriate this latest round of character assassination has become. I should not have included the specific instance of the knife/gun message without also mentioning the use of the term 'detweilering', which is another example of the same phenomenon. For that, I apologize. Quoting that specific case makes it look like I'm hammering that particular author, and that was not my intent. (I've forgotten who posted that one anyway- unlike the legendary S. Boxx, I haven't got the file space to keep my mail forever). At any rate, be assured that I did not intend to single you out. ........................................................................ Philippe D. Nave, Jr. | The person who does not use message encryption pdn at dwroll.dw.att.com | will soon be at the mercy of those who DO... Denver, Colorado USA | PGP public key: by arrangement. From 1 at eternity.demon.co.uk Tue Oct 26 18:52:46 1993 From: 1 at eternity.demon.co.uk (Russell Earl Whitaker) Date: Tue, 26 Oct 93 18:52:46 PDT Subject: MEETING: UK Cryptoprivacy Association Message-ID: <20804@eternity.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- UK Cryptoprivacy Association meeting Date: Sunday, 31 October 1993 Time: 1430 At the offices of: FOREST 4th floor 2 Grosvenor Gardens London SW1W 0DH [ FOREST is located at the corner of Grosvenor Gardens and Hobart Place, a couple of blocks west of Victoria Station. There is a taxi shelter across the street from the office. Those who have trouble finding this location can page Russell Whitaker on 081-812-2661, and stand by the payphone or cellphone for a callback. ] The UK Cryptoprivacy Association has its roots in the U.S. cypherpunk advocacy of strong personal cryptography. The next UKCA meeting, to be held at the offices of FOREST (see the above), will feature roundtable discussion on such issues as: - The recent well-publicised discovery of a larger number of U.S. National Security Agency (NSA) electronic listening posts than had been previously suspected; - Further news on the spread of freely-available public key cryptography software in Eastern Europe, Russia, and the Transcaucasian states; - The status of the various UK and Moscow PGP public key servers and software archive sites, with input from a couple of maintainers of these services in the UK; - The implications of the legal controversy surrounding the development and distribution of PGP encryption software in the U.S., with further discussion on the possibility of volunteer contributions to Phil Zimmermann's legal defence fund; - Introduction to public key cryptography for novices Attendees are encouraged to bring and exchange diskettes with their PGP public keys. A few of us will bring along our MS-DOS laptops, to sign public keys on site. In the interest of speeding things along, it is recommended that all keys signed at the meeting be submitted later, with their newly appended signatures, to the PGP Key Server at Demon Internet Services. Send a message with the subject line "help" to pgp-public-keys at demon.co.uk, for more information. PGP (Phil Zimmermann's "Pretty Good Privacy") public key encryption software can be obtained by ftp from, among other places, ftp.demon.co.uk in the directory /pub/pgp. Versions include, but are not limited to, Unix, MS-DOS, Archimedes, and MacOS. Full source code is available. This meeting will also feature discussion on the upcoming First European Conference on Computers, Freedom and Privacy (ECFP '93) to be held on 20 November 1993, which will feature speakers including John Gilmore, David Chaum, and Duncan Frissell, as well as a representative of the UK's Data Protection Registry. Russell Earl Whitaker ECFP Ventures Ltd -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLLTAC4Tj7/vxxWtPAQGxdQP9G7uFHCcLJeSTTOBKYFBck2PpVk/jvWyM bxRg0stdjuWpHkIIZHAq4koh9BfUo46N3WOIG95SlfuRLVxzm3WmvKV7PJKhyfdh pFoYIwB2UcAknLPJva5eFBpi1VdDAMqv9G7qQfkoJQGXNAOlmh9GKhZkeLIeqVwv qfb7Q2SjLaI= =4OyJ -----END PGP SIGNATURE----- Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) Co-organizer, 1st European Conference on Computers, Freedom and Privacy, London, 20 November 1993 From 1 at eternity.demon.co.uk Tue Oct 26 18:55:51 1993 From: 1 at eternity.demon.co.uk (Russell Earl Whitaker) Date: Tue, 26 Oct 93 18:55:51 PDT Subject: CONFERENCE: The Security Services: Are They a Threat to Freedom? Message-ID: <20812@eternity.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- Libertarian Alliance One Day Conference THE SECURITY SERVICES: ARE THEY A THREAT TO FREEDOM? Date: Sunday, 14 November, 1993 (PLEASE NOTE THAT THIS CONFERENCE IS ON A SUNDAY, AND NOT A SATURDAY AS IS OUR NORMAL PRACTICE) Admission: 5.00 pounds UK per person. By ticket only. Venue: The Jubilee Room The New Cavendish Club 44 Great Cumberland Place (entrance in Upper Berkeley Street) London W1H 8BS (Nearest tube: Marble Arch) 10.30am - 11.00am Arrival - Tea and Coffee will be served Introduction by Simon McIlwaine, Conference Chairman 11.00am - 12.00pm Brian Crozier "The Security Services and Their Role in A Free Society" 12.00 Noon - 12.30pm Discussion Brian Crozier is one of Britain's leading thinkers and writers on foreign policy and defence issues. His books include Strategy of Survival, The Rebels, A Theory of Conflict, Neo- Colonialism, The Future of Communist Power, The Minimal State and The Struggle for the Third World. His autobiography, Free Agent, was published this year and extracts were serialised in The Times. 12.30pm - 1.30 pm Lunch Break 1.30pm - 2.30pm Robin Ramsay "Unsupervised and Uncontrolled: The Problem of Security Services in a Free Society" 2.30pm - 3.00pm Discussion Robin Ramsay is editor of Lobster, Britain's premier, and highly respected journal on parapolitics, "conspiracy" and the "secret state". He is co-author of Smear: Wilson and the Secret State and has contributed to a wide range of publications, including Tribune, Open Eye, and The Times Higher Education Supplement. 3.00pm - 3.15pm Tea Break 3.15pm - 4.15pm Larry O'Hara "Searchlight Magazine: A Case Study in Secret State Media Manipulation" 4.15pm - 4.45pm Discussion Larry O'Hara is an independent researcher into fascism and the "secret state". He is currently completing his Ph.d on "The National Front, 1986-1990" at Birckbeck College. His articles include "Notes From the Underground: British Fascism 1974-1992" in Lobster and "British Fascism: The Persistence of Anti-Semitism" in Return. 4.45pm - 5.45pm Brian Micklethwait "What Should Libertarians Do About the Spies?" 5.45pm - 6.15pm Discussion Brian Micklethwait is Editorial Director of the Libertarian Alliance. He appears regularly on British television and radio on behalf of the LA as well as speaking widely at universities and political meetings. As well as his writing for the LA, he has contributed to such publications as Economic Affairs, Gay News and Ideer Om Frihet. 6.15pm Close of Conference - --------------------------------------------------------------------- Please send me ... ticket(s) for the LA Conference "The Security Services: Are They a Threat to Freedom?" on Sunday, 14 November, at 5.00 pounds UK each. I enclose a cheque/postal order/cash payable to the Libertarian Alliance, for ...... Name: .................................................... Address: ................................................. ................................................. ............................. Tel: .............. (Useful if we have to notify you of any last minute changes) _____________________________________________________________________ Please Return by First Class Mail to: Chris R. Tame Director Libertarian Alliance 25 Chapter Chambers Esterbrooke Street London SW1P 4NN -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLM0FDoTj7/vxxWtPAQGhQwQAuhIjIa11jqmRwIpb9JHQqwjaCa/3IhWH b34HfewITnM1q/lzTCdFk/YU/6cAGC+0rdinLjJcb1wadXo5wx+dyeScFr7yaEaN fAgD349hA03Xng8Wt0NLJVawPd9nguIeoslwMf6Z2m/iYa89xpfaRU/AvhUZg4lP 6A2DyUOXaI4= =F5u2 -----END PGP SIGNATURE----- Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) Co-organizer, 1st European Conference on Computers, Freedom and Privacy, London, 20 November 1993 From 1 at eternity.demon.co.uk Tue Oct 26 18:56:02 1993 From: 1 at eternity.demon.co.uk (Russell Earl Whitaker) Date: Tue, 26 Oct 93 18:56:02 PDT Subject: CONFERENCE: European Computers, Freedom & Privacy (ECFP) Message-ID: <20808@eternity.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- ECFP '93: The First European Conference on Computers, Freedom and Privacy The New Cavendish Club London, England 20th November 1993 Organised by ECFP Ventures Limited Co-operating organisations : The Libertarian Alliance Privacy International, UK UK Cryptoprivacy Association SCOPE - ---------------------------------- The widespread use of computers and communication systems has brought considerable benefits to our business and personal lives and will continue to change and shape the way in which we live. However, with those benefits come unprecedented threats to our personal privacy and potential for abuse. A variety of different models for protection of individual privacy in the electronic age have been suggested, ranging from state regulation to individual action through the use of strong cryptography. However, these solutions bring with them their own class of problems, including excessive state involvement in private matters and the frustration of law enforcement and national security objectives. The First European Conference on Computers, Freedom and Privacy will both provide an introduction to these issues and the technological developments that drive them, and examine different ways in which individual rights can be guaranteed. These questions are central to the preservation of a free society in the Information Age. John M. Brimacombe Conference Chair KEYNOTE SPEAKER - ---------------------------------- John Gilmore Email: gnu at cygnus.com JOHN GILMORE is Chairman of the Board of Cygnus Support, who provide commercial support for free software. As founder and board member of the Electronic Frontier Foundation and the Cypherpunks, he has campaigned extensively for electronic privacy. John will speak on building a society in which personal privacy is guaranteed through the use of strong cryptography. OTHER SPEAKERS - ---------------------------------- John Brimacombe (Chairman) Email: john at mantis.co.uk JOHN BRIMACOMBE is the Managing Director of Jobstream Group plc, developers of business software. A graduate in both law and computer science, he was an advisor to CFP '93 in San Francisco. John will serve as conference moderator. Simon Davies Email: davies at privint.demon.co.uk SIMON DAVIES is Director General of Privacy International and a member of the School of Law at the University of New South Wales. He will be looking at new developments in surveillance and ways of combating them. Tom Burroughes Email: tom at reptile.demon.co.uk (after 10 October 1993) TOM BURROUGHES is Deputy Chief Reporter with the East Anglian Daily Times in Ipswich, England. He will be giving a journalist's point of view on privacy issues, including recent incidents involving eavesdropping on cellular telephones, and the roles of various corporate and government bodies in the recent adoption of cellphone signal encryption standards in the UK. David Chaum Email: chaum at digicash.nl DAVID CHAUM is head of the Cryptography Group at the Center for Mathematics and Computer Science (CWI) in Amsterdam, and founder of DigiCash, which develops electronic payments systems. Dr. Chaum received his Ph.D. in computer science from the University of California, Berkeley, in 1982, and joined CWI in 1984. He helped to found the International Association for Cryptologic Research and remains active on its board. David also consults internationally on cryptology. Duncan Frissell Email: frissell at panix.com DUNCAN FRISSELL is an attorney, technical author and consultant on matters of personal and financial privacy. Duncan will speak on "Traditional Privacy in the Electronic Age". Elaine Fletcher ELAINE FLETCHER is Assistant Solicitor for Eric James Howe, Data Protection Registrar (UK). Elaine will speak on issues arising from the Data Protection regime established under the 1984 Data Protection Act. Chris Tame CHRIS TAME is the Director of the Libertarian Alliance and Director of the smokers rights group FOREST, as well as UK representative of the Libertarian International. He has written extensively for such academic journals as /Science and Public Policy/, /Economic Affairs/, and /The Jewish Journal of Sociology/, and such books as *The Case For Private Enterprise* and *The Politics of Crime Control*. He appears regularly on radio and television in the UK. Chris will speak on the libertarian views of data protection and privacy. Russell Whitaker Email: whitaker at eternity.demon.co.uk RUSSELL WHITAKER, conference co-organiser, is a consultant on electronic communications, a director of ECFP Ventures Ltd and communications editor of Extropy magazine. Russell will speak on the composition of, and influences upon, the electronic community in Britain today, and how public policy affects those on computer bulletin boards and online services. PROGRAMME - --------------------------------- Registration 9.30 - 10.00 am First session 10.00 - 11.30 am BREAK 11.30 - 11.50 am Second session 11.50 am - 1.20 pm BREAK 1.20 - 2.20 pm Third session 2.20 - 3.50 pm BREAK 3.50 - 4.10 pm Fourth session 4.10 - 5.40 pm PANEL SESSION 5.40 - 6.20 pm Closing remarks 6.20 - 6.30 pm Lunchtime is the break after the second session, and lunch itself is not included in the price of the conference. There are pubs and restaurants in the immediate vicinity. Coffee, tea and biscuits will be on sale through the day, however. Registration form: - --------------------------------- NAME _____________________________________ JOB TITLE _____________________________________ ORGANISATION/AFFILIATION _________________________ ___________________________________________ MAILING ADDRESS _____________________________________ ____________________________________________________ ____________________________________________________ ____________________________________________________ TELEPHONE ___________________________________________ FAX ___________________________________________ E-MAIL ___________________________________________ IMPORTANT NOTE: only *fully* completed forms with full telephonic details will be accepted, to be used in the event of any emergency changes, such as change of venue. This is not optional. CLASS OF REGISTRATION : [Prices are Pounds Sterling] Student 10.00 ($16.00 U.S.) Normal 17.50 ($28.00 U.S.) Normal before 1 Nov 93: 15.00 ($24.00 U.S.) Press (Contact for arrangements) MEANS OF PAYMENT: - U.S. cheques/cash - U.K. cheques/cash - EuroCheques (tm) Unfortunately, due to bank conversion charges, we are unable to accept cheques drawn on other overseas accounts, for payment of this year's attendance fees. PROCEEDINGS AND AUDIO/VIDEOGRAPHY - ------------------------------------------- You may pre-order copies of transcripts of the proceedings, which will be shipped within 90 days after the conference: "Please send me ____ copies of the conference proceedings at 20 pounds each." Video and audio recordings will be made of the conference, in its entirety. No pre-sales will be made; tapes go on sale in December 93/January 94. Cheques, made payable to "ECFP Ventures Limited", should be sent with this form to : 16 Circus Road MM Box 8593 London NW8 6PG England Please direct any further enquiries to the above address, or: ecfp-1st at eternity.demon.co.uk (Email) +44 81-812-2661 (Manned message service; quick response) HOW TO FIND THE NEW CAVENDISH CLUB : - ---------------------------------------------- The New Cavendish Club is 2 minutes walk from Marble Arch Underground station. Immediately turn right as you exit from the station onto Oxford Street. Then take the first turning on the right, i.e. Great Cumberland Street. The New Cavendish Club is 3 blocks north on the northeast corner of the intersection of Great Cumberland Street with Upper Berkeley Street. Address: New Cavendish Club 44 Great Cumberland Place London W1H 8BS - ----- Text ends --------- -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLKjhjYTj7/vxxWtPAQGjQAP+NW1LOc806i0c3MmA2RiluzWmDKvFEPPm ibtU3tbqqF93fb0lqJ/z1q8DEtWeiG6LnLQ41IasIHDL6o7EmZEWXN6G17CDFLSk cQHCGaIpC9BkBI8VwnsPZIlItL5T+TkcOwLjdqp7x24tQ9uAm3BhpFLGMfLJAnwB xI/ZG0zMEIs= =QElR -----END PGP SIGNATURE----- Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) Co-organizer, 1st European Conference on Computers, Freedom and Privacy, London, 20 November 1993 From banisar at washofc.cpsr.org Tue Oct 26 19:12:44 1993 From: banisar at washofc.cpsr.org (Dave Banisar) Date: Tue, 26 Oct 93 19:12:44 PDT Subject: CPSR Crypto Resolution Message-ID: <00541.2834516628.335@washofc.cpsr.org> CPSR Crypto Resolution CPSR Cryptography Resolution Adopted by the CPSR Board of Directors, San Francisco, CA October 18, 1993 WHEREAS, Digital communications technology is becoming an increasingly significant component of our lives, affecting our educational, financial, political and social interaction; and The National Information Infrastructure requires high assurances of privacy to be useful; and Encryption technology provides the most effective technical means of ensuring the privacy and security of digital communications; and Restrictions on cryptography are likely to impose significant costs on scientific freedom, government accountability, and economic development; and The right of individuals to freely use encryption technology is consistent with the principles embodied in the Constitution of the United States; and The privacy and security of digital communications is essential to the preservation of a democratic society in our information age; and CPSR has played a leading role in many efforts to promote privacy protection for new communications technologies: BE IT RESOLVED THAT Computer Professionals for Social Responsibility supports the right of all individuals to design, distribute, obtain and use encryption technology and opposes any government attempt to interfere with the exercise of that right; and CPSR opposes the development of classified technical standards for the National Information Infrastructure. From remail at tamsun.tamu.edu Tue Oct 26 19:32:47 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Tue, 26 Oct 93 19:32:47 PDT Subject: blacknet international offers DOSSIERS for SALE Message-ID: <9310270231.AA02958@tamsun.tamu.edu> blacknet international is pleased to offer the following materials for sale: DOSSIERS: on the current participants in the Cypherpunks Mailing List Flame war PRICES: Prices and delivery terms upon request via encrypted anonymous return address. SUBJECTS: Perry Metzger Duncan Frissell S. Boxx L. Detweiler Timothy C. May Ray Cromwell David Sternlight These are available now via PGP encrypted return anonymous mail. To reply to I/We please use the enclosed public key to encrypt your message back to us. The anonymous remailer encrypted return block may be used for now but if current(known to be good) paths are needed look for the latest in cypherpunks at toad.com. Please encrypt ALL mail sent to us... -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAizMFlcAAAEEALPYHDpT3OhTyO0qfEcqnbwY30pZb3ET6JUP70jfIQPiTrkA i7WJFYnDWv0FBk3aMxfH2DpI0fauCQKLnJJrc0/WHi5AgZVJh7KTwfCyAS+Zr2xM 7xjFZlwd9Q0Ow5k3hLfO4LQpTOW8IBMATV8or1g/+Zv3m87WjLgMmjAEwDypAAUR tDxibGluZHBpcGUgPHVzZSBjdXJyZW50IHJlbWFpbGVyIGJsb2NrIHBvc3RlZCB0 byBjeXBoZXJwdW5rcz4= =IHVG -----END PGP PUBLIC KEY BLOCK----- --------8<--cut here-->8-------- :: Encrypted: PGP -----BEGIN PGP MESSAGE----- Version: 2.3a hEwClqx1g6tk6KcBAf9Nly0MsbjTHys9iZwvkew2KEls/4T+4uXG+Ri8gtJnA9P0 5NvGZYIU0A40CHeHWttwE+cjwVyREWWcCPUVeMqcpgAAAYWHYP4OYPHDdUFKrs1i FW2F5lMQ1m4pU475xcLJH+NqQUYToSqmTlyH5dlOLmkC0s97n2OMQKJyDkUHkIbZ nqEg42KQkjAWotu85dBuXFjgLyShkACvah/VBXYcKHMsgfO41tCbCQiWVkg022/F TheZmlX5mPj0pgLFlpd+nYYIsGcH2memKLXWuhaY4yThRPYCu5OEYBlQEE1TtQTs glC6926Nu1RHvs4ivD3OabzeLdl2Kh2wZI2IcznUKOIKhH3nsXgI9ZvuHVkrKkmw 5ABXnhj2rgWW6/SxOT6XejUKH6WHu82HBjnEi6dDviB5pnGL8D2ayxw+ySwjNZ94 lJyrGVeq40XVG4HywxUbmrSbM/a6OOvH2f5zmXQAccoj2iwWa0khPJ0kjlndV/I9 FSLeIP8BZZSHU1tA9/genoDd3auQDAregfuzA10KjVr96+TcLdlh/7eM9TfQDaPz VtCrLR+X/n2J083WtmyzbZhpeI2qzjL7YqPXNlRsofenVucl3E1k0A== =WPI/ -----END PGP MESSAGE----- B >ASAR stands for "alt.sexual.abuse.recovery", a newsgroup I run an B >anonymous server for. This group actually has survivors of all B >sorts of abuse, including the verbal abuse that rjc perpetrated. "Sticks and stones" etc. --- WinQwk 2.0b#1165 From frissell at panix.com Tue Oct 26 19:42:47 1993 From: frissell at panix.com (Duncan Frissell) Date: Tue, 26 Oct 93 19:42:47 PDT Subject: : a desperate please Message-ID: <199310270240.AA20354@panix.com> A >I can't come up with any good ones, except for "fun" and "just to see A >what it feels like to put out opinions not my own." Virago is a "feminist" publisher in the UK. A few years ago, they brought out (to wide critical praise) a collection of short stories about immigrant life in the UK by a new Asian (means from the Indian subcontinent in the UK) woman. They had never met her and were very embarrassed when "she" turned out to be a retired, male vicar. Seems like a good idea to use a pseudonym in this case. I guess that is the use you meant about "putting out opinions not my own." Whenever I want to do that I just switch to lawyer mode. Duncan Frissell --- WinQwk 2.0b#1165 From rjc at gnu.ai.mit.edu Tue Oct 26 20:17:49 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Tue, 26 Oct 93 20:17:49 PDT Subject: a desperate plea In-Reply-To: <9310261614.AA16510@internal.apple.com> Message-ID: <9310270312.AA08185@kropotkin.gnu.ai.mit.edu> Lefty, resident net judge, rants: > No, in point of fact, you're a poorly adjusted infant who finds it amusing > to stand at a safe distance and clog up the net with threats which he > surely would never dare to make face-to-face. Lefty, go stuff yourself. You have all the credibility of Blackwell. The only time you ever post a message is to ad hominem someone else. You've been doing this for 2+ years on the Extropians list -- lurking 99% of the time and only posting when you have a snide comment. (just look at your last message against wondered) If you can't recognize the difference between a silly comment and a real murder threat, it's time for you to have a medical check up. You nicely illustrate my point anyway. I would never make a murder threat face-to-face particulary because I have no intention of physically damaging anyone. It is this fact alone which Detweiler, and you need to realize. Threats made over the net are vapor. Buddha -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From mccoy at ccwf.cc.utexas.edu Tue Oct 26 20:42:37 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Tue, 26 Oct 93 20:42:37 PDT Subject: DC-nets, up from the basic concept In-Reply-To: <9310262234.AA05579@jobe.shell.portal.com> Message-ID: <199310270336.AA03949@tramp.cc.utexas.edu> -----BEGIN PGP SIGNED MESSAGE----- pierre at shell.portal.com (Pierre Uszynski) writes: [regarding DC nets...] > > Q: How do you implement the idea that I can see my coin > and the coin on the left, but no others? > > A: You use public key cryptography. You join a "table" > by contacting one of the persons already at the "table". > He hands you address and public key of (say) his > right neighbor, and you hand him your address and your > public key. Danger Will Robinson! The only danger you really face in being revealed through a DC net is when you are isolated by colluders on the graph. I know who the people to my left and right are. If I am colluding with either one of them and you ask to join the network I am on I will say "sure...you talk to person X" (my colluder) and you are now completely screwed. There are other options for network formation and joining, and I would recommend against this one... [regarding responsibility for messages and implication...] > > It would be different (even with todays networks), if > a large proportion of the messages were CLEARLY illegal. Remember that on the net "legality" is often a _local_ thing. With a DC network consisting of participants from several different countries things might get very interesting, because it would be imposible to determine who a message came from and therefore who has jursidiction or even if any law was broken... jim -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLM3sEfcwzmW/Wc5xAQGRwQP/c2uC8yOvVGr786KZ+TKjha/bGw2MK3DY yc/Sv8AOtjsvDHDloO0FiiRluL/uqB93CFNxPYUnTVXrJk5MogLOVdS0YnUu/IM/ m8wf7tSrLqiWbQy18+9lIeYstQfRss9KJDvGpWfhPJQajAReAM6rW4KonactYhW9 ja0s7PfH8Mo= =wp5w -----END PGP SIGNATURE----- From pmetzger at lehman.com Tue Oct 26 21:02:39 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Tue, 26 Oct 93 21:02:39 PDT Subject: blacknet international offers DOSSIERS for SALE In-Reply-To: <9310270231.AA02958@tamsun.tamu.edu> Message-ID: <9310270358.AA21289@snark.lehman.com> remail at tamsun.tamu.edu says: > blacknet international is pleased to offer the following materials for sale: > DOSSIERS: on the current participants in the Cypherpunks Mailing > List Flame war > PRICES: Prices and delivery terms upon request via encrypted anonymous return > address. > SUBJECTS: > Perry Metzger Trust me, its worth it just for the nude photographys of me with an ostrich. (How they got a camera into that vault, I'll never know.) Perry From rjc at gnu.ai.mit.edu Tue Oct 26 21:02:48 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Tue, 26 Oct 93 21:02:48 PDT Subject: anti-social behavior In-Reply-To: Message-ID: <9310270359.AA08275@kropotkin.gnu.ai.mit.edu> T. William Wells writes: > > Over on ASAR, we give warning for anger. Consider yourself warned. Vapor. Or else? > In article <9310260646.AA04776 at kropotkin.gnu.ai.mit.edu>, > wrote: > : I'm coming to kill your family tommorow with a rusty razor. > > I despise Detweiler. I also think he ought to be in a mental > hospital. However, this is evil, anti-social behavior. It is > abusive beyond any possibility of shrugging it off. In context it was obviously a joke, lighten up. I think LD/Sboxx deserve what they get for coming onto a forum about cryptography and accusing people of high treason, evil, poison, etc in an almost religious fervor. > No, I'll make it stronger. Either you apologize to me, to > Detweiler, and to the list, or the list owner removes you from > the list, or I go. I will not be associated with a group that > tolerates this sort of behavior. I guess I will have to be kicked off the list then, or you will have to unsubscribe because I have no intention of apologizing to you or Detweiler. I don't apologize for the "evil, anti-social" joke I made either, but I do apologize for wasting bandwidth on the list if that's any consolation. I'm getting to the point where I can't keep put with the amount of mail in my box anyway. The ball's in your court. > (Does anyone want to know why I'm so incensed. Check out ASAR for > awhile. Understand that this person's behavior, and excuse > making, is indistinguishable from the abuse that makes that > newsgroup necessary.) That's the funniest thing I've heard all week. Comparing a joke, "I'm gonna kill your family with a rusty razor", made over the net, with rape? Even it they were equivalent, I'm not about to walk on eggshells because some people on the internet can't differentiate between a virtual joke and a real life threat. Perhaps that's the biggest problem in the world today, just last week a bunch of jocks repeated a scene from _The Program_ and laid down in the middle of the high way. If you want to prevent net.abuse, I suggest you take a look at alt.flame or alt.tasteless and issue a couple thousand of your "warnings." -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc at gnu.ai.mit.edu | - Zetetic Commentaries -- From nobody at rosebud.ee.uh.edu Tue Oct 26 21:27:48 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Tue, 26 Oct 93 21:27:48 PDT Subject: why a nym? Message-ID: <9310270426.AA09186@toad.com> Arthur Chandler asks why run a nym -- > Isn't it tough enough to build up a rep under our real names? What is > the point to using a pseudonym? I can think of some bad reasons; but I > can't come up with any good ones, except for "fun" and "just to see what > it feels like to put out opinions not my own." I'm sure I'm missing the > point; so, before you jump on me as a Clueless Newbie, can you run by > the reasons why you want to have alternate personas on the NET? I had a nice long message composed in response, explaining my own circumstances, but on review, it's clear that I can't explain without revealing personal information, threatening exposure. Sorry. But use your imagination. There are plenty of uses, such as speaking out and whistle blowing, and cypherpunks are interested in anonymous digital economies, so running a nym is good for practice. If you listen to some cypherpunks, there are research questions, too. Anonymous From nobody at cicada.berkeley.edu Tue Oct 26 22:12:37 1993 From: nobody at cicada.berkeley.edu (nobody at cicada.berkeley.edu) Date: Tue, 26 Oct 93 22:12:37 PDT Subject: shut up, assmunch Message-ID: <9310270503.AA15186@cicada.berkeley.edu> don't make me slap you again, detwiler. From hfinney at shell.portal.com Tue Oct 26 22:42:36 1993 From: hfinney at shell.portal.com (hfinney at shell.portal.com) Date: Tue, 26 Oct 93 22:42:36 PDT Subject: True Names and nyms Message-ID: <9310270537.AA00202@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Some people have argued that there is no way to prevent the use of multiple pseudonyms on the net, that it is possible today and that the new crypto technologies will provide even easier techniques tomorrow. This is an oversimplification, as Tim pointed out. "Is-a-person" credentials can be used to determine whether someone is a "True Name" or not, which is really what Larry wanted to know. Here is one way they might work. (To make this clearer, it is best to think in terms of the equation, pseudonym == public key. A pseudonym is a public key. We think of pseudonyms as being names, like "wonderer" or "sam hill", or perhaps as email addresses, like "hacker at univ.edu". But from the point of view of cryptography, these are just frills. The important thing is the key. With a public key, a pseudonym can sign his messages, so that nobody else can successfully pretend to be him. He can read messages sent to him, messages which no one else can read. If he has to switch email addresses he can do so and still maintain his identity by continuing to use the same key. It is his key which is his real identity on the net. OK, back to the is-a-person credential:) An is-a-person credential could be structured identically to the digital coins used in Chaum's simple digital cash proposal. You would go to the credentialling agency and provide some unique form of identification, something that no one else could forge. Today this might be a thumbprint, or in the future it could perhaps be a DNA scan. However, you do not have to identify yourself by name. They don't need to know who you are; they only know that you are a living, breathing human being, one whom they have not seen before. (There could be more than one credentialling agency, but they would all share a database of thumbprints or whatever.) You choose a special public key which you will use for all of your True Name activities on the net. This public key will be used to sign messages which you want to prove are from a real person. Any message sent with that signature is known to be from a True Name and not from a nym. Only one True Name exists per person. Note that this True Name doesn't have to be your real name. If you want to always post under John Q. Public and use this special key for that purposes, you can do so. But you won't be able to post under any other name, including your own, as a True Name, not unless you use that same key. And of course if you do, people will be able to know that you are the same as John Q. Public since you are using the same signature key. The way this is established is that you take your True Name key, which we'll call TN, and do as was done for Chaum's cash: pass it through a one-way function f, and blind with a random number r^3: f(TN)*r^3. You give this to the credentiallying agency when you come in with your thumbprint, and they sign it by taking the cube root. This is f(TN)^(1/3) * r. Back home, you divide by r, getting f(TN)^(1/3). This is your True Name certificate. You can submit it to a public key registry along with TN; anyone can calculate f(TN) and verify the credentialling agency's signature. People will therefore know that this key is the only one belonging to some real person which is signed in this way. Only one such key can exist for each person. So, if people claim to be posting under True Names, they can prove it very easily, by using their True Name key, signed by a credentialling agency. People can still post under as many nyms as they want, but only one gets to call itself True. Note that this solution doesn't reveal very much about the person. Because the certificates are blinded by r^3 when they are signed, even the credentialling agency has no way of knowing which thumbprints are associated with which True Name. (So, actually, it wouldn't be a problem if the agency got your name and address when you came in - this still couldn't be linked with your postings if you didn't want it to be.) Nobody is forced to even use a True Name when they post; they could use nothing but nyms. On the other hand, if people want to reserve certain conferences for True Names only, they can. There is tremendous flexibility to have as much or as little use of nyms as people want. So, people should not be so quick to claim that crypto can only be used to increase anonymity. It is a powerful technology that can be used to increase our control over information in many ways. Chaum's papers continue to amaze me with what is possible. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLM3dJ6gTA69YIUw3AQFmfAP/byAqRUt/R3tQBH5Zg+JYV4u6z2CeJ0eM YOrsvXAptTFjS4TpS177spfoDfGm9gtoL1wyEhwD6gsZ2JhssRXT/7w8MEEzPE2U 9CIOXeBZiL8lSPWBxHBr95jlkJjIZe+v5BWPsWdwmSInk0/vbTaQm4emjNNS9WgG H1jPeYECsjA= =sd2V -----END PGP SIGNATURE----- From msattler at netcom.com Tue Oct 26 22:52:36 1993 From: msattler at netcom.com (Michael Sattler) Date: Tue, 26 Oct 93 22:52:36 PDT Subject: Shocked at my reaction Message-ID: <9310270517.AA22598@netcom.netcom.com> The following has nothing to do with writing code, but hopefully posting this will get me back on track.... I wrote this several weeks ago and have been sitting on it ever since. L. Detweiler's contributions of late have made me re-examine my feelings on a variety of email- and cyberspace-related issues. I very strongly believe that everyone has an inaliable right to express themselves, as long as that expression doesn't harm others or impede their ability to express *themselves*. Up to now the amount of trash-mail (as I determine it) has been less than ten percent of my mail, an amount I equate with the real-world equivalent of billboards and junk-mail. L. Detweiler's uncanny ability to craft flame-bait and get the CypherPunks to respond has increased the trash-mail percentage to the point where it's entered my awareness. Torn between respect for someone who has a reputation for having made contributions, worry about someone who seems to have a slim grasp on the reality I'm experiencing, and annoyance at getting scores of ranting incoherent messages, I've made a decision that I've never made before: to put someone (L. Detweiler) into my kill-file. This bothers me a great deal. But there it is. ---------------- To L. Detweiler: I'm sorry, but your style, content, and quantity values have gotten to the point where it seems unrewarding to deal with you. The decision to banish you bothers me a great deal, but not as much as reading your mail does. If you're sincere about the biblical amount of pain you are in, I gently suggest (in my capacity as an EMT with some crisis-intervention experience) that you talk about your pain to a qualified person, perhaps an MFCC. If you're doing all this to get a reaction (for maybe a book) like Don Novello's Lazlo character of the last three decades (and several books), then congratulations. ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 621-2903 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From mdiehl at triton.unm.edu Tue Oct 26 23:02:37 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Tue, 26 Oct 93 23:02:37 PDT Subject: a desperate plea In-Reply-To: <9310270312.AA08185@kropotkin.gnu.ai.mit.edu> Message-ID: <9310270558.AA16570@triton.unm.edu> Well, lets see how many Personal Attacks we can find in this post... According to rjc at gnu.ai.mit.edu: > > Lefty, go stuff yourself. > You have all the credibility of Blackwell. > The only time you ever post a message is to ad hominem someone else. > You've been doing this for 2+ years on the Extropians list > -- lurking 99% of the time and only posting when you have a snide comment. Well, that makes 5 out of 5 so far. Lets see if we can find more! (just look at your last message against wondered) Wow! We are 5 for 6. Not bad..... *NOT* > If you can't recognize the difference between a silly comment and a real > murder threat, it's time for you to have a medical check up. > You nicely illustrate my point anyway. Well, that's two more! > I would never make a murder threat face-to-face > particulary because I have no intention of physically damaging anyone. And of course I won't even touch this one! > It is this fact alone which Detweiler, and you need to realize. > Threats made over the net are vapor. And were these even valid comments? You be the judge. > > Buddha Ya, right. Final score: 7 out of the 11 sentences in this post were personal attacks. This means that 63.6% everything you had to say wrt the orignal post was the same kind of personal attacks you were complaining about.. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From rjc at gnu.ai.mit.edu Tue Oct 26 23:17:49 1993 From: rjc at gnu.ai.mit.edu (rjc at gnu.ai.mit.edu) Date: Tue, 26 Oct 93 23:17:49 PDT Subject: a desperate plea In-Reply-To: <9310270558.AA16570@triton.unm.edu> Message-ID: <9310270614.AA08644@kropotkin.gnu.ai.mit.edu> J. Michael Diehl writes: > Final score: 7 out of the 11 sentences in this post were personal attacks. > This means that 63.6% everything you had to say wrt the orignal post was the > same kind of personal attacks you were complaining about.. No, I wasn't complaining about his personal attacks per se but his long term behavior on this list and Extropians which is mainly "hit-and-run" attack posts about once a month which usually generate massive flame wars. (the last of which ended up with Tim May leaving the extropians list) Perhaps you don't like me, but I can atleast lay claim to have participated in non-flamefest threads and contributed help and software when I was asked. Many people have simply sent me private e-mail politely requesting that I stop the Detweiler flame. All Lefty's message did was add fuel to the fire and was just as unproductive as my original joke-threat against Lance. I would like to end this thread and get back to rationally discussing pseudonyms, but its not going to happen if I keep getting messages like yours in my mailbox. -- Ray Cromwell | Engineering is the implementation of science; -- -- rjc at gnu.ai.mit.edu | politics is the implementation of faith. -- From tcmay at netcom.com Wed Oct 27 00:17:49 1993 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 27 Oct 93 00:17:49 PDT Subject: My Views on the Detweiler Matter Message-ID: <9310261923.AA29868@netcom.netcom.com> Cypherpunks, I. too, am weary of this thread...paranoia, death threats, "pseudospoofing," Satan's spawn, tentacles of Medusa, and on and on. I apologize for the length of this piece, which has reached detweilerian proportions, but I need to make some points. Sorry if many of you are fed up with this thread. I've tried to avoid comment, but I've been getting several rants every day from Detweiler, either posted to the List or in private e-mail (and the rants he sends to Eric Hughes and myself are even more tortured, as he rambles on and begs us to stop tormenting him, to call off our devils who are attacking him, then goes back to threats and insults....very sad). Several people have suggested we "lay off Detweiler," that he is clearly in pain and is disturbed in various ways. I agree, but getting several messages a day from him, filled with threats, taunts, insults, and religious paranoia tends to make this "laying-off" a bit more problematic. Especially when his posts prompt others on this List to try to defend his points. There is always the danger that repeating the Big Lie often enough will cause it to be accepted as the truth. In this case, apparently some are now beginning to believe that the List is in fact controlled by a cabal of plotters and that pseudospoofing is the tool they use to control the mood and agenda of the List. Utter nonsense. He has recently claimed we are a bunch of Ted Bundy's, plotting the murder of young women, that we are spawn of Satan, trying to pull society into the depths of Hell, that we are High Traitors which the government (his newfound ally) must suppress, and that the High Cabal is beaming radio waves into his brain to control his thoughts (only this last item is made up...a taste of what is to come in the next few weeks, I suspect). I consider the whole situation very sad, and even tragic. Lance Dettweiler did some nice work on the "Privacy and Anonymity on the Internet FAQ." Ironically, he now considers my helpful comments on these matters (I recall encouraging him to go ahead and write a FAQ on these matters, sometime last winter or so, so I may have been a prime motivator of his FAQ) to be some kind of evil trickery designed to do whatever it is he thinks is now being done to him. Be that as it may, his recent points require a response from me. And the whole Detweiler matter actually _does_ have some important connections to the Cypherpunks area of interest, so the topic is not as off-base as some might think. Certainly it's closer to our main themes than many of the recent debates about subliminal advertising and using thermite bombs to destroy safes are, to name but two topics. Back to the Detweiler situation. I tried to laugh it off, as my posts of last week or so showed--the one declaring there to be only four or five actually unique individuals on the List, with each of us using dozens of pseudonyms. Little did I suspect that Detweiler would use my joke about the "Wired" photo using hired actors as "proof" of our duplicity, Jeesh, that man needs a humor transplant! His alter ego S. Boxx is still making death threats, as he himself is, and is claiming the "evidence is being collected" for some some sort of formal charges. Right. (That Detweiler = S. Boxx is beyond doubt. Personal mail sent by Eric Hughes and myself to Detweiler showed up in the rants of S. Boxx, and the styles are nearly identical. Detweiler has rather transparently claimed that S. Boxx is "in communication" with him. Right.) Anyway, while I have been mostly just shrugging-off Detweiler's fantastical rants, saving them in my "Detweiler file," some of you are talking about how Detweiler may be ranting, but how he's basically *right* about some things. Some of you are apparently coming to believe that in fact a High Cabal exists to purge Detweiler and to use pseudospoofing to undermine him in public. Now I of course I can see validity in essays separate from the underlying mental sanity of the writer (think of Nietzsche), so I don't automatically dismiss LD's points just on the basis of his paranoid style. But he has presented no evidence for his assertions. I just think he's gone off the deep end with his paranoia about the number of pseudonyms on the List. I know for a fact that I write my stuff under my own name, that I am not any of the more colorful "nyms" on the List....I am not "Deadbeat," "S. Boxx," "Murdering Thug," or "Panzer Boy." (Actually, some of these may just be BBS handles....I'm not paying too much attention to the distinction, as I really don't care overmuch about the "actual" name of folks I haven't met.) To be sure, some people are using nyms, as they have for as long as the Net has existed...and for much longer, of course. Pen names, pseudonyms, whatever. But this is a much different thing than saying the List is dominated by pseudonyms, by clever false identities, by Satan-inspired demons who are adopting false identities specifically to torment good Christians like Lance Detweiler. His modus operandi seems to be to repeat his points over and over again and to to accuse others of Satanic or cabalistic motivations--usually in his inimitably florid prose style--and to claim that the "debate" is being skewed by dozens of phony identities. If Hal Finney is not 100% behind his latest idea, well, then obviously Hal is One of Them, a tentacle of the Medusa, a Nym from Hell that is bent on making LD a laughingstock on the List. In several cases, when Detweiler made some point and others didn't agree with him or actions weren't taken to his liking, he simply stamped his feet and used such effective debating tactics as "I am getting nauseatingly disgusted and TOTALLY angered by the completely traitorous and spectacularly cunning vipers who..." (Lance never met an adverb or adjective he didn't like. Neither did S. Boxx.) (When he was still soliciting my occasional advice in e-mail, which I sometimes gave, I urged him to not try to win arguments merely by repeating his points over and over again and then announcing what his _mental state_ was. His points would have to stand or fall on their own merits, not on his claims that he was going to hold his breath 'til he turned blue. "Blue Nyms"?) THE FACTS There's been a lot of innuendo that "pseudospoofing" is going on. Not just anonymous mail sent to Detweiler--something I can't speak to, not having sent him any and not having access to his incoming mail--but the use of pseudonyms like Jamie Dinkelacker, Nick Szabo, and (as of last night, apparently, according to Detweiler) Hal Finney to shape and slant arguments. Detweiler has argued that these pseudospoofers are criticizing his points and generally interfering with the democracy that would, he thinks, otherwise produce the proper decisions. Namely, his decisions. I've seen no situation where a "vote" of posters was taken, where these alleged pseudospoofers shaped an outcome. In fact, the Cypherpunks list is largely a "market anarchy," with very few real decisions *ever* being made...the several dozen active posters say their points, announce their projects and their progress on same, and generally follow the "coffee shop" model someone (sorry) eloquently described a week or so ago. Positive reputations matter. I've never met Doug Barnes or Karl Barrus before, and they may even be pseudonyms. But I value their comments, regardless. Even some of the recent obvious nyms, like "Sam Hill," I'm valuing more and more. To each their own. Use filters if you don't like nyms. I know for a fact that I haven't been sending Detweiler anonymous mail. And not much mail at all, in fact. About 5 or 6 weeks ago, after he went ballistic and called me a "traitor" and a "lackey of Eric Hughes" over my relatively mild defense of the EFF/Shari Steele advisory, I told him in e-mail I would no longer correspond with him. (My message to him was later quoted in its entirety in one of his rants.) Frankly, I was tired of his hot-and-cold mood swings, with death threats and floridly-written insults interspersed with requests for help in some area (pretty nervy!)....I just got fed up with his obvious lack of social skills and his descent into paranoid schizophrenia. He is, as a former girlfriend would diagnose his condition, a "borderline personality." I've used remailers, though never for mail to him. Detweiler made a big thing about my open admission to him that I have in fact used anonymous mailers at times to post to the List. This is hardly a surprising announcement, as nearly all of you should know that in several instances I have used remailers to make a point, to demonstrate some capability. The three main examples that come to mind are: 1. "Information Liberation Front" (ILF). To illustrate the possibilities, and to also post some articles I had scanned, I began using this "nym" about a year ago. Others have since used it as well (anyone can...no sigs are involved), as I hoped. In no cases can you find the "ILF" doing the kind of "pseuodospoofing" Detweiler rails about. 2. The "A Patriot" (I think that was the name I used) posting supposedly blowing the whistle on F-117 Nighthawk (Stealth) fighter cost overruns. I posted material anonymously, got a bunch of "you are a traitor" messages (not from Detweiler, that I can recall), and then several days later I announced that I was the author and that the material came from widely available public articles. My point was not to make people look like fools--though at least one person did--but to provide a "trial run" for the Real Thing, when actual defense secrets get out on whistleblowers-type networks. It's gonna happen, and we need to think about this in advance. (This posting was made about 6 months ago, and it was hardly a secret that I was the author.) 3. "BlackNet." Ironically, someone else took my announcement of this from somewhere--perhaps from a nanotech meeting, where I used it to illustrate the difficulties in controlling nanotech developments--and forwarded it through a remailer to the Cypherpunks list. But I was of course the author. I've been using "BlackNet" as my generic example of a crypto-anarchic entity since late 1987, as I have already explained in an earlier posting. (The recent announcement that a Van Eyck radiation kit is available via a BlackNet-style "cutout" was not my doing, I hasten to add. I welcome such developments, though I doubt this one is completely serious.) In these three cases, which are my *only* uses of anonymity/pseudonyms that I can recall (I won't say there's never been another example, but I honestly can't recollect any other uses....), these were essentially "open secrets." I discussed all of them either on the List (as with the F-117 and BlackNet material) or it was a standing joke amongst physical meeting attendees that I was behind the ILF. I am not any of the pseudonyms you see on the List regularly. I guess I have too much ego and too little to fear (being retired, I have no fears about my "reputation" as a crypto-anarchist hurting me) to hide my views under a pseudonym. Enough on this, though. Robert Woodhead made some comments in Detweiler's behalf, and was promptly flamed for it, referred to as "another snake" or somesuch. Here are my comments on Robert's points: He writes: >Personally, I am getting a little tired of your ranting. I agreed with >most of your position and got flamed for it. Thanks a lot. It's chillingly >obvious you've read "How to Win Friends and Influence People." > >If you are willing to do the research and provide solid, verifyable >evidence of such nastiness as you are convinced is happening, then >do it. If you are willing to discuss the implications of dishonesty >in a universe of anonymity, then that is a topic of interest. If >all you are willing to do is rant about the boogieman under the >bed, then please do your mumbling somewhere else in cyberspace. > >I _still_ think the issue that concerns you is an important one. I >also think you are doing a very good job of ensuring that people >don't give it critical thought. Robert, Something you might want to think about is this: * I have never sent Detweiler--or S, Boxx, either--a message anonymously or pseudoanonymously. That is, *all* mail I have sent him (and that hasn't been much) has been from my one and only e-mail account, tcmay at netcom.com. (Obviously not counting any of the anonymous mail that appeared on the List as a whole, the aforementioned ILF, F-117, and BlackNet material.) * Somehow he became deluded--and that is literally his condition--that other List members, such as Jamie Dinkelacker and Nick Szabo--were pseudonyms of *me*. He ranted at me in e-mail, interspersed with "you sly devil!" congratulations for pulling off such a feat. He claimed I wrote the short story, "Master Key" (about 4-6 weeks ago), which I did not....I don't know who did. The political essays which have appeared under pseudonyms were definitely *not* written by me...some of them I'd like to claim credit for, but I just can't. * After many of these strange messages, I broke my silence with him and sent him a message setting him straight: that I was not Jamie or Nick, that I had not sent him any messages, and that I did not write any of the anonymous pieces he claimed I had. (Detweiler called me a liar for disavowing to him in e-mail that I had written these. He just won't take no for an answer. Denials are taken as further proof of a Grand Conspiracy to Confuse Him.) * This knocked him further over the edge, and he began sending me death threats (along the charming lines of "traitors like you will be hung by the neck until DEAD and then sent to HELL") and other weird messages. * What more can be said? He has taken his personal demon, "pseudospoofing," and blown it out of proportion. When Hal Finney tried to help (a misguided idea, in my opinion, as we are not psychotherapists), he is called another "tentacle of the Medusa" and LD says he now realizes "Hal" is just a pseudonym of his tormenters! When Phil Zimmermann gets fed up with LD's paranoia, he is deemed to be part of the conspiracy! It seems tragicomic that Detweiler has now gone almost completely over to the side long-expressed by David Sternlight (no, I am not making any paranoid assertions) that law enforcement needs require restrictions on anonymity tools, that registries of True Names and identities are needed, and that the Cypherpunks goals are dangerous. He even mixes in fundatmentalist religious paranoia, talking about Satan-inspired Cypherpunks and "black poison" from the depths of Hell. One has to wonder how Detweiler could so demonize Dorothy Denning and David Sternlight and now have so thoroughly taken an even more extreme position on their side of the issues. As someone said to me recently, Detweiler should be regarded as one of the casualties. It's sad. --Tim May. whose identity is all-too-public and can be easily confirmed by looking at photos in past issues of journals like "Transactions on Electron Devices" (January, 1979, paper on "Alpha Particle-Induced Soft Errors in Dynamic Memories") and so forth. I am also known to about 40-60 of you, by my rough estimate. It's sad that Detweiler will not trust the evidence of his senses, and contacts with others, and instead has plunged head-long into paranoid schizophrenia. -- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: by arrangement Note: I put time and money into writing this posting. I hope you enjoy it. From cman at IO.COM Wed Oct 27 01:12:36 1993 From: cman at IO.COM (Douglas Barnes) Date: Wed, 27 Oct 93 01:12:36 PDT Subject: blacknet international offers DOSSIERS for SALE In-Reply-To: <9310270358.AA21289@snark.lehman.com> Message-ID: <9310270808.AA21862@illuminati.IO.COM> > > Trust me, its worth it just for the nude photographys of me with an > ostrich. (How they got a camera into that vault, I'll never know.) > Yeah? You're probably getting a cut. Heck, you could *be* blacknet :-). -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From hugh at ecotone.toad.com Wed Oct 27 01:22:36 1993 From: hugh at ecotone.toad.com (Hugh Daniel) Date: Wed, 27 Oct 93 01:22:36 PDT Subject: ADMIN: toad.com's mail hicups Tuesday morning... Message-ID: <9310270814.AA20223@ ecotone.toad.com> The list mailhost, toad.com, had massive problems today with sendmail queues, resulting in load averages over 90 (on a machine where 6 is high) and other unfun problems for me to chase. To my knowledge no mail was droped on the floor, but some mail did come out of the machine with headders missing. I have no idea what the mail software thought it was doing by droping headers, but I think we will live even so. I am looking at installing some newer software to deal with the problems of today, though the root causes are solved for now, better software (sendmail) is called for. On the other hand better software is ALLWAYS called for... Guess I had better get back to doing that sort of work... ||ugh Daniel Sysadmin of the month hugh at toad.com From ian at geography.leeds.ac.uk Wed Oct 27 02:27:52 1993 From: ian at geography.leeds.ac.uk (Ian Turton) Date: Wed, 27 Oct 93 02:27:52 PDT Subject: No Subject Message-ID: <23551.9310270926@geography.leeds.ac.uk> Authur Chandler writes: > > Isn't it tough enough to build up a rep under our real names? What is > the point to using a pseudonym? I can think of some bad reasons; but I > can't come up with any good ones, except for "fun" and "just to see what > it feels like to put out opinions not my own." I'm sure I'm missing the > point; so, before you jump on me as a Clueless Newbie, can you run by > the reasons why you want to have alternate personas on the NET? Well the one case that comes to mind for me is a friend I knew at a previous university where I worked. There was a member of the support staff who was responsible for introducing the net/email to new users (amongst other things). He had two personas one for dealing with official things and the other obvoiusly an alias (FoFP) for ranting about the government etc. However new users still regualarly reported this alias to Mike (in his official role) for bringing the university in to disrepute. I'm fairly sure he owned up to them at this point :-). However I'd contend that it was important for him to distinguish official posts from unofficial posts more strongly than just by sticking a disclaimer on the end of unoficial messages - since who really reads them anyway. > Ian Turton - School of Geography, Leeds University 0532 -333309 From kwaldman at BBN.COM Wed Oct 27 04:22:39 1993 From: kwaldman at BBN.COM (kwaldman) Date: Wed, 27 Oct 93 04:22:39 PDT Subject: Net Requlation Message-ID: <9310271119.AA16228@toad.com> Say the best way to go is to become a perpetual tourist. That is you don't have US citzenship and thus are not subject to it's taxes and other nosy laws. [Not that other government's don't have nosier laws]. Anyway 1. If you don't have US citzenship, how do you get a passport? (Buy it on sale from the Czech republic or what?) 2. Where do you live? I mean I love to travel but after 3 or 4 weeks of it I'm ready to settle down and hibernate for a long while. [Especially now with a wife and 2 sons, I'd last about 2 days traveling :-)] Somewhere were I don't have to get thrown in jail for thinking the wrong thoughts. [Which given the nature of this list most of us do, except of course our NSA monitors :-)] 3. Are the TELECOM connections there yet? I saw this weeks Economist and it looks promising but last time I was in Europe some of my phone connections were less than perfect. [Even parts of the US leave something to be desired]. I personally need a good phone line (especially if I'm hundreds of miles from my customer), and a minimum of 56kbaud link for my computer. 4. Customer interaction. This is a problem, if you work on computer systems that are unique or program custom software for these systems, customer interaction is very important ( and in other areas I'm sure). Yes email, video conferencing (expensive!) help but you either need to be there or have very good VR (which I have yet to see, this doesn't mean much as I haven't seen bad VR yet either). The one plus is that I believe there is still time (5-10) years before the costs outweigh the benifits of living in the US and thus there is time to plan things like what country to live in, which bank to use in the channel isles and let technological advance solve some of the bandwidth problems. Karl Waldman BTW The above shouldn't imply I disagree with Ducan's premise. In fact I have enjoyed his posts and agree with most of what he says, so I guess I should shut up and buy some DUCAN (or whatever) on HEX. P.S. Ducan please post your talk after you get back from London. I will transfer 1000 thornes to your HEX account (if you have one) From kotze1 at batis.bis.und.ac.za Wed Oct 27 05:07:54 1993 From: kotze1 at batis.bis.und.ac.za (Christopher Kotze) Date: Wed, 27 Oct 93 05:07:54 PDT Subject: RSA encryption Message-ID: <9310271207.AA17133@toad.com> Does anyone know anything about RSA encryption, if so, please tell me about it ! cheers, chris From bill at twwells.com Wed Oct 27 06:02:41 1993 From: bill at twwells.com (T. William Wells) Date: Wed, 27 Oct 93 06:02:41 PDT Subject: anti-social behavior In-Reply-To: <9310270359.AA08275@kropotkin.gnu.ai.mit.edu> Message-ID: Sigh. This is totally off topic. Or is it? Cyberspace is going to *have* to deal with those entities that are biologically of the human race but who are mentally of less value than a laboratory rat.....so, folks, are we going to deal with this or are we going to just have a nice slanging match with no valuable outcome? In article <9310270359.AA08275 at kropotkin.gnu.ai.mit.edu>, wrote: : In context it was obviously a joke, lighten up. You are lying. You wrote that for the explicit purpose of causing pain. Your *obvious* intent was to say something upsetting and angering. So don't give me any of this nonsense about a joke. You are nothing but an insensitive, immature bully and you do not deserve to be among this group. From bill at twwells.com Wed Oct 27 06:22:38 1993 From: bill at twwells.com (T. William Wells) Date: Wed, 27 Oct 93 06:22:38 PDT Subject: anti-social behavior In-Reply-To: <199310270240.AA20351@panix.com> Message-ID: In article <199310270240.AA20351 at panix.com>, Duncan Frissell wrote: : B >ASAR stands for "alt.sexual.abuse.recovery", a newsgroup I run an : B >anonymous server for. This group actually has survivors of all : B >sorts of abuse, including the verbal abuse that rjc perpetrated. : : "Sticks and stones" etc. The old saw about sticks and stones is absolutely false and typically is used (I'm not presuming this of you) as a cover for behavior that is intended to cause harm. The vast majority of abusive behavior, defined in terms of the harm it causes its victims, is done with words, not by direct physical action. Without getting into a long discussion, the thing is that emotional responses are not chosen, they are automatic. One can no more avoid responding with emotional pain, which is just as real as physical pain, to a hurtful word, than one can avoid responding with physical pain to a punch in the face. True, what will cause pain to one person will not necessarily cause pain to another. Also true, between adults there is no absolute requirement to avoid causing one another pain. Nonetheless, respect for one another implies that one avoids doing so whenever one can, within limits. The other side of this is that one should have a good reason to cause another pain, even the emotional pain caused by words. Rjc's sin is not failure of respect, though he has certainly has shown that, but the intentional causing of harm to another. He has claimed that "it was only a joke". "It was only a joke", except in rare and limited circumstances (which this is not one of), translates directly to "I knew it was going to hurt and that's why I did it". He might claim otherwise. But such a claim would only have been taken seriously if it had been accompanied by evidence that he was aware of what he did. If he'd said "It was only a joke and I'm sorry that I didn't consider that it would hurt Detweiler", that would have been one thing. But he said "It was only a joke therefore it was OK". That was only a disclaimer of responsibility and a bald assertion that he would do the same again. From pmetzger at lehman.com Wed Oct 27 06:42:39 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 27 Oct 93 06:42:39 PDT Subject: blacknet international offers DOSSIERS for SALE In-Reply-To: <9310270808.AA21862@illuminati.IO.COM> Message-ID: <9310271342.AA26353@snark.lehman.com> Douglas Barnes says: > Yeah? You're probably getting a cut. Heck, you could *be* blacknet Shh.... you'll give it away... .pm From bill at twwells.com Wed Oct 27 07:02:39 1993 From: bill at twwells.com (T. William Wells) Date: Wed, 27 Oct 93 07:02:39 PDT Subject: My Views on the Detweiler Matter In-Reply-To: <9310261923.AA29868@netcom.netcom.com> Message-ID: In article <9310261923.AA29868 at netcom.netcom.com>, Timothy C. May wrote: : got fed up with his obvious lack of social skills and his descent into : paranoid schizophrenia. He is, as a former girlfriend would diagnose his : condition, a "borderline personality." There's always a danger in diagnosing when one isn't an expert (especially when the experts tend to confuse *themselves*) but I think of myself as a well informed layman and, as such am going to comment on this. Detweiler is not likely schizophrenic anything. That's a rather different thing than he's appeared. Nor is he a borderline personality, which is also a specific diagnosis. On the evidence he is a paranoid personality or paranoid psychotic. The reason I'm writing is to point out two things: paranoids are rarely cured, only controlled, and they can be physically dangerous. It is entirely possible that he means those death threats. From pmetzger at lehman.com Wed Oct 27 07:07:55 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 27 Oct 93 07:07:55 PDT Subject: anti-social behavior In-Reply-To: Message-ID: <9310271403.AA26452@snark.lehman.com> T. William Wells says: > wrote: > : In context it was obviously a joke, lighten up. > > You are lying. You wrote that for the explicit purpose of causing > pain. Your *obvious* intent was to say something upsetting and > angering. So don't give me any of this nonsense about a joke. You > are nothing but an insensitive, immature bully and you do not > deserve to be among this group. So he intended to cause pain? Big deal. I'm beginning to believe the book "I'm Disfunctional, You're Disfunctional": it concludes that people involved in the recovery movement are generally doing the opposite. I'm the sort of guy who gets flamed constantly. I've been called the worst possible things. Hasn't hurt me or crippled me. Calling people names is stupid, but individuals who can't take being called names are emotional cripples. Perry From pfarrell at netcom.com Wed Oct 27 07:10:47 1993 From: pfarrell at netcom.com (Pat Farrell) Date: Wed, 27 Oct 93 07:10:47 PDT Subject: help writing code Message-ID: <36383.pfarrell@netcom.com> I've spent the summer working on a SMTP/POP client that runs under MS-Windows. There are two ideas behind it. First, widespread acceptance of global communication will require that mass market user don't have to learn vi/emacs/... and Second, once the email composing and reading is done on a local, controlled PC, we can trivially pipe messages in and out of PGP, RIPEM, or your favorite encryption algorithm. This second part will allow folks to send all their mail encrypted, which will not only spread the word, but hurt traffic analysis. But, I need help. I've got all the front-end stuff working, and can handle the SMTP/POP protocols. But I can't get Windows to talk reliably with a raw async link. (I don't want to require SLIP or PPP, as lots of sites are too clueless to offer it.) I need a robust communications library. It has to do as well as possible given an inherantly inreliable link. I've bought three commercial sibraries, and none work. Cypherpunks write code. I've been trying. If someone wants to help, please reply, and we can work out detailed specs of the API I have in mind. Pat Pat Farrell Grad Student pfarrell at netcom.com Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From pmetzger at lehman.com Wed Oct 27 07:12:40 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 27 Oct 93 07:12:40 PDT Subject: anti-social behavior In-Reply-To: Message-ID: <9310271409.AA26463@snark.lehman.com> T. William Wells says: > The old saw about sticks and stones is absolutely false and > typically is used (I'm not presuming this of you) as a cover for > behavior that is intended to cause harm. So the person intends harm? Words cannot cause physical damage. They can always be ignored. > The vast majority of abusive behavior, defined in terms of the harm > it causes its victims, is done with words, not by direct physical > action. Bill has spent too much time in the recovery movement, and has dealt with people who are nearly completely deranged so long that he no longer understands what is expected of normal people. > Without getting into a long discussion, the thing is that > emotional responses are not chosen, they are automatic. One can > no more avoid responding with emotional pain, which is just as > real as physical pain, to a hurtful word, than one can avoid > responding with physical pain to a punch in the face. Thats false. Everyone has the capacity to decide whether or not to pay attention to words. Force, on the other hand, provokes a physical reaction (such as bleeding, or perhaps dropping dead) that you can't help. Read Thomas Szasz's (sp?) "The Myth of Mental Illness" for a critique of modern excuses like "he couldn't help it". Also read "I'm disfunctional, you're disfunctional" to learn about the sort of cult the recovery movement has turned into. Perry From jrk at sys.uea.ac.uk Wed Oct 27 07:52:41 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Wed, 27 Oct 93 07:52:41 PDT Subject: Security of PGP private keys Message-ID: <15013.9310271454@s5.sys.uea.ac.uk> PGP secret keys are protected by a password. Yet people have said that one should not keep one's secret keyring on an insecure machine. Why? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From klbarrus at owlnet.rice.edu Wed Oct 27 08:17:53 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 27 Oct 93 08:17:53 PDT Subject: ANON: why pseudonyms In-Reply-To: Message-ID: <9310271516.AA16178@elf.owlnet.rice.edu> Arthur Chandler wrote: > Isn't it tough enough to build up a rep under our real names? What is >the point to using a pseudonym? I can think of some bad reasons; but I >can't come up with any good ones, except for "fun" and "just to see what >it feels like to put out opinions not my own." I'm sure I'm missing the >point; so, before you jump on me as a Clueless Newbie, can you run by >the reasons why you want to have alternate personas on the NET? It's not a dumb questions, and it comes up from time to time. In fact, this was the subject of a lengthy war on news.admin.policy a while ago. You could use a pseudonym anytime you don't want to be linked to an opinion. Maybe you don't want to be known as the author of a post to alt.sex about whether you shower with your spouse; maybe you feel less embarrassed asking questions like Wonderer; perhaps you want to engage in a serious debate over touchy political issues; etc. In these examples, you would be putting out opinions that are your own - you just want the freedom of speaking without fearing retribution or ridicule. After all, you may irritate someone who decides to cause you harm. This won't ever happen, you say? Maybe, but here's an example: Salmon Rushdie, author of the "Satanic Verses" is still living in fear of his life. You can whistle-blow. Some months ago a local paper ran a series of articles on people who had the careers and lives destroyed by the Nuclear Regulatory Commission, because they reported various unsafe practices and violations at their workplace. Small examples of anonymity are in our life already: most radio shows don't broadcast your last name, papers will withhold names from editorial pieces sent them, police departments take anonymous tips. The protection a pseudonym affords is more powerful. -- Karl L. Barrus: klbarrus at owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories From pmetzger at lehman.com Wed Oct 27 08:47:54 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 27 Oct 93 08:47:54 PDT Subject: Security of PGP private keys In-Reply-To: <15013.9310271454@s5.sys.uea.ac.uk> Message-ID: <9310271542.AA26513@snark.lehman.com> Richard Kennaway says: > PGP secret keys are protected by a password. Yet people have said that one > should not keep one's secret keyring on an insecure machine. Why? Because people can capture your keystrokes when you enter in the password. They then have your secret key. Perry From dmandl at lehman.com Wed Oct 27 08:52:41 1993 From: dmandl at lehman.com (David Mandl) Date: Wed, 27 Oct 93 08:52:41 PDT Subject: Security of PGP private keys Message-ID: <9310271518.AA03375@disvnm2.lehman.com> > From: jrk at sys.uea.ac.uk (Richard Kennaway) > > PGP secret keys are protected by a password. Yet people have said that one > should not keep one's secret keyring on an insecure machine. Why? > > -- ____ > Richard Kennaway __\_ / School of Information Systems > Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia > uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. 1. Why take chances? Once the evil intruder has the file, she can throw test passwords at it from now till doomsday and might be able to crack it. 2. On shared machines, there are ways for users with the appropriate access to read your keystrokes (like, for example, when you type in your pass phrase). Anyone with that access should also be able to grab your secring.pgp with no problem, and that's that. --Dave. From klbarrus at owlnet.rice.edu Wed Oct 27 08:57:54 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 27 Oct 93 08:57:54 PDT Subject: CASH: crosspost Message-ID: <9310271553.AA18040@elf.owlnet.rice.edu> At risk of irritating some folks who already saw this, a crosspost: > Medvinsky, Gennady and B. Clifford Neuman. "NetCash: A Design > for Practical Electronic Currency on the Internet" Proceedings > of the First ACM Conference on Computer Communications Security > (November 1993) [available via anonymous FTP, > ]. > Addressing the pressing problem of how to conduct fiduciary > business on the Internet, Medvinsky and Neuman describe a > system that allows clients, merchants, and currency servers to > interact in a secure fashion over an insecure medium. The > framework presented here addresses, to varying degrees, the > following issues: security, anonymity, scalability, > acceptability, off-line operation, transferability, and > hardware independence. The authors readily admit that this > scheme does not solve all of these problems perfectly, but it > does allow for the integration of other protocols when utmost > anonymity and offline capabilities are required. - DR From lefty at apple.com Wed Oct 27 09:07:53 1993 From: lefty at apple.com (Lefty) Date: Wed, 27 Oct 93 09:07:53 PDT Subject: a desperate plea Message-ID: <9310271600.AA01920@internal.apple.com> > No, I wasn't complaining about his personal attacks per se but his long term >behavior on this list and Extropians which is mainly "hit-and-run" >attack posts about once a month which usually generate massive flame wars. >(the last of which ended up with Tim May leaving the extropians list) Let me make sure I understand this: are you claiming that _I_ caused Tim to leave the Extropians list? -- Lefty (lefty at apple.com) C:.M:.C:., D:.O:.D:. From trebor at foretune.co.jp Wed Oct 27 09:09:23 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Wed, 27 Oct 93 09:09:23 PDT Subject: Tim May, Detweiler and Me. In-Reply-To: <9310261923.AA29868@netcom.netcom.com> Message-ID: <9310271602.AA04945@dink.foretune.co.jp> Tim writes at length and with some eloquence regarding the recent conflagration, and then quotes me replying to Mr. Detweiler. >>Personally, I am getting a little tired of your ranting. I agreed with >>most of your position and got flamed for it. Thanks a lot. It's chillingly >>obvious you've read "How to Win Friends and Influence People." >> >>If you are willing to do the research and provide solid, verifyable >>evidence of such nastiness as you are convinced is happening, then >>do it. If you are willing to discuss the implications of dishonesty >>in a universe of anonymity, then that is a topic of interest. If >>all you are willing to do is rant about the boogieman under the >>bed, then please do your mumbling somewhere else in cyberspace. >> >>I _still_ think the issue that concerns you is an important one. I >>also thi>nk you are doing a very good job of ensuring that people >>don't give it critical thought. He then asks me to think about certain points, but after doing so, I think he has misunderstood _my_ point. My point in the above is "Do not judge the message by the messenger." Regardless of whether or not his scenario is in play on the group (I don't think it is), it is something to think about, and it is inevitable that people will attempt to maliciously pseudospoof, and some will succeed. Granted, Mr. Detweiler has been a royal twit. But then, so have many others on the list in reply to him. Shame on the lot of you. One of the central aspects of human society is negotiation and the attempt to reach consensus. In the past, while sitting around the campfire or negotiating table, one could see the other parties to the negotiation and be reasonably sure of their identity. Sure, groups could collude to your detriment -- and sometimes did, for it is a powerful technique (ask any poker player for examples), but at least you knew that it took cooperation between individuals and groups, and it was easier to track. You at least had a scorecard of the players, so to speak. One of the effects of the digital revolution is that now, a single person can be multiple people at the campfire with _much_ less effort than before. This reduces the cost of collusion, and makes it more likely. I believe this is an issue that needs to be addressed, if for no other reason than to make people aware of the possibility that it might be going on. Hal Finney's recent posting on "True Names" is a valuable contribution in that it proposes a way to deal with the problem. To quote Mr. D Vader, "Do not be so proud of this technological terror you have created." The cryptographic techniques being developed today are immensely powerful. Let us hope that we are wise enough to learn how to use them well. Let us take it as read that there will be others who will foolishly use them for base ends, and spend a little extra time to ensure that it isn't so easy. From pfarrell at netcom.com Wed Oct 27 09:12:41 1993 From: pfarrell at netcom.com (Pat Farrell) Date: Wed, 27 Oct 93 09:12:41 PDT Subject: Help writing code Message-ID: <43914.pfarrell@netcom.com> Let me quickly try to clear up some confusion. I've gotten several replies (real quick response) that are answering a different question. I'm not trying to reimplement TCP/IP. I'm trying to provide a Windows version of NUpop, which is a DOS program that works fine over a simple serial line. Most folks automatically associate SMTP/POP with TCP/IP, but there is no connection. Admittedly they work better with a robust, end to end protocol. But I've been using NUpop for a year over a non-TCP/IP line. I get hundreds of messages a day. It works. But there are no sources available to NUpop, it is a DOS program, and it doesn't support piping messages thru PGP/RIPEM/... I have lots of DOS libraries that do exactly the simple things I need. I don't want to use DOS, I want native Windows code. Pat Pat Farrell Grad Student pfarrell at netcom.com Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From mpjohnso at nyx.cs.du.edu Wed Oct 27 09:12:54 1993 From: mpjohnso at nyx.cs.du.edu (Michael Johnson) Date: Wed, 27 Oct 93 09:12:54 PDT Subject: help writing code In-Reply-To: <36383.pfarrell@netcom.com> Message-ID: <9310271610.AA23350@nyx.cs.du.edu> ... > the SMTP/POP protocols. But I can't get Windows to talk reliably with a > raw async link. (I don't want to require SLIP or PPP, as lots of sites > are too clueless to offer it.) > > I need a robust communications library. It has to do as well as possible > given an inherantly inreliable link. I've bought three commercial sibraries, > and none work. ... The only way to communicate reliably over the serial port in Windows is to upgrade the UART in your serial port to a 16550AFN or equivalent. The standard UART (16450 in AT class machines) has no buffer and suffers from frequent dropouts due to data overwrite on receive. If you can't do that, then an error correcting protocol such as SLIP or PPP is required. Mike Johnson mpj at csn.org From panzer at drown.slip.andrew.cmu.edu Wed Oct 27 09:17:01 1993 From: panzer at drown.slip.andrew.cmu.edu (Panzer Boy) Date: Wed, 27 Oct 93 09:17:01 PDT Subject: the Joy of Pseudospoofing Satan In-Reply-To: <9310260239.AA07044@dink.foretune.co.jp> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On Tue, 26 Oct 1993, Robert J. Woodhead wrote: [Stuff I, panzer at drown.slip.andrew.cmu.edu, wrote about actor also being her own Agent] > Yes, she was being deceptive. No, she was not being maliciously > deceptive, as her "agentself" was merely doing the same thing that > a seperate agent would have done, being an advocate for the actor. > > The difference is that the third party _expects_ the agent to praise > the actor. In L Detweilers example, the pseudo-spoofer was using > the _lack_ of expectation to his/her advantage. Disclaimer: I have aprox 100 Cypherpunk messages to read following this one. My point was that the women still pretended to be someone else, and had a completely different personality for this Agent. She did it to be deceptive. All of L Detweiler's post have stated that he doesn't like people's abilities to pretend to be someone else. My point was that people do this all the time. Even to the extent that people act differently around others. When you talk on cypherpunks do you have the same "Personality" as when you talk to others who don't own computers? -Matt | Please get my public key if you wish (panzer at drown.slip.andrew.cmu.edu) | to verify that this message is mine. "That which can never be enforced should not be prohibited." -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLM5lxeaKxB8nktcBAQGbswQAhwHeJ7GZVDpTLkbMn8xcBhSw9SmhrwyY Iy82QIWE8rrBgTBFoLuRcPMEQYZaIwQhWDmV3yHySLYuTwnVwmAhA7Svhue8x8mX EkqsEN5AAd+Wbi8M8WnG6MWEqe12jFerKoXIHzdEx8Xd4A+jRoRQ8ieFq1EM/5cy 7zARfJXHz+w= =hBJI -----END PGP SIGNATURE----- From pfarrell at netcom.com Wed Oct 27 09:37:54 1993 From: pfarrell at netcom.com (Pat Farrell) Date: Wed, 27 Oct 93 09:37:54 PDT Subject: help writing code Message-ID: <45331.pfarrell@netcom.com> In message Wed, 27 Oct 1993 10:10:04 -0600 (MDT), mpjohnso at nyx.cs.du.edu (Michael Johnson) writes: > The only way to communicate reliably over the serial port in Windows is > to upgrade the UART in your serial port to a 16550AFN or equivalent. The > standard UART (16450 in AT class machines) has no buffer and suffers from > frequent dropouts due to data overwrite on receive. If you can't do that, > then an error correcting protocol such as SLIP or PPP is required. A 16550 is clearly a big help, but Microsoft admits that their comm.drv fails often when you are using speeds greater than 4800. I have 16550's in my PC. A step in the right direction is TurboComm, a replacement driver, but that is expensive. A hardware solution is to use an intellegent serial card, like Hayes ESP or Telcor's T/Port. An O/S solution is to use a real operating system, :-) I want a no cost, MS-Windows solution. But I think folks read too much into my use of "robust" NUpop works fine as a DOS program without end-to-end. I simply want that functionality in a Windows program. No more, no less. I'm aiming low end, the mass market with a 386sx and a 2400 modem. Folks like me with a network of PCs in their house and even cypherpunks are not my market. The English majors, history and art majors are the folks I envision when I see a "user" Pat Pat Farrell Grad Student pfarrell at netcom.com Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From kwaldman at BBN.COM Wed Oct 27 09:47:54 1993 From: kwaldman at BBN.COM (kwaldman) Date: Wed, 27 Oct 93 09:47:54 PDT Subject: Net Regs. Message-ID: <9310271646.AA21161@toad.com> In response to my reply to Duncan's *"Net Regulation" Perry wrote: >To: kwaldman >Subject: Re: Net Requlation >Date: Wed, 27 Oct 1993 09:53:47 -0400 >From: "Perry E. Metzger" >You do realize that cypherpunks is not extropians... >kwaldman says: >> Say the best way to go is to become a perpetual tourist. That is >> you don't have US citzenship and thus are not subject to it's taxes and >> other nosy laws. [Not that other government's don't have nosier laws]. >> Anyway Yes I realize it, and perhaps Perry's right we should move this to extropians. Karl * BTW I spelled Duncan's name wrong twice in 1 paragraph in my last post. Sorry. From cman at IO.COM Wed Oct 27 09:52:41 1993 From: cman at IO.COM (Douglas Barnes) Date: Wed, 27 Oct 93 09:52:41 PDT Subject: Net Requlation In-Reply-To: <9310271119.AA16228@toad.com> Message-ID: <9310271643.AA25580@illuminati.IO.COM> > > Say the best way to go is to become a perpetual tourist. That is > you don't have US citzenship and thus are not subject to it's taxes and > other nosy laws. [Not that other government's don't have nosier laws]. > Anyway > > 1. If you don't have US citzenship, how do you get a passport? (Buy > it on sale from the Czech republic or what?) This is unnecessary. Hang on to that US Passport! You may want a backup for some countries (a Canadian one is a good compliment and doesn't stretch linguistic plausibility; just say 'eh' a lot at the end of sentences. They're real good in a number of sticky situations where one might wish to put their US passport in a blender.) The US tax laws are quite lenient both legally and in terms of enforcement vis-a-vis US citizens living abroad. Consult a tax specialist or attorney for specific advice, but while living in Taiwan I knew *very* few Americans who felt they needed to file. > > 2. Where do you live? I mean I love to travel but after 3 or 4 weeks > of it I'm ready to settle down and hibernate for a long while. [Especially now > with a wife and 2 sons, I'd last about 2 days traveling :-)] Somewhere > were I don't have to get thrown in jail for thinking the wrong thoughts. > [Which given the nature of this list most of us do, except of course our > NSA monitors :-)] The Permanent Tourist idea isn't that you keep moving around, but that you settle down in a foreign country without becoming a permanent resident there (and subject to THEIR tax laws). You perform work that is paid for outside of that country, and have the funds remitted into your host country. For all intents and purposes you are a tourist drawing funds from abroad. Note that since you are, in fact, earning the money (despite your tourist visa) in your host country, you may be violating both immigration and tax laws in that country, but it's unlikely they'll do or say anything; note, however, I was deported from Taiwan because I made the mistake of working physically in a law firm there (not very common but I was turned in by an angry ex-girlfriend). Also note that it could well be within the scope of US legislation to remove existing protection for funds apparently earned from within the US, particularly if they are received from US entities. This is currently beyond the pale of cost-benefit for the IRS, because even 'hundreds of thousands' of difficult-to-enforce hard cases aren't worth the trouble. Yet. > > 3. Are the TELECOM connections there yet? I saw this weeks > Economist and it looks promising but last time I was in Europe some of > my phone connections were less than perfect. [Even parts of the US leave > something to be desired]. I personally need a good phone line > (especially if I'm hundreds of miles from my customer), and a minimum of > 56kbaud link for my computer. It depends. In Europe, I've heard moderately good things about EUnet. Even in rapidly industrializing Asia, good luck getting a phone in a reasonable period of time. In Taiwan it took three months, cost about $800 for the setup and the connection was poor. One of my clients was the Siemen's subsidiary there, the government was rapidly moving to digital switches purchased from them. As far as the net goes, good luck. In a great number of otherwise moderately pleasant countries for the PT, the telecom situation is horrendous (but often rapidly improving.) In Australia for instance, I hear tell that it is profoundly difficult in most places to get a non-government net connection. Just got a tip for one in Brisbane, but the situation remains pretty grim. In the rapidly industrializing Asian countries, if you can't lay a little guanxi or maybe a hong bao on the right folks, bag it. (Relationship or a bribe). I'm curious what the situation is in Japan these days, Mr. Woodhead? > > 4. Customer interaction. This is a problem, if you work on computer > systems that are unique or program custom software for these systems, > customer interaction is very important ( and in other areas I'm sure). > Yes email, video conferencing (expensive!) help but you either need to > be there or have very good VR (which I have yet to see, this doesn't > mean much as I haven't seen bad VR yet either). While working with various trading companies in Asia, I learned the joy of sleeplessnes, working to shift my schedule to match my target customers (for a while, mostly in South America). And this was just to sell a highly desirable *product* requiring no technical support other than a call to the neighborhood 14-year-old (Nintendo knock-offs, if you must know.) Also, while working on the AIX 3.1, I recall one series of days when I was coordinating closely with a programmer in Japan; after despairing of the phone tag, I just mapped my schedule to his so we could interact as necessary. > > > The one plus is that I believe there is still time (5-10) years > before the costs outweigh the benifits of living in the US and thus > there is time to plan things like what country to live in, which bank > to use in the channel isles and let technological advance solve some > of the bandwidth problems. > > Karl Waldman > > BTW The above shouldn't imply I disagree with Ducan's premise. In fact I Again, as a former attempted PT myself, I don't disagree with the overall desirability of Duncan's proposal, I just doubt it's going to take the government by storm. As I side note, I was talking to a friend of mine who just got a PhD from the same linguistics program I was involved with (UT), and he's having a rough time looking for work -- America and Americans, in general, are looking inward more than ever, and linguistics departments are shutting down all over the country. I think this bodes poorly for a mass-action PT movement. > have enjoyed his posts and agree with most of what he says, so I guess I should > shut up and buy some DUCAN (or whatever) on HEX. > > P.S. Ducan please post your talk after you get back from London. I will > transfer 1000 thornes to your HEX account (if you have one) > I'm curious what the heck you're talking about here. This is probably some Extropians thing, right? -- ---------------- /\ Douglas Barnes cman at illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\ From gtoal at an-teallach.com Wed Oct 27 10:02:41 1993 From: gtoal at an-teallach.com (Graham Toal) Date: Wed, 27 Oct 93 10:02:41 PDT Subject: blacknet international offers DOSSIERS for SALE Message-ID: <3776@an-teallach.com> In article <9310270231.AA02958 at tamsun.tamu.edu> remail at tamsun.tamu.edu writes: > blacknet international is pleased to offer the following materials for sale: > > DOSSIERS: on the current participants in the Cypherpunks Mailing List Flame war > > PRICES: Prices and delivery terms upon request via encrypted anonymous return > address. > > SUBJECTS: > Perry Metzger > Duncan Frissell > S. Boxx > L. Detweiler > Timothy C. May > Ray Cromwell > David Sternlight > > These are available now via PGP encrypted return anonymous mail. Yes yes, very droll. What's not so funny is that the moderator of comp.dcom.telecom appears to have taken the BlackNet joke idea for his very own, and *is* selling dossiers on people for the purposes of doing nasty things to them (as he says himself in a footnote some way down this post) Of course, I'd like to discuss this in comp.dcom.telecom, but I'm persona non grata there nowadays... From an41418 at anon.penet.fi Wed Oct 27 10:27:55 1993 From: an41418 at anon.penet.fi (wonderer) Date: Wed, 27 Oct 93 10:27:55 PDT Subject: My key Message-ID: <9310271725.AA18537@anon.penet.fi> As Hal Finney suggests, a pseudonym is a key. Others have also inquired about my key, so I made one. However, posting it to the group makes no sense because if this message were a forgery, then someone could pose as me. Strange, the idea of someone posing as someone else's pseudonym. Anyway, send me e-mail if you want my public key, and I'll send it to you. Wonderer P.S. Silly pgp question: When I type pgp -sa file -u wonderer I produce an entire pgp message. How do I make a shorter signature that is a hash of my message? ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From habs at panix.com Wed Oct 27 10:32:40 1993 From: habs at panix.com (Harry Shapiro) Date: Wed, 27 Oct 93 10:32:40 PDT Subject: anti-social behavior In-Reply-To: <9310271403.AA26452@snark.lehman.com> Message-ID: <199310271731.AA16748@panix.com> a conscious being, Perry E. Metzger wrote: > > > T. William Wells says: > > wrote: > > : In context it was obviously a joke, lighten up. > > > > You are lying. You wrote that for the explicit purpose of causing > > pain. Your *obvious* intent was to say something upsetting and > So he intended to cause pain? Big deal. I'm beginning to believe the > book "I'm Disfunctional, You're Disfunctional": it concludes that > people involved in the recovery movement are generally doing the > opposite. > > I'm the sort of guy who gets flamed constantly. I've been called the > worst possible things. Hasn't hurt me or crippled me. Calling people > names is stupid, but individuals who can't take being called names are > emotional cripples. Perry is very right here, imho. If Ray was your wife or a co-worker, or in someway had a formal relationship with you it might be an issue. 1) I think it was a joke, but 2) Even if it wasn't you are letting him push your "buttons." -- Harry S. Hawk habs at extropy.org Electronic Communications Officer, Extropy Institute Inc. The Extropians Mailing List, Since 1991 EXTROPY -- A measure of intelligence, information, energy, vitality, experience, diversity, opportunity, and growth. EXTROPIANISM -- The philosophy that seeks to increase extropy. From jamie at netcom.com Wed Oct 27 11:02:40 1993 From: jamie at netcom.com (Jamie Dinkelacker) Date: Wed, 27 Oct 93 11:02:40 PDT Subject: My Views on the Detweiler Matter Message-ID: <9310271717.AA00817@netcom.netcom.com> Cypheroids and Cypherettes, The eventual recognition that names are symbol strings and not their referents is akin to the realization that the map not being the terrrtory. Yep, sometimes we just keep learning the same old lesson. The Detweiler/Boxx rants have the flavor of a reformed alcoholic distrupting the champagne toast at a wedding, selfishly driven by their world view and utterly unaware of the social dynamics around them. But aside from the rantings, pleas for TrueNameUtopia in CypherSociety, and threats, I sense something else. Take your pick of remark -- "thou doth protesteth too much," or "where there's smoke there's fire," or ... . Seems to me that the essential raison d'etre of L.Detweiler and S.Boxx (and even sometimes The SternLight himself) is purposive to distract c'punks from "writing code" or essays or having fun. This is basic motivated deception used in sports, business and the military ... get the opponent to do something else ... Here's one interpretation: if c'punks weren't pushing the envelope in creating both tools and understanding for things like cryptography, anonymous remailers and digital cash, nor pushing the social bounds through BlackNet, Nyms, Sam Hill, and May's CryptoAnarchy, the Detweiler nonsense wouldn't have emerged. A nerve has been struck; and this seems, in the big picture, to be A Good Thing. I've no doubt that to the true statists, fascists and communists, we are their vision of hell. On the other side of this, they will no longer be the only ones to hide behind anomynity, pull their secret strings, and pronounce agents of change as Evil Incarnate. We stand at the threshold of a new world, in large part to be enabled by cryptography. As "The Net" expands, dark fiber becomes illuminated, online markets flourish and the like, cryptography will be key for economic survival, and it will be in the hands (or machines) of The People, not The State. If such great progress wasn't being made toward providing for personal privacy, the L.Detweiler-Boxxs of the Net would be ranting about something else. So each rant underscores how significant the progress in cryptography is becoming; and it will become more so. In a nutshell, three cheers for c'punks. -- ................................ Jamie Dinkelacker Palo Alto CA Jamie at netcom.com 415.941.4782 From frissell at panix.com Wed Oct 27 11:17:55 1993 From: frissell at panix.com (Duncan Frissell) Date: Wed, 27 Oct 93 11:17:55 PDT Subject: Net Regs. Message-ID: <199310271815.AA27525@panix.com> K > Yes I realize it, and perhaps Perry's right we should move this K >to extropians. No one has complained to *me* yet. I thought this a cpherpunks issue because it deals with the *Physical* Layer which is just as important a part of the ISO reference model as any other. We have to deal with questions of the interface between some of our technology and the world. Duncan Frissell Free Reference Model mnemonic. Read from the bottom up: Anarchists Communists or Socialists <--- I know they've renamed this but that's the way Trust I first saw it. Never Departments Police Applications Communications System Transport Network Data Link Physical --- WinQwk 2.0b#1165 From jc138696 at longs.lance.colostate.edu Wed Oct 27 11:47:56 1993 From: jc138696 at longs.lance.colostate.edu (jc138696 at longs.lance.colostate.edu) Date: Wed, 27 Oct 93 11:47:56 PDT Subject: subscribe Message-ID: <9310271844.AA08760@longs.lance.colostate.edu> How do I subscribe? thank you. From e0004353 at oxford-brookes.ac.uk Wed Oct 27 11:57:56 1993 From: e0004353 at oxford-brookes.ac.uk (carugo o) Date: Wed, 27 Oct 93 11:57:56 PDT Subject: Watch out for carl@com.malamud.t Message-ID: <25106.9310271855@csmail.brookes.ac.uk> He is a neg!!! e0004353 at brookes.uk.ac ps i wrote the introductory piece on myself!! From lazlo at triton.unm.edu Wed Oct 27 11:59:22 1993 From: lazlo at triton.unm.edu (Lazlo Nibble) Date: Wed, 27 Oct 93 11:59:22 PDT Subject: blacknet international offers DOSSIERS for SALE In-Reply-To: <3776@an-teallach.com> Message-ID: <9310271854.AA27425@triton.unm.edu> > What's not so funny is that the moderator of comp.dcom.telecom appears to > have taken the BlackNet joke idea for his very own, and *is* selling > dossiers on people for the purposes of doing nasty things to them... While I'm sure he enjoys the extra income, Townson's made it clear that a large part of his motivation in setting up the Digital Detective thing is to shove it in peoples' faces just how easy it is to get that kind of information. Surely this old news. -- Lazlo (lazlo at unm.edu) From e0004353 at oxford-brookes.ac.uk Wed Oct 27 12:00:59 1993 From: e0004353 at oxford-brookes.ac.uk (carugo o) Date: Wed, 27 Oct 93 12:00:59 PDT Subject: New arrival. Message-ID: <24895.9310271843@csmail.brookes.ac.uk> Yes, Ia m here weird, strong, and full willingness to learn. If you want to know what I am like think of a rhino with his turbo charged bulldozer flatening the field of complacent cows. Yes that his me captain spineless- people- crusher. Is there any recommended literature as regards the cypherpunks dark and dangerous world. I love high electronic finance. I have been looking at the takeover battle for paramount.. What these bloody harvard mba managers don't seem to realise is that if all internet factions got together we could outbid any takover offer.. Now that is corporate bucks!!! Does anybody write to vice president gore or cher clinton. BTW who is your local net.god? I am very serious on one hand buit sucha good sport on the other. I am also logged onto bras-net and I must say these Phd Brasilians are something else. It is a big fight on how corruption money should be distributed to them and god is there or not, I was thought he abandoned human king=d the day he saw how bloody ugly eve was and went on to better world with full of social security, plenty of computer wizz kids and other such lovely mechanical inventions. I would love to get onto angel at heaven.sky Wacky or what!! are there any invesment bankers on line ? I hope so, since I have become an old hand in Latin american investment. I get calls from investors at all times in my dreams. well, I am still here writing.... I am doing my personal research on the future of commerce on the internet?! Opinions. Would you want adverts being pourred down your screen all day?? I have to go for now. I will hate and love this club. Bye form the wacky man!!! From bill at twwells.com Wed Oct 27 12:12:41 1993 From: bill at twwells.com (T. William Wells) Date: Wed, 27 Oct 93 12:12:41 PDT Subject: I'm leaving cypherpunks Message-ID: A few things before I go. If you have any replies you want me to see, you'll have to send them via private mail, since I no longer get the list. This includes replies to my recent set of posts. I was asked how to participate in the sexual abuse newsgroup. That newsgroup is a standard Usenet-style newsgroup in the altnet. You may not have it at your server because it has the dreaded s-- infix. Explaining to your admin that the group is not a porno group might get the group. If you want the group but, for one reason or another don't care to ask your admin, you can write me and I'll ask (without mentioning your name). Alternately, I can send it to you via e-mail; it's fairly high volume, though, running perhaps 50-60 messages a day. You can post through one of the anonymous servers. Send to anon-help at twwells.com for info on how to use mine. Some of you may wonder why I'm leaving cypherpunks. Rjc seems like a minor provocation, in comparison to Detweiler and some of the lesser lights here. That's true and rjc is not why I'm leaving. I'm a firm believer in the right to privacy. And to the right to possess and appropriately use the tools needed to secure it. That much, I support the cypherpunks goal. However, I also believe that this Brave New World of ours can go in more than one way. It may become a dystopia in which people like rjc, and their more powerful brethren, set the terms and tone, or it may approach a utopia that enables its participants to make the most of what they have. We here at the beginning will make that choice. We'll do it *by* *our* *actions*. Either we will choose to form a true _society_ of privacy or we will permit cyberspace to descend into a war of all against all. *We* choose. We choose with each of our actions. Is this action based on a fundamental respect for others or is it based on a desire for self-aggrandizement? Does it further the end of healthy, human interaction or is it destructive in nature and intent? But as important as these individual contributions are, more important is the attitude that is taken towards them. Are acts such as rjc's considered acceptable behavior, to be tolerated with all other sorts of behavior, or are they to be censured and, where appropriate, censored? In an uncontrolled environment, there is little that can be done to further an appropriate attitude. One can reinforce the good and censure the bad. And hope. In a controlled environment, such as cypherpunks, those who control the list have the final say. The excess of noise on this can be *directly* traced to the list owner's choice to not control its content. Rjc's ability to abuse another *and to continue the abuse* is a direct consequence of the owner's policies. These facts are, by themselves, offensive but would be, barely, tolerable. However, their consequences are not. Their consequences are a furthering of the ends of people like rjc, a society in which might makes right, and in which the potentials of others are stifled by the hostility of those who prefer to rule rather than grow. And this I cannot support. Nor do I care to be associated with a group that, intentionally or not, supports this. *This* is why I'm leaving cypherpunks. Privacy is a *social* phenomenon, not a technical one. There is no sense in creating tools for privacy unless one also works for a society in which the deployment of these tools makes sense. One final thing before I go. I could set up a list on my machine (not on the Internet but I connect fairly frequently because of my server) with policies that address these issues, with the side effect of dramatically improving the signal-to-noise ratio. If this is of potential interest to you, let me know. If there is sufficient interest I'll draw up a formal policy. If enough people then say they'll sign up, I'll create the list. From jdblair at nextsrv.cas.muohio.EDU Wed Oct 27 12:17:56 1993 From: jdblair at nextsrv.cas.muohio.EDU (jdblair at nextsrv.cas.muohio.EDU) Date: Wed, 27 Oct 93 12:17:56 PDT Subject: my sad observations... Message-ID: <9310271936.AA04768@ nextsrv.cas.muohio.EDU > I have followed the cypherpunk list for about 9 months now, and I have learned A LOT directly from it. I have rarely posted, just read the material as it appeared, learning from what I was able to without getting lost in equations. There is always a certain amount of noise to useful signal from any information source, although over the past month the signal to noise ratio on Cypherpunks has become almost intolerable. I now read few of the messages, just sifting out what I hope will be useful to me from the subject headings. If any of you are able to read ALL of the posts, and keep up the rest of your work, I commend you. Perhaps the current state is a symptom of growing popularity. Since it has always appeared to me that the point of the list was to disseminate information on cryptography, and provide a discussion point for those interested in spreading the use of cryptography, growing popularity would seem to be a signal of success. However, I miss the state of the list last April, when every time I checked it I felt like I learned something new about cryptography. Perhaps those with little to say, that seem to be posting just to cause trouble or to be heard, would better serve the group if they faded out for a while now, and just watched until they were ready to say something useful. I do not wish to flame anyone in particular, or to start a flame war, just point out (probably for the nth time) what is a growing problem. If any new listeners are interested, I have an archive of the postings which I found interesting, or seemed like they would be useful. I do not pretend that it is the definitive cypherpunk archive, especially since there is a 2.5 month gap for the summer when I was living out of my pack in the Sangre De Christo Mtns. If you want a copy, e-mail me. Please put "archive request" in the subject header. For intro. information, the Cryptography FAQ, posted on sci.crypt was very helpful for me. This posting has now gotten too large, and is perhaps guilty of the problem I am addressing. For this, I apoligize. code on, -john. ----------------------------------------------------------------------------- John Blair |Fertilize your garden with dirt, compost, jdblair at nextsrv.cas.muohio.edu |old magazines, Apple II logic boards, obsolete PGP Key available upon request |software, forgotten video images, rusty cans, |canceled stamps, love, hate, and desire. |Wait untill spring, and see what comes up. From e0004353 at oxford-brookes.ac.uk Wed Oct 27 12:52:40 1993 From: e0004353 at oxford-brookes.ac.uk (carugo o) Date: Wed, 27 Oct 93 12:52:40 PDT Subject: Electronic fraud/and creditors abay. Message-ID: <26024.9310271951@csmail.brookes.ac.uk> Yes Firstly hallo fellow punks. Yes you tell me about electronic fraud and Iw ould like to know are there any of you out there how are good at keeping creditors at bay, eg phone companies etc. Trump can you hear me? Bye Mephisto e0004353 at brookes.uk.ac From frissell at panix.com Wed Oct 27 13:22:41 1993 From: frissell at panix.com (Duncan Frissell) Date: Wed, 27 Oct 93 13:22:41 PDT Subject: Net Regs. In-Reply-To: <199310271815.AA27525@panix.com> Message-ID: On Wed, 27 Oct 1993, Duncan Frissell wrote: > Applications > Communications > System <---- Or is that the Session layer? Oh well no > Transport mnemonic is better than the brain that uses it. > Network > Data Link > Physical > DCF From newsham at wiliki.eng.hawaii.edu Wed Oct 27 13:22:57 1993 From: newsham at wiliki.eng.hawaii.edu (Timothy Newsham) Date: Wed, 27 Oct 93 13:22:57 PDT Subject: Privacy/pseudonyms/etc.. Message-ID: <9310272020.AA24628@toad.com> Hi, I have been on this list lately. I have seen all sorts of diversions from "normal" cypherpunk discussion. None has been as big as this discussion on psuedonyms and "pseudospoofing". I always thought that this list was made up of people who already believed that privacy was a good thing and that it should be persued by writing cryptographic software that enforced that privacy. There are newsgroups for debating various features of privacy, I think one of them is called alt.privacy or something equally obvious. I know the discussions are pretinent to the code that we write but I dont believe they belong on this list. If I wanted to discuss the ups and downs of giving everybody privacy I would read the appropriate lists. Tim N. From pmetzger at lehman.com Wed Oct 27 13:32:40 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Wed, 27 Oct 93 13:32:40 PDT Subject: Electronic fraud/and creditors abay. In-Reply-To: <26024.9310271951@csmail.brookes.ac.uk> Message-ID: <9310272032.AA26860@snark.lehman.com> It appears another perversion has been released in the high beyond. Remain calm. carugo o says: > Yes > Firstly hallo fellow punks. > > > Yes you tell me about electronic fraud and Iw ould like to know are there any > of you out there how are good at keeping creditors at bay, eg phone companies > etc. Trump can you hear me? > > Bye > > Mephisto > e0004353 at brookes.uk.ac From frissell at panix.com Wed Oct 27 13:32:57 1993 From: frissell at panix.com (Duncan Frissell) Date: Wed, 27 Oct 93 13:32:57 PDT Subject: Net Requlation Message-ID: <199310272030.AA17905@panix.com> K >1. If you don't have US citizenship, how do you get a passport? (Buy K >it on sale from the Czech republic or what?) Actually, the Dominican Republic is better. You don't really need to change citizenship unless you are from a country that restricts foreign travel by citizens. Picking up a *second* passport is always a good idea, however, and the US has recently changed its regs to permit its nationals to seek naturalisation in other countries without renouncing US citizenship. K >2. Where do you live? I mean I love to travel but after 3 or 4 K >weeks of it I'm ready to settle down and hibernate for a long while. K >[Especially now with a wife and 2 sons, I'd last about 2 days traveling K > :-)] Somewhere As someone pointed out, you need not travel much just be in a country where you are not a citizen. K >3. Are the TELECOM connections there yet? Slowly but surely. Switzerland is good these days. Expense is the main problem. If the Anglo-Saxon conspiracy wins the battle of network non-design (as it seems sure to do) everyone in the OECD will soon have cheap telcoms. K >4. Customer interaction. This is a problem, if you work on computer K >systems that are unique or program custom software for these systems, K >customer interaction is very important If you have the customer in the first place, you can make visits without too much problem. Marketing is more difficult. Slow-scan video for everyone over the nets is close. Things to keep in mind... I don't expect that very many people will use cryptography, anonymous remailers, DC nets, etc to become PTs or virtual expatriates but these tools will have a marginal (meaning "edge" not "small") effect on the process of institutional transformation. The nets themselves are the critical device for weakening national controls. They will sweep aside labor regulations, financial regulations and a host of restraints that keep people poorer than they need be. Oops! Sorry about that. Too much time spent on alt.politics.economics... Duncan Frissell --- WinQwk 2.0b#1165 From owen at autodesk.com Wed Oct 27 13:37:57 1993 From: owen at autodesk.com (D. Owen Rowley) Date: Wed, 27 Oct 93 13:37:57 PDT Subject: My Views on the Detweiler Matter Message-ID: <9310271952.AA04862@lux.YP.acad> >From: tcmay at netcom.netcom.com (Timothy C. May) > >It's sad. I told you so. By the way, my analysis of this turn of events is that this is a huge guerilla ontology experiment, that was spurred on by my original postings regarding the issue of psychopathic personalitys, and the parameters of pathological aspects of privacy. Good job guys. :-) LUX ./. owen ( A legend in his own mind) From mdiehl at triton.unm.edu Wed Oct 27 14:32:41 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 27 Oct 93 14:32:41 PDT Subject: Net Regs. In-Reply-To: <199310271815.AA27525@panix.com> Message-ID: <9310272124.AA07553@triton.unm.edu> According to Duncan Frissell: > > K > Yes I realize it, and perhaps Perry's right we should move this > K >to extropians. Well, I'm just beginning to get interested in this thread. Please keep it here at least for a while. Thanx. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From ajw at Think.COM Wed Oct 27 14:38:01 1993 From: ajw at Think.COM (Andy Wilson) Date: Wed, 27 Oct 93 14:38:01 PDT Subject: : a desperate please In-Reply-To: Message-ID: <9310272133.AA08185@custard.think.com> Date: Tue, 26 Oct 1993 14:46:56 -0700 (PDT) From: Arthur Chandler [...] Isn't it tough enough to build up a rep under our real names? What is the point to using a pseudonym? I can think of some bad reasons; but I can't come up with any good ones, except for "fun" and "just to see what it feels like to put out opinions not my own." I'm sure I'm missing the point; so, before you jump on me as a Clueless Newbie, can you run by the reasons why you want to have alternate personas on the NET? Here's an example: you're a rock star, but your rock star identity is a pseudonymous one, so you can function as a normal person in your true name identity. When you are a celebrity your life becomes limited because of people's reactions. There will certainly be cyberspatial equivalents of celebrities. Another scenario: if you develop some notoriety in a certain field, it may affect how your work in another field is received. Say, for example you are a dominatrix and a composer of church music, and you love to do both. So you have separate identities for each. It could also be instructive to have a cyberspatial pseudonymous identity that is of a different gender, race, species, etc. Andy From hugh at ecotone.toad.com Wed Oct 27 14:42:40 1993 From: hugh at ecotone.toad.com (Hugh Daniel) Date: Wed, 27 Oct 93 14:42:40 PDT Subject: My key In-Reply-To: <9310271725.AA18537@anon.penet.fi> Message-ID: <9310272135.AA24409@ ecotone.toad.com> I think you miss the point of Public Key Crypto. The idea is that you CAN publish your public key, to one and all. Then when you sign a post with your private key (and do work hard to keep that key private!), then anyone can verify that _you_ (in the guies of your public/private key pair) wrote the message. No one else can sign a message such that _your_ public key will decrypt the sig in a valid way, unless you have let your private key leek out. This is the whole wonderful idea that make Public Key crypto so wonderful. You are createing a strong and valued Psudonym, and signing your messages will only make it stronger! Then there is no way to really spoof a message from 'Wonderer', as you will be ('Wonderer'*KEY) and a solid nym-citizen. Make sence? ||ugh Daniel hugh at toad.com From chrome at jhunix.hcf.jhu.edu Wed Oct 27 14:52:40 1993 From: chrome at jhunix.hcf.jhu.edu (Alexander Reynolds) Date: Wed, 27 Oct 93 14:52:40 PDT Subject: Goodbye Message-ID: I'm outta here. One last note, I learned a bit of crypt from this forum, and to those who posted crypt stuff: thanks a lot. Naturally I'm not so appreciative of the flames. Some people on this forum could use a maturity change from diapers to underwear, seriously. What is the attitude problem here? The members of this forum should look at the elitism which spews out only all too frequently. It could place the general ideal of anonymous crypt out of business with all the pointless bickering. Rjc: you wanted to debate, and called me a coward if I didn't. I am still waiting... Perry: dude, I'm speechless. Ok, see you all. Thanks for everything. Alex Reynolds From unicorn at access.digex.net Wed Oct 27 15:22:40 1993 From: unicorn at access.digex.net (Dark) Date: Wed, 27 Oct 93 15:22:40 PDT Subject: Net Requlation Message-ID: <199310272219.AA09423@access.digex.net> -> kwaldman at bbn.con says: Say the best way to go is to become a perpetual tourist. That is you don't have US citzenship and thus are not subject to it's taxes and other nosy laws. [Not that other government's don't have nosier laws]. Anyway 1. If you don't have US citzenship, how do you get a passport? (Buy it on sale from the Czech republic or what?) Passports from many nations are available for real basic requirements. By your use of the language "Perpetual Traveler" I assume you're talking about the SCOPE international (i.e. Dr. W. G. Hill) materials. The concept is this: States like Liechtenstein (My home country) Thailand, Lebaon, Luxembourg, Italy (the list goes on) are fairly easy to obtain passports from. Many countries issue "passports" that are seperate from actual citizenship. If you thus hold several passports, and maintain residence for (say 6 months) a period of time, you are a perpetual traveller, and not subject to taxation, military service, prosecution, death .... All the usual. Snake oil, it cures what ails ya. The problem is that is doesn't quite work this way. What ole DOC Hill is saying isn't exactally unture, but it is misleading. -> kwaldman at bbn.com : 1. If you don't have US citzenship, how do you get a passport? (Buy it on sale from the Czech republic or what?) <- Well, in many countries, Liechtenstein a prime example, a sizeable investment employing a certain amount of citizens is enough to "buy" you a passport. Other channels (less up front) exist. A sizeable account in (the prince's bank) can get you a passport as well. -> kwaldman : 2. Where do you live? I mean I love to travel but after 3 or 4 weeks of it I'm ready to settle down and hibernate for a long while. [Especially now with a wife and 2 sons, I'd last about 2 days traveling :-)] Somewhere were I don't have to get thrown in jail for thinking the wrong thoughts. [Which given the nature of this list most of us do, except of course our NSA monitors :-)] <- The concept is that you maintain several residences and spend time in each. Expense is obviously a problem. -> kwaldmaan : 3. Are the TELECOM connections there yet? I saw this weeks Economist and it looks promising but last time I was in Europe some of my phone connections were less than perfect. [Even parts of the US leave something to be desired]. I personally need a good phone line (especially if I'm hundreds of miles from my customer), and a minimum of 56kbaud link for my computer. <- This is a case by case basis. Germany is pretty good, but on the whole things are worse than the U.S. -> kwaldman : 4. Customer interaction. This is a problem, if you work on computer systems that are unique or program custom software for these systems, customer interaction is very important ( and in other areas I'm sure). Yes email, video conferencing (expensive!) help but you either need to be there or have very good VR (which I have yet to see, this doesn't mean much as I haven't seen bad VR yet either). <- Expense is going to be the key problem in general in any kind of tax exile situation. You're going to need to have the kind of business that can\ be run from anywhere without much need for local. This is difficult in Europe in general, but obviously it depends on your exact location and the nature of your business. Some might argue that the proximity of nations makes for less travel expense in general and nullfies the cost of video conferencing etc.... Again, specifics and your mileage may vary. -> kwaldman : The one plus is that I believe there is still time (5-10) years before the costs outweigh the benifits of living in the US and thus there is time to plan things like what country to live in, which bank to use in the channel isles and let technological advance solve some of the bandwidth problems. Karl Waldman <- I tend to agree with your assesment here. If the current trend to centralized power continues, I'm going to head home myself. It's much nicer to be a powerholder in a partially socialized nation than a power seeker. The biggest problem is much as you put it. The international data concerns are much greater in Europe, and it is expensive to estlablish an alternative residence and citizenship. General comments: When you refer to not having U.S. citizenship, and being a perpetual tourist, are you refering to not holding ANY citizenship? or just one other than U.S.? There is a distinct difference between being stateless and a perpetual tourist. You might consider that the U.S. has a fairly low taxation rate compared to other nations, especially the European nations that provide extensive social programs. Many nations will not allow you to dissove your nationality without consent. See Generally, Convention on Certain Questions Relating to Conflict of Nationality Laws (1930). See Also, Esphahanian v. Bank Tejarat, AWD 31-157-2 (1983), 77 AJIL 646 (1983). Some nationalities are not often recognized when they are percieved to be for tax purposes (Liechtenstein has had this problem with the U.S. for years) Cypherpunk hitch: When indeed crypto is regulated, and if privacy degrades to the point in the U.S. where it's not worth staying here anymore, where will you go and how? Personally I love the fact that I hold two passports and money abroad. Privacy is a lot easier to maintain as such. -uni- (Dark) From huntting at glarp.com Wed Oct 27 16:02:42 1993 From: huntting at glarp.com (Brad Huntting) Date: Wed, 27 Oct 93 16:02:42 PDT Subject: Security of PGP private keys In-Reply-To: <15013.9310271454@s5.sys.uea.ac.uk> Message-ID: <199310272223.AA02694@misc.glarp.com> > PGP secret keys are protected by a password. Yet people have said that one > should not keep one's secret keyring on an insecure machine. Why? Passwords are often guessable. brad From sameer at uclink.berkeley.edu Wed Oct 27 16:58:03 1993 From: sameer at uclink.berkeley.edu (Sameer) Date: Wed, 27 Oct 93 16:58:03 PDT Subject: Detweiler and his digital signature Message-ID: Has anyone seen L. Detweiler post a *SIGNED* message, using a *TRUSTED* public key, on this psuedospoofing matter? While I don't know L. Detweiler, I feel that there's reason to believe that L. Detweiler might be undergoing an attack of a spoofer/account-breakin who wants to discredit him. I can't see how someone who wrote an anonymity/privacy FAQ (I haven't read that FAQ, so I can't say whether its a *good* FAQ or not) could turn so irrational and paranoid. It's possible, but until it's proven to me, with a trusted key, that *L. Detweiler* has been saying these things, I'm going to assume that he hasn't, and ignore further posts by an unsigned L. Detweiler. From janzen at idacom.hp.com Wed Oct 27 17:18:02 1993 From: janzen at idacom.hp.com (Martin Janzen) Date: Wed, 27 Oct 93 17:18:02 PDT Subject: help/subscribe In-Reply-To: <9310262207.AA05658@banff.procase.com> Message-ID: <9310280017.AA06037@loki.idacom.hp.com> Paul Baclace writes: >>It seems I perpetrated a vile and offensive error in sending a subscribe >>request directly to the list. > >I don't get offended, I just save the subscribe/unsubscribe message >in a special folder that I will use to train a learning algorithm >to recognize these kinds of requests. [...] >If anyone has suggestions for implementation that maximizes applicability >(e.g., I could write a C program that reads stdin or a named file and >returns a status code), please let me know. Since you mention stdin, I assume you're running UNIX. In that case, it's very easy to do this using awk; no C programming required. To try this out, create a small awk program called subscribe.awk, which contains one regular expression per "flavor" of subscribe request. The command in braces is executed if a match for that regexp is found: /[Pp]lease subscribe me/ {exit 1} /[Aa]d me to the/ {exit 1} /How .* subscribe/ {exit 1} [etc.] Create or capture a suitable example message. To test it: % awk -f subscribe.awk subscribe_message; echo $status 1 % awk -f subscribe.awk other_message; echo $status 0 Or, you can use awk as a filter: % cat subscribe_message | awk -f subscribe.awk ; echo $status 1 % cat other_message | awk -f subscribe.awk ; echo $status 0 Now, just wrap it in a shell script which responds with an appropriate message (you can of course have subscribe.awk return a different exit code depending on which regular expression is matched), and call the shell script from your $HOME/.forward file, mail filter, or whatever. -- Martin Janzen janzen at idacom.hp.com From kinney at ucsu.Colorado.EDU Wed Oct 27 18:22:41 1993 From: kinney at ucsu.Colorado.EDU (W. Kinney) Date: Wed, 27 Oct 93 18:22:41 PDT Subject: I'm leaving cypherpunks Message-ID: <199310280013.AA29113@ucsu.Colorado.EDU> -----BEGIN PGP SIGNED MESSAGE----- I know I'm just a silly lurker, but I couldn't help but comment on this one... T. William Wells writes: > Privacy is a *social* phenomenon, not a technical one. There is > no sense in creating tools for privacy unless one also works for > a society in which the deployment of these tools makes sense. I don't agree with everything that Bill said, but this here really hits the mark. And the place where the social agenda of the cypherpunks is most truly reflected is in how people interact with each other on the list. I find it incredibly ironic that Bill Wells, not too long ago, got roundly pasted by Detweiler over his practice of keeping track of True Names on ASAR, and wrote convincinly in defense of his policies to the 'punks. I dropped him some e-mail at the time to tell him that there were actually quite a few level heads around here, and that it seemed to me that the 'punks and ASAR were natural allies. Here is this guy running an anon service on the net that actually means something vital to a lot of people who don't have much in their lives that they feel they CAN count on, and running it well. Here's a place where all this lovely talk could be put to use where it counts. I don't have the expertise to do the kind of things this guy needs, but I've been reading ASAR frequently of late -- all of you should be too, and thinking about what anonymity is doing for the people who post there. He got absolutely zip out of his association with the cypherpunks. And we all passed up a terrific opportunity to be of real use to the world. Or hasn't that occurred to anyone but me? Good job, folks. And Bill, sorry to see you go. -- Will -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLM64fffv4TpIg2PxAQE8kwP7BnKx/CEHl3fjf4VuxcnElHJLmBcZVPuY ad3C7bDFmn2fyiao2FcklRD6uo3/NE7Gh1lvxQmKa8c5OtL2PJcUU/5J5IR+w+I2 o5xOhVdcK8RxqiTP0CZFJ0PeJLn7r7JyC40OgN//eBqidUU8mBWV2uA8A4EP91yB vO2Z0LSwpSE= =LGMg -----END PGP SIGNATURE----- From mdiehl at triton.unm.edu Wed Oct 27 18:32:41 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 27 Oct 93 18:32:41 PDT Subject: help/subscribe In-Reply-To: <9310280017.AA06037@loki.idacom.hp.com> Message-ID: <9310280131.AA22048@triton.unm.edu> According to Martin Janzen: > > Since you mention stdin, I assume you're running UNIX. In that case, it's > very easy to do this using awk; no C programming required. > > > Now, just wrap it in a shell script which responds with an appropriate > message (you can of course have subscribe.awk return a different exit > code depending on which regular expression is matched), and call the > shell script from your $HOME/.forward file, mail filter, or whatever. Gak! Use procmail! I'm working on such a beast now. You can use regular expressions and it gets executed when you get the email. Even better, you never have to see the incoming message if you don't want to. my $.02 J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From honey at citi.umich.edu Wed Oct 27 19:18:04 1993 From: honey at citi.umich.edu (peter honeyman) Date: Wed, 27 Oct 93 19:18:04 PDT Subject: I'm leaving cypherpunks Message-ID: <9310280214.AA00552@toad.com> t.w., i guess you're unfamiliar with sturgeon's law. as for your new, improved cpunx list, count me out. i like cpunx the way it is: uncontrolled. peter From ferguson at icm1.icp.net Wed Oct 27 19:38:05 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Wed, 27 Oct 93 19:38:05 PDT Subject: Chaos - A noun we can live with In-Reply-To: <9310280214.AA00552@toad.com> Message-ID: <9310280336.AA03422@icm1.icp.net> > i like cpunx the way it is: uncontrolled. Ditto. From msattler at netcom.com Wed Oct 27 20:58:04 1993 From: msattler at netcom.com (Michael Sattler) Date: Wed, 27 Oct 93 20:58:04 PDT Subject: blacknet international offers DOSSIERS for SALE Message-ID: <9310280355.AA18327@netcom.netcom.com> >...and *is* selling dossiers on people... I just don't get what the big deal is, he seems to be providing info that's publically available but not trivial to get. I'm a computer consultant; that's exactly what *I* do to pay the bills. ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 621-2903 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From msattler at netcom.com Wed Oct 27 22:38:04 1993 From: msattler at netcom.com (Michael Sattler) Date: Wed, 27 Oct 93 22:38:04 PDT Subject: Codes, ciphers, and ham radio Message-ID: <9310280538.AA01217@netcom.netcom.com> And now for something different regarding crypto: In studying for my FCC Technician's license I ran across FCC 97.113 (Sub-part 113 of Part 97 of Title 47 Code of Federal Regulations), which prohibits the use of codes or ciphers to obscure the meaning of a message. Besides preventing me from using Pig Latin in voice communications, this *seems* to prohibit the use of any deliberate encryption (as opposed to compression) of data transmitted via radio, such as the computer packet -> radio -> Internet gateways. The data highway may be encryption-tolerant today, but the off-ramps are murder. :-) M ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 621-2903 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From fnerd at smds.com Wed Oct 27 22:39:39 1993 From: fnerd at smds.com (FutureNerd Steve Witham) Date: Wed, 27 Oct 93 22:39:39 PDT Subject: I'm leaving cypherpunks Message-ID: <9310280251.AA26446@smds.com> ------BEGIN PGP SIGNED MESSAGE------ Mr. Wells-- Goodbye, best wishes. I'm guessing, but I think you're making a mistake in leaving, both for yourself and about us. We are not being irresponsible. We have a different, serious, view of how the world should be made into a good place. We can only "set the tone," as you say, if what we are saying is founded in truth and competence. The personal part of this letter continues after the philosophy. - -----BEGIN PHILOSOPHY------ There are tools available to protect privacy, and protect ourselves, that don't require much cooperation of others. People should adopt these tools, and also methods, habits, knowledge and attitudes. One good attitude is a basic awareness and self-responsibility. One is that insults and taunts are only words. Yes, on a personal level, in a group of friends, in a society that is still basically functioning, there are many important issues of how people should treat each other, and how a good environment should be established. But cypherpunks is addressing, and experimenting with, a more basic, raw level of things. The technical and nasty issues are every bit as urgent as the personal and ideal ones, and we constantly need to (and try to) relate them. It's bad to ask social conventions of niceness to take over jobs that people should--have to--take care of consciously for themselves. It distributes responsibilities and burdons unfairly. It is unwise in that it won't work. It seems to give play to a kind of self-delusion. And to recommend it as a course to others is to send the sheep to feed the wolves. It's to hang on to a picture of society with a false happy-face front that's crumpling behind--for all of us. There's a basic level of self-protection that people have to take care of for themselves, or higher-level social goals don't have a chance. People not protecting themselves actually increase harmful activities--besides small criminals there are whole industries of parasitism--*because* people feed them in sheepish trust. We're not talking guns or martial arts here, just purely protective things like crypto and a little dose of reality. A realistic sense of what neighborhood one is walking in, for instance. Like the cypherpunks neighborhood. Here we're trying to experiment, get a sense of the worst of what could happen, imagine ways of dealing with it. And we've been openly like this since we started. Here is how I see the situation with Detweiler: I sympathize with his pain (to the extent I can follow it). I try to be friendly to him. There have been others offering support who he could have talked with instead of the people he picked fights with. Some people shouldn't have been so nasty to him. But he should have gotten a reality check a long time ago about how rough we play here--it's not very rough!! There's no way we could have been expected to know that he wouldn't, and it is not our responsibility to police each other into treating him supportively. That doesn't mean we are building an unsupportive, hostile world. We are playing worst-case-scenario with each other just so that we can have a world that is not like that. You construe the list owners' *allowing* rjc to continue posting to be *condoning* it. That's a bad thought path. To suggest that they step in, in the kind of matter we're talking about, is not a good model for how a world should be run, and it's egregious in terms of the atmosphere we want in our own group. > In an uncontrolled environment, there is little that can be done > to further an appropriate attitude. One can reinforce the good > and censure the bad. And hope. (And give people tools, knowledge, and ideas to protect themselves. And develop methods that actively shrink the opportunities for bad behavior.) Cypherpunks is purposely a model of an uncontrolled environment, including its worst aspects. > Privacy is a *social* phenomenon, not a technical one. The convention of respect for privacy is social. It's based on a more primitive and basic ability of people to *get* privacy if they need it. The latter is breaking down, making the former increasingly a charade behind which things can get worse. But in the process of fixing things, the ground rules--in terms of which new social conventions will have to grow--will change. Things will seem rude to people stuck in old ways of looking at them. > There is > no sense in creating tools for privacy unless one also works for > a society in which the deployment of these tools makes sense. Although I can't imagine a situation where deploying privacy tools doesn't make sense, I agree that we should keep our social goals and issues in mind. I'm surprised you imply that we aren't doing that. But society has to be built on good foundations. - -----END PHILOSOPHY------ I think some of the things you suggest we do, amount to hiding from the important problems. I hope (mostly for our sake) that you aren't doing that yourself. I guess this list can seem very rough without a sense that the people are ethical and serious, and that the roughness is there for a purpose. I hope you can come around to believe that of some of us and tolerate the rest. We need people who can help think about what we're aiming for, and what it will be like for humans in the worlds we propose. Once in a while it helps to have someone to protest a thoughtless post. bye, -fnerd at smds.com (FutureNerd Steve Witham) quote me ps i restrained myself from all the twelve step phrases i thot -----BEGIN PGP SIGNATURE----- Version: 2.3a aKxB8nktcBAeQHabQP/d7yhWgpGZBIoIqII8cY9nG55HYHgvtoxiQCVAgUBLMs3K ui6XaCZmKH68fOWYYySKAzPkXyfYKnOlzsIjp2toust1Q5A3/n54PBKrUDN9tHVz 3Ch466q9EKUuDulTU6OLsilzmRvQJn0EJhzd4pht6hanC0R3seYNhUYhoJViCcCG sRjLQs4iVVM= =9wqs -----END PGP SIGNATURE----- From sameer at uclink.berkeley.edu Wed Oct 27 22:42:41 1993 From: sameer at uclink.berkeley.edu (Sameer) Date: Wed, 27 Oct 93 22:42:41 PDT Subject: Off-shore banking and Steve Roberts' flotilla In-Reply-To: <9310280306.AA19298@lux.latrobe.edu.au> Message-ID: > > Cool. Do you have an email address for more info? > Found it. technomads-request at ucsd.edu From zeek at io.com Wed Oct 27 23:18:05 1993 From: zeek at io.com (zeek at io.com) Date: Wed, 27 Oct 93 23:18:05 PDT Subject: Security of PGP private keys In-Reply-To: <199310272223.AA02694@misc.glarp.com> Message-ID: <9310280613.AA09120@actlab.rtf.utexas.edu> *> > PGP secret keys are protected by a password. Yet people have said that one *> > should not keep one's secret keyring on an insecure machine. Why? *> *> Passwords are often guessable. Passwords may also be picked up over telephone lines. It is good to keep them short, wacko, and in human memory. #$%Osd(@ is a good one. -z From msattler at netcom.com Wed Oct 27 23:22:42 1993 From: msattler at netcom.com (Michael Sattler) Date: Wed, 27 Oct 93 23:22:42 PDT Subject: I'm leaving cypherpunks Message-ID: <9310280620.AA06357@netcom.netcom.com> At 17:34 10/27/93 +0000, T. William Wells wrote: >In a controlled environment, such as cypherpunks, those who >control the list have the final say. The excess of noise on this >can be *directly* traced to the list owner's choice to not >control its content. Rjc's ability to abuse another *and to >continue the abuse* is a direct consequence of the owner's >policies. These facts are, by themselves, offensive but would be, >barely, tolerable. I'm very sorry to see you go. I certainly agree that the list has been annoying of late, but I disagree that cpunx is a controlled environment, nor should it be. I believe that leaving is no solution, but making heart-felt comments and contributions on one hand and ignoring and kill-filing obnoxious posters on the other hand is IMHO the most direct path to a future we are comfortable in. Again, I'm sorry to see you go. It feels like a victory for the dark side. ----------------------------------------------------------------------------- Michael S. Sattler msattler at netcom.com +1 (415) 621-2903 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing. From mdiehl at triton.unm.edu Wed Oct 27 23:38:05 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 27 Oct 93 23:38:05 PDT Subject: Security of PGP private keys In-Reply-To: <9310280613.AA09120@actlab.rtf.utexas.edu> Message-ID: <9310280634.AA04635@triton.unm.edu> According to zeek at io.com: > > > > *> > PGP secret keys are protected by a password. Yet people have said that one > *> > should not keep one's secret keyring on an insecure machine. Why? > *> > *> Passwords are often guessable. > > Passwords may also be picked up over telephone lines. It is good to keep > them short, wacko, and in human memory. > > #$%Osd(@ is a good one. > Ya right, about as good as qwerty, which is in many wordlists these days. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From mdiehl at triton.unm.edu Wed Oct 27 23:42:42 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Wed, 27 Oct 93 23:42:42 PDT Subject: Bad Ascii armour? Message-ID: <9310280638.AA04749@triton.unm.edu> Why is it that when I send this message to pgp, i get an error? This was posted recently. Is it a fraud? I donno and don't want to start another flamefest. ------BEGIN PGP SIGNED MESSAGE------ Mr. Wells-- Goodbye, best wishes. I'm guessing, but I think you're making a mistake in leaving, both for yourself and about us. We are not being irresponsible. We have a different, serious, view of how the world should be made into a good place. We can only "set the tone," as you say, if what we are saying is founded in truth and competence. The personal part of this letter continues after the philosophy. - -----BEGIN PHILOSOPHY------ There are tools available to protect privacy, and protect ourselves, that don't require much cooperation of others. People should adopt these tools, and also methods, habits, knowledge and attitudes. One good attitude is a basic awareness and self-responsibility. One is that insults and taunts are only words. Yes, on a personal level, in a group of friends, in a society that is still basically functioning, there are many important issues of how people should treat each other, and how a good environment should be established. But cypherpunks is addressing, and experimenting with, a more basic, raw level of things. The technical and nasty issues are every bit as urgent as the personal and ideal ones, and we constantly need to (and try to) relate them. It's bad to ask social conventions of niceness to take over jobs that people should--have to--take care of consciously for themselves. It distributes responsibilities and burdons unfairly. It is unwise in that it won't work. It seems to give play to a kind of self-delusion. And to recommend it as a course to others is to send the sheep to feed the wolves. It's to hang on to a picture of society with a false happy-face front that's crumpling behind--for all of us. There's a basic level of self-protection that people have to take care of for themselves, or higher-level social goals don't have a chance. People not protecting themselves actually increase harmful activities--besides small criminals there are whole industries of parasitism--*because* people feed them in sheepish trust. We're not talking guns or martial arts here, just purely protective things like crypto and a little dose of reality. A realistic sense of what neighborhood one is walking in, for instance. Like the cypherpunks neighborhood. Here we're trying to experiment, get a sense of the worst of what could happen, imagine ways of dealing with it. And we've been openly like this since we started. Here is how I see the situation with Detweiler: I sympathize with his pain (to the extent I can follow it). I try to be friendly to him. There have been others offering support who he could have talked with instead of the people he picked fights with. Some people shouldn't have been so nasty to him. But he should have gotten a reality check a long time ago about how rough we play here--it's not very rough!! There's no way we could have been expected to know that he wouldn't, and it is not our responsibility to police each other into treating him supportively. That doesn't mean we are building an unsupportive, hostile world. We are playing worst-case-scenario with each other just so that we can have a world that is not like that. You construe the list owners' *allowing* rjc to continue posting to be *condoning* it. That's a bad thought path. To suggest that they step in, in the kind of matter we're talking about, is not a good model for how a world should be run, and it's egregious in terms of the atmosphere we want in our own group. > In an uncontrolled environment, there is little that can be done > to further an appropriate attitude. One can reinforce the good > and censure the bad. And hope. (And give people tools, knowledge, and ideas to protect themselves. And develop methods that actively shrink the opportunities for bad behavior.) Cypherpunks is purposely a model of an uncontrolled environment, including its worst aspects. > Privacy is a *social* phenomenon, not a technical one. The convention of respect for privacy is social. It's based on a more primitive and basic ability of people to *get* privacy if they need it. The latter is breaking down, making the former increasingly a charade behind which things can get worse. But in the process of fixing things, the ground rules--in terms of which new social conventions will have to grow--will change. Things will seem rude to people stuck in old ways of looking at them. > There is > no sense in creating tools for privacy unless one also works for > a society in which the deployment of these tools makes sense. Although I can't imagine a situation where deploying privacy tools doesn't make sense, I agree that we should keep our social goals and issues in mind. I'm surprised you imply that we aren't doing that. But society has to be built on good foundations. - -----END PHILOSOPHY------ I think some of the things you suggest we do, amount to hiding from the important problems. I hope (mostly for our sake) that you aren't doing that yourself. I guess this list can seem very rough without a sense that the people are ethical and serious, and that the roughness is there for a purpose. I hope you can come around to believe that of some of us and tolerate the rest. We need people who can help think about what we're aiming for, and what it will be like for humans in the worlds we propose. Once in a while it helps to have someone to protest a thoughtless post. bye, -fnerd at smds.com (FutureNerd Steve Witham) quote me ps i restrained myself from all the twelve step phrases i thot -----BEGIN PGP SIGNATURE----- Version: 2.3a aKxB8nktcBAeQHabQP/d7yhWgpGZBIoIqII8cY9nG55HYHgvtoxiQCVAgUBLMs3K ui6XaCZmKH68fOWYYySKAzPkXyfYKnOlzsIjp2toust1Q5A3/n54PBKrUDN9tHVz 3Ch466q9EKUuDulTU6OLsilzmRvQJn0EJhzd4pht6hanC0R3seYNhUYhoJViCcCG sRjLQs4iVVM= =9wqs -----END PGP SIGNATURE----- From AFCO73%IRMFAO01.BITNET at vm.cnuce.cnr.it Thu Oct 28 00:58:05 1993 From: AFCO73%IRMFAO01.BITNET at vm.cnuce.cnr.it (AFCO73%IRMFAO01.BITNET at vm.cnuce.cnr.it) Date: Thu, 28 Oct 93 00:58:05 PDT Subject: How do I unsubsrcibe Message-ID: <931028.085609.ITA.AFCO73@IRMFAO01> Good day, would someone please advise me how I could unsubscribe from this list? Thanks for your help. Johnny Hua at FAO of the UN, Italy From rjc at gnu.ai.mit.edu Thu Oct 28 01:38:05 1993 From: rjc at gnu.ai.mit.edu (Ray) Date: Thu, 28 Oct 93 01:38:05 PDT Subject: Last words, perhaps... In-Reply-To: Message-ID: <9310280836.AA14741@churchy.gnu.ai.mit.edu> In his final message, Mr. Wells accuses me of wanting to control, rule, and abuse despite the fact that I've been on the list since it's beginning and have participated in a grand total of 2 flames. He says our actions should be based on a fundamental respect for others. He's already abused my character far more than I did to Detweiler. While weeding out my mailbox, I ran across the following: T. William Wells writes: > > In article <9310250152.AA09786 at snark.lehman.com>, > Perry E. Metzger wrote: > : [irrelevancy] > > I watched you arguing with Detweiler and thought that you were an > idiot. However, I figured that Detweiler was sufficient > provocation to bring out the idiot in just about anyone so I > ignored that. > > But here you have proven that you really don't understand. > > This I don't intend to ignore. Welcome to my killfile. When you > figure out why, you may be worthy of being removed from it. Not the words of an "understanding" and "sensitive" person. Everyone else seems to be getting in their last word. That's mine. I've temporarily unsubscribed the list for an unspecified period. I can't keep up with this war, my classes, and my work on the Extropians list software. -- Ray Cromwell | Engineering is the implementation of science; -- -- rjc at gnu.ai.mit.edu | politics is the implementation of faith. -- -- Founding Member of the Dark Side -- From e0004353 at oxford-brookes.ac.uk Thu Oct 28 02:42:42 1993 From: e0004353 at oxford-brookes.ac.uk (carugo o) Date: Thu, 28 Oct 93 02:42:42 PDT Subject: APOLOGY!!!! Message-ID: <645.9310280937@csmail.brookes.ac.uk> Yes, I want to make a public apology on behalf of my obnoscious brother he is the only neg I know. More relevant information will come from me. u.r.carugo e0004353 at brookes.uk.ac From an31122 at anon.penet.fi Thu Oct 28 03:18:07 1993 From: an31122 at anon.penet.fi (an31122 at anon.penet.fi) Date: Thu, 28 Oct 93 03:18:07 PDT Subject: Words, words, words Message-ID: <9310281013.AA23863@anon.penet.fi> Fellow cpunks, I'm a little ashamed to admit it, but I enjoy a bit of flame war. I genuinely do not care what happens to Mr. BatGuano ("if that IS your name"), so a clever insult once in a while is fun to read. If Detweiler really IS Boxx, so what? If he says that you're a moron, so what? If someone creates a second name to use when they're mad and want to flame, that's their business. What's important is the ideas in someones head, not the name they use. While I'm interested in dining cryptographers, I also find it enlightening to listen to Tim May or Duncan Frissell talk politics. I don't see any reason to limit this list to discussions of random number generators. It would be a terrible waste to ignore the collected wisdom and experience of the group because it was marginally off topic. If people would have simply ignored Detweiler rather than answering his tomes, he would have gone away sooner. It only takes a few lines to see whether a post will be interesting or not. If not, DON'T READ IT. Forget it, trash it, delete it. Most importantly, don't get upset about it. It's just words; they can't hurt you. I give Detweiler a paragraph or two. We all know who is worth listening to and who isn't. Once you've figured out what Detweiler, rjc, or Boxx have to say, don't bother reading them anymore. That's all there is to it. My point, I guess, is that net.talk isn't all that different from real.talk. There are real people on the other end of the line, regardless of the names that they use. Some are worth listening to, some are not. It's not hard to tell them apart, and not hard to ignore the wierdos. Talk of censoring people, charging for posts, or sharply defining the scope of the group all seem to make things worse rather than better. It's silly to talk of the way that things "should be". It's far more productive (and easier!) to figure out how to get what you want from the way that they already are. See you in the Zone, Tyrone Slothrop (RocketMan) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From hiscdcj at lux.latrobe.edu.au Thu Oct 28 07:18:09 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Thu, 28 Oct 93 07:18:09 PDT Subject: hardware projects and stuph Message-ID: <9310281413.AA29332@lux.latrobe.edu.au> : > Here's some topics that I've been wanting to bring up with : >the CypherPunks. I figured it'd be best to just drop one email/post : >rather than 4. : : > Or is anyone interested in starting a parallel list of sorts for the : > hardware-punks? 'ware-punks? :-) or perhaps an even better name : > would be The Homebrew Computer Club^2. : : >3. PUNK-NET: (see HARDWARE above) : : I may be able to get a mailing list for punk net going. If people : don't mind discussing hardware in that, that's cool. : : However: I'm not big on unix (at all, actually), so I can subscribe people : and stuff like that, but if it crashes it may take a while to get going : again. : Can anyone tell me how much diskspace a listserver will take up? : I have about 15 meg to play with, that should be more than enough : ( he says, innocently ) : : Dwayne. : (Dwayne Jones-Evans IRC: ddraig ) ( SCA: Cynon Yscolan ap Myrddin, Stormhold, Lochac, West) PGP public key available. finger me. be gentle. internet---> hiscdcj at lux.latrobe.edu.au From major at dcd.wa.gov.au Thu Oct 28 08:52:42 1993 From: major at dcd.wa.gov.au (major at dcd.wa.gov.au) Date: Thu, 28 Oct 93 08:52:42 PDT Subject: blacknet international offers DOSSIERS for SALE Message-ID: <199310281459.AA03577@belfast.> cman at IO.COM (Douglas Barnes) writes: > > Trust me, its worth it just for the nude photographys of me with an > > ostrich. (How they got a camera into that vault, I'll never know.) > > Yeah? You're probably getting a cut. Heck, you could *be* blacknet :-). I'm sure Perry is shocked, simply shocked that anyone would suggest that. Major From an41418 at anon.penet.fi Thu Oct 28 09:48:07 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 28 Oct 93 09:48:07 PDT Subject: My Key Message-ID: <9310281643.AA16638@anon.penet.fi> Hugh, I agree with most of what you say. However, my point was, that say someone wants to become Wonderer (I mean, it's great being me, who wouldn't want to?), they could forge a message as coming from me and include a public key. From them on, they would be wonderer, and it would be more believable than if I sent the messages myself. They could prove they were me better than I could. My point was that if someone sent me private mail, and I responded with my public key, that would be much less likely to be a forgery. However, I will concede. Here's my public key, and after this one, I'll sign my messages. If anyone wants confirmation of my public key, or wants to sign it for me let me know. However, since there is no certificate, I probably wouldn't sign your key under the same circumstances, so it's up to you. The problem I have with public key cryptography is that it is easy for an imposter to publish a public key and get people to believe that it is valid. Wonderer -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3 mQBNAizOm20AAAECAMfolwrccyUip9pUcpLQjLSw0BWgmIhW2v1YjGOxTqJdU8+v Nh9eXckudk6h6LCcs7KIn++PSl04HWRMm6ugMP0ABRG0CHdvbmRlcmVy =foLb -----END PGP PUBLIC KEY BLOCK----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an41418 at anon.penet.fi Thu Oct 28 10:13:07 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 28 Oct 93 10:13:07 PDT Subject: Chaos - A noun we can live with Message-ID: <9310281712.AA21098@anon.penet.fi> > i like cpunx the way it is: uncontrolled. I too agree with this statement up to a point. I don't believe there should be any control by the list management. However, I see no problem with the democratic process of participants on the mailing list saying whatever they can to quiet those who are disrupting the intelligent discussions that are taking place with useless banter and silly flames. Personally, I always found flaming to be an unproductive way of expressing one's self. Constructive criticism is always better in my view. Wonderer p.s. something's wrong with my pgp, I'll start signing soon. Sorry. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an41418 at anon.penet.fi Thu Oct 28 10:32:42 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 28 Oct 93 10:32:42 PDT Subject: Signing our keys Message-ID: <9310281731.AA24284@anon.penet.fi> Well, it is true that you have built up a reputation on the list. I am trying to do the same. Quite an interesting experience. It seems to me that we have an interesting dilemma here. If we are willing to sign a key based on an entity that we KNOW does not really exist, then what does a signature mean? You have been an active and productive participant on cypherpunks for quite some time now, so if that's what I'm saying by signing your key, then I would be willing to. Off line methods wouldn't work in this case because we aren't real. Something strange is going on in the word when nym's are signing each other's keys... I am going to register my public key as you suggested. If you send me a signed copy, I will add it to my keyring. Please send me your public key, and I will sign it for you. The world is becoming a more interesting place. Wonderer p.s. I believe something may be wrong with my pgp here at my oranization. I type: pgp -sat file -u wonderer +cleartext=on as someone on the list suggested, and this does not work. What command do you use to sign your messages? I will include a detached signature of this message below. -----BEGIN PGP MESSAGE----- Version: 2.3 iQBVAgUALM/wPh1kTJuroDD9AQEq5AH+Nxou8vx4F3JsDhSDvUpy6P0yvXz2Be/F Q32ZwM+AiBD/Sijb/XX3Z2jixDTWP/xs/lr2Iw1tmbK8RBWS4iZDLQ== =rjX8 -----END PGP MESSAGE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an41418 at anon.penet.fi Thu Oct 28 10:48:07 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 28 Oct 93 10:48:07 PDT Subject: Words, words, words Message-ID: <9310281746.AA26763@anon.penet.fi> Tyrone Slothrop (RocketMan), you say: > It's just words; they can't hurt you. I think many people, nations, reputations, organization, etc. have been destroyed by "just words." Somewhere I heard the phrase: "The pen is mightier than the sword." Words can and do hurt. I believe the practive of flaming has probably hindered many people's participation and contribution to discussions on the net. Some words that can hurt you: - death threats - "You're fired" - "I don't want to see you ever again." - "You're ideas are stupid; take them somewhere else." - "We see no option but to declare war!" you get the idea. Flaming is unproductive. Wonderer p.s. I am ashamed; messages will be signed soon. Here's a detached signature of this message. -----BEGIN PGP MESSAGE----- Version: 2.3 iQBVAgUALM/zPR1kTJuroDD9AQGpVAH/Y7rQ86YcC91Fi19UfyVv607NSwQu063K c++LRh5Y7D/CrZZNkPkmiE1melwNvXruoLx3dP8w38HacT090/Jx+w== =aJVa -----END PGP MESSAGE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From paul at poboy.b17c.ingr.com Thu Oct 28 10:52:42 1993 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 28 Oct 93 10:52:42 PDT Subject: Chaos - A noun we can live with In-Reply-To: <9310281712.AA21098@anon.penet.fi> Message-ID: <199310281750.AA13134@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- An unsolicited opinion: one of the best things about cypherpunks' early days is that the list members (spurred on by the examples set by a few folks) generally posted informative and incisive material to the list and kept the flames, potentially-silly questions, and other detritus in private e-mail. The recent Detwiler melee is a case of the USENET-ization of this list. I'm sorry that some valuable contributors- *including Detwiler*, who often had a steely point buried under the Moby Adjectives- will no longer be sharing with us. A bad s/n ratio is usually transient, and people who tune out due to the traffic will often come back. Unfortunately, the kind of acrimony we've been favored with here tends to force out many people whose contributions enrich us all. I'd like to ask each of the remaining members to think about your own reasons for reading the list. If you're here to learn, teach, and share, that's great. If you're here to act like an alt.flame regular, not so great. I'd hate to see any more people driven off because the coffee in our coffee house is too bitter. So, to summarize: you don't have to always be nice, but if you feel the need to flame, keep it in e-mail. - -Paul - -- Paul Robichaux, KD4JZG | Caution: cutting edge is sharp. Avoid contact. Intergraph Federal Systems | Be a cryptography user - ask me how. ** Of course I don't speak for Intergraph. ** -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNAGUiA78To+806NAQEkVQQAxS7WOinmWY2JMs39ZhL1rsV2hrGxvRnl ACZv3GmNIRWiwJTPco7C7ykbfZkvquK7lqOJcl3voTQzE/AlyUuv0IoeTVANy5ZG UrxviB9yzxozuwL2QQnCYYnUH7EWBbFDwkc+txo67ilv2vInrZWIae1VLSBygKaB +Uiw5gkayyU= =GnYl -----END PGP SIGNATURE----- From paul at poboy.b17c.ingr.com Thu Oct 28 11:08:08 1993 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 28 Oct 93 11:08:08 PDT Subject: Signing our keys Message-ID: <199310281806.AA13209@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- In an interesting list message, Wonderer wrote: >It seems to me that we have an interesting dilemma >here. If we are willing to sign a key based on an >entity that we KNOW does not really exist, then what >does a signature mean? Here's a terrific example of one of the interesting differences between the PEM-style key hierarchy and the PGP web. Consider that any entity (real or spoofed) can own a key pair in either model. A PEM key is bound to a particular identity by a certificate. Right now, you can only get these certificates from entities that want some concrete evidence of your True Name; this makes sense, since the certificate establishes that key X belongs to True Name Y. PGP, OTOH, doesn't have any direct equivalent of a certificate. If I get Wonderer's key with no signatures, I can't guarantee anything about the association between that entity and the key I get. If I get that same PGP key with signatures from Phil Karn and L. Detwiler, I know that they're willing to certify the assocation. Does that mean anything? Well, it depends on who the signers are :) A set of PGP signatures can be equivalent to a PEM-style certificate; that is, the set of signatures on a key, establishing that a particular key belongs to a particular entity, can potentially be as trustworthy as a certificate from Dun & Bradstreet or RSA. The PGP feature that a key doesn't have to belong to the True Name of an entity is a big plus in my book; otherwise, we'd have no Wonderer, no deadbeat, and no S. Boxx. - -Paul - -- Paul Robichaux, KD4JZG | Caution: cutting edge is sharp. Avoid contact. Intergraph Federal Systems | Be a cryptography user - ask me how. ** Of course I don't speak for Intergraph. ** -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNAJ2yA78To+806NAQF/DAQApsjQgIjW26GPvL2kINfCzTGyxn6zXJr9 OZVdLjPRe/J7eudxXfe5q7MlENxyomXgXqnUr5AxmTEjPzWCj63D1Yq2qr2Gcjq+ i7YTg8d9P+L+yTsTVUBk+ZIbBv+AFnD35yCEQnIC5nCE0kK644cpwa1FjDyLla01 2m4fvPNTOnM= =ZF43 -----END PGP SIGNATURE----- From mdiehl at triton.unm.edu Thu Oct 28 11:12:42 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Thu, 28 Oct 93 11:12:42 PDT Subject: Words, words, words Message-ID: <9310281811.AA24925@triton.unm.edu> According to wonderer: > > Some words that can hurt you: > - death threats > - "You're fired" > - "I don't want to see you ever again." > - "You're ideas are stupid; take them somewhere else." > - "We see no option but to declare war!" > you get the idea. You forgot: Bitch, nigger, queer, spick, Nazi, dumbfuck, chink, wop, etc. Simply a call for people to try to be a bit more polite to each other. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From hughes at ah.com Thu Oct 28 11:18:08 1993 From: hughes at ah.com (Eric Hughes) Date: Thu, 28 Oct 93 11:18:08 PDT Subject: Signing our keys In-Reply-To: <9310281731.AA24284@anon.penet.fi> Message-ID: <9310281812.AA02472@ah.com> >If we are willing to sign a key based on an >entity that we KNOW does not really exist, then what >does a signature mean? The key is the identity, period. Let's get that straight up front. Signing a key does not change the identity. Signatures on keys are attestations that the key belongs to some person or email address. Signing a key attests that an identity has a name. I've developed a criterion for signing pseudonym keys. The only party (other than the holder) who can gain any certain knowledge that an e-mail address maps to the holder of a given key is the provider of the e-mail address. In other words, Julf's server should sign wonderer's key. The following applies to any system providing pseudonyms, i.e. mail addresses. The mail server should have a public key. The public key of a user would be encrypted with the server's public key and forwarded to the server. The server would accept as authentication of this public key the same authentication that it accepts for everything else. Once it has the key, it can sign it and return it to the individual, who can then publish it. >Something strange is going on in the word when nym's >are signing each other's keys... The one pseudonym is attesting that they reach the same individual each time they send mail to the other pseudonym encrypted with the public key claimed by that other pseudonym. This attestation is not as strong as person-to-person contact, but as long as the signer reasonably believes that mail delivery system functions as it claims to, i.e. no interposers, the signature does actually mean something. Eric From jrk at sys.uea.ac.uk Thu Oct 28 11:19:58 1993 From: jrk at sys.uea.ac.uk (Richard Kennaway) Date: Thu, 28 Oct 93 11:19:58 PDT Subject: Signing our keys Message-ID: <4812.9310281817@s5.sys.uea.ac.uk> an41418 at fi.penet.anon (wonderer) writes: >It seems to me that we have an interesting dilemma >here. If we are willing to sign a key based on an >entity that we KNOW does not really exist, then what >does a signature mean? You have been an active and >productive participant on cypherpunks for quite some >time now, so if that's what I'm saying by signing >your key, then I would be willing to. Off line methods >wouldn't work in this case because we aren't real. Certification establishes a relationship between a public key and a True Name. When there is no True Name, or the True Name is not to be revealed, certification is irrelevant. For a nym to prevent anyone else for masquerading as itself, it should announce a public key in its first appearance on the net, and thereafter sign every message with its private key. This guarantees that all such messages emanate from those with access to the private key. Certification is irrelevant. What does become difficult for a nym is key revokation. If the nym's private key is compromised, anyone with access to it can send a message purporting to revoke the key and announcing a new one. Such a revokation cannot be certified unless its issuer not only reveals their True Name but somehow establishes to the satisfaction of whoever is certifying it that they are the True Name of the nym. Or as someone put it more succinctly, keys *are* the identities of the future net. -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk at sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K. From pierre at shell.portal.com Thu Oct 28 11:21:34 1993 From: pierre at shell.portal.com (Pierre Uszynski) Date: Thu, 28 Oct 93 11:21:34 PDT Subject: My Key Message-ID: <9310281814.AA19779@jobe.shell.portal.com> > From: an41418 at anon.penet.fi (wonderer) > > say someone wants to become Wonderer (I mean, it's > great being me, who wouldn't want to?), they could forge > a message as coming from me and include a public key. [...] > The problem I have with public key cryptography is that > it is easy for an imposter to publish a public key and > get people to believe that it is valid. As long as no certification agency is involved, a public key only stands for itself. It only weakly associates a key with a name. It does NOT associate a key with a person, or an email address. And this association is not even unique, you could have several names with the same public key, and the same name with several public keys. In other words, the only thing that authenticates the messages is the key itself, the key is now the only significant name. The name is merely a poor mnemonic to the key (more or less). No matter what, any "John Smith" out there has an arguable right to call himself "John Smith". The situation does not improve as communication infrastructures become more global. So, even though you were the first on this list to use the name "wonderer", as long as you don't post a public key for it, somebody else can pre-empt you and claim that name and post a key, and that would not prevent you from posting a key for the same name yourself in the future. (is that confused enough?) The only way to distinguish same names for different keys is if people automatically collect key-name pairs and their mail readers shows key-names as author, not just name (and that's not a reliable or likely way to go. Assuming here there is only email and posting to distribute keys.) You say somebody would forge a mail from your address to "claim" your name... They wouldn't need to: How many of us check your email address in the header when we see "wonderer". We don't remember your email address, just "wonderer". We wouldn't remember your key either, just "wonderer" again. Only a fancy mail reader would tie together all the different messages you posted under the same key. So, does it matter and what can we do? Well as long as the only key propagation mechanisms are email and posting, we can't do much. If you start talking as "Some Name" with or without a posted public key, and somebody else posts one as the same name: - you can counter with a key for "Some Name" yourself. - you can sue if "Some Name" is sufficiently associated with you (first and last name, trademark...), and insufficiently with the other (not his name or less valid trademark), and if the other is in a jurisdiction where you have a recourse. - you can start an online war between the two that essentially will make the name impossible to use for anybody (quasi-universally kill-filed... for a while) - you can claim a Better Name "The One True Some Name", and post your same public key for it. Until he does the same. - you can wait for, or better yet :-), write mail readers or list software that tend to prefer keys and signatures over names and mail addresses. The possibilities for fun, forgery, spoofing, and flaming are endless... Until the list software starts associating keys with names on a first come first serve basis (or by chains of certificates and in-person meetings, as a way to settle disputes). Pierre. pierre at shell.portal.com From smb at research.att.com Thu Oct 28 11:28:08 1993 From: smb at research.att.com (smb at research.att.com) Date: Thu, 28 Oct 93 11:28:08 PDT Subject: Signing our keys Message-ID: <9310281827.AA11123@toad.com> The PGP feature that a key doesn't have to belong to the True Name of an entity is a big plus in my book; otherwise, we'd have no Wonderer, no deadbeat, and no S. Boxx. It is, of course, worth noting that the PEM specs make explicit provisions for aliases; it's just up to some issuing agency to decide to issue them. And if no one wants to -- well, no one has to sign an anXXXX address's key, either. --Steve Bellovin From nobody at rosebud.ee.uh.edu Thu Oct 28 11:32:42 1993 From: nobody at rosebud.ee.uh.edu (nobody at rosebud.ee.uh.edu) Date: Thu, 28 Oct 93 11:32:42 PDT Subject: Tim May, Detweiler and Me. Message-ID: <9310281829.AA11138@toad.com> > Granted, Mr. Detweiler has been a royal twit. But then, so have many > others on the list in reply to him. Shame on the lot of you. Oh, fuck off. Take your preaching and moralizing to the net. In fact, all of y'all interested in reforming our black hearts: get fucking lost. I want to hear Hal Finney's description of DC-nets, and you are just plain in the way. Nowhere, Man From hughes at ah.com Thu Oct 28 11:48:08 1993 From: hughes at ah.com (Eric Hughes) Date: Thu, 28 Oct 93 11:48:08 PDT Subject: Signing our keys In-Reply-To: <199310281806.AA13209@poboy.b17c.ingr.com> Message-ID: <9310281841.AA02550@ah.com> >A PEM key is bound to a particular identity by a >certificate. Right now, you can only get these certificates from >entities that want some concrete evidence of your True Name RSA is running a persona certificate server for PEM keys. They don't ask for anything. Their latest brochure diagrams these as "anonymous internet users." I don't know the address, but I do know that six months ago it was running and being tested. It would be interesting to know if such certificates worked in the new Apple system 7. If so, there may soon be a whole flood of Mac-owning pseudonyms using PEM. Eric From tcmay at netcom.com Thu Oct 28 12:02:42 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 28 Oct 93 12:02:42 PDT Subject: Back to the Basics in Crypto In-Reply-To: <199310281750.AA13134@poboy.b17c.ingr.com> Message-ID: <9310281859.AA05499@netcom5.netcom.com> Paul Robichaux makes some good points: (which I'll only quote briefly) > An unsolicited opinion: one of the best things about cypherpunks' > early days is that the list members (spurred on by the examples set by > a few folks) generally posted informative and incisive material to the > list and kept the flames, potentially-silly questions, and other > detritus in private e-mail. Yes, many people have commented on the greater information content of the "early days." (Interestingly, I sense that the "early days" for each member are of course that person's early days on the List!) We each have our favorite interests, even our areas of expertise. So, in our early days on the List (which for me was a year ago) we naturally tend to write a lot of essays, raise new points, and generally act in an enthusiastic, excited way (by excited I don't mean flaming). After a few months of this, most folks drop their level of enthusiasm. Very natural and expected...after all, the material is no longer new. One just can't keep writing essays about the same material, though occasionally we see "golden oldies" reposted to the List (as I recently did with a year-old essay on "Dining Cryptographers"). So, if newcomers want to see new material, and not just reactive comments, it is largely up to them to find some areas of interest, gain some relative expertise, and then to write essays or pieces on these topics. There's just a huge amount of stuff out there, stuff on "zero knowledge proof systems," on the existence (or not) of digital coins, on the nature of data havens and offshore black markets, on alternatives to RSA, and on and on. Reading and absorbing this stuff will take any person I know at least a few days of very intensive reading and thinking (I spent at least six or eight hours in 1989 reading and rereading Chaum's DC-Net paper before it really made sense to me....no summary on the Net could possibly do it justice or obviate the need to pore over the paper, preferably in printed form). My point? If the List gets to be too much for you, what with the occasional outbreaks of flames and the "trivial" (to some) debates about foo and bar, then go off and do some very intensive reading of the cryptographic, banking, and information theory literature, For example, I just received yesterday a spectacular new book in the mail: "An Introduction to Kolmogorov Complexity Theory and its Applications," by Ming Li and Paul Vitanyi (Springer-Verlag, $59, call 800-SPRINGE to order, or find it eventually in your local university library--maybe). Kolmogorov and Chaitin (and a few others, like Martin-Lof and Solomonoff...a lot of "loffs" in their!) developed what is also called "algorithmic information theory (AIT)," which is interested in issues of randomness, descriptive complexity, etc. This is currently my main interest, and we had a "virtual seminar" over on Extropians several months ago on AIT. Nick Szabo, Hal Finney, and Derek Zahn, all now on the Cypherpunks list as well, were participants with me in this virtual seminar. Folks actually read some of the key papers, thought about the issues, and came up with interesting conclusions about the connections between AIT, cryptography, neural nets, evolution, and several other things. Very stimulating! So, if things are "dragging" here, it's maybe time for folks to go off and recharge, to "Use the Force, Read the Source." The Net is great, but it can't possibly convey the sheer depth of information present in books, formal papers, graphs, equations, etc. The Net is typically a chat forum, like the coffee house someone remarked on. But even if coffee houses, folks have to bring something exciting to talk about. I'm not chastising anyone....we all have other projects, work, our private lives, and so on. Not everyone wants to become an expert in some area, not everyone has the backround. And many of you are _already_ world-class experts in important areas (inventor of public key itself reads the list, experts in Unix security do, and on and on). These experts in most cases did in fact write wonderful essays on some aspect of what they're interested in, be it spread spectrum communications, e-mail standards, digital money, steganography, capability-based systems, whatever. It's understandable that they don't keep writing the same essays. ("Why not archives?" I hear some of you saying---unless I'm just hearing voices in my head, of course. Well, the toad.com machine does have the archives, and hugh Daniel tells me they may someday be accessible. Also, the List has in some cases been gatewaayed into local Usenet form, so some sites may already have archives. However, my experience with archives is that newcomers will perhaps understandably not wade through several dozen megabytes of archived postings, and prefer to see currently-written essays instead. A dilemma we're not likely to solve.) My biggest conclusion: If the List is not what you want it to be, _make_ it what you want it to be! Stop reading the List for a few days and instead use the time saved to dig up the "Crypto" Proceedings and the other crypto materials. You may find some articles that excite you enough to summarize them for the List or even to prompt you to go off and try to implement the ideas yourself. Happy hunting! --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From holland at CS.ColoState.EDU Thu Oct 28 12:42:42 1993 From: holland at CS.ColoState.EDU (douglas craig holland) Date: Thu, 28 Oct 93 12:42:42 PDT Subject: PGP automation Message-ID: <9310281940.AA28085@beethoven> Right now, it is a complete pain in the ass for me to encrypt or sign messages using PGP. The reason is because I have my email account on one of CSU's unix machines, so I have to do my posting there, while my PGP stuff lives on my PC in my apartment. Usually, I check my mail and read news by calling CSUNet over my modem, but if I want to encrypt, decrypt, sign or check the signature of a message, I have to zmodem the message to my machine, log off, decrypt or check the message while offline (or at least shelled into DOS), type up a reply, manually encrypt it and finally get back into my term program and zmodem the reply back up to CSUNet and mail it. I don't really want to run PGP on CSUNet, since I don't trust their machines like I trust mine, but I am thinking about doing that and generating a key which I would be wiling to use for less secure stuff. Anyone here have any other suggestions on making encryption less of a pain? Doug | Doug Holland | Proud member of: | holland at beethoven.cs.colostate.edu | Mathematicians Against Drunk Deriving | Finger for PGP 2.2 key | From tcmay at netcom.com Thu Oct 28 12:43:08 1993 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 28 Oct 93 12:43:08 PDT Subject: Hackers 9.0 Crypto Panel, the Semi-Final Agenda Message-ID: <9310281941.AA10002@netcom5.netcom.com> Many of you will be attending Hackers 9.0 beginning next Friday at Lake Tahoe. This message is for you. The Hackers Conference panel on crypto has come together nicely. Glenn Tenney has asked us to move it from Saturday afternoon to Friday night, 9:30 to 11, and I've agreed. I don't think this should conflict with any other sessions, as this is a one-track section too. If there are conflicts, let me know and we can arrange substitutes or somesuch. A few weeks ago I solicited your advice on topics and asked for any volunteers. This is what came out of this process: * a panel discussion, as opposed to the short speeches of last year. * a discussion of whatever is of main interest after the panel makes their initial points. * panelists: - Phil Karn, on Internet encryption - Peter Honeyman, on issues of anonymity and trust - John Draper, on the spread of PGP - Eric Hughes, on digital money and banking - Mike Godwin, on legal issues surrounding crypto If any of you has changed your mind, let me know as soon as you can. And if anyone else has some topics they really want to talk about, let me know...maybe you can be added or be a sub for anyone who drops out. I'll try to moderate this thing and keep any one topic from sucking up all available time. Clipper and the legal issues surrounding PGP are two of the obvious things that the audience could "demand" more attention be given to. I think we of course _should_ talk about these issues, but we also want to bring up new material and not just today's "headlines." (For example, a year ago the "key escrow" stuff was relatvely obscure next to the Steve Jackson Games issue....then key escrow blossomed into "Clipper" just six months later and is now the Really Hot Topic. The use of anonymous remailers in the breaking of the Verilog encryption system is similarly a portent of things to come.) These topics will likely come up many times in the audience participation phase. And if Phil Zimmermann attends, which I've not been able to confirm, I expect he will be on the panel, or will participate centrally in the "BOF" (birds of a feather) session which I expect will start after our panel). (In fact, if he attends, it might be good to just let him speak for as long as he wants at a BOF. I remember Cliff Stoll speaking until nearly 4 in the morning a couple of years ago.) See you there! -Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | Public Key: PGP and MailSafe available. Note: I put time and money into writing this posting. I hope you enjoy it. From an41418 at anon.penet.fi Thu Oct 28 13:12:42 1993 From: an41418 at anon.penet.fi (wonderer) Date: Thu, 28 Oct 93 13:12:42 PDT Subject: Signing our keys Message-ID: <9310282009.AA21887@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- Well, Paul Robichaux, actually, that message was not intended for the list, as you seem to realize. However, given your message, and the thoughts that it sparked, I guess it wasn't such a bad thing after all that my lack of sleep caused me to be careless. I'd like to know how many people check the signatures at the end of messages. Maybe whenever there's a questionable one, or if someone claims that a message seemingly from them is a spoof. So, my question is: how do I get people to agree to sign my key when I don't really exist? Is my net reputation enough for you? -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBVAgUBLNARpB1kTJuroDD9AQEiEAH/etWoc0WA89+Rb9ojM4jRQflZQNjVrnYx r8YSYpq1k+G2W6eDPA+m0mQnWqaKGizKwPJecXkpQGfW5YawWSOg6w== =kZgv -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From hortonb at source.asset.com Thu Oct 28 13:18:08 1993 From: hortonb at source.asset.com (Bruce Kelley Horton) Date: Thu, 28 Oct 93 13:18:08 PDT Subject: pgp versions Message-ID: <9310282009.AA18893@source.asset.com> I would like to use PGP on multiple platforms, and am unsure of which version I should use to maximize my interoperability with other PGP users. In the PGP documentation, "hmiller at lucpul.it.luc.edu" is listed as a source of info regarding the availability of PGP for various computer platforms. I EMailed Mr. Miller but recieving no response. Finger indicates he hasn't used that account in over a month. John Draper suggested I contact you. I am unable to read PGP2.23 files created under DOS on the Macintosh running MACPGP2.2. I saw nothing in the "newfor23" file to indicated that the PGP file format had been changed so as to be incompatible. Are you familiar with this problem? Is there a MACPGP2.23 in the works? -bh From jim at nimrod.suite.com Thu Oct 28 13:32:42 1993 From: jim at nimrod.suite.com (jim at nimrod.suite.com) Date: Thu, 28 Oct 93 13:32:42 PDT Subject: Signing our keys Message-ID: <9310281913.AA02459@nimrod.suite.com> "Eric Hughes" writes... > RSA is running a persona certificate server for PEM keys. > They don't ask for anything. Their latest brochure > diagrams these as "anonymous internet users." I don't > know the address, but I do know that six months ago it was > running and being tested. > Here's an extract from the latest RSA Newsletter: ------------ _RSA Certificate Services Center Opens for Business_ Last month, the RSA Certificate Services Center (CSC) officially opened for business. Right now, today, you can obtain real certificates with your name, public key, and organizational affiliation safely embedded in a cryptographically tamper-proof digital document. [stuff deleted] GETTING A CERTIFICATE There are two primary types of certificates that are supported by the RSA Certificate Service Center: affiliated and unaffiliated. [stuff deleted] There are three ways to get a certificate: [stuff deleted] 3. You can purchase individual unaffiliated certificates directly from the CSC. [stuff deleted] For more information contact George Parsons, CSC Manager, at 415/595-8782. ------------ Jim_Miller at suite.com From ajw at Think.COM Thu Oct 28 14:43:09 1993 From: ajw at Think.COM (Andy Wilson) Date: Thu, 28 Oct 93 14:43:09 PDT Subject: Tim May, Detweiler and Me. In-Reply-To: <9310281829.AA11138@toad.com> Message-ID: <9310282142.AA07808@custard.think.com> Date: Thu, 28 Oct 93 13:34:35 -0500 From: nobody at rosebud.ee.uh.edu > Granted, Mr. Detweiler has been a royal twit. But then, so have many > others on the list in reply to him. Shame on the lot of you. Oh, fuck off. Take your preaching and moralizing to the net. In fact, all of y'all interested in reforming our black hearts: get fucking lost. I want to hear Hal Finney's description of DC-nets, and you are just plain in the way. Nowhere, Man Yo Nowhere Boy, Come out from behind that there anonymous re-mailer, you no-account, penny-ante, douche-swillin', hound-dog-be-hind-sniffin', cake-bakin', cant-chantin', underwear-chewin', varmint-humpin', slack-jawed, cripple-beatin', velveeta-meltin', glue-sniffin', shit-eatin', beady-eyed, rubber-armed, dried-drool-encrusted, paper-bag-foldin', mind-numbin', politician-listenin', professional-help-needin', lawyer-trustin', TV-watchin', toilet-bowl-kissin', propaganda-believin', both over- and under-edumacated, bocce-playin', reality-distortin', space-warpin', card-countin', sassafrass-sippin', channel-surfin', ill-behaved, fume-breathin', waste-spewin', paste-tastin', goofy-lookin', turkey-bastin', KMART-wit-implanted, coupon-clippin', rhino-horn-ridin', Bart-Simpson-veneratin', tired-old-idea-recyclin', seaweed-smellin', floppy-eared, donut-chompin', kudzu-entwined, se-mantically-challenged, not-at-all-anywheres-near-tolerable purple-assed wimp! If you're going to flame somebody, at least stand up for your own words with your own name, or a reputable pseudonym. Or better yet use PRIVATE EMAIL FER YER FLAME PICNICS! Y'stoops! Dammit. Andy, being a nanosmidgin hypocritical today on accounta life bein' grand! From khijol!erc Thu Oct 28 15:08:10 1993 From: khijol!erc (Ed Carp) Date: Thu, 28 Oct 93 15:08:10 PDT Subject: Tim May, Detweiler and Me. In-Reply-To: <9310282142.AA07808@custard.think.com> Message-ID: > Date: Thu, 28 Oct 93 13:34:35 -0500 > From: nobody at rosebud.ee.uh.edu > > > Granted, Mr. Detweiler has been a royal twit. But then, so have many > > others on the list in reply to him. Shame on the lot of you. > > Oh, fuck off. Take your preaching and moralizing to the net. > In fact, all of y'all interested in reforming our black hearts: > get fucking lost. I want to hear Hal Finney's description of > DC-nets, and you are just plain in the way. Nowhere, Man > > Yo Nowhere Boy, > > Come out from behind that there anonymous re-mailer, you no-account, > penny-ante, douche-swillin', hound-dog-be-hind-sniffin', cake-bakin', > cant-chantin', underwear-chewin', varmint-humpin', slack-jawed, > cripple-beatin', velveeta-meltin', glue-sniffin', shit-eatin', > beady-eyed, rubber-armed, dried-drool-encrusted, paper-bag-foldin', > mind-numbin', politician-listenin', professional-help-needin', > lawyer-trustin', TV-watchin', toilet-bowl-kissin', propaganda-believin', > both over- and under-edumacated, bocce-playin', reality-distortin', > space-warpin', card-countin', sassafrass-sippin', channel-surfin', > ill-behaved, fume-breathin', waste-spewin', paste-tastin', goofy-lookin', > turkey-bastin', KMART-wit-implanted, coupon-clippin', rhino-horn-ridin', > Bart-Simpson-veneratin', tired-old-idea-recyclin', seaweed-smellin', > floppy-eared, donut-chompin', kudzu-entwined, se-mantically-challenged, > not-at-all-anywheres-near-tolerable purple-assed wimp! > > If you're going to flame somebody, at least stand up for your > own words with your own name, or a reputable pseudonym. Or > better yet use PRIVATE EMAIL FER YER FLAME PICNICS! Y'stoops! > > Dammit. > > Andy, being a nanosmidgin hypocritical today on accounta life bein' grand! I've kept clear of this latest vitrolic drivel-throwing contest, but I have to say that Andy get the prize for the most inventive. Very creative! :) Made me smile... :) -- Ed Carp, N7EKG erc at apple.com 510/659-9560 an38299 at anon.penet.fi, anon-1157 at twwells.com If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From arthurc at crl.com Thu Oct 28 16:02:42 1993 From: arthurc at crl.com (Arthur Chandler) Date: Thu, 28 Oct 93 16:02:42 PDT Subject: CypherPunk Paintball In-Reply-To: Message-ID: Ed's appreciative note on andy's gatling-gun invective inspires me to suggest, as a solution to the flames and counterflames: Why not just designate an area of cypherpunks -- designation by Subject Header -- the Verbal Paintball Area. If you want to attack someone for being a paranoid, a sumbitch, a brainfried Nazi, a... well, you get the idea -- then you post the the Cypherpunk Paintball Area. Extra points awarded if you can spoof or encrypt your insults so that no one can figure out who said what to whom. :<) From marc at security.ov.com Thu Oct 28 16:12:43 1993 From: marc at security.ov.com (Marc Horowitz) Date: Thu, 28 Oct 93 16:12:43 PDT Subject: ["Tom Jones": ViaCrypt PGP for MS-DOS Now Shipping] Message-ID: <9310282309.AA04052@dun-dun-noodles.aktis.com> ------- Forwarded Message Date: Thu, 28 Oct 93 15:58:57 -0700 To: marc at gza.com From: "Tom Jones" Organization: ViaCrypt div Lemcom Systems Subject: ViaCrypt PGP for MS-DOS Now Shipping You recently contacted ViaCrypt and asked for information about ViaCrypt PGP, and that it be sent to you electronically. ViaCrypt PGP Version 2.4 for MS-DOS is now available for shipment. Appearing below is information from our literature, along with details about ordering ViaCrypt PGP. ViaCrypt Introduces... ViaCrypt(tm) PGP(tm) Pretty Good Privacy(tm) Protect The Privacy Of Your Files And E-Mail Messages ===================================================== Your files and messages. They're personal. They're private. And no one's business but yours. You may be planning a political campaign, preparing your taxes, or negotiating a contract. Whatever it is, you don't want your private electronic mail (e-mail) or confidential documents read by anyone without your permission. ViaCrypt PGP is the perfect tool for individuals, small businesses, large corporations, or anyone who values the privacy of their proprietary or sensitive information. A software program that combines powerful cryptography with ease-of-use, ViaCrypt PGP provides the ability to encrypt files and messages. Using Digital Signatures, it also provides a facility for message authentication. You Control The Keys To Your Privacy ------------------------------------ With ViaCrypt PGP, you are in complete control of your privacy. YOU create your keys. YOU decide how long they are valid. YOU decide who to trust. Other systems require you to place your trust in a disinterested third party, or worse yet, a chain of faceless people you've never met. ViaCrypt PGP allows you to do so too, but never requires it. YOU are always in control. ViaCrypt PGP is for people who don't want to surrender control of their privacy. Strong Cryptography ------------------- ViaCrypt PGP combines the respected RSA system for Public Key Cryptography with state-of-the-art IDEA(TM) encryption to protect your files and electronic mail, and to let you communicate securely with people you have never met. Features -------- * Protects the privacy of your files and e-mail messages. * Digitally signs files and e-mail messages to protect them from tampering and to authenticate the sender. * Sophisticated key management * RSA/IDEA hybrid encryption scheme * Message digests for digital signatures * Data compression before encryption * Simple, command-line interface for ease of use * Easy-to-understand documentation How It Works ------------ ViaCrypt PGP combines the best features of conventional and public key cryptography. Using conventional secret key cryptography, a file can be encrypted using a key, then sent to the recipient. The recipient decrypts the file using the same key. Conventional cryptography is very fast, but it is difficult to provide the recipient with the key in a secure manner. Public key cryptography eliminates the problems associated with distributing keys. Using public key cryptography, the key is split into two halves: A private key that you never reveal, and a public key that you can freely distribute. The public key and private key are mathematically related such that anything encrypted using the public key can be decrypted only using the matching private key. In a process invisible to the user, ViaCrypt PGP creates a temporary one-time key, called a session key, to encrypt the file using fast conventional cryptography. Then the recipient's public key is used to encrypt the session key. The encrypted session key is sent along with the encrypted file to the recipient. Once the file is encrypted, only the intended recipient(s) can read it. Using a single ViaCrypt PGP command, the recipient uses her own private key to recover the session key, then uses that key to quickly decrypt the file. Message authentication is also provided. The sender's own private key can be used to encrypt a 'fingerprint' or message digest of the file or message. This creates a digital signature of the file or message, which the recipient can check by using the sender's public key to decrypt and compare with the original. The digital signature proves that the sender was the true originator, and the file or message has not been altered by anyone else. ViaCrypt PGP Enables You To: ---------------------------- * Encrypt files or messages, sign them, or both * Decrypt previously encrypted files or messages * Check previously generated digital signatures * Encrypt messages to multiple recipients * Encrypt files or messages using just conventional cryptography * Generate your own keys * Easily add and remove other people's public keys to your 'key ring' * View the keys on your key ring * Revoke your keys * Re-format encrypted files so they can be sent through e-mail channels * Sign and certify other people's public keys * Specify 'trust parameters' for various keys Requirements ------------ * IBM Compatible PC * MS-DOS Version 3.3 or later * 640K RAM * 3-1/2 or 5-1/4 inch floppy disk drive ================================================================= What You Get * ViaCrypt PGP on both 3-1/2 and 5-1/4 inch diskettes * User Manual * License Agreement * Software registration card ================================================================= Pricing (Licensed for sale in USA and Canada only) ViaCrypt PGP Version 2.4 for MS-DOS (Single User) $ 199.95 (Promotional price good thru December 31, 1993: ($ 99.98) ViaCrypt PGP Version 2.4 for MS-DOS (Five User) $ 599.95 (Promotional price good thru December 31, 1993: ($ 299.98) ViaCrypt PGP Version 2.4 for MS-DOS (Twenty User) $1649.95 (Promotional price good thru December 31, 1993: ($ 824.98) Please add $8.00 shipping and handling per order If you live in AZ, CA, IL, TX, WA, NY, NJ, or GA please add appropriate sales tax. ================================================================= How To Order Four ways to order: 1. Via telephone at 1-800-536-2664 (orders only) 8 a.m. to 5 p.m. MST Monday - Friday. We accept American Express, Discover, MasterCard, or VISA. 2. Via FAX at (602) 943-2601. We can FAX you a pre-printed order form that you can fill in and FAX back to us. 3. Via Mail. Send your Check or Money Order to: ViaCrypt ViaCrypt Order Desk 2104 W. Peoria Ave. Phoenix, AZ 85029 4. Via company purchase order, providing you have been pre-approved for credit. Please contact ViaCrypt for terms, conditions, and credit information. ================================================================= For more information, contact ViaCrypt at (602) 944-0773. U.S. Patent No. 5,214,703 licensed by Ascom Tech, AG. U.S. Patent Nos. 4,200,770, 4,218,582, 4,405,829, and 4,424,414 Licensed Exclusively by Public Key Partners ------- End of Forwarded Message From mdiehl at triton.unm.edu Thu Oct 28 16:42:43 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Thu, 28 Oct 93 16:42:43 PDT Subject: PGP automation In-Reply-To: <9310281940.AA28085@beethoven> Message-ID: <9310282340.AA17393@triton.unm.edu> According to douglas craig holland: > > Right now, it is a complete pain in the ass for me to encrypt or sign > messages using PGP. The reason is because I have my email account on > one of CSU's unix machines, so I have to do my posting there, while > my PGP stuff lives on my PC in my apartment. Usually, I check my mail > and read news by calling CSUNet over my modem, but if I want to encrypt, > decrypt, sign or check the signature of a message, I have to zmodem the > message to my machine, log off, decrypt or check the message while > offline (or at least shelled into DOS), type up a reply, manually encrypt > it and finally get back into my term program and zmodem the reply back > up to CSUNet and mail it. I don't really want to run PGP on CSUNet, since > I don't trust their machines like I trust mine, but I am thinking about > doing that and generating a key which I would be wiling to use for less > secure stuff. Anyone here have any other suggestions on making encryption > less of a pain? If you happen to use 4dos and telix on your pc at home, I have some (imho) nice tools which make it easy to encrypt... For a taste of what I mean, try my menu.btm menu program for pgp under 4dos. If you like it, you can look at my (as yet unreleased) mail program. Lagers. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From m-sh8481 at SPARKY.CS.NYU.EDU Thu Oct 28 17:03:10 1993 From: m-sh8481 at SPARKY.CS.NYU.EDU (Singh Hardayal) Date: Thu, 28 Oct 93 17:03:10 PDT Subject: No Subject Message-ID: <9310282355.AA00978@SPARKY.CS.NYU.EDU> Dear friends, I am new to this group but interested in cryption and encryption and also about Public keys and Private keys. The only thing I know about them is that I have read their man pages on the Sparc stations. But I donot still know where to look in for the Public and the Private keys and how to change them etc. Could someone be kind enough to give me a little i/p that how should I proceed on to become a cypherpunk on this mailing list. I know it might be awkward for many of you. But I guess I have to start somewhere. ----Thanking in advance Hardayal Singh From jpp at markv.com Thu Oct 28 17:43:11 1993 From: jpp at markv.com (jpp at markv.com) Date: Thu, 28 Oct 93 17:43:11 PDT Subject: PGP automation In-Reply-To: <9310281940.AA28085@beethoven> Message-ID: <9310281737.aa24269@hermix.markv.com> > From: douglas craig holland > [...] I don't really want to run PGP on CSUNet, since I don't trust > their machines like I trust mine, but I am thinking about doing that > and generating a key which I would be wiling to use for less secure > stuff. Anyone here have any other suggestions on making encryption > less of a pain? In short, I sugest doing what you are thinking about: use two keys, a high security key, and a low security key signed by the high one. Use a low security key signed by a high security one. Change the low security key every so often. Keep the low security key under a pass phrase unrelated to the one you use for the high security key, and don't ever even store the high security key on the multi-user system. Then use some package (like my pgpmail.el) which connects your multi-user system's mail program to pgp. Sign your posts and casual mail with the low security key, and if/when it is compromised you will be able to issue convincing key change notices using the high security key. Naturally you should get other folks to sign your high security key, not the low one. That's what I do. j' -- O I am Jay Prime Positive jpp at markv.com 1250 bit key fingerprint = B8 95 E0 AF 9A A2 CD A5 89 C9 F0 FE B4 3A 2C 3F 524 bit key fingerprint = 8A 7C B9 F2 D5 46 4D ED 66 23 F1 71 DE FF 51 48 Public keys by `finger jpp at markv.com' or mail to pgp-public-keys at pgp.mit.edu Your feedback is welcome, directly or via symbol JPP on hex at sea.east.sun.com From mdiehl at triton.unm.edu Thu Oct 28 20:02:43 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Thu, 28 Oct 93 20:02:43 PDT Subject: pgp request? Message-ID: <9310290300.AA27325@triton.unm.edu> Hi all. I'm playing with procmail and trying to get it to automate many of the pgp- related email operations. I have it set up now, so that it validates all pgp- signed email that I receive. It will also automatically add any pgp keys which are in an incoming message. My problem, though, seems to that of philosophy. I also have the capability to check each message to see if pgp was used at all. If it was not, I could send the sender a one-time-only "advertisement" for pgp. Also, I could send a one-time-only "thank you" to people who send me email that is signed/encrypted. I'm really having difficulty deciding if this is something I want to do. Please send me your comments. Thanx in advance. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From jdblair at nextsrv.cas.muohio.EDU Thu Oct 28 20:52:44 1993 From: jdblair at nextsrv.cas.muohio.EDU (jdblair at nextsrv.cas.muohio.EDU) Date: Thu, 28 Oct 93 20:52:44 PDT Subject: archive request bounce Message-ID: <9310290412.AA13325@ nextsrv.cas.muohio.EDU > I mailed off the posting archive to everyone that requested one (I think). However, something bounced. If you wanted one and didn't get one, e-mail me back. caffienated... -john. From trebor at foretune.co.jp Thu Oct 28 21:58:17 1993 From: trebor at foretune.co.jp (Robert J. Woodhead) Date: Thu, 28 Oct 93 21:58:17 PDT Subject: Tim May, Detweiler and Me. In-Reply-To: <9310281829.AA11138@toad.com> Message-ID: <9310290452.AA29249@dink.foretune.co.jp> Nobody flames: >Oh, fuck off. Take your preaching and moralizing to the net. You've made my day. I've always wanted to be flamed by nobody, in particular. Seriously, I suggest you take a long hard look at the dictionary. Apart from learning many more highly useful expletives, you might also chance apon such words as "courtesy" and "etiquette." From nobody at Menudo.UH.EDU Thu Oct 28 22:02:43 1993 From: nobody at Menudo.UH.EDU (nobody at Menudo.UH.EDU) Date: Thu, 28 Oct 93 22:02:43 PDT Subject: Paranoid Message-ID: <199310290500.AA09296@Menudo.UH.EDU> Does PGP compress the text before it is encoded? Does this allow a cracker to search for the compression's signature after every attempt? Is there a checksum that a cracker could use to test for success after every attempt? Would using UUENCODE on the text and deleting the "begin/end" lines before encrypting it have a synergistic effect on the difficulty of cracking a secret key from that particular message? Is there an easy way to generate keys larger than 1024 bits? From norm at netcom.com Thu Oct 28 22:08:17 1993 From: norm at netcom.com (Norman Hardy) Date: Thu, 28 Oct 93 22:08:17 PDT Subject: ViaCrypt PGP Message-ID: <9310290505.AA17113@netcom2.netcom.com> Congratulations and good luck. I have a Mac and will not be buying you PC version. I might well buy a Mac version especially at the $99 introductory price. I hope you send me e-mail when you have a Mac version. I am impressed with PGP and would be willing to pay for a "legal" version. I have no important secrets but may still buy the program as a matter of principle. I have a couple of (free) ideas you may be interested in. (Consider this a customer request if there are any lawyers about.) As I understand PGP, it generates random numbers by timing keystrokes for at least two purposes, first to avoid known plain text and second to choose large primes for the RSA key. If there were an option to generate those random numbers by a published mapping from input text then the following benefits would accrue: The paranoid could compare the output of your program with others written to the same spec to gain assurance that programs operated to spec. This is especially critical in key generation. I would propose that the spec would be to choose the prime from among an arithmetic sequence A+Bn where A and B are derived from the input text. The paranoid would know that the cipher text contained no covert or subliminal information. Both of these benefits would accrue without having to read the code for either of the systems compared. It would need to assume no collusion to achieve this assurance. Some paranoids would see the threat of exposure as sufficientreason to trust the program. Another advantage is that I could run your PC version on my Mac using SoftPC. I understand that PGP does not get random keystroke timing under SoftPC. Yet another advantage would be to those who wish to keep their private key in their head. This would require remembering and correctly typing about 1000 characters at each computer sesion. An optional text checksum would thus be strategic and not compromise security. I understand that the quality of keyed data may be poor. Shannon estimated that such data could provide about one bit of information per character. It might be difficult to provide a sufficient warning to users unfamilliar with information theory on the dangers of known or guessed sayings as input text. Unlike some cryptographic applications weekness in the random numbers does not induce sudeen failure. The effort in breaking a public key declines slowly with declining quality in the random numbers. Keystroke timing may well be the best default however. From warlord at MIT.EDU Thu Oct 28 22:22:43 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Thu, 28 Oct 93 22:22:43 PDT Subject: Paranoid In-Reply-To: <199310290500.AA09296@Menudo.UH.EDU> Message-ID: <9310290522.AA11750@toxicwaste.MEDIA.MIT.EDU> > Does PGP compress the text before it is encoded? Yes. It uses the zip algorithm (I think) as its compression engine. > Does this allow a cracker to search for the compression's signature > after every attempt? Every attempt? You mean every attempt at encryption? Well, yes and no. Yes, there is a semi-known plaintext inside the encrypted data. It is unknown if this can help an attacker. > Is there a checksum that a cracker could use to test for success after > every attempt? The only checksums are the ASCII-armor checksums, and the MD5 hash which is inside the RSA signature. Other than these, there are no checksums. Neither of these can be used to aid an attacker. > Would using UUENCODE on the text and deleting the "begin/end" lines > before encrypting it have a synergistic effect on the difficulty of > cracking a secret key from that particular message? This would give an attacker even MORE of a plaintext attack, since this will create lines of 64 characters, starting with an "M", which gives a regular pattern to the plaintext. > Is there an easy way to generate keys larger than 1024 bits? No. However given current technology and assuming no significant breakthroughs in factoring algorithms, a 1024 bit key wont be broken for over a million year (significantly more, if I recall). Hope this helps. -derek From mdiehl at triton.unm.edu Fri Oct 29 01:18:18 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Fri, 29 Oct 93 01:18:18 PDT Subject: pgp and procmail Message-ID: <9310290814.AA05936@triton.unm.edu> -----BEGIN PGP SIGNED MESSAGE----- Hi again! I've gotten some real good replies to my question regarding whether I should use procmail to send pgp advertisements. The overwhelming response has been that I shouldn't. I will instead, as was suggested, put my advertisement in my heading, like my pgp key info. Any suggestions as to what to put there? I have also been asked if I intend to post my procmail rc file. Yes, I do. As soon as I have tested it and feel finished, I will post it to the list. I've only been using procmail for ~4 days. By the end of the week-end, I will have procmail preprocessing my incoming encrypted email, a non-secure key on the mainframe to sign quick letters with, and a secure message-signing and transport system on my pc at home. I intend to run the link program from within Telix and Use Mike Ingle's encrypted disk driver. Short of burying my computer under 500 feet of concrete, what else can I do to build a reasonably secure system at home? Just for the Hell of it. ;^) -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBLMsjE1WjzUwifAbxAQG2fAQArUMrQBKa0o2n3HieGO/aUCZX1CsHgpXY QluVsGK1I8JPqxVdo6hPwl4M8gE6VSNimUjo7Sp/a/UzonjdS7BkOYX+V2/1oIv3 iHi6Y0ms0FmXBP/m7/ZZq2t2BQGCmLXiJ9M4r57nnZsqagsVUXStr0vMzWN/V+fd R3qdl3Iopps= =VDMU -----END PGP SIGNATURE----- From major at dcd.wa.gov.au Fri Oct 29 03:43:21 1993 From: major at dcd.wa.gov.au (major at dcd.wa.gov.au) Date: Fri, 29 Oct 93 03:43:21 PDT Subject: Paranoid Message-ID: <199310290918.AA06485@belfast.> A nym of no particular repute writes: > Does PGP compress the text before it is encoded? yes > Does this allow a cracker to search for the compression's signature > after every attempt? There is no "signature". Unix compress(1) leaves a signature but there is nothing in the math of compression which forces a compression algorithm to do so. Major From honey at citi.umich.edu Fri Oct 29 08:02:46 1993 From: honey at citi.umich.edu (peter honeyman) Date: Fri, 29 Oct 93 08:02:46 PDT Subject: Formal Methods for the Analysis of Authentication Protocols Message-ID: <9310291501.AA23581@toad.com> avi rubin and i recently completed a survey paper that may be of interest to cpunx. it is available via anonymous ftp from citi.umich.edu: /afs/umich.edu/group/itd/citi/public/techreports/PS.Z/citi-tr-93-7.ps.Z i have attached the abstract to this message. peter =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Formal Methods for the Analysis of Authentication Protocols A D. Rubin P. Honeyman Center for Information Technology Integration University of Michigan Ann Arbor In this paper, we examine current approaches and the state of the art in the application of formal methods to the analysis of cryptographic protocols. We use Meadows' classification of analysis techniques into four types. The Type I approach models and verifies a protocol using specification languages and verification tools not specifically developed for the analysis of cryptographic protocols. In the Type II approach, a protocol designer develops expert systems to create and examine different scenarios, from which she may draw conclusions about the security of the protocols being studied. The Type III approach models the requirements of a protocol family using logics developed specifically for the analysis of knowledge and belief. Finally, the Type IV approach develops a formal model based on the algebraic term-rewriting properties of cryptographic systems. The majority of research and the most interesting results are in the Type III approach, including reasoning systems such as the BAN logic; we present these systems and compare their relative merits. While each approach has its benefits, no current method is able to provide a rigorous proof that a protocol is secure. From nobody at Menudo.UH.EDU Fri Oct 29 08:18:23 1993 From: nobody at Menudo.UH.EDU (nobody at Menudo.UH.EDU) Date: Fri, 29 Oct 93 08:18:23 PDT Subject: ANON: message padding Message-ID: <199310291517.AA20642@Menudo.UH.EDU> -----BEGIN PGP SIGNED MESSAGE----- The remailer at elee9sf at menudo.uh.edu now pads messages. So as not to be too annoying, messages under 1K are padded to 1K; larger messages are untouched. Padding is calculated by the size of the message body as it goes to sendmail - the header doesn't enter in the calculation. This remailer also caches messages until midnight; this is being mailed out early because I forced it. This message is shorter than 1K, so there will be some padding below (after the signature block). Coming soon: explanation of what I'm doing :-) Karl Barrus -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNEygIOA7OpLWtYzAQFTggP/ZNq3NbDzKAAwflRxtFBQ9XBohHnlnYWz gPY35v4tyLyalxMFLrjg2RXqRCZwwsMVKeXdq8x4m7m8LETV2cQyBJpHZUFJNRk6 9it59a47Uvk4MxSLWwsNE7NeBagjT4XluYjYBQqMxXc7Cu641IGUvPNpkwtBfEKy IklE0fm7Z0A= =eNuW -----END PGP SIGNATURE----- FktH6kRoEhfyrw8HVOVWZjMtv4 GyLW511PVKywmZzC8hn7TzWU7btUpKc7tdB4JhJpEoDz2AwxcjGRgyVpvoss3cO From pckizer at tamu.edu Fri Oct 29 09:12:46 1993 From: pckizer at tamu.edu (Philip Kizer) Date: Fri, 29 Oct 93 09:12:46 PDT Subject: PGP automation In-Reply-To: <9310281737.aa24269@hermix.markv.com> Message-ID: <9310291608.AA04304@gonzo.tamu.edu> -----BEGIN PGP SIGNED MESSAGE----- > In short, I sugest doing what you are thinking about: use two keys, > a high security key, and a low security key signed by the high one. [ explaination of method deleted ] > That's what I do. > > j' > -- > O I am Jay Prime Positive jpp at markv.com > 1250 bit key fingerprint = B8 95 E0 AF 9A A2 CD A5 89 C9 F0 FE B4 3A 2C 3F > 524 bit key fingerprint = 8A 7C B9 F2 D5 46 4D ED 66 23 F1 71 DE FF 51 48 > Public keys by `finger jpp at markv.com' or mail to pgp-public-keys at pgp.mit.edu > Your feedback is welcome, directly or via symbol JPP on hex at sea.east.sun.com I like this method you mentioned of using two keys, on one on the public machine, and one more secure at home or whatever. I meant to comment on this before...I'm not sure about the "detached" signature, though. What if someone created a detached signature, adds it to their header, and the last thing that happens is that their mailer appends their .signature to the end of the message. The only way seems to be to say, "Encorporate the detached signature mechanism into whatever program you're using so that it's the last thing that happens. This includes things like mailx, elm, and inews." Not everyone could probably comply with this (especially some who work for corporations that add a corporate signature to messages after it's left the user's hands). - -pc ____________________________________________________________ Philip Kizer ___ Texas A&M CIS Operating Systems Group, Unix fnord pckizer at tamu.edu -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNE/87ZspOMRmJBhAQG1iQP/bAdjFL+OYzYJCNgvjB/0+eW+yA5ym/NY 6JrJkGjOKgjYMJ+fZFItcxgfiRUlFs+1X+N5j51P5r78XOVK20v5La2BP5CftOmj bLsb8Lg0hjCLtPbZWcywvPjAmA03fp3/gtFGr1rygTWGTy8cUlbRJS6FGcc0/uqZ o35s9zrul10= =X9yf -----END PGP SIGNATURE----- From jpinson at fcdarwin.org.ec Fri Oct 29 09:18:24 1993 From: jpinson at fcdarwin.org.ec (jpinson at fcdarwin.org.ec) Date: Fri, 29 Oct 93 09:18:24 PDT Subject: ID of anonymous posters via word analysis? Message-ID: <9310290952.aa20334@pay.ecua.net.ec> All the talk recently about multiple fake identities reminded me of a research project I read about a few years ago. A team set out to ascertain if Shakespeare was really one person, or actually several people. The researchers analyzed the frequency distribution of words found in the works of Shakespeare, and compared them to the other writers of the day. I don't recall the results of the project, but that kind of research would have implications for anonymous postings. It is not too difficult to see how certain spelling errors, word frequency (how often do you say 'I':-) choice of wording, and the working vocabulary of an individual could allow you to identify an anonymous poster. This would be particularly easy if the individual also posted under their real name. I suspect that the government has done research on this topic. It would be useful to identify which terrorist made which (written) threat. This brings up the subject of how one can post without leaving an "ASCII fingerprint". I suspect the use of a spelling checker and grammatical checker would help. Perhaps running your text through a language converter, (say English to French) then back would remove many identifying characteristics. Jim Pinson Galapagos Islands PGP key available by finger jpinson at fcdarwin.org.ec From mech at eff.org Fri Oct 29 10:12:47 1993 From: mech at eff.org (Stanton McCandlish) Date: Fri, 29 Oct 93 10:12:47 PDT Subject: ON THE ROAD TO NOSINESS? THE SAME GEAR THAT WOULD SMOOTH OUT TRAFFIC JAMS Message-ID: <199310291710.AA04040@eff.org> Forwarded message: Date: Thu, 28 Oct 1993 16:44:11 -0400 (EDT) From: Dan Gillmor mech at eff.org <=- Stanton McCandlish Electronic Frontier Foundation Online Activist & SysOp "A nation that is afraid to let its people judge the truth and falsehood of ideas in an open market is a nation that is afraid of its people." -JFK NitV-DC BBS 202-232-2715, Fido 1:109/? IndraNet 369:111/1, 14.4V32b 16.8ZyX Join EFF! For more information about membership, send mail to eff at eff.org From arthurc at crl.com Fri Oct 29 10:28:24 1993 From: arthurc at crl.com (Arthur Chandler) Date: Fri, 29 Oct 93 10:28:24 PDT Subject: ID of anonymous posters via word analysis? In-Reply-To: <9310290952.aa20334@pay.ecua.net.ec> Message-ID: I remember reading some time ago that the Nazis had a method of trapping communists that went like this: They'd put the suspect in room and carry on a conversation with him (all males, as I remember). Then, after several hours of conversation about any and all kinds of subjects, they would tote up the number of times that the suspect used the word "concrete" -- evidently a favorite left-wing buzzword in the '30s. If the "concrete" cropped up frequently .... off to camp went the suspect. I think that identification by buzzwords, habitual misspellings, etc. could be used to identify anonymous posters. Sentence structure is also revealing. Le style, c'est l'homme, said Voltaire. Of course, it all comes down to how much time and effort you want to put into proving, say, that SBoxx=LDetweiler. And the method is fallible. I've seen some pretty wacky schemes "proving," by word or grammatical analysis, that Shakespeare's works were written by Francis Bacon, Chris Marlowe, Queen Elizabeth, etc. It's very easy to be misled by your desire to prove something you're already convinced of for other reasons. From jdblair at nextsrv.cas.muohio.EDU Fri Oct 29 11:22:47 1993 From: jdblair at nextsrv.cas.muohio.EDU (jdblair at nextsrv.cas.muohio.EDU) Date: Fri, 29 Oct 93 11:22:47 PDT Subject: signing messages Message-ID: <9310291845.AA16281@ nextsrv.cas.muohio.EDU > How does one sign a message w/ PGP when one doesn't have the public key of a recipient? Example: when a key is signed to authenticate it, or when the source code for PGP is signed to authenticate it. Forgive me if this is a stupid question. -john. From jon at balder.us.dell.com Fri Oct 29 11:28:24 1993 From: jon at balder.us.dell.com (Jon Boede) Date: Fri, 29 Oct 93 11:28:24 PDT Subject: ID of anonymous posters via word analysis? Message-ID: <9310291825.AA21833@balder.us.dell.com> People interested in fingerprinting anonymous posters might be interested in a Markov tuple analysis program that was posted to the net eons ago. It should be in the '85 or '86 comp.sources under the name markov3. I recall that this was a program that fed enough posts from a given poster would create another post in their "style"; it was kinda fun. Jon -- ,,, (o o) Jon Boede ----ooO-(_)-Ooo---- jon at dell.com +1 512 728-4802 Engineering, Dell Computer Corp. Server OS Development Austin, TX "The problem is that _they_ see us as *them*." -- John Gilmore, Cypherpunk From still at kailua.colorado.edu Fri Oct 29 11:33:25 1993 From: still at kailua.colorado.edu (James Still) Date: Fri, 29 Oct 93 11:33:25 PDT Subject: ID of anonymous posters via word analysis? Message-ID: <2CD16F67@kailua.colorado.edu> > I remember reading some time ago that the Nazis had a method of >trapping communists that went like this: > They'd put the suspect in room and carry on a conversation with him >(all males, as I remember). Then, after several hours of conversation >about any and all kinds of subjects, they would tote up the number of >times that the suspect used the word "concrete" -- evidently a favorite >left-wing buzzword in the '30s. If the "concrete" cropped up frequently >.... off to camp went the suspect. This practice is, IMHO, extremely unethical and dubious at best! If the world's experiences are a metaphorical "object" bundled up in a <.lib> somewhere in the cosmos, then *anything* that the Nazi's did should be considered completely bugged code. Why do we want to inherit their flawed algorithm's? The whole point of the cypherpunk cause is to compile code from the ground up--considering the ethics involved with decisions such as rooting out 'nyms. Have we decided that it is now imperative to know the identities of those on 'our' side (further fueling this polarization of 'us' versus 'them')? Let's leave behind this obsession with determining who's who; it has taken us too close to the kluged code of Nazi history! My eye is on the prize... ;) --- still at kailua.colorado.edu ------------------------------------ From hiscdcj at lux.latrobe.edu.au Fri Oct 29 11:49:04 1993 From: hiscdcj at lux.latrobe.edu.au (Dwayne) Date: Fri, 29 Oct 93 11:49:04 PDT Subject: My PGP pubkey has been changed... Message-ID: <9310291843.AA17560@lux.latrobe.edu.au> Hi, I've changed my public key. Anyone who has a copy of my old one and needs to use it, I can still decrypt stuff using that, but my fingerable public key, and the one in the keypair I will be encrypting stuff with, has changed. So there. Dwayne. (Dwayne Jones-Evans IRC: ddraig ) ( SCA: Cynon Yscolan ap Myrddin, Stormhold, Lochac, West) PGP public key available. finger me. be gentle. internet---> hiscdcj at lux.latrobe.edu.au From dmandl at lehman.com Fri Oct 29 12:04:04 1993 From: dmandl at lehman.com (David Mandl) Date: Fri, 29 Oct 93 12:04:04 PDT Subject: signing messages Message-ID: <9310291859.AA09570@disvnm2.lehman.com> > How does one sign a message w/ PGP when one doesn't have the public key of a > recipient? Example: when a key is signed to authenticate it, or when the > source code for PGP is signed to authenticate it. > > Forgive me if this is a stupid question. > -john. There are no recipients necessarily involved. A signature with your secret key is proof that the message (or file) came from you. Anyone with your public key can confirm its authenticity. If you want to sign someone's public key, you obviously need their key, but otherwise, signing something involves only you and no one else. (Many people's public keys are on the public key servers, so that's a good place to look if you need to find someone's key. See the document in the PGP package for more information about the servers.) If you want to sign a message intended for one person only, you sign it and then encrypt with their public key. --Dave. From holland at CS.ColoState.EDU Fri Oct 29 12:24:04 1993 From: holland at CS.ColoState.EDU (douglas craig holland) Date: Fri, 29 Oct 93 12:24:04 PDT Subject: PGP automation In-Reply-To: <9310282340.AA17393@triton.unm.edu> Message-ID: <9310291923.AA03760@beethoven> > > If you happen to use 4dos and telix on your pc at home, I have some (imho) nice > tools which make it easy to encrypt... For a taste of what I mean, try my > menu.btm menu program for pgp under 4dos. If you like it, you can look at my > (as yet unreleased) mail program. Lagers. > > J. Michael Diehl ;^) |*The 2nd Amendment is there in case the > mdiehl at triton.unm.edu | Government forgets about the 1st! > Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even > .fidonet.org | better Mathematician. > al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to > (505) 299-2282 (voice) | be Politically Incorrect! > Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. > I wouldn't mind seeing some script files and the like. You just gave me an idea, that is if I could figure out the script languages for Emacs, Elm, as well as Qmodem. It would be nice if I could automate the encryption/decryp- tion/signature process. Doug | Doug Holland | Proud member of: | holland at beethoven.cs.colostate.edu | Mathematicians Against Drunk Deriving | Finger for PGP 2.2 key | From gtoal at an-teallach.com Fri Oct 29 13:59:08 1993 From: gtoal at an-teallach.com (Graham Toal) Date: Fri, 29 Oct 93 13:59:08 PDT Subject: ID of anonymous posters via word analysis? Message-ID: <4477@an-teallach.com> In article arthurc at crl.crl.com writes: > I think that identification by buzzwords, habitual misspellings, etc. > could be used to identify anonymous posters. Sentence structure is also > revealing. Le style, c'est l'homme, said Voltaire. Of course, it all > comes down to how much time and effort you want to put into proving, say, > that SBoxx=LDetweiler. I had a go at this just for fun when an8785 was doing his thing. I'm pretty sure I identified him correctly in the end. (The guy I thought it was, when I asked him, said 'If I were I wouldn't tell you', whereas all the other people I suspected but not as strongly all denied it violently, heh heh heh) I think this sort of analysis could be automated to a reasonable extent, to cut out the TypeI errors that the guys who did Shakespeare/Bacon analysis made. It's very easy to fool yourself if you don't have predefined criteria of comparison and a rigid marking scheme. I'm fairly sure that a sufficiently detailed analysis looking at enough different points of style would still catch someone's fingerprint even if they went out of their way to disguise their postings. The only approach I can think of that would be successful in hiding individual style is for person A to write something, person B reads it quickly, then attempts to write something with the same semantic content, but of course it will have B's grammar and phraseology and punctuation idiosyncracies. (And this only works if B is not a net poster, otherwise you recognise B and work out who his friends are :-) ) G -- Personal mail to gtoal at gtoal.com (I read it in the evenings) Business mail to gtoal at an-teallach.com (Be careful with the spelling!) Faxes to An Teallach Limited: +44 31 662 4678 Voice: +44 31 668 1550 x212 From gtoal at an-teallach.com Fri Oct 29 14:01:48 1993 From: gtoal at an-teallach.com (Graham Toal) Date: Fri, 29 Oct 93 14:01:48 PDT Subject: PGP automation Message-ID: <4476@an-teallach.com> In article <9310281940.AA28085 at beethoven> holland at cs.colostate.edu writes: > Right now, it is a complete pain in the ass for me to encrypt or sign > messages using PGP. The reason is because I have my email account on > one of CSU's unix machines, so I have to do my posting there, while > my PGP stuff lives on my PC in my apartment. Usually, I check my mail > and read news by calling CSUNet over my modem, but if I want to encrypt, > decrypt, sign or check the signature of a message, I have to zmodem the > message to my machine, log off, decrypt or check the message while > offline (or at least shelled into DOS), type up a reply, manually encrypt > it and finally get back into my term program and zmodem the reply back > up to CSUNet and mail it. I don't really want to run PGP on CSUNet, since > I don't trust their machines like I trust mine, but I am thinking about > doing that and generating a key which I would be wiling to use for less > secure stuff. Anyone here have any other suggestions on making encryption > less of a pain? This may seem a little excessive, but the only sensible way to use pgp in environments like yours or prz's (heh heh) is to set yourself up with your own site at home, either with a dialup SLIP/PPP feed or a plain and cheap uucp feed. Both of those options are becoming much cheaper than they used to be, and you can run suitable software on all sorts of computers - whatever you're using to dial in to your timeshare service at the moment would probably do, as long as its not just a dumb terminal. DOS, a free unix or linux, Amiga, Atari - they can all handle at least uucp if not tcp/ip too. If you don't have suitable hardware, you can surelu find a 286 dos box with an old 20Mb drive and plain text- only display secondhand somewhere for $200 or less... that'll run UUPC or even KA9Q. If you care about privacy in your email, you *have* to run it all the way into your own machine. G From an41418 at anon.penet.fi Fri Oct 29 14:13:28 1993 From: an41418 at anon.penet.fi (wonderer) Date: Fri, 29 Oct 93 14:13:28 PDT Subject: ON THE ROAD TO NOSINESS? THE SAME GEAR THAT WOULD SMOOTH OUT TRAFFIC JAMS Message-ID: <9310292110.AA04186@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- My understanding is that IVHS systems are voluntary. Here are some examples of systems that invade your privacy, and yet are considered acceptable: - phone bill an itemized list of every number you called. - credit card bill Where and how much you spent - school records - criminal record All this information is easily obtainable. Do you think that people will reject a system that saves them a significant portion of their trip to work each day so that there is no record of where they drove? Also, I believe most toll collection systems being built are on a pre-paid basis, and anonymity is retained unless there is a violation. In that case, a photograph is taken of the plate. In Europe, I believe that there are highways that you can speed on, and then receive a ticket in the mail when the camera photographs your plate. Okay, that's the devil's advocate point of view. The argument of the IVHS proponents. Personally, I believe that IVHS is receiving enough government funding that it will happen. Nothing is inevitable, but money talks. To combat the privacy-invading aspects of IVHS will take a substancial political battle. Isn't Clinton's proposed Health card a bigger threat than IVHS? I believe we should concentrate on privacy issues as they relate to computer systems and cryptography. We are cypherpunks, not just punks. Those issues are also important, but probably more related to alt.privacy or some such group. Wonderer -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBVAgUBLNGBlR1kTJuroDD9AQEXwwIAlu3Nq9XAxN5z6GgSETxa1/yhL/UI0dIf CcLietZRDnknSz4m9j8WcgGqezmkzCoWUx4mSz634mdo7BNIJ+TC6Q== =ivnS -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From ejo at world.std.com Fri Oct 29 14:39:07 1993 From: ejo at world.std.com (Edward J OConnell) Date: Fri, 29 Oct 93 14:39:07 PDT Subject: ID of anonymous posters via word analysis? In-Reply-To: <4477@an-teallach.com> Message-ID: One could also imagine a 'symantic scrambler' analogous to the word analysis program, but designed to defeat it, by randomly altering the syntax of a post. The output might have to be tweaked afterwards, in order to restore some sense to it, but it would be a sort of ascii version of the cutting the words out of magazines style of ransom note. It might just be a huge lookup table of canned phrases that get swapped in to replace your 'unique,' identifiable sentences. It seems like a dedicated global search and replace, combined with some sort of die throw to dictate sentence structure might be enough to screw up word analysis, actually... Actually, the scrambler wouldn't have to be random--it could always produce output with the same word analysis signature. As long as a bunch of people were using it, or had access to it, you'd have deniability. E. Jay O'Connell____________________________________________________ "God does not play dice with the Universe"--A Einstein "No, she plays SuperScratch-Card Wingo (TM)"--Me. ____________________________________________________________________ Information Wants to Be Free PGP Public Key available by Finger From unicorn at access.digex.net Fri Oct 29 14:43:26 1993 From: unicorn at access.digex.net (Dark) Date: Fri, 29 Oct 93 14:43:26 PDT Subject: Nazis/Privacy/Cypherpunks Message-ID: <199310292140.AA20797@access.digex.net> -----BEGIN PGP SIGNED MESSAGE----- - -> Observe the following exchange > I remember reading some time ago that the Nazis had a method of >trapping communists that went like this: > They'd put the suspect in room and carry on a conversation with him >(all males, as I remember). [Stuff deleted, no value judgment implied.] This practice is, IMHO, extremely unethical and dubious at best! If the world's experiences are a metaphorical "object" bundled up in a <.lib> somewhere in the cosmos, then *anything* that the Nazi's did should be considered completely bugged code. Why do we want to inherit their flawed algorithm's? [See note 1] The whole point of the cypherpunk cause is to compile code from the ground up--considering the ethics involved with decisions such as rooting out 'nyms. [See note 2] Have we decided that it is now imperative to know the identities of those on 'our' side (further fueling this polarization of 'us' versus 'them')? Let's leave behind this obsession with determining who's who; it has taken us too close to the kluged code of Nazi history! My eye is on the prize... ;) [See note 3] --- still at kailua.colorado.edu ------------------------------------ - -> so... [Note 1] Personally, I don't rule out examination of Nazi tactics as a worst case scenario model. Let's face it, as ugly and dark as Nazi rule was, they did some things quite efficiently indeed. Take state security. The Nazi's had so perfected the process of identifying dissidents and quashing opposition that aside from the high ranking traitors, war time and early pre-war Nazi Germany was probably the most stable dictatorship in history. (From an internal and counter intelligence perspective anyhow [See Barry Posen for more.]) The price, of course, was the death of many, many innocents who were just perceived as threats (camps aside.) To rule out Nazi approaches, especially when dealing with intelligence and counter-intelligence issues (which IMHO is basically what cypherpunks is all about on some level or another...) is plain silly. Current intelligence practices are based a great deal on what was learned in WWII (OSS being the basis for today's CIA etc...) I'll begin to differ when you start talking about medical issues. [Note 2] No one writes code from "the bottom up" in the manner that you suggest. If that were the case we'd see the wheel invented time and time again. One of the reasons this mailing list exists is to accomplish exactly the opposite. That being to incorporate common or even fringe ideas into the development of code for the common purpose (The Prize as you adeptly put it.) so we don't HAVE to build from the ground up every time. [Note 3] One of the ways we learn is through trial and error amongst ourselves. It's funny that the list is beginning to lose some of the major personas that were here when I first joined last fall (winter?) Cypherpunks was a collection of experts, and newbies all feeding off each other to push the technologies farther and make a social impact encouraging privacy in the process. Where better to defeat anonymous posting and improve the art than among ourselves? This brings up a side issue for me, and incidentally the reason I rejoined cypherpunks (aside from my brief loss of net access when I went back to Liechtenstein this summer). More and more, where I look, I see privacy in this country eroded. It has gotten to the point where I can see no other direction now than the centralization of government in an age where technology makes it a joke to keep track of individuals from what they buy, to which toll booths they drive through, to which bank tellers they use, to what they "Publish" on the net. I feel that a hands on approach for government becomes more and more dangerous the farther technology progresses. Information technology is like nuclear technology in this way, you just can't tell how it will be applied, to liberate, or to oppress. Either is possible. Will something not have to give if we are to be reasonably secure in the belief that a brutal and powerful dictatorship will not succeed in this country? I will be the first to admit that the U.S. is not likely to fall to such a fate in the next (insert number appropriate to your ideology here) years, but if it does, it will be a dictatorship/authoritarian/ centralized power the likes of which no one has ever seen. The tools exist to make freedom meaningless. Personally I'm not secure enough relying on the balance of powers as the only safeguard. The omnipotence that any authoritarian power would have in this country, a country where the pizza delivery man punches up your usual order and doesn't have to ask for your address or credit card number when you call (In 2 years will they have to answer the phone at all?), is staggering in its scope. If the Nazi's took power in such an environment... phew. Personally (yet again) with the prospect of national health care, the card to be issued at birth, and the adjoining files to be collected on anyone who claims anything under it, I am that much more sure that everyone should establish three or four identities complete with documentation before acquiring such documentation becomes impossible anymore. (Speaking of which, does anyone know if the Social Security act of 1974 which limited the use of Social Security numbers and tried to form some basic (albeit limited) privacy to card holders has any counterpart in the health card?) There is great safety in anonymity. I intend to keep it. - -uni- (Dark) -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLNGb1xibHbaiMfO5AQH2QgP+KkvBHohXgFMEhotPPSwFgqWta5E+KTuk tfSSFLO0EyoERFUz6mZPU6cKFpxAgpX5aHNeHsfAwLs0WRQs+T4ZE7cJDgDS215F gmhUaHKpBfgwQz5aoT1EHnGcLRZCQl9h2uAXubpnHUUb1d+sBWUNRnFJKkKmBIZ+ eODsv0JZHEc= =yXrJ -----END PGP SIGNATURE----- From unicorn at access.digex.net Fri Oct 29 14:44:07 1993 From: unicorn at access.digex.net (Dark) Date: Fri, 29 Oct 93 14:44:07 PDT Subject: Style Analysis Message-ID: <199310292142.AA22002@access.digex.net> -----BEGIN PGP SIGNED MESSAGE----- - -> Back when jpinson at fcdarwin.org.ec said.... [Stuff deleted, no value judgment implied] The researchers analyzed the frequency distribution of words found in the works of Shakespeare, and compared them to the other writers of the day. I don't recall the results of the project, but that kind of research would have implications for anonymous postings. It is not too difficult to see how certain spelling errors, word frequency (how often do you say 'I':-) choice of wording, and the working vocabulary of an individual could allow you to identify an anonymous poster. This would be particularly easy if the individual also posted under their real name. [Stuff deleted, no value judgment implied] This brings up the subject of how one can post without leaving an "ASCII fingerprint". I suspect the use of a spelling checker and grammatical checker would help. Perhaps running your text through a language converter, (say English to French) then back would remove many identifying characteristics. Jim Pinson Galapagos Islands PGP key available by finger jpinson at fcdarwin.org.ec - -> to which I reply: It seems to me that the software to "filter" a message through and remove anomalies, standardize punctuations and replace words over 5 letters with more standard words.. etc.. has a kind of utility. I particularly like the two sweep translation program idea. If enough people used this software it would become meaningless to attempt this kind of analysis, which looks to be straightforward enough to give even the persistent investigator a "gut feel" for the identity of an otherwise anonymous poster. It seems that the most solid basis for this kind of message analysis is non-standard use of grammar, spelling, and punctuation. I, for example, use too many commas. Anyone have any information on what factors identify posters? Is it just word frequency analysis or...? It would be easy enough to correct that. - -uni- (Dark) -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLNGcxxibHbaiMfO5AQFVIwP+JsuNvRmE1WlFZ7wxvIybg1bTa0FO5/N7 4XrHQ0On1avtoFDjPAmA7dqgrHHscz8LiwYEx1eXx/exOPmZkA2sCg5/AVo61zv6 iBjsqd3o5IgV9L+uXmzl2+OBJ0zpdTyNxiV7VzrKjJqKVlzZgCqbYCB8tN5cOpFj M3FnGQZfSsg= =a1Hf -----END PGP SIGNATURE----- From mdiehl at triton.unm.edu Fri Oct 29 15:25:23 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Fri, 29 Oct 93 15:25:23 PDT Subject: ID of anonymous posters via word analysis? In-Reply-To: <9310291825.AA21833@balder.us.dell.com> Message-ID: <9310292223.AA13784@triton.unm.edu> According to Jon Boede: > > People interested in fingerprinting anonymous posters might be interested in a > Markov tuple analysis program that was posted to the net eons ago. It should > be in the '85 or '86 comp.sources under the name markov3. I recall that this > was a program that fed enough posts from a given poster would create another > post in their "style"; it was kinda fun. Has anyone found this program? I'd sure like a copy of it. Thanx in advance. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From jim at bilbo.suite.com Fri Oct 29 15:53:30 1993 From: jim at bilbo.suite.com (Jim Miller) Date: Fri, 29 Oct 93 15:53:30 PDT Subject: ViaCrypt PGP on its way Message-ID: <9310292251.AA03568@bilbo.suite.com> I ordered ViaCrypt PGP today. They said I should get it by next friday. I'll post comments about it as I learn to use it. I haven't used "classic" PGP so I wont be able to make any commparisons. Jim_Miller at suite.com (camping on the mailbox) From an41418 at anon.penet.fi Fri Oct 29 16:09:07 1993 From: an41418 at anon.penet.fi (wonderer) Date: Fri, 29 Oct 93 16:09:07 PDT Subject: ID of anonymous posters via word analysis? Message-ID: <9310292305.AA22193@anon.penet.fi> -----BEGIN PGP SIGNED MESSAGE----- I don't see anything wrong or unethical about using software. It is true that the Nazis used gas against the Jews in WW II, so are you not going to use gas? I hope this doesn't sound insensitive, but part of studying anonymity and the pseudonymous experience is finding out what sort of techniques can be used to discover someone's nym. I pointed one out earlier - watching for double postings, one by nym, the other by actual identity. If studying writing patterns is a viable method for discovering the true identity of a nym, then by all means try it. If someone were to discover my identity, I would use it as a learning experience. I'm going to be as careful as possible, but I would not advocate ignoring software if it exists, no matter what its historical significance. Wonderer -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBVAgUBLNF+hh1kTJuroDD9AQG96QIAo5JEYTSOAwaAdFDs9AOEbbq27Uho3b8r T1corhWKdZVmESMYLKTCaIcxlkABUcCcZfyCS8bLlud7P4HlCSq3dw== =RKfn -----END PGP SIGNATURE----- ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From mg5n+ at andrew.cmu.edu Fri Oct 29 16:29:07 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 29 Oct 93 16:29:07 PDT Subject: ID of anonymous posters via word analysis? In-Reply-To: Message-ID: E. Jay O'Connell wrote: > It might just be a huge lookup table of canned phrases that get > swapped in to replace your 'unique,' identifiable sentences. It seems > like a dedicated global search and replace, combined with some sort > of die throw to dictate sentence structure might be enough to screw > up word analysis, actually... > > Actually, the scrambler wouldn't have to be random--it could > always produce output with the same word analysis signature. As > long as a bunch of people were using it, or had access to it, you'd > have deniability. I've seen a few programs which do this, but they were mostly for humor value. The program would pick out certain words or phrases and swap the with other words of phrases in its database, mostly cliches and other strange word usage. (such as "Like, wow, gag me with a spoon" etc...) The output was rather humorus, but most of the meaning was still preserved. I saw several of them used awhile ago during the Jon Fether fiasco on the usenet (If any of you saw that - a little 14-year old got daddy's modem and found a free internet site, and then started flamewars on several usenet groups. A few people took his flame posts and ran then thru their "filters" and then re-posted them.) Anyway, it probably wouldn't be too hard to just swap words with synonyms or reorder or replace certain prepositional phrases. From mdiehl at triton.unm.edu Fri Oct 29 16:34:07 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Fri, 29 Oct 93 16:34:07 PDT Subject: Duplicate key in keyring? Message-ID: <9310292333.AA17127@triton.unm.edu> Lately, when I use pgp -ka, I get the following message: warning: duplicate key in keyring '/usr/tmp/1730s/pubring.pgp' warning: duplicate key in keyring '/usr/tmp/1730s/pubring.pgp' warning: duplicate key in keyring '/usr/tmp/1730s/pubring.pgp' warning: duplicate key in keyring '/usr/tmp/1730s/pubring.pgp' I'm using the keyring from the key-server. This really annoys me. Is there any way to fix this? Thanx in advance. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl at triton.unm.edu | Government forgets about the 1st! Mike.Diehl at f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. al945 at cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703. From mdiehl at triton.unm.edu Fri Oct 29 16:34:40 1993 From: mdiehl at triton.unm.edu (J. Michael Diehl) Date: Fri, 29 Oct 93 16:34:40 PDT Subject: pgp and procmail Message-ID: <9310292330.AA17022@triton.unm.edu> Well, I've had a lot of people asking me where to get procmail from. I'm including several addreses at the end of this list. At the momeent, I am testing my procmail recipes for pgp. I suspect I have a file locking problem, which, while it hasn't manifested itself yet, could cause problems later. I am working on fixing this before I release my recipes. So that I may test my recipes, I would appreciate it if you would send me, first, a copy of your public key, then a message signed with it. Also, I would like you to try to spoof it. To make this easier for you, I will send you back your message as it appears in my mailbox. Thanx in advance. Host ftp.cs.widener.edu (147.31.254.132) Location: /pub/src/mail FILE -r--rw-r-- 118657 bytes 00:00 1 Jul 1992 procmail.tar.Z Host ftp.sunet.se (130.238.127.3) Location: /pub/unix/mail FILE -rw-rw-r-- 111459 bytes 22:00 15 May 1992 procmail.tar.Z Host ftp.edvz.univie.ac.at (131.130.1.4) Location: /unix/systems/linux/util/mail FILE -rw-r--r-- 221413 bytes 02:08 25 Jun 1993 procmail.tar.Z Host alf.uib.no (129.177.30.3) Location: /pub/Linux/util/mail FILE -rwxr-xr-x 221413 bytes 03:18 26 Jun 1993 procmail.tar.Z Host keos.helsinki.fi (128.214.4.83) Location: /pub/archives/comp.sources.misc DIRECTORY drwxrwxr-x 512 bytes 00:00 12 Feb 1993 procmail From warlord at MIT.EDU Fri Oct 29 16:59:07 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 29 Oct 93 16:59:07 PDT Subject: Duplicate key in keyring? In-Reply-To: <9310292333.AA17127@triton.unm.edu> Message-ID: <9310292356.AA14828@toxicwaste.MEDIA.MIT.EDU> > Lately, when I use pgp -ka, I get the following message: [stuff deleted] 1) You never say what version of PGP you are using. 2) You didn't say which key-server you got the keyring from (granted, this shouldn't make a difference, but you never know). 3) You didn't say what kind of machine you are on. -derek From an15489 at anon.penet.fi Fri Oct 29 17:23:25 1993 From: an15489 at anon.penet.fi (Jack Daniels) Date: Fri, 29 Oct 93 17:23:25 PDT Subject: ON THE ROAD TO NOSINESS... Message-ID: <9310300019.AA04372@anon.penet.fi> >In Europe, I believe that there are highways >that you can speed on, and then receive a ticket in the mail >when the camera photographs your plate. This happens here in the United States. In Campbell, California the police have a small van which they set up on major streets. If the radar thinks you're speeding, it photographs you and mails you a ticket. Jack ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From nowhere at bsu-cs.bsu.edu Fri Oct 29 17:33:25 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Fri, 29 Oct 93 17:33:25 PDT Subject: Sternlight with the news... Message-ID: <9310300031.AA21054@bsu-cs.bsu.edu> Newsgroups: sci.crypt,talk.politics.crypto,alt.security.pgp,alt.security.ripem,comp.org.eff.talk From: strnlght at netcom.com (David Sternlight) Subject: News from the cipher front Message-ID: Organization: DSI/USCRPAC Date: Wed, 27 Oct 1993 18:36:16 GMT Lines: 143 Ciphertext, the RSA newsletter (v1 n1, Fall 1993) showed up in my mailbox this week. It contains much useful and interesting information, as well as an announcement of RSA's 1994 conference on January 12-14. What follows are some digested excerpts, posted with permission. On the Clipper front there is a very useful and non-polemical summary of the technical aspects of Clipper by Paul Fahn, and an article by Martin Hellman. Hellman is a Distinguished Associate of RSA Laboratories, one of the inventors of Public Key technology, and a Professor of Electrical Engineering at Stanford. He's not happy with Clipper as presently proposed, and says why. Since the article is based on his NIST testimony, the latter can be obtained by anonymous ftp at isl.stanford.edu in /pubs/hellman/nist.clipper.text. The third annual RSA Data Security Conference is at Redwood Shores, CA. It costs $245 per person. There is no Onsite registration. Deadline is Friday 12/17/93. For details contact RSA. Registration is limited to 400 and includes the conference, tutorials, and hardcopy conference proceedings, as well as a cocktail reception, and breakfast and lunch on all three days. Apple Ships RSA Digital Signature in Long-Awaited System 7 Pro. On October 4th, Apple Computer introduced millions of new users to the RSA Digital Signature. The producs are called PowerTalk and PowerShare and are part of System 7 Pro, a new version of the Mac operating system. They include five components, integrated into the operating system--Messaging, Electronic Mail Directories, Privacy and Authentication, and Digital Signatures. They also include RSA's RC4 symmetric stream cipher for server-to-server link encryption. Powertalk is compliant with the Public Key Cryptography Standards, and users will receive a voucher for a free unaffiliated "residential digital certificate, good for use with any secure PKCS or Internet PEM-compliant application. The Apple System 7 Pro implementation is PEM-certificate compatible, and the messages are as well. (For those who want privacy, RIPEM Mac operates with the key pair generated by the Mac.) There is an API to the sign/verify functions of the MacOS so that any app developer can use the features without needing to license from RSA. Of course, the MacOS with RSA Digital Signatures is fully exportable. RSA has a free signer utility for Windows that is compatible with the Mac sigs. Internet Privacy Enhanced Mail Arrives. Several commercial and freeware versions are available right now: TechMail, written at MIT, is a complete mail reading program for Macintosh and (soon) Windows. It includes full implementation of the Internet PEM RFCs, using RSA's TIPEM toolkit as its security engine. It is a client of the Internet Post Office Protocol. Techmail for the Mac is available from net.dist.mit.edu in pub/TechMail. It runs on SLIP or non-SLIP. (Poster's note: The SLIP version incudes PEM and works fine. I haven't tested the non-slip version and am not sure if it yet includes PEM.) TIS/PEM and T-Mail are non-commercial freeware and commercial supported versions, respectively, of Trusted Information Systems implementations of Internet PEM. The former was developed under contract with ARPA and agreement with RSADSI and is available in source code for academic research or exploratory use by corportions or individuals on the Internet. For more information send e-mail to tispem-support at tis.com. TIPEM 1.1 is the latest release of RSA's Toolkit for Interoperable Privacy-Enhanced Messaging. It permits creating applications that comply with the Internet PEM standards as well as the commercial Public Key Cryptography Standards (PKCS) established by vendors including Lotus, Apple, Novell, and Microsoft. The toolkit was used for Apple's Powertalk. It is available directly from RSA Data Security Inc. RIPEM is another freeware public key encryption program designed for Internet PEM. It implements a subset of PEM as described in RFC's 1421-1424 The internet host ripem.msu.edu acts as a RIPEM key server for users who choose to register their keys. It is available via anonymous ftp from rsa.com and non-anonymous ftp from ripem.msu.edu. RSA Certificate Services Center Opens for Business. This article describes the center RSA has established to get ral certificates with your name, public key, and organizational affiliation safely embedded in a cryptographically tamper-proof digital document. This provides the digital ID for Apple Powertalk, Internet Privacy-Enhanced Mail, or any X.509 certificate-based secure application. The center allows you to issue your own affiliated certificates using RSA's Certificate Issuing System; or the Certificate Services Center can issue affiliated certificates for you, or you can purchase individual unaffiliated certificates directly from the CSC. Revocation services are also provided, as are certificate verification services. Users of Apple's System 7 PRO may get their first certificate free. (Poster's note--as I understand it, subsequent individual certificates are $25.) For more information contact George Parsons, CSC Manager at 415-595-8782. RSA Licensee Update: This piece is a partial list of products using RSA Technology available now or coming soon. They include products from Novell, Apple, Microsoft, Trusted Information Systems, Motorola, AT&T, Lotus, Word Perfect, Racal, IBM, Northern Telecom, Hughes, etc. in categories of Security in the OS, Secure E-mail, Secure Telephone and Fax, Secure Workgroup, Secure Electronic Forms, Link and Node Encryption, and Secure Remote Access. Hilgraeve Licenses RSA for Best-Selling Asynch Package. Hilgraeve, Inc. is about to release the very first mass-market asynchronous communications package with RSA encryptoin capabilities built in. The current release of that software, HyperACCESS/5 is already a market leader, for DOS, OS/2, and Windows. It has received PC Magazine's Editors' Choice Award three out of the past five years for its quality, performance, and ease of use. For more information, contact Matt Gray at 313/243-0576. DataMedia's SECURExchange can "secure virtually any existing DOS, Windows, or Macintosh E-mail system. It uses RSA Digital Envelopes, RSA Digital Signatures, and RSA Digital Certificates. It has been fully tested with cc:Mail, Microsoft Mail, DaVinci Mail, Beyond Mail, Internet, Compuserve, MCI Mail, AT&T EasyLink, and other systems. For more info call 603/886-1570. Dr. Ron Rivest has a piece on the Difficulty of Factoring--a reprint of a "classic paper." The RSA Factoring Challenge is a list of very long numbers posted on rsa.com. There are cash prizes for the most successful factorers. Prizes vary from the tens to the thousands of dollars, and unrewarded prize money rolls over into a kitty from month to month. SmartDisk is a smartcard that fits in a standard 3-1/2 inch diskette slot and interfaces with the disk read heads. It's a high-performace smart card that doesn't need a reader. It has its own embedded OS firmware. the firt application available is SafeBoot, a complete PC access control package which is "virtually unhackable. The encryption algorithm and key are stored on the SmartDisk to protect them. For further info call Gene Wagner or Jon Kaplan at Fischer International, 813/643-1500. The above excerpts are only partial summaries of the material in the newsletter. RSA Data Security Inc. is at 100 Marine Parkway, Suite 500, Redwood City, CA 94065-1031. Disclaimer: The poster of this summary has no connection with any of the companies mentioned herein, except as an occasional beta tester for some, and an interested observer. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb From mccoy at ccwf.cc.utexas.edu Fri Oct 29 19:33:25 1993 From: mccoy at ccwf.cc.utexas.edu (Jim McCoy) Date: Fri, 29 Oct 93 19:33:25 PDT Subject: ID of anonymous posters via word analysis? In-Reply-To: <9310292223.AA13784@triton.unm.edu> Message-ID: <199310300232.AA05517@tramp.cc.utexas.edu> > From owner-cypherpunks at toad.com Fri Oct 29 18:11:38 1993 > Received: from relay2.UU.NET by ccwf.cc.utexas.edu with SMTP id AA01696 > (5.65c/IDA-1.4.4 for ); Fri, 29 Oct 1993 17:39:18 -0500 > Received: from toad.com by relay2.UU.NET with SMTP > (5.61/UUNET-internet-primary) id AA20384; Fri, 29 Oct 93 18:38:51 -0400 > Received: by toad.com id AA27077; Fri, 29 Oct 93 15:25:23 PDT > Received: by toad.com id AA27054; Fri, 29 Oct 93 15:23:54 PDT > Return-Path: > Received: from triton.unm.edu ([129.24.8.235]) by toad.com id AA27050; Fri, 29 Oct 93 15:23:50 PDT > Received: by triton.unm.edu (5.65/0.1) > id ; Fri, 29 Oct 1993 16:23:35 -0600 J. Michael Diehl asks: > According to Jon Boede: > > > > People interested in fingerprinting anonymous posters might be > > interested in a Markov tuple analysis program that was posted to the > > net eons ago. > > Has anyone found this program? I'd sure like a copy of it. Thanx in > advance. I found it in a net.sources archive (which should give a trip through the wayback machine for some old-timers...) You can now get it via anonymous ftp in ftp.cc.utexas.edu:/pub/cypherpunks/utils/markov.shar.gz jim From mikeingl at news.delphi.com Fri Oct 29 20:59:10 1993 From: mikeingl at news.delphi.com (MIKEINGLE@DELPHI.COM) Date: Fri, 29 Oct 93 20:59:10 PDT Subject: Get this (from alt.security.pgp)... Message-ID: <9310300355.AA11168@news.delphi.com> >Newsgroups: alt.security.pgp,talk.politics.crypto,comp.org.eff.talk >Path: news.delphi.com!noc.near.net!howland.reston.ans.net!spool.mu.edu!sgiblab!rtech!amdahl!netcomsv!netcom.com!strnlght >From: strnlght at netcom.com (David Sternlight) >Subject: L'Envoi >Message-ID: >Followup-To: poster >Organization: DSI/USCRPAC >Date: Fri, 29 Oct 1993 22:09:50 GMT >Lines: 60 >Xref: news.delphi.com alt.security.pgp:5751 talk.politics.crypto:1071 comp.org.eff.talk:20845 When I began participating in cryto discussions here, there were several issues of interest to me. One was to encourage RSADSI to permit a "U.S.-legal" version of PGP. I have worked behind the scenes with RSA to encourage that, and it now appears that with ViaCrypt that goal has been reached for DOS, and one assumes soon for Unix and the Mac. Another was to make it clear that I thought both that pgp 1.x and 2.x were infringements of PKP's patents in the U.S. and those who encouraged or supported that were acting in a counterproductive way to RSA's permitting a licensed version. I've made my views very clear on this, and now that ViaCrypt is out, the issue is somewhat stale. A third was my concern that PGP2.x was the result of violating U.S. law. Since a Grand Jury is now investigating this matter, I am happy to leave it, whatever the outcome, in the hands of the professionals. I claim no personal credit for any of the above developments. Along the way I electronically met many colleages who vigorously but civilly disagreed with some of my views and advocacies. They have earned my undying respect and admiration. I also met some who were, not to put too fine a point on it, badly in need of having their mouths washed out with soap. They will remain in memory for who they have shown themselves to be. My biggest single disappointment was with Mike Godwin and EFF. I had considered them to be professionals working on issues I supported. I now believe they are petty special pleaders riding a particular hobby horse, and to some extent a toy of their major funders. They have, again in my view, shown themselves not above both inaccurate propaganda statements, and a complete inability to acknowledge and correct such errors when they arise. Thanks to the many who sent me e-mails of support during this whole experience. Thanks also also to the few who had genuine disagreements and expressed them civilly in e-mail. Since the main issues of concern to me now seem to be well in train, it's time to use my energies in other ways. Thus I am removing talk.politics.crypto and alt.security.pgp from my reading lists. I am always available via e-mail, and would welcome news from colleagues who wish to take the trouble to write me on how Phil Zimmerman is doing, how the Grand Jury proceedings are coming along and with what result, and when "U.S.-legal" Mac and Unix versions of PGP become available. For those who are curious, when I need encryption my current tools of choice are TechMail for correspondence flowing via POP Mail servers, and MacRipem for point-to-point traffic to other Macs. I am also experimenting with the new Mac System 7 Pro and an illustrative application Apple sent to developers that handles internet mail within it. I understand Ripem Mac will fit into this model and accept the System 7 Pro signer keys for encryption, and I'm going to work with that as well. David -- David Sternlight When the mouse laughs at the cat, there is a hole nearby.--Nigerian Proverb From nobody at Menudo.UH.EDU Fri Oct 29 22:03:25 1993 From: nobody at Menudo.UH.EDU (nobody at Menudo.UH.EDU) Date: Fri, 29 Oct 93 22:03:25 PDT Subject: Paranoid Message-ID: <199310300500.AA06657@Menudo.UH.EDU> >>> Does this allow a cracker to search for the compression's signature >>> after every attempt? >Every attempt? You mean every attempt at encryption? Well, yes and >no. Yes, there is a semi-known plaintext inside the encrypted data. >It is unknown if this can help an attacker. "unknown" doesn't provide anyone with very much reassurance. >>> Would using UUENCODE on the text and deleting the "begin/end" lines >>> before encrypting it have a synergistic effect on the difficulty of >>> cracking a secret key from that particular message? >This would give an attacker even MORE of a plaintext attack, since >this will create lines of 64 characters, starting with an "M", which >gives a regular pattern to the plaintext. Not all versions of UUENCODE start each line with an "M" and there are other programs similar to UUENCODE that can be used. The synergistic effect would also be due to the fact that the cracker would be clueless to the fact that UUENCODE was being used, but only if there is no type of checksum or compression signature that was being used instead of a spell checker. A spell checker?? This is insane. There has got to be some type of checksum code that verifies if the text was decrypted properly or not. Crackers can't possibly be trying keys and word searching for "the" or "and". Where have all the code writters vanished to? Doesn't the recursive use of DES have a synergistic effect? >>> Is there an easy way to generate keys larger than 1024 bits? >No. However given current technology and assuming no significant >breakthroughs in factoring algorithms, a 1024 bit key wont be broken >for over a million year (significantly more, if I recall). My opinion ---> What TotalFuckingBullshit(tm) <--- Technology is growing exponentially. Try: "for over 10 year[sic]" Any decent "personal computer" can crack mediocre DES encryptions in a semi reasonable amount of time. 10 years ago how many people do you think thought that this would be possible? Is there some type of design flaw that limits RSA keys to 1024 bits?? From mnemonic at eff.org Fri Oct 29 22:23:25 1993 From: mnemonic at eff.org (Mike Godwin) Date: Fri, 29 Oct 93 22:23:25 PDT Subject: Question about Proper Names of Crypto Companies Message-ID: <199310300520.AA10998@eff.org> A journalist friend asks me the following: > what is the proper (as in inc., corp. co., etc) > name + location of viacrypt + austin code works? I know where Austin Code Works is, of course, but couldn't be authoritative on the other matters. Could someone fill me in? --Mike, not afraid to express uncertainty From remail at tamsun.tamu.edu Fri Oct 29 23:03:25 1993 From: remail at tamsun.tamu.edu (remail at tamsun.tamu.edu) Date: Fri, 29 Oct 93 23:03:25 PDT Subject: ANON: anonymous mail Message-ID: <9310300600.AA03570@tamsun.tamu.edu> -----BEGIN PGP SIGNED MESSAGE----- The remailer at elee9sf at menudo.uh.edu now pads messages. So as not to be too annoying, messages under 1K are padded to 1K; larger messages are untouched. Padding is calculated by the size of the message body as it goes to sendmail - the header doesn't enter in the calculation. This remailer also caches messages until midnight; this is being mailed out early because I forced it. This message is shorter than 1K, so there will be some padding below (after the signature block). Coming soon: explanation of what I'm doing :-) Karl Barrus -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNEygIOA7OpLWtYzAQFTggP/ZNq3NbDzKAAwflRxtFBQ9XBohHnlnYWz gPY35v4tyLyalxMFLrjg2RXqRCZwwsMVKeXdq8x4m7m8LETV2cQyBJpHZUFJNRk6 9it59a47Uvk4MxSLWwsNE7NeBagjT4XluYjYBQqMxXc7Cu641IGUvPNpkwtBfEKy IklE0fm7Z0A= =eNuW -----END PGP SIGNATURE----- From warlord at MIT.EDU Fri Oct 29 23:23:26 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 29 Oct 93 23:23:26 PDT Subject: Paranoid In-Reply-To: <199310300500.AA06657@Menudo.UH.EDU> Message-ID: <9310300622.AA04325@binkley.MIT.EDU> > "unknown" doesn't provide anyone with very much reassurance. Well, sorry. But if you think about it, Shamir figured out a way to crack a DES key given 2^53 plaintexts (I think this is the right order of magnitude). This is with DES, which has 56-bit keys. PGP uses IDEA, which is 128-bit keys. However, the IDEA algorithm is relatively new, and has not been as throroughly tested. With DES, it is fairly easy to say that "knowing the plaintext and cyphertext does not allow you to easily find the key used". Is this statement also true with IDEA? I don't know. Also, this is knowing a full block of plaintext, or the WHOLE plaintext. Partial plaintext helps even less. > Not all versions of UUENCODE start each line with an "M" and there are > other programs similar to UUENCODE that can be used. The synergistic effect > would also be due to the fact that the cracker would be clueless to the fact > that UUENCODE was being used, but only if there is no type of checksum or > compression signature that was being used instead of a spell checker. Wait a second, *why* do you want to use UUENCODE? The reason compression is used is to 1) reduce the size of the message, and 2) to reduce the amount of redundancy in the message. The redundancy can help an attacker break it. (If you know that it is ASCII text, it is easier to try to break it than if its compressed ASCII text, since the compressed ASCII text is now binary text!). Why UUENCODE? Now you again reduce the problem to fixed-format, fixed line length ASCII text! This doesn't help you. This helps the attacker. You want to remove as much redundancy from the plaintext as possible before it is encrypted. > A spell checker?? This is insane. There has got to be some type of checksum > code that verifies if the text was decrypted properly or not. Crackers can't > possibly be trying keys and word searching for "the" or "and". Where have all > the code writters vanished to? There is. There is a header *byte* that lets you know that the block was decrypted. Read my statements about partial plain-text. A good encryption algorithm will not give you any information about a key given access to both the plain text and cyphertext. > My opinion ---> What TotalFuckingBullshit(tm) <--- [stuff deleted] > Is there some type of design flaw that limits RSA keys to 1024 bits?? You asked "Is there an easy way to generate keys larger than 1024 bits?" I answered No. This is true, there is no way, currently, in PGP, to generate keys larger than 1024 bits. Is there a design flaw? No. It was an implementation decision. It does not mean that the key size will not be increased in a future release. There is one flaw limiting to 1024-bit keys. RSAREF. It currently has a limit of 1024 bit keys. If there is ever to be a PGP that uses RSAREF, then either RSAREF needs to be capable of larger keys, or PGP is going to have to keep itself limited to 1024-bit keys. > Technology is growing exponentially. Try: "for over 10 year[sic]" Technology is not growing exponentially, it is growing geometrically. And there is a finite limit to the amount it can grow. It is called quantum physics! If you assume that no significant improvements are made to the factoring problem, algorithmically, then all you can do is apply more computer power towards the problem. As a concrete example, there is currently a project to try to factor RSA129, a 129 digit RSA modulus. This is equivalent to approximately 425 bits. The estimated time for completion of this problem is about 6000-10000 MIP-years. That means it would take 10000 1-MIP machines one full year to factor the number. From personal experience in this project, I can tell you *there is no damn way you are going to factor a 1024-bit number in 10 years*. Not until every person on this planet has hundreds of computers at their disposal that are many orders of magnitude more powerful than today's most powerful machines, and you devote every single one of them to the problem for those 10 years, basically shutting down the planet for 10 years. Remember, factoring is an exponential problem. I don't remember the exact formula for the complexity, offhand, however the number of MIP-years for a 1024-bit key was somewhere around 10^20 MIP-years. Don't compare factoring to breaking DES, they are totally different problems. > Any decent "personal computer" can crack mediocre DES encryptions in a semi > reasonable amount of time. 10 years ago how many people do you think thought > that this would be possible? Define a reasonable about of time? Currently, the best we have currently is the $1M machine that can crack DES in 3.5 hours, on average. You consider that a "decent personal computer"? Or do you consider "semi reasonable amount of time" to be 10 years? Clearly, you have a lot to learn about orders of magnitude! -derek Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory Secretary, MIT Student Information Processing Board (SIPB) PGP key available from pgp-public-keys at pgp.mit.edu warlord at MIT.EDU PP-ASEL N1NWH From MIKEINGLE at delphi.com Sat Oct 30 00:19:10 1993 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sat, 30 Oct 93 00:19:10 PDT Subject: Paranoid Message-ID: <01H4PIVP2EUA91X82R@delphi.com> Warlord wrote: >You asked "Is there an easy way to generate keys larger than 1024 >bits?" I answered No. This is true, there is no way, currently, in >PGP, to generate keys larger than 1024 bits. Is there a design flaw? >No. It was an implementation decision. It does not mean that the key >size will not be increased in a future release. PGP23a for DOS will create a 1264 bit key if you enter the key size manually at the prompt. Key generation will take a long time, and secret key operations (decryption and signing) will be slow. Not that anyone actually needs a 1264 bit key, but it is possible. From felix at hu.se Sat Oct 30 05:39:14 1993 From: felix at hu.se (Felix Ungman) Date: Sat, 30 Oct 93 05:39:14 PDT Subject: ID of anonymous posters via word analysis? Message-ID: <199310301238.AA27634@mail.swip.net> >Edward J OConnell writes: >One could also imagine a 'symantic scrambler' analogous to the word >analysis program, but designed to defeat it, by randomly altering the >syntax of a post. It doesn't have to be random. You could have a neural network style translation of sentences. You would train the network by having a known pre-written sentence as output, and a sentence with the same meaning, but with your personal syntactic style. It would also be possible to do lexical or paragraphical translation. With this scheme, you can have as many writing styles as you want (e.g. one for each poster). If you want to look like Shakespeare, just train the network with a couple of (pair of) sentences of Hamlet. ---------------------------------------------------------------------- True Name: Felix Ungman "Gen is god and your God is not" From huntting at glarp.com Sat Oct 30 08:19:14 1993 From: huntting at glarp.com (Brad Huntting) Date: Sat, 30 Oct 93 08:19:14 PDT Subject: ON THE ROAD TO NOSINESS... In-Reply-To: <9310300019.AA04372@anon.penet.fi> Message-ID: <199310301517.AA03406@misc.glarp.com> >>In Europe, I believe that there are highways >>that you can speed on, and then receive a ticket in the mail >>when the camera photographs your plate. > This happens here in the United States. In Campbell, California > the police have a small van which they set up on major streets. > If the radar thinks you're speeding, it photographs you and mails > you a ticket. Apparently this caused a bit of embarrassment for some English philanderer a while back. When the ticket came in the mail complete with a photo of the license plate and occupants, his wife wanted on knowing who the woman in the passenger seat was. Then again, this could be urban legend. brad From nobody at indirect.com Sat Oct 30 08:20:51 1993 From: nobody at indirect.com (nobody at indirect.com) Date: Sat, 30 Oct 93 08:20:51 PDT Subject: ANON: anonymous mail Message-ID: <199310301519.AA08057@indirect.com> -----BEGIN PGP SIGNED MESSAGE----- I thought I'd describe why you would want to pad anonymous mail. Currently, the destination and contents of email you send isn't private. It is possible for any number of people to snoop your mail as it travels to its destination. For privacy, you can encrypt your mail. Suppose Alice has an email account as learns that email is about as private as a postcard. She decides to encrypt all of her email, and all of her correspondents agree to do the same. So now, nobody can read her mail. But, who she communicates with still yeilds information. This is called traffic analysis, and I won't go into it here. So, enter anonymous remailers (see Chaum's "Untraceable Electronic Mail"). Currently several people on this list are experimenting with and running anonymous remailers. The remailers accept instructions (optionally encrypted) and resend messages, making it look as though the mail originates from the remailer. Now Alice sends and receives all her encrypted mail from an anonymous remailer. Somebody snooping Alice won't learn the contents of her mail, or even with whom she communicates. (She could even keep private what USENET news she reads by borrowing a trick from Mr. Slippery in "True Names" - just download everything and read what you want at home.) Another security enhancement is chaining the anonymous remailers, instructing one to mail to another, and so on, eventually delivering mail. Alice and her friends do the same, and they continue to privately communicate, keeping their various identities secret. If the snooper just watches the first remailer, he will learn that her mail goes to another remailer, etc. Now the snooper would need to watch more remailers to figure out who Alice is talking to. - From time to time, people suggest a probabalistic remailer, either forwarding mail to another remailer, or delivering it immediately. This actually reveals the final destination to more remailers than before. For example, if Alice chains mail A-B-C-final, then only the C remailer knows the final destination. But if the remailers implemented some probabalistic scheme, then each one will have to be given the final destination. To make it harder for a snooper, the remailers decide to cache their remailing requests, sending them out periodically instead of immediately. Now, a snooper would see a steady stream of mail into the remailer, and nothing coming out until suddenly, the remailer sends out all of its queued messages. If a large number of messages are stored to be remailed later, the snooper isn't able to easily match up incoming and outgoing messages. Now we come to message padding. If a snooper watches the incoming and outgoing mail, perhaps the size of the mail will provide enough information to link sender to destination, even if it is cached and remailed along with several other messages. So, to defeat this, the remailer can pad all messages to be a certain length. The best way for this to work is if a snooper can't figure out what is padding and what isn't. For plaintext and digitally signed (only) documents, this is not too difficult. But, for encrypted messages, if the remailer could insert padding into the encrypted text itself, or add in padding which would be ignored upon decryption, then it would be very difficult, if not impossible, for a snooper to determine what is and what isn't padding. The system implemented at the elee9sf at menudo.uh.edu remailer is a simple type - it pads the message body to a certain length. But it is pretty obvious what is padding and what isn't - so if a snooper is in a position to determine the length of a message (say they are trying to match up source and destination), they probably will be able to read the message and throw the padding out on their own. A better system would be one that pads inside encrypted text. This can be done with a pgp encrypted message by padding the end of ascii encrypted text and adjusting a few bytes (length fields, etc.). The message can still be decrypted, and the excess padding bytes will be ignored. Such a system is in the works... and it is reasonable to pad encrypted messages since it is much harder to detect and you will probably encrypt text sent through an anonymous remailer to get the maximum benefit. (If you don't mind everyone reading what you wrote you could use a dc-net and generate plaintext :-) Another useful technique is an anonymous pool, where everybody in the pool gets every message. Since everybody subscribing to the list receives every message, it would be extremely difficult for a snooper to determine to whom such a message is really intended for. You could use a newsgroup for the same purpose - post encrypted text to some group and your friend would read the group and retreive the message. Also, from time to time people wonder about errors and whether failed mail can be bounced back or whatever. The difficulty here is that the anonymous remailers try to keep information about source and destination to a minimum. For instance, a message may be routed through several remailers; the previous hop may be another remailer, so it wouldn't be useful to bounce the message back. Some remailers drop bounced mail, others wind up appending to a log file. A good solution currently implemented at extropia.wimsey.com is to use an anonymous pool for error reporting. Karl Barrus -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNH9eYOA7OpLWtYzAQEPzQP/QYeciQf7TKimj67xQRWScov848bcauF6 hlFOfoF4MFSm7mhD1bPks7xiwZuYO6P+MwkaeMqBKYQfWzBi37Blx5PNo3iK6Dmk pmeGsYqew34oPxk7Exvsu7uOcKhFAhBcEWvElJ+ytMjEbuY8EsHoGGETXpPVK87C OFkNxCrdqYY= =J/5q -----END PGP SIGNATURE----- From klbarrus at owlnet.rice.edu Sat Oct 30 08:53:27 1993 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sat, 30 Oct 93 08:53:27 PDT Subject: Paranoid Message-ID: <9310301553.AA00702@elf.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- I'm not exactly sure what this thread is about :-) but I do have some numbers: Differential cryptanalysis of DES requires 2^47 = 140737488355328 = 1.4 10^14 known plaintexts. The complexity of a brute force DES attack (keysearch) is 2^56 = 72057594037927936 = 7.2 10^16, or 2^55 = 36028797018963968 = 3.6 10^16 if you are efficient. Similary, brute forcing IDEA is 2^128 = 340282366920938463463374607431768211456 = 3.4 10^38 The best factoring algorithm (gopher plug: check in Misc/ for a recent "bits and difficulty factoring post") for a 1024 bit key is a complexity of 4.42 10^29. Somewhere around 1600 bits comes a point where it is "easier" to attack IDEA than factor the resulting number. Karl Barrus -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNKNqYOA7OpLWtYzAQFlkwP+PdenJNJOKm9zcxkL4Zaq22aujfa2SAgk 1NILjQzZI8uZe9FIn8p2uEoS3YjYskg40tEMeohhGqZ371s/ndlTjDDhga0PCXLj Q4UHoowTVR9hx/cVGzLhuZbyAwbbqAvygGQNKN1iXn3IqpLoNV3Do+TtUj0xLt1l 0j1gl055YL4= =Vl2r -----END PGP SIGNATURE----- From jdblair at nextsrv.cas.muohio.EDU Sat Oct 30 09:43:28 1993 From: jdblair at nextsrv.cas.muohio.EDU (jdblair at nextsrv.cas.muohio.EDU) Date: Sat, 30 Oct 93 09:43:28 PDT Subject: thanks... Message-ID: <9310301703.AA19974@ nextsrv.cas.muohio.EDU > Thanks to all of the people who answered my question on message signing. -john. From jdblair at nextsrv.cas.muohio.EDU Sat Oct 30 10:09:13 1993 From: jdblair at nextsrv.cas.muohio.EDU (jdblair at nextsrv.cas.muohio.EDU) Date: Sat, 30 Oct 93 10:09:13 PDT Subject: Macintosh PGP CDEV Idea Message-ID: <9310301731.AA20087@ nextsrv.cas.muohio.EDU > -----BEGIN PGP SIGNED MESSAGE----- I have a proposal for a piece of code I'd like to try and put togethor over Xmas break, and I want to bounce it off of the group to make sure that I'm not duplicating anyone else's work. I work mostly on the Macintosh, and this program would be for the mac. It would be a CDEV (good 'ol desk accessory) which would contain a smaller version of PGP. By smaller, I don't mean less secure, I mean a little less functionality. All it would do would sign, encrypt, or decrypt text files. By being a desk accessory, it would allow a message that's been downloaded by whatever means (MS Mail, FTP, Kermit, etc.) to be quickly decrypted, or to encrypt files for uploading. The idea is to have a simple, easy graphical interface on a small floating pallete type window. Since it would be a CDEV, it could be used simultaneously with a communications program even if the machine was running 6.0 w/ the unary finder. Keys would still be generated in the full fledged version, but these keys would be accessible by the CDEV. A possible later version could also take advantage of Apple Events, thus becoming a module which other programs could send files to to become decrypted, or encrypted without worrying about the process themselves. I've begun poreing through the source code to see how easy or difficult this is going to be, but first I'd like to make sure that their aren't already projects like this in development, or if there is any body who would like to help with the development process. It must be made clear that I am a beginning C programmer and a beginning developer of hard-coded Macintosh applications. I've started to consider tackling this project as something that will force me to learn both. Anybody have any ideas, comments, proposals? E-mail me directly, unless you think its a discussion that should be posted to the group as a whole. later, - -john. -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBVAgUBLNJm3qNqtARNqVmxAQGL2wH/dYM7nkpeNbrFniRseZUHEl0X1p4Cn5md iqPkZWhznhwa+QhcEm6s8RGSq/Kf/uEPsy1C58wVfFbwhMF23WfPhQ== =car+ -----END PGP SIGNATURE----- From trestrab at GVSU.EDU Sat Oct 30 10:23:29 1993 From: trestrab at GVSU.EDU (BETH TRESTRAIL) Date: Sat, 30 Oct 93 10:23:29 PDT Subject: Has anyone seen "Applied Cryptography" yet ? Message-ID: <9309307520.AA752012317@GVSU.EDU> If anyone has seen Bruce Schneir's new book, "Applied Cryptography", please post a short review to the list so that others can know whether to special order it. Thanks. Jeff From zeek at actlab.rtf.utexas.edu Sat Oct 30 11:13:29 1993 From: zeek at actlab.rtf.utexas.edu (Kevin T. Kruzich) Date: Sat, 30 Oct 93 11:13:29 PDT Subject: Question about Proper Names of Crypto Companies In-Reply-To: <199310300520.AA10998@eff.org> Message-ID: <9310301813.AA07272@actlab.rtf.utexas.edu> *> A journalist friend asks me the following: *> *> > what is the proper (as in inc., corp. co., etc) *> > name + location of viacrypt + austin code works? *> *> I know where Austin Code Works is, of course, but couldn't be *> authoritative on the other matters. Could someone fill me in? The telephone for Austin Code Works is (512) 258.0785, but does not answer this Saturday. -z From zeek at IO.COM Sat Oct 30 12:23:29 1993 From: zeek at IO.COM (zeek) Date: Sat, 30 Oct 93 12:23:29 PDT Subject: LATEST PGP INFO FILE? Message-ID: <9310301918.AA21155@illuminati.IO.COM> -----BEGIN PGP SIGNED MESSAGE----- Could somebody please direct me to either an address or ftp site where I can get the latest pgp-info file? I have one from a few months ago. Just wondering if there have been any updates. The info file I have can be found by "finger zeek at io.com" Any help is appreciated. Thank you, - -z -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNK+BmH4Xujemt89AQEyDAQA1BULUB+pvSKndcOEmlYA8bbb04zlz04d J0xTD4bd7TQ5T/xvlkYFRUUDPOvNlT2pmfsDxPhLb/qOa2dHttoQUB2DPNAK9Pvm L/CEsTu4Gb2wquPcZ4Fw/HJtGaafKK9FMXoxeMEhfIoaLCkLk9W8UBFfb+Yr9koq P9xJlAX48Uk= =lwjm -----END PGP SIGNATURE----- From cdodhner at indirect.com Sat Oct 30 12:49:14 1993 From: cdodhner at indirect.com (Christian D. Odhner) Date: Sat, 30 Oct 93 12:49:14 PDT Subject: pgp bug/feature Message-ID: <199310301948.AA25659@indirect.com> Found a new 'undocumented feature' of pgp just now. in a recent message apparently from Future Nerd Steve W., the message begins with the usual -----------Begin pgp signed message--------- Header. Then later in the message, as sortof a joke I think, he he put: - ---------Begin philosophy------------- and then later an end philosophy and a begin pgp sig. So when I tried to verify the signature, pgp gave me a 'Failure striping ascii armor' error and said 'ascii armor error in signed file' or something like that. So I guess that use of anything that looks like a pgp header to pgp within the message invalidates any pgp sig. Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at indirect.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" My opinions are shareware. For a registered copy, send me 15$ in DigiCash. Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 From hfinney at shell.portal.com Sat Oct 30 18:13:35 1993 From: hfinney at shell.portal.com (hfinney at shell.portal.com) Date: Sat, 30 Oct 93 18:13:35 PDT Subject: Signing keys for nyms Message-ID: <9310310111.AA04227@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- The big weakness with public-key cryptography is making sure you have a valid key for the person you are communicating with. If you just get a key off a key server, it's possible that the key has been faked and does not actually belong to the person it claims to. Key signatures from trusted individuals testify that the key actually is associated with the given userid. Without a trusted signature, it's possible that your messages could be read en route and then re-encrypted with the true key of the recipient, who receives a properly encrypted message and doesn't suspect anything. In practice, this attack would normally be difficult to mount, as it would imply some way of intercepting and altering the messages you are sending. But anonymous communicants are perhaps more vulnerable to these attacks since their mail generally must go through a server system. They have to trust these servers not to reveal their true identity (at least, with the penet.fi server), but there is also the danger that the server could alter their messages as they pass through the server, possibly posting false public keys for them. If Wonderer, for example, communicated mostly through the penet server, there could be many kinds of changes being made to his messages, and he might not notice. His key could have been changed, then when his posted Cypherpunks message came back to him, it could have been changed back to what he sent. Encrypted mail to him could be read by the penet operator and then re-encrypted with his real key. (Naturally, I'm not suggesting the Julf would do something like this, but the attack is possible in principle.) Obviously this kind of attack could be defeated in many ways, such as if Wonderer could check his postings through some other path than penet.fi. But this might require him to expose himself in some ways (such as by signing up to the CP list under his True Name) that he would prefer not to. Ideally, a nym should be able to explore interests completely separate from any connection with his True Name. In general, it seems to me that anonymity server operators are the ones in the best position to create fake keys for nyms. Eric's suggestion that operators should sign the keys doesn't help much in this situation. I'd say that other methods are needed to confirm that encrypted messages to nyms are not being read en route. Hal -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNLezagTA69YIUw3AQGk+AP9HX8RUXgV+qKHcDLOnb75dHJUv+gqO0dm znRHtyNruRWOTtbqCp7VMV84+etnU90sMIDt/fwsCJdvaGnktYGwdQx2TkiIUQGF +n1nXb6/YRvDPcry7/W5Um4cQVHFd3thS8g7GI2FRZgS/qZ9BHJLcmRf17w+FsQs ORHMk+JowQw= =Y8Uf -----END PGP SIGNATURE----- From hfinney at shell.portal.com Sat Oct 30 18:14:21 1993 From: hfinney at shell.portal.com (hfinney at shell.portal.com) Date: Sat, 30 Oct 93 18:14:21 PDT Subject: Chaum's credentials (technical question) Message-ID: <9310310111.AA04231@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- In response to the recent discussions about identity, pseudonyms, "is-a-person" credentials, etc., I've been studying Chaum's paper from Auscrypt 90, "Showing Credentials without Identification; Transferring Signatures between Unconditionally Unlinkable Pseudonyms." This is quite a dense and rather cryptic paper which requires careful reading. It doesn't help that the references got left off when the paper was printed. There are also quite a few obvious misprints in some of the printed formulas. I am trying to understand one particular passage, on page 258. Chaum uses the idea of a credential as an RSA signature on a pseudonym, where the pseudonym is a number Px. The RSA modulus has, in this case, two exponents e1 and e2 which mean different things. (Say, e1 means "good credit risk" and e2 means "good driving record".) The corresponding private exponents are d1 and d2. If a person has these two credentials that means that he has the two numbers Px^d1 and Px^d2, from the credentialling organization. These RSA signatures prove that he actually has the characteristics described in the credential. Now, I am having a problem with Chaum's math. This is a little technical but I know we have some people on the list who know some number theory. Here is what Chaum says: "Suppose an organization X were to require that you have each of two credentials, say both that with public exponents e1 and e2. You could send X separatley Px^d1 and Px^d2. It is also possible for you to use the two credentials to form the single credential Px^(d1*d2), which will be called their AND.... To create the AND, you: set g to the multiplicative inverse of d1 modulo d2; set h to the remainder after dividing g*d1-1 by d2; and computing (Px^d1)^g * (Px^d2)^(-h) = Px^(d1*d2)." It would be really nice if this AND credential could be created like this, because it might be applicable to digital cash. Instead of having to go through the complicated spending transaction for each piece of cash, you might be able to combine all the pieces of cash into one, and just spend that. It would be more compact. But Chaum's math doesn't work. First of all, he says "you" should set g to the inverse of d1 modulo d2. But this seems to presume knowledge of d1 and d2. Yet "you" don't know these things; these are the secret exponents of the signing agency. So is Chaum actually talking here about something the signing agency does? It didn't sound that way from the context. If the signing agency wants to compute Px^(d1*d2), given Px^d1 and Px^d2, it can do so easily enough; simply take Px^d1 to the d2 power. You don't need to go through this rigamarole with g and h. So that interpretation doesn't make much sense either. The other possibility I thought of is that he meant that the signing agency would make g and h, as he defined them, public. With g and h then users could combine their credentials as he said. But even that doesn't work; his whole formula doesn't make sense. g is the inverse of d1 mod d2; this means that g*d1 = 1 mod d2, or in other words g*d1 - 1 = k*d2 for some k. That's the definition of the multiplicative inverse. Okay, but then he says h is the remainder when g*d1-1 is divided by d2. But look: g*d1-1 is a MULTIPLE of g2! The remainder will always be zero. So that doesn't make any sense either. So I thought, perhaps he really meant that h should be the quotient rather than the remainder; it would be "k" in the equation I just wrote. Then we'd have g*d1 - 1 = h*d2, which is somewhat encouraging because it resembles his formula. But his formula is (Px^d1)^g * (Px^d2)^(-h), which is Px^(g*d1 - h*d2). Rearranging the equation two lines above, we see that g*d1 - h*d2 = 1. So we end up with just Px, not Px^(d1*d2). So this isn't right, either. In fact, the notion that you can calculate Px^(d1*d2) from Px^d1 and Px^d2 is pretty questionable, since the impossibility of doing this is the basis of Diffie-Hellman key exchange! In short, I haven't found any interpretation of Chaum's math that makes sense. Can anyone shed any light on this? Was this just a mistake in a paper which was, after all, just intended for conference proceedings, not a refereed journal? Thanks - Hal -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNLlRKgTA69YIUw3AQEmegP9HzQt1vMwuLvVVr2e3LNrL5lPh9jg/cb4 rQkTvh+XVCKlqsI7TJ2pCeAwLygxPMlcw4/3sAeV9K1hWqk0B+bSFU8qWQSmka5+ 2OpJIXt2C+N/qVMKiFzAKMmQf680iVUxdj/TvfV6kZ6hPA5eqHdnHWy45QKEck3B VMNwKRPz2Mo= =TLs8 -----END PGP SIGNATURE----- From hughes at ah.com Sat Oct 30 19:29:22 1993 From: hughes at ah.com (Eric Hughes) Date: Sat, 30 Oct 93 19:29:22 PDT Subject: Signing keys for nyms In-Reply-To: <9310310111.AA04227@jobe.shell.portal.com> Message-ID: <9310310224.AA00840@ah.com> >In general, it seems to me that anonymity server operators are the ones >in the best position to create fake keys for nyms. They are certainly in the best position for good or for ill. >Eric's suggestion that operators should sign the keys doesn't help >much in this situation. If the servers, however, don't sign keys, I don't think the pseudonym can prove to a third party that alteration has taken place. See the protocol below, which detects signatures on false keys. >I'd say that other methods are needed to >confirm that encrypted messages to nyms are not being read en route. Here is such an "other method." If a provider of any sort is the sole means of access to a series of communications, there will be the possibility of tampering. If some public key must issue forth through this channel only, it is possible to alter the pseudonym's public key each time it is passed throught that channel. Since every protocol which uses communications only through the server won't work, every solution needs another channel. Let us assume that the server is signing pseudonym keys. We want a protocol to detect key alteration. If keys are being spoofed, the pseudonym will have to be provided with a certificate which signs the true key, but which the provider has transmitted only to the pseudonym; everyone else sees the provider's false key. Assume a third party cooperating with the pseudonym. The pseudonym sends their own public key as signed by the server--i.e. the certificate the pseudonym has--to the third party both both through the provider's pseudonym server and through an anonymous remailer. If the server is spoofing keys, the key that passes through the server will be altered. The message contains a random number used as an ID to match up the two messages. The third party encrypts the message received from the server with the public key received anonymously and sends it back to the pseudonym, again through the server. The server cannot decrypt this message, since it is encrypted with the true pseudonym public key, not the false one. The pseudonym then checks that the certificates match. The key to this protocol (and there are plenty similar) is that the public pseudonym key is transmitted to the outside world by a different channel than the server. That's a necessary part of any solution. Note that this protocol can be completely automated. The third party could be another server which pairs up messages and sends them back. Why not just send the pseudonym's certificate with an anonymous remailer? The reason is that, assuming that all communications to the pseudonym do pass through the server, the pseudonym might never find out that their own key had been compromised. The protocol above, while more complicated, notifies the pseudonym first of any alteration. Eric From edgar at spectrx.saigon.com Sun Oct 31 02:09:28 1993 From: edgar at spectrx.saigon.com (Edgar W. Swank) Date: Sun, 31 Oct 93 02:09:28 PST Subject: Mail delivery question Message-ID: -----BEGIN PGP SIGNED MESSAGE----- T. William Wells posted here on Oct 24: As an operator of an anonymous service, I'm constantly amazed at the things that supposedly worthwhile net.citizens will do, without even the slightest thought for the consequences. And consequences there have been, sometimes potentially tragic ones. Perhaps I should tell some of my horror stories. Yes! Yes! Please tell us all the gory details! -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNLzXd4nNf3ah8DHAQGAowP/fkWAwK8cuHKf8+LNY6+u8bP3T7avsf6d GpDLUIpgD/PKhHVTChHMGjm5Ga51mFlB60dY3CxF/qyrybr2071HwAb4CkhCiDdy guz8UU3n2iz00+HjlG4Rjqlpnejkm9AJE1Hm5Jm3a0i0bPNUtBfsD0xBhYoaVZ8K SKAJIapQ7nU= =Wr1L -----END PGP SIGNATURE----- -- edgar at spectrx.saigon.com (Edgar W. Swank) SPECTROX SYSTEMS +1.408.252.1005 Cupertino, Ca From ferguson at icm1.icp.net Sun Oct 31 08:53:40 1993 From: ferguson at icm1.icp.net (Paul Ferguson x2044) Date: Sun, 31 Oct 93 08:53:40 PST Subject: (fwd) Getting a Copy of APPLIED CRYPTOGRAPHY Message-ID: <9310311650.AA16870@icm1.icp.net> I thought some of you folks might find this of interest. Forwarded message: > Newsgroups: sci.crypt,comp.security.misc,alt.security > From: schneier at chinet.chinet.com (Bruce Schneier) > Subject: Getting a Copy of APPLIED CRYPTOGRAPHY > Message-ID: > Summary: I'll send you my book if you want it. > Keywords: Cryptography, Book > Organization: Chinet - Public Access UNIX > Date: Fri, 29 Oct 1993 02:35:59 GMT > Lines: 19 > > If anyone has trouble getting a copy of my book, I would be happy to mail it > to them for $45 plus postage. (Postage can very from 4th Class Book Rate to > Federal Express, and depends on what country you are in.) > > If you prefer, you can order it from your bookstore. (I've been getting > enough questions about this to post this info for all.) All you need is the > ISBN, but here's the rest of the information: > > APPLIED CRYPTOGRAPHY: PROTOCOLS, ALGORITHMS, AND SOURCE CODE IN C > Bruce Schneier > John Wiley & Sons, 1994 > ISBN: 0-471-59756-2 > $44.95 > > I am currently attempting to get permission to put the index on line. > > Bruce _____________________________________________________________________________ Paul Ferguson Mindbank Consulting Group fergp at sytex.com Fairfax, Virginia USA ferguson at icp.net From nowhere at bsu-cs.bsu.edu Sun Oct 31 09:23:40 1993 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Sun, 31 Oct 93 09:23:40 PST Subject: The lighter side of computing... Message-ID: <9310311722.AA00610@bsu-cs.bsu.edu> Although this cross-post is off-topic, I thought perhaps many of you would find it as humorous as I did. If not, sorry for the bandwidth. From: mnemonic at eff.org (Mike Godwin) Newsgroups: comp.org.eff.talk,talk.politics.crypto,misc.legal,alt.security.pgp Subject: Re: "Honest argumentation" Date: 30 Oct 1993 09:14:45 -0400 Organization: Electronic Frontier Foundation Lines: 55 Message-ID: <2atpc5$cds at eff.org> References: <2atp3u$cca at eff.org> NNTP-Posting-Host: eff.org In article , David Sternlight wrote: >Courts have discussed this point in the past. There was a famous case in >which a distinction was made between "the sound seemed to wander" and "the >sound wandered." (Bose vs. Consumers Union). One cannot assume that Mike's >usage (particularly since he is an attorney) meant "seemed" unless he said >so. He did not. He said "is". Interesting that you should apply a product libel case to your own situation. Are you a product, David? Which manufacturer produced you? A better precedent, of course, is Gertz v. Robert Welch Inc. David Sternlight, after having thrust himself into the vortex of public opinion, will find it hard to avail himself of the protections against reputational damage that a private citizen has. My statement falls so clearly within the area of non-actionable speech that your case would lose on summary judgment. I'd move for sanctions, of course, since Rule 11 of the Federal Rules of Civil Procedure, as well as comparable state rules, sanction the initiation of frivolous lawsuits. Ask your attorneys how they like Rule 11 sanctions, David. Whoever those attorneys are, that is. >Since it is a remark that goes to a matter of fact and is false, and more >than that, Mike has no knowledge of my study of the history of press freedom >in this country, and finally, since he is an attorney, this is considerably >more than some layman's ad hominem. First, it's not false. Second, libel law doesn't distinguish between lawyer statements of fact and non-lawyer statements of fact. Third, it's not an ad hominem, as that term is used precisely. >It is quite material to my view of EFF that one of their attorneys should >post, over their name, a message that I am advised is defamatory. Please, please don't dig yourself any deeper. If you like, I can give you some examples of truly defamatory and non-defamatory statements, so you can learn the distinction. In the meantime, I await the letter from your "attorneys." Nothing would give me more pleasure than to slamdunk a frivolous libel suit. --Mike -- Mike Godwin, (202) 347-5400 |"In our sleep, pain which cannot forget mnemonic at eff.org | falls drop by drop upon the heart until, Electronic Frontier | in our own despair, against our will, comes Foundation | wisdom through the awful grace of God." -------end forwarded article---------- From mikeingl at news.delphi.com Sun Oct 31 13:43:45 1993 From: mikeingl at news.delphi.com (MIKEINGLE@DELPHI.COM) Date: Sun, 31 Oct 93 13:43:45 PST Subject: Secure Phone Progress (fwd) Message-ID: <9310312142.AA28209@news.delphi.com> >Path: news.delphi.com!noc.near.net!howland.reston.ans.net!math.ohio-state.edu!caen!usenet.cis.ufl.edu!usenet.ufl.edu!travis.csd.harris.com!amber!tom >From: tom at ssd.csd.harris.com (Tom Horsley) >Newsgroups: sci.crypt,talk.politics.crypto >Subject: New IBM soundcard and secure phones >Date: 28 Oct 1993 11:55:54 GMT >Organization: Harris Computer Systems Division >Lines: 24 >Message-ID: >NNTP-Posting-Host: amber.ssd.csd.harris.com >Xref: news.delphi.com sci.crypt:13815 talk.politics.crypto:983 Over in the comp.sys.ibm.pc.soundcard group there have been a couple of brief mentions of the new "Windsurfer" card from IBM. It apparently incorporates a couple of DSP chips, a 14.4K modem, a soundblaster emulator, general midi, kitchen sink, etc :-). I don't know if these DSP chips will be user programmable or not, but if so, this sounds like the one board you need to build your very own secure phone. The 14.4K modem for sending the data, the DSP chips for audio compression, and the sound board for digitizing speach and playing it back. Throw in a little private key exchange via RSA or equivalent at the start of the connection, and use triple DES or IDEA on the data (of course, the person at the other end needs the same setup). Does anyone have any more details on this board (like, will it be user programmable, and will the specs be available for less than your firstborn child :-)? -- ====================================================================== domain: tahorsley at csd.harris.com USMail: Tom Horsley +=============================================+511 Kingbird Circle Don't have awk? Use this simple sh emulation: |Delray Beach, FL 33444 #!/bin/sh +======================+ echo 'Awk bailing out!' exit 2 From a2 at ah.com Sun Oct 31 15:23:44 1993 From: a2 at ah.com (Arthur Abraham) Date: Sun, 31 Oct 93 15:23:44 PST Subject: NSA Security Message-ID: <9310312317.AA00275@ah.com> Seymour M. Hersh, writing in the November 1, 1993 _New Yorker_, comments: "...current and former high-ranking officials with access to intelligence, whose information has been extremely reliable in the past, specifically told me that the National Security Agency, which is responsible for electronic intelligence, had produced no significant high-level intercepts from Iraq in years. American intellignece experts have concluded that the Reagan Adminstration's policy of providing satellite and communications intelligence to Iraq in the mid-nineteen-eighties had an unwelcome side effect: the Iraqi intelligence service learned how to hide its important communications from the N.S.A.'s many sensors." I am posting this to help provide an insight into some of NSA's motivations. If you think this is disinformation, consider the motives for creating it -- the insights are similar. -a2 From mkirwin at magnus.acs.ohio-state.edu Sun Oct 31 16:33:46 1993 From: mkirwin at magnus.acs.ohio-state.edu (Michael J Kirwin) Date: Sun, 31 Oct 93 16:33:46 PST Subject: Hardware encryption device... Message-ID: <9311010029.AA22649@bottom.magnus.acs.ohio-state.edu> Hey 'Punks! I found a kit to build a hardware encryption device. The whole kit costs less than $120 and both partys need one. There rather slow however, the top speed is only 1200 baud. I found the article on it BYTE September '86. Here's the address of the place that sells the kit CCI P.O. Box 428 Tolland, CT 06084 If anybody does get this kit and trys it out I would be interested in how it turns out. Drop me a line. Thanks, Michael mkirwin at acs.ohio-state.edu From russell at eternity.demon.co.uk Sun Oct 31 18:19:39 1993 From: russell at eternity.demon.co.uk (Russell Earl Whitaker) Date: Sun, 31 Oct 93 18:19:39 PST Subject: MEDIA: PGP in CompuServe Magazine Message-ID: <21504@eternity.demon.co.uk> -----BEGIN PGP SIGNED MESSAGE----- 1 Nov 93 Yesterday, 31 Oct 93, in London, some of us privacy advocates held another meeting of the UK Cryptoprivacy Association. One of our regulars brought in the latest CompuServe Magazine, the issue of November 1993. I was delighted to read an article (pp 19-25), "The Digital Deadbolt", strongly advocating the use of secure cryptography, including PGP 2.3. The article, written by Christopher J. Galvin, an associate editor of the publication, was truly an advocacy piece. For those on CompuServe (CIS) who were unfamiliar with the issues, cogent and useful reasons for using encryption were given, with pointers for finding the relevant software. I quote: ZIFFNET PUBLIC BRAND SOFTWARE APPLICATION FORUM (GO PBSFORUM) Pretty Good Privacy 2.3 - The controversial program PGP combines the convenience of the RSA public-key cryptosystem with the speed of conventional cryptography to protect e-mail and data files. Includes digital signatures, data compression before encryption and sophisticated key management. Manual included. Freeware. Library 1, "Hot Off the Presses," PGPRIV.ZIP (232,895 bytes). Further file references included text in the CYBER FORUM (GO CYBERFORUM) on anonymous remailers (Library 13, "MONDO 2000," PRIVAC (7,078 bytes)), and a NIST publication on public-key cryptology in ELECTRONIC FRONTIER FORUM (GO EFFSIG), (Library 3, "The Frontier Files," PUB_KE.EXE (125,472 bytes)). CompuServe claims a worldwide subscriber base of around 1 million accounts. Every account holder is sent a monthly copy of CompuServe Magazine. Based on this circulation alone, the article is a notable achievement in public access to strong encryption. What makes it even more notable is the bald admission in the article that "... PGP and RIPEM aren't circulating as far as they might. They've been removed from various CompuServe forum libraries and some university Internet sites by sysops and administrators concerned that export laws might be violated by online availability." Those who are puzzled as to why, then, PGP is listed in the same article as being available _through_ CompuServe should take note that it is not available _on_ CompuServe. Having had some CompuServe experience myself, I was struck by what I think might be the case here: Ziffnet is a separate service from CompuServe (CIS), with CIS acting solely as a gateway. Ziff-Davis is a very large publishing house. Anyone who's been to trade shows around the world has run across the Ziff-Davis booth, where various of its magazines - the biggest names in the business - are given away as samples. It may be an ill-informed hunch on my part, but I suspect that Ziff-Davis is drawing on its statutory rights as a _publisher_ to make PGP available through one or more gateway services. If this is the case, I applaud them. And I congratulate CompuServe for having run Mr. Galvin's article. Christopher Galvin can be reached at 70003.5571 at compuserve.com. Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor AMiX: RWhitaker EXTROPY: The Journal of Transhumanist Thought Board member, Extropy Institute (ExI) Co-organizer, 1st European Conference on Computers, Freedom and Privacy, London, 20 November 1993 -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLNRf6YTj7/vxxWtPAQEotgP/SU04KS325v8ca8ydCgr/358QsxmHhz// TtHkdhLRjvDLeWOEbG5LKY1VsVovU5YY1ru8h1xjrMqLiWvv4LQJanhg7I+D3Cpr J5xhM0IZSMotYKmCdY20SRdw918VA8JlNck+r1n40ozgdY8yOsAO6qdjOsolyquA OXShI0Gkzf8= =U0GH -----END PGP SIGNATURE----- -----END PGP SIGNATURE----- From mg5n+ at andrew.cmu.edu Sun Oct 31 18:39:39 1993 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sun, 31 Oct 93 18:39:39 PST Subject: Secure Phone Progress (fwd) In-Reply-To: <9310312142.AA28209@news.delphi.com> Message-ID: <0gp7NE600awUQ5lkYP@andrew.cmu.edu> mikeingl at news.delphi.com (MIKEINGLE at DELPHI.COM) wrote: > Over in the comp.sys.ibm.pc.soundcard group there have been a couple of > brief mentions of the new "Windsurfer" card from IBM. It apparently > incorporates a couple of DSP chips, a 14.4K modem, a soundblaster > emulator, general midi, kitchen sink, etc :-). > > I don't know if these DSP chips will be user programmable or not, but > if so, this sounds like the one board you need to build your very > own secure phone. The 14.4K modem for sending the data, the DSP > chips for audio compression, and the sound board for digitizing speach > and playing it back. Throw in a little private key exchange via RSA > or equivalent at the start of the connection, and use triple DES or IDEA > on the data (of course, the person at the other end needs the same setup). Um... Well, you should be able to do that with an ordinary sound board/digitizer and a modem. However, 14400 bps (without compression) isn't enough to transmit sound waves at normal frequencies. Since the range of human hearing is up to about 20000 hz, you need a sampling rate of 40000hz to get at least a crude sample of all possible frequencies. (Most telecom equipment uses 64000 bps to transmit voice conversations.) But that's where compression comes in. You could probably do without the DSPs and just use the main CPU to do it. Since sound data would be coming in at 40000-60000 bytes/sec (or bits/sec or...?) and output would be going out at 1440 bytes/sec and your cpu can do several million instructions per second, you have several hundred to several thousand cycles to process the data, which should be sufficient time. (I assume you would write this in assembly.) The only real problem is to design a compression technique which can squeeze that much data into a 14400bps connection without losing too much sound quality, which would have to be a pretty good compression technique. It would probably be easier if you had one of those 28800 bps modems that are supposed to be out soon... As for the encryption part of it, If CPU load became a problem, you wouldn't really need to use Triple-DES or IDEA, you could use something simpler. Remember that breaking a cypher requires they you have some idea as to what your looking for so you know you've cracked it. Compressing the data would remove such identifing data and make breaking the code more difficult. Also, if you had the system reset itself during dead time (no sound) or whenever it encountered line noise or whatever by generating a new encryption key and doing a key exchange with RSA, then even if someone broke the code, they wouldn't get much of a prize - just a few seconds of your conversation, which would likely tell them very little. From jim at Tadpole.COM Sun Oct 31 19:29:39 1993 From: jim at Tadpole.COM (Jim Thompson) Date: Sun, 31 Oct 93 19:29:39 PST Subject: Secure Phone Progress (fwd) Message-ID: <9311010328.AA04235@tadpole.Tadpole.COM> Most (US-based) phone equipment can't deal with clear channels, (ok, long strings of zero data) thus, a DS0 (the cannonical single voice call) operates with one bit always set 'on', so your 64kbps channel is now a 56kbps channel. 4:1 compression would get you to (just) inside the magic '14400' bps limit of v.32bis signaling. Such algorithms exist, though their performance on data with characteristics like 'voice' is poor at worst. CLEP is a speech encoding algorithm (compressor) that can work well inside a 4800bps channel. It is, however, quite expensive in terms of CPU power. A DSP would help here. :-) CLEP also tends to diminish the dynamic range of its input, with a resulting loss of 'quality'. Writing things in assembly is not a magic bullet, making the algorithm go faster just as a consequence of it being hand-rolled. The v.fast (28000 bps) modes may, or may not work at 28000 bps between any two endpoints. (subscribers). Jim From pmetzger at lehman.com Sun Oct 31 19:44:39 1993 From: pmetzger at lehman.com (Perry E. Metzger) Date: Sun, 31 Oct 93 19:44:39 PST Subject: Secure Phone Progress (fwd) In-Reply-To: <9311010328.AA04235@tadpole.Tadpole.COM> Message-ID: <9311010343.AA24968@snark.lehman.com> Jim Thompson says: > CLEP is a speech encoding algorithm (compressor) that can work well inside That "CELP". I thought it was a misprint, but you wrote it more than once that way. .pm From warlord at MIT.EDU Sun Oct 31 19:53:47 1993 From: warlord at MIT.EDU (Derek Atkins) Date: Sun, 31 Oct 93 19:53:47 PST Subject: Secure Phone Progress (fwd) In-Reply-To: <0gp7NE600awUQ5lkYP@andrew.cmu.edu> Message-ID: <9311010351.AA03794@hodge.MIT.EDU> Matt, There are a few flaws in your statements. You are correct that human hearing is up to 20 kHz, and again with the 40 kHz sampling (this is why CD is 44.1 kHz, to be able to fully obtain a 40 kHz sample with non-ideal filters). However, we are talking about Secure Phones. Phones have a dynamic range of 3.6 kHz, with a sampling of 8000 samples/sec! Also, the phone uses 8-bit mu-law data, for the 64000 bits/sec that you commonly hear. So, without compression, you need a 64 Kbps link to transmit phone-quality audio. The problem with a Secure Phone is getting the data compression to reduce the data to below 14.4 Kbps, in order to use a 14.4 Kbps modem. You need a real-time compression to do this, which is where the DSP chips come in! The encryption isn't a problem, as most encryption algorithms can easily do 64 Kbps! -derek Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory Secretary, MIT Student Information Processing Board (SIPB) PGP key available from pgp-public-keys at pgp.mit.edu warlord at MIT.EDU PP-ASEL N1NWH From alanr at media.mit.edu Sun Oct 31 20:29:40 1993 From: alanr at media.mit.edu (Alan Ruttenberg) Date: Sun, 31 Oct 93 20:29:40 PST Subject: Anonymous remailer with encryption (query) Message-ID: <9311010426.AA21623@media.mit.edu> Is there a stable anonymous remailer which can encrypt any mail that it sends to me? From karn at qualcomm.com Sun Oct 31 20:59:42 1993 From: karn at qualcomm.com (Phil Karn) Date: Sun, 31 Oct 93 20:59:42 PST Subject: Secure Phone Progress (fwd) Message-ID: <9311010457.AA13960@servo> >Um... Well, you should be able to do that with an ordinary sound >board/digitizer and a modem. However, 14400 bps (without compression) >isn't enough to transmit sound waves at normal frequencies. [...] There are a few minor misstatements in this note. Standard telephony samples 8000 times per second, with 8 bits per sample. You can easily sample fast enough to get all important speech frequencies into 14400 bps -- at the expense of reducing the resolution of each sample. The resulting speech would be understandable, but highly distorted. There are many other speech coding methods that work somewhat better, including various forms of delta modulation (sending just the differences between adjacent samples). These are probably the best in the bang-for-buck department (Motorola's CVSD is already widely used in secure voice radios operating at 16 kb/s or so). But if you really want high quality at low data rates, you pretty much have to use a vocoder. All of the methods mentioned above try to reproduce the (important parts of) the speech waveform. Vocoders work by modeling the human vocal tract and sending the parameters that describe it at any particular moment, instead of attempting to encode the actual waveform. Since these parameters correspond to things that move relatively slowly in the modeled system (e.g., the muscles of the tongue, jaw, lips, etc) they consume much less bandwidth than the actual sound that's produced. What makes CELP so computationally expensive is the "C" part. CELP stands for Codebook Excited Linear Prediction. The modeling scheme I just mentioned is the Linear Prediction part; the Codebook Excitation part is used to drive it. It corresponds to the vocal cords in the vocal tract. As I understand it, the analyzer picks an entry in a predefined "codebook" that produces the best results, i.e., synthesized speech that most closely matches the original sound. This is a fairly brute-force process; we're talking tens of DSP MIPS to do this in real time. I don't know anyone who has done it in assembler on a widely available general purpose CPU, but I would be ecstatic to be proven wrong. Phil From nobody at alumni.cco.caltech.edu Sun Oct 31 22:33:47 1993 From: nobody at alumni.cco.caltech.edu (nobody at alumni.cco.caltech.edu) Date: Sun, 31 Oct 93 22:33:47 PST Subject: ANON: remailer list Message-ID: <9311010626.AA11320@alumni.cco.caltech.edu> -----BEGIN PGP SIGNED MESSAGE----- Cypherpunk anonymous remailers, 11/1/93 Q1: What are the anonymous remailers? A1: 1: remailer%chaos at bsu.edu 2: nowhere at bsu-cs.bsu.edu 3: hh at cicada.berkeley.edu 4: hh at pmantis.berkeley.edu 5: hh at soda.berkeley.edu 6: 00x at uclink.berkeley.edu 7: cdodhner at indirect.com 8: hal at alumni.caltech.edu 9: cs60a-qu at cory.eecs.berkeley.edu 10: ebrandt at jarthur.claremont.edu 11: catalyst at netcom.com 12: sameer at netcom.com 13: remailer at rebma.mn.org 14: elee6ue at rosebud.ee.uh.edu 15: elee7h5 at rosebud.ee.uh.edu 16: hfinney at shell.portal.com 17: sameer at soda.berkeley.edu 18: remail at tamsun.tamu.edu 19: remail at tamaix.tamu.edu 20: remailer at utter.dis.org 21: remailer at entropy.linet.org 22: elee9sf at menudo.uh.edu 23: remail at extropia.wimsey.com NOTES: 1-7 no encryption of remailing requests 8-22 support encrypted remailing requests 23 special - header and message must be encrypted together 13,20,21,23 introduce larger than average delay (not direct connect) 13,20,23 running on privately owned machines 14 requires "cash" payment for remailing 22 supports RIPEM encryption, caches remailing requests ====================================================================== Q2: What help is available? A2: Check out the pub/cypherpunks/remailer directory at soda.berkeley.edu (128.32.149.19). chain.zip - program that helps with using remailers dosbat.zip - MSDOS batch files that help with using remailers hal's.instructions.gz - in depth instruction on how to use hal's.remailer.gz - remailer code pubkeys.tar.gz - public keys of remailers which support encryption pubkeys.zip - MSDOS zip file of public keys scripts.tar.gz - scripts that help with using remailers For MAC's, at 129.82.156.104 in /pub/pgpc/ are two files: pgpc22.tar.gz, pgpc22.tar.Z which assist in using the anonymous remailers, including anon.penet.fi. Mail to me (klbarrus at owlnet.rice.edu) for further help and/or questions. ====================================================================== Q3. Email-to-Usenet gateways? A3. 1: group-name at cs.utexas.edu 2: group.name.usenet at decwrl.dec.com 3: group.name at news.demon.co.uk 4: group.name at news.cs.indiana.edu 5: group-name at pws.bull.com 6: group-name at ucbvax.berkeley.edu NOTES: * This does not include ones that work for single groups, like twwells.com. #6 blocks from non-berkeley sites (so use the berkeley remailers :-) -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLNSsq4OA7OpLWtYzAQGG+wP/QIdQsJxTVtZ30WYvueGyhiMO8rBA5kS8 Pf7ZRHNqq5vXTQ6j1z+g3De6m+IL0gf3Zs2cWYrGiMkpw1AOvOwiPLFPwaMsKtqi GCikwzrvf2vNSwOjZ6S+fzo37BXqFibNbWX7v+UrwZAC8zeSAaLWMm3EiUZUjI1/ HXrZU/PgjAM= =i9Y6 -----END PGP SIGNATURE-----